Internet-DraftInternet Engineering Task Force (IETF) V. BhuvaneswaranVengainathan Network Working Group AntonRequest for Comments: 8455 A. BasilIntended Status:Category: Informational Veryx TechnologiesExpires: November 25, 2018 MarkISSN: 2070-1721 M. TassinariHewlett-Packard VishwasHewlett Packard Enterprise V. ManralNano Sec SarahNanoSec S. Banks VSS MonitoringMay 25,October 2018 Terminology for BenchmarkingSDNSoftware-Defined Networking (SDN) Controller Performancedraft-ietf-bmwg-sdn-controller-benchmark-term-10Abstract This document defines terminology for benchmarkingan SDNa Software-Defined Networking (SDN) controller'scontrol planecontrol-plane performance. It extends the terminology already defined in RFC 7426 for the purpose of benchmarking SDNcontrollers.Controllers. The terms provided in this document help to benchmark an SDNcontroller'sController's performanceindependentindependently of the controller's supported protocols and/or network services. Status ofthisThis Memo ThisInternet-Draftdocument issubmitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documentsnot an Internet Standards Track specification; it is published for informational purposes. This document is a product of the Internet Engineering Task Force (IETF).Note that other groups may also distribute working documents as Internet-Drafts. The listIt represents the consensus ofcurrent Internet- Drafts is at http://datatracker.ietf.org/drafts/current. Internet-Drafts are draft documents validthe IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are amaximumcandidate for any level of Internet Standard; see Section 2 of RFC 7841. Information about the current status ofsix monthsthis document, any errata, and how to provide feedback on it may beupdated, replaced, or obsoleted by other documentsobtained atany time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress. This Internet-Draft will expire on November 25, 2018.https://www.rfc-editor.org/info/rfc8455. Copyright Notice Copyright (c) 2018 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents(http://trustee.ietf.org/license-info)(https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1.Introduction...................................................4Introduction ....................................................3 1.1. Conventions Used in This Document ..........................3 2. TermDefinitions...............................................4Definitions ................................................4 2.1. SDNTerms.................................................4Terms ..................................................4 2.1.1.Flow.................................................4Flow ................................................4 2.1.2. NorthboundInterface.................................5Interface ................................4 2.1.3. SouthboundInterface.................................5Interface ................................5 2.1.4. Controller ForwardingTable..........................5Table .........................5 2.1.5. Proactive Flow ProvisioningMode.....................6Mode ....................5 2.1.6. Reactive Flow ProvisioningMode......................6Mode .....................6 2.1.7.Path.................................................7Path ................................................6 2.1.8. StandaloneMode......................................7Mode .....................................6 2.1.9. Cluster/RedundancyMode..............................7Mode .............................7 2.1.10. AsynchronousMessage................................8Message ...............................7 2.1.11. Test TrafficGenerator..............................8Generator .............................7 2.1.12. Leaf-SpineTopology.................................9Topology ................................8 2.2. Test Configuration/SetupTerms............................9Terms .............................8 2.2.1. Number of NetworkDevices............................9Devices ...........................8 2.2.2. TrialRepetition.....................................9Repetition ....................................8 2.2.3. TrialDuration......................................10Duration ......................................9 2.2.4. Number of Clusternodes.............................10Nodes .............................9 2.3. BenchmarkingTerms.......................................10Terms .........................................9 2.3.1.Performance.........................................11Performance .........................................9 2.3.1.1. Network Topology DiscoveryTime................11Time ............9 2.3.1.2. Asynchronous Message ProcessingTime...........11Time ......10 2.3.1.3. Asynchronous Message ProcessingRate...........12Rate ......10 2.3.1.4. Reactive Path ProvisioningTime................13Time ...........11 2.3.1.5. Proactive Path ProvisioningTime...............13Time ..........12 2.3.1.6. Reactive Path ProvisioningRate................14Rate ...........12 2.3.1.7. Proactive Path ProvisioningRate...............14Rate ..........13 2.3.1.8. Network Topology Change DetectionTime.........15Time ....13 2.3.2.Scalability.........................................16Scalability ........................................14 2.3.2.1. Control SessionsCapacity......................16Capacity .................14 2.3.2.2. Network DiscoverySize.........................16Size ....................14 2.3.2.3. Forwarding TableCapacity......................17Capacity .................15 2.3.3.Security............................................17Security ...........................................15 2.3.3.1. ExceptionHandling.............................17Handling ........................15 2.3.3.2.Denial of Service Handling.....................18Handling Denial-of-Service Attacks ........16 2.3.4.Reliability.........................................18Reliability ........................................16 2.3.4.1. Controller FailoverTime.......................18Time ..................16 2.3.4.2. NetworkRe-Provisioning Time...................19Re-provisioning Time ..............17 3. TestSetup....................................................19Setup .....................................................17 3.1. TestsetupSetup - ControllerworkingOperating in StandaloneMode.......20Mode ......18 3.2. TestsetupSetup - ControllerworkingOperating in ClusterMode..........21Mode .........19 4. TestCoverage.................................................22Coverage ..................................................20 5.References....................................................23 5.1. Normative References.....................................23 5.2. Informative References...................................23 6.IANAConsiderations...........................................23 7.Considerations ............................................21 6. SecurityConsiderations.......................................23 8. Acknowledgements..............................................24 9.Considerations ........................................21 7. Normative References ...........................................21 Acknowledgments ...................................................22 Authors'Addresses............................................24Addresses ................................................23 1. IntroductionSoftware DefinedSoftware-Defined Networking (SDN) is a networking architecture in which network control is decoupled from the underlying forwarding function and is placed in a centralized location called the SDNcontroller.Controller. The SDNcontrollerController provides an abstraction of the underlying network and offers a global view of the overall network to applications and business logic. Thus, an SDNcontrollerController provides the flexibility to program, control, and manage networkbehaviourbehavior dynamically through northbound and southbound interfaces. Since the network controls are logically centralized, the need to benchmark the SDNcontrollerController's performance becomes significant. This document defines terms to benchmark various controller designs for performance, scalability,reliabilityreliability, and security,independentindependently of northbound and southbound protocols. A mechanism for benchmarking the performance of SDNcontrollersControllers is defined in the companion methodology document[I-D.sdn-controller-benchmark-meth].[RFC8456]. These two documents providea method to measuremethods for measuring andevaluateevaluating the performance of various controller implementations. 1.1. ConventionsusedUsed inthis documentThis Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here. 2. Term Definitions 2.1. SDN Terms The terms defined in this section are extensions to the terms defined in [RFC7426]"Software-Defined("Software-Defined Networking (SDN): Layers and ArchitectureTerminology". That RFCTerminology"). Readers shouldbe referredrefer to [RFC7426] before attempting to make use of this document. 2.1.1. Flow Definition: The definition ofFlow"flow" is the same asmicroflows definedthe definition of "microflows" provided in[RFC4689]Section3.1.5.3.1.5 of [RFC4689]. Discussion: A flow can be a set of packets having the same source address, destination address, sourceportport, and destination port, or any combination of thesecombinations.items. Measurement Units: N/ASee Also: None2.1.2. Northbound Interface Definition: The definition ofnorthbound interface"northbound interface" is the same as theService Interface defineddefinition of "service interface" provided in [RFC7426]. Discussion: The northbound interface allows SDN applications and orchestration systems to program and retrieve the network information through the SDNcontroller.Controller. Measurement Units: N/ASee Also: None2.1.3. Southbound Interface Definition: The southbound interface is the application programming interface provided by the SDNcontrollerController to interact with the SDN nodes. Discussion:SouthboundThe southbound interface enables the controller to interact with the SDN nodes in the network for dynamically defining the traffic forwardingbehaviour.behavior. Measurement Units: N/ASee Also: None2.1.4. Controller Forwarding Table Definition: A controllerforwarding tableForwarding Table contains flow entries learned in one of two ways: first, entriescouldcan be learned from traffic received through the data plane, or second, these entriescouldcan be statically provisioned on the controller and distributed to devices via the southbound interface. Discussion: The controllerforwarding tableForwarding Table has an aging mechanismwhichthat will be applied only for dynamically learned entries. Measurement Units: N/ASee Also: None2.1.5. Proactive Flow Provisioning Mode Definition: Controller programming flows in Network Devices based on the flow entries provisioned through the controller's northbound interface. Discussion: Network orchestration systems and SDN applications can define the network forwardingbehaviourbehavior by programming thecontrollercontroller, usingproactive flow provisioning.Proactive Flow Provisioning. The controller can then program the Network Devices with the pre-provisioned entries. Measurement Units: N/ASee Also: None2.1.6. Reactive Flow Provisioning Mode Definition: Controller programming flows in Network Devices based on the traffic received from Network Devices through the controller's southboundinterfaceinterface. Discussion: The SDNcontrollerController dynamically decides the forwardingbehaviourbehavior based on the incoming traffic from the Network Devices. The controller then programs the NetworkDevicesDevices, using Reactive Flow Provisioning. Measurement Units: N/ASee Also: None2.1.7. Path Definition: Refer to Section 5 in[RFC2330][RFC2330]. Discussion: None Measurement Units: N/ASee Also: None2.1.8. Standalone Mode Definition:SingleA single controllerhandlinghandles allcontrol planecontrol-plane functionalities without redundancy,or the abilityand it is unable to provide high availability and/or automatic failover. Discussion: In standalone mode, one controller manages one or more network domains. Measurement Units: N/ASee Also: None2.1.9. Cluster/Redundancy Mode Definition:AIn this mode, a group of2two or more controllershandlinghandles allcontrol planecontrol-plane functionalities. Discussion: In cluster mode, multiple controllers are teamed together for the purpose of load sharing and/or high availability. The controllers in the group mayworkoperate in active/standby (master/slave) or active/active (equal)modemode, depending on the intended purpose. Measurement Units: N/ASee Also: None2.1.10. Asynchronous Message Definition: Any message from the Network Device that is generated for network events. Discussion: Control messages like flow setup request and responsemessage ismessages are classified as asynchronousmessage.messages. The controller has to return a response message. Note that the Network Device will not be in blocking mode and continues to send/receive other control messages. Measurement Units: N/ASee Also: None2.1.11. Test Traffic Generator Definition:Test Traffic GeneratorThe test traffic generator is an entity that generates/receives network traffic. Discussion:Test Traffic GeneratorThe test traffic generator typically connects with Network Devices to send/receive real-time network traffic. Measurement Units: N/ASee Also: None2.1.12. Leaf-Spine Topology Definition:Leaf-Spine"Leaf-Spine" is atwo layeredtwo-layered network topology, where a series of leafswitches,switches that form the accesslayer,layer are fully meshed to a series of spine switches that form the backbone layer. Discussion: In the Leaf-SpineTopology,topology, every leaf switch is connected to each of the spine switches in the topology. Measurement Units: N/ASee Also: None2.2. Test Configuration/Setup Terms 2.2.1. Number of Network Devices Definition: The number of Network Devices present in the defined test topology. Discussion: The Network Devices defined in the test topology can be deployed using real hardware or can be emulated in hardware platforms. Measurement Units: Number ofnetwork devices See Also: NoneNetwork Devices. 2.2.2. Trial Repetition Definition: The number of times the test needs to be repeated. Discussion: The test needs to be repeated for multiple iterations to obtain a reliable metric. It is recommended that this test SHOULD be performed for at least 10 iterations to increasetheconfidence in the measuredresult.results. Measurement Units: Number oftrials See Also: Nonetrials. 2.2.3. Trial Duration Definition: Defines the duration of test trials for each iteration. Discussion: The TrialdurationDuration forms the basis forstop"stop" criteria for benchmarking tests. Trials not completed within this time intervalisare consideredasincomplete. Measurement Units:Seconds See Also: NoneSeconds. 2.2.4. Number of ClusternodesNodes Definition: Defines the number of controllers present in the controller cluster. Discussion: This parameter is relevant when testing thecontrollercontroller's performance in clustering/teaming mode. The number of nodes in the cluster MUST be greater than 1. Measurement Units: Number of controllernodes See Also: Nonenodes. 2.3. Benchmarking Terms This section defines metrics for benchmarking the SDNcontroller.Controller. The procedureto performfor performing the defined metrics is defined in theaccompanyingcompanion methodologydocument[I-D.sdn-controller-benchmark-meth]document [RFC8456]. 2.3.1. Performance 2.3.1.1. Network Topology Discovery Time Definition: The time taken by the controller(s) to determine the complete network topology, defined as the interval starting with the first discovery message from the controller(s) at itsSouthbound interface,southbound interface and ending with all features of the static topology determined. Discussion: Network topology discovery is key for the SDNcontrollerController to provision and manage thenetwork. Sonetwork, so it is important to measure how quickly the controller discovers the topology to learn the current network state. This benchmark is obtained by presenting a network topology(Tree, Mesh(tree, mesh, orLinear)linear) withthe givena specified number of nodes to the controller andwaitwaiting for the discovery process to complete. It is expected that the controller supports a network discovery mechanism and uses protocol messages for its discovery process. Measurement Units:Milliseconds See Also: NoneMilliseconds. 2.3.1.2. Asynchronous Message Processing Time Definition: The time taken by the controller(s) to process an asynchronous message, defined as the interval starting with an asynchronous message from anetwork deviceNetwork Device after the discovery of all the devices by thecontroller(s),controller(s) and ending with a response message from the controller(s) at itsSouthboundsouthbound interface. Discussion: For SDN to support dynamic network provisioning, it is important to measure how quickly the controller responds to an event triggered from the network. The eventcouldcan be any notification messages generated by a Network Device upon arrival of a new flow, linkdowndown, etc. This benchmark is obtained by sending asynchronous messages from every connected NetworkDevicesDevice one at a time for the definedtrial duration.Trial Duration. This test assumes that the controller will respond to the received asynchronousmessage.messages. Measurement Units:Milliseconds See Also: NoneMilliseconds. 2.3.1.3. Asynchronous Message Processing Rate Definition: The number of responses to asynchronous messages per second(such as(a new flow arrival notification message, link down, etc.) for which the controller(s) performed processing and replied with a valid and productive (non-trivial) response message. Discussion: As SDN assures a flexible network and agile provisioning, it is important to measure how many network events(such as(a new flow arrival notification message, link down, etc.) the controller can handle at a time. This benchmark is measured by sending asynchronous messages from every connected Network Device at the rate that the controller processes (without dropping them). This test assumes that the controller responds to all the received asynchronous messages (the messages can be designed to elicit individual responses). When sending asynchronous messages to the controller(s) at high rates, some messages or responses may be discarded or corrupted and require retransmission to controller(s). Therefore, a useful qualification on the Asynchronous Message Processing Rate is whether thein-comingincoming message count equals the response count in each trial. This is called theLoss-freeLoss-Free Asynchronous Message Processing Rate. Note that several of the early controller benchmarking tools did not consider lostmessages,messages and instead report the maximum response rate. This is called the Maximum Asynchronous Message Processing Rate. To characterize both theLoss-freeLoss-Free Asynchronous Message Processing Rate and the MaximumRates,Asynchronous Message Processing Rate, a testcouldcan begin the first trial by sending asynchronous messages to the controller(s) at the maximum possible rate and can then record the message reply rate and the message loss rate. Themessage sendingmessage-sending rate is then decreased by thestep-size.STEP size. The message reply rate and the message loss rate are recorded. The test ends with a trial where the controller(s) processestheall of the asynchronous messages sent without loss. This is theLoss-freeLoss-Free Asynchronous Message Processing Rate. The trial where the controller(s) produced the maximum response rate is the Maximum Asynchronous Message Processing Rate. Of course, the first trialcouldcan begin at a low sending rate with zero lostresponses,responses and then increase the rate until theLoss-freeLoss-Free Asynchronous Message Processing Rate and the MaximumRatesAsynchronous Message Processing Rate are discovered. Measurement Units: Messages processed per second.See Also: None2.3.1.4. Reactive Path Provisioning Time Definition: The time taken by the controller tosetupset up a path reactively between source and destinationnode,nodes, defined as the interval starting with the first flow provisioning request message received by thecontroller(s),controller(s) and ending with the last flow provisioning response message sent from the controller(s) at itsSouthboundsouthbound interface. Discussion: As SDN supports agile provisioning, it is important to measure how fastthatthe controller provisions an end-to-end flow in thedataplane.data plane. The benchmark is obtained by sending traffic from a source endpoint to the destinationendpoint,endpoint and finding the time difference between the first andthelast flow provisioning message exchanged between the controller and the Network Devices for the traffic path. Measurement Units: Milliseconds.See Also: None2.3.1.5. Proactive Path Provisioning Time Definition: The time taken by the controller to proactivelysetupset up a path between source and destinationnode,nodes, defined as the interval starting with the first proactive flow provisioned in the controller(s) at itsNorthbound interface,northbound interface and ending with the last flow provisioning command message sent from the controller(s) at itsSouthboundsouthbound interface. Discussion: For SDN to support pre-provisioning of the traffic path from the application, it is important to measure how fastthatthe controller provisions an end-to-end flow in thedataplane.data plane. The benchmark is obtained by provisioning a flow on the controller's northbound interface for the traffic to reach from a source to a destinationendpoint,endpoint and finding the time difference between the first andthelast flow provisioning message exchanged between the controller and the Network Devices for the traffic path. Measurement Units: Milliseconds.See Also: None2.3.1.6. Reactive Path Provisioning Rate Definition: The maximum number of independent paths a controller can concurrently establish per second between source and destination nodes reactively, defined as the number of paths provisioned per second by the controller(s) at itsSouthboundsouthbound interface for the flow provisioning requests received for path provisioning at itsSouthboundsouthbound interface between the start of the trial and the expiry of the giventrial duration.Trial Duration. Discussion: For SDN to support agile traffic forwarding, it is important to measure how many end-to-end flowsthatthe controllercould setupcan set up in thedataplane.data plane. This benchmark is obtained by sendingtrafficeach traffic flow with unique source and destination pairs from the source Network Device anddeterminedetermining the number of frames received at the destination Network Device. Measurement Units: Paths provisioned per second.See Also: None2.3.1.7. Proactive Path Provisioning Rate Definition:Measure theThe maximum number of independent paths a controller can concurrently establish per second between source and destination nodes proactively, defined as the number of paths provisioned per second by the controller(s) at itsSouthboundsouthbound interface for the paths provisioned in itsNorthboundnorthbound interface between the start of the trial and the expiry of the giventrial duration.Trial Duration. Discussion: For SDN to support pre-provisioning of the traffic path for a larger network from the application, it is important to measure how many end-to-end flowsthatthe controllercould setupcan set up in thedataplane.data plane. This benchmark is obtained by sendingtrafficeach traffic flow with unique source and destination pairs from the source Network Device. Program the flows on the controller's northbound interface for traffic to reach from each of the unique source and destinationpairspairs, and determine the number of frames received at the destination Network Device. Measurement Units: Paths provisioned per second.See Also: None2.3.1.8. Network Topology Change Detection Time Definition: The amount of timerequired fortaken by the controller to detect any changes in the network topology, defined as the interval starting with the notification message received by the controller(s) at itsSouthbound interface,southbound interface and ending with the first topology rediscovery messages sent from the controller(s) at itsSouthboundsouthbound interface. Discussion: In order for the controller to support fast network failure recovery, it is critical to measure how fast the controller is able to detect any network-state change events. This benchmark is obtained by triggering a topology change event and measuring the time the controller takes to detect and initiate a topologyre-discoveryrediscovery process. Measurement Units:Milliseconds See Also: NoneMilliseconds. 2.3.2. Scalability 2.3.2.1. Control Sessions Capacity Definition:Measure theThe maximum number of control sessions the controller can maintain, defined as the number of sessions that the controller can accept fromnetwork devices,Network Devices, starting with the first controlsession,session and ending with the last control session that the controller(s) accepts at itsSouthboundsouthbound interface. Discussion: Measuring the controller'scontrol sessions capacityControl Sessions Capacity is importantto determinefor determining the controller's system and bandwidth resource requirements. This benchmark is obtained by establishing a control session with the controller from each of the NetworkDeviceDevices untilitthe controller fails. The number of sessions that were successfully established will provide the Control Sessions Capacity. Measurement Units: Maximum number of controlsessions See Also: Nonesessions. 2.3.2.2. Network Discovery Size Definition:Measure theThe network size (number of nodes and links) that a controller can discover, defined as the size of a network that the controller(s) can discover, startingfromwith a network topologygivenprovided by the user fordiscovery,discovery and ending with thetopologynumber of nodes and links that the controller(s)couldcan successfully discover. Discussion:For optimal network planning, it is key to measureMeasuring the maximum network size that the controller candiscover.discover is key to optimal network planning. This benchmark is obtained by presenting an initial set of Network Devices for discovery to the controller. Based on the initial discovery, the number of Network Devices is increased or decreased to determine the maximum number of nodes and links that the controller can discover. Measurement Units: Maximum number of network nodes andlinks See Also: Nonelinks. 2.3.2.3. Forwarding Table Capacity Definition: The maximum number of flow entries that a controller can manage in its Forwardingtable.Table. Discussion: It issignificantimportant to measure the capacity of a controller's Forwarding Table to determine the number of flows that the controllercouldcan forward withoutflooding/dropping.flooding or dropping any traffic. This benchmark is obtained by continuously presenting the controller with new flow entries throughreactivethe Reactive Flow Provisioning mode orproactive flow provisioningthe Proactive Flow Provisioning mode until theforwarding tableForwarding Table becomes full. The maximum number of nodes that the controller can hold in its Forwarding Table will provide the Forwarding Table Capacity. Measurement Units: Maximum number of flow entries managed.See Also: None2.3.3. Security 2.3.3.1. Exception Handling Definition: To determine the effect of handling error packets and notifications on performance tests. Discussion: This benchmarktestis to be performed after obtaining the baselineperformance ofmeasurement results for the performance tests defined in Section 2.3.1. This benchmark determines the deviation from the baseline performance due to the handling of error or failure messages from the connected Network Devices. Measurement Units: Deviationoffrom baseline metrics while handling Exceptions.See Also: None2.3.3.2.Denial of ServiceHandling Denial-of-Service Attacks Definition: To determine the effect of handlingdenial of servicedenial-of-service (DoS) attacks on performance and scalability tests. Discussion: This benchmarktestis to be performed after obtaining the baselineperformance ofmeasurement results for the performance and scalability tests defined insectionSections 2.3.1 andsection2.3.2. This benchmark determines the deviation from the baseline performance due to the handling ofdenial of serviceDoS attacks on the controller. Measurement Units: Deviationoffrom baseline metrics while handlingDenial of Service Attacks. See Also: NoneDoS attacks. 2.3.4. Reliability 2.3.4.1. Controller Failover Time Definition: The time taken to switch from an active controller to the backupcontroller,controller when the controllersworkoperate in redundancy mode and the active controller fails, defined as the interval startingwithwhen the active controllerbringing down,is brought down and ending with the firstre-discoveryrediscovery message received from the new controller at itsSouthboundsouthbound interface. Discussion: This benchmark determines the impact of provisioning new flows when controllers are teamed together and the active controller fails. Measurement Units: Milliseconds.See Also: None2.3.4.2. NetworkRe-ProvisioningRe-provisioning Time Definition: The time takento re-route the trafficby theController,controller to reroute traffic when there is a failure in existing traffic paths, defined as the interval startingfromwith the first failure notification message received by thecontroller,controller and ending with the last flow re-provisioning message sent by the controller at itsSouthboundsouthbound interface. Discussion: This benchmark determines the controller's re-provisioning ability upon networkfailures. This benchmark test assumesfailures and makes thefollowing:following assumptions: 1.NetworkThe network topology supports a redundant path between the source and destination endpoints. 2.ControllerThe controller does not pre-provision the redundant path. Measurement Units: Milliseconds.See Also: None3. Test Setup This section provides common reference topologies that arelaterreferred to in individual tests defined in the companion methodologydocument.document [RFC8456]. 3.1. TestsetupSetup - ControllerworkingOperating in Standalone Mode +-----------------------------------------------------------+ |Application PlaneApplication-Plane Test Emulator | | | | +-----------------+ +-------------+ | | | Application | | Service | | | +-----------------+ +-------------+ | | | +-----------------------------+(I2)-------------------------+ | | (Northboundinterface)Interface) +-------------------------------+ | +----------------+ | | | SDN Controller | | | +----------------+ | | | | Device Under Test (DUT) | +-------------------------------+ | (Southboundinterface)Interface) | +-----------------------------+(I1)-------------------------+ | | | +-----------+ +-----------+ | | | Network | | Network | | | | Device 2 |--..-| Device n-1| | | +-----------+ +-----------+ | | / \ / \ | | / \ / \ | | l0 / X \ ln | | / / \ \ | | +-----------+ +-----------+ | | | Network | | Network | | | | Device 1 |..| Device n | | | +-----------+ +-----------+ | | | | | | +---------------+ +---------------+ | | | Test Traffic | | Test Traffic | | | | Generator | | Generator | | | | (TP1) | | (TP2) | | | +---------------+ +---------------+ | | | |Forwarding PlaneForwarding-Plane Test Emulator | +-----------------------------------------------------------+ Figure 1 3.2. TestsetupSetup - ControllerworkingOperating in Cluster Mode +-----------------------------------------------------------+ |Application PlaneApplication-Plane Test Emulator | | | | +-----------------+ +-------------+ | | | Application | | Service | | | +-----------------+ +-------------+ | | | +-----------------------------+(I2)-------------------------+ | | (Northboundinterface)Interface) +---------------------------------------------------------+ | | |------------------ ------------------+------------------+ +------------------+ | | | SDN Controller 1 | <--E/W--> | SDN Controller n | | |------------------ ------------------+------------------+ +------------------+ | | | | Device Under Test (DUT) | +---------------------------------------------------------+ | (Southboundinterface)Interface) | +-----------------------------+(I1)-------------------------+ | | | +-----------+ +-----------+ | | | Network | | Network | | | | Device 2 |--..-| Device n-1| | | +-----------+ +-----------+ | | / \ / \ | | / \ / \ | | l0 / X \ ln | | / / \ \ | | +-----------+ +-----------+ | | | Network | | Network | | | | Device 1 |..| Device n | | | +-----------+ +-----------+ | | | | | | +---------------+ +---------------+ | | | Test Traffic | | Test Traffic | | | | Generator | | Generator | | | | (TP1) | | (TP2) | | | +---------------+ +---------------+ | | | |Forwarding PlaneForwarding-Plane Test Emulator | +-----------------------------------------------------------+ Figure 2 4. Test Coverage+ -----------------------------------------------------------------++-------------------------------------------------------------------+ | Lifecycle | Speed | Scalability | Reliability |+ -----------+-------------------+---------------+-----------------++------------+-------------------+---------------+------------------+ | | 1. NetworkTopolo-|1.|1. Network | | | |-gyTopology | Discovery | | | | Discovery | Size | | | | Time |Size| | | | | | | | | 2. Reactive Path | | | | | Provisioning | | | | | Time | | | | | | | | | | 3. Proactive Path | | | | Setup | Provisioning | | | |Setup| Time | | | | | | | | | | 4. Reactive Path | | | | | Provisioning | | | | | Rate | | | | | | | | | | 5. Proactive Path | | | | | Provisioning | | | | | Rate | | | | | | | |+------------+-------------------+---------------+-----------------++------------+-------------------+---------------+------------------+ | | 1. Maximum |1. Control |1. Network | | | Asynchronous | Sessions | Topology | | | MessageProces-|| Capacity | Change | | |-sing Rate |Processing Rate| | DetectionTime|Time | | | |2. Forwarding | | | | 2. Loss-Free | Table |2. Exception | | | Asynchronous | Capacity | Handling | | | MessageProces-|| | |Operational| -sing Rate| Operational| Processing Rate| |3.Denial ofHandling | | | | |ServiceDenial-of- | | | 3. Asynchronous | |Handling |Service Attacks| | | MessageProces-|| | | |-sing Time| Processing Time| |4. NetworkRe-| | | | |Provisioning |Re-provisioning| | | | | Time | | | | | |+------------+-------------------+---------------+-----------------+ |+------------+-------------------+---------------+------------------+ || | | | Tear DownTeardown | | |1. Controller | | | | | Failover Time |+------------+-------------------+---------------+-----------------++------------+-------------------+---------------+------------------+ 5.References 5.1.IANA Considerations This document has no IANA actions. 6. Security Considerations The benchmarking tests described in this document are limited to the performance characterization of controllers in a lab environment with isolated networks. The benchmarking network topology will be an independent test setup and MUST NOT be connected to devices that may forward the test traffic into a production network or misroute traffic to the test management network. Further, benchmarking is performed on a "black-box" basis, relying solely on measurements observable external to the controller. Special capabilities SHOULD NOT exist in the controller specifically for benchmarking purposes. Any implications for network security arising from the controller SHOULD be identical in the lab and in production networks. 7. Normative References[RFC7426] E. Haleplidis, K. Pentikousis, S. Denazis, J. Hadi Salim, D. Meyer, O. Koufopavlou "Software-Defined Networking (SDN): Layers and Architecture Terminology", RFC 7426, January 2015. [RFC4689] S. Poretsky, J. Perser, S. Erramilli, S. Khurana "Terminology[RFC2119] Bradner, S., "Key words forBenchmarking Network-layer Traffic Control Mechanisms",use in RFCs to Indicate Requirement Levels", BCP 14, RFC4689, October 2006.2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>. [RFC2330]V.Paxson,G.V., Almes,J.G., Mahdavi, J., and M. Mathis, "Framework for IP Performance Metrics", RFC 2330, DOI 10.17487/RFC2330, May1998. [RFC2119]1998, <https://www.rfc-editor.org/info/rfc2330>. [RFC4689] Poretsky, S., Perser, J., Erramilli, S., and S.Bradner, "Key wordsKhurana, "Terminology foruse in RFCs to Indicate Requirement Levels",Benchmarking Network-layer Traffic Control Mechanisms", RFC2119, March 1997.4689, DOI 10.17487/RFC4689, October 2006, <https://www.rfc-editor.org/info/rfc4689>. [RFC7426] Haleplidis, E., Ed., Pentikousis, K., Ed., Denazis, S., Hadi Salim, J., Meyer, D., and O. Koufopavlou, "Software- Defined Networking (SDN): Layers and Architecture Terminology", RFC 7426, DOI 10.17487/RFC7426, January 2015, <https://www.rfc-editor.org/info/rfc7426>. [RFC8174]B.Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May2017. [I-D.sdn-controller-benchmark-meth] Bhuvaneswaran.V, Anton2017, <https://www.rfc-editor.org/info/rfc8174>. [RFC8456] Bhuvaneswaran, V., Basil,Mark.T, VishwasA., Tassinari, M., Manral,Sarah BanksV., and S. Banks, "Benchmarking Methodology forSDNSoftware- Defined Networking (SDN) Controller Performance",draft-ietf-bmwg-sdn-controller-benchmark-meth-09 (Work in progress), May 25, 2018 5.2. Informative References [OpenFlow Switch Specification] ONF,"OpenFlow Switch Specification" Version 1.4.0 (Wire Protocol 0x05),RFC 8456, DOI 10.17487/RFC8456, October14, 2013. 6. IANA Considerations This document does not have any IANA requests. 7. Security Considerations Security issues are not discussed in this memo. 8. Acknowledgements2018, <https://www.rfc-editor.org/info/rfc8456>. Acknowledgments The authors would like to acknowledge Al Morton (AT&T) forthehis significant contributions to the earlier draft versions of this document. The authors would like to thank the following individuals for providing their valuable comments to the earlier draft versions of this document: Sandeep Gangadharan (HP), M. Georgescu (NAIST), Andrew McGregor (Google), ScottBradner ,Bradner, Jay Karthik (Cisco),Ramakrishnan (Dell),Ramki Krishnan (VMware), and Khasanov Boris (Huawei).9.Authors' Addresses Bhuvaneswaran Vengainathan Veryx Technologies Inc. 1 International Plaza, Suite 550PhiladelphiaPhiladelphia, PA 19113 United States of America Email: bhuvaneswaran.vengainathan@veryxtech.com Anton Basil Veryx Technologies Inc. 1 International Plaza, Suite 550PhiladelphiaPhiladelphia, PA 19113 United States of America Email: anton.basil@veryxtech.com Mark TassinariHewlett-Packard,Hewlett Packard Enterprise 8000 FoothillsBlvd,Blvd. Roseville, CA 95747 United States of America Email: mark.tassinari@hpe.com Vishwas ManralNano Sec,CANanoSec Co 3350 Thomas Rd. Santa Clara, CA 95054 United States of America Email: vishwas.manral@gmail.com Sarah Banks VSS Monitoring 930 De GuigneDrive,Drive Sunnyvale, CA 94085 United States of America Email: sbanks@encrypted.net