OF-Config协议版本1.2学习总结.pptx

OF-CONFIG Overview2015-12-02Agenda•OF-CONFIG Introduction •OF-CONFIG Data Model •Transport ProtocolAgenda• OF-CONFIG Introduction •OF-CONFIG Data Model •Transport ProtocolIntroduction•OpenFlow Management and Configuration Protocol •Current Version: 1.2 (2014) •Considered a complementary protocolBrief Scope•The assignment of one or more OpenFlow controllers to OpenFlow data planes •The configuration of queues and ports •The ability to remotely change some aspects of ports (e.g. up/down) •Configuration of certificates for secure communication between the OpenFlow Logical Switches and OpenFlow Controllers •Discovery of capabilities of an OpenFlow Logical Switch •Configuration of a set of specific tunnel types such as IP-in-GRE, NV-GRE, VxLANOpenFlow ArchitectureTerms•OpenFlow Capable Switch •OpenFlow Configuration Point •OpenFlow Logical Switch •OpenFlow Resource – OpenFlow Queue – OpenFlow Port •OpenFlow Controller •NDM – Negotiable Datapath Model – An abstract switch model that describes specific switch forwarding behaviorsOpenFlow & OF-CONFIGOpenflowOF-ConfigPrimary purposeModification of match-action rules effecting flows of network packets across an OpenFlow datapathRemote configuration of possibly multiple OpenFlow datapaths on a physical or virtual platformTransportA bit-level protocol specified in the OpenFlow standard currently supported over TCP, TLS, or SSLAn XML data model and operational behavior specified in the OF-Config standard bound to the NETCONF operations and transport standard for network device configuration and managementProtocol endpoints1) An OpenFlow datapath, also referred to as OpenFlow Logical Switch (OFLS) 2) An OpenFlow Controller (OFC)1) An OpenFlow Capable Switch (OFCS) able to instantiate one or more OpenFlow Logical Switches (i.e. OpenFlow datapaths) 2) An OpenFlow Configuration Point (OFCP)Example usageAn OpenFlow Controller adds a flow modification to an OpenFlow datapath (OFLS) which allows Ethernet frames containing IP packets which originated from 192.168.3.10 and are coming in on the datapath's port 2 to be forwarded out on the datapath's port 14An OpenFlow Configuration Point configures a particular OpenFlow Logical Switch (OF datapath) to be associated with a particular OpenFlow ControllerRequirements For OpenFlow (1/2)•Instantiation of one or more Openflow Data Planes •Connection Setup to a Controller – the IP address of the controller – the port number at the controller (optional, default 6653) – the transport protocol to use, either TLS or TCP – the port number at the switch (optional) •Multiple Controllers •Connection Interruption – Fail Secure Mode: only messages to controllers are dropped – Fail Standalone Mode: act as a legacy Ethernet switch/routerRequirements For OpenFlow (2/2)•Encryption between switch and controller •Queues – min-rate, max-rate, experimenter •Ports – No-receive, no-forward, no-packetin, admin-state – Advertised features: speed, duplex-mode, coppper-medium, fiber-medium, auto-negotiation, pause, asymmetric-pause •Capability Discovery •Datapath ID – 64-bit (MAC in lower 48-bit)Agenda•OF-CONFIG Introduction • OF-CONFIG Data Model •Transport ProtocolUML for OF-CONFIG Data ModelAll Data Model•8.1 YANG Module •8.2 Core Data Model •8.3 OpenFlow Capable Switch •8.4 OpenFlow Configuration Point •8.5 OpenFlow Logical Switch •8.6 Logical Switch Capabilities •8.7 OpenFlow Controller •8.8 OpenFlow Resource (Superclass) •8.9 OpenFlow Port •8.10 OpenFlow Port Feature •8.11 OpenFlow Queue •8.12 External Certificate •8.13 Owned Certificate •8.14 OpenFlow Flow Table •8.15 NDMOpenFlow Capable SwitchCapableSwitch0...XML EXAMPLE:OpenFlow ControllerOpenFlow ControllerController3master192.168.2.1/266633192.168.2.12932768tcpup1.21.31.0XML EXAMPLE:Agenda•OF-CONFIG Introduction •OF-CONFIG Data Model • Transport ProtocolTransport Protocol•NETCONF as the transport protocol •Must use SSH as a transport protocol, TCP port 830 •Support mutual authentication. •Configuration point as client. Switch as server.NETCONF Layers and ExamplesNETCONF•Use RPC based communication model • as request, as response. •Base NETCONF operations (RFC6241) – Edit-config – Get-config – Copy-config – Delete-configEdit-Config Examplemergelogic-switch-1controller-010.0.0.10• If target not exist, it will be created • Operation attribute: “create”, “replace”, “merge”, “delete”Get-Config Examplecapable-switch-0logic-switch-111:11:11:11:11:11:11:11truecontroller-0master192.168.2.16633tcpCopy-Config Example Creates or replaces an entire configuration datastore • If target exists, it is overwritten • If target not exist, a new one is created, if allowed.Delete-Config Example• configuration datastore cannot be deletedRPC Error•To report operation failures •MAY contain multiple elements.applicationmissing-elementerrorexpected key leaf in listid383Summary•OF-CONFIG Introduction •OF-CONFIG Data Model •Transport Prot。