ONF SampleTap – An Educational Journey Developing a simple OpenFlow application on OpenDaylight © 2014 Open Networking Foundation ONF Sample Tapping Application • Goals – Educational project to promote OpenFlow and one the most basic OpenFlow applications – tap aggregation • Project Details – Have an experienced networking developer go through the journey of designing and implementing a sample OpenFlow tapping application on a popular controller – Capture the experiences in the series of blog posts: • Understanding OpenFlow and the tapping application • Designing a portable tapping application using OpenFlow • Implementation on OpenDaylight controller – Conduct an interactive webinar that covers the salient aspects of the blog posts with a live demonstration of the application Revision 1.0 © 2014 Open Networking Foundation 2 ONF Demo Tapping Application Use Cases • Target primary use case: tap aggregation E.g. TOR switches, access switches Span ports Tap Aggregation Revision 1.0 © 2014 Open Networking Foundation 3 Initial Design Criteria • Clean and extensible architecture – Even though non-production example application, make it easy for others to use • Portable architecture – Limit tight dependencies on underlying controller and allow for integration with other controller frameworks and northbound APIs – Use portable configuration and storage/stats mechanism (MongoDB) – Flexible logging mechanism – DB, separate logs or controller logs • Native integration with ODL for best experience – Native Java API integration with ODL controller – Yet allow for RESTful API integration in the future for integration with other frameworks Revision 1.0 © 2014 Open Networking Foundation 4 High-Level Functionality • Tag Aggregation – Ability to place match criteria on the incoming tap port, add portchains for transformation (e.g. truncation, decryption etc) and multiple capture devices – Store and re-use filters, match criteria etc Client 1 Server 1 e.g. TOR switch Tap Port TappAgg OF Switch Inspector 1 Transform 1 Revision 1.0 © 2014 Open Networking Foundation 5 Inspector 2 High-Level Product Design ONF Sample App Mid-tier – UI Integration Application Logic Controller Integration ODL Controller SAL OPF Plugin Revision 1.0 © 2014 Open Networking Foundation 6 Persistence Layer UI – HTML/Javascript Object Database Top Level Object Design • Tap Policy – association of matching rules with switches/ports and capture devices • Match rule – set of matching criteria with bi-directional reflexive matching Tap Policy Name Array: Match Rules Array: Switches/ Ports Port Chain Array: Capture Devices Match Rule Name Revision 1.0 © 2014 Open Networking Foundation Reflexive? Header Fields Source Address 7 Dest Address TCP/UDP Services High-Level View of ONS 2014 Demo • Tap aggregation demo – Client interacts with Server over HTTP and FTP, Tap Port Mirrors all Traffic from Server Port into Tap Aggregation Switch, which filters out port 80 and 21 traffic into inspection port Client 1 Server 1 e.g. TOR switch Tap Port Capture Device Revision 1.0 © 2014 Open Networking Foundation 8 TappAgg OF Switch Thank you! www.opennetworking.org Revision 1.0 © 2014 Open Networking Foundation High-Level View of ONS 2014 Demo – E.g. Client interacts with Server over HTTP and FTP, Tap Port Mirrors all Traffic from Server Port into Tap Aggregation Switch, which filters out port 80 and 21 traffic into inspection port Client Server Top of Rack Switch Tap Port OpenFlow-enabled Tap Aggregation Switch Capture Device Revision 1.0 © 2014 Open Networking Foundation ONF SampleTap App on ODL 10
© Copyright 2024 ExpyDoc
