Download Internet2 and AL2S - Common Solutions Group

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
Document related concepts

Zero-configuration networking wikipedia , lookup

Asynchronous Transfer Mode wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Distributed firewall wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Computer network wikipedia , lookup

Airborne Networking wikipedia , lookup

Network tap wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Virtual LAN wikipedia , lookup

Transcript 
Internet2 and AL2S
Eric Boyd
Senior Director of Strategic Projects
Internet2 Mission
=
University
Corporation
for
Advanced
Internet
Development
This is what we have been able to say for about a year:
The 100G testbed of innovation for tomorrow’s Internet is available
nationwide, right now.
Internet2 Community Innovation Story
• Abundant Bandwidth
–100G, for now
• Network Programmability
–SDN, Network Virtualization
• Friction-Free Science
–Science DMZ
Internet2 Community Innovation Story
• Abundant Bandwidth
–100G, for now
• Network Programmability
–SDN, Network Virtualization
• Friction-Free Science
–Science DMZ
Network Virtualization on Internet2
Network Virtualization on Internet2
Network Virtualization on Internet2
Network Virtualization on Internet2
• Control a slice of the
national network!
• Enable:
• Rapid prototyping of
advanced applications
• Rapid prototyping of
new network services
• Rapid advancement of
network research
Network Virtualization on Internet2
• Network Virtualization: Puts members in control of (a slice of) the
network
• Change in paradigm:
– Turning the “commons” on its head
– Private network capabilities with shared network costs
• Large scale networking is normally about lowest common
denominator
• Large scale virtualized networking is about creating custom
facilities
• Extend the local domain into the national (eventually global)
arena
Network Virtualization Use Case
• For most applications run in a campus environment, the
traditional routed Layer 3 infrastructure provided by the Internet2
Advanced Layer 3 Service (AL3S) provides all the needed
functionality and performance.
• For some applications, the ability to run on a server in a campus
environment or on a GENI Rack, connected by a Layer 2 VLAN,
should suffice.
• For a few advanced applications, particularly in the network
research arena, there is a need to run their own controller on a
virtual network.
Use Case Examples (1)
• Production Service Staging
– GENI wants to move to Stitching v3.0, but Stitching 2.0 is in wide use
– Set up a slice, deploy a second OESS, deploy new version of FOAM
Stitching Aggregator
– When it’s tested and ready, move to the production OESS stack
• Network Research
– Network researcher has a better idea how to do networking
– Set up a slice, deploy new network controller, write paper
• Service Prototyping
– Look at alternatives to AL3S
– Implement a route server that speaks OpenFlow on southbound
interface with no routers
– Deploy in a slice, begin peering with other domains
– Evaluate efficacy, operational savings
– Over time transition to new service
Use Case Examples (2)
• Private Networks
– Want something akin to Atlantic Wave, original vision for LHCONE,
or GENI Virtual Network
– Set up a distributed SDX across multiple domains
• Network virtualization experiments are already underway
–
–
–
–
Prototyping IP over SDN solution (no routers!)
Prototyping cloud-based services
Prototyping multi-domain virtual networks
DANCES
Technology behind Network Virtualization
• Vendors such as Brocade provide switches that implement OpenFlow.
• Through close development partnerships, Internet2 can deploy
advanced technology.
• Internet2 and Indiana University have developed a second-generation,
open source hypervisor, called Flowspace Firewall (FSFW).
– FSFW divvies up the available VLANs on a network into VLAN ranges,
known as slices.
– FSFW acts as a proxy between one or more OpenFlow controllers and a
set of switches within a single administrative domain.
– FSFW only carries OpenFlow commands from a controller to a switch (or
the reverse) if the command falls within the allocated range of VLANs
for that controller.
– FSFW acts as a resource protector, ensuring that no controller
overconsumes scarce resources such as the rate at which OpenFlow
rules can be fed to a switch or the number of OpenFlow entries in the
Flow Table.
• Technology enables Innovation in the Internet2 Community
Prototype Multi-Domain Layer 2 Service
• Backdrop:
–
–
–
–
Internet2 operates a Layer 2 Service
Campuses (e.g. University of Utah) operate a Layer 2 Service
Regional Networks (e.g. MAX) operate a Layer 2 Service
Exchange Points (e.g. AMPATH/FIU) operate a Layer 2 Service
• Is there a way to create a Multi-Domain Layer 2 Service?
–
–
–
–
Common capabilities
Willingness to collaborate
Willingness to contribute to a common project
Maintain local control
• Withdraw at any time
– Enable (illusion of) global control
• Control remote administrative domains
– No change in software, just configuration
OESS
Local VLAN
Provisioning
Service
FlowSpaceFirewall
Virtual Switch
Physical
switch
SDX1
OESS
OESS
Local VLAN
Provisioning
Service
Local VLAN
Provisioning
Service
FlowSpaceFirewall
Virtual Switch
Physical
switch
FlowSpaceFirewall
Physical
switch
Local VLAN
Provisioning
Service
FlowSpaceFirewall
Virtual Switch
Virtual Switch
SDX1
OESS
SDX2
Physical
switch
SDX3
NSI
NSI
OESS
OESS
Virtual Switch
Physical
switch
FlowSpaceFirewall
Physical
switch
Local VLAN
Provisioning
Service
FlowSpaceFirewall
Virtual Switch
Virtual Switch
SDX1
OESS
Local VLAN
Provisioning
Service
Local VLAN
Provisioning
Service
FlowSpaceFirewall
NSI
SDX2
Physical
switch
SDX3
MD -OESS
OESS
OESS
Local VLAN
Provisioning
Service
Local VLAN
Provisioning
Service
FlowSpaceFirewall
Virtual
Switch
Physical
switch
Local VLAN
Provisioning
Service
Local VLAN
Provisioning
Service
FlowSpaceFirewall
FlowSpaceFirewall
Virtual
Switch
Virtual
Switch
OESS
FlowSpaceFirewall
Virtual
Switch
Virtual
Switch
OESS
Virtual
Switch
Virtual
Switch
Physical
switch
Physical
switch
Internet2
Virtual
Switch
Virtual
Switch
Physical
switch
Virtual
Switch
Virtual
Switch
Virtual
Switch
MAX
Physical
switch
FIU
Physical
switch
Utah
Multi-Domain Sample Network
Questions?
Eric Boyd
[email protected]
Related documents
20120423-boote-perfportal
20120423-boote-perfportal
Leveraging Internet2 Facilities for the Network Research Community
Leveraging Internet2 Facilities for the Network Research Community
Virtualization Group
Virtualization Group
Storage Management
Storage Management
Recommending a Strategy
Recommending a Strategy
Global Engagement of People Networks: Building e
Global Engagement of People Networks: Building e
The Campus as key to Internet2 Engineering
The Campus as key to Internet2 Engineering
High-Quality, True-Fidelity Audio
High-Quality, True-Fidelity Audio
Virtual Machines
Virtual Machines
Virtualization - Andrew.cmu.edu
Virtualization - Andrew.cmu.edu