Software Defined Networking And Use Cases - Cisco

Dubai, UAE20th March 2013Software Defined Networkingand Use CasesQuinton CoelhoConsulting Systems Architect 20122011 Cisco and/or its affiliates. All rights reserved.Cisco Connect1

PerceptionAll things to allpeopleA better way to build a networkHardware doesn’t matterThe answer to every network issueSimplified troubleshootingUnlimited bandwidthUnlimited resourcesWhatever you want it to be

SDN Is “A way to optimize link utilization in my networkenhanced, application driven routing”“An open solution for customized flow forwarding“A platform for developing new control in and between Data Centers”“An open solution for VMmobility in the Data-Center”“A way to reduce theCAPEX of my networkand leverage commodityswitches”control planes”“A solution to automated networkconfiguration and control”“A means to get assuredquality of experience formy cloud service offerings”“A solution to build a very largescale layer-2 network”“A solution to build virtualtopologies with optimummulticast forwarding behavior”“A means to scale my fixed/mobilegateways and optimize“A way to optimize broadcast TV deliverytheir placement”by optimizing cache placement andcache selection”“A way to distribute policy/intent, e.g.for DDoS prevention, in the network”“Develop solutions at software speeds: I don’twant to work with my network vendor or gothrough lengthy standardization.”“A way to configure my entire networkas a whole rather than individualdevices”“A means to dotraffic engineeringwithout MPLS”“A way to build my ownsecurity/encryption solution”“A way toscale myfirewalls andloadbalancers”“A solution to get a global view of thenetwork – topology and state”Simplified Operations – Enhanced Agility – New Business Opportunities

PerceptionRealityEvolving way of centralizing network control.Specialized hardware is still beneficialLowest common denominator featuresA process of defining network requirementsAbility to automate QoS deploymentsAbility to enforce policy for an entire networkCentralized control providing in a repeatableautomated fashon what you can alreadydo today.The latest buzz word

― In the SDN architecture, the control and data planes aredecoupled, network intelligence and state are logicallycentralized, and the underlying network infrastructure isabstracted from the applications ownloads/white-papers/wp-sdn-newnorm.pdf“ open standard that enables researchersto run experimental protocols in campus networks. Providesstandard hook for researchers to run experiments, withoutexposing internal working of vendor devices ”http://www.openflow.org/wp/learnmore/5

Customer Insights: Network ProgrammabilityResearch/Academia ExperimentalOpenFlow/SDNcomponents forproductionnetworksNetwork“Slicing”Massively ScalableData Center Customize withProgrammaticAPIs to providedeep insight intonetwork trafficNetwork FlowManagementCloud Automatedprovisioning ncyService Providers Policy-basedcontrol andanalytics tooptimize andmonetizeservice deliveryAgile ServiceDeliveryEnterprise Virtual workloads,VDI, Orchestrationof security profilesPrivate CloudAutomationDiverse Network Programmability Requirements Across Segments:Automation, Monitoring & Flow Programmability 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect6

Classes of Use-Cases―Leveraging APIs and logically centralized control plane components‖Custom Routing (incl. business logic)Online Traffic EngineeringCustom Traffic Processing(Analytics, Encryption)Consistent Network Policy,Security, Thread MitigationVirtualization and Domain Isolation(Device/Appliance/Network)Automation ofNetwork Controland Configuration(Fulfillment and Assurance)Virtual & PhysicalFederating different Network Control Points(LAN-WAN, DC-WAN, Virtual-Physical, Layer-1-3) 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect7

Network Programmability ModelsImplementation Perspective: Evolve the Control-Plane Architecture1Programmable APIsApplications2aClassic SDNApplicationsVendorspecific APIsVendorspecific APIsHybrid ―SDN‖Network Virtualization/Virtual Overlays3ApplicationsApplicationsVendorspecific APIsVendorspecific APIsVirtual Control PlaneControllerVendorSpecific(e.g. onePK)CLI, SNMP, Netflow, Control g. onePK)VendorSpecific(e.g. onePK)Virtual Data PlaneOverlayProtocols(e.g. VXLAN)Control PlaneControl PlaneControl PlaneData Plane 2012 Cisco and/or its affiliates. All rights reserved.Data PlaneData PlaneData PlaneOpenstack and Network Overlays Apply to All Models (Physical/Virtual)Custom Features Can Be BuiltData PlaneCisco Connect8

Implementing Customer Use CasesApproach 2Approach 1AppsApproach 3AppsControllerAPIsAppsVirtual OverlaysOtherAgentsNetworkOpenFlowDeviceDevice w/OpenFlowPhysicalandVirtualDeviceNetworkCisco Approach: Flexibility to Choose—The Power of “AND” 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect99

Cisco ONE Open Network Environment 20122011 Cisco and/or its affiliates. All rights reserved.Cisco Connect10

Harnessing Network ValuePOLICYOrchestrationProgram forOptimizedExperienceANALYTICSHarvest NetworkIntelligenceNETWORK 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect1111

Cisco’s Differentiation: Multi-layered ProgrammabilityFlexibility in Deriving AbstractionsApplication Developer EnvironmentManagement and OrchestrationAnalysis and Monitoring, Performance and SecurityNetwork onmentProgram forOptimizedExperienceControl PlaneOpenFlow/SDNForwarding PlanezNetwork Elements and AbstractionTransport 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect1212

Cisco Open Network Environment – Announced June 2012Industry’s Most Comprehensive Networking PortfolioHardware SoftwarePhysical VirtualNetwork ComputeApplicationsVirtual OverlayControllerMulti-layer API(w/ Controller)PlatformAPIsVirtualOverlaysaNetworkOne Platform Kit(onePK) Programmatic APIs for Network HW (IOS, IOS-XR, NX-OS) 2012 Cisco and/or its affiliates. All rights reserved.Open Clouds with Nexus1000VControllers andAgentsSDNDevice Controller SW (OpenFlow, onePK) OpenFlow 1.x support Multi-hypervisorMulti-serviceMulti-cloudOpenstack supportCisco Connect1313

Cisco Open Network Environment Building BlocksPlatform APIsonePKComprehensiveDeveloper KitIOS, IOS-XRand NX-OSControllers & AgentsOverlay VirtualNetworksSDNController SoftwareNexus 1000VOpenStackREST APIOpenFlow AgentMulti-HypervisorsVXLAN GatewayServices ChainingIndustry’s Broadest Approach for Network Programmability 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect14

Cisco onePK (one Platform Kit)Rapid Application Development C, JAVA, REST, PythononePK API Presentation – Service Sets Data PathPolicyDiscovery 2012 Cisco and/or its affiliates. All rights reserved.ElementDeveloperRouteLISPUtilityOthers onePK API InfrastructureIOS / XENXOSIOS XR(Catalyst, ISR, ASR1K)(Nexus Platforms)(ASR 9K, CRS)Cisco Connect1515

onePK Application Hosting OptionsBlade HostingNetwork OSNetwork OSonePK AppsBladeContainerContaineronePK AppsEnd-Point HostingNetwork OSExternalServerProcess HostingonePKAppsWrite Once, Run Anywhere 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect16

onePK APIs are Grouped in Service SetsBase Service SetDescriptionData PathProvides packet delivery service to application: Copy, Punt, InjectPolicyProvides filtering (NBAR, ACL), classification (Class-maps, Policy-maps), actions (Marking,Policing, Queuing, Copy, Punt) and applying policies to interfaces on network elementsRoutingRead RIB routes, add/remove routes, receive RIB notificationsElementGet element properties, CPU/memory statistics, network interfaces, element and interfaceeventsDiscoveryL3 topology and local service discoveryUtilitySyslog events notification, Path tracing capabilities (ingress/egress and interface stats,next-hop info, etc.)DeveloperDebug capability, CLI extension which allows application to extend/integrate application’sCLIs with network element17

Cisco ONE Software Controller A JAVA/OSGI ApplicationIndustry’s Most Extensible Controller ArchitectureCisco AppsRESTCustomer AppsISV AppsJAVAOpen Src AppsMoreComingCisco Advanced FunctionsModular architecture allows rapid adoptionof evolving controller functionality whileminimizing operational disruptionCore tiple published APIs for popularlanguages and software (Eg: OpenStack)MoreComingExtensible protocol support ensurescontinuous adoption of emerging standards

Use Cases 20122011 Cisco and/or its affiliates. All rights reserved.Cisco Connect19

SystemCPU, Memory, Platform, Serial #, Versions, Uptime,RoutingLocation, OIR, CLI ChangesInterfacesPort, Slot, BW, MTU, TX/RX, BPS, PPS, Errors, Other Stats,QoSConfig, Link ChangesDiscoveryCDP,SecurityTopology Graph, Edges, Nodes, Topology Changes 2012 Cisco and/or its affiliates. All rights reserved.ApplicationElementGetting Properties and StatisticsCisco Connect2020

SystemLocationInterfacesIP address, MTU, Clear Stats, Shut/No ShutDiscoveryFilters 2012 Cisco and/or its affiliates. All rights reserved.ApplicationElementSetting Properties and StatisticsCisco Connect2121

Use Case: Campus Network ―Slicing‖Partition network for multiple user-communities—―Sandbox‖ R&D dept.Solution OpenFlow experimentalsupport (v1.0)Slice#1 Experimental ler forNetworkSlicingmanagement Integrated slicingmanagementSlice#3 Programmatic Interfaces(Eg. REST)Consistent Policy Management for Maximum Flexibility and Innovation 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect22

Use Case: Agile Service Delivery for Service ProvidersMonetize Via Real-time Network Adaptation and Maintain SLARequest forTelepresence SessionANALYTICSPOLICYHD videoAdapt to Meet SLAonePKBusiness CenterService ProviderNetworkContent and ApplicationProviderAdaptive Architecture Optimizes Resource Utilization 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect23

Example: Simplified ManagementProblem: Misconfigurations cause network outages, degrade performance, impact SLAs.Value proposition: Get, set, and detect configuration changes via cross-platform API1. Network begins with mismatchedparameters on either side of link (e.g.MTU)2. Application checks parameters on eitherside and identifies mismatches (red lines)1MTU 1500MTU 1518CRS33. Application sets parameters to match(lines turn green)MTU 15184MTU 16004. Application registers for events related toparameters change.5. Users logs into console and manuallychanges parameter. Topology indicateschange.NX3K29K5MTU 1600MTU 15001KMTU 1500ISR 2012 Cisco and/or its affiliates. All rights reserved.MTU 1000Cisco Connect2525

Example: Dynamic Bandwidth/QoS AllocationSP Policy Server122Ingress PEEgress PE4SP NetworkCPE3ASR 9K with OnePKASR 9K with OnePKCloud ServiceCustomer1.Customer requests premium access to cloud service2.Policy server pushes customer policy to OnePK on 9k3.SP Policy Server uses OnePK API to program higher bandwidth QoS policy for specific flow [Customer IP --- Cloud Service IP]4.Customer traffic matching the policy is given premium QoS treatmentUsing OnePK API, SPs can build such custom apps to create differentiated, revenue generating services 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect2626

Example: Customer EncryptionProblem: Customers want custom encryption on specific traffic typesValue proposition: Punt traffic of interest, encrypt, and re-inject.1. Policy APIs on ingress router are set topunt telnet and syslog to app2. App encrypts punted traffic and re-injectsinto data path.onePK application5encrypt5. Traffic that does not match policy passesthrough unencrypted.encrypthttp3. Policy APIs on egress router punt telnetand syslog to app4. App decrypts punted traffic and re-injectsinto data K applicationtelnet4 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect27