software-2021-09-02-15-38-08-utc

Transport SDN

 

 

Transport SDN

Transport Software-Defined Networking (SDN) revolutionizes how networks are managed and operated. By decoupling the control and data planes, Transport SDN enables network operators to control and optimize their networks programmatically, leading to enhanced efficiency, agility, and scalability. In this blog post, we will explore the Transport SDN concept and its key benefits and applications.

Transport SDN is an architecture that brings the principles of SDN to the transport layer of the network. Traditionally, transport networks relied on static configurations, making them inflexible and difficult to adapt to changing traffic patterns and demands. Transport SDN introduces a centralized control plane that dynamically manages and configures the transport network elements, such as routers, switches, and optical devices.

 

Highlights: Transport SDN

  • Data and Control Planes

The traditional ways to build routing networks are where the SDN revolution is happening. Networks started with tight coupling between data and control planes. The control plane was distributed, meaning each node had a control element and performed its control plane activities. SDN changed this architecture, centralized the control plane with a controller, and used OpenFlow or another protocol to communicate with the data plane. However, all control functions are handled by a central controller, which has many scaling drawbacks.

  • Distribution and Centralized

Therefore, we seem to be moving to a scalable hybrid control plane architecture. The hybrid control plane is a mixture of distributed and centralized. Centralization offers global visibility, better network operations, and optimizations. However, a distributed control remains best for specific use cases, for example, IGP convergence. More importantly, a centralized element introduces additional value to the Wide Area Network (WAN) network, such as network traffic engineering (TE) placement optimization, aka Transport SDN.

 

For additional pre-information, you may find the following posts helpful:

  1. WAN Virtualization
  2. SDN Protocols
  3. SDN Data Center

 

  • A key point: Back to basics with the Transport SDN

Highlighting SDN

The two elements involved in forwarding packets through routers are a control function, which decides the route the traffic takes and the relative priority of traffic, and a data function, which delivers data based on control-function policy. Before the introduction of SDN, these functions were integrated into each network device. This inflexible approach requires all the network nodes to implement the same protocols. A central controller performs all complex functionality with SDN, including routing, naming, policy declaration, and security checks.

 

Critical Benefits of Transport SDN:

1. Improved Network Efficiency: Transport SDN allows for intelligent traffic engineering, enabling network operators to optimize network resources and minimize congestion. Transport SDN maximizes network efficiency and improves overall performance by dynamically adjusting routes and bandwidth allocation based on real-time traffic conditions.

2. Enhanced Network Agility: With Transport SDN, network operators can rapidly deploy new services and applications. Leveraging programmable interfaces and APIs can automate network provisioning, eliminating manual configurations and reducing deployment times from days to minutes. This level of agility enables organizations to respond quickly to changing business needs and market demands.

3. Increased Network Scalability: Transport SDN provides a scalable and flexible solution for network growth. Network operators can scale their networks independently by separating the control and data planes and adding or removing network elements. This scalability ensures that the network can keep pace with the ever-increasing demands for bandwidth without compromising performance or reliability.

Applications of Transport SDN:

1. Data Center Interconnect: Transport SDN enables seamless connectivity between data centers, allowing for efficient data replication, backup, and disaster recovery. Organizations can optimize resource utilization and ensure reliable and secure data transfer by dynamically provisioning and managing connections between data centers.

2. 5G Networks: Transport SDN plays a crucial role in deploying 5G networks. With the massive increase in traffic volume and diverse service requirements, Transport SDN enables network slicing, network automation, and dynamic resource allocation, ensuring efficient and high-performance delivery of 5G services.

3. Multi-Domain Networks: Transport SDN facilitates the management and orchestration of complex multi-domain networks. Providing a unified control plane enables seamless end-to-end service provisioning across different network domains, such as optical, IP, and microwave. This capability simplifies network operations and improves service delivery across diverse network environments.

 

Transport SDN: The SDN Design

SDN has two buckets, the Wide Area Network (WAN) and the Data Centre (DC). There is a difference between what SDN is trying to achieve in the WAN and what it is trying to achieve in the DC. Every point is connected within the DC, and you can assume unconstrained capacity.

A typical data center design is a leaf and spine architecture, where all nodes have equidistant endpoints. This is not the case in the WAN. The WAN has completely different requirements and must meet SLA with less bandwidth. The WAN and data center requirements are entirely different, resulting in two SDN models.

The SDN data center model builds logical network overlays over fully meshed, unconstrained physical infrastructure. The WAN does not follow this model. The SDN DC model aims to replace, while the SD-WAN model aims to augment. SD-WAN is built on SDN, and this SD WAN tutorial will bring you up to speed on the drivers for SD WAN overlay and the main environmental challenges forcing the need for WAN modernization.

We can evolve the IP/MPLS control plane to a hybrid one. We go from a fully distributed control plane architecture where we maintain as much of the distributed control plane as it makes sense (convergence). At the same time, produce a controller that can help you enhance the control plane functionality of the network and interact with applications. Global optimization of traffic engineering offers many benefits.

 

WAN is all about SLA

Service Providers offer Service Level Agreement (SLA) assurance ensuring sufficient capacity relative to the offered traffic load. Traffic Engineering (TE) and Intelligent load balancing aim to ensure sufficient capacity to deliver the promised SLA, routing customers’ traffic where the network capacity is. In addition, some WAN SPs use point-to-point LSP TE tunnels for individual customer SLAs. 

WAN networks are all about SLA, and there are several ways to satisfy them – Network Planning & Traffic Engineering. The better planning you do, the less TE you need. However, planning requires accurate traffic flow statistics to fully understand the network’s capabilities. Sometimes an accurate network traffic profile doesn’t exist, and many networks are vastly over-provisioned.

 

  • A key point: Netflow

Netflow is one of the most popular ways to measure your traffic mix. Routers collect “flow” information and export the data to a collector agent. There are different approaches to aggregate flows depending on the NetFlow version. Netflow version 5 is the most common, and version 9 offers MPLS-aware Netflow. BGP Policy Accounting and Destination Class Usage enables routers to collect aggregated destination statistics (limited to 16/64/126 buckets). BGP permits accounting for traffic mapping to a destination address.

For MPLS LSP, we have LDP and RSVP-TE. Unfortunately, LDP and RSVP-TE have inconsistencies in vendor implementations, and RSVP-TE requires a full mesh of TE tunnels. Is this good enough, or can SDN tools enhance and augment existing monitoring? Juniper NorthStar central controller offers friendly end-to-end analytics.

 

Transport SDN: Traffic Engineering

The real problem comes with TE. IP routing is destination-based, and path computation is based on an additive metric. Bandwidth availability is not taken into account. Some links may be congested, and others underutilized. By default, the routing protocol has no way of knowing this. The main traditional approaches to TE are MPLS TE and IGP Metric-based TE.

Varying the metric link moves the problem around. However, you can tweak metrics to enable ECMP, spreading traffic via a hash algorithm over-dispersed paths. ECMP suits local path diversity, but we still lack global visibility for optimum end-to-end TE. A centralized control improves the distribution-control insufficiency needed for optimal path computation for Multi-area/Multi-AS TE.transport SDN

 

BGP-LS & PCEP

OpenDaylight is an SDN infrastructure controller that enhances the control plane, offering a service abstraction layer. It carries out network abstraction of whatever service exists on the controller. Then on top of that, there are APIs enabling applications to interface with the network. Its supports BGP-LS and PCEP, two protocols commonly used in the transport SDN framework.

 

BGP-LS makes BGP an extraction protocol.

The challenge is that the contents of a Link State Database (LSDB) and an IGP’s Traffic Engineering Database (TED) describe only the links and nodes within that domain. When there is a requirement for end-to-end TE capabilities through a multi-domain and multi-protocol architecture, TE applications require visibility outside one area to make better decisions. New tools like BGP-LS and PCEP combined with a central controller enhance TE and provide multi-domain visibility.

We can improve the IGP topology by extending BGP to BGP Link-State. This wraps up the LSDB in BGP transport and pushes it to BGP speakers. It’s a valuable extension used to introduce link-state into BGP. Vendors introduced PCEP in 2005 to solve the TE problem.

Initially, it was stateless, but now available in a stateful mode. PCEP address path computation is multi-domain and multi-layer networks.

Its main driver was to decrease the complexity around MPLS and GMPLS traffic engineering. However, the constrained shortest path (CSPF) process was insufficient in complex typologies. In addition, Dijkstra-based link-state routing protocols suffer from what is known as bin-packing, where they don’t take into consideration network utilization as a whole.

 

Conclusion:

Transport SDN is transforming how networks are designed, operated, and managed. Its ability to improve network efficiency, enhance agility, and increase scalability makes it a key enabler for next-generation networks. As organizations continue to embrace digital transformation and the demands for high-performance, flexible networks grow, Transport SDN will play a pivotal role in shaping the future of network infrastructure.

 

data center security

BGP SDN – Centralized Forwarding

 

 

BGP SDN: How BGP Works?

The networking landscape has significantly shifted towards Software-Defined Networking (SDN) in recent years. With its ability to centralize network management and streamline operations, SDN has emerged as a game-changing technology. One of the critical components of SDN is Border Gateway Protocol (BGP), a routing protocol that plays a vital role in connecting different autonomous systems. In this blog post, we will explore the concept of BGP SDN and its implications for the future of networking.

Border Gateway Protocol (BGP) is a dynamic routing protocol that facilitates the exchange of routing information between different networks. It enables the establishment of connections and the exchange of network reachability information across autonomous systems. BGP is the glue that holds the internet together, ensuring that data packets are delivered efficiently across various networks.

 

Highlighting: BGP SDN

  • Traffic Engineering

Networks with multiple Border Gateway Protocol (BGP) Autonomous Systems (ASNs) under the same administrative control implement traffic engineering with policy configurations at border edges. Policies are applied on multiple routers distributedly, which can be hard to manage and scale. Any per-prefix traffic engineering changes may need to occur on multiple devices and levels.

A new BGP Software Defined Networking (SDN) solution introduced by P. Lapukhov & E. Nkposong proposes a centralized routing model. It introduces the concept of a BGP SDN controller, also known as an SDN BGP controller with a routing control platform. No protocol extensions or additional protocols are needed to implement the SDN architecture. BGP is employed to push down new routes and peers iBGP with all existing BGP routers.

  • BGP-only Network

A BGP-only network has many advantages, and this solution promotes a more stable Layer 3-only network, utilizing one control plane protocol – BGP. BGP captures topology discovery and links up/down events. BGP can push different information to different BGP speakers, while an IGP has to flood the same LSA throughout the IGP domain.

 



How BGP Works.

Key BGP SDN Discussion Points:


  • Introduction to BGP SDN and how it can be used.

  •  Discussion on traffic forwarding.

  • Discussion on traffic patterns and how they effect designs.

  • BGP SDN and centralized forwarding.

  • A final note on BGP and OpenFlow.

 

For additional pre-information, you may find the following helpful:

  1. OpenFlow Protocol
  2. What Does SDN Mean
  3. BGP Port 179
  4. WAN SDN

 

Back to basics with BGP SDN

BGP Peering Session Overview

A BGP neighbor relationship is called a peer relationship in BGP terminology, unlike OSPF and EIGRP, which implement their transport mechanism. In place of TCP, BGP utilizes BGP TCP port 179 as its transport protocol. A BGP peering session can only be established between two routers after a TCP session has been established between them. Selecting a BGP session consists of establishing a TCP session and exchanging BGP-specific information to establish a BGP peering session.

A TCP session operates on a client/server model. On a specific TCP port number, the server listens for connection attempts. Upon hearing the server’s port number, the client attempts to establish a TCP session. Next, the client sends a TCP synchronization (TCP SYN) message to the listening server to indicate that it is ready to send data.

Upon receiving the client’s request, the server responds with a TCP synchronization acknowledgment (TCP SYN-ACK) message. Finally, the client acknowledges receipt of the SYN-ACK packet by sending a simple TCP acknowledgment (TCP ACK). TCP segments can now be sent from the client to the server. As part of this process, TCP performs a three-way handshake.

BGP explained
Diagram: BGP explained. The source is IPcisco.

 

So how BGP works? BGP is a path-vector protocol that stores routes in the Routing Information Bases (RIBs). The RIB within a BGP speaker consists of three parts:

  1. The Adj-RIB-In,
  2. The Loc-RIB,
  3. The Adj-RIB-Out.

The Adj-RIB-In stores routing information learned from the inbound UPDATE messages advertised by peers to the local router. The routes in the Adj-RIB-In define routes that are available to the path decision process. The Loc-RIB contains routing information the local router selected after applying policy to the routing information in the Adj-RIB-In.

 

  • A Key Point: Lab Guide on BGP Route Reflection

The following lab guide will look at the famous BGP RR if you don’t want a full mesh of iBGP speakers.

Route reflectors (RR) are one method to eliminate the full mesh of IBGP peers in your network. The other method is BGP confederations. The route reflector allows all IBGP speakers within your autonomous network to learn about the available routes without introducing loops.

In the example below, we have 3 IBGP routers. With standard IBGP rules, when R2 receives a route from R1, it will not be forwarded to R3 (IBGP split horizon). We will configure R2 as the route reflector to get around this.

BGP Route Reflection
Diagram: BGP Route Reflection

 

Benefits of BGP Route Reflectors:

1. Scalability: Using BGP RRs, network administrators can significantly reduce the number of iBGP sessions required to maintain full connectivity within an AS. This results in a more scalable network architecture, as the complexity of managing and maintaining a full mesh of iBGP connections is eliminated.

2. Reduced Resource Consumption: With BGP RRs, the burden on individual routers to maintain iBGP sessions is alleviated. Instead, the RRs are responsible for reflecting BGP updates to the appropriate routers within the AS. This reduces the processing and memory requirements on the individual routers, freeing up valuable resources.

3. Simplified Configuration: Implementing BGP RRs simplifies the configuration process by centralizing the distribution of BGP updates. Rather than configuring iBGP sessions between every router within the AS, administrators only need to establish iBGP sessions with the RRs. This streamlined configuration process saves time and reduces the potential for misconfigurations.

 

The Emergence of BGP in SDN:

Software-Defined Networking (SDN) introduces a paradigm shift in how networks are managed and operated. Traditionally, network devices such as routers and switches were responsible for handling routing decisions. However, with the advent of SDN, the control plane is decoupled from the data plane, allowing for centralized management and control of the network.

BGP plays a crucial role in the SDN architecture by acting as a control protocol that enables communication between the controller and the network devices. It provides the intelligence and flexibility required for orchestrating network policies and routing decisions in an SDN environment.

Benefits of BGP SDN:

1. Simplified Network Management: BGP SDN simplifies network management by centralizing control and configuration. This allows network administrators to easily define and enforce policies across the entire network, reducing complexity and improving operational efficiency.

2. Scalability and Flexibility: BGP SDN offers enhanced scalability and flexibility compared to traditional networking approaches. With BGP, network administrators can dynamically adapt the routing policies based on network conditions, ensuring optimal traffic flow and load balancing.

3. Improved Network Security: BGP SDN provides enhanced security features by allowing fine-grained control over network access and traffic routing. It enables the implementation of robust security policies, such as traffic isolation and encryption, to protect against potential threats.

4. Increased Network Resilience: BGP SDN improves network resilience by enabling automated failover mechanisms. In a network failure, the centralized controller can efficiently reroute traffic, ensuring uninterrupted connectivity and minimizing downtime.

 

Layer-2 and Layer-3 Technologies

Traditional forwarding routing protocols and network designs comprise a mix of Layer 2 and 3 technologies. Topologies resemble trees with different aggregation levels, commonly known as access, aggregation, and core. IP routing is deployed at the top layers, while Layer 2 is in the lower tier to support VM mobility and other applications requiring Layer 2 VLANs to communicate.

Fully routed networks are more stable as they confine the Layer 2 broadcast domain to certain areas. Layer 2 is segmented and confined to a single switch, usually used to group ports. Routed designs run Layer 3 to the Top of the Rack (ToR), and VLANs should not span ToR switches. As data centers grow in size, the stability of IP has been preferred over layer 2 protocols.

 

  • A key point: Traffic patterns

Traditional traffic patterns leave the data center, known as north-to-south traffic flow. In this case, traditional tree-like designs are sufficient. Upgrades consist of scale-out mechanisms, such as adding more considerable links or additional line cards. However, today’s applications, such as Hadoop clusters, require much more server-to-server traffic, known as east-to-west traffic flow.

Scaling up traditional tree topologies to match these traffic demands is possible but not an optimum way to run your network. A better choice is to scale your data center horizontally with a CLOS topology ( leaf and spine ), not a tree topology.

Leaf and spine topologies permit equidistant endpoints and horizontal scaling, resulting in a perfect combination for optimum east-to-west traffic patterns. So what layer 3 protocol do you use for your routing design? An Interior Gateway Protocol (IGP), such as ISIS or OSPF? Or maybe BGP? BGP’s robustness makes it a popular Layer 3 protocol for reducing network complexity.

how bgp works

How BGP works with BGP SDN: Centralized forwarding

What is BGP protocol in networking? Regarding internal data structures, BGP is less complex than a link-state IGP. Instead of forming adjacency maintenance and controls, it runs all its operations over Transmission Control Protocol (TCP) and uses TCP’s robust transport mechanism.

BGP has considerably less flooding overhead than IGPs, with a single flooding domain propagation scope. BGP is great for reducing network complexity and is selected as this SDN solution’s singular control plane mechanism for these reasons.

Peter has written a draft called “Centralized Routing Control in BGP Networks Using Link-State Abstraction,” discussing the use case of BGP for centralized control of routing in the network.

The main benefit of the architecture is centralized control as opposed to distributed. There is no need to configure policies on multiple devices. All changes are done with an API into the controller.

BGP SDN
Diagram: BGP SDN. The inner workings.

 

A link-state map 

The network looks like a collection of BGP ASN, and the entire routing is done with BGP only. First, BGP builds a link-state map of the network in the controller memory.

Then, they use BGP to discover the topology and notice link-up and link-down events. Instead of installing a 5-tuple that can install flows based on the entire IP header, the BGP SDN solution offers destination-based forwarding only. For additional granularity, implement BGP flow spec, RFC 55745, entitled “Dissemination of Flow Specification Rules.” 

 

Routing Control Platform

The proposed method was inspired by the Routing Control Platform (RCP). The RCP platform uses a controller-based function and selects BGP routes on behalf of the routers in an AS using a complete view of the available routes and IGP topology. The RCP platform has similar properties to the BGP SDN solution.

Both run iBGP peers to all routers in the network and influence the default topology by changing the controller and pushing down new routes. However, a significant difference is that the RCP has additional IGP peerings. It’s not a BGP-only network. BGP SDN promotes a single control plane of BGP without any IGPs.

BGP is used to health detect, build a link-state map, and represent the network to a 3rd party application as multiple topologies. You can map prefixes to different topologies and change link costs from the API.

 

Multi-Topology view

The agent builds the link-state database and presents a multi-topology view of this data to the client applications. You may clone this topology and give certain links higher costs, mapping some prefixes to this new non-default topology. The controller pushes new routes down with BGP.

The peering is based on iBGP, so new routes are set with a better Local Preference, enabling them to be selected higher in the BGP path decision process. It is possible to do this with eBGP, but iBGP can be more accessible. With iBGP, you don’t need to care about the next hops.

 

BGP and OpenFlow

What is OpenFlow? BGP works like OpenFlow and pushes down the forwarding information. It populates routes in the forwarding table. Instead of using BGP in a distributed fashion, they centralize it. One main benefit of using BGP over OpenFlow is that you can shut the controller down, and regular BGP operation continues on the network.

But if you transition to an OpenFlow configuration, you cannot roll back as quickly as you could with BGP. Using BGP inband has great operational benefits. A great design by P. Lapukhov. No need to deploy BGP-LS or any other enhancements to BGP.

 

Future Outlook:

As the demand for more agile and efficient networks continues to grow, BGP SDN is expected to play a pivotal role in shaping the future of networking. Its ability to simplify network management, enhance scalability, and improve security makes it an ideal choice for organizations seeking to modernize their network infrastructure.

Conclusion:

BGP SDN represents a significant advancement in networking technology, allowing organizations to build agile, scalable, and secure networks. By centralizing control and leveraging the intelligence of BGP, SDN has the potential to revolutionize how networks are managed and operated. As the industry embraces SDN, BGP will continue to play a crucial role in enabling the next generation of network infrastructure.

 

Silver glittering star ornament on wooden background leaving copyspace on the left

Load Balancing

 

 

Load Balancing

In today’s digital age, where websites and applications are expected to be fast, efficient, and reliable, load balancing has emerged as a critical component of modern computing infrastructure. Load balancing significantly ensures that server resources are utilized optimally, maximizing performance and preventing system failures. This blog post will explore the concept of load balancing, its benefits, and its various techniques.

Load balancing evenly distributes incoming network traffic across multiple servers to avoid overburdening any single server. By dynamically allocating client requests, load balancers help ensure that no single server becomes overwhelmed, enhancing the overall performance and availability of the system. This distribution of traffic also helps maintain seamless user experiences during peak usage periods.

Highlights: Load Balancing

  • Lack of Visibility

Existing service provider challenges include a lack of network visibility into customer traffic. They are often unaware of the granular details of traffic profiles, leading them to over-provision bandwidth and link resilience. There are a vast amount of over-provisioned networks. Upgrades at a packet and optical layer occur without complete traffic visibility and justification. Many core networks are left at half capacity, just in a spike. Money is wasted on underutilization that could be spent on product and service innovation. You might need the analytical information for many reasons, not just bandwidth provisioning. 

  • Network Analytics 

Popular network analytic capability tool is sFlow and NetFlow. Nodes capture and send sFlow information to a sFlow collector where the operator can analyze with graphing and analytical tools of the sFlow collector. An additional tool that can be used is a centralized SDN controller, such as an SD-WAN Overlay that can analyze the results and make necessary changes to the network programmatically. A centralized global viewpoint enabling load balancing can aid in intelligent multi-domain Traffic Engineering (TE) decisions.

 

Before you proceed, you may find the following posts of interest:

  1. Transport SDN
  2. What Does SDN Mean
  3. Load Balancer Scaling
  4. Network Traffic Engineering
  5. Application Delivery Architecture

 



Load Balancing.

Key Load Balancing Discussion Points:


  • Introduction to Load Balancing and how it can be used.

  •  Discussion on traffic forwarding and traffic engineering.

  • Discussion on distributed routing protocols.

  • Highlighting Northstar SD-WAN controller. Use case.

  • A final note on network topologies.

 

Back to basics with load balancing

One use case for load balancers to solve is availability. At some stage in time, machine failure happens. This is 100%. Therefore, you should avoid single points of failure whenever feasible. This signifies that machines should have replicas. In the case of front-end web servers, there should be at least two. When you have replicas of servers, a machine loss is not a total failure of your application. Therefore, your customer should notice as little during a machine failure event as possible.

 

Benefits of Load Balancing:

Load balancing offers several critical benefits in modern computing:

1. Improved Scalability: By distributing client requests across multiple servers, load balancers enable systems to handle increased traffic without compromising performance. This scalability is essential for websites and applications that experience high user demand or rapid growth.

2. Enhanced Reliability: Load balancers provide fault tolerance by automatically rerouting traffic to healthy servers in case of failures or outages. This redundancy ensures that users can access the system even if individual servers go offline, minimizing service disruptions.

3. Optimal Resource Utilization: By evenly distributing traffic, load balancers ensure that server resources are utilized efficiently. This results in better overall system performance and cost-effectiveness, as organizations can make the most of their server infrastructure without unnecessary overprovisioning.

4. Geographic Load Balancing: With the increasing globalization of internet services, load balancers can distribute traffic based on geographic locations. This approach helps reduce latency and provides users with faster response times, irrespective of location.

Load Balancing Techniques:

Several load-balancing techniques are commonly used in modern computing environments. These include:

1. Round Robin: In this method, requests are distributed sequentially to each server in a cyclic manner. Although simple, round-robin can be less effective if servers have different capabilities or workload capacities.

2. Least Connection: This technique directs client requests to the server with the fewest active connections. By dynamically considering server capacity, this method ensures that incoming traffic is distributed more evenly.

3. Weighted Round Robin: Weighted round robin assigns varying weights to servers based on their capabilities. Servers with higher capacities receive more traffic, enabling organizations to optimize resource utilization.

4. IP Hash: Using the client’s IP address, this technique consistently routes requests to the same server. IP hash helps maintain session persistence, ensuring that a client’s data remains on the same server throughout their session.

 

Load Balancing and Traffic Engineering

We need network traffic engineering for load balancing that allows packets to be forwarded over non-shortest paths. Tools such as Resource Reservation Protocol (RSVP) and Fast Re-Route (FRR) enhance the behavior of TE. IGP-based TE uses a distributed routing protocol to discover the topology and run algorithms to discover the shortest path. MPLS/RSVP-TE enhances standard TE and allows more granular forwarding control and the ability to differentiate traffic types for CoS/QoS purposes.

 

Constrained Shortest Path First

The shortest path algorithm called Constrained Shortest Path First (CSPF) provides label switch paths (LSP) to take any available path in the network. The MPLS control plane is distributed and requires a distributed IGP and label allocation protocol. The question is whether a centralized controller can solve existing traffic engineering problems. It will undoubtedly make orchestrating a network more manageable.

The contents of a TED have IGP scope domain visibility. Specific applications for TE purposes require domain-wide visibility to make optimal TE decisions. The IETF has defined the Path Computation Element (PCE) used to compute end-to-end TE paths.

Link and TE attributes are shared with external components. Juniper has an SD-WAN product called NorthStar that adopts these technologies promising network-wide visibility and enhanced TE capabilities.

 

Load Balancing with NorthStar SD-WAN controller

NorthStar is a new SD-WAN product by Juniper aimed at Service Providers and large enterprises that follow the service provider model. It is geared for the extensive network that owns Layer 2 links. NorthStar is an SD-WAN Path Computation Engine (PCE), defined in RFC 5440, that learns network state by Path Computation Element Protocol (PCEP).

It provides centralized control for path computation and TE purposes, enabling you to run your network more optimally. In addition, NorthStar gives you a programmable network with global visibility. It allowed you to spot problems and deploy granular control over traffic.

load balancing

They provide a simulation environment where they learn about all the traffic flows on the network. This allows you to simulate what “might” happen in specific scenarios. With a centralized view of the network, they can optimize flows throughout it, enabling a perfectly engineered and optimized network.

The controller can find the extra and unused capacity, allowing the optimization of underutilized spots in the network. The analytics provided is helpful for forecasting and capacity planning. It has an offline capability providing offline versions of your network with all its traffic flows.

It takes inputs from:

  1. The network determines the topology and views link attributes.
  2. Human operators.
  3. Requests by Northbound REST API.

These inputs decide TE capabilities and where to place TE LSP in the network. In addition, it can modify LSP and create new ones, optimizing the network traffic engineering capabilities.

 

Understand network topology

Traditional networks commonly run IGP and build topology tables. It can get over complicated when you have a multi-area or multi-IGP running on the network. For network-wide visibility, NorthStar recommends BGP-LS. BGP-LS enables routers to export the contents of the TE database to BGP. It uses a new address family, allowing BGP to carry node and link attributes (metric, max amount of bandwidth, admin groups, and affinity bits) related to TE. BGP-LS can be used between different regions.

As its base is BGP, you can use scalable and high-availability features, such as route reflection, to design your BGP-LS network. While BGP is very scalable, its main advantage is reduced network complexity.

While NorthStar can peer with existing IGP (OSPF and ISIS), BGP-LS is preferred. Knowing the topology and attributes, the controller can set up LSP; for example, if you want a diverse LSP, it can perform a diverse LSP path computation. 

 

LSP & PCEP

There are three main types of LSPs in a NorthStar WAN-controlled network:

  1. A Vanilla-type LSP. It is a standard LSP, configured on the ingress router and signaled by RSVP.
  2. A delegated LSP is configured on the ingress router but then delegated to the controller. The controller is authorized to make changes to this LSP.
  3. The controller initiates the third LSP via a human GUI or Northbound API operation.
  • It uses a PCEP protocol, which triggers the ingress router to set up RSVP.

PCEP (Path Computation Elements Protocol) communicates between all nodes and the controller. It is used to set up and modify LSP and enable dynamic and inter-area, inter-domain traffic, and engineered path setup. It consists of two entities, PCE and PCC. Path Computation Client (PCC) and Path Computation Element (PCE) get established over TCP.

Once the session is established, PCE builds the topology database (TED) using underlying IGP or BGP-LS. BGP-LS has enhanced TLV capabilities that have been added for PCE to learn/build this database. RSVP is still used to signal the LSP.

Conclusion:

As the demand for fast and reliable web services grows, load balancing has become an essential component of modern computing infrastructure. By evenly distributing incoming network traffic across multiple servers, load balancers enhance scalability, reliability, and resource utilization. With various load-balancing techniques, organizations can choose the most suitable method to optimize their system’s performance and deliver an exceptional user experience. Embracing load balancing is vital for businesses seeking to stay competitive in today’s digital landscape.

 

What does SDN mean

BGP has a new friend – BGP-Based SDN

 

what does SDN mean

 

BGP SDN

In today’s digital age, where connectivity and data transfer are paramount, efficient and robust networking solutions have become increasingly crucial. One such solution that has gained significant attention is BGP SDN. This blog post will delve into BGP SDN, its key components, and how it revolutionizes network flexibility and scalability.

BGP SDN, or Border Gateway Protocol Software-Defined Networking, combines two powerful technologies: the Border Gateway Protocol (BGP) and Software-Defined Networking (SDN). BGP, a routing protocol, facilitates inter-domain routing, while SDN provides centralized control and programmability of the network. Together, they offer a dynamic and adaptable networking environment.

 

Highlights: BGP SDN

  • The Role of SDN

Before we start our journey on BGP SDN, let us first address what does SDN mean? The Software-Defined Networking (SDN) framework has a large and varied context. Multiple components may or may not be used, OpenFlow Protocol being one of them. Some evolving SDN use cases leverage the capabilities of the OpenFlow protocol, while others do not require it.

OpenFlow is only one of those protocols within the SDN architecture. This post addresses using the Border Gateway Protocol (BGP) as the transfer protocol between the SDN controller and forwarding devices, enabling BGP-based SDN, also known as BGP SDN.

  • BGP and OpenFlow

BGP and OpenFlow are monolithic, meaning they are not used simultaneously. Integrating BGP to SDN offers several use cases, such as DDoS mitigationexception routing, forwarding optimizationsgraceful shutdown, and integration with legacy networks. Some of these use cases are available using OpenFlow Traffic Engineering; others, like graceful shutdown and integration with the legacy network, are easier to accomplish with BGP SDN. 

 



What Does SDN Mean?

Key BGP SDN Discussion Points:


  • Introduction to BGP SDN and what is involved.

  • Highlighting the the different components involved in a SDN BGP network.

  • Discussing creating an SDN architecture.

  • Technical details on the use of BGP and IGP.

  • The role of BGP-LS.

 

Before you proceed, you may find the following post helpful:

  1. BGP Explained
  2. Transport SDN
  3. What is OpenFlow
  4. Software Defined Perimeter Solutions
  5. WAN SDN
  6. OpenFlow And SDN Adoption
  7. HP SDN Controller

 

Back to basics with BGP SDN

What is BGP?

What is BGP protocol in networking? Border Gateway Protocol (BGP) is the routing protocol under the Exterior Gateway Protocol (EGP) category. In addition, we have separate protocols, which are Interior Gateway Protocols (IGPs). However, IGP can come with some disadvantages.

Firstly, policies are challenging to implement with an IGP because of the need for more flexibility. Usually, a tag is the only tool available that can be problematic to manage and execute on a large-scale basis. In the age of increasingly complex networks in both architecture and services, BGP presents a comprehensive suite of knobs to deal with complex policies, such as the following:

• Communities

• AS_PATH filters

• Local preference

• Multiple exit discriminator (MED

 

Critical Components of BGP SDN:

a. BGP Routing: BGP SDN leverages the BGP protocol to manage the routing decisions between different networks. This enables efficient and optimized routing, enabling seamless communication across various domains.

b. SDN Controller: The SDN controller acts as the centralized brain of the network, providing a single point of control and management. It enables network administrators to define and enforce network policies, configure routing paths, and allocate network resources dynamically.

c. OpenFlow Protocol: BGP SDN uses the OpenFlow protocol to communicate between the SDN controller and the network switches. OpenFlow enables the controller to programmatically control the forwarding behavior of switches programmatically, resulting in greater flexibility and agility.

Benefits of BGP SDN:

a. Enhanced Flexibility: BGP SDN allows network administrators to tailor their network infrastructure to meet specific requirements. With centralized control, network policies can be easily modified or updated, enabling rapid adaptation to changing business needs.

b. Improved Scalability: Traditional network architectures often struggle to handle the growing demands of modern applications. BGP SDN provides a scalable solution by enabling dynamic allocation of network resources, optimizing traffic flow, and ensuring efficient bandwidth utilization.

c. Simplified Network Management: The centralized management offered by BGP SDN simplifies network operations. Network administrators can configure, monitor, and manage the entire network from a single interface, reducing complexity and improving overall efficiency.

Use Cases for BGP SDN:

a. Data Centers: BGP SDN is well-suited for data center environments, where rapid provisioning, scalability, and efficient workload distribution are critical. By leveraging BGP SDN, data centers can seamlessly integrate physical and virtual networks, enabling efficient resource allocation and workload migration.

b. Service Providers: BGP SDN offers service providers the ability to provide flexible and customizable network services to their customers. It enables the creation of virtual private networks, traffic engineering, and service chaining, resulting in improved service delivery and customer satisfaction.

 

Highlighting BGP-based SDN 

BGP-based SDN involves two main solution components that may be integrated into several existing BGP technologies. Firstly, we have an SDN controller component speaking BGP, deciding what needs to be done. Secondly, we have a BGP originator componentsending BGP updates to the SDN controller and other BGP peers. For example, the controller could be a BGP software package running on Open Daylight. BGP originators are Linux daemons or traditional proprietary vendor devices running the BGP stack.

What does SDN mean
Diagram: What does SDN mean with BGP SDN?

 

Creating an SDN architecture

To create the SDN architecture, these components are integrated with existing BGP technologies, such as BGP FlowSpec (RFC 5575), L3VPN (RFC4364), EVPN (RFC 7432), and BGP-LS. BGP FlowSpec distributes forwarding entries, such as ACL and PBR, to the TCAM of devices. L3VPN and EVPN offer the mechanism to integrate with legacy networks and service insertion. BGP-LS extracts IGP network topology information and passes it to the SDN controller via BGP updates.

 

Central policy, visibility, and control

Introducing BGP into the SDN framework does not mean a centralized control plane. We still have a central policy, visibility, and control, but this is not a centralized control plane. A centralized control plane would involve local control plane protocols establishing adjacencies or other ties to the controller. In this case, the forwarding devices outright require the controller to forward packets; forwarding functionality is limited when the controller is down.

If the BGP SDN controller acts as a BGP route reflector, all announcements go to the controller, but the network runs fine without it. The controller is just adding value to the usual forwarding process. BGP-based SDN architecture augments the network; it does not replace it. Decentralizing the control plane is the only way; look at Big Switch and NEC’s SDN design changes over the last few years. Centralized control planes cannot scale.

 

Why use BGP?

BGP is well-understood and field-tested. It has been extended on many occasions to carry additional types of information, such as MAC addresses and labels. Technically, BGP can be used as a replacement for Label Distribution Protocol (LDP) in an MPLS core. Labels can be assigned to IPv6 prefixes (6PE) and labeled switched across an IPv4-only MPLS core.

BGP is very extensible. It started with IPv4 forwarding, then address families were added for multicast and VPN traffic. Using multiple addresses inside a single BGP process was widely accepted and implemented as a core technology. The entire Internet is made up of BGP, and it carries over 500,000 prefixes. It’s very scalable and robust. Some MPLS service providers are carrying over 1 million customer routes.

 

The use of open-source BGP daemons

There are many high-quality open-source BGP daemons available. Quagga is one of the most popular, and its quality has improved since it adopted Cumulus and Google. Quagga is a routing suite and has IGP support for IS-IS and OSPF. Also, a BIRD daemon is available. The implementation is based around Internet exchange points as the route server element. BIRD is currently carrying over 100,000 prefixes.

Using BGP-based SDN on an SDN controller integrates easily with your existing network. You don’t have to replace any existing equipment, deploy the controller and implement the add-on functionality BGP SDN offers. It enables a preferred step-by-step migration approach, not a risky big bang OpenFlow deployment.

 

IGP to the controller?

Why not run OSPF or ISIS to the controller? IS-IS is extendable with TLVs and, too, can carry a variety of information. The real problem is not extensibility but the lack of trust and policy control. IGP extension to the SDN controller with few controls could present a problem. OSPF sends LSA packets; there is no input filter. BGP is designed with policy control in mind and acts as a filter by implementing controls on individual BGP sessions.

BGP offers control on the network side and predicts what the controller can do. For example, the blast radius is restricted if the controller hits a bug or gets compromised. BGP gives greater policy mechanisms between the SDN controller and physical infrastructure.

 

Introducing BGP-LS

SDN requires complete topology visibility. If some topology information is hidden in IGP and other NLRI in BGP, it does not have a complete picture. If you have an existing IGP, how do you propagate this information to the BGP controller? Border Gateway Protocol Link-State (BGP-LS) is cleaner than establishing an IGP peering relationship with the SDN controller. 

BGP-LS extracts network topology information and updates it to the BGP controller. Once again, BGPv4 is extended to provide the capability to include the new Network Layer Reachability Information (NLRI) encoding format. It sends information from IS-IS or OSPF topology database through BGP updates to the SDN controller. BGP-LS can configure the session to be unidirectional and stop incoming updates to enhance security between the physical and SDN world.

 

  • A key point: SDN controller cannot leak information back

As a result, the SDN controller cannot leak information back into the running network. BGP-LS is a relatively new concept. It focuses on the mechanism to export IGP information and does not describe how the SDN controller can use it. Once the controller has the complete topology information, it may be integrated with traffic engineers and external path computing solutions to interact with information usually only carried by an IGP database.

For example, the Traffic Engineering Database (TED), built by ISIS and OSPF-TE extensions, is typically distributed by IGPs within the network. Previously, each node maintained its own TED, but now this can be exported to a BGP RR SDN application for better visibility.

 

BGP scale-out architectures

SDN controller will always become the scalability bottleneck. It can scale better when it’s not participating in data plane activity, but eventually, it will reach its limits. Every controller implementation eventually hits this point. The only way to grow is to scale out. 

Reachability and policy information is synchronized between individual controllers. For example, reachability information can be transferred and synchronized with MP-BGP, L3VPN for IP routing, or EVPN for layer-2 forwarding.

BGP SDN

Utilizing BGP between controllers offers additional benefits. Each controller can be placed in a separate availability zone, and tight BGP policy controls are implemented on BGP sessions connecting those domains, offering a clean failure domain separation.

An error in one available zone is not propagated to the next available zone. BGP is a very scalable protocol, and the failure domains can be as large as you want, but the more significant the domain, the longer the convergence times. Adjust the size of failure domains to meet scalability and convergence requirements. 

Conclusion:

BGP SDN combines the power of BGP routing and SDN to create a networking paradigm that enhances flexibility, scalability, and manageability. By leveraging BGP SDN, organizations can build dynamic networks that adapt to their changing needs and optimize resource utilization. As the demand for faster, more reliable, and flexible networks continues to grow, BGP SDN is poised to play a critical role in shaping the future of network infrastructure.