Download composite VPN data model

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
Document related concepts

Piggybacking (Internet access) wikipedia , lookup

Multiprotocol Label Switching wikipedia , lookup

Computer network wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Network tap wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Airborne Networking wikipedia , lookup

Transcript 
YANG Data Model for Composite
Delivery of VPN Service
draft-chen-opsawg-composite-vpn-dm-00
Rui Chen, Lucy Yong,Hui Deng from Huawei
Liang Geng from China Mobile
Chongfeng Xie from China Telecom
Tuesday(15th,Nov) Afternoon session II, OPSAWG
IETF97, Seoul
Background
Site B
Site A
L3VPN or L2VPN Base case
- Defined in IETF RFC (provide
reference)
AC
C
E
AC
BGP/MPLS L3VPN
or L2VPN
PE
C
E
PE
 In real world, the two VPNs could be deployed as a composite network
Site B
Site A
C
E
AC
AC
BGP/MPLS
L3VPN
PE
PE
and
Site A
PE
AC1
CE
BGP/MPLS
L2VPN or
VLL
AC
PE
AC2
PE
C
E
• Attachment Circuit (AC in L3VPN) can be realized via a
L2VPN
• Two VPN deployed at Metro and Core (spans multiple
domain)
• From L2VPN perspective, there are ACs, i.e. AC1 & AC2
• From L3VPN perspective, there is a AC between CE and L3
PE.
• The case can apply to AC in site B and interface
L3VPN service is composed by L2VPN and L3VPN
backbone networks(abbr. L2+L3)
Operators want to operate and maintain that
composite network in agile way
<draft-deng-opsawg-composed-vpn-sm-requirements-01>
https://tools.ietf.org/id/draft-deng-opsawg-composed-vpn-sm-requirements
-01.txt
•
Motivation
Develop a Composite deploy data model for VPN service
– Agile delivery VPN service on a multi-tech/multi-domain network infrastructure
– Simplify the operation and maintenace by using a end-to-end service view
– Coordinate the diagnosis and optimization based on a whole network view
– Directly map the customers’ service to end-to-end network assets/resource
To reduce the operations and management cost while maintaining the necessary insight to
their network.
Composite deploy data model
Network Orchestrator
Domain
Controller
Domain
Controller
Multi Domain
end-to-end service/flow
FE/GE
Enter
prise
FE/GE
Enter
prise
PE1
L2VPN/VLL
ASBR 10GE
IP Metro
PE2
FE/GE
L3VPN
PE3
FE/GE
IP Core
OAM needs on composite network
•
•
•
Need composite OAM tools/concept to support customer’s experience while customer
may don’t care how to do, but operator do care according to network deployment
The detailed domain/technologies information is necessary for this composite OAM
function, as similar OAM intent need different technologies
It’s meaningful to standardize the composite OAM concept concerning different vendor’s
of domains, also for facing different department monitoring
Composite OAM,such as E2E IP connectivity verify for L3VPN
CC ,tech. specified
Such as Y.1731
CC ,tech. specified
Such as BFD
Site B
Site A
PE
AC1
CE
BGP/MPLS
L2VPN or
VLL
PE
AC2
AC
IP Metro from vendor1/
In charge of departmentA
AC
NNI
AC
BGP/MPLS L3VPN
PE
PE
IP Core from vendor2/
In charge of departmentB
C
E
What we believe how it coordinated with L3SM/L2SM
According to <draft-wu-opsawg-service-model-explained-03>
https://tools.ietf.org/id/draft-wu-opsawg-service-model-explained-03.txt
Composite delivery model : Operator
facing, focused on how to map service
request to diverse networks and be able to
operate the service holistically.
Customer side
Operator side
Service requestor
/App
L3SM/
Service Orchestrator
L2SM
Composite deploy data model
Network Orchestrator
Domain
Controller
L3SM/L2SM: Customer facing,
focus on service agreement with
Operator
Multi Domain
Ente
rpris
e
Ente
rpris
e
end-to-end service/flow
FE/
GE
FE/
GE
Domain
Controller
PE1
L2VPN/VLL
ASBR 10GE
IP Metro
L3VPN
PE2
FE/G
E
PE3
FE/G
E
IP Core
Model Requirements
The model should:
•
•
•
•
•
•
•
•
Focus on the operator's view for delivering VPN, in stead of the customer's view.
Allow that the operator to quickly find detailed information related to VPN
service of a particular customer according to operation needs.
Must be able to express various composition of connectivity services spanning
multiple network domain with various VPN technologies
Include basic information about end-to-end composite VPN service.
Allow to define one or more VPN service information for each domain across
customer’s sites.
Facilitate operators to know the Access Point (AP) information for both end-toend VPN service and domain VPN.
Describe various QoS requirements which are supported.
Able to model OAM requirements for end-to-end VPN service and domain VPN
We call for more operators and vendors to get involved and provide their use
cases and requirements.
Reference: draft-deng-opsawg-composed-vpn-sm-requirements-01
Frequently Asked Questions in offline discussion
• Is this a new VPN service?
– Obviously not. It won’t define new VPN service or customer facing model,
but It would define a model/pattern used by operator’s OSS to deploy VPN
service into multi-domain/technologies networks.
• If the model not used among multiple operators, why standardize it (or
publish a RFC)?
– Operator’s OSS/BSS is a complicated ecosystem, involving many kinds
system/software. Having a standard model will decrease the integration
cost, especially in cases where solutions comes from different vendors for
different network domains.
• If separate VPN model exists for each domain, why do we need a
composite model above them?
– To satisfy the customer’s end-to-end SLA requirements, operators need
tools/ models to manage their network services in more abstract holistic
end-to-end manner and not through fragmented information from
different technologies
Initial view of Model
AP: Access point that are used as service access or point to connect service
segments between domains
Segment VPN: The VPN deployment information for one domain
Composed VPN: The VPN information across one or more segments/domain,
could be mapped from service model with extra operation needs.
Basic framework of Yang model
overall description for this composed VPN
deployment
a list of APs that are used to connect to the peered
customer sites, representing end-to-end service
information
Describe how the segment VPN looks like and how
it can communicate with peered devices outside
this domain.
Initial ideas until now, we call for more experts to get involved to provide
more requirements and provide implementable design.
Summary
• Proposal
– To work on a composite service data model for VPN service in a multidomain multi-technologies network
• Scope
– Define network topology using different VPN technologies
– The abstraction of end-to-end VPN deployment covering multi-domain
network
– Define the mechanism of how end-to-end service model could be mapped
to multiple domain information
– Initial focus on service fulfillment, then QOS, OAM, fault and performance
management
– Implement a YANG model supporting above functions.
• Motive
– OPSAWG approved as a WG draft, or suggest the home WG.
– Call for more operators involvement to introduce requirements
– Call for more experts to contribute and provide comments.
Thank You and Comments
Termination Point
Ref: draft-chen-opsawg-composite-vpn-dm-00.txt (ietf-nvo-tp.yang)
Composed VPN
Ref: draft-chen-opsawg-composite-vpn-dm-00.txt (ietf-nvo-vpn.yang)
accessPointList[id]
Related documents
Mullvad Barnprogram
Mullvad Barnprogram
BUS 352 Week 4 Discussion 2 (Security components)
BUS 352 Week 4 Discussion 2 (Security components)
What is a VPN? A VPN (Virtual Private Network) is a private
What is a VPN? A VPN (Virtual Private Network) is a private
level 3sm secure access - Level 3 Communications
level 3sm secure access - Level 3 Communications
Virtual Private Network(VPN)
Virtual Private Network(VPN)
XP Road Warrior Connection
XP Road Warrior Connection
3.3d - mr-damon.com
3.3d - mr-damon.com
Mikrotik VPN Technology
Mikrotik VPN Technology
Networking in Linux
Networking in Linux
IP / MPLS - IDG Communications
IP / MPLS - IDG Communications