Your SlideShare is downloading. ×
MANTICORE Nordunet 2008.ppt
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

MANTICORE Nordunet 2008.ppt

358
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
358
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. The MANTICORE Project: Providing Users with a Logical IP Network Service Eduard Grasa, Fundació i2cat
  • 2. Agenda
    • The MANTICORE Project Vision
    • MANTICORE Implementation
      • The IaaS Framework (UCLP Evolution)
      • User Roles
      • Software Architecture
    • How does it work: GUI preview
    • DEMO at TNC 2008
    • Future work: MANTICORE and RPSL
    • MANTICORE and the FEDERICA Project
  • 3. Beyond bandwidth on demand services
    • The main goal: Create an innovative service that provides the network NOC and/or the end user with the ability to customize the configuration of its own dedicated IP physical and/or logical network.
    • Several research challenges:
      • Representation of routing devices: physical equipment from different vendors, multiple configuration protocols, APIs, …
      • Representation of routing policies: Some mechanism must be created to provide the user with the ability to express potentially complex requests (such as BGP policies) in a simple way.
      • Federation of user-defined autonomous systems (ASs): Users can create their own IP domains and choose to what other IP domains they want to peer with.
  • 4. The MANTICORE vision Other user(s) IP Network or the Internet Physical Router Logical Router Physical Link Logical Link User Site Each user’s IP network is represented by a different color
  • 5. The MANTICORE use cases Use case 1 Single LR Use case 3 External routing Other User(s) IP network and/or peering networks Use case 2 Multiple LR
  • 6. Agenda
    • The MANTICORE Project Vision
    • MANTICORE Implementation
      • The IaaS Framework (UCLP Evolution)
      • User Roles
      • Software Architecture
    • How does it work: GUI preview
    • DEMO at TNC 2008
    • Future work: MANTICORE and RPSL
    • MANTICORE and the FEDERICA Project
  • 7. What is virtualization? What is IaaS?
    • Virtualization consists of representing a physical device/substrate as a Software entity (P2V)
      • Initially started with PC virtualization (VMware, Virtual Iron, VirtualPC)
      • These were used locally in the data centres
      • Amazon and BlueLock pioneer the IaaS service by renting hardware using proprietary solutions
    • IaaS is equivalent of SaaS for hardware devices
      • Users pay to use shared infrastructures
      • Monthly fees or Pay per use
      • Long term exchanges compared to on-demand services
      • Users control/own the infrastructure
  • 8. UCLP, Argia and the IaaS Framework
    • Two UCLP research programs were put in place by CANARIE to provide a virtualization solution for optical networks starting in 2001
      • UCLP initial goal was to provide end to end paths across domains
      • UCLPv2 goals were to create reusable and configurable network blocks
    • UCLPv2 concepts are evolving into many different Physical to Virtual (P2V) products and R&D projects that are built on the IaaS Framework:
      • Argia -> Product for Optical Networks
      • Ether -> R&D for Ethernet and MPLS Networks
      • MANTICORE -> R&D for virtualized IP Networks
      • GRIM -> R&D for Instruments and Sensors
    RMC MANTICORE ETHER GRIM CHRONOS
  • 9. IaaS Framework What is the IaaS Framework?
    • The Infrastructure as a Service (IaaS Framework), http://www.iaasframework.com is,
      • A generalized approach to the outcome of years of research under the UCLP Research programs funded by CANARIE
      • A set of software resources used to administer a domain from user workspaces, to resource exchanges, permissions and security
      • A list of operation providers that can be used to quickly provide functionalities like permissions/security, reservation, topology and allow them to seamlessly integrate in the Resource Management Centre (RMC)
      • Libraries and tools to manage persistence or communication with the hardware devices
      • The enabling technology for upcoming products and R&D initiatives
  • 10. IaaS Framework, Products and Research Projects Architecture Device Controller Services Device Virtualization Services Network Virtualization Services IP Network Resources WDM Resources Application Services MANTICORE (IP Research Project) Framework (Open Source) Ether™ (Product) (Ethernet Networks) Argia™ (Product) (Optical Networks) Resource Management Centre and User Web Portal. WS GRIM (Virtual Instruments Research) GRIM Resources Instrument Resources Support Services Unless specified otherwise the development is being performed in partnership by i2CAT, CRC and Inocybe Technologies. RCP WEB (Development) . . . Optical Switch Resources Router Resources Scenarios Resources Ethernet Switch Resources TDM Timeslot Resources Ethernet Port Resources Connections Resources VLAN Resources Physical Network Resources Resource List Resources WS WS WS WS Appliance Resource User Workspace Resources
  • 11.
    • Physical Network Administrator: Owners of physical infrastructure. He can virtualize (create a software object that represents all or a part of a physical infrastructure) the physical infrastructure and give permissions to users (=export virtual resources) so they can have limited control over the resources.
    • APN (or Virtual Network) Administrator: He gathers resources from one or more physical network administrators or other APN Administrators (by asking them or through resource brokers). He also assigns the resources he’s harvested to different services (for instance, he could assign a set of ethernet port resources to the VLAN Service, or a set of logical routers to the IP Network Service).
    • End User: Just uses the services provided by the software. For instance, if there is a reservation service, the user can ask for network reservations; if there is an IP Network Service, the user can configure its IP Network; if there is a VLAN Service, the user can ask for an end to end VLAN, and so on (this type of user JUST SEES THE SERVICE INTERFACE, he cannot collect or trade virtual resources, it is the traditional end user).
    User Roles
  • 12. Resource Trading User A Provider 1 User B Provider 2 User C Resource List Resource List Resource List Resource List
  • 13. Network Virtualization Services
    • They offer a service to the end user on top of the virtual resources. The following could be examples of network virtualization services:
    Reservation Service Creates point to point connections (inmediate or in advance) over SONET/SDH resources (withVCAT, LCAS, GFP) IP Network Service Creates an IP network Service where the user can configure internal routing protocols, external peering, … … Other.. (put the service that you want here) GMPLS Service Has the functionalities of a GMPLS node (Connection Controller, Routing Controller, …) Speaks GMPLS Protocols (OSPF, RSVP), and can be seen as a GMPLS domain by external entities
  • 14. MANTICORE Software Architecture Router-WS Virtual Resource Services Ethernet Resource WS TDM Resource WS . . . IP Network WS GUI client(s) RPSL may be used to let the GUI specify high level routing policies (internal as well as external) to the IP Network WS Transforms the routing configuration abstract description in high level operations that will be invoked in the Router WS over one or more virtual resources Represent the physical (ports) or logical interfaces (VLANs, TDM Channels) that users can access. Transforms the high level operations over one or more virtual resources into specific commands that each particular routing device can understand Netconf Juniper device Protocol X Other vendor device Protocol Y Software router User Workspace WS Manage user accounts, get user credentials, authenticate
  • 15. IP Network Service Functionality
    • General configuration of the router interfaces:
      • The user can configure the IP address, the NETMASK, the status (up or down) and other general parameters of the interface.
    • Add/Delete static route
      • The user applies a static entry to the routing table. This static entry can be for one or more source interfaces.
    • Configure an IGP on a interface or the whole network
      • The user of an IP Network can apply a dynamic routing protocol (initially OSPF and RIP) to every interface inside it, and modify the IGP parameters.
    • Configure an EGP on an interface or the whole network
      • The user can decide to what other IP Networks he wants to peer with, and choose what routes are advertised to external networks. Simple BGP configurations will be generated (iBGP will also be configured between BGP nodes of the same AS)
  • 16. First implementation limitations
    • Only deal with Juniper routers using the Netconf JunOS XML API
    • RPSL (will explain later) won’t be used as a means of describing abstract routing configurations (instead, a proprietary simple and limited representation will be used).
    • WS-Security: WS Messages are not encrypted nor signed.
    • The implementation is a proof of concept, not a complete solution: working prototypes of the services will be implemented, but some features and performance optimization will be left for future work
  • 17. Agenda
    • The MANTICORE Project Vision
    • MANTICORE Implementation
      • The IaaS Framework (UCLP Evolution)
      • User Roles
      • Software Architecture
    • How does it work: GUI preview
    • DEMO at TNC 2008
    • Future work: MANTICORE and RPSL
    • MANTICORE and the FEDERICA Project
  • 18. Example deployment
    • Two organizations:
      • NORDUnet: Physical Network Administrator. In this very simple example it operates a network with one physical router.
      • i2CAT: Virtual Network Administrator. In this very simple example it will request two logical routers to NORDUnet.
    • MANTICORE Software deployment
    • NORDUnet Server:
    • User Workspace WS
    • Ethernet Resource WS
    • IP Network WS
    • Router WS
    • i2cat Server:
    • (optional)
    • User Workspace WS
    • Ethernet Resource WS
    • IP Network WS
  • 19. NORDUnet discovers the physical router
    • When NORDUnet first launches the GUI client, it must create a new physical network and add all the routers they want to manage to it .
  • 20. NORDUnet Physical Network with the Router
  • 21. NORDUnet PN Admin creates logical routers
    • NORDUnet admin creates some logical interfaces, two logical routers and assigns these logical interfaces to the logical routers.
    • He also creates a logical tunnel between the two logical routers (new LT interfaces are created).
  • 22. NORDUnet PN with the Router and the LRs
  • 23. Creation of virtual links and virtual interfaces
    • NORDUnet PN Admin creates a resource list (list of resources that can be accessed by NORDUnet or a 3 rd party).
    • NORDUnet PN Admin creates virtual interfaces and virtual links (kind of proxy objects that represent the remotely configurable interfaces and links), and adds them to the resource list.
  • 24. Exporting resources
    • NORDUnet PN Admin exports the resource list to i2cat (permissions are set on the resources so that i2cat’s users can access and modify the resources on the resource list).
    • i2cat APN Admin, launches its GUI Client, logs into the server and downloads the resource list.
    NORDUnet Server: i2cat Server: (optional) Resource List
  • 25. i2cat’s IP Network
    • i2cat APN Admin creates a new IP Network and adds the resources of the resource list to it.
    • Now he can configure the IP parameters of the interfaces, configure IGPs, configure the peering, ...
  • 26. Example: RIP Configuration wizards
  • 27. Agenda
    • The MANTICORE Project Vision
    • MANTICORE Implementation
      • The IaaS Framework (UCLP Evolution)
      • User Roles
      • Software Architecture
    • How does it work: GUI preview
    • DEMO at TNC 2008
    • Future work: MANTICORE and RPSL
    • MANTICORE and the FEDERICA Project
  • 28. TNC 2008 MANTICORE Demo
    • During the Terena Networking Conference 2008 (Bruges, 19-22 May) at the Juniper booth, the following scenario is going to be demonstrated.
    AREA 0 AS10 AS20 ge-0/0/0 ge-0/0/0 ge-1/0/0 ge-1/0/0 ge-2/0/0 ge-2/0/0 ge-3/0/0 ge-3/0/0 ge-3/0/0 ge-3/0/0 192.168.0.1 192.168.0.2 192.168.1.1 192.168.1.2 192.168.2.2 192.168.2.1 192.168.20.1 192.168.20.2 192.168.10.1 192.168.10.2 AS1 eBGP lo0: 10.10.1.1/32 lo0: 10.10.1.3/32 lo0: 10.10.1.2/32 lo0: 10.10.10.4/32 lo0: 10.10.20.5/32 static router1.rediris.es router4.rediris.es router2.rediris.es router3.rediris.es router5.rediris.es
  • 29. Agenda
    • The MANTICORE Project Vision
    • MANTICORE Implementation
      • The IaaS Framework (UCLP Evolution)
      • User Roles
      • Software Architecture
    • How does it work: GUI preview
    • DEMO at TNC 2008
    • Future work: MANTICORE and RPSL
    • MANTICORE and the FEDERICA Project
  • 30. RPSL: Routing Policy Specification Language
    • Language used to describe the routing policies of an AS. E.g.
    davew@byron:~$ whois as1213 aut-num: AS1213 as-name: HEANET import: from AS3549 # Global Crossing action pref=100; accept ANY import: from AS2850 # UCD action pref=50; accept AS2850 export: to AS3549 # Global Crossing announce AS-HEANET export: to AS2850 # UCD [client] announce ANY ...but just send you ours Transit provider We'll take entire internet's routes Client - we only want to see your own network ...we'll send you all we've got
  • 31. RPSL in MANTICORE
    • RPSL can be used as a means of describing the external routing policies as well as the IGP configurations (with minor extensions).
    • These RPSL descriptions can be taken as an input by the IP Network WS and then generate the high level operations to invoke at the Router WS (remember the architecture picture).
    • Implementation status: RPSL RFCs (2622, RPSL and 4012, RPSLng) have been studied, and some preliminary RPSL descriptions for the MANTICORE use cases have been generated. Not implemented yet due to time constraints.
    Router-WS Virtual Resource Services Ethernet Resource WS TDM Resource WS . . . IP Network WS GUI client(s) RPSL may be used to let the GUI specify high level routing policies (internal as well as external) to the IP Network WS Transforms the routing configuration abstract description in high level operations that will be invoked in the Router WS over one or more virtual resources Represent the physical (ports) or logical interfaces (VLANs, TDM Channels) that users can access. Transforms the high level operations over one or more virtual resources into specific commands that each particular routing device can understand Netconf Juniper device Protocol X Other vendor device Protocol Y Software router User Workspace WS Manage user accounts, get user credentials, authenticate
  • 32. Other Future Work
    • Integrate MANTICORE with the other IaaS Framework based network virtualization solutions:
      • With Argia, product for optical networks (TDM, WDM, Fibre).
      • With Ether, upcoming product for Ethernet and MPLS networks.
    • Create drivers for other router vendors
    • Add more features to the IP Network WS
      • Allow APN Admins and end users to create new logical interfaces
      • Provide means of describing more complex routing policies
      • Other?
    • Work to be carried out within the FEDERICA project
      • See next section
  • 33. Agenda
    • The MANTICORE Project Vision
    • MANTICORE Implementation
      • The IaaS Framework (UCLP Evolution)
      • User Roles
      • Software Architecture
    • How does it work: GUI preview
    • DEMO at TNC 2008
    • Future work: MANTICORE and RPSL
    • MANTICORE and the FEDERICA Project
  • 34. FEDERICA e-Infrastructure What : 7 th FP project in the area “ Capacities - Research Infrastructures” 3.7 MEuro EC contribution, 5.2 ME budget, 20 partners , 461 Person Months When : 1 st January 2008 - 30 June 2010 ( 30 months ) Virtualization infrastructure, a “ Network Factory ” to provide “slices” to researchers in Future Internet, where a slice is a mix of network circuits and computing elements . Built using resources (Gb Ethernet circuits) from G ÉANT2 and NRENs as contributions to the project. Open to interconnect other Infrastructures Connected to Internet (through NRENs)
  • 35. FEDERICA - Goals Summary
    • Act as a forum and support for researchers/projects on “Future Internet”. Support of experimental activities to validate theoretical concepts, scenarios, architectures, control and management solutions. Users have full control of their slice
    • Provide on European scale network and system agnostic e-infrastructure to be deployed in phases. Provide its operation, maintenance and on-demand configuration
    • Validate and gather experimental information for the next generation of research networking also through basic tool validation
    • Dissemination and cooperation between NRENs and researchers’ community
    • Contribution to standards in form of requirements and experience
    In scope
    • Internal extended research , e.g. advanced optical technology
    • Development and support of Grid applications
    • Offer raw computing power
    • Offer transit capacity
    Out of scope
  • 36. MANTICORE Activities inside FEDERICA
    • Add support for more routers (including software routers)
    • Interoperability with the IPsphere Framework
      • The IPsphere Forum has produced the IPsphere Framework spec, which facilitates the creation of multi-stakeholder and multi-technology services.
      • The interoperability implementation must allow users of IPsphere to compose resources coming from MANTICORE (e.g. Logical routers or IP Networks) into an IPsphere Service.
    • Add support for virtual machines
      • Be able to offer a virtual machine as a resource (in a resource list), the same way it is done with the logical router.
  • 37. Thanks for your attention! More information:
    • MANTICORE:
      • Victor Reijs, Network Development Manager, HEAnet Limited ( [email_address] )
      • Sergi Figuerola, Coordinator of the Network Technologies Cluster, Fundacio i2cat ( [email_address] )
    • IaaS Framework:
      • Inocybe Technologies Inc. http ://www.inocybe.ca
      • IaaS Framework website: http://www.iaasframework.com