DELL CONFIDENTIAL

Solution Guide

A solutions approach for enabling Enterprise Next Generation Data Center Fabrics with Software Defined Networking

Overview Private cloud has produced the need for agility, efficiency, and precision which has lead to transforming Enterprise IT, the infrastructure needs to more effectively respond to growing business needs and at the same time reduce costs. Today’s networks need to be more responsive to dynamic business needs to keep up with the demands. This requires the ability to maximize the resource utilization and at the same time remain open and easy to automate and manage.

Software-Defined Networking (SDN) is a new paradigm that has emerged as the basic building block for these next generation Data Center Fabrics. SDN-enabled fabrics share infrastructure resources, meet the scale needs, and are more able to meet business demands, because SDN-enabled fabrics increase the efficiency of resource utilization within data centers.

Today’s enterprises are the basis of powerful new business models that provide an unprecedented opportunity for businesses that can adapt more rapidly and execute with greater agility, efficiency and precision. New technology has enabled IT to respond to business demands with new agile capabilities; however, traditional networking technologies have not kept pace and today encumber businesses with inefficient manual processes and a near complete inability to integrate into modern application frameworks.

Dell has enabled SDN solutions in partnership with Big Switch Networks that have proven to address this challenge. Dell’s advanced implementation of hybrid Openflow on the switching platforms, when combined with Big Switch Networks Open SDN™ platform, delivers advanced network virtualization and a robust suite of applications for customers impacted by limitations of both their virtual and physical infrastructure. The combined Dell and Big Switch Networks solution delivers the compelling benefits of the Big Network Controller and Big Virtual Switch application with Dell’s Virtual Network Architecture providing comprehensive end-to-end solutions that make enterprise SDN adoption simple.

Cutting edge innovation delivered over industry’s most powerful Network

platform Dell SDN solutions are designed to provide cutting-edge capabilities by taking the best architectural

Dell SDN enabled

solutions create an

infrastructure fabric by

which the virtual

machine density in a

Data-Center can be

improved by 50%

DELL CONFIDENTIAL

innovations and delivering these across trusted platforms and technologies. Dell’s hybrid OpenFlow platform enables users to take advantage of the latest SDN innovations at their own pace by enabling a traditionally configured network to deliver SDN features as granularly as a single port or a VLAN at a time. This implementation relies on industry-leading fault tolerance and high availability features, creating an ideal balance that provides the proven maturity and stability of our FTOS software with the ability to rapidly and easily provision SDN-enabled features across this trusted platform.

1

RTW of Release 9.1 FTOS on S4810 and Z9000 Delivers “Enterprise SDN” (Software Defined Networking)

with Openflow support in Hybrid Mode.

For more platform details:

Z9000 Sourcebook http://salesedge.dell.com/doc?id=0901bc828053ea05&ll=d&pm=57954296

S4810 Sourcebook http://salesedge.dell.com/doc?id=0901bc828053ea05&ll=d&pm=57954296

The FTOS 9.1 software is currently available for download to customers with an active Support Contract at the following Dell Force10 iSupport download site URL (requires login credentials):

Z9000 Image: https://www.force10networks.com/CSPortal20/Software/ZSeriesDownloads.aspx

S4810 Image: https://www.force10networks.com/CSPortal20/Software/SSeriesDownloads.aspx

With the next FTOS release the s4820T and MXL blade switch delivers “Enterprise SDN” (Software

Defined Networking) with Openflow support in Hybrid Mode.

DELL CONFIDENTIAL

Dell MXL information (http://www.dell.com/us/enterprise/p/force10-mxl-blade/pd)

Dell s4820T information (http://i.dell.com/sites/doccontent/shared-content/data-sheets/en/Documents/Dell-Force10-S4820T-SpecSheet.pdf)

Dell SDN Platform Overview:

Dell Force10 FTOS Release 9.1 (latest version of the unified FTOS software supporting platforms S4810

and Z9000) enables Dell Data Center Fabric solutions by Openflow capabilities on the switch. These

capabilities when utilized along with Openflow Controller can be used to enable SDN based

solutions. This release adds the following features:

Support for Openflow 1.0 – Openflow 1.0 Support has been added on both S4810 and Z9000. This feature enables the switch to be controlled by any Openflow 1.0 compliant controller to enable SDN solutions.

In addition to support the basic Openflow 1.0 protocol, the following enhancements are to be

highlighted:

OpenFlow Hybrid mode support – The switches ( S4810 and Z9000) support Openflow 1.0 and at the same time support native FTOS protocols and functionality. These two modes work independently of each other on the same platform.

OpenFlow 1.0 compliant for 12 tuple match and actions: As per Openflow 1.0 specification, the above mentioned switches can match flows based on all 12-tuple fields and take action per Openflow 1.0 specification.

Support for up to 8 Openflow Instances: Each switch can be divided into 8 set of Port(s) and VLAN(s). Each set (also called Openflow instance) can be managed by a unique Openflow 1.0 Controller.

Creating OpenFlow Instances

DELL CONFIDENTIAL

Capability to use switch L2 and L3 Tables: These switches via Openflow 1.0 protocol can provide access to L2/L3 forwarding tables.

Support for OpenFlow-Port, OpenFlow-VLAN or both: Openflow instance type can be assigned to "port",” vlans” or a combination of two.

Port based Openflow instance

Support for strip-vlan ACL flow action.

Fail-secure mode-(back ported from Openflow 1.3, allows for headless operation of

switch in case of controller failure)

Support for ACL flow based flooding (and multi-ports).

Support for set-enqueue via ACL flows and via “L3+ACL” flows.

Support for granular flow and queue statistics.

Programmable Environment: In addition to the Perl and Python, SmartScripting 2.2 includes the scripting language TCL with its Expect extension, and the powerful Unix shell Zsh. In addition, FTOS 9.1 has the ability to run a script (autoexec) as part of the boot process.

BMP 3.0: S4810 & Z9000 can now download TCL, Expect, and Zsh scripts as part of the Bare Metal Provisioning (BMP) process and execute those scripts before and after the configuration is applied, providing unique automation capabilities right from the boot up process of the switch. Furthermore, BMP 3.0 adds support for stacking, automating the process of forming a stack.

OpenFlow switch

OpenFlow

Instance N

OpenFlow

Controller

OpenFlow

Instance 2

OpenFlow

Instance 1

Traditional

L2/L3

Hardware supported forwarding tables

DELL CONFIDENTIAL

Dell Networking (Z9000, S4810) + Active Fabric Manager FTOS 9.1 supports sending out LLDP TLV messages with management addresses. This

helps AFM (Active Fabric Manager) to perform network auto-discovery using a single

seed switch and have management IP addresses for the rest of the switches discovered

as part of the fabric. This allows AFM to audit the fabric design against the deployment

of the switches and links in the network, providing users a consolidated topology view

of the deployed network fabric.

Dell Networking (S4810) + Dell Storage (iSCSI) FTOS 9.1 supports iSCSI session monitoring capability in a VLT context. iSCSI session

monitoring is part of the iSCSI optimizations package that is available in FTOS to plug

and play iSCSI storage arrays from Dell like EqualLogic and Compellent. The session

monitoring capability is now synchronized across VLT system providing resiliency to

the monitoring capability across the VLT nodes.

Dell Force10 + Big Switch Controller S4810 and Z9000 Dell Force10 products have been tested to interoperate with Big Switch controller. This enables customers to deploy a Dell tested and validated solution, Big Network Controller from Big Switch Networks The Open SDN architecture is built around the Big Network Controller which provides a common data model and policy abstraction for all the network fabric elements, and network applications, such as Big Virtual Switch. These universal network abstractions and Big Network Controller leverage industry standards and open APIs to provide maximum deployment flexibility. Big Network Controller also enables a broad range of application support, including data center network virtualization.

SDN centralized control plane enables sophisticated topologies that are less costly and more flexible

DELL CONFIDENTIAL

At the center of the Open SDN architecture is Big Network controller, which is based on the open source Floodlight Controller from Project Floodlight (www.projectfloodlight.org). The Floodlight Controller is distributed under Apache License Version 2.0, which provides customers and application developers with maximum investment protection since their SDN architecture will always remain independent of vendor interests. The Big Network Controller provides the centralized control plane tier in the three-tier Open SDN architecture diagram above. While Big Network Controller is logically centralized, the controller is installed for redundancy and scale. Each controller-node is simply a separate installed image of the software (or separate hardware appliances with the software installed on it).

Controller Nodes can communicate with the Switches

OpenFlow-enabled switches, whether physical switches or hypervisor/virtual switches, are configured to connect to the controller-nodes. Once this is done, the controller uses OpenFlow to program specific instructions dynamically into the switches' forwarding tables to implement the application-specific forwarding behavior. Note that some switches can connect to multiple controller-nodes simultaneously while some connect to them one at a time. When switches connect to an OpenFlow controller, they identify themselves with a unique "datapath-id" or DPID.

The Three-Tier Open SDN Architecture: Dell Switches, Big Network Controller, Applications tier Applications can be enabled to run on top of the controller and its infrastructure and APIs. For example, two applications are available, Big Virtual Switch and Big Tap. The applications leverage common management infrastructure such as login/security, configuration files, logging and debugging utilities.

DELL CONFIDENTIAL

Three tier SDN Architecture

The applications also use the underlying OpenFlow modules supported on the controller to program the connected Dell OpenFlow enabled switches by sending "flow-mods" or "flow-entries" down to the tables inside the switches. These flow-mods in the switch tables are comprised of three parts:

1. Match conditions that are applied to packets entering the switch - these include matching the ingress port, source/destination MAC addresses, VLAN, and other parts of the packet header.

2. Actions that are taken on the packets - these include dropping the packet, forwarding the packet to a specific set of ports, or asking the controller what action should be taken on the packet

Components of a flow entry in flow table

DELL CONFIDENTIAL

3. Counters that track how many bytes/packets matched a given flow-mod.

Recommended Server Fabric to Maximize Density, Minimize overhead The introduction of server virtualization enabled an order of magnitude increase in the efficiency of server infrastructure, and today SDN can unlock these same benefits for the network. Dell 12th generation servers can now drive never-before-possible levels of server I/O performance but traditional networking technology cannot keep pace with the demands of cloud-era workloads.

Dell SDN Enabled Architectures Strategic enabler for top enterprise networking

initiatives Software defined networking provides the potential for innovations that can leverage and extend a programmable approach to networking in order to achieve greater visibility, scale, agility, performance, efficacy and reduced costs associated with network based services. The more programmatic and instrumented the network becomes, the more capable our application/services options will become also.

SDN Architectural Framework

Dell has a product offering for all tiers of this SDN architecture.

• Switches with enabling SDN agent • Network control software from Big Switch Networks with open APIs both south

bound and north bound • Network abstraction layer • Application ecosystem

Key Dell SDN Architecture Drivers

Virtualization and Cloud : Phenomenal Growth

DELL CONFIDENTIAL

More automation, more scale, more mobility, more flexibility

Need a more scalable way of Managing the services AND the network overlay per tenant

Need network & services to integrate with Cloud orchestration systems

Need real-time monitoring of network capabilities available / utilized per tenant

Need switching / services to be reliable and available

Key Architectural Paradigm’s

Network Virtualization

Network virtualization from Big Switch Networks and Dell can enable the creation of Virtual

Network Segments that can extend across a distributed fabric. This paradigm enables multiple

physical switches (irrespective of the physical topology) acting as a single layer 2 switch. This

provides the ability to move workloads between compute resources connected to different

physical switches without reconfiguration of the network switches.

Centralized Policy Management

An Open SDN from Big Switch Networks and Dell can provide a unified network control plane

for an entire data center and beyond, centralizing policy management and automating policy

application and enforcement. This architectural paradigm enables steering traffic to a service

node or application or away from it. This for example can be applied for Service insertion

without making any major network changes.

Also decisions on traffic flows which can be rerouted in case of network or node congestion

can be made centrally

DELL CONFIDENTIAL

Multi-tenancy

An Open SDN from Big Switch and Dell also enables robust network segmentation and

isolation on a highly automated platform. This architectural paradigm enables dynamically

creating multiple, segregated L2 broadcast domains on the same physical network

infrastructure, irrespective of the physical topology. This is required for supporting Layer 2

multi-tenancy..

Dell SDN Solution offerings with Big Switch controller

Dell in partnership with Big Switch offers the following solutions for the next generation Data

Center needs.

A. Big Virtual Switch Solution: Network slicing by flows, L2/L3 Virtualization speeds

service delivr and enables network agility, including service insertion..

B. Big Tap Solution: Flexible and ost-effective network wide visibility

DELL CONFIDENTIAL

Big Virtual Switch Solution:

The Big Virtual Switch application is a Network as a Service (network virtualization) application that runs on the Big Network Controller. Use Big Virtual Switch to create Virtual Network Segments (VNSs) within a network fabric.

Network Slicing by flows (Segregated Layer 2 Domains)

Big Virtual Switch provides multiple logical network slices within a single physical network where each slice can be

Defined in a flexible manner

Scaled dynamically

Free from physical network changes

Big Virtual Switch dynamically provisions Virtual Network Segments to make the network as agile and dynamic as your other cloud infrastructure.

• Dynamic Network Provisioning for Cloud Workloads • Dramatic Increase in Data Center Resource Utilization • Ultimate Network Flexibility and Scalability • Leverages Big Switch Open SDN architecture

Essentially, the Big Virtual Switch application allows you to take a pool of compute resources (e.g., virtual machines) and allocate them to different network groups, called tenants. Deployment Scenarios

1) Pure Overlay: This is a model where the network is a non-OpenFlow fabric, in this case with the help of overlay tunnels, virtual network segments can be created. This does not require any change to the existing hardware.

DELL CONFIDENTIAL

2) Hybrid Network Virtualization: This is a model where the network is a mix or non-OpenFlow switches and hypervisors and Openflow enabled switches and hypervisors. This model uses a combination of Openflow and overlay.

Ultimate Deployment Flexibility

3) Pure Openflow: Highly flexible architecture, no requirement for STP which allows for all

links to be put in active state, the centralized control plane uses the Shortest Path Routing.

Important things about Big Virtual Switch

1. Uses virtual network segments instead of VLANs for unlimited VM mobility, no physical placement constraints, no 4k limits

2. Exposes (and automates*) L4-L7 devices as shared services for multi-tenant operational model

3. Centralizes intra-tenant and inter-tenant configuration and control APIs to ease

automation and reduce operational complexity without sacrificing performance

4. Connects to cloud orchestration for automated / self service provisioning

With the Big Virtual Switch network virtualization solution the infrastructure administrator gets central control and admin of the fabric:

Physical and virtual switches

Bare-metal and virtualized servers

Multiple hypervisors (VMware, KVM, Xen)

DELL CONFIDENTIAL

Virtual networks integrated with L4-L7 services

Specify L2-L2 virtual networks definitions in the BVS app, or automatically “follows” server-defined groups (OpenStack tenants, port-groups) via orchestration plug-ins

Big Tap Solution:

The Big Tap application on the controller helps you define and manage span traffic delivery network and associated policies. Traffic spanned in the production network enters the Big Tap network to be filtered, pre-processed, and delivered to analysis devices. Big Tap application creates an OpenFlow enabled network for span delivery, the e network, contains:

A network of OpenFlow enabled switches with traffic coming in through.

A set of input interfaces called Filter interfaces.

A set of interfaces called Delivery interfaces, to which analysis devices are connected.

An optional set of service-nodes that process the packets connected through a set of pre-service and post-interfaces.

The Big Tap application provides a way to define policies that filter and forward traffic of interest from a subset of Filter interfaces to a subset of delivery interfaces through an optional subset of service nodes. The Big Tap application discovers the OpenFlow network inter-connecting filter or delivery interfaces and manages it to allocate paths to deliver streams from a subset of Filter interfaces to a subset of delivery interfaces via optional subset of services. All on a per policy level. Big Tap provides user interfaces (REST and CLI) to configure switch interfaces on the controller as filter or delivery interface types. Big Tap also provides user interfaces to configure policies that define a subset of traffic that can be filtered from ingress stream and forwarded through services.

Big Tap based Network Monitoring: Connect any tap to any tool at any time

DELL CONFIDENTIAL

Important things about Big Tap

Big Tap connects taps to tools on a case-by-case / team-by-team basis, Each tap-to-

tool connection is budgeted, designed and then deployed. This Makes it cost effective

to provision a full monitoring network up front, then control tap-to-tool connections in

software

Scale to thousands of tap/span-facing monitoring ports capable of 5-tuple filtering

Scale to hundreds of tool-facing ports

REST APIs with a multi-tenant operational model to direct any tap with any filter to any

tool

BVS Operational Aspects Big Tap is easy to deploy as it does not impact the actual production network. From an

operational perspective deployment can be Started with a single switch or build out a complete

network

(1) Configure SPAN & TAP ports on pSwitches and vSwitches.

DELL CONFIDENTIAL

Big Tap deployment

(2) Configure delivery ports for tools or services node or service node+ tool.

(3) Define FlowFilter policies to match and forward from “filter” to “delivery” interfaces.

The Important Fact

Data Centers are transitioning to highly virtualized and ever changing environments. The legacy network infrastructure needs to evolve and become more agile. It is also important to ensure that the SDN enabled applications provide a seamless integration into the existing network infrastructure. With Dell Software-defined networking the promise is to change the status quo in networking.

The goal of this white paper is to provide users with an overview of the Dell Openflow enabled SDN landscape. It should help to get useful information for SDN deployment.

For more detailed information, please contact::

Aseem Srivastava(aseem_srivastava@dell.com ), Product Line Manager, Dell Networking

Big Switch Networks (http://www.bigswitch.com/)