It is no secret that most corporate and industrial computing resources in the world today have now been migrated from physical infrastructure to a combination of public, private and hybrid cloud environments. A similar trend is now under way in the networking space, with network control logic shifting from proprietary hardware-based platforms to open source software-based platforms (SDN or Software Defined Networking).
This post introduces six open source projects in the SDN space that anyone involved in education and training around networking should be aware of. These projects represent a great way to introduce students to the future of networking and virtualisation, and more importantly, to allow them full and open access to the technologies involved.
OpenFlow is a protocol which allows direct access to and manipulation of the forwarding plane of network devices such as switches and routers, both physical and virtual (hypervisor-based), over the network. It enables network controllers to determine the path of network packets across a complex network of switches. Separating controllers from the switches enables more sophisticated traffic management than is possible using access control lists (ACLs) and routing protocols.
OpenFlow also allows switches from different vendors, often each with their own proprietary interfaces and scripting languages, to be managed remotely using a single, open protocol. As such, OpenFlow is an important enabler of SDN. Legacy networking devices are closed monolithic devices that lack an open interface to the forwarding plane. A protocol like OpenFlow is needed to move network control out of proprietary network switches and into control software that’s open source and locally managed.
The OpenFlow standard is managed by the Open Networking Foundation (ONF). Google began managing it’s petabyte-scale internal data flows using OpenFlow in 2012. Network switch and router vendors who plan to support or are already shipping devices that support OpenFlow include Alcatel-Lucent, Brocade Communications, Huawei, Cisco, Dell EMC, Extreme Networks, IBM, Juniper Networks, Hewlett-Packard and NEC.
Mininet is a development and teaching tool which enables the prototyping and testing of OpenFlow networks.
OpenDaylight is an open source SDN platform and leader in the transition to Open SDN. The ODL community’s success in helping to create interoperable, programmable, software-designed networks mean that OpenDaylight is widely regarded as the industry’s defacto standard.
Service providers and enterprises use ODL to solve significant network challenges related to automated service delivery, network resource optimization, the cloud and networks function virtualisation (NFV). ODL’s architecture is based on the Model Driven Service Abstraction Layer (MD-SAL), delivering higher scalability and the flexibility to enable easy incorporation of new applications and protocols.
ONOS (Open Network Operating System) is a SDN network operating system for service providers. The project was formed to pursue a vision of what networking could be for the public good. Currently, networking often impedes innovation and progress rather than enabling them. Networks are critical social infrastructure for the society, but are currently closed, proprietary, complex, operationally expensive, and inflexible.
The ONOS project has a vision of what networking could be through the promise of Software Defined Networking (SDN). SDN separates the control plane from the data plane, and also separates software innovation cycles from hardware innovation cycles. SDN significantly reduces the cost of building and operating modern networks and accelerates internet and cloud innovation.
Open vSwitch is a production quality, multilayer virtual switch which enables large-scale programmatic network automation, while still supporting standard management interfaces and protocols (e.g. NetFlow, sFlow, IPFIX, RSPAN, CLI, LACP, 802.1ag). It is designed to support distribution across multiple physical servers similar to VMware’s vNetwork distributed vswitch or Cisco’s Nexus 1000V. Open vSwitch is used in multiple products and runs in many large production environments (and some huge ones!).
On Linux-based hypervisors, bridging traffic between VMs and the outside world used to mean using the built-in L2 switch (the Linux bridge), which is fast, reliable and simple to configure in a single-server environment. Open vSwitch is targeted at multi-server virtualization deployments, an environment for which the previous stack is not well suited. These environments are often characterized by highly dynamic end-points (eg. VMs coming and going) and rapid changes to logical networks. So Open vSwitch targets a different point in the design space than previous hypervisor networking stacks, focusing on the need for automated and dynamic network control in large-scale Linux-based virtualization environments.
Open vSwitch supports a network state database (OVSDB) that supports remote triggers. Therefore, a piece of orchestration software can “watch” various aspects of the network and respond if/when they change. For example, this is widely used today to respond to and track VM migrations.
There are many ongoing efforts to port Open vSwitch to hardware chipsets. These include multiple merchant silicon chipsets (Broadcom and Marvell), as well as a number of vendor-specific platforms. The advantage of hardware integration is not only performance within virtualized environments. If physical switches also expose the Open vSwitch control abstractions, both bare-metal and virtualized hosting environments can be managed using the same mechanism for automated network control.
As of Linux 3.3, Open vSwitch is included as a part of the kernel and packaging for the userspace utilities are available on most popular distributions.
Project Floodlight is an open source project which develops the Floodlight Open SDN Controller, an enterprise-class, Apache-licensed, Java-based OpenFlow Controller. The project is supported by a community of developers including a number of engineers from Big Switch Networks. Floodlight is designed to work with the growing number of switches, routers, virtual switches, and access points that support the OpenFlow standard.
The project also develops the Indigo Virtual Switch (IVS), a lightweight, high-performance open source virtual switch for Linux which is compatible with the KVM hypervisor and leverages the Open vSwitch kernel module for packet forwarding. IVS is built from the ground up to support the OpenFlow protocol and is designed to enable high-scale network virtualisation applications. It supports distribution across multiple physical servers using an OpenFlow enabled controller, similar to VMware’s vNetwork, Cisco’s Nexus or Open vSwitch.
The CloudRouter Project is a collaborative open source project focused on developing a powerful, easy to use software-based router distribution designed to run on physical, virtual and cloud environments, supporting software-defined networking infrastructure. It includes the features of traditional hardware routers, as well as support for emerging technologies such as containers and software-defined interconnection. CloudRouter aims to facilitate migration to the cloud without giving up control over network routing and governance.
- CloudRouter design goals and features include:
- Full-stack SDN implementation including OpenDaylight and ONOS
- Standards-based interfaces
- Built on solid Linux foundation
- Monitoring and availability
- Support for containers and cloud images
- Security monitoring tools including FastNetMon for DDoS and DOS detection and analysis, and BGPstream for analysis
- Optimized for interconnection
- Run in the cloud or on-premise
- Flexible build system supporting multiple distribution formats
- Easy to use and configure
- Security as a core feature, not an afterthought
- High performance with minimal resource consumption
- Highly scalable