OpenFlow busts out of the data centre with 15,000-route Pacific test

Try to break it

The evangelist's view of the world is always to focus on what's working, but the architect is also interested in what can break. Wilde said knowing what can go wrong is a vital part of the work going on in the AARNet SDN testbed.

How the OpenFlow controller talks to individual devices is a key dependency. “The controller needs an out-of-band connection to each device,” he explained. “That's how it implements the rules into each switch or router.

“That's fine in a data centre – it's easy to have the controller connected to own network.

“But if the controller is in Sydney and the switch or router is in Seattle, what happens to your traffic if you lose connectivity?”

Collaboration in the future

To continue assessing the viability of SDN in large, distributed, multi-party networks, AARNet is working with the University of New South Wales' Vijay Sivaraman.

Wilde explained that Sivaraman, a research associate of the Open Networking Foundation, is leading an ARC-LIEF-funded project to build a national-scale 10-organisation SDN testbed that will include UNSW, AARNet, CSIRO and other universities.

An SDN test lab at each location plugged into the AARNet testbed and CSIRO will let the development of SDN “get the next level of scale.”

Once the network is operational, the next focus will be OpenFlow services and application-layer integration, to “try and expand the understanding of SDN”, Wilde said.

International scale will again be of interest in the national testbed, with AARNet intending to connect it to its Seattle switch.

In the service provider context, Wilde said, SDN and OpenFlow as “a lot of potential, but I want to get some more miles on the road – and throw real traffic at it.

“Once we've got our own testbed extended to Seattle, we have other networks interested, Internet2 and ESNet. They're keen to peer with our network, so we can run international tests.”

Once AARNet's switch in Seattle is integrated into the SDN testbed, instead of building one-off networks like the one used in the recent test, “we can do it on an ad-hoc basis”.

The future: automation

In the future, Wilde said, AARNet would like to see its university customers deploying services under their own control. For example, “taking cloud services like AWS or Microsoft Azure, being able to self-provision multiple network connections into their virtual storage instances”.

That would involve AARNet giving its customers an API into its network, as is offered by the cloud services.

Likewise, it would improve institutional ability to create network links to serve a particular purpose – such as a researcher with access to one HPC facility drawing data from another facility, without having to either soak existing connections or try to get the carrier involved in provisioning.

SDN could let all of this be rolled into a single workflow.

“More and more,” Wilde said, “the compute and the storage and the tools on top are becoming a single bundle, to provide useful resources to researchers.

“That idea of a researcher aware that their data comes from an instrument in Western Australia, is stored in Pawsey, and processed at Swinburne – being able to tie that all together is a real possibility for this technology,” he said. ®

^*Bootnote: New Zealand's research network, REANNZ, has sacrificed its early lead in international-scale SDN through no fault of its own. National security laws that require carriers to tell the government if they make any significant architectural or design changes to their network are at odds with the flexibility of SDN, and the government has been unable to give a definitive answer about whether SDN is legal or not.

REANNZ was collaborating with Google in its project, but the Chocolate Factory quit the country in frustration.

REANNZ CEO Steve Cotter told The Register there has been some progress in discussion with that country's National Cyber Security Centre. While a demonstration in March for the eResearch 2015 conference went ahead, the NCSC requires REANNZ to brief it on any SDN deployments in the network backbone, so things remain in limbo for now. ®