Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Zero-configuration networking wikipedia , lookup
Asynchronous Transfer Mode wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Distributed firewall wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Computer network wikipedia , lookup
Airborne Networking wikipedia , lookup
Network tap wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Internet2 and AL2S Eric Boyd Senior Director of Strategic Projects Internet2 Mission = University Corporation for Advanced Internet Development This is what we have been able to say for about a year: The 100G testbed of innovation for tomorrow’s Internet is available nationwide, right now. Internet2 Community Innovation Story • Abundant Bandwidth –100G, for now • Network Programmability –SDN, Network Virtualization • Friction-Free Science –Science DMZ Internet2 Community Innovation Story • Abundant Bandwidth –100G, for now • Network Programmability –SDN, Network Virtualization • Friction-Free Science –Science DMZ Network Virtualization on Internet2 Network Virtualization on Internet2 Network Virtualization on Internet2 Network Virtualization on Internet2 • Control a slice of the national network! • Enable: • Rapid prototyping of advanced applications • Rapid prototyping of new network services • Rapid advancement of network research Network Virtualization on Internet2 • Network Virtualization: Puts members in control of (a slice of) the network • Change in paradigm: – Turning the “commons” on its head – Private network capabilities with shared network costs • Large scale networking is normally about lowest common denominator • Large scale virtualized networking is about creating custom facilities • Extend the local domain into the national (eventually global) arena Network Virtualization Use Case • For most applications run in a campus environment, the traditional routed Layer 3 infrastructure provided by the Internet2 Advanced Layer 3 Service (AL3S) provides all the needed functionality and performance. • For some applications, the ability to run on a server in a campus environment or on a GENI Rack, connected by a Layer 2 VLAN, should suffice. • For a few advanced applications, particularly in the network research arena, there is a need to run their own controller on a virtual network. Use Case Examples (1) • Production Service Staging – GENI wants to move to Stitching v3.0, but Stitching 2.0 is in wide use – Set up a slice, deploy a second OESS, deploy new version of FOAM Stitching Aggregator – When it’s tested and ready, move to the production OESS stack • Network Research – Network researcher has a better idea how to do networking – Set up a slice, deploy new network controller, write paper • Service Prototyping – Look at alternatives to AL3S – Implement a route server that speaks OpenFlow on southbound interface with no routers – Deploy in a slice, begin peering with other domains – Evaluate efficacy, operational savings – Over time transition to new service Use Case Examples (2) • Private Networks – Want something akin to Atlantic Wave, original vision for LHCONE, or GENI Virtual Network – Set up a distributed SDX across multiple domains • Network virtualization experiments are already underway – – – – Prototyping IP over SDN solution (no routers!) Prototyping cloud-based services Prototyping multi-domain virtual networks DANCES Technology behind Network Virtualization • Vendors such as Brocade provide switches that implement OpenFlow. • Through close development partnerships, Internet2 can deploy advanced technology. • Internet2 and Indiana University have developed a second-generation, open source hypervisor, called Flowspace Firewall (FSFW). – FSFW divvies up the available VLANs on a network into VLAN ranges, known as slices. – FSFW acts as a proxy between one or more OpenFlow controllers and a set of switches within a single administrative domain. – FSFW only carries OpenFlow commands from a controller to a switch (or the reverse) if the command falls within the allocated range of VLANs for that controller. – FSFW acts as a resource protector, ensuring that no controller overconsumes scarce resources such as the rate at which OpenFlow rules can be fed to a switch or the number of OpenFlow entries in the Flow Table. • Technology enables Innovation in the Internet2 Community Prototype Multi-Domain Layer 2 Service • Backdrop: – – – – Internet2 operates a Layer 2 Service Campuses (e.g. University of Utah) operate a Layer 2 Service Regional Networks (e.g. MAX) operate a Layer 2 Service Exchange Points (e.g. AMPATH/FIU) operate a Layer 2 Service • Is there a way to create a Multi-Domain Layer 2 Service? – – – – Common capabilities Willingness to collaborate Willingness to contribute to a common project Maintain local control • Withdraw at any time – Enable (illusion of) global control • Control remote administrative domains – No change in software, just configuration OESS Local VLAN Provisioning Service FlowSpaceFirewall Virtual Switch Physical switch SDX1 OESS OESS Local VLAN Provisioning Service Local VLAN Provisioning Service FlowSpaceFirewall Virtual Switch Physical switch FlowSpaceFirewall Physical switch Local VLAN Provisioning Service FlowSpaceFirewall Virtual Switch Virtual Switch SDX1 OESS SDX2 Physical switch SDX3 NSI NSI OESS OESS Virtual Switch Physical switch FlowSpaceFirewall Physical switch Local VLAN Provisioning Service FlowSpaceFirewall Virtual Switch Virtual Switch SDX1 OESS Local VLAN Provisioning Service Local VLAN Provisioning Service FlowSpaceFirewall NSI SDX2 Physical switch SDX3 MD -OESS OESS OESS Local VLAN Provisioning Service Local VLAN Provisioning Service FlowSpaceFirewall Virtual Switch Physical switch Local VLAN Provisioning Service Local VLAN Provisioning Service FlowSpaceFirewall FlowSpaceFirewall Virtual Switch Virtual Switch OESS FlowSpaceFirewall Virtual Switch Virtual Switch OESS Virtual Switch Virtual Switch Physical switch Physical switch Internet2 Virtual Switch Virtual Switch Physical switch Virtual Switch Virtual Switch Virtual Switch MAX Physical switch FIU Physical switch Utah Multi-Domain Sample Network Questions? Eric Boyd [email protected]