Wednesday, May 8, 2013

CISSP webinar SDN

lenght: 01:00:00
presenter: Kevin Walsh

SDN  Software Defined Network

separated in 4 layers

motto: separate what we can & concentrate what we can.

SDN strategy that addresses the key challenges customers face with 4 steps approach:

1. centralized management
2. extract services
3. centralized controller
4. optimize the hardware

Step 1: Centralize Management:
Centralize network management, analytic and configuration functionality - a single master that configures all networking devices.
This lowers operating cost and allows customers to gain business insight from their networks.

Step 2: Extract Services:
Extract (networking and security) services from the underlying hardware.
This enables network and security services to independently scale using industry-standard x86 hardware based on the needs of the solution. This next generation of programmable networks will be introduced with the JunosV App Engine.

Step 3: Centralized controller:
The brain of SDN that enables multiple network and security services to connect in series across devices within the network.
"SDN Service Chaining" -- using software to virtually insert services into the flow of network traffic. Service chaining functionality is crudely accomplished in today's physical world using separate network and security devices. With SDN Service Chaining, networks can dynamically respond to the needs of the business. This step will dramatically reduce the time, cost and risk for customers to design, test and deliver new network and security services. Juniper Networks anticipates delivering SDN Service Chaining functionality in 2014 utilizing the SDN controller technology acquired from Contrail Systems, together with the evolution of the JunosV App Engine.

Step 4: Optimize the HW:
Allow the usage of network and security hardware to deliver high performance.
The combination of optimized hardware together with SDN Service Chaining allows customers to build the best possible networks.

6 principles:
1. Cleanly separate networking software into four layers (or planes) -- management, services, control and forwarding.

2. Centralize the appropriate aspects of the management, services and control software to simplify network design and lower operating costs.

3. Use the cloud for elastic scale and flexible deployment, enabling usage-based pricing to reduce time-to-service and correlate cost based on value.

4. Create a platform for network applications, services and integration into management systems, enabling new business solutions.

5. Standardize protocols for interoperable, heterogeneous support across vendors, providing choice and lowering cost.

6. Broadly apply SDN principles to all networking and network services including security from the data center and enterprise campus to the mobile and wireline networks used by service providers.

traditional network challenge:
multiple copies of config
cant easily scale
time consuming & prone to error
maintain true network config

Benefit of SDN:
centralized config
extensive automaticion - scale with ease
centralized manager of true network config

data center:
server is virtualized
storage is virtualized
network is not yet virtualized

Labels: , ,

Tuesday, May 7, 2013

webinar - SDN Overview

length: 01:00:00

Mohammad Al Khalidi, Juniper ASCE

SDN is a concept by which the data and control plane are decoupled on a network level. The control plane functions are carried by a network controller, which controls the whole network devices. Hence, by programming the  centralized controller, you "program" the network behavior.

The idea came from application developers that would like to slice out a part of the network for testing new ideas and protocols, where any new protocol can be designed/tested and implemented on a life network, without affecting the network operations.

application layer: serves
control layer: controller
network layer: switches
host/data layer: clients

2 elements of SDN:
1. network controller
2. network switches.

a vendor can develop only network controller or only network switches or develop both controller & switches.

Main difference:
1. no protocol run between the network devices
2. when network switch receive packet for the first time, it buffers and consult the controller by sending the packet header
3. controller check the header, and based on the info, decides which rule to put & how to forward traffic
4. controller opens path for the data stream across the network

1. better network utilization & faster convergence
2. controller has more processing power
3. faster feature deployment
4. no need of routing protocol
5. mobility of the devices

1. latency
2. redundancy of controller - single point of failure(?)
3. complexity of controller

Openflow is the protocol that runs between the controller and the network devices. It is currently maintained by the Open Network Foundation.

Makes use of flow tables inside routers and switches, and allows the controller to manipulate these tables based on the network requirements.

Need of standardized protocol & vendor interoperability

Based on a match condition on the variables in the packet header (up to layer 4) -> filter based forwarding.

Openflow is not necessary the only protocol for controller/device communication for SDN networks. It is practically the only protocol being discussed in this field.

Current version: 1.3

Google is pretty happy with the SDN experiment, question arise such how the

SDN in practice:

wifi mobility was one of the first application was developed with the concept of SDN.

Load balancing:

benefit, controller knows where the clients and where the serves - hence it allows optimization of the traffic.
it really can optimize & make the best use of the links.

3. Application Driven Network.
the application can drive the controller decisions - it allow the servers to talk to controller and in turn the controller redirect the traffic
very mature: having the application to talk to the network.


SDN started as concept to run testing programmable network along side the traditional network
SDN proved to be very appealing in many application - demands is up
interoperability between all vendor, cost reduction,

Labels: , ,