The Managing Network Virtualization Using Openflow

Published Date: 02 Nov 2017

Advancement in Virtualization and cloud computing have completely changed the IT world, providing more scalability and on-demand features. However, in parallel to this flexible world of Cloud computing, we have to manage networks which are often more static, have more physical constraints and require manual interventions. The primary issue is that traditional networking methods might slow-down the whole infrastructure hindering the cloud deployment. Industry needs new techniques that are scalable and provide automated approach to the next generation network management. Network Virtualization is a flexible and software driven network and IP management services, making it easier to manage the existing networks and can be used by both administrators and users alike. It also provides users with the freedom of self-service over their network configuration. Once a Virtual network is deployed it becomes extremely difficult to maintain the integrity of Network Virtualization requirements. Hence it is vital for the Virtual Network controller to have the knowledge of all the devices in a network in real time. Our goal for the project is to develop an application that will run on top Floodlight OpenFlow controller and it will use OpenFlow technology instead of any discovery protocol. It will monitor all incoming requests and keep account of all the devices connected to the virtual network and ensures that the integrity of virtual network is maintained by forwarding packets with a given profile to the network virtualization controller for further analysis.

Table of Contents

Chapter 1 Introduction ………………………………………………………….……..… 4

1.1 Problem statement, project innovation and needs ………………………… 4

1.2 Project application and impact ………………………………………............. 6

1.3 Expected project results and deliverables …………………………………... 7

Chapter 2 Background and Related Work ……………………………………………. 8

2.1 Background and Used Technologies ………………………………………… 8

2.2 State-of-the-art …………………………………………………………………. 12

2.3 Literature survey ……………………………………………………………….. 12

Chapter 3 Project Description ………………………………………………………….. 14

3.1 Project goals and objectives ………………………………………………….. 14

3.2 Project approaches ……………………………………………………………. 14

3.3 Project solutions and justification …………………………………………….. 15

3.4 Project evaluation and validation …………………………………………….. 18

Chapter 4 Project Plan and Schedule …………………………………………………. 19

4.1 Project tasks and schedule …………………………………………………… 19

4.2 Project resources, budget, and cost analysis ………………………………. 20

References……………………………….……………………………………………………… 23

Chapter 1 Introduction

1.1 Problem Statement, project motivation and needs

In last two decades, the idea of network virtualization has gathered quite a bit of attention in the area on how to improve the new generation networking model that can take over the existing Internet. Network architects who still believe in networking designs see network virtualization as an instrument to evaluate fresh architectures, whereas others view virtualization as a key attribute of the new generation architecture.

There are five requirements that characterize the infrastructure in network virtualization. And they are:

(1) Abstraction

All types of available resources at physical layer such as link, computational or storage are thoroughly abstracted and named in order to be manipulated via well-defined and extendable interfaces and are allocated in a way to create or modify a slice.

(2) Isolation

Resources that are used in creating a slice are kept separated from those that are used to create other slices so that they may not obstruct each other in order to maintain performance, security, and that any slice may not create disruptions to the entire network.

(3) Elasticity

Resources for creating a slice are properly arranged, reclaimed and released when there is a demand so that operators can maximize the space for multiple slices and optimize the use of resources both spatially and temporarily. It also allows immediate resource consumption as well as non-stop usage of resources.

Figure 1. Network Virtualization Framework

(4) Programmability

Resources used in building a slice may be programmed for creating, experimenting and deploying with the new communication protocols for the innovative data distribution and to facilitate efficient data processing that can be enabled inside a slice.

(5) Authentication, Authorization, and Accounting

Utilization of resources to create a slice need to be authenticated and authorized in order to achieve safe and protected operations of slices averting the abuse of resources and attacks on them. It is important to account for the allocation of resources in the network so that the reliability of resources may be monitored and examined, also and the usage of the resources may be enhanced.

Once a Virtual network is deployed it becomes extremely difficult to maintain the integrity of the above five Network Virtualization requirements. Hence it is vital for the Virtual Network controller to have the knowledge of all the devices in a network in real time. There are many discovery protocols like LLDP, CDP, NDP and etc. But not all of them are open-sourced and efficient enough to manage a virtual environment. Hence our goal for the project is to develop an application that will run on top network virtualization controller and it will use OpenFlow technology instead of any discovery protocol. It will monitor all incoming requests and keep account of all the devices connected to the virtual network and ensures that the integrity of virtual network is maintained by forwarding packets with a given profile to the network virtualization controller for further analysis.

1.2 Project application and impact

The Virtual Network monitor we have planned to design will be able to collect data from the virtual environments in a dynamic and adaptable way. It will be able collect information about CPU, memory, and network usage for each of the device in a virtual network, even though they can be created, executed, and shutdown at run-time. This is important as each device represents a virtual resource in a virtual network. With a business point of view this will broaden our perspective on how we look at virtual networks. The major benefit of our application is that it will ease the managing of virtual networks by a greater extent. Our application can be a role model for new college graduates trying to come up with some new application on the similar lines.

1.3 Expected project results and deliverables

Following are the expected project deliverables:

Project Proposal - This document gives the specific objective and motivation behind the project. It describes an estimated cost and schedule for completion of the project. It ensures the customer that they will not lose their investments.

Project Report - Project report gives a detail study of the software requirement analysis, software design, tools, and testing plan.

Project Journal - This document maintains a record of all the minutes of the project meetings and the milestones reached in the project’s lifecycle.

Source code - The code which contains the technical and working logic behind the project.

Test Methodologies - The document will contain all the testing methodologies and a tutorial to repeat the test again if the issue of quality ever comes up.

Setup Document – The document will consist of a manual with instruction on how to install the executable on customer’s system.

User Manual – The most important document that comes with every product. It will consist of all the details on how to setup the environment and instructions to use our application the intended manner.

Chapter 2 Background and Related Work

2.1 Background and Used Technologies

Network Virtualization separates network services and operational control from network hardware. Virtual networks are designed and programmed so as to deliver and behave just like any physical network but they have the operational flexibility of virtualization. This is just like how server hypervisors () separate the workload from the underlying physical server.  The physical network continues to be leveraged for what it does well, forwarding packets, while network services and operational state are maintained and programmatically controlled in the virtual space.

There are seven key properties of network virtualization:

Independence from network hardware.

Faithful reproduction of the physical network services model in the virtual space, including support for both physical and virtual workloads.

Follow the operational model of compute virtualization.

Compatible with any hypervisor platform.

Secure isolation between virtual networks, the physical network and the control plane.

Cloud performance and scale.

Open, programmatic network provisioning and control.

Following are the technologies we intend to use to with our proposed application:

1. OpenFlow

OpenFlow is an open interface. It primarily helps in controlling the forwarding tables in various networking devices such as routers, switches and also access points. OpenFlow is a low level protocol over which developers can build high-level applications. For example, OpenFlow allows us to deploy secure default-off networks, wireless networks with smooth handoffs, scalable data center networks, host mobility, more energy-efficient networks and new wide-area networks.

Tutorial flow hw.png

Figure 2. OpenFlow Tutorial flow

2. Mininet

Mininet helps create a dummy but a realistic looking virtual network which can run a real kernel, switch and application code. All of this is accomplished on one machine, be it a VM, on cloud or native. It can be implementing in no time using a single command.

Mininet is also useful for academic purposes and research & development. Owing to the ease of interaction with the network by the use of Mininet API and/or CLI, we can deploy it on real hardware while customizing and then sharing it.

One can do some useful experiments by combing OpenFlow and SDNs with Mininet. As it developed and supported actively and has a permissive Open Source license, therefore participation in code buildup and bug reporting and fixing, documentation is highly encouraged.

Mininet has the capability of creating scalable SDN, like OpenFlow using Linux processes on a single PC. This gives an ability to create simulated network environment quickly and to interact with, while sharing and customizing it as a SDN prototype and eventually we can run our application on top of real environment.

3. Open vSwitch

Open vSwitch uses two interfaces to perform the function which it is built for and that is programmatic state distribution. First one is the OpenFlow which has many extensions. It manages fast path's forwarding behavior. Second one is JSON-RPC which is based on the config protocol which is used for configurations like NetFlow, tunnels and Quality of Service and are not very time critical.

There is also a possibility to use a centralized system which would help in managing network policies and help in Virtual Machine migration. Citrix's Distributed vSwitch Controller has been able to achieve this in a environment setup by XenServer.

In large cloud deployments which might include a setups many hundreds of server it is very often used a vSwitch. The prime purpose of it being management of automated VLAN, policy, and tunnel management. Many a times it is used as a simple OpenFlow switch in many deployments or it might be even used as a more a sophisticated programmatic switch to control hardware environments.

Performance of the Open vSwitch is incredibly great. It is very fast, even at times when compared with the native Linux bridge. When running in software, Open vSwitch uses flow-caching to make sure the speed is not effected even in case of very complex configurations. Tunneling implementations also perform very well as Open vSwictch is hight optimized for this purpose.

4. Floodlight

The Floodlight Open SDN Controller can define as an enterprise-class, Apache-licensed, Java-based OpenFlow Controller. As floodlight is written in Java language, it runs on a JVM. It works with virtual-switches and physical switches that would talk to the the OpenFlow protocol. It is being developed as an open source project and developers from the open community are helping out.

There are some prerequisites before one can use the Floodlight. To simulate a network we would need to have Floodlight running and attach to an OpenFlow network like Mininet, a network simulation tool.

Floodlight is not just an OpenFlow controller rather it's a collection of application built over controller plus the Floodlight Controller itself.

Openflow network is controlled and inquired by the set of common functionalities which setup by the Floodlight Controller. The applications on top of it work on solving different user requirements on the network.

2.2 State of the Art

Nicira is the biggest name in the virtual network virtualization field right now. SDN data centers would need a complete overhaul of the how computing, networking and storage is handled.

There are many issues in networking when we work on a distributed system and Nicira tries to solve that problem by defining defining distributed algorithm instead of managing the physical network using the traditional protocol.

Network Virtualization Platform (NVP) is the USP of Nicira. It is a collection of various components like the Controller cluster. Management software and RESTful APIs integrate various Cloud Management Systems (CMS). One can create a virtual network between the end hosts using NVP. It also helps in managing the network abstraction layer and all of this is independent of the underlying hardware. It works with a lot of softwares like VMWare ESXi, Linux/KVM, Xen/ Xen Server and Microsoft’s HyperV.

Hundreds of virtual ports can be created using it.

No physical network restrictions (VLAN & MAC table scalability, VM mobility, multi-tenant isolation, overlapping IP addresses and more)

Network infrastructure can be programmatically controlled.

Supports and extends network security model

Tenants can work in an isolated environment

Accounting for granular usage is available.

Rapid services can be created by the provided APIs

Integration and migration of physical to virtual can be done.

Broadcast and multicast network services are enabled.

2.3 Literature Survey

While studying and researching about our topic. We came across many technologies and others similar work that has been going on this field.

Openstack is one of the most closely associated technologies with the Network Virtualization and OpenFlow.

OpenStack, just like OpenFlow is an opensource project which is being accomplished by the collaborative work of many experienced developers. This technology contains a series of interconnected projects which form the umbrella of projects defining the cloud infrastructure solution.

It is commonly used for deplyoment of large scale public or private clouds. It leverages teh support and resulting technology of the open source community globally.

http://www.openstack.org/themes/openstack/images/openstack-software-diagram.png

Figure 3. OpenStack Cloud Operating System

OpenStack is kind of a cloud OS which manages the pool of networking resoucesm storage and computing power. All of these are managed through a datacenter and accessed through a dashboard given to administrators.

Chapter 3 Project Description

3.1 Project goals and Objectives

In order to overcome the limitation of managing virtual networks, a new Network Monitoring Tool is described which runs on top of a Floodlight controller using OpenFlow technology. It will increase the awareness regarding the properties and state of the network in order to bridge the gap between high-level management goals and the configuration that achieves them. In this respect, we consider an infrastructure that manages both information flow and processing within the network as an important stepping-stone towards this objective. The goal of our project is:

Study the basic architecture of Virtual Network Controller.

Identify the security issues related to monitoring Virtual Network.

Propose a software development approach for the application that will perform device discovery using OpenFlow.

Validating the proposed application by creating the prototype first.

3.2 Project approaches

We plan to begin implementing our idea by first developing a prototype of a virtual network to get a practical feel of our implementation of design. This would help us verify our ideas and set realistic goals for the final project outcome. We would understand the requirements that we need to work upon and the technologies that we need to learn so as to finish the project in its entirety.

We would take an iterative approach to do our project wherein we will implement some part and go back to our drawing table to work out strategy further. We plan to have regular meeting among team-mates and professor so as to get a sense of direction and to confirm that we are on the right track. We would be documenting each step to make sure that we know which direction we are moving and can easily go back a step in case the current strategy doesn’t work out.

We will be following the object oriented design methodology since we will have to define the objects and their interactions to develop the application. As a part of taking this approach we shall be providing a relational data model. The use case diagrams that show interaction between the user and the system would be documented. Also the system sequence diagrams showing the flow of events for a particular scenario of a use case, user interface documents describing the look and feel of end user interface will be provided.

3.3 Problem Solution and Justification

A management system for the upcoming Internet needs a monitoring system that can gather all the important data in a very effective way. The monitoring system required to have a very small runtime mark and not be interfering, so as not to badly affect the network performance itself or the running applications. To achieve this objective we proposed an application that will run on top of floodlight OpenFlow controller. This enables us to utilize OpenFlow to monitor all the devices or virtual machines that are working beneath the Virtual network.

Figure 4. Applications running on top of Floodlight OpenFlow Controller

Figure 5. Probes taking information from the data source

In order to get real time information about the devices a probing technique can also be employed that will take all the relevant information from the device and forward it to the proposed Application on top of floodlight OpenFlow Controller.

Figure 6. Hypervisor adding or deleting the probe

However since we are still in designing stage it is unknown which approach will be more effective and less resource consuming till we do an in depth analysis of the technologies proposed.

3.4 Project Evaluation and Validation

We will need to perform both black box and white box test methods since both external and internal perspective of the project have to be validated. Following are the test methods that we will be using for validation:

Functional Testing: Functional testing is essentially a black box test that checks whether the functionality of the application confirms to the product specification. In this testing the various elements and features of the application are tested.

Unit Testing: Unit testing is a way to test single software units or components of a source code. A unit can be an entire class or could be an independent function that is not dependent on any other part of the code.

Integration Testing: An extension of unit testing is integration testing. In unit testing each unit will be tested separately, while in integration testing two or more units that are already tested will be combined and tested. While integrating the units, it can identify the problems and the main goal of integration testing is to derive the consistencies between the components.

Model Testing: Using Model Based testing, test cases can be generated automatically, where a model of the system is used for test case generation.

Performance testing: In performance testing, the various responses of the application under test are measured under various workload conditions.

Chapter 4 Project Plan and Schedule

4.1 Project tasks and Schedule

Project tasks and Schedule for CMPE 295A and CMPE 295B are shown below with the help of Gantt chart:

C:\Users\Atinder\Desktop\proposal a.jpg

Figure 7. Project Schedule for Project Part A

C:\Users\Atinder\Desktop\proposal b.jpg

Figure 8. Project Schedule for Project Part B

4.2 Project Resources, Budget and Cost Analysis

In order to maximize our efficiency we need to utilize the amount of time and resources available very wisely. We have analyzed our project requirements and have planned our Project tasks, Schedule, Budget and required resources in advance. For the cost analysis we have considered labor cost on hourly basis, equipment and software cost. We have also maintained a small budget for miscellaneous expenditure.

Cost of Equipment

Equipment

#

Cost / Item

Semester 1

Semester 2

Laptops

4

$ 700

$2800

-

Desktops

2

$1000

$2000

-

Network Switches

3

$450

$900

$450

Network Routers

4

$100

$200

$200

Total Cost

$6550

Labor Resources

Resource Type

Name

Hourly Rate

Number of Hours

Total

Advisor

Dr. Chao Li-Tarng

$ 50/hr

70 Hours

$ 5000

Developer

Atinder pal Sohal

$ 30/hr

704 Hours

$ 21120

Developer

Jasdeep Singh

$ 35/hr

650 Hours

$ 22750

However this is a master’s project and we will be taking only labor hours in consideration instead of labor cost. Therefore the total number of labor hours comes out to be 2052 Hours. We have estimated about $2000 to be the miscellaneous cost of software, stationary, printouts and travel expenses.

Hence the total estimated cost to complete the project is:

Equipment cost + miscellaneous expenditure = $ 6550 + $ 2000

= $ 8550

The cost may increase according to the project needs and requirements.