REALIZING OPENFLOW SWITCHES WITH ARICENT FRAMEWORKS MADHAVI RAVANAN Senior Manager, Technology, Aricent SARO VELRAJAN Director, Technology, Aricent REALIZING OPENFLOW SWITCHES WITH ARICENT FRAMEWORKS Software Defined Networking (SDN) presents limitless possibilities by offering unprecedented OpEx and CapEx savings. Aricent is committed to the SDN revolution, providing comprehensive software frameworks for OpenFlow that enable equipment vendors to gain a competitive advantage in the soaring OpenFlow/SDN market. This paper explores how Aricent’s OpenFlow frameworks can be leveraged by equipment vendors to build pure or hybrid OpenFlow network equipment. Introduction Aricent’s Frameworks for OpenFlow The numerous benefits of SDN and the emergence of OpenFlow Aricent offers comprehensive and fully tested software frameworks as the leading protocol for communication between controller for OpenFlow, which include: and switch have pushed equipment vendors to offer support for > OpenFlow protocol in their devices portfolio. In an effort to enable equipment vendors to gain a competitive edge in the fast growing OpenFlow/SDN market, Aricent offers pre-integrated, platform agnostic, and completely tested software frameworks for OpenFlow. These frameworks can be leveraged by equipment vendors to build pure and hybrid OpenFlow switches and routers, under aggressive timelines, with production-ready quality. This whitepaper highlights the benefits of Aricent’s OpenFlow frameworks, and explores how they can be leveraged to build pure or hybrid OpenFlow switches for various deployments across campus, datacenter, enterprise, and service-provider networks. OpenFlow Client – A control plane implementation based on ONF OpenFlow Specification version 1.3.1 > Fast Path Accelerator – A fast path processing implementation based on ONF OpenFlow Specification version 1.3.1 > Intelligent Switch Solution (ISS) – Widely deployed, industryleading L2-L3 switching and routing solution with support for OpenFlow for hybrid SDN architectures Infrastructure vendors looking to build equipment with pure or hybrid OpenFlow capabilities can leverage Aricent’s OpenFlow frameworks to save up to 80 percent in costs and 85 percent in time to market compared to ground-up development. Aricent aligns its software product roadmap to its customers’ needs and offers hassle-free product support with aggressive SLA commitments. Realizing OpenFlow Switches with Aricent Frameworks 1 switches and enable OpenFlow on pre-existing platforms running Server/Management Station(s) custom control-plane software. Vendors looking to build hybrid OpenFlow Controller Legacy NMS Aricent OpenFlow Client Aricent Intelligent Switching Solution Traditional L2/L3/MPLS Control Plane+ Management OpenFlow network equipment can leverage Aricent’s ISS that comes with OpenFlow support. Aricent Fast Path Accelerator Pure OpenFlow Switch Hybrid OpenFlow Switch OpenFlow Controlled Parts OpenFlow client is offered as a source code license to customers. The benefits of Aricent’s OpenFlow client include: > Pre-integrated into leading reference silicon platforms such as Broadcom Trident+ > Ports Not Controlled Through OpenFlow Ease of porting to newer silicon platforms. OpenFlow client has well-defined abstraction layers for OS, HW, and management interfaces. Figure 1: Aricent’s OpenFlow Frameworks > Support for OpenFlow Fast Path on multi-core platforms: ARICENT’S OPENFLOW CLIENT Aricent’s OpenFlow Fast Path Accelerator (FPA) is built on Aricent’s OpenFlow client is a portable implementation of ONF Intel’s Data Plane Development Kit (DPDK) for multi-core OpenFlow specification version 1.3.1. It enables communication platforms. Aricent’s OpenFlow client is pre-integrated with between the network equipment (switch/router) and the OpenFlow the Aricent’s FPA. FPA is easily portable to other multi-core controller. platforms OpenFlow client can be used to program the OpenFlow fast path > Readily available and easily adaptable management interfaces: through the network processor interface. The OpenFlow fast path Aricent’s OpenFlow client supports multiple management can be realized either in the hardware ASIC, in software, or in a interfaces like CLI, SNMP, and ConfD. OFConfig protocol combination of both hardware ASIC and software. support is planned in the roadmap The software design of the OpenFlow client supports portability > on a wide range of processor platforms, from monolithic table entries in the software, and the framework is further architectures to distributed shared memory and message-passing architectures as in the multi-core processors. The OpenFlow client is available as a stand-alone package or as Support for upwards of a million flow entries in the software: Aricent’s OpenFlow client supports at least a million flowextensible > OpenFlow client supports up to 1,200 flow additions per second > Aricent’s OpenFlow client integrated with FPA has achieved an enabled feature in Aricent’s ISS solution. The stand-alone 10 Gpbs of forwarding plane performance on Intel’s multi- OpenFlow client package can be used to both realize pure OpenFlow core platform Socket Layer OS Abstraction OS Connection Manager Database (Flow, Group, Meter) Core (Timer, Queue, Event) Packet Tx/Rx Pipeline Process Interface Manager Hardware Abstraction Layer (Data Plane Processing) Management CLI, Console, Telnet, SSH, WebUI, HTTP, SSL, SNMPv 3 OpenFlow Client Silicon Driver/SDK Ethernet Switch Silicon (Broadcom, Marvell, Fulcrum) Figure 2 : Aricent’s OpenFlow Client Architecture Realizing OpenFlow Switches with Aricent Frameworks 2 ARICENT’S FAST PATH ACCELERATOR > Aricent’s Fast Path Accelerator (FPA) is an implementation of OpenFlow pipeline processing requirements given in ONF OpenFlow > specification version 1.3.1. FPA is implemented on Intel’s Data Plane Development Kit (DPDK) for multi-core platforms. FPA’s architecture is modular, with flexible building blocks that can easily be extended to other multi-core platforms. > > Support for sending and receiving packets from control plane Conforms to Aricent Network Processor API (NPAPI) and is pre-integrated with Aricent frameworks for OpenFlow, like Aricent’s OpenFlow client and ISS Support for IPSec and IPv4 routing, L2 Access Control Lists (ACLs) for OpenFlow, and diagnostics for determining state of the internal data path > Support for traffic load balancing across various blocks, cores, and threads Aricent’s OpenFlow FPA capabilities include: > Support for multi-threaded operations, enabling multiple instances of one or more functional blocks in the FPA Aricent’s Fast Path Accelerator is designed to provide: > High performance and scalability tailored to multi-core environments Support for run to completion, pipeline model, and a combination of these scheduling models for pipeline processing > > Ease of integration with third-party vendor control plane stacks Ease of integration with accelerator functions provided by ASICs and FPGAs > OpenFlow Fast Path Accelerator Support for pluggable components in the fast path. Fast Path pipeline can be organized flexibly by adding and removing components > Data Path Block OpenFlow Client Load Balancer Block NPAPI Tailored to functioning in pipeline, run to completion, and in combination of the two > Easily portable across multiple processor architectures, like - Intel, Octeon (Cavium), XLP (Broadcom), etc. > Supported across multiple operating system platforms, including bare metal environment ARICENT’S INTELLIGENT SWITCH SOLUTION Hardware Accelerator Pipeline Aricent’s industry leading and proven Layer-2 and Layer-3 switching and routing framework, Intelligent Switch Solution (ISS), is integrated with the OpenFlow framework to render a comprehensive framework for building hybrid OpenFlow Figure 3 : Aricent’s Fast Path Accelerator OS Abstraction System Management Config Save/Restore, DHCP, RMON, Syslog Mirroring, s/w Upgrade Chassis Management Hot Swap Mgmt, Redundancy Mgmt, Hitless Restart Layer 3 - IPv4 Suite TCP/IP Stack, RIPv2, OSPFv2, ISIS, BGP4, PIM, DVMRP, VRRP, MSDP Layer 3 - IPv6 Suite TCP/IP Stack, RIP6, OSPFv3, ISIS, BGP4+, IPSecv6, v6-tunneling, MSDP Qos Differv, 802.1p, Rate Limit, Storm Control, Queuing MPLS PWE3 L2VPN, MPLS-TP, LDP, RSVPTE, BFD, LSP-Ping, Y.1731 Advance Layer 2 Suite - Virtual Switch Contacts, E-OAM, ECFM, Provider Bridging, PBB, PBB-TE, G.8031, G.8032, IEEE 1588 PTP Basic Layer 2 Suite VLAN, RSTP, MSTP, GVRP, GMRP, MRP, Link Aggregation, IGMP(v3) Snooping Security 802.1x, SSL, SSH, Radius, ACL Management CLI, Console, Telnet, SSH, WebUI, HTTP, SSL, SNMPv3 OS OpenFlow Client network equipment. ISS Hardware Abstraction Layer Silicon Driver/SDK Ethernet Switch Silicon (Broadcom, Marvell, Fulcrum) Figure 4 : Aricent’s Intelligent Switch Solution Realizing OpenFlow Switches with Aricent Frameworks 3 Intelligent Switching Solution (ISS) is a comprehensive, feature- PURE OPENFLOW SWITCHES rich software product for developing a wide range of intelligent Two possible cases for pure OpenFlow switch realization are: Ethernet switching applications, from entry-level, fixed-port, fast > Ethernet switches to module-based Gigabit stackable switches Case 1: Software-only OpenFlow switch implementation on the system CPU and Metro Ethernet-based carrier-class systems to data center, > as well as industrial switching solutions. A field-proven software Case 2: A Combination of hardware- and software-based switches for pure OpenFlow product, ISS is an integral component to over 100 commercial products developed by leading telecom equipment manufacturers. Aricent’s OpenFlow client is pre-integrated with Aricent’s FPA. ISS offers Layer-2 switching, Layer-3 routing, MPLS transport, This pre-integrated solution can be leveraged to realize pure security, system software features, and multiple management OpenFlow switches. Both the OpenFlow client and FPA provide interfaces. It is pre-integrated into a variety of silicon platforms the flexibility for adding custom extensions. The FPA provides and operating systems. ISS can also be leveraged to build hybrid additional hooks for customizations to the data path block. Hence, OpenFlow network equipment. extensions to the OpenFlow specification, such as OAM, BFD, etc. ISS supports enabling OpenFlow at the ports/VLAN level. Ports/ that are being proposed in the revisions of the specification, can VLANs can be provisioned as either OpenFlow ports/VLANs or be addressed on the data plane as well. traditional ports/VLANs. Traffic coming in through physical and Case 1: Software-Only Pure OpenFlow Switch on Intel’s ATCA logical ports of an OpenFlow VLAN is processed at the OpenFlow Platform pipeline, while those coming in through traditional VLAN ports The figure below depicts an OpenFlow switch on an Intel ATCA are processed at the L2/L3 data plane. platform using Aricent‘s pre-integrated OpenFlow frameworks like OpenFlow client and FPA. The Aricent’s FPA runs on Intel’s DPDK on Linux OS in a multi-core processor environment. Aricent’s Realizing OpenFlow Switches with Aricent Frameworks OpenFlow client runs on one of the cores while the remaining split cores run the Aricent’s FPA. An optional offload-processor can be used for any specialized processing, such as security pipeline, Aricent’s OpenFlow frameworks can be leveraged to build both pattern matching, etc. pure and hybrid OpenFlow switches and routers. This section The external OpenFlow controller can use the OpenFlow interface describes how each can be achieved. provided by the OpenFlow client to program the switching logic. The OpenFlow client internally programs the FPA’s flow tables. Data traffic flow in and out of the switch is as depicted in Figure 5. Flow Table Programming Aricent Fast Path Accelerator Data Traffic Aricent OpenFlow Client Stack DPDK Poll Mode Driver (PMD) User Space OF-Config Linux IP Stack PMD Driver .ko Kernel Space Core 1 Core 2 Core 3 Core 4 Aricent OpenFlow Controller and Configurator OpenFlow Communication/Offload Processor: Cave Creek Multi-core Processor NIC OpenFlow Ports Figure 5: OpenFlow Switch on Intel ATCA Platform Realizing OpenFlow Switches with Aricent Frameworks 4 Case 2: Merchant Silicon-Based Pure OpenFlow Switch > The interfaces published by Aricent’s OpenFlow client can be programmed to use the merchant silicon for forwarding some or all of the flows. Case 1: Upgrading an existing equipment for hybrid OpenFlow capabilities > Case 2: Building a hybrid OpenFlow equipment from the ground up Support for a combination of software- and hardware-based Both of the above cases can be achieved by leveraging the forwarding enables equipment vendors to implement different current ISS release with OpenFlow support. The Common flows in different devices. For example, the macro flows can be Forwarding Agent (CFA) in ISS evaluates the data traffic at any handled in hardware and the fine grained controlled flows can be given time and passes it on for either OpenFlow pipeline processing handled on the FPA, both under the control of the OpenFlow client. or for the traditional pipeline processing, depending which type of VLAN the traffic arrived. Data traffic from OpenFlow VLANs is Aricent’s OpenFlow client provides reference fast-path implementations on leading merchant silicon platform for OpenFlow pipeline processing. processed at the OpenFlow pipeline, while data traffic from traditional VLANs is processed at the normal pipeline. The solution provides built-in control of resource partitioning across the two domains realized on the same merchant silicon. This can HYBRID OPENFLOW SWITCHES be customized further by the equipment vendors to differentiate It is widely understood that it is not realistic to completely rip off their solution. The hybrid solution supports the flow of OpenFlow the conventional networking devices present in today’s networks traffic, traditional or legacy traffic, and traffic flow across the and replace them with pure OpenFlow devices. It is critical to two domains. follow a gradual migration path by introducing OpenFlow support along with the traditional control planes in the existing network For equipment with customers’ own control planes, the pre- devices. Hence, hybrid OpenFlow solutions are currently in need. integrated OpenFlow client and FPA solution can be incorporated This section covers how hybrid OpenFlow equipment can be quickly to enable OpenFlow support for the equipment. realized leveraging Aricent’s frameworks, including: Server/Management Station(s) OpenFlow Controller Legacy NMS Aricent Frameworks for OpenFlow Aricent Intelligent Switch Solution (ISS) Management - CLI, SNMP, WebUI Aricent OpenFlow Client (OFC) System Functions, ACL, QoS, Mirroring, Chassis Management, System Monitoring, DHCP, etc. Traditional Control Plane Protocols for L2 Switching, L3 Routing, MPLS, DCB, CE Hardware Abstraction Layer Porting Layer for Switching Silicon Aricent Fast Path Accelerator (FPA) System CPU Merchant Switching Silicon Hardware Layer Ports of OpenFlow VLAN Legend Ports of Conventional L2/L3 VLANs Aricent Frameworks Figure 6: Hybrid OpenFlow Switch Realizing OpenFlow Switches with Aricent Frameworks 5 SDN Solutions Enabled by Aricent’s OpenFlow Until now, innovations in networking were mostly around increasing the throughput or packet-forwarding capacity of WLAN and Policy Management Apps SDN Controller OpenFlow (Flow Tables Management) network devices such as routers and switches. However, Software Defined Networks (SDN) changed the way networks were designed, developed, and deployed. SDN provides significant opportunities for service providers to optimize their network architecture, launch Existing L2/L3 function in WLAN Controller OpenFlow Client WLAN Controller User Data Traffic newer services, and monetize better. CAPWAP Server Aricent’s OpenFlow frameworks enable a number of solutions for OEMs/ODMs, Network Service Providers (NSPs), and Cloud Service Providers (CSPs). This section outlines a few solutions that are enabled by Aricent’s OpenFlow frameworks. SDN-ENABLED WLAN SOLUTION Access Points (running CAPWAP Client) CAPWAP (Device Management) Figure 7: WLAN Controller in the SDN Architecture (Solution A) Today, WLAN controllers use proprietary protocols to manage access points deployed in the network. While using proprietary protocols may be sufficient in an enterprise or campus deployment where access points are supplied by a single vendor, it may be SDN Applications Radio Mgmt Roaming inadequate for a multi-vendor deployment such as carrier Wi-Fi Policy Control QoS Analytics deployment, where service providers roll out thousands of hotspots. This brings the need for a standard protocol such as CAPWAP for the management of access points. With service providers adopting SDN, OEMs are looking for ways to integrate SDN and WLAN architectures. Aricent’s OpenFlow client can be integrated with Integrated WLAN and SDN Controller Existing L2/L3 Functions in WLAN Controller SDN Controller CAPWAP WLAN Access Controller (AC) or Access Points (AP) to provide a complete SDN-enabled WLAN solution. Here are the benefits of the solution: > Unified policies for wired and WLAN networks > Centralized management and monitoring of both wired and OpenFlow (Flow Tables Management) CAPWAP (Device Management) WLAN networks > Highly scalable architecture for enterprise and carrier Wi-Fi deployments > User Data Traffic Increased programmability and fine-grained control of WLAN functions For deployments in which user data traffic is routed from access points to the access controllers, OpenFlow client functionality is Access Points OpenFlow CAPWAP Client Client OpenFlow Client CAPWAP Client implemented in the WLAN access controller. The possible deployments include thin AP, such as in enterprise and campus Wi-Fi networks. For deployments in which user data traffic is Figure 8: WLAN Controller in the SDN Architecture (Solution B) routed from APs directly to the outside network, OpenFlow client functionality is implemented in the WLAN APs. The possible SDN-ENABLED BROADBAND ACCESS SOLUTION deployments include fat AP, such as in carrier Wi-Fi networks. Service providers are discovering ways to optimize their network Aricent’s OpenFlow client framework can be integrated into OEM’s architecture to save on the CAPEX, to reduce OPEX, and to roll out existing WLAN access controller and WLAN AP products. innovative services quickly. OEMs can enable service providers Alternatively, OEMs can license Aricent’s OpenFlow enabled WLAN to significantly cut down on costs and provide additional Switching Solutions (WSS), which include the complete WLAN monetizable services to their customers by developing SDN- access controller and AP framework integrated with OpenFlow enabled solutions. One such solution for service providers is client software. virtualizing network functions such as Customer Premise Realizing OpenFlow Switches with Aricent Frameworks 6 Equipment (CPE) and Broadband Remote Access Servers (BRAS). international private line. SDN architecture expects OSS Today, CPE provides a number of network functions such as solution to become more open firewall, access control, policy management, and discovering/ > OSS architecture has to migrate from proprietary/non- connecting devices at home using DLNA or UPnP. Service standard network management technologies to standard providers can cut cost, by embracing SDN and by virtualizing the SDN-based management technologies (e.g., OF Config and CPE functions. In an SDN architecture, OpenFlow can be used for OpenFlow protocols) flow-table management in Residential Gateway (RG). Aricent’s OpenFlow client framework can be integrated into existing or > Network management interfaces have to be abstracted to simplify the management of networks in a multi-vendor new RG solutions. deployment The following are some benefits of using Aricent’s Intelligent > Enabling programmability and dynamic provisioning of Switching Solutions (ISS) and OpenFlow client for virtualized network services (e.g., dynamically varying bandwidth for applications: applications instead of statically provisioning of bandwidth) > Scalable for low CPU/memory footprint deployments such as RGs and CPEs > building products with Aricent’s OpenFlow client framework, Supports hybrid architectures where the CPE is connected which provides the following benefits for a carrier network solution: to both legacy and SDN-enabled networks > OEMs can help service providers solve the above challenges by > Licensable as a complete solution (i.e., OpenFlow-enabled Standards-compliant OpenFlow implementation that interoperates with popular SDN controllers in the market residential gateway solution) or a standalone OpenFlow such as Floodlight, Trema, and NOX client-stack framework > Supports multiple flow tables for service providers to configure policies such as QoS and rate-limiting SDN-ENABLED CARRIER NETWORK SOLUTION > Software Defined Networking (SDN) is forcing service providers to redefine their network architecture. Some of the challenges faced by service providers in migrating to SDN architecture are: > Scales up to 1 million flow entries in the software and is ideal for deployments in edge routing or switching products > Supports hybrid architecture for coexistence with legacy routers/switches in the core or on the edge OSS typically has point solutions designed to manage a range of services such as IP, VPN, VOIP, video conferencing, and Residential Gateways OpenFlow Client OF Config (Device Mgmt) Thin ISS OF Config SDN Controller vCPE Thin ISS Cloud Controller Internet OpenFlow Client Thin ISS OpenFlow (Flow Mgmt) RG SDN Controller Cloud vCPE > Flow Tables > Route Calculation and Propagation > Access Functions (DHCP, > NAPT Bindings > Device Management PPP/oE, DLNA/UPnP, SNTP) > Data Forwarding > Network Monitoring > Policy Management (Firewall, ACL, Rate-Limiting, etc.) Figure 9: Aricent’s vCPE Solution Realizing OpenFlow Switches with Aricent Frameworks 7 API for Integration with Northbound System (Service Provisioning/Activation, etc.) Logs Collector Network Monitoring Console Subscriber Database and Policy Server Notherbound API Network Operation and Control (NOC) Notherbound API Inventory & Audit Manager Accounting Server NMS Analytics and Reporting Device Config Alarms & Events Manager Manager Analytics and Statistics Traps or Events Bandwidth Management Topology Manager Network Monitor Route Manager SDN Controller Core Network OpenFlow (Route Provisioning Network Monitoring Topology Updates) OF Config Based Device Configuration (OpenFlow Management and Configuration Protocol) Hybrid Edge Router OpenFlow Client Existing L2/L3 Functions OpenFlow Client Existing L2/L3 Functions OpenFlow Client Existing L2/L3 Functions Figure 10: SDN-Enabled Carrier Network Conclusion Aricent’s OpenFlow frameworks enable equipment vendors to class design, development, testing, and sustenance services to gain competitive edge in the fast-growing OpenFlow/SDN market. help customers bring innovative SDN and OpenFlow solutions Aricent’s OpenFlow client is pre-integrated with our industry to market. Coupled with Aricent’s deep domain expertise in data leading ISS solution, which can be leveraged to build hybrid center, transport, and enterprise networks, we help deliver OpenFlow switches and routers. The OpenFlow client is platform- solutions across the SDN spectrum. agnostic and pre-integrated into leading silicon platforms. Aricent’s OpenFlow Fast Path Accelerator on Intel’s DPDK and reference porting layer implementation for leading silicon platform offers For more information, visit aricent.com/software/software-defined-networking.html compelling advantages to equipment vendors by offeringworld- MADHAVI RAVANAN SARO VELRAJAN is a Senior Manager at Aricent, is a director of Technology at driving strategic technology Aricent. He has 15 years of initiatives in wireline across experience working for companies OpenFlow/SDN, NFV, WLAN such as Cisco, Ericsson, and Juniper, and Cloud. specializing in broadband access, [email protected] WLAN, content delivery, and software-defined networks. [email protected] Realizing OpenFlow Switches with Aricent Frameworks 8 aricent.com © 2013 Aricent Inc. All rights reserved. All Aricent brand and product names are service marks, trademarks, or registered marks of Aricent Inc. in the United States and other countries.
© Copyright 2024 ExpyDoc
