CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved  

#airheadsconf  

So#ware  Defined  Networking  &    

Traffic  Engineering    Partha  Narasimhan    &  Ash  Chowdappa  

March  2013  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved  

-­‐  IntroducNon  to  SDN  -­‐  SDN  EvoluNon  &  Traffic  Engineering  -­‐  Wired  +  Wireless  SDN  Architecture  -­‐  SDN  Use  Cases  -­‐  Simplified  network  designs  with  SDN  ?  

Agenda  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved  

#airheadsconf  3  

IntroducNon  to  SDN  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   4   #airheadsconf  

So#ware  Defined  Networking  

•  SoWware-­‐defined  networking  decouples  network  control  (rouNng  and  switching  traffic)  from  the  physical  network  topology    

•  Network  intelligence  and  state  are  centralized,    network  topology    is  abstracted  and  virtualized  

•  Open  Networking  FoundaNon  consorNum    is  leading  standardizaNon  efforts    

•               h\ps://www.opennetworking.org/  

•  OpenFlow    is  a    protocol    that    facilitates  communicaNon  between  SDN  Controllers  and  SDN  capable  network  elements.  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   5   #airheadsconf  

SDN  Logical  Architecture*  

*  h\ps://www.opennetworking.org/images/stories/downloads/white-­‐papers/wp-­‐sdn-­‐newnorm.pdf  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   6   #airheadsconf  

SDN  &  OpenFlow  benefits*  

*  h\ps://www.opennetworking.org/images/stories/downloads/white-­‐papers/wp-­‐sdn-­‐newnorm.pdf  

•  Centralized  management  and  control  of  networking  devices  from  mulNple  vendors    

•  Increased  network  reliability,  security,  uniform  policy  enforcement,  and  fewer  configuraNon  errors  

•  More  granular  network  control  with  the  ability  to  apply  comprehensive  and  wide-­‐ranging  policies  at  the  session,  user,  device,  and  applicaNon  levels  

•  Be\er  end-­‐user  experience  as  applicaNons  exploit  centralized  network  state  informaNon  to  seamlessly  adapt  network  behavior  to  user  needs.    

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved  

#airheadsconf  7  

SDN  EvoluNon  &  Traffic  Engineering  Home  vs  Enterprise  Networks  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   8   #airheadsconf  

SDN  Categories    

Datacenter/Core Infastructure

Access Infrastructure

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   9   #airheadsconf  

Quest    to  simplify  end  user  experience  &    network  operaHons  

Typical  “Home”  networks  •  Handful  of  personal  devices  •  Single  broadcast  domain  in  home  networks  

Enterprise  networks  •  100’s  of    Broadcast  domains  •  Security  policies  •  1000’s  of  devices  

©  Copyright  2012.  Aruba  Networks,  Inc.    All  rights  reserved  

10  

Aruba  SDN  Framework  EvoluHon  

WLAN Infrastructure Virtualization

WLAN + Services

Virtualization

Wireless + Wired

1.  Seamless  WLAN  overlay  deployment    

2.  VLAN  “virtualizaNon”    

3.  Broadcast/MulNcast  arbitraNon  for  WLANs  

4.  Centralized  controller    based  flow  control    

1.  “AirGroup”  mDNS  centralized  control  plane  –  services,  topology  virtualizaNon    

2.  Abstract    underlying  L2/L3  network  topology  

1.  Centralized  arbitraNon  point  for  network,  services  discovery  protocols    

2.  Traffic  engineering    with  virtual    topology    

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   11   #airheadsconf  

Example  of  Network  VirtualizaHon    Virtual  VLANs  on  Wireless  LANs  

User  VLANs  “virtualized”  i.e.  they  are  not  instanNated    on  the  edge  switches  that  the  APs  are  connected.  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   12   #airheadsconf  

• Special  handling  for  ARP,  v6  ND,  DHCP  –  Drop  everything  else  (breaks  services  such  as  Bonjour)  

• AirGroup  –  mDNS  protocol  specific  handling  –  Can  we  generalize  AirGroup  to  handle  any  generic  Bcast/Mcast  protocol  ?  

–  Network  neighborhood  defined  by  policy  and  independent  of  physical  network  topology  

• Need  good  BC/MC  handling  for  all  physical  network  designs  

Example  of  Network  Services  VirtualizaHon  Special  Broadcast  /  Mul:cast  handling  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved  

#airheadsconf  13  

Wired  +  Wireless  SDN  Architecture  

CONFIDENTIAL  ©  Copyright  2012.  Aruba  Networks,  Inc.    All  rights  reserved  

Person

alized

 Experience    

User  

Simplify  Network  Ops  

IT  

So#ware  Defined  Unified  Access  

VPN  

Access  Policy   Mobility  State   Performance  

Management   LocaNon   Content   Network  Apps  AnalyNcs  

Onboard  New  Apps,  BYOD  &  Guests  

Flow  Awareness,  App  Services  

Monitor  Wi-­‐Fi,  Wired  &  WAN    Controller   AirWave  ClearPass  

SDN  Control  Plane    

CONFIDENTIAL © Copyright 2013. Aruba Networks, Inc. All rights reserved 15 #airheadsconf

Flow Steering with OpenFlow

OF OF OF

OF

OF OF OF

OF

OF OF OF

OF

•  Virtual cut-through paths per user/app

•  Unified access on multi-vendor network

•  Stitching flows across roles

OF

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved  

#airheadsconf  16  

Use  Cases:  PersonalizaNon    with  Dynamic  Topologies  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   17   #airheadsconf  

So#ware  Defined  Personalized  Networks  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   18   #airheadsconf  

Air  Services  

  Visibility  of  services  based  on  ownership,  locaNon  and  role  

Branch  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   19   #airheadsconf  

Aruba  AirGroup  Example:  Student  Mary  

Personal  AirGroup  “Mary”  

Shared  AirGroup  “Students”  

Local  AirGroup  “Lab”  

Mary’s    MacBook  

Mary’s    iPad  

Classroom  Apple  TV  

For  teachers  only  

Dormitory  Printer  

Library  Printer  

Lab  Apple  TV  

Auditorium  Printer  

For  teachers    only  

Mary’s    Apple  TV  

Mary’s    Friend  Mike  

Mary’s    Friend  Jen  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   20   #airheadsconf  

Per  User,  Device  Security  

Branch  

SSID:  Corporate  

  MulNple  user,  device  policies  under  the  same  SSID  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   21   #airheadsconf  

200  Mbps  

600  Mbps  

Dynamic  RF  topology  based  on    applicaHon  QoS,  delivery  context  

  Best  Wi-­‐Fi  rates  for  each  mobile  device  

  Best  topology  (AP,  channel  selecNon)  is  driven  by  App  QoS  requirements  

HQ  

400  Mbps  

108  Mbps  

54  Mbps  

36  Mbps  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved   22   #airheadsconf  

• SDN  may  present  an  opportunity    to  simplify  network  designs  – With  special  Bcast/Mcast  handling  for  Wired/Wireless  the  size  of  broadcast  domain  may  not  ma\er  

–  Dynamic  SDN  topologies  imply  physical  and  logical  L2/L3  topologies    are  less  relevant  

• A    flat  L2  for  IPv6  only    (Wired)  ?  –  Keep  current  v4  design,  move  v6  traffic  into  an  overlay  VLAN  

• “Solve”  L3  mobility  with  simplified  topology    

Future  network  designs  with  SDN  

CONFIDENTIAL      ©  Copyright  2013.  Aruba  Networks,  Inc.    All  rights  reserved  

#airheadsconf  

Thank  You