wiki:OpenFlow/SDNInstaGENI

Version 16 (modified by asydney@bbn.com, 3 years ago) (diff)

--


Background

In the original GENI deployments, InstaGENI racks supported FOAM and FlowVisor software to help manage hardware OpenFlow resources, along with the InstaGENI control software. The FOAM aggregate manager was used with FlowVisor (FV) to allow experimenters to reserve SDN resources at a rack. In general, a single OpenFlow VLAN instance was manually provisioned at the racks and FV allowed "slicing" of this instance via IP subnets. Hence, each researcher was allocated an IP subnet (a priori) to conduct SDN experiments. FOAM and FV were also used in the GENI Mesoscale network to facilitate network programmability in the GENI core. With the advent of GENI's "OpenFlow over Stitching" service, we are phasing out FOAM and FV, which are no longer actively supported.

(See the Experimenter Support wiki pages for information about software-only SDNs, which do not use hardware OpenFlow switch resources.)

Updated SDN Operation at InstaGENI Racks

As shown in the figure below, the FOAM and FV VMs are being replaced with a new lightweight "SDN" VM. The InstaGENI control software operates in concert with the SDN VM to allocate and connect resources for SDN experiments.

How are hardware SDN resources provisioned?

  • GENI experimenters conducting SDN experiments that leverage the "OpenFlow over Stitching" service will add the following line to the regular stitching rspec that they submit to GENI aggregates:
    <emulab:openflow_controller url="tcp:<IP Address for controller>:<Port for controller>" />
    

This line defines necessary information about the experimenter's controller, which can be located at a GENI location or on the public Internet. See the attached file "stitch-ig-uky-ig-nyse-of.rspec" for a complete example of an OpenFlow rspec.

  • When the "boss" VM in the InstaGENI rack receives this "OpenFlow over Stitching" request, the InstaGENI software stack creates an OpenFlow VLAN "slice" (or instance) at the data plane switch in the rack. The VLAN used corresponds to one of the "stitching" VLANs defined for this rack, and the associated control plane IP address of the OpenFlow instance is that which was specified in the experimenter's rspec.
  • The new OpenFlow instance leverages the management interface configuration of the data plane switch to initiate a connection via the "SDN" VM to the experimenter's controller.
  • When the connection has been established, the "SDN" VM continues to forward SDN control traffic between the experimenter's instance at the data plane switch and the experimenter's controller.

Notes

  • A "VLAN" slice implies that the experimenter is unable to conduct SDN experiments that modify the VLAN header. However, other headers such as the IP are supported (assuming the match conditions and actions required by the experimenter, are supported by the switch).
  • By default, stitched OpenFlow connections connect only two locations. Please contact help@geni.net for other desired configurations.

What SDN administrative tasks are required of the site admin?

Compared to the previous requirements, none are required. The new "VLAN" model:

  • removes any possibility of subnets overlapping, which existed with FOAM/FV
  • removes the need for site contacts to administer FOAM and FlowVisor manually (site contacts preferred automated approvals)

How do we track the users of GENI SDN resources?

Mechanisms inherent in the GENI account creation and approval process and the GENI monitoring interface provide the ability to determine the identity of experimenters who own GENI resources in SDN experiments. These can be used to track traffic by owner, if necessary, as requested by an experimenter, site contact or operations staff. Please contact the GMOC to report any suspected issues with GENI traffic or resources.

Software

The software for building the "SDN" VM can be downloaded here: sdn-vm-1.0.0.tar.gz

Attachments (2)

Download all attachments as: .zip