SDN Getting Started Guide

Transcription

Early Access February 2015 Release
9034842
Published April 2015
Copyright © 2015 All rights reserved.
Legal Notice
Extreme Networks, Inc., on behalf of or through its wholly-owned subsidiary, Enterasys Networks,
Inc., reserves the right to make changes in specifications and other information contained in this
document and its website without prior notice. The reader should in all cases consult
representatives of Extreme Networks to determine whether any such changes have been made.
The hardware, firmware, software or any specifications described or referred to in this document
are subject to change without notice.
Trademarks
Extreme Networks and the Extreme Networks logo are trademarks or registered trademarks of
Extreme Networks, Inc. in the United States and/or other countries.
All other names (including any product names) mentioned in this document are the property of
their respective owners and may be trademarks or registered trademarks of their respective
companies/owners.
For additional information on Extreme Networks trademarks, please see:
www.extremenetworks.com/company/legal/trademarks/
Support
For product support, including documentation, visit: www.extremenetworks.com/
documentation/
For information, contact:
Extreme Networks, Inc.
145 Rio Robles
San Jose, California 95134
USA
Table of Contents
Extreme Networks Publications.............................................................................................................................................4
Preface......................................................................................................................................... 5
Conventions............................................................................................................................................................................. 5
Providing Feedback to Us................................................................................................................................................ 6
Getting Help............................................................................................................................................................................ 6
Related Publications............................................................................................................................................................ 7
Chapter 1: SDN Overview..........................................................................................................8
Why SDN?................................................................................................................................................................................ 8
What is SDN?.......................................................................................................................................................................... 8
Chapter 2: Extreme Networks SDN Offering....................................................................... 10
SDN Ecosystem................................................................................................................................................................... 10
SDN Platform.......................................................................................................................................................................... 11
OneController........................................................................................................................................................................ 13
Other Extreme Networks SDN Products.................................................................................................................14
Chapter 3: Solving Problems with SDN.................................................................................16
Traffic Engineering............................................................................................................................................................. 16
Service Function Chaining.............................................................................................................................................. 17
Network Virtualization...................................................................................................................................................... 17
3
Extreme Networks Publications
General
Documentation for BlackDiamond Series, E4G, ExtremeXOS, Summit Series, and Ridgeline is available
at: www.extremenetworks.com/documentation
Documentation for IdentiFi, NetSight, S/K/7100-Series, SecureStack, Purview, and IPS/SIEM is available
at: https://extranet.extremenetworks.com/downloads/
Open Source Declaration
Some ExtremeXOS software files have been licensed under certain open source licenses. Information is
available at: www.extremenetworks.com/services/osl-exos.aspx
4
Preface
Conventions
This section discusses the conventions used in this guide.
Text Conventions
The following tables list text conventions that are used throughout this guide.
Table 1: Notice Icons
Icon
Notice Type
Alerts you to...
Note
Important features or instructions.
Caution
Risk of personal injury, system damage, or loss of data.
Warning
Risk of severe personal injury.
New
This command or section is new for this release.
Table 2: Text Conventions
Convention
Screen displays
Description
This typeface indicates command syntax, or represents information as it appears on
the screen.
The words enter and
type
When you see the word “enter” in this guide, you must type something, and then press
the Return or Enter key. Do not press the Return or Enter key when an instruction
simply says “type.”
[Key] names
Key names are written with brackets, such as [Return] or [Esc]. If you must press two
or more keys simultaneously, the key names are linked with a plus sign (+). Example:
Press [Ctrl]+[Alt]+[Del]
Words in italicized type
Italics emphasize a point or denote new terms at the place where they are defined in
the text. Italics are also used when referring to publication titles.
Platform-Dependent Conventions
Unless otherwise noted, all information applies to all platforms supported by ExtremeXOS software,
which are the following:
•
•
BlackDiamond® X series switch
BlackDiamond 8800 series switches
5
Preface
•
•
•
Cell Site Routers (E4G-200 and E4G-400)
Summit® family switches
SummitStack™
When a feature or feature implementation applies to specific platforms, the specific platform is noted in
the heading for the section describing that implementation in the ExtremeXOS command
documentation. In many cases, although the command is available on all platforms, each platform uses
specific keywords. These keywords specific to each platform are shown in the Syntax Description and
discussed in the Usage Guidelines.
Terminology
When features, functionality, or operation is specific to a switch family, the family name is used.
Explanations about features and operations that are the same across all product families simply refer to
the product as the "switch."
Providing Feedback to Us
We are always striving to improve our documentation and help you work better, so we want to hear
from you! We welcome all feedback but especially want to know about:
• Content errors or confusing or conflicting information.
• Ideas for improvements to our documentation so you can find the information you need faster.
• Broken links or usability issues.
If you would like to provide feedback to the Extreme Networks Information Development team about
this document, please contact us using our short online feedback form. You can also email us directly at
[email protected].
Getting Help
If you require assistance, contact Extreme Networks Global Technical Assistance Center using one of
the following methods:
Web
www.extremenetworks.com/support
Phone
1-800-872-8440 (toll-free in U.S. and Canada) or 1-603-952-5000
For the Extreme Networks support phone number in your country:
www.extremenetworks.com/support/contact
Email
[email protected]
To expedite your message, enter the product name or model number in the subject line.
Before contacting Extreme Networks for technical support, have the following information ready:
•
•
•
•
Your Extreme Networks service contract number
A description of the failure
A description of any action(s) already taken to resolve the problem (for example, changing mode
switches or rebooting the unit)
The serial and revision numbers of all involved Extreme Networks products in the network
6
Preface
•
•
•
•
A description of your network environment (such as layout, cable type, other relevant
environmental information)
Network load and frame size at the time of trouble (if known)
The device history (for example, if you have returned the device before, or if this is a recurring
problem)
Any previous Return Material Authorization (RMA) numbers
Related Publications
Extreme SDN Documentation
•
•
•
•
OneC-A-600 Quick Reference
OneController Install and User Guide
OneController Release Notes
7
1 SDN Overview
Why SDN?
What is SDN?
Why SDN?
The desire to move to the SDN model is being driven by several factors that are currently limiting
conventional networking solutions from meeting today's needs:
• Complexity—Currently, to add or move devices, IT must touch multiple switches, routers, firewalls,
Web authentication portals, etc. and update ACLs, VLANs, Quality of Services (QoS), and other
protocol-based mechanisms using device-level management tools. Due to this complexity, today's
networks are relatively static as IT seeks to minimize the risk of service disruption.
• Lack of centralized orchestration—Current networks rely on device-level management tools and
manual processes. To implement a network-wide policy, IT may have to configure thousands of
devices and mechanisms.
• Inability to scale—Conventional networks deal with increased demand by increasing physical
infrastructure. As long as the increased demand is static, this solution works. However, increasingly,
traffic patterns are incredibly dynamic and therefore unpredictable due to an increased mobility of
users, more types of devices (smartphones, tablets), more online content, more cloud-based
computing, and more users in a globally connected world.
SDN is purporting to address these issues by being dynamic, manageable, cost-effective, and
adaptable, seeking to be suitable for the high-bandwidth, dynamic nature of today's applications. SDN
architectures decouple network control and forwarding functions, enabling network control to become
directly programmable and the underlying infrastructure to be abstracted from applications and
network services.
What is SDN?
Software-defined networking (SDN) is a new architectural approach that delivers network-wide
objectives and capabilities through automation. SDN is an approach to computer networking that seeks
to manage network services by decoupling the system that makes decisions about where traffic is sent
(control plane) from the underlying systems that forward traffic to the selected destination (data
plane).
Key features include:
• Network abstraction—underlying infrastructure is abstracted from applications and network
services.
• Separation of control and data planes—decoupling the system that makes decisions about where
traffic is sent (control plane) from the underlying systems that forward traffic to the destination
(data plane).
8
SDN Overview
•
•
•
Programmable data plane—ideally, virtual networks should forward packets at rates that are
comparable to native, hardware-based approaches.
Virtualization of the network—virtualization can occur in two ways: (1) Use of virtual compute (VMs),
virtual switches, and virtual storage to produce elastic, adaptable resource allocation. (2)
Abstracting the network such that you provide each user with a virtualized network as an
independent network container with its own features and characteristics, independent of the view
of other users.
Automation and orchestration—network control is directly programmable, allowing the ability to
implement network-wide policies, etc., rather than implementing individually and manually, at the
device level.
Key benefits include:
• Greater flexibility, agility—flexibility and agility are improved due to dynamic scaling and centralized
control. Setting up networks in SDN can be as easy as creating VM instances. Flexibility and agility
are also increased by the availability of APIs (application program interface), which allow you to add
new features to the network.
• Lower operating expenses and optimized capital expenditure—upfront and ongoing expenses are
reduced by not having to over provision a static network with excess capacity to deal with variable
usage.
Better
and more granular security—VMs can make network security problematic. SDN can provide
•
fine-grained security for application, endpoints, and BYOD devices situations that a conventional,
hard-wired network cannot.
Figure 1: SDN Infrastructure
9
2 Extreme Networks SDN Offering
SDN Ecosystem
SDN Platform
OneController
Other Extreme Networks SDN Products
Extreme Networks SDN heritage started in the mid 1990s as a industry leader in flow-based
networking, and providing such products as ExtremeXOS, a Linux-based operating system that is
common across the whole product line for consistent provisioning, programmability, and heterogeneity
across platforms. SDN development continued with other products, such as the award-winning,
revolutionary OneFabric Connect, providing centralized management and control of both network and
third-party systems; also, NetSight and Policy Manager with their APIs, for programmatic archestration
of network-wide policy.
The Extreme Networks SDN evolution continues to this day and consists of a multi-level solution
offering that includes:
• SDN Ecosystem—complete environment for developing and acquiring SDN applications (see SDN
Ecosystem on page 10).
• SDN Platform—aggregation of supported APIs from various components that is hardened, proven,
and supported by Extreme Networks (see SDN Platform on page 11).
• OneController—OpenDaylight-based controller available as a virtual or physical appliance (see
OneController on page 13).
• Additional Extreme Networks SDN products— see Other Extreme Networks SDN Products on page
14.
• Third-party/open source products and tools—integration with third-party and open source SDN
resources (see Integration Partners on page 12).
SDN Ecosystem
For users, the SDN ecosystem provides an App Store for acquiring and deploying SDN applications
created by both Extreme Networks, and a select community of third-party developers.
Access the App Store at https://marketplace.extremenetworks.com.
For developers, the Extreme Networks SDN ecosystem provides what you need to create a rich set of
applications: software developer kits (SDKs), developer forums, support, online training, testbed
environment, and documentation. For more information, see the Developers Resources Guide.
Access the SDN Developer Portal at https://developer.extremenetworks.com.
10
Extreme Networks SDN Offering
SDN Platform
The Extreme Networks SDN platform provides an aggregation of supported APIs from various
components that is hardened, proven, and serviced by Extreme Networks (see the following figure).
Figure 2: Extreme Networks SDN Platform
The Extreme Networks SDN platform includes:
• Management and policy—using OneFabric Connect, NetSight, or other network management
systems.
• Analytics—using Purview.
• Orchestration—using Citrix, VMWare, OpenStack, Microsoft, and others.
• OneController—Extreme Networks SDN controller (see OneController on page 13).
• APIs—various APIs allow a broad portfolio of seamless integrations points at any level of the
network: OneController platform API, NetSight API, and switch-level APIs that provide the ability to
program ExtremeXOS using SOAP/XML, C/C++, and Python.
For more information about Extreme Networks SDN Platform, go to www.extremenetworks.com/
product/sdn.
SDN Platform Open Source Elements
Extreme Networks is committed to open source solutions and the advantages that they provide for
customers: enabling you to leverage your existing investments, minimizing cost, and maximizing
flexibility.
The following lists some of the key Extreme Networks SDN Platform-compatible third-party and open
source solutions:
•
•
Open vSwitch—production quality, multilayer virtual switch licensed under the open source Apache
2.0 license. It enables large-scale network automation through programmatic extension, while still
supporting standard management interfaces and protocols (for example, NetFlow, sFlow, SPAN,
RSPAN, CLI, LACP, 802.1ag).
OpenFlow—OpenFlow is a communications protocol that gives access to the forwarding plane of a
network switch or router over the network. OpenFlow enables remote controllers (such as
OneController) to determine the path of network packets through the network. This separation of
the control plane from the forwarding plane allows for more sophisticated traffic management than
11
•
•
is feasible using access control lists (ACLs) and routing protocols. Also, OpenFlow allows
OpenFlow-capable switches from different vendors, despite having their own proprietary interfaces
and scripting languages, to be managed collectively and remotely using a single, open protocol.
OpenStack—free and open-source cloud computing software platform. Used primarily as an
infrastructure as a service (IaaS) solution, it offers to customers computers—physical, or more often,
virtual machines—and other resources according to the customers’ varying requirements, providing
the ability to scale services up and down. The technology consists of a series of interrelated projects
that control pools of processing, storage, and networking resources throughout a data center, which
users manage through a web-based dashboard, command-line tools, or a RESTful API.
HyperGlance—by Real Status, provides a GUI-based, 3-D cloud visibility solution to simplify
managing networks by aggregating and dynamically synchronizing data for real-time,
multidimensional visualization, navigation, analysis, and control at scale.
Integration Partners
Extreme Networks is partnering with leading technology providers to provide expanded solutions. The
Extreme Networks Integration Partners, based on Extreme Networks SDN Platform (see SDN Platform
on page 11), provide an open and multi-vendor led, standards-based Ecosystem making it easier to
introduce new capabilities with technology providers.
Figure 3: Technical Solutions Partners
12
OneController
OneController v1.0 leverages the OpenDaylight Helium SR1.1 version SDN Controller to provide an open,
fully pluggable and scalable platform to enable SDN and NFV for networks at any size and scale. Future
releases of OneController will use OpenDaylight releases as they become available and validated.
Applications can use OneController to gather network intelligence, run algorithms to perform analytics,
and then use OneController to orchestrate the new rules, if any, throughout the network. Additionally,
OneController is based on the modular OpenDaylight platform that allows multiple Java modules to run
concurrently within the Karaf framework, and lets the modules access Java APIs exposed by other
modules using the OpenDaylight Service Layer Abstraction (SAL) framework.
The OneController framework contains a collection of dynamically pluggable modules to provide
network services such as:
• Host and node service
• Flow service
• Physical and overlay (flow-based) topology service
• Path service to setup and manage a path based on specified constraints such as bandwidth
between a given source and destination
• Multi-tenant network virtualization service
• Network statistics service
OneController also provides the following features:
Web-based GUI for configuring the OneController appliance
OpenFlow modules for Lync® integration (configuring only the access switches)
•
•
13
Figure 4: Extreme Networks OneController
For more information, go to https://extranet.extremenetworks.com/downloads/Pages/
OneController.aspx.
Other Extreme Networks SDN Products
Extreme Networks provides several products that are key building blocks of the SDN Platform (see
SDN Platform on page 11).
•
•
•
NetSight—Extreme Networks network management system (NMS) that provides wired/wireless,
centralized visibility and automated control of your network with inventory, policy, identity, and
security management.
ExtremeXOS—Extreme Networks switch operating system with a robust set of Layer 2 and Layer 3
control protocols, flexible architecture, high availability for carrier-grade voice and video services
over IP and for supporting mission-critical business applications. Extreme Network switches that run
ExtremeXOS with the Extreme OpenFlow solution can operate in OpenFlow mode (see "OpenFlow"
below).
OpenFlow—the ExtremeXOS OpenFlow implementation enables OneController (see OneController
on page 13) to manipulate data flows within an Extreme switch using a standard protocol to
14
•
•
dynamically configure a flow table abstraction. Flow table entries consist of a set of packet
matching criteria (L2, L3, and L4 packet headers), a set of actions associated with a flow (flood,
modify, forward, divert to controller, etc.), and a set of per flow packet and byte counters. Flow
table entries are implemented using hardware ACLs and FDB entries.
OneFabric Connect—through NetSight (see previous), OneFabric Connect provides centralized
management and control of both network and third-party systems, through programmability of
virtualization and application integration via an XML/SOAP-based API. With the OneFabric Connect
API, you can integrate a variety of systems and applications. Extreme Networks provides several
predefined integrations that allow programmatic control of VM, MDM, web filtering, and firewall
systems. You can also develop your own integrations through the XML/SOAP-based API.
Purview—Extreme Networks application analytics and optimization solution that captures network
data and aggregates, analyzes, correlates, and reports on it to enable better decision-making and
improved business performance. Purview provides a centralized command control center that
combines network management with business analytics that permits you to optimize the network
for applications, enhance security for those applications, and provide data for business analytics.
15
3 Solving Problems with SDN
Traffic Engineering
Service Function Chaining
Network Virtualization
Traffic Engineering
SDN-based traffic engineering involves identifying and altering the behavior or pattern of specific types
of traffic on-demand. This requires the ability to, in real time, distinguish certain types of traffic, and
then dynamically classify it based on host, OS, application, or end-user. Two common methods for
engineering traffic are QoS modifications and traffic steering.
Figure 5: Traffic Engineering Microsoft Lync
Use cases:
•
Optimize traffic path (choose non-shortest path, load distribute) for various applications, such as:
Microsoft® Lync
Mice/elephant flows
Custom traffic management applications
Collaboration solutions
Backup and recovery
Conditional traffic engineering
•
•
•
•
•
•
Benefits:
• Maximize network resource utilization
• Optimize application performance
16
Solving Problems with SDN
•
Provision new services efficiently on the network
Service Function Chaining
Service function chaining consists of “stitching” together an ordered list of network services (for
example, firewalls or load balancers) in the network to create a service chain. This requires the ability to
register the services and chain provisioning.
Figure 6: Service Function Chaining
Use cases:
• Firewall upgrades
• Consolidation of workloads into a single cloud from traditional non-virtualized data centers
• IaaS (Infrastructure As a Service)
• Chain services, such as ADC, DPI, IDS, VPN in the data center
• Mechanism to register services and chain provisioning
• Policy-driven service chaining
Benefits:
• Cost optimization for services virtualized on x86
• More agile insertion of new services possible
• Automated traffic steering and chaining reduces deployment complexity and cost
Requirements:
• Ability to define an ordered list of a network services (for example, firewalls, load balancers, etc.)
• A mechanism to register services and chain provisioning
Network Virtualization
Network virtualization creates logical segments in an existing physical network by logically dividing the
network at the flow level similar to an overlay or a tunnel. Many choices are available, each with its own
strengths and weaknesses. OpenFlow-based network virtualization allows for the most flexibility, as it
17
Solving Problems with SDN
can work in conjunction with existing mature network virtualization techniques like VLANs, IP, and
MPLS. The other notable network virtualization technology is VXLAN.
Use cases:
• Multi-tenant data centers (see Multi-tenant Data Centers Solution with OpenStack/OneController on
page 18)
• DDoS mitigation
• VM migration
Multi-tenant Data Centers Solution with OpenStack/OneController
The following solution implements a multi-tenant data center using OpenStack and Extreme Networks
OneController:
• OpenStack orchestrator that manages and orchestrates the data center compute, storage and
networking infrastructure.
OpenStack
offloads all network configuration, management, and orchestration to OneController.
•
• OneController specifically uses the Virtual Tenant Network (VTN) application to provide multitenancy and to stretch the tenant network across geographically dispersed data centers.
Figure 7: Multi-tenant Data Centers: Orchestration with OpenStack
18

SDN Getting Started Guide

Transcription

Similar documents

Master`s Thesis Automated FPGA

Megyesi, Péter - Budapest ICT Network

Biochar Carbonizer System - Pakar Management Technology

Software Defined Networking (SDN) Solutions, Market Opportunities and Forecast 2014

The State of SDN in May 2015.key

Zhulian-USM Joint Laboratory - School of Industrial Technology

The art of self-disruption: How to transform your business with SDN

Edition #1

H O W T O S... H U M A N R E S... D E P A R T M E N T

to File 2 in PDF file