Snímek 1


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Classless Inter-Domain Routing ( CIDR , pronounced "cider" or "cedar") was introduced in 1993 and is the latest refinement to the way IP addresses are interpreted. It replaced the previous generation of IP address syntax, classful networks . CIDR uses variable length subnet masks ( VLSM ) to allocate IP addresses to subnets according to individual need CIDR is the possibility of routing prefix aggregation (also known as " supernetting "). NAT 1994
  • Virtualization is enabled by a decentralized object location and routing system (DOLR) called Tapestry [13]. Tapestry is a scalable overlay network, built on TCP/IP, that frees the OceanStore implementation from worrying about the location of resources. Each message sent through Tapestry is addressed with a GUID rather than an IP address; Tapestry routes the message to a physical host containing a resource with that GUID. Further, Tapestry is locality aware: if there are several resources with the same GUID, it locates (with high probability) one that is among the closest to the message source.
  • 3.3 Multi-user Java Environment . The gateway operator, through the core service gateway, acts much like a Unix root user. He allows users (service providers) to launch their shell or execution environment (their virtual service gateway). The core gateway also runs services accessible to all users. However, contrary to Unix root users, the core gateway does not have access to service gateways' data, les, etc, since these would belong to dierent, potentially competing companies.
  • The outcome of enabling the maximum amount of secure cooperation among participants can be thought of as being a “virtual lab” that exists just for a given app for a given user. The shape of each virtual lab is decided by intersecting the set of servers trusted by the user for this app with the set of servers willing to trust the user with the authorities needed for this app. FluidFed has a property that is shared by other complex yet effective systems: the overall complexity of the relationships, when looked at with a “God’s Eye” view, grows arbitrarily complex, quickly reaching a complexity that no single human being could possibly understand. Yet the view of the system from the perspective of each individual actor remains arbitrarily simple – the user may choose to create a virtual lab for an app that is smaller than what the user might actually be able to create, if the user’s need for more machines is less than his desire to have a simple policy to remember.
  • Snímek 1

    1. 1. The latest developments in FIND/GENI projects and their influence on European Networking Jiří Navrátil jiri Terena Networking Conference 2007 2 1-24 . 5 .2007 Lyngby/Denmark
    2. 2. Agenda <ul><li>Internet expansion and consequences </li></ul><ul><li>Fundamental problems of Internet </li></ul><ul><li>Next generation of Internet (directions and supporting projects, GENI, FIND) </li></ul><ul><li>New network architectures (overlay networking, virtualized GRID) </li></ul><ul><li>European projects (OneLab, Phosphorus, UCLP, FEDERICA) </li></ul>
    3. 3. Internet expansion <ul><li>Web (90ties), p2p (2000), video, IPTV, wireless (today), sensors (tomorrow) </li></ul><ul><li>Asia, Europe, North America, …. Africa </li></ul><ul><li>Expecting trillion of devices in near future </li></ul><ul><li>Wide discussion in Internet community about the future, problems in many forms and on many forums </li></ul><ul><li>NO STRENGTH to change fundamentals of existing Internet </li></ul><ul><li>NFS came with the GENI which is trying to find way, how to change Internet from the base (REINVENTING) </li></ul><ul><li>Problems: technical and social </li></ul><ul><li>capacity on last mile, guaranteed Bw, path stability,… </li></ul><ul><li>viruses, attacks, unwanted mail, pishing, etc. </li></ul>
    4. 4. Future Internet <ul><li>Creating the Internet y ou want in 10,15 Years </li></ul><ul><li>The Internet which society TRUST </li></ul><ul><li>Support pervasive computing (from PDA to Supercomputing) </li></ul><ul><li>Connecting devices and users with all types communication channels from wireless to optical light paths </li></ul><ul><li>Enable accept further developments and innovations </li></ul>
    5. 5. Two paths for changes Incremental Clean-Slate (replace Internet with new architecture) many problems on first path (many limits, hard manage,, vulnerability, hostile) there are barriers to second path : Internet ossificated, cannot be replaced Inadequate validation of potential solutions, tesbed dilemma : production testbed = incremental change experimental testbed = no real users ! Why now ? many architectional proposals ( statistics new RFC, papers, etc.) enabling technology infrastructure exists (NLR, Planetlab, .. GN2,..) research community is ready to making it real Where are the fundamental problems and what is the most actual (first order) problem ????? ? Larr y Peterson Princeton University: A Strategy for Continually Reinventing Internet (May 2005)
    6. 6. The r eal problems of IP world are in the principles (core functionality) <ul><li>IP addresses ? Be fore 1994 nearly collapsed. Problem postponed because of reusable private IP, NAT. It is reason why IPv6 is not so hot </li></ul><ul><li>Naming ? DNS still dominate and it has more and more problems </li></ul><ul><li>Routing ? S ince 1989 BGP (protocol based purely on agreement of ISPs - routing policy). All other known protocols are unacceptable, technically problematic and they are used just locally, </li></ul><ul><li>many existing routes is not used, quality of routes is not under control </li></ul><ul><li>BGP 4 ? Introducing AS was step to aggregation for routing purposes, </li></ul><ul><li>it helps to postpone problem with effectiveness of routing. </li></ul><ul><li>Reality: # of ISP and # of AS grow exponentially ! </li></ul>
    7. 7. How Internet Grows CIDR, PRIVATE IP addresses, NAT bring slowdown of growing RT Expectations 70000 routes 350 In history
    8. 8. Remark . Individual lines are prefixes (paths) from different peers Grow in 9 4 – 0 6 Source AS growing brings problem to BGP
    9. 9. (141 mill./year ) Total 1,114 326 mill. new users/year
    10. 10. BGP table analysis Partial visibility of the Internet from one router (from the routing tables) Source: Millions of prefixes in RT or different routing ?
    11. 11. More about the weaknesses of the Internet <ul><li> - performance bottlenecks at peering points </li></ul><ul><ul><li>Ignores many existing alternate paths </li></ul></ul><ul><ul><li>Prevents sophisticated algorithms </li></ul></ul><ul><ul><li>Route selection uses fixed, simple metrics </li></ul></ul><ul><ul><li>Routing isn’t sensitive to path quality (See next examples) </li></ul></ul>The Internet is ill suited to mission-critical applications Paxson (95-97) 3.3% of all routes has serious problems Labovitz (97-00) 10% of routes available <95% of time 65% of routes available <99.9 3 minutes minimum detection time for failure average recovery ~ 15 minutes Wang (06) 80 % of problems on the path is caused by routing Chandra (01) 5% of faults last more than 2 hours 45 minutes
    12. 12. Naming system ? 1-2 M updates/hour on root DNS (from misconfigurations) 20 top ASes make 50 % updates (China, US, Spain) 97% such updates is from WINDOWS machines Wrong coordination between DHCP and DNS for private IP can create unwanted traffic and requests to global DNS. This leakage is inappropriate from the traffic and also from the security aspects. REFERENCE CAIDA papers: A.Broido, E.Nemeth, kc claffy, SPECTROSCOPY of Private DNS update Sources A.Broido, H.Shang, M.Fomenkov, Y.Hyun, kc claffy, The Windows of Private DNS Updates How is robust, scalable, sensitive to the attacks and misconfigurations DNS system was designed for traffic loads that reflect the rate and complexity of human activities ! How DNS will react on machine-machine applications (crowlers, traffic reviewer,..) Since WEB appeared DNS become a tool for identify Internet objects (INFORMATION) ! DNS system was designed for identifying IP objects (computers, routers)
    13. 13. Internet naming based on DNS PROBLEM IS NOT ONLY TO HAVE NAME (registration) But how TO HANDLE resolution (conversion from/to IP) and UPDATE databases which are bigger and bigger .de Most request is resolved on the lowest level but not all data are available => Recursing requests .hp. . ibm. Recursing requests browsers Remember: Each nice Web page from “somewhere” can contain several resolutions ! (reference to icon/picture/doc located somewhere in Internet) and for seeing it must be resolved !! And it also means grow of your local cache databases .nl URL: server/datapath TLD ns ns ns ns ns ns ns ns ns ns ns ns ns ns .cvut. .fel. .cz .fjfi. TLD ns ns ns ns ns ns ns ns ns ns ns ns ns com
    14. 14. DNS is undoubted but more and more actual problem is: Separation data from location ! Van Jacobson on Google
    15. 15. http://ww .p s Using DHTs to Untangle WEB from DNS Contact to traditional web servers: SFR infrastructure strips first part and makes DHT resolution, It replaces the first part (host id) with IP and the rest is same as previous case O-record of Metadata SFR t ag: 160 bit string, IP address, port, … SFR Semantic Free Referencing ( Michael Walfish MIT ) Hostname/pathname structure and DNS resolution SFR t ag/pathname structure and DHT resolution More flexibility: pathname part of the SFRtag, multiple destinations sfr :// fbcd1234/doc/
    16. 16. Set of RNodes, each RNode keeps range of addresses for nodes Each new node is logically located into this range Lookup is based on the nearest neighbour from RN with KEY: 65a1fc key d 13da3 d4 6 2ba d 4 213f d46 7 c4 PASTRY (DHT) d4 71f1 Forwarding to d xxxxx Forwarding to d 4 xxxx Range of local keys (c2d1 – 32aaff) d46a1c If in local range ..67c5 to ..71f1 Not forwarding ! RNode RNode RNode Hash Table RNode RNode This example cover 2 24 -1 = 16 mil. objects Lookup (d46a1c) 1 65a1fc 121 1faab1 2 dabcf0 990 dabcf1 991 dabcf2 992 $key=“dabcf2” $ip = $address {$key} key index ip In Pastry max key =ffff ffff ffff ffff c2d0 32ab00 0
    17. 17. <ul><li>Groupware service: </li></ul><ul><li>How many files in the Ocean Store? </li></ul><ul><li>Assume 10 10 people in the world </li></ul><ul><li>10,000 files/person – very conservative? </li></ul><ul><li>10 14 files should be stored and maintained </li></ul>Works with concept which separate data from location ! The objects are defined by GUID - fix length string 160 bits The objects are replicated and stored on multiple servers The lookup process is dynamic based on queries between client and server
    18. 18. Tapestry routes the message to a physical host containing a resource with that GUID . Further, Tapestry is locality aware: if there are several resources with the same GUID, it locates (with high probability) one that is among the closest to the message source. Basic functions Publish/Unpublish Object, Route to Object, Route to node)
    19. 19. Searcher (send query to all neighbors) USERS JOINING AND LEAVING SYSTEMs RANDOMLY , VOLUNTARILY P2P (peer to peer) applications -High popularity- high traffic (? %) Broadcast query systems Internet allows create meshed structure s , every host can communicate with anybody New p2p architectures New tools (bittorrent) New applications(Skype,SIP) Explosion of P2P File list File list File A transfer File B transfer DB Index Q. Req. A Q. Req. B Napster (coordination of sharing) Q. Req. A Q. Req. A Q. Req. A Distributer A Query match File transfer Gnutella Ultrapeer (Index for peers) Distributer GNet,… Searcher Q. Req. A Q. Req. A Q. Req. A UP-1 UP-4 Skype Node B Supernode Login server Node A registration SN-A SN-B SN-C Search
    20. 20. from Darleen Fisher and Guru Parulkar NSF-CISE presentation
    21. 21. from Darleen Fisher and Guru Parulkar NSF-CISE presentation
    22. 22. from Darleen Fisher and Guru Parulkar NSF-CISE presentation
    23. 23. APPLICATIONs FOR MILLIONs HOMEs INTERNET Lastmile Lastmile Gateway operator VOD VOD HDTV IPTV Open Service Gateway Service providers Open Service Gateway MULTISERVICE MULTIUSER More details: The gateway operator , through the core service gateway, acts much like a Unix root user. He allows users (service providers) to launch their shell or execution environment (their virtual service gateway). The core gateway runs services accessible to all users . However, contrary to Unix root users, the core gateway does not have access to service gateways' data, files, etc, since these would belong to di f ferent, potentially competing companies. Not only lastmile operator but business for many SP
    24. 24. From: David Alderson CALTECH , NSF Find meeting, Dec. 2005 Situation is getting worse
    25. 25. GIobal Environment for network Innovations – GENI <ul><li>Reaction of NSF to existing Internet problems </li></ul><ul><li>August 25, 2005: NSF announces the GENI Initiative at SIGCOMM. </li></ul><ul><li>Since 2006 NFS (CISE) divided GENI to program FIND – Future Internet Design and the program of construction GENI facility </li></ul><ul><li>During 2 years was many working meetings and it was prepared nearly </li></ul><ul><li>50 GDD (Geni Design Documents) </li></ul><ul><li>The most complex is GENI Research plan GDD-06-28 vers. 4.5 from April 2007 in which defines detail frame for GENI research </li></ul>
    26. 26. GENI Research program <ul><li>The GENI Initiative will support research, design, and development of new networking and distributed systems capabilities by: </li></ul><ul><li>Creating new core functionality: Going beyond existing paradigms of datagram, packet and circuit switching; designing new naming, addressing, and overall identity architectures, and new paradigms of network management; </li></ul><ul><li>Developing enhanced capabilities: Building security into the architecture; designing for high availability; balancing privacy and accountability; designing for regional difference and local values; </li></ul><ul><li>Deploying and validating new architectures: Designing new architectures that incorporate emerging technologies (e.g., new wireless and optical technologies) and new computing paradigms enabled by pervasive devices; </li></ul><ul><li>Building higher-level service abstractions: Using, for example, information objects, location-based services, and identity frameworks; </li></ul><ul><li>Building new services and applications: Making large-scale distributed applications secure, robust and manageable; developing principles and patterns for distributed applications; </li></ul><ul><li>Developing new network architecture theories: Investigating network complexity, scalability, and economic incentives. </li></ul>
    27. 27. Focus of FIND <ul><ul><li>On reinvented Internet architecture and not on individual network technologies </li></ul></ul><ul><ul><li>Internet evolution influenced by clean-slate approach </li></ul></ul><ul><ul><li>Alternate architecture(s) coexist with the current Internet </li></ul></ul><ul><ul><li>Virtualization becomes the norm with plurality of architectures </li></ul></ul><ul><ul><li>New services and applications enabled </li></ul></ul>
    28. 28. Status of FIND in 2007 <ul><ul><li>The whole FIND program is currently in initial phase. </li></ul></ul><ul><ul><li>NSF has created a FIND Planning Committee, which is working with NSF to organize a series of meetings among FIND grant recipients to identify and refine overarching concepts for a network of the future. It is a continuation of GENI talks that started in 2005 </li></ul></ul><ul><ul><li>FIND will in 2007 operate with 40 millions US $ and it is expected that from this budget would award at about 60-80 teams. The kickoff meeting was held in November 2006. </li></ul></ul><ul><ul><li>http://www. nets - find . net / </li></ul></ul>NeTS - Division of Computer & Network Systems fund s research and education projects in four basic areas: Programmable Wireless Networks (NeTS- Pro Win) 16 Networking of Sensor Systems (NeTS-NOSS) 30 Networking Broadly Defined (NeTS-NB D ) 27 Future Internet Design (NeTS-FIND) 15 – (5,2 M US)
    29. 29. FIND - Scope of Research <ul><ul><li>Core functionalities ( Reconsideration of basics including packets and other modes of multiplexing and data delivery , addressing, naming and identity; routing and delivery; support for mobility; overlay networks, and services required to support overlays; architectural implications of performance objectives; and other elements of network services.) </li></ul></ul><ul><ul><li>Security and robustness (prevent attack, flooding, blocking unwanted traffic, dealing with „zombies“ and „botnets“, design new safe protocols and frameworks for applications, end nodes security) </li></ul></ul><ul><ul><li>Social aspects - privacy and accountability (balancing privacy/identity, problematic of identity tracking, increase mutual trust between users and authorities, responsibility for malicious behavior, access to emergency services) </li></ul></ul><ul><ul><li>Manageability and usability (facilitate network management, automated networks configurations, fault reporting and diagnostics, architectures cross region coordinations) </li></ul></ul><ul><ul><li>Implications of new Wireless and sensor networks (mobility of subnets, dynamic resource location, data driven routing, ) </li></ul></ul><ul><ul><li>Optical network architectures and their implications (integrated internet/optical management, dynamic allocation of capacities, aggregation in backbones ) </li></ul></ul><ul><ul><li>High level conceptualization (closer to the user, what they want, location based services, search based on localities, information context etc.) </li></ul></ul><ul><ul><li>Theoretical foundations (investigating network complexities, scalability, robustnes) </li></ul></ul><ul><ul><li>Support for applications design (How applications and services should be design to exploit new architectures, deveoloping distributed applications including economical incentives) </li></ul></ul>
    30. 30. The GENI Facility <ul><ul><li>As envisioned, the GENI Facility will enable : </li></ul></ul><ul><ul><li>Shared use through slicing and virtualization in time and space domains (i.e., where &quot;slice&quot; denotes the subset of resources bound to a particular experiment); </li></ul></ul><ul><ul><li>Access to physical facilities through programmable platforms (e.g., via customized protocol stacks); </li></ul></ul><ul><ul><li>Large-scale user participation by &quot;user opt-in&quot; and IP tunnels; </li></ul></ul><ul><ul><li>Protection and collaboration among researchers by controlled isolation and connection among slices; </li></ul></ul><ul><ul><li>A broad range of investigations using new classes of platforms and networks, a variety of access circuits and technologies, and global control and management software; </li></ul></ul><ul><ul><li>Interconnection of independent facilities via federated design . </li></ul></ul><ul><ul><li>The GENI Facility will leverage the best ideas and capabilities from existing network testbeds such as PlanetLab, ORBIT, WHYNET,Emulab, </li></ul></ul><ul><ul><li>X-Bone, DETER and others. </li></ul></ul><ul><ul><li>The GENI Facilty will need to extend beyond these testbeds to create </li></ul></ul><ul><ul><li>an experimental infrastructure capable of supporting the ambitious research </li></ul></ul><ul><ul><li>goals of the GENI Initiative. </li></ul></ul>
    31. 31. Relation FIND/GENI Stages of Research 2007 and Later <ul><ul><li>Architectures as they emerge will be made operational and tested via: </li></ul></ul><ul><ul><ul><li>Simulation (ns-2, …) </li></ul></ul></ul><ul><ul><ul><li>Emulation (Planetlab, Emulab,…) </li></ul></ul></ul><ul><ul><ul><li>Run on a large-scale GENI facility </li></ul></ul></ul><ul><ul><li>When ? </li></ul></ul>
    32. 32. Current situation “HORIZON PROJECT” with 20 millions US for preconstruction planning Next step “Readiness Stage” (allow extension preconstruction planning) GENI facility FIND projects: Work on existing experimental infrastructures ! Filling gap 2007 2009 ? Deliverables: <ul><li>Testbed federation </li></ul><ul><li>Planetlab/Emulab </li></ul><ul><li>Building control plane </li></ul><ul><ul><li>Planetlab prototype, </li></ul></ul><ul><ul><li>VINI –Virt. Network Infrastructure </li></ul></ul><ul><li>Proof-of-concepts wired-wireless integration </li></ul><ul><li>Distributed authorization and access control </li></ul><ul><ul><li>Internet in a Slices (Click + XORP) </li></ul></ul>
    33. 33. If we cannot extend Internet we can replicate it via virtual concepts If we cannot extend Internet we can replicate it via virtual concepts
    34. 34.
    35. 35. VS – Virtual server Independent OS LINUX (BSD) running on VM, with own administartion including root with own file system and computation capability Slice: set of VS on different nodes VMM VMM VMM VMM
    36. 36. Node/Slice s in PlanetLab N 4 N 2 N 3 N 7 N 5 N 6 On each node can run more users (slices) Each of them is running in own virtual system One user can run more applications App1 App2 App3 SLICE Node SLICE A1 (N 3,N1,N2,N3,N4,N5,N6.N7) SLICE A 3 ( N1,N2,N 6 ,N 7 SLICE A2 ( N3,N6,N5,N4) N1 Virtual path VP1 VP 2 VP n
    37. 37. N 4 N 2 N 3 N 7 N1 N 5 N 6 Overlay /Slice s in PlanetLab Virtual path VP1 VP 2 VP n Motto TNC-2007: VISIBLE SERVICES – TRANSPARENT NETWORKS
    38. 38. The Overlays Virtual path VP1 VP 2 VP n Virtual path VP1 VP 2 VP 3 Motto TNC-2007: VISIBLE SERVICES – TRANSPARENT NETWORKS
    39. 39. The Overlays Real paths in IP: - shared (Planetlab) - private VPN,tunnels, IPinIP end2end (X-bone,..) real path in IP Virtual path VP1 VP 2 VP n R1 R2 Rn Motto TNC-2007: VISIBLE SERVICES – TRANSPARENT NETWORKS
    40. 40. vnode3 Vnode1 VIOLIN V irtual I nternetworking on O verlay IN frastructer (Department of computer science Purdue Univ.) <ul><li>Violins are virtual isolated networks build on top of overlay networks as </li></ul><ul><li>They include virtual routers, switches and end hosts . </li></ul><ul><li>Each Violin works in our virtual world with own IP address space </li></ul>Entities of VIOLIN are created, deleted or migrated on-demand. It creates new environment for applications which can be deployed in this new virtual network. real path in IP Virtual path VP1 VP 2 R1 R2 R3 R5 R4 node1 node3 node2 vnode2 IP Violin Planetlab
    41. 41. vnode3 vnode1 VIOLIN V irtual I nternetworking on O verlay IN frastructer (Department of computer science Purdue Univ.) real path in IP Virtual path VP1 VP 2 R1 R2 R3 R5 R4 node1 node3 node2 vnode2 IP Violin Planetlab Host OS (Fedora) Intra-host tunneling Inter host tunneling node2 node1 Vswitch UML VM Vnode1 UML VM Vnode2 UML VM VnodeN UML VM VnodeN UML VM
    42. 42. Service switch for S 1 SODA (Daemon) Host OS SODA (Daemon) Host OS SODA Agent SODA Master HUP Hosting utility Platform node 2 Service switch for S 2 Guest OS „UML“ SODA Daemon Bootstrap VM + downloading appl. Request ASP for SERVICE type Configuration for SERVICE types User request for different services node 1 node n Each User can get individual service (web, comp, log, media service …) SODA : a S ervice- O n- D emand A rchitecture (Department of computer science Purdue Univ.) S 1 G-OS S 1 G-OS S 2 G-OS S 3 G-OS Service switch for S x
    43. 43. WOW W ide area network O f virtual W orkstations (ACIS Lab University of Florida) Fig.1 shows WOW testbed distributed over 6 firewalled domains (118 p2p router nodes - Planetlab and other VMware-based VM nodes) IPOP – IP over p2p (concept based on Brunet p2p protocol (used to pass FW ) on-demand establishments of direct overlay links between WOW nodes (nodes can join or leave system in 10 sec . direct communication between nodes in 200 sec .) WOW is running unmodified OS and application inside VMs, they can use the middleware framework and reach variety of hosts using CONDOR and VM binary versions of application which can be replicated Shortcut connections
    44. 44. Dynamically created topology (ring) in order of seconds based on VTTIF ( V irtual T opology and T raffic I nterface F ramework) Significantly improve application performance without user participation VNET creates illusion that users’s VM are on user’s LAN Virtuoso/VNET (Department of Computer Science Northwestern University)
    45. 45. What is emulation? the ability to mimic another machine on your computer. You can run the same programs that you would on whatever the other machine is. Switch ( Virt.capability) wired Univ. UTAH (160+128+40+18+8) hosts NEXT 17 EMULABS in operation or in contruction
    46. 46. DETERLAB shared infrastructure designed for medium scale repeatable experiments in computer security . 2 clusters (100 nodes each)
    47. 47. AT&T NLR Sunnyvale LA Pitts KC NLR Abilene
    48. 48. Larr y Peterson Princeton University: A Strategy for Continually Reinventing Internet (May 2005) NLR NLR NLR NLR It opens way to new virtulal worlds and possibilities to replicate fundamen tal parts of internet I ntegrate mobility Develop and test applications in new environment The first commercial entities will enter into new environment with their users
    49. 49. Andy Bavier, Nick Feamster, Mark Huang, Larry Peterson, Jennifer Rexford. In VINI Veritas : Realistic and Controlled Network Experimentation . SIGCOMM 2006. Internet 2 NLR
    50. 50. Andy Bavier, Nick Feamster, Mark Huang, Larry Peterson, Jennifer Rexford. In VINI Veritas : Realistic and Controlled Network Experimentation . SIGCOMM 2006. Internet 2 NLR VLAN VLAN VLAN <ul><li>Building control plane </li></ul><ul><ul><li>On Planetlab prototype, </li></ul></ul><ul><ul><li>Move out PL best effort, </li></ul></ul><ul><ul><li>new policies, kernel </li></ul></ul><ul><li>Distributed authorization and </li></ul><ul><li>access control </li></ul><ul><ul><li>An experiment: </li></ul></ul><ul><ul><li>IIAS - Internet in a Slices </li></ul></ul><ul><ul><li>Click (SR)+ XORP(RPsuite) </li></ul></ul>
    51. 51. The main objective of the Euro NGI network is to create the European center of excellence in Next Generation Internet design and engineering, acting as a &quot;Collective Intelligence Think Tank&quot;, representing a major support for the European Information Society industry and leading towards a European leadership in this domain.
    52. 52. Planetlab in Europe OneLabs MyPLC (private Planetlab) 188 EU 21 uk 6 se 8 pt 16 pl 6 no 4 nl 14 it 2 is 12 il 4 ie 2 hu 6 gr 10 fr 11 es 3 dk 39 de 2 cz 2 cy 10 ch 4 be 6 at
    53. 53. <ul><li>OneLab Goals </li></ul><ul><ul><li>Extend PlanetLab into new environments, beyond the traditional wired internet. </li></ul></ul><ul><li>Deepen PlanetLab’s monitoring capabilities. </li></ul><ul><li>Federate - Provide a European administration for PlanetLab nodes in Europe. </li></ul>
    54. 54. FP6 projects <ul><li>MUPBED creates an experimental environment to assess the proposed network solutions, and that will be offered as an open test platform to other European research projects and users. The test bed will represent a multi-layer network based on IP/MPLS and ASON/GMPLS technologies, equipped with a unified control plane and designed to support the highly demanding applications of the European research community. </li></ul><ul><li>MUSE creates an experimental environment for low cost multi-service access network . (internet to homes) </li></ul><ul><li>NETQoS - project proposes an autonomous policy-based management for wired/wireless heterogeneous communications networks aimed to provide enhanced end-to-end QoS and efficient resource utilization. </li></ul><ul><li>OneLab will extend the highly successful and widely used PlanetLab infrastructure by enabling deployment of PlanetLab nodes in new wireless environments . </li></ul><ul><li>PANLAB – This will serve as a Technology Roadmap and as a Strategic Development Guideline for European and global telecommunications. </li></ul><ul><li>Phosphorus - High capacity optical networking can satisfy bandwidth and latency requirements, but software tools and frameworks for end-to-end, on-demand provisioning of network services need to be developed in coordination with other resources (CPU and storage) and need to span multiple administrative and network technology domains. </li></ul><ul><li>WEIRD is integrated project aiming at implementing research test-beds using the WiMAX technology in order to allow isolated or impervious areas to get connection to the GEANT2 research network. </li></ul><ul><li>WWI Ambient Networks project will create the network solutions for mobile and wireless systems beyond 3G. It will enable scalable and affordable wireless networking while providing rich and easy to use communication services for all. Ambient Networks offers a fundamentally new vision based on the dynamic composition of networks to avoid adding to the growing patchwork of extensions to existing architectures. </li></ul>
    55. 55. sublayer 4 sunlayer 3 sublayer 2 Edge node Edge node sublayer 1 RN4 RN1 RN3 RN5 RN2 RN1 RN5 RN4 RN1 RN5 RN4 RN1 RN5 RN4 Core network with classified application multilayers Different application packets Core network Different application packets Domain X Domain Z Different L2 allocation between RN, different routing for each L3 sub - layer   1  2  3  4 Questions: Who can create applicaton layer? *jn* RN = routernode Group /class of applications “ Y” “ P” “ G” “ B” (voice) (video) (interactive gaming) (data)
    56. 56. Thank You for your attention