SDN Fundamentals for NFV, OpenStack, and Containers

At this year’s Red Hat Summit 2016, held June 27-30 in San Francisco, attendees were privy to a detailed presentation about open-source networking technologies—how they work, how they’re integral to each other, how they perform, and how they create the foundation for software-defined network (SDN) implementations designed for deploying containers, OpenStack, and network functions virtualization (NFV). Presenters Nir Yechiel, senior technical product manager – OpenStack, and Rashid Khan, senior development manager – Platform Networking, both with Red Hat, covered everything from overviews of the various open-source technologies to Red Hat’s approach to SDN and NFV and more.

Yechiel and Khan started off with the basics and features of OpenStack, Neutron, SDN and NFV. OpenStack, as many of you know, is a fully open-source cloud operating system that provides building blocks to create an Infrastructure as a Service (IaaS) cloud. Governed by the vendor-agnostic OpenStack Foundation, it is comprised of several open source sub-projects. In April, Red Hat updated its Red Hat OpenStack Platform to support OpenStack Liberty, the 12th release of the open source software for building public, private, and hybrid clouds.

The graphic below overviews Red Hat OpenStack Platform 8.

graphic 1

Neutron is an integrated OpenStack project that exposes an application programming interface (API) for defining network configuration. It offers multi-tenancy with self-service, uses the concept of plugins and features L2 connectivity, IP address management (IPAM), L3 routing, an external gateway, network address translation (NAT), and floating IPs, as well as load balancing, VPN and firewall capabilities. Currently, Red Hat’s Neutron focus is on a modular layer 2 (ML2) plugin with an Open vSwitch Mechanism Driver and overlay networks with VXLAN. Plans are to support the OpenDaylight Mechanism Driver.

SDN may mean different things to different people, but here’s our definition. Based on open standard protocols, SDN is an approach to computer networking that enables the separation of the control plane and the forwarding plane that delivers application awareness, programmability and agility. NFV (see the graphic below) decouples network functions from dedicated and proprietary platforms, which in turn can improve efficiencies, reduce costs, and accelerate time-to-market for new services.

graphic 2

OpenStack is the de-facto choice for a virtualized infrastructure manager (VIM) on early NFV deployments, and its pluggable architecture is key for NFV. OPNFV, an open source-project focused on accelerating NFV, has the support of many network equipment providers and telcos. There are other relevant projects and communities  for NFV, including libvirt, Data Plane Development Kit (DPDK), Open vSwitch, QEMU (short for Quick Emulator)/Kernel-based virtual machine (KVM), and Linux.

Red Hat’s NFV focus is on the infrastructure—NFVI, VIMs, and the enablement of Virtual Network Functions (VNFs). We are also partnering with ISVs for NFV management and organization (MANO) and hardware providers. We don’t make an OpenStack version for NFV, but rather make NFV features available in the Red Hat OpenStack Platform and across the entire stack. With an NFV/SDN stack, it is all about developing the right capabilities on the platform/operating system level and leveraging and exposing the capabilities across the entire stack. What’s more, Red Hat delivers state-of-the-art open source technology with full support, as well as integration and performance tuning.

Here are Red Hat’s key Red Hat Enterprise Linux networking features and how they apply to Neutron:

Single Root I/O Virtualization (SR-IOV)

Allows a device, such as a network adapter, to separate access to its resources among various PCIe hardware functions: physical function (PF) and one or more virtual functions (VFs)

Enables network traffic to bypass the software layer of the hypervisor and flow directly between the VF and the virtual machine

Near line-rate performance without the need to dedicate a separate NIC to each individual virtual machine

Supported with RHEL 7, available starting with Red Hat OpenStack Platform 6

In OpenStack, SR-IOV is implemented with a generic ML2 driver (sriovnicswitch) and there is an optional agent for advanced capabilities (requires NIC support). Supported network adapters are inherited from Red Hat Enterprise Linux.

Open vSwitch (OVS)

This is a multi-layer software switch designed to forward traffic between virtual machines and physical or logical networks. It supports traffic isolation using overlay technologies (GRE, VXLAN) and 802.1Q VLANs. Highlights include a multi-threaded user space switching daemon for increased scalability, support for wildcard flows in kernel datapath, kernel-based hardware offload for GRE and VXLAN, and OpenFlow and OVSDB management protocols. A kernel module ships with Red Hat Enterprise Linux, but the vSwitch is supported on Red Hat OpenStack Platform and OpenShift by Red Hat. It is integrated with OpenStack via a Neutron ML2 driver and associated agent. The graphic below details how the switch is being used by OpenStack Neutron.

graphic 3

Overlay Networking Technologies

These include virtual Extensible LAN (VXLAN) as a common encapsulation protocol for running an overlay network using existing IP infrastructure. Red Hat Enterprise Linux supports TCP/IP VXLAN offload and VXLAN GRO.

Network Namespaces

Lightweight container-based virtualization allows virtual network stacks to be associated with a process group that are managed through the iproute2 (ip netns) interface

DPDK

The DPDK consists of a set of libraries and user-space drivers for fast packet processing. It enables applications to perform their own packet processing directly from/to the NIC, delivering up to wire speed performance for certain cases. DPDK can be used with Red Hat OpenStack in two main use-cases:

  • DPDK accelerated VNFs (guest VM); and
  • Accelerated Open vSwitch (Compute nodes). A new package (openvswitch-dpdk) is available with Red Hat OpenStack, in which DPDK is bundled with OVS for better performance (see the graphic below).

graphic 4

And here’s a comparison of the different features:

graphic 5

If you’d like more information, you can read about our Red Hat Solution for Network Functions Virtualization (NFV) and learn about the cohesiveness between OpenStack and Red Hat Enterprise Linux in this blog post, Co-Engineered Together: OpenStack Platform and Red Hat Enterprise Linux.

Here are some more materials to check out:

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s