Cisco Live 2014

Introduction to Software-Defined Networking (SDN) and Network Programmability

BRKSDN-1014

Jason Davis, Distinguished Engineer (Services) Abstract

SDN is an exciting new approach to network IT Service Management. You may have questions about SDN, Controllers, APIs, Overlays, OpenFlow and ACI. You may also be wondering what products and services are SDN-enabled and how you can solve your unique business challenges and enhance your differentiated services by leveraging network programmability.

In this introductory session we will cover the genesis of SDN, what it is, what it is not, and Cisco's involvement in this space. Cisco's SDN- enabled Products and Services will be explained enabling you to consider your own implementations. Since SDN extends network flexibility and functionality which impacts Network Engineering and Operations teams, we'll also cover the IT Service Management impact.

Network engineers, network operation staff, IT Service Managers, IT personnel managers, and application/compute SMEs will benefit from this session.

• What is SDN & Network Programmability

• What are the Use Cases and Problems Solved with SDN?

• An Overview of OpenFlow

• What Are Cisco's solutions?

• An Overview of Network Overlays

• An Overview of Network Controllers

• An Overview of ACI

• The Impact to IT Service Management

• How to Get Ready

• An approach and architecture in networking where control and data planes are decoupled and intelligence and state are logically centralized • Enablement where underlying network infrastructure is abstracted from the applications [network virtualization] • A concept that leverages programmatic interfaces to enable external systems to influence network provisioning, control and operations

…a new approach at network transformation* …empowering external influencers to network design and operations …impacting the networking industry - challenging the way we think about engineering, implementing and managing networks …providing new methods to interact with equipment/services via controllers, APIs …normalizing the interface with equipment/services …enabling high-scale, rapid network and service provisioning/management …generating a LOT of ‘buzz’ and attention …providing a catalyst for traditional Route/Switch engineers to branch-out

…an easy button… [but is intending to make things easier for all!] …a panacea or end-state …narrowly defined …meaning the death of network engineers …a mandate for all network engineers to become C and Java programmers …a new ISDN service from Apple called iSDN 

…a new attempt at network evolution… I Wants SDN

MPLS VPLS VPN GRE Tunnels LISP Control Plane / Data Plane Separation – Centralized Control

SS7 Management and ATM LANE Programmatic Interfaces Wireless LAN Controller GMPLS SNMP NETCONF EEM

http://cleanslate.stanford.edu/

Control Plane (CP) Control and Data Plane resides CP DP CP DP within Physical Device Data Plane (DP)

CP DP CP DP

CP DP CP DP CP DP CP DP

Control plane learns/computes forwarding decisions Data plane acts on the forwarding decisions

CP DP CP DP

CP DP CP DP CP DP CP DP

Control plane becomes centralized Physical device retains Data plane functions only

CP DP CP DP

CP CP DP CP DP Controller

CP DP CP DP CP DP CP DP

A Controller is centralized and separated from the Physical Device, but devices still retain a localized Control plane intelligence

• Familiar Manual, CLI-driven, device-by-device approach is inefficient • Increased need for programmatic interfaces which allow faster and automated execution of processes and workflows with reduced errors • Need for a ‘central source of truth’ and touch-point

• Pace of Change – Technology & Competition • Globalization of the Marketplace • Proliferation of Social Networking • IT Budgets, Staffing and Resources • Accelerated Pace of Consumerization, Virtualization and XaaS Options • Consumption Economics

Research/ Massively Scalable Service Cloud Enterprise Academia Data Center Providers

. Experimental . Customize with . Automated . Policy-based . Virtual workloads, OpenFlow/SDN Programmatic APIs provisioning and control and VDI, Orchestration components for to provide deep programmable analytics to of security profiles production insight into network overlay, optimize and networks traffic OpenStack monetize service delivery

Network Network Flow Scalable Private Cloud “Slicing” Management Multi-Tenancy Agile Service Delivery Automation Diverse Programmability Requirements Across Segments (Automation & Programmability)

• Centralized configuration, management/control, monitoring of network devices (physical or virtual) • Ability to override traditional forwarding algorithms to suite unique business or technical needs • Allowing external applications or systems to influence network provisioning and operation • Rapid and scalable deployment of network services with life-cycle management

Weather-Based Routing

Controller

Class API GUI Schedule

Staff Directory WAN1 (MPLS) WAN2 (EPL) WAN3 (Internet)

U N I V E R S I T Y

Main Campus Remote Classroom

API Application

OF OF Controller AGENT

…a Layer 2 communications protocol that gives access to the forwarding plane of a network device, …a specification for building switches conforming to the protocol

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 22 Deutsche Telekom : Facebook : Goldman Sachs : Yahoo Google : Microsoft : NTT Communications : Verizon OPEN NETWORK FOUNDATION Stanford : UC Berkeley ONF Board

ONF Members

3TEN8 Cisco Systems Hitachi Metaswitch Networks Samsung 6WIND Citrix Systems HP Midokura Sanctum Networks Ltd A10 Networks Colt Technology Services Huawei MRV Communications SDN Essentials Active Broadband Networks Coriant IBM NAIM Networks SDN Solutions ADVA Optical Networking Corsa Technology Infinera NCL Communication SK Telecom Alcatel-Lucent Criterion Networks (I) Pvt Ltd Infoblox NEC Spirent Alibaba Group Holding Ltd Cyan Institute for Information Industry (III) Netgear Swisscom Applied Micro Circuits Dell/Force10 Networks Intel Netronome Tail-f Systems Aricent Group Digital China Networks Ltd (DCN) Intelliment Security NetScout Tallac Networks Arista Networks ECI Telecom Intune Networks NoviFlow Inc. Tata Communications Aruba Networks Equinix IP Infusion NSN Tekelec (Acquired by Oracle) ATTO Research Korea Ericsson Itential NTT Data Telecom Italia Auvik Networks EstiNet Technologies Inc. ITRI (Industrial Technology Research OKI Electric Industry Telefonica Baidu Online Network Technology Co ETRI (Electronics and Institute) Optelian Telekom Malaysia - TM Research & Ltd. Telecommunications Research Ixia Oracle Development Barefoot Networks Institute) Juniper Networks Orange Telesoft Beijing Internet Institute (BII) Extreme Networks KDDI Overture Networks Tellabs Big Switch Networks F5 Kemp Technologies PCCW Global Ltd. Tencent, Inc. BISDN Fiberhome Technologies Konodrac Pertino Texas Instruments Blue Ocean Networks Pty LTD FishNet Security KT Corp. (Korea Telecom) Pica8 Thales Broadcom Freescale Semiconductor Inc L3 Communications Systems - East Plexxi Inc Tilera Brocade Communication Systems Friesty Lancope, Inc. PMC-Sierra Inc. Transmode BTI Systems Fujitsu Level 3 Procera Networks TW Telecom Centec Networks Gencore Systems LSI Corporation Qosmos UBIqube Solutions Ceragon Networks Gigamon Luxoft Rackspace Vello Systems China Mobile Research Center GlimmerGlass Marvell Radware Verizon China Telecom GuardiCore Ltd. MediaTek Riverbed Technologies Ciena H3C Technologies Mellanox Technologies Saisei Networks http://opennetworking.org BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 OF v1.0 What Makes OpenFlow Different? Example Flow Table

Ingres Source Dest Ether VLAN VLAN IP IP IP IP TCP/U TCP/U Action Priority Counter s Port MAC MAC Type ID Priorit SRC DEST Protoco TOS DP DP l y SRC DEST

* * * Switching* * * * * * * * Fwd Port 100 3c:07:54:* 10 * * *Routing* * * * * * * * Fwd Port 100 192.168.1.* 12 Port 1 Replication/SPAN Fwd Port 100 * * * * * * * * * * * 14…24 * *Firewall/Security* * * * * * * * * 25 Drop 100

* * * * Inspection* * * * 0x0800 * * * Controller 100

Vlan10 Combinations 80 Fwd Port 8 200 * 00:01:E7:* * * * * * * * * * * * * * * * * * * 80 Rewrite 200 Multi-action ; NAT 192.168.1.* 10.1.2.3; Fwd port 9 *Local handling* * * * * * 10.* * * * * Local 200

OPENFLOW CONTROLLER Required Actions Forward out all ports 1 except input port

Redirect to OpenFlow 2 2 Controller FLOW Forward to local CPU 3 TABLE Forwarding Stack (CPU)

Perform action in flow 4 4 3 table 7 5 Forward to input port SWITCH FORWARDING Forward to destination 5 ENGINE 6 port

7 Drop Packet

1 6

FLOW TABLE

HEADER FIELDS COUNTERS ACTIONS

… … … FLOW ENTRY

… … …

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 OpenFlow Introduced Notable Features Flow-spec Version Tuple 1.0 2009-12 Initial Specification [Still very prevalent in the market] 12

1.1 2011-02 Support for multiple flow tables 15 Added support for MPLS Defined two operating modes – Hybrid | Pure OpenFlow 1.2 2011-12 Support for IPv6 34 Multiple Controller support 1.3 2012-06 Support for Rate Limiting 38 IPv6 Extensions, GRE Version increasingly targeted by customers/manufacturers 1.3.1 2012-09 Support for Negotiation TLVs 38

1.3.2 2013-04 Support for controller-initiated connections 38

1.4 2013-10 Support for Rule change ‘transactions’ 40

1.3.3 2013-12 Update with IANA registered TCP port : 6653 40 Clarify multipart segmentation rules, clarify use of empty multipart messages Specify the normal fragment handling is mandatory, drop/reasm optional 1.3.4 2014-03 Clarify table feature wildcard list should not include fields that are mandatory in some context 40 Only Add section about control channel maintenance Push MPLS should add a MPLS header before the IP header and before MPLS tags, not before VLAN which is not valid

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 OF v1.3 Example Input Switch Intra- Etherne Ethernet Ethernet Input Input IP IP ECN IP IPv4 IPv4 Switch Physical Table t Dest Source Frame VLAN VLAN DSCP Protocol Source Dest Port Input Metadata Addr Addr Type id Priority Addr Addr Port . . .

TCP TCP UDP UDP SCTP SCTP ICMP ICMP ARP ARP ARP IPv6 IPv6 Source Dest Source Dest Source Dest Type Code Opcode Source Target Source Dest Port Port Port Port Port Port IPv4 IPv4 Addr Addr Addr Addr . . .

. . . IPv6 ICMPv ICMPv Target Source Target MPLS MPLS MPLS PBB- Logical IPv6 Port Extension Flow 6 type 6 code Addr link- link- label TC BoS bit ISID Header Metadata Label for ND layer layer pseudo- for ND for ND field

. . .

PCEP

APIs

Application Frameworks, Management Systems, Controllers, ...

“Protocols” onePK OpenFlow I2RS PCEP BGP-LS/FS Neutron OMI Puppet NETCONF …

Management OMI Puppet NETCONF … Agent Agent Agent Orchestration OpenStack Agent Network Services PCEP BGP-LS/FS BGP Agent Agent Control Diameter I2RS Radius Agent Forwarding SNMP OpenFlow … Agent Cisco API & Agent Infrastructure (OnePK, YANG) Device Operating Systems – Cisco IOS / NX-OS / IOS-XR

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public Industry Communities, Projects and Standards Bodies Cisco Innovations: FEX Architecture Technical Advisory 802.1 Overlay Board seat Networking Project Open Network Research Center at Stanford University

Puppet Agent Modules Puppet Labs Initiatives: investor Contributor - Neutron API Technical Advisory Group Technical Committee Donabe Chair, Management Area Cisco Innovations: Working Groups: Projects OpenStack API for Nexus Config, Hybrid, Extensibility, OpenStack Extensions Futures/FPMOD/OF2.0

Founding Platinum member Catalyzed initial Open Source offering

Overlay Working Groups: NVO3, L2VPN, TRILL, L3VPN, LISP, PWE3 Working Groups: NETCONF, ALTO, CDNI, XMPP, SDNP, Open Source Cloud I2AEX Computing project PCE, FORCES I2RS – Interface to Routing System BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 31 What Are Cisco's SDN solutions? CP  DP Nexus 1000V NetVirt API Highlights Network • Physical Networking Consistency – NX-OS Admin • Multi Hypervisor Consistency • Innovative Security and Monitoring Solutions

Virtual Supervisor VSMVSM Module VEM: Virtual Ethernet Module

• Allows an external application to access, extend or customize the software capabilities of Cisco’s routers and switches via API’s • Provides deep packet and routing path manipulation capabilities • Normalizes application-to-device interface regardless of the native, underlying operating system

Applications Applications Applications

Cisco onePK API’s C Java Python REST Physical Device

IOS | IOS-XE | NX-OS | IOS-XR

Hardware Silicon

Filtering (NBAR), classification (class-map, policy-map), POLICY actions (marking, policing, queuing), applying policy to interfaces

ROUTING Read RIB Routes, add/remove routes, receive RIB notifications

CPU/Memory statistics, interface statistics, element and interface ELEMENT events

DISCOVERY Layer 3 topology and local service discovery

UTILITY SYSLOG event and path tracing capability OnePK Sets ServiceOnePK DEVELOPER Debug capability and CLI extension (invoke CLI from application)

End-Point Hosted Blade Hosted Container Hosted AKA ‘Process Hosted’

Application Application

Server Service Blade

Application OnePK Router/Switch

OnePK OnePK Router/Switch

Runs on a remote server Runs on a service blade Runs locally on the device -Available- -Available- -Cisco sourced Apps only- -Nexus3000-

Overlay / Virtual Network • Mobile • Scalable • Supports Segmentation / multi-tenancy • Programmable & Manageable

Underlay / Fabric • High Capacity • Resilient • Intelligent Traffic Handling • Programmable & Manageable

+ Emulate L2 LAN Segment + Transport Ethernet Frames (IP and non-IP) + Can emulate physical topologies - Single Subnet Mobility (L2 domain) - Exposure to L2 Flooding

+ Abstract IP-based connectivity + Transport IP Packets + Can emulate physical topologies + Full Mobility regardless of subnet + Contain Network Failures/Flooding + Useful in abstracting connectivity and policy

VM VM VM VM VM VM Physical Physical Physical Virtual Virtual Virtual

Router/Switch end-points Virtual end-points only Physical and virtual end-points Protocols for Resiliency & Loops Single administrative domain Resiliency & Scale Traditional VPNs Cross-org & Federation OTV, VXLAN, VPLS, LISP VXLAN, NVGRE, STT Open Standards

• VXLAN • LISP • MPLS • Nexus 1000V • OTV • ACI • VPLS BRKDCT-1301 VXLAN Deployment – Use Cases and Best Practices

BRKDCT-2328 Evolution of Network Overlays in Data Center Clouds

BRKDCT-2049 Overlay Transport Virtualization

BRKDCT-3103 Advanced OTV - Configure, Verify and Troubleshoot OTV in Your Network BRKDCT-2131 Mobility and Virtualization in the Data Center with LISP and OTV

• …an open source project formed by industry leaders and others under the Linux Foundation with the mutual goal of furthering the adoption and innovation of Software Defined Networking (SDN) through the creation of a common vendor supported framework. • Focus: Customers with some programming resources that desire a free, community-supported SDN controller, especially if focus is on OpenFlow

Platinum Gold Silver

Network Applications Cisco Sourced Customers 3rd Parties

OpenDaylight Controller Web UI

OSGI Northbound APIs RESTful Java Bundle H/A

Basic Operation Infrastructure Stats Manager Host Tracker ARP Handler Dijkstra SPF Physical and Logical Device Manager Forwarding Rules Manager Topology Manager Service Abstraction Layer (SAL)

NETCONF OVSDB Southbound APIs OpenFlow (1.0 or 1.3)

NETWORK DEVICES Cisco or Other OpenFlow-enabled Devices

• A purpose-built, easy to use SDN controller • Does NOT require programming experience [but does have REST NBI] • Does NOT require HW/SW upgrades to take advantage of controller model • Has specific applications built-in to address common network needs: Policy Management, QoS Management, Zero-Touch Deployment and iWAN • Available to SmartNet customers without charge

• Focus: Enterprise Customers with Few to No Programming Resources that desires a Commercially-supported solution that preserves existing investment and doesn’t require HW/SW upgrades

Network Applications Cisco Sourced Customers 3rd Parties

Cisco APIC-EM Controller Web UI Northbound APIs RESTful

Controller Applications & Features

H/A Policy Manager Host Tracker Clustering QoS Manager Network Discovery iWAN Topology Manager Zero-Touch Device Manager Deployment (ZTD)

Investment protection w/o VTY Southbound APIs onePK / OpenFlow / OpFlex (Future) HW/SW upgrades

NETWORK DEVICES Cisco Devices

• The Data Center SDN Controller for the next-generation Fabric-enabled Nexus 9k family • Offers services for managing System, Tenant(s), Fabric, VM(s), L4-7 Services

• Focus: Data Center Customers that desire a Commercially-supported solution that leverages a centralized controller for the Nexus 9k product family • NBI: REST, Python • SBI: OpFlex ACI, REST, L4-7 Scripting API/VTY

Network Applications Cisco Sourced Customers 3rd Parties

Advanced GUI with Extended Features

Cisco APIC-DC Controller Web UI Python Northbound APIs RESTful

Controller Applications/Feature

System Tenant Fabric L4-7 Services VM Manager Manager Manager Manager Manager OpFlex Cisco’s proposal to IETF to standardize a SBI OpFlex/ACI Agent Southbound APIs REST L4-7 Scripting API / VTY for policy management

NETWORK DEVICES

Cisco Nexus 9k Family

• Unified point of data center network automation System Storage Orchestration and management: Layer 4 - 7 Management Management Management Puppet Labs CloudStack − Application-centric network policies Citrix NetApp VMware Red Hat Python KVM − Data model-based declarative provisioning F5 OpsCode OpenStack Cisco EMC CFEngine Corporation Microsoft − Application, topology monitoring, and troubleshooting XenServer − Third-party integration (Layer 4 - 7 services, storage, compute, WAN, etc.) Open RESTful API − Image management (spine and leaf) Storage SME Server SME Network SME − Fabric inventory • Single Cisco® APIC cluster supports one million+ endpoints, 200,000+ ports, and Policy-Based Security SME App. SME OS SME 64,000+ tenants Provisioning • Centralized access to all fabric information - GUI, CLI, and RESTful APIs • Extensible to computing and storage management

Unified API

Unified Information Model

RESTFul over HTTP(s) Object Oriented • JSON + XML • Unified: automatically delegates request to corresponding • Comprehensive access to underlying information model components • Consistent object naming directly mapped to URL • Transactional • Supports object, sub-tree and class-level queries • Single Management Entity yet fully independent components

Multithreaded, Distributed & Clustered Fabric Controllers

GUI CLI Any APIC Web R Object E Browser S Python T SDK

API Tools

https://apic.local/api/mo/uni/tn-common.xml

Operational Intelligence Management CIAC PRIME INFRASTRUCTURE 3rd Party and UCSD & NAM Apps Automated Service Provisioning Orchestration Dynamic Service Assurance Layer Catalog/ Fault/ User / Data Performance Reporting / Visualization and Analytics Provisioning Events Management Monitoring Analytics

REST API (ONE DevKit)

Control APIC Controller Network Intelligence Layer Device Layer Abstraction Data Center Module Enterprise Module Network Control Policy Enforcement and Network Change CLI, OpenFlow, OnePK API Device Cisco Devices Layer Data Center, Enterprise Networks

Start by asking/acknowledging the Branch Campus business problem/opportunity you’re trying to address with SDN/NP

Carefully track the device support you have or need for onePK / OpenFlow / ACI (OpFlex) support as it will dictate what you can/can’t do

Gauge the programming/development effort needed to achieve your goals Data Center Teleworker

• External Programs (and App Developers) have access to traditional network devices – You Good with that!? • Change Control – Now more Real-Time – Programs/Apps need to participate • You MUST have Focused, Intentional monitoring of the controllers – they are the brains! • You MUST have a Robust backup/redundancy plan for controllers • You MUST implement Good RBAC, security and accounting – lock-down the controllers and APIs! • The Uncle Ben Principle - “With Great Power Comes Great Responsibility”

Telephony in 1998

• IP Telephony struggled until we got ‘hybrid engineers’ to translate between the Circuit Switch ‘Tip & Ring’ and Packet Switch ‘Bits & Bytes’ camps • Likewise, now, we need the next generation of ‘hybrid engineers’ to translate between traditional network domain engineers and software/application developers

• Python • REST / Web Services • Regular Expression • Basic Programming constructs (conditionals, loops, functions/procedures)

SMART SERVICE CAPABILITIES

Services from Cisco Together with Cisco Certified Partners

Catalyst Environments Migration Nexus 9000 Deployment Tools

• Automate Nexus VSS 9000 deployment and configuration • Migrate any Cat6500 topology to any Nexus 9000 topology • Advanced Services best practices • Catalyst IOS to NX-OS config conversion

Overview Deliverables Outcomes

• N/A • Share best practices and • Technical advice and knowledge guidance for smooth integration of Nexus • Increase competency and speed to optimize ACI in 9000 your environment • Technical consultant 3- • Gain valuable expertise by day on-site having direct access to • High-level use Cisco consultants case/design discussion

Overview Deliverables Outcomes

• Define business and • Design document • Blueprint for ACI technical objectives, use • Configuration migration • Accelerate time-to-value case alignment, current and attainment and production future state • Operations guideline • Assess data center • Custom script development ecosystem (server, network, • Knowledge transfer storage, and virtualization) • Functional specs, design, test plan, acceptance criteria • Support customer team during validation • Knowledge transfer

Direct Access to Cisco Technical Experts

• Highly trained network and application software engineers worldwide

• Expertise and best practices across data center technologies

24x7 • Computer science/electrical engineering degrees

• Engineering staff averages 5 years' industry experience

• CCIE professionals

• 24x7 global access by phone, web, or email

https://developer.cisco.comhttp://

• Visit the World of Solutions for – Cisco Campus – DevNet Pavilion – Walk in Labs – Network Programmability – Technical Solution Clinics • Meet the Engineer • Lunch time Table Topics • DevNet zone related labs and sessions • Recommended Reading: for reading material and further resources for this session, please visit www.pearson-books.com/CLMilan2015

• Please complete your online session evaluations after each session. Complete 4 session evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt.

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

• Recommended Learning Path on SDN 60+ Breakouts, Tech Seminars, Labs, Panel Discussion, …

Content Catalog: http://cs.co/CLEU15-ACI

• DevNet @ CiscoLive Learning Labs, Demo Pods, Arena Sessions, Hackathon

• World of Solutions • Table Topics

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Tech Seminars Monday TECACI-2009 Application Centric Infrastructure (ACI) - The Policy Driven Data Center Monday TECSDN-3600 APIC Enterprise Module – SDN in the Enterprise Monday TEC-NMS-3601 Advanced Network Programming - Lab Technical Seminar Monday TECSPG-2300 Network Function Virtualization Seminar Monday TECRST-2611 Network Simulation: The VIRL Compendium Monday TECMPL-3200 SDN WAN Orchestration in MPLS and Segment Routing Networks Monday TECCRS-2003 Advanced WAN Design Topics

Panel Discussions Using Software-Defined Concepts and OpenDaylight-inspired Controllers to Tuesday PNLSDN-1000 Increase Business Agility and Competitive Differentiation Tuesday PNLDCT-2001 Overlays in the Data Center - A Customer Perspective

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Labs Tuesday LABACI-2223 APIC integration with OpenStack Tuesday LABSDN-2331 Cisco ACI hands on Lab Tuesday LABSPG-2443 Cisco EPN Labs Tuesday LABVIR-2446 Network Function Virtualization Tuesday LTRDCT-1224 Implementing VXLAN in Datacenter Wednesday LTRDCT-1224 Implementing VXLAN in Datacenter Wednesday LABSPG-2442 NCS: Network Control System Hands-on Lab (Tail-f) Thursday LABNMS-2001 Advanced Network Automation and Solutions using Cisco IOS EEM Friday LABNMS-2001 Advanced Network Automation and Solutions using Cisco IOS EEM Friday LABSDN-1335 Getting Started with OpenDaylight

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Breakout Sessions – 1/4 Tuesday BRKSDN-2120 Demystifying Security in the Software Defined Era Tuesday BRKSDN-1014 Introduction to Software-Defined Networking (SDN) and Network Programmability Tuesday BRKRST-2015 SDN - From Concepts To Reality Tuesday BRKRST-2121 Self Learning Networks Tuesday BRKDCT-2131 Mobility and Virtualization in the Data Center with LISP and OTV Tuesday BRKACI-2244 Application Virtual Switch for Application Centric Infrastructure Overview Wednesday BRKCRS-3447 Network Function Virtualization for Enterprise Networks Wednesday BRKNMS-3043 Performance Measurement for IP and SDN Traffic with Cisco IOS IP SLA Wednesday BRKACI-1025 Migration from Classic Design to ACI Wednesday BRKDCT-2367 OpenStack Deployment in the Enterprise Wednesday BRKSPG-2515 SDN-enabled Carrier Ethernet Architectures Wednesday BRKSDN-1200 Cisco Applications on OpenDaylight - An Introduction

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Breakout Sessions – 2/4 Wednesday BRKACI-2678 Building Application Centric Network Containers and Service Graphs with ACI and UCSD Wednesday BRKSPG-2516 SDN Protocols in Internet Wednesday BRKSDN-2118 Simulating networks using Cisco Modeling Labs Wednesday BRKGEN-2999 Introductory - Autonomic Networking Wednesday BRKSDN-1119 Device APIs — A Guide For the Perplexed Wednesday BRKACI-2345 ACI: What We Have Learnt from Early Deployments Wednesday BRKIOT-2442 Enabling the Internet of Everything: Cisco’s IoT Architecture Wednesday BRKOPT-2102 Software Innovations and Control Plane Evolution in the new SDN Transport Architectures Wednesday BRKSDN-3014 Packet Inspection and Manipulation for Fun and Profit Wednesday BRKSPM-2001 GiLAN and Service Chaining Wednesday BRKACI-2333 Application Centric Networking Troubleshooting 101 - Install & Implementation of ACI Wednesday BRKACI-1789 How to Perform Common Tasks in ACI

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Breakout Sessions – 3/4 Thursday BRKNMS-3114 13 Smart Ways to Program Your Cisco IOS Network Thursday BRKCRS-3011 APIC-EM (Application Policy Infrastructure Controller - Enterprise Module) SDN in Enterprise Thursday BRKACI-3456 Mastering OpenStack and ACI Thursday BRKDCT-1349 Application Traffic Visibility and Analysis with Cisco Nexus Data Broker Thursday BRKSPG-2722 SDN deployment in ASR9000 Thursday BRKACI-2249 Future Direction of SDN and NFV Thursday BRKDCT-2255 Infrastructure Designs for Intercloud Data Centers Thursday BRKACI-2001 Integration and Interoperation of existing Nexus networks into an ACI architecture Thursday BRKACI-2006 Integration of Hypervisors and L4-7 Services into an ACI Fabric Thursday BRKSPG-2456 The True Realisation of SDN and NFV in an SP environment Thursday BRKNMS-1036 IT Operations Management in the SDN Era – with Prime Infrastructure and APIC Controllers Thursday BRKSPG-2520 Evolved Programmable Network for Seamless Service Transport

Over 60 Sessions on ACI and SDN ( http://cs.co/CLEU15-ACI ) : Breakout Sessions – 4/4 Thursday BRKSDN-2777 Network Programming and DevOps Software Development Lifecycle Friday BRKSPG-2016 Architectures for new services over Cable Friday BRKSPG-2517 Hosted Security as a Service Solution Architecture Design Friday BRKACI-3344 Application Centric Networking Troubleshooting 201 – Day 2 Operations Friday BRKARC-3467 Cisco Enterprise Silicon - Delivering Innovation for Advanced Routing and Switching Friday BRKNMS-2445 Improve Application Delivery with Cisco AVC in the Data Center and Cloud Friday BRKSDN-2116 Run your apps and tools natively on Cisco boxes

Acronym Decoder Ring [Aka Glossary]

• SDN -- Software Defined Networking

• BGP-LS – Border Gateway Protocol – Link State

• onePK – one Platform Kit

• NFV – Network Functions Virtualization

• SS7 – Signaling System No. 7

• ATM LANE – Asynchronous Transfer Mode LAN Emulation

• GMPLS – Generalized Multi-Protocol Label Switching

• VPLS – Virtual Private LAN Service

• VPN – Virtual Private Network

• GRE – Generic Routing Encapsulation

• LISP – Locator/ID Separation Protocol

• SNMP – Simple Network Management Protocol

• NETCONF – Network Configuration Protocol [IETF Standard]

• EEM – Embedded Event Manager

• CP – Control Plane

• DP – Data Plane

• CLI – Command-Line Interface

• API – Application Programmatic Interface

• GUI – Graphical User Interface

• OF – OpenFlow

• NAT – Network Address Translation

• TLV – Type-Length-Value

• PCEP – Path Computation Element (PCE) Communication Protocol

• I2RS – Interface To Routing System

• OTV – Overlay Transport Virtualization

• VXLAN – Virtual Extensible LAN

• REST – Representational State Transfer

• IDE – Integrated Development Environment

• CA – Controlled Availability

• GA – General Availability

• EFT – Early Field Trial

• NVGRE – Network Virtualization using Generic Routing Encapsulation

• STT – Stateless Transport Tunneling

• ODL – OpenDaylight

• OSGi – Open Service Gateway Initiative

• NBI – North-Bound Interface

• SBI – South-Bound Interface

• iWAN – Intelligent Wide Area Network

What Is Software Defined Network (SDN)? What Is OpenFlow?

“…In the SDN architecture, the control and data “…open standard that enables researchers planes are decoupled, network intelligence and to run experimental protocols in campus networks. state are logically centralized, and the underlying Provides standard hook for researchers to run network infrastructure is abstracted from the experiments, without exposing internal working of applications…” vendor devices…”

Note: SDN is not mandatory for network programmability or automation Note: OpenFlow is not mandatory for SDN Source: www.opennetworking.org Source: www.opennetworking.org

What is OpenStack? What is Overlay Network?

Open source software for building public Overlay network is created on existing network and private Clouds; includes Compute (Nova), infrastructure (physical and/or virtual) using a network Networking (Quantum) and Storage (Swift) protocol. Examples of overlay network protocol are: services. MPLS, LISP, OTV and VXLAN Note: Applicable to SDN and non-SDN Source: www.openstack.org Note: Applicable to SDN and non-SDN

Platform Available Now IOS 15.4(2)T ISR-G2 (39xx, 29xx, 19xx, 8xx) IOS-XE 3.12S ASR1000 ISR4400 CSR1000V

IOS-XR 5.1.2 ASR9K

NX-OS

SDK C (GA) Java (GA) Python (GA) vIOS (GA)

Platform Available Now IOS Catalyst 6K (CA)

IOS-XE Catalyst 3850 Catalyst 4K (CA)

IOS-XR ASR9K (CA)

NX-OS Nexus 3000, 3100 Nexus 5K Nexus 6K Nexys 7K (CA)

/** * Copyright (c) 2010-2012, Cisco Systems, Inc. * * THIS SAMPLE CODE IS PROVIDED "AS IS" WITHOUT ANY EXPRESS OR IMPLIED WARRANTY BY CISCO SOLELY FOR THE PURPOSE of * PROVIDING PROGRAMMING EXAMPLES. CISCO SHALL NOT BE HELD LIABLE FOR ANY USE OF THE SAMPLE CODE IN ANY APPLICATION. * * Redistribution and use of the sample code, with or without modification, are permitted provided that the following * conditions are met: Redistributions of source code must retain the above disclaimer. * */ import java.net.InetAddress; import java.net.UnknownHostException; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.cisco.onep.core.exception.OnepConnectionException; import com.cisco.onep.core.exception.OnepDuplicateElementException; import com.cisco.onep.core.exception.OnepIllegalArgumentException; import com.cisco.onep.core.exception.OnepInvalidSettingsException; ...

try { /** ** Connect to the network element. **/ connect(); logger.info("Connect to element = " + elementAddress);

networkElement.createSyslogMessage(NetworkElement.OnepSyslogSeverity.ONEP_SYSLOG_NOTICE, "Hello World");

logger.info("Sending 'Hello World' message via Syslog event message\n");

} catch (Exception e) { logger.error(e.getLocalizedMessage(), e); }

networkElement.disconnect("Exit"); logger.info("\n**************** End ****************\n"); } }

NE100#sh logg Syslog logging: enabled (0 messages dropped, 12 messages rate-limited, 0 flushes, 0 overruns, xml disabled, Console logging: level debugging, 48 messages logged, xml disabled, filtering disabled Monitor logging: level debugging, 0 messages logged, xml disabled, filtering disabled Buffer logging: level debugging, 57 messages logged, xml disabled, filtering disabled Count and timestamp logging messages: disabled

Trap logging: level informational, 56 message lines logged Logging Source-Interface: VRF Name:

Log Buffer (4096 bytes): *Aug 23 12:43:58.821: %SYS-5-CONFIG_I: Configured from console by console *Aug 23 12:51:53.535: %ONEP-5-HELLOWORLD: Hello World NE100#

BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 97 Infrastructure SDN Reference Architecture for NFV Apps MATE Bandwidth TE Tunnel DC-WAN Design/Live Services Manager Orch

Java/REST/Thrift APIs

Visualization & Bandwidth Analytics WAVE Orchestration

Collector & Programming Modeling

Collector API Deployer API

Collector/ DEPL ODL API Collector Server CDL/ODL NETCONF/ BGP-LS PCEP CLI

agents agents YANG Quantum WAVE Orchestration PlatformOrchestration QuantumWAVE Network (Network Elements) BRKSDN-1014 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Public 98 What Is XNC?

• Cisco’s commercial SDN Controller offering • Note the plans on this controller are evolving • Cisco leadership has acknowledged we have too many controllers – stay tuned and expect to hear about a transformation of this controller with a Cisco distribution of OpenDaylight

Network Applications Cisco Sourced Customers 3rd Parties

Advanced GUI with Extended Features

Cisco XNC Web UI

Comprehensive OSGI Northbound APIs RESTful Production

Network Support Advanced Components Controller Applications Java Bundle H/A Authentication Monitor Manager Flow Manager Slice Manager Troubleshooting Topology Independent Forwarding (TIF)

Expansion of Basic Operation Infrastructure Services from L3 Interface Host Tracker ARP Handler OD Code Base Dijkstra SPF Physical and Logical Device Manager Forwarding Rules Manager Topology Manager Service Abstraction Layer (SAL) Advanced Analytics and OnePK OpenFlow Services via Southbound APIs Dynamic Protocol Cisco Intelligence Plugins

NETWORK DEVICES Cisco onePK or OpenFlow-enabled Devices or Other OpenFlow-enabled Devices

Network infrastructure Services to run on Virtualized compute platforms

Key Enabler: using cloud technology to support network functions Hypervisor and cloud computing technology x86 compute hardware Network automation / orchestration Apps & Open Benefits: SDN Innovation Reduction in CAPEX and OPEX Faster service provisioning Service agility

SDN is complementary, but not mandatory – APIs, NFV Controllers

Service provisioning dDOS SBC Firewall NAT from days to minutes VM VM VM VM

From Cabling to Service CGN DPI IPS Virus Scan VM VM VM VM Chaining DHCP DNS PCRF Portal Simple Logistics & VM VM VM VM Common Sparing WLC RaaS SDN Ctrl. BRAS VM VM VM VM

Dynamic & Elastic NMS Caching CDN WAAS Scale VM VM VM VM Seamless Integration with IP NGN

Better fit for NPU • e.g. IPv6/v4, MPLS, VPNs, Optical • High throughput / BW Network • Stateless functions Forwarding • Mostly predictable traffic Compute • Many flows needing isolation, significant traffic (L0-3) management needed Bandwidth • Interface-specific functions (2-stage forwarding)

• e.g. DPI, FW, CGN, BNG, Mobility S/PGW, AAA, Better fit for x86 DNS, DDOS (Virtualization) Network • Low to Med Throughput Services • Stateful functions • Unpredictable traffic Compute (L4+) • # of flows (traffic management) – varies • No interface-specific functions Bandwidth

Primary Secondary RR RR IPv4 Primary Secondary IPv6 Server Server IPv IPv VPNv4 4 IPv6 4 IPv6 VPNv4 VPNv4 VPLS IPv6 VPLS

Wide Area Network Wide Area Network

2 Server Chassis 8 RR chassis 1 RR per VM

Routing Security Mobility Video Others

Cloud Virtual Route Virtual Virtual EPC Virtual EPC Services Reflector Firewall (QvPC Virtual (QvPC SSI) Cloud DVR Router (CSR) (XRv) (ASAv) SCALE) WLC FCS Q2 CY14 Shipping Shipping FCS Q2 CY14 FCS Q4 CY14

Web/Email Virtual PE Virtual BNG Security Router Virtual GiLAN (X-Star) Appliance vCDN Virtual SCE (Sunstone) (Project Tenmile) Pre-CC (WSA/ESA) Pre-CC FCS 2H CY14

Orchestration HERO Mozart Quantum WAVE Cloud Services Orchestration WAN Orchestration FCS Q2 CY14 FCS Q2 CY14