SDN week 4 Slicing Network Control/Virtualization in Multi-Tenant Datacenters

刚刚发现别人做的视频笔记，再看看我做的，天呐，这是什么辣鸡，自己乐色还怪视频讲的不好

Slicing Network control

Then I’ll talk about specific concepts of flowspace, and various ways that slicing policies can be defined. I’ll then talk about FlowVisor, which is a particular SDN controller, that virtualizes SDN Control, allowing multiple SDN controllers, to control a single set of switches, without interfering with one another. I’ll then talk about several applications of Network Slicing.
As we know from previous lessons existing SDN controlled network devices, are typically controlled from a single control plane, that computes forwarding rules and pushes the rules down to the data plane using an agreed upon control protocol. The data plan then, enforces those rules, and exceptions can be pushed back to the control plane, as they arise.

What is Slicing Network

The basic idea behind slicing the network, or slicing the control plane is to add a layer between the control and data plane. So that each control slice believes that it owns the data path. The slicing layer then has the responsibility of enforcing isolation between these slices. Policies defined at the slicing layer control which slices should have access to, or control over, different parts of the data plane.

In short, network slicing defines the production network into logical slices. So that each slice controls its own packet forwarding.

Users or applications might be able to pick which slices control their network traffic. Additionally, existing production services can run in their own slice or slices that are separate from slices that might be used for testing or experimentation.

Slicing enforces strong isolation between each of the control slices. So that actions in one slice, don’t affect other slices. Each slice can also mirror a production network. These additional slices might be used for testing, or for research. For example, for trying out new, experimental types of control protocols.

Why slice the Network?

There are various reasons you might want to slice the network.
One, is that the network might have multiple administrative groups, such as different departments on a campus. Another is that the network might have multiple customers.

• A common example of this might be multiple tenants in a shared data center or researchers operating on a shared test bed infrastructure.
• Another reason why you might want to slice the network is to separate experiments from the operational network. So that research or experiments can be supported without breaking the real operational services.
• Virtualization can also be used to expand a network’s footprint. It can also allow multiple services or applications to operate in the same domain. With Slicing, the data plane operates essentially unmodified, so there’s no performance penalty. It merely implements forwarding according to what the control plane tells it.

Slicing: Forwarding and Policy

The Slicing policy which sits above the data plot, determines which control slice, can control different parts of the data point. A Slicing policy, specifies resource limits for each slice. Such as the link bandwidth, the maximum number of forwarding rules, the topology or the fraction of switch or router CPU that that control slice should have access to.

Flow Space

One way of slicing control is through a concept called flow space. We can think of traffic as being divided according to a multidimensional space. According to fields in the packet, this diagram shows a simple example of flow space being divided according to MAC address, IP address and TCP port. Slices can be defined based on groups of packets that share one or more of these fields in common. One simple way to enforce isolation is to ensure that no two controllers control the same portion of flow space.

FlowVisor

One example of a SDN controller that slices the network is called FlowVisor. FlowVi