It helped us to clearly identify the issues with lldp topology discovery and we described how to address some of them. In this paper, we have addressed the issue of topology discovery in openflow based software defined networks. Using link layer discovery protocol lldp, this component sends lldp packet on all ports for link detection. Software defined networking sdn architecture and role. One caveat is that the vlan swtich quanta in the figure drops some l2 control packet including 802. Lldp message is 0x88cc, this information is vital to. Lldp link layer discovery protocol is an ieee institute of electrical and electronics engineers standard protocol ieee 802. Lldp based link latency monitoring in software defined. Topology creation component this component aims to discover, storing link status to make network current topology. Final report multidomain openflow topology exchange. This download provides a readytouse mininet datacenter configuration examples.
The sdn controller sends three lldp packets each port of the switch s1 using. Using nonstandard lldp destination can avoid this issue. Software defined networking sdn architecture and role of openflow in our previous article, we had a good overview of sdn as a technology, why its needed, and how it industry is adopting it. Forge an lldp packet for every combination of switch, port 2. Application demand is pushing it to meet service and scale levels beyond what is possible with traditional networks. Openflow lldp example 1 the topology discovery is done by the openflow controller. Final report multidomain openflow topology exchange mote open call deliverable ocqds3. Pdf current trends of topology discovery in openflowbased. Link between sdn control and infrastructure layers ofenabled infrastructure communicates with an of controllervia the of protocol.
An introduction to software defined networking and openflow. In this test, the following three performances are measured. Dealing with lldp topology discovery in exogeni slices. Limitations of openflow topology discovery protocol arxiv. Current trends of topology discovery in openflowbased. In this example, you configure support for openflow on an ex9200 switch. Openflow does not specify the content of the metadata field. Softwaredefined networking and openflow sciencedirect. Limitations of openflow topology discovery protocol. Decouple topology, traffic and interlayer dependencies dynamic multilayer networking. This document is the final deliverable of the multidomain openflow topology exchange mote.
A generic and configurable topology discovery service for. Topology discovery is a key component underpinning the logically centralised network management and control paradigm of sdn, and is a service provided by all sdn controller platforms. Openflow discovery protocol ofdp is the defacto protocol used by openflow controllers to discover the underlying topology. Pdf limitations of openflow topology discovery protocol. Send the lldp packet as payload of an openflow message to the switch via the control channel the procedure is executed every e. The defacto openflow topology discovery protocol ofdp adapts the link layer discovery protocol lldp with certain modifications, but performs topology discovery in fixed sdn environments.
Pdf efficient topology discovery in software defined. However, hosts do not understand lldp or openflow, and will simply ignore any lldp packet they receive as part of the topology discovery process. Therefore, the xnc controller use cases such as topology independent forwarding and latency optimized forwarding may not be work correctly on the cisco nexus 5500 and cisco nexus 6000 switches. Controller determines the topology from lldp packets lldp is a oneway protocol to advertise the capabilities at fixed intervals. Sdn and openflow a tutorial ip infusion proprietary and confidential. Also the procedure of topology discovery in a network composed by nonopenflow and openflow switches are presented. Software defined networking, openflow protocol and its. Openflow switchs bootup time total topology discovery time of 200 switches by nec controller time difference between the above. Next stages of the pipeline need to know the contents and format of the information in the metadata field. Openflow is like an x86 instruction set for the network. Classes of topology tampering attacks, topoguard, and sphinx are discussed in section iii. We develop proofofconcept implementations for these attacks in emulated networks based on openflow, the most popular framework for sdn. Since all switches in the controllers network have a rule to send lldp packets to the controller, the controller is able to determine the topology.
For instructions on how to use this download, please view this article. The datapath id id is the unique key identifier made up of the switch mac and an id assigned by the controller. Most of the current sdn controller platforms perform topology discovery using openflow discovery protocol ofdp mechanism, which leverages lldp the link layer discovery protocol. Effective topology tampering attacks and defenses in softwarede. After a while the rst transmissions have ended and now it simply stucks at openflow feature request, becoming a loop.
Pdf the explosion of internet services such as video on demand, big data, server. Weve got one pc, four openflow switches, and theres our topology. Topology discovery, which provides the sdn controller with the network graph, is vulnerable to the link fabrication attack, where the attacker can easily inject a spoofed lldp packet to poison. Analysis of topology poisoning attacks in softwaredefined. Ixia ixnetwork emulates up to 200 openflow switches in fattree topology and nec pfc initiates lldpbased topology discovery.
We identify three base cases of the topology poisoning attack, in which the attack that requires a single compromised switch is a new variant of topology poisoning. The controller then uses a separate open flow packet. Since all switches in the controllers network have a rule to send lldp packets to the controller, the. Pdf the insecurity of topology discovery in openflow. Greg has been researching and discussing openflow since early 2011 and belives that sdnopenflow is the future of networking no matter what the vendors say. Effective topology tampering attacks and defenses in. Pdf the insecurity of topology discovery in openflowbased. About brent salisbury brent salisbury works as a network architect with over 15 years of networking experience in large enterprise, healthcare and regional provider networks.
Each lldp frame is composed of a header and a payload lldp data unit called lldpdu as shown in fig. The openflow protocol, the main sdn enabler, doesnt specify how to proceed with the topology discovery. Congestion control using openflow in software defined data. Pdf the insecurity of topology discovery in software. Controller learns topology packetout lldp devices and other participating of switches discovered and mapped. Piggyback status monitoring over lldp in softwarede. In this article, courtesy of rajesh gopidi, we are going to introduce you to a way of dealing with lldpbased topology discovery in openflow slices, i. All these lldp packets have their chassis id and port idtlvs initialized accordingly. If we go to nodes, make this a bit bigger, we can see that there are four openflow switches, open for switch one, two, three. Openflow, is used to communicate data between flow tables. Opendaylight openflow tutorial networkstatic brent.
Maturing of openflow and softwaredefined networking. Review sdn and openflow architectures using physical, logical, and reserved ports and physical, virtual, and hybrid switches, such as raspberry pi and mininet. Efficient topology discovery in openflowbased software. C2, which many openflow controllers use to discover the network topology. The cisco nexus 5500 and cisco nexus 6000 switches do not support the openflow action to rewrite the layer2 destination mac address. Discovering a unidirectional link in ofdp figure 1 shows how ofdp works. In this paper, we show that ofdp has some serious security, efficiency. Efficient topology discovery in software defined networks.
This paper extends our previous work on ofdp limitations 3 by detailing the design of a secure and ef. Software defined networking, openflow protocol and its controllers isaku yamahata valinux systems japan k. Cisco open sdn controller platform as an open source based software, the open sdn controller continuously advances through ongoing cisco innovation and the support of the opendaylight community. In addition, attention is focused on layer 2 discovery protocols lldp and bddp and major limitations of these procedures are discussed. Secure and efficient topology discovery protocol for sdn arxiv. Openflow in a day the research arm of indiana center for. Current sdn controllers such as ryu1, opendaylight2 etc. Now, lets get a layer deeper, and understand sdns architecture and the role of the openflow protocol in the implementation of the technology.
1347 3 104 1366 1267 1015 823 99 1284 946 104 1327 1506 392 1173 283 1273 855 936 248 739 946 1212 1004 994 1000 1056 1211 33 1476 404