The OCSA exam tests your understanding of components in an SDN framework, your ability to articulate the fundamental workings of networking and the OpenFlow protocol, as well as your knowledge of vendors, solutions and projects available in the SDN landscape.
This is the last part in a series of posts that review the blueprint for the OCSA exam and provide descriptions and resources to help you achieve the certification. The posts are broken down by the sections detailed in the OCSA blueprint.
Domain 5: Open Source SDN
From the Blueprint:
Identify key open source projects in the SDN Ecosystem.
- OpenFlow® Agents
- CPqD/ONF Driver (aka “libFluid”)
- OpenFlow® Controllers
- Utilities and Tools
- Of DPA
- Open Source SDN Distributions (OSSDN Atrium, etc.)
- Open vSwitch
- Orchestration Systems
- Open Source Initiatives (OPNFV, OCP, ODCA, Open Config)
Developed by Big Switch, Indigo is an open source project aimed at enabling support for OpenFlow on physical and hypervisor switches.
LINC is a pure OpenFlow software switch written in Erlang. It’s implemented in operating system’s userspace as an Erlang node. Such approach is not the most efficient one, but it gives a lot of flexibility and allows quick development and testing of new OpenFlow features.
Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable massive network automation through programmatic extension, while still supporting standard management interfaces and protocols (e.g. NetFlow, sFlow, IPFIX, RSPAN, CLI, LACP, 802.1ag). In addition, it is designed to support distribution across multiple physical servers similar to VMware’s vNetwork distributed vSwitch or Cisco’s Nexus 1000V.
OVS is a Linux Foundation Collaborative Project.
CPqD / ONF Driver (aka “libFluid”)
This is an OpenFlow 1.3 compatible user-space software switch implementation. The code is based on the Ericsson TrafficLab 1.1 softswitch implementation, with changes in the forwarding plane to support OpenFlow 1.3.
Despite the fact the switch is still popular for adventurers trying to implement own changes to OpenFlow, support now is on a best-effort basis. Currently, there are lots of complaints about performance degradation, broken features, and installation problems. Although not confirmed, most of the problems seem to be due to most recent Linux versions.
There are tons of controllers out there, but for the sake of the exam, you should really just know these.
NOX was the first OpenFlow controller. It was written in C++ and Python.
POX as a general SDN controller that supports OpenFlow. It has a high-level SDN API including a queriable topology graph and support for virtualization. Written in Python.
No company is using POX or NOX in production. These were both developed at Stanford during the initial R&D days of SDN.
The Open Network Operating System (ONOS) is an SDN Operating System for service providers that have scalability, high availability, high performance and abstractions to make it easy to create apps and services.
Download it and give it a run in your lab.
OpenDaylight (ODL) is an open source framework out of the Linux Foundation for migrating to an SDN network architecture. It has been deployed in data centers, enterprises, and carrier networks, supporting a broad range of use cases.
Download it here.
The Floodlight controller is an Open, Java-based OpenFlow Controller. It was forked from the Beacon controller, originally developed by David Erickson at Stanford.
Download it here.
Ryu is a component-based SDN framework based on Python. Ryu provides software components with well-defined API that make it easy for developers to create new network management and control applications. Ryu is the OpenFlow controller the NSA uses. Now that’s kind of cool.
Ryu means “flow” in Japanese. Ryu is pronounced “ree-yooh”.
Utilities and Tools
Mininet creates a realistic virtual network, running real kernel, switch and application code, on a single machine (VM, cloud or native), in seconds, with a single command:
Get it now if you haven’t already. You need this for your OpenFlow studies. Plainly put, it’s a brilliant piece of software.
OF-DPA means OpenFlow Data Plane Abstraction. But wait, aren’t we already abstracting the data plane? No, allow me to explain. From Broadcom’s site:
Broadcom’s OpenFlow Data Plane Abstraction (OF-DPA) is an application software component that implements an adaptation layer between OpenFlow and the Broadcom Silicon SDK. OF-DPA enables scalable implementation of OpenFlow 1.3 on Broadcom switch devices.
Broadcom is a silicon chip manufacturer. They don’t sell their own switches, rather, they develop and sell the silicon used in many of the large network equipment manufacturers. Some customers include Cisco, Arista, Juniper, HP, and Dell, just to name a few.
The challenge developers can run into when implementing OpenFlow, is the interaction at the data plane layer on the various switch platforms. Broadcom noticed this years ago and released OF-DPA to help overcome this obstacle. OF-DPA provides a fully documented and easily programmable API interface that sits between the OpenFlow Agent process and the hardware. This means applications can use a common API language to communicate directly with the hardware through the OF-DPA abstraction layer.
OFTest is a framework for testing the compliance to the OpenFlow specification. Operated by Project Floodlight, OFTest connects to both the control and data planes to monitor commands sent between them. It’s an interesting concept, but I’m not sure how relevant this is since it only supports older versions of OpenFlow.
If you’re reading this, you know what Wireshark is. 🙂
Avior is a Java-based OpenFlow network management application that connects to an OpenFlow controller for general management of the SDN environment.
## Open Source SDN Distributions (OSSDN Atrium, etc.)
The Atrium 2015/A release states:
Atrium is designed to help the networking industry as a whole more easily adopt open SDN by integrating established open source SDN software with some critical connecting pieces. The first release, Atrium 2015/A, incorporates the Border Gateway Protocol (BGP), the Open Network Operating System (ONOS), and Open Compute Project (OCP) components. The software elements run in either controllers or switches, communicating via the OpenFlow® protocol, and include plugin opportunities for other switching solutions to help foster an open ecosystem of interoperable, hardware-based OpenFlow® switches.
The Atrium 2016/A release has taken further steps toward the vision of neutral SDN:
The focus of the second release of Atrium is the incorporation of OpenDaylight into the Atrium router. The router in this release is built on the OpenDaylight framework and controls OpenFlow® hardware switches using Quagga’s open-source implementation of the Border Gateway Protocol (BGP), a control plane protocol for Internet routing. The most important features of Atrium’s first release, namely flow objectives and device drivers, are implemented in the OpenDaylight Device Identification and Driver Module (DIDM) that allows the router to work across multiple different OpenFlow v1.3 hardware pipelines. The Atrium 2016/A release also brings in several enhancements for the ONOS-based router from the 2015/A release.
To learn more go here.
SDN orchestration is the next layer above SDN controllers. Consider an example where a new application needs to come online. Typically you’d have to worry about building the servers, installing the applications, placing the nodes on the network, configuring the VLANs, adding firewall rules or load-balancing policies, and so on. An orchestration system will take all of these ingredients required for a recipe and cook it up for you. In respect to SDN, there are countless vendors to mentions that have orchestration applications handling wide varieties of operations to software-defined networks via the northbound APIs on SDN controllers.
(More) Open Source Initiatives (OPNFV, OCP, ODCA, Open Config)
OCP is the Open Compute Project, entirely focused on open hardware.
OCDA is the Open Data Center Alliance is a consortium of leading global IT organizations dedicated to accelerating adoption of interoperable solutions and services for cloud computing.
OpenConfig is another working group of network operators focused on SDN principles for programmable networks, such as declarative configuration and model-driven management.
My goal for this series was to provide you with a good understanding and list of resources for studying the basic concepts and theory of SDN concerning the requirements set by ONF for the OCSA Certification. Now it’s up to you to venture out, read the various links and documents mentioned throughout this series, and start building some labs. Have fun!