1. An SDK to exploit RINA programmability
A Software Development Kit to
exploit RINA programmability
Eduard Grasa (presenter), Vincenzo Maffione, Francesco
Salvestrini, Leonardo Bergesio, Miquel Tarzan
FP7 PRISTINE
ICC 2016, Kuala Lumpur, May 24th 2016
3. RINA highlights
โข Network architecture resulting from a fundamental theory of computer
networking
โข Networking is InterProcess Communication (IPC) and only IPC. Unifies
networking and distributed computing: the network is a distributed
application that provides IPC
โข There is a single type of layer with programmable functions, that repeats
as many times as needed by the network designers
โข All layers provide the same service: communication (flows) between two
or more application instances, with certain characteristics (delay, loss, in-
order-delivery, etc)
โข There are only 3 types of systems: hosts, interior and border routers. No
middleboxes (firewalls, NATs, etc) are needed
โข Deploy it over, under and next to current networking technologies
1
2
3
4
5
6
3
4. From the โTCP/IPโ protocol suite โฆ
โข Functional layers organized for modularity, each layer provides
a different service to each other
โ As the RM is applied to the real world, it proofs to be incomplete.
As a consequence, new layers are patched into the reference
model as needed (layers 2.5, VLANs, VPNs, virtual network
overlays, tunnels, MAC-in-MAC, etc.)
(Theory) (Practice)
4
5. โฆ to the RINA architecture
Single type of layer, consistent API, programmable policies
Host
Border router Interior Router
DIF
DIF DIF
Border router
DIF
DIF
DIF (Distributed IPC Facility)
Host
App
A
App
B
Consistent
API through
layers
IPC API
Data Transfer Data Transfer Control Layer Management
SDU Delimiting
Data Transfer
Relaying and
Multiplexing
SDU Protection
Retransmission
Control
Flow Control
RIB
Daemon
RIB
CDAP
Parser/Generator
CACEP
Enrollment
Flow Allocation
Resource Allocation
Routing
Authentication
StateVector
StateVector
StateVector
Data TransferData Transfer
Retransmission
Control
Retransmission
Control
Flow Control
Flow Control
Increasing timescale (functions performed less often) and complexity
Namespace
Management
Security
Management
5
6. Deployment
Clean-slate concepts but incremental deployment
Large-scale RINA Experimentation on FIRE+ 6
โข IPv6 brings very small improvements to IPv4, but requires a
clean slate deployment (not compatible to IPv4)
โข RINA can be deployed incrementally where it has the right
incentives, and interoperate with current technologies (IP,
Ethernet, MPLS, etc.)
โ Over IP (just like any overlay such as VXLAN, NVGRE, GTP-U, etc.)
โ Below IP (just like any underlay such as MPLS or MAC-in-MAC)
โ Next to IP (gateways/protocol translation such as IPv6)
IP Network
RINA Provider
RINA Network
Sockets ApplicationsRINA supported Applications
IP or Ethernet or MPLS, etc
8. Recursion instead of virtualization (I)
โข RINA recursive layering structure cleans up and generalizes
the current protocol stack.
โข Example 1: PBB-VPLS (Virtual Private LAN Service)
โ Uses MAC-in-MAC encapsulation to isolate providerโs core from
customers addresses and VLANs
8
9. Recursion instead of virtualization (I)
โข RINA recursive layering structure cleans up and generalizes
the current protocol stack.
โข Example 1: PBB-VPLS (Virtual Private LAN Service)
โ Uses MAC-in-MAC encapsulation to isolate providerโs core from
customers addresses and VLANs
9
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
10. Recursion instead of virtualization (I)
โข RINA recursive layering structure cleans up and generalizes
the current protocol stack.
โข Example 1: PBB-VPLS (Virtual Private LAN Service)
โ Uses MAC-in-MAC encapsulation to isolate providerโs core from
customers addresses and VLANs
10
Metro DIF Metro DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
11. Recursion instead of virtualization (I)
โข RINA recursive layering structure cleans up and generalizes
the current protocol stack.
โข Example 1: PBB-VPLS (Virtual Private LAN Service)
โ Uses MAC-in-MAC encapsulation to isolate providerโs core from
customers addresses and VLANs
11
Metro DIF Metro DIFCore DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
12. Recursion instead of virtualization (I)
โข RINA recursive layering structure cleans up and generalizes
the current protocol stack.
โข Example 1: PBB-VPLS (Virtual Private LAN Service)
โ Uses MAC-in-MAC encapsulation to isolate providerโs core from
customers addresses and VLANs
12
Provider VPN Service DIF
Metro DIF Metro DIFCore DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
13. Recursion instead of virtualization (I)
โข RINA recursive layering structure cleans up and generalizes
the current protocol stack.
โข Example 1: PBB-VPLS (Virtual Private LAN Service)
โ Uses MAC-in-MAC encapsulation to isolate providerโs core from
customers addresses and VLANs
13
Green Customer VPN DIF
Provider VPN Service DIF
Metro DIF Metro DIFCore DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
14. Recursion instead of virtualization (II)
โข Example 2: LTE (Long Term Evolution)
โ Uses PDCP, GTP to transport userโs IP payload, and also relies on internal
IP network.
14
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol
conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
15. Recursion instead of virtualization (II)
โข Example 2: LTE (Long Term Evolution)
โ Uses PDCP, GTP to transport userโs IP payload, and also relies on internal
IP network.
15
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol
conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
16. Recursion instead of virtualization (II)
โข Example 2: LTE (Long Term Evolution)
โ Uses PDCP, GTP to transport userโs IP payload, and also relies on internal
IP network.
16
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol
conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
Mobile Operator
Transport DIF
Mobile Operator
Transport DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
17. Recursion instead of virtualization (II)
โข Example 2: LTE (Long Term Evolution)
โ Uses PDCP, GTP to transport userโs IP payload, and also relies on internal
IP network.
17
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol
conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
Multi-access radio
DIF
Mobile Operator
Transport DIF
Mobile Operator
Transport DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
18. Recursion instead of virtualization (II)
โข Example 2: LTE (Long Term Evolution)
โ Uses PDCP, GTP to transport userโs IP payload, and also relies on internal
IP network.
18
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol
conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
Mobile Access Network Top Level DIF
Multi-access radio
DIF
Mobile Operator
Transport DIF
Mobile Operator
Transport DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
19. Recursion instead of virtualization (II)
โข Example 2: LTE (Long Term Evolution)
โ Uses PDCP, GTP to transport userโs IP payload, and also relies on internal
IP network.
19
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol
conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
Public Internet DIF
Mobile Access Network Top Level DIF
Multi-access radio
DIF
Mobile Operator
Transport DIF
Mobile Operator
Transport DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
20. Recursion instead of virtualization (III)
โข Example 3: Data Center Network with NVO3
โ Network Virtualization Over Layer 3, uses overlay virtual networks on top
of the DCNโs fabric layer 3 to support multi-tenancy
โข Recursion provides a cleaner, simpler solution than
virtualization
โ Repeat the same building block, with the same interface. 20
ToR ToRFabric Spine Fabric
Server ServerIPv4 or IPv6 (Fabric layer)
UDPVM VM
Ethernet Ethernet Ethernet Ethernet
VXLAN802.1Q802.3 802.1Q
IPv4 or IPv6 (tenant overlay)
TCP or UDP or SCTP, โฆ (transport layer)
802.3
Protocol conversion,
Local bridging
21. Recursion instead of virtualization (III)
โข Example 3: Data Center Network with NVO3
โ Network Virtualization Over Layer 3, uses overlay virtual networks on top
of the DCNโs fabric layer 3 to support multi-tenancy
โข Recursion provides a cleaner, simpler solution than
virtualization
โ Repeat the same building block, with the same interface. 21
ToR ToRFabric Spine Fabric
Server ServerIPv4 or IPv6 (Fabric layer)
UDPVM VM
Ethernet Ethernet Ethernet Ethernet
VXLAN802.1Q802.3 802.1Q
IPv4 or IPv6 (tenant overlay)
TCP or UDP or SCTP, โฆ (transport layer)
802.3
Protocol conversion,
Local bridging PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF PtP DIFPtP DIFPtP DIF
22. Recursion instead of virtualization (III)
โข Example 3: Data Center Network with NVO3
โ Network Virtualization Over Layer 3, uses overlay virtual networks on top
of the DCNโs fabric layer 3 to support multi-tenancy
โข Recursion provides a cleaner, simpler solution than
virtualization
โ Repeat the same building block, with the same interface. 22
ToR ToRFabric Spine Fabric
Server ServerIPv4 or IPv6 (Fabric layer)
UDPVM VM
Ethernet Ethernet Ethernet Ethernet
VXLAN802.1Q802.3 802.1Q
IPv4 or IPv6 (tenant overlay)
TCP or UDP or SCTP, โฆ (transport layer)
802.3
Protocol conversion,
Local bridging PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF PtP DIFPtP DIFPtP DIF
DC Fabric DIF
23. Recursion instead of virtualization (III)
โข Example 3: Data Center Network with NVO3
โ Network Virtualization Over Layer 3, uses overlay virtual networks on top
of the DCNโs fabric layer 3 to support multi-tenancy
โข Recursion provides a cleaner, simpler solution than
virtualization
โ Repeat the same building block, with the same interface. 23
ToR ToRFabric Spine Fabric
Server ServerIPv4 or IPv6 (Fabric layer)
UDPVM VM
Ethernet Ethernet Ethernet Ethernet
VXLAN802.1Q802.3 802.1Q
IPv4 or IPv6 (tenant overlay)
TCP or UDP or SCTP, โฆ (transport layer)
802.3
Protocol conversion,
Local bridging PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF PtP DIFPtP DIFPtP DIF
DC Fabric DIF
Tenant DIF
24. Network Programmability
โข Centralized control of data
forwarding
โ GSMPv3 (label switches:
ATM, MPLS, optical),
OpenFlow (Ethernet, IP,
evolving)
โข APIs for controlling network
services & network devices
โ ONF SDN architecture,
IEEE P1520 (P1520
distinguished between
virtual devices and
hardware)
24
ONFโs SDN architecture
25. Separation of mechanism from policy
25
IPC API
Data Transfer Data Transfer Control Layer Management
SDU Delimiting
Data Transfer
Relaying and
Multiplexing
SDU Protection
Retransmission
Control
Flow Control
RIB
Daemon
RIB
CDAP
Parser/Generator
CACEP
Enrollment
Flow Allocation
Resource Allocation
Routing
Authentication
StateVector
StateVector
StateVector
Data TransferData Transfer
Retransmission
Control
Retransmission
Control
Flow Control
Flow Control
Namespace
Management
Security
Management
โข All layers have the same mechanisms and 2 protocols (EFCP for data
transfer, CDAP for layer management), programmable via policies.
โ All data transfer and layer management functions are programmable!
โข Donโt specify/implement protocols, only policies
โ Re-use common layer structure, re-use policies across layers
โข This approach greatly simplifies the network structure, minimizing the
management overhead and the cost of supporting new requirements, new
physical media or new applications
27. IRATI design: decisions and tradeoffs
27
Decision Pros Cons
Linux/OS vs other
Operating systems
Adoption, Community, Stability,
Documentation, Support
Monolithic kernel (RINA/
IPC Model may be better
suited to micro-kernels)
User/kernel split
vs user-space only
IPC as a fundamental OS service,
access device drivers, hardware
offload, IP over RINA, performance
More complex
implementation and
debugging
C/C++
vs Java, Python, โฆ
Native implementation
Portability, Skills to master
language (users)
Multiple user-space
daemons vs single one
Reliability, Isolation between IPCPs
and IPC Manager
Communication overhead,
more complex impl.
Soft-irqs/tasklets vs.
workqueues (kernel)
Minimize latency and context
switches of data going through the
โstackโ
More complex kernel
locking and debugging
28. Overview of IRATI and its SDK
Normal IPC Process
(Layer Management)
User space
IRATI RINA implementation
Kernel
Kernel IPC Manager
Normal IPC Process
(Data Transfer/Control)
Shim IPCP
over 802.1Q
IPCP Daemon
(Layer Mgmt)
IPC Manager
Daemon
Normal IPCP
(Data Transfer)
SHIM
IPCP
App
zoom in
zoom in
zoom in
Normal IPCP
(Data transfer)
Error and Flow Control
Protocol
Relaying and
Multiplexing Task
SDU Protection
SDK support
RTT
policy
Txctrl
policy
ECN
policy
. . .
SDK support
Forwar
policy
Schedu
policy
MaxQ
policy
Monit
policy
SDK support
TTL
policy
CRC
policy
Encryp
policy
Normal IPCP
(Layer Mgmt)
RIB & RIB
Daemon
librina
Resource
allocation
Flow
allocation
Enrollment
Namespace
Management
Security
Management
Routing
SDK support
Auth.
policy
Acc.ctrl
policy
Coord
policy
SDK support
Address
assign
Directory
replica
Address
validat
SDK support
New flow
policy
SDK support
PFTgen
policy
Pushbak
notify
Enroll.
sequence
SDK support
Routing
policyIPC Manager
librina
Manag
ement
Agent
IPCM
logic
Network
Manager
(NMS DAF)
SDK support
RIB & RIB
Daemon
Shim
IPCP
Shim
IPCP
29. RINA Plugins Infrastructure (RPI)
Kernel RPI (kRPI)
29
PolicySet lifecycle PolicySet classesโข Different policy-set class per
component, since each
component has different
policies.
โ โOOโ approach
โ All policy set classes derive
from base class
โ All components derive from
base class
โ Plugins are Loadable Kernel Modules (LKM)
โ They publish a set of policy sets, becomes available to the RINA stack.
โ Factories, named after each policy set, provide operations to create/delete instances of
policy set classes
30. RINA Plugins Infrastructure (RPI)
User-space RPI uRPI)
30
โ Same concepts as kRPI (factories, lifecycle, policy classes), different impl
โ Plugins are shared objects dynamically loaded by the IPCP Daemon, loaded
through the libdl library
31. SDK Usage: Experimentation with IRATI
Data transfer policies: RMT and EFCP
31
โข Programmed data transfer policies
to manage congestion in a
distributed cloud environment.
โข Two touch points: i) ECN-marking
policies for the RMT; ii) flow
control policies that react to ECN-
marked PDUs in EFCP
โTCP Tahoeโ (EFCP) + RED (RMT)
DEC Binary feedback (EFCP and RMT)
Green Customer DIF: The VPN service for the user
Provider VPN Service DIF: Manages all of the network resources allocated to VPN services.
Metro DIF: Manages resources allocated to metropolitan network. Aggregates customer traffic into core PoPs
Core DIF: Provides connectivity and performance between Core POPs.
Green Customer DIF: The VPN service for the user
Provider VPN Service DIF: Manages all of the network resources allocated to VPN services.
Metro DIF: Manages resources allocated to metropolitan network. Aggregates customer traffic into core PoPs
Core DIF: Provides connectivity and performance between Core POPs.
Green Customer DIF: The VPN service for the user
Provider VPN Service DIF: Manages all of the network resources allocated to VPN services.
Metro DIF: Manages resources allocated to metropolitan network. Aggregates customer traffic into core PoPs
Core DIF: Provides connectivity and performance between Core POPs.
Green Customer DIF: The VPN service for the user
Provider VPN Service DIF: Manages all of the network resources allocated to VPN services.
Metro DIF: Manages resources allocated to metropolitan network. Aggregates customer traffic into core PoPs
Core DIF: Provides connectivity and performance between Core POPs.
Green Customer DIF: The VPN service for the user
Provider VPN Service DIF: Manages all of the network resources allocated to VPN services.
Metro DIF: Manages resources allocated to metropolitan network. Aggregates customer traffic into core PoPs
Core DIF: Provides connectivity and performance between Core POPs.
Green Customer DIF: The VPN service for the user
Provider VPN Service DIF: Manages all of the network resources allocated to VPN services.
Metro DIF: Manages resources allocated to metropolitan network. Aggregates customer traffic into core PoPs
Core DIF: Provides connectivity and performance between Core POPs.
Voice Layer, Public Internet Layer, etc.. are layers allowing applications in the UE to communicate to other applications (equivalent to PDN)
Mobile network top-level Layer provides flows between the UEs and Packet Gateways (flows provided by this DIF equivalent to EPS bearer). Can perform mobile network-wide congestion control, routing, resource allocation, etc.
Multi-access Layer (radio). Radio DIF between the UE and eNodeB, responsible for radio resource allocation and to provide flows between UE and eNodeB supporting the mobile network top-level DIF (equivalent to RLC, MAC and PHY layers together).
Voice Layer, Public Internet Layer, etc.. are layers allowing applications in the UE to communicate to other applications (equivalent to PDN)
Mobile network top-level Layer provides flows between the UEs and Packet Gateways (flows provided by this DIF equivalent to EPS bearer). Can perform mobile network-wide congestion control, routing, resource allocation, etc.
Multi-access Layer (radio). Radio DIF between the UE and eNodeB, responsible for radio resource allocation and to provide flows between UE and eNodeB supporting the mobile network top-level DIF (equivalent to RLC, MAC and PHY layers together).
Voice Layer, Public Internet Layer, etc.. are layers allowing applications in the UE to communicate to other applications (equivalent to PDN)
Mobile network top-level Layer provides flows between the UEs and Packet Gateways (flows provided by this DIF equivalent to EPS bearer). Can perform mobile network-wide congestion control, routing, resource allocation, etc.
Multi-access Layer (radio). Radio DIF between the UE and eNodeB, responsible for radio resource allocation and to provide flows between UE and eNodeB supporting the mobile network top-level DIF (equivalent to RLC, MAC and PHY layers together).
Voice Layer, Public Internet Layer, etc.. are layers allowing applications in the UE to communicate to other applications (equivalent to PDN)
Mobile network top-level Layer provides flows between the UEs and Packet Gateways (flows provided by this DIF equivalent to EPS bearer). Can perform mobile network-wide congestion control, routing, resource allocation, etc.
Multi-access Layer (radio). Radio DIF between the UE and eNodeB, responsible for radio resource allocation and to provide flows between UE and eNodeB supporting the mobile network top-level DIF (equivalent to RLC, MAC and PHY layers together).
Voice Layer, Public Internet Layer, etc.. are layers allowing applications in the UE to communicate to other applications (equivalent to PDN)
Mobile network top-level Layer provides flows between the UEs and Packet Gateways (flows provided by this DIF equivalent to EPS bearer). Can perform mobile network-wide congestion control, routing, resource allocation, etc.
Multi-access Layer (radio). Radio DIF between the UE and eNodeB, responsible for radio resource allocation and to provide flows between UE and eNodeB supporting the mobile network top-level DIF (equivalent to RLC, MAC and PHY layers together).
Voice Layer, Public Internet Layer, etc.. are layers allowing applications in the UE to communicate to other applications (equivalent to PDN)
Mobile network top-level Layer provides flows between the UEs and Packet Gateways (flows provided by this DIF equivalent to EPS bearer). Can perform mobile network-wide congestion control, routing, resource allocation, etc.
Multi-access Layer (radio). Radio DIF between the UE and eNodeB, responsible for radio resource allocation and to provide flows between UE and eNodeB supporting the mobile network top-level DIF (equivalent to RLC, MAC and PHY layers together).
Problem is too much variability, network generic services = unbounded, virtual network functions= unbounded
Kernel-space component instructed to select policy set foo โ it uses the associated factory create method to build a new policy set instance.
Stack code invokes foo behavioural policies when needed.
Component has to be destroyed or a different policy set is selected โ foo factory destroy method is used to destroy the policy set instance