Recent developments in the field of Packet Switched Networking (PSN) and Computing have lead to the notion of Software Defined Networking (SDN). Within the context of this invention we consider Software Defined Networking as the capability to define a network in a high-level specification (such as, but not limited to, a high-level programming or scripting language) and through an automated process instruct the appropriate physical and virtual networking, storage and computing resources in accordance with this specification.
Such recent developments can be found in WO2010115060 “Method and apparatus for implementing and managing virtual switches” and WO2012082988 “Methods for configuring network switches”.
Recently, it has become possible to instruct packet forwarding devices with the desired forwarding behavior using an open interface through a standardized protocol. The current leading protocol for this is OpenFlow, but the present invention is not limited or bound to the OpenFlow protocol, but generic in nature and could work with future protocols that provide programmatic access to forwarding table(s) of packet forwarding devices. The forwarding table(s) contains the information against which information from the incoming packet and input port is matched, providing the desired output port(s) to forward the packet out to.
We will refer to ‘packet forwarding device’ as ‘switch’ throughout the remainder of this document, referencing to any device performing packet forwarding, not limited to Open Systems Interconnection (OSI) Layer 2. Besides the forwarding functionality a switch might provide additional operation(s) on the packet, such as but not limited to monitoring and/or recording and/or buffering and/or modifying of the incoming packet header and/or payload before forwarding the packet to one or more of it's output ports. The switch might also not forward (block) the packet. These type of devices performing additional operation(s) on the packet other than packet switching are typically referred to as middleboxes and are included in the definition of a switch used in this document.
Recently, interest has grown to perform switching and middlebox functions in virtual machines running on virtualized physical servers or in containers, typically referred to as Network Functions Virtualization (NFV), to allow for greater flexibility and agility in deploying network functionality and to potentially reduce cost. An SDN Compiler, as described and claimed in the present invention, should have the capability to create forwarding instructions for these virtual machines or containers.
The distribution of these forwarding tables to switches is typically done by a so-called ‘SDN controller’. The SDN controller is functionally a central place (implementations are typically redundant) at which the centrally specified forwarding tables are distributed among the typically geographically distributed switches in the network. Further, the SDN controller provides at its northbound interface a centralized view of the physical and/or virtual network resources, e.g. switches in the network, their topology, status of individual links.
The above outlines an important difference between SDN and traditional networking: the forwarding tables for the switches in the network are calculated in a centralized manner, as opposed to the distributed manner traditional networks operate which is based on a large variety of networking control protocols. This allows the user of the SDN network (user in the broadest sense: e.g. but not limited to network operator, IT operator, operations system, application, other network, other SDN Compiler) to centrally specify the desired behavior of the network, greatly enhancing the control over the network. Further, with the introduction of the Cloud Computing, a tight integration between and centralized control over computing, storage and networking resources has become a mandatory requirement.
Currently, the networking industry is focused on programmatic access to forwarding table(s) of packet forwarding devices. In order to create a tight integration between networking, storage and computing, however, there is a need to provide instructions to physical hosts, virtual hosts and physical NICs as well. E.g. a host could be instructed over which interface to send a packet to a particular destination node. E.g. a host could be instructed which packets to accept and which to drop. E.g. a NIC could be instructed which packets to forward and which to drop. This requires a holistic approach to Software Defined Networking including physical and virtual networking, storage and computing resources.
In the field of computing it has become common practice to virtualize physical servers into one or more virtual machines, resulting in aforementioned Cloud Computing. The process of server virtualization creates a logical abstraction of physical computing resources. Given today's tight integration between computing and networking a need has arisen for logical abstraction of physical and virtual networking resources.
US 2013/058215 discloses a virtualizer for managing a plurality of managed switching elements that forward data through a network. The virtualizer comprises a first set of tables for storing input logical forwarding plane data and a second set of tables for storing output physical control plane data. It also includes a table mapping engine for mapping the input logical forwarding plane data in the first set of tables to output physical control plane data in the second set of tables by performing a set of database join operations on the input logical forwarding plane data in the first set of tables. In some embodiments, the physical control plane data is subsequently translated into physical forwarding behaviors that direct the forwarding of data by the managed switching elements. In this prior art document a managed switch converts this physical control plane data to physical forwarding plane data that specifies the forwarding behavior of the managed switch (cf. [0197]), having the disadvantage of placing a requirement on physical nodes to perform this conversion and using resources in said physical nodes. The prior art presented in US2013/044641 creates an overlay virtual network, in terminology of this application a logical network, based on tunnels in an underlay, typically IP-based network. This approach has the disadvantage of operating both the virtual overlay network and the underlay network complicating operations. Moreover, the prior art according to US2013/044641 models a virtual node, in terminology of this application a logical node, after a physical node, having the disadvantage of continuing to configure and manage networks based on network element operations rather than network services.