Real Life OpenFlow Use Cases

Overall rating: 4.56 Instructor: 4.77 Materials: 4.69 more …

This free webinar describes typical OpenFlow-based SDN use cases, from programmable network taps and service insertion to policy enforcement and virtual networking.

Implementation examples of individual use cases will be based on ProgrammableFlow, the first production-grade commercial implementation of OpenFlow controller and data center switches.

If you are a network architect, designer or sales/support engineer working in data center or service provider environment, considering deployment of new equipment, or a vendor change, you simply have to attend this webinar.

Webinar Content

Network Monitoring

OpenFlow switches provide detailed accounting data (similar to SNMP interface counters) with every flow. OpenFlow controller can collect that data and give network operators the traffic statistics at the exact granularity they need – be it aggregate IP statistics, per-MAC address (or VM) statistics, or even per-application statistics.

Programmable Network Taps

Using OpenFlow to implement programmable network taps – either more intelligent traffic mirroring than the traditional SPAN/RSPAN functionality or filtering the traffic before it’s sent to the monitoring/troubleshooting tools – has become the Hello World SDN application.

This section will describe how you can implement a tap aggregation network and use OpenFlow to dynamically adjust the functionality. The examples will use ProgrammableFlow switches and ProgrammableFlow API.

Service Insertion

OpenFlow functionality is trialed by large service providers to insert user-specific services (authentication, firewalling, caching ...) into the packet forwarding path.

In this section you’ll learn how to implement the traffic redirection using ProgrammableFlow CLI or API, and how you can overcome the traditional VLAN-per-customer limits with extended VLAN mode (ProgrammableFlow supports up to 10.000 virtual bridges) and MAC mapping mode (where ProgrammableFlow assigns clients to virtual networks based on clients’ MAC address).

Scale-Out Load Balancing

Stateful network services implemented with OpenFlow remain an elusive goal – it’s still impossible to implement a flow-based hardware switching fabric programmed with individual user session flows in real time.

On the other hand, you can use OpenFlow for coarse-grained traffic distribution to a scale-out farm of stateful network services nodes; an architecture that allows you to bypass the limitations of traditional stateful hardware appliances like load balancers and firewalls.

DoS Mitigation Tools

DoS mitigation solutions can use traffic statistics provided by OpenFlow switches (and available through ProgrammableFlow API) to detect traffic anomalies, engage the traffic redirection capabilities of an OpenFlow controller (ProgrammableFlow will be used in the examples) to divert suspicious traffic to a DoS detection appliance, and finally install DoS-specific flow entries into ingress switches to block the offending traffic.

Policy Enforcement

You can use the comprehensive traffic filtering functionality offered by some virtual networking SDN solutions to implement a network edge policy enforcement solution.

This section will also describe how you can use the new Multi-Domain functionality of the ProgrammableFlow controller to enforce a consistent edge policy across multiple OpenFlow domains or even across multiple locations.

OpenStack Virtual Networking

OpenStack cloud management platform implements network virtualization with third-party plugins. OpenFlow controllers like ProgrammableFlow are a perfect fit, as they can implement all the network abstractions expected by OpenStack (virtual interfaces, bridges and routers) in both physical and virtual switches, giving the network operations team a single configuration and management platform.

About the Author