- The document proposes adding stateful capabilities to OpenFlow 2.0 in order to better support use cases that require stateful processing like APS and load balancing.
- It suggests including a stateful flow table, programmable state machines, and the ability to generate and process frames within OpenFlow switches.
- To ensure interoperability, it recommends adopting a bytecode approach where any programming language could be used to define state machines which are then compiled to a common bytecode format and run on switches from different vendors.
Multilayer optimization deals with projected traffic demands of each type of service traffic, by constructing and analyzing different combinations for handling traffic across the transport layers to end up with a whole that is much less than the sum of the parts.
Moreover, when combined with centralized SDN control it promises to be a platform for innovative services that generate new revenue streams. While the payoffs are huge, SDN-controlled multilayer-optimized networks are not trivial.
There is a rocket science element to the underlying algorithms, and this increases in complexity when combined with real time control.
The presentation will discuss the motivations, benefits, and approaches, for SDN-controlled, multilayer optimized networks.
Five Ways Virtual CPE Reduces Costs and Enables Innovative Enterprise ServicesGCC Computers
How service providers can contain costs and complexity
by virtualizing CPE functions.
Follow GCC Computers
http://www.facebook.com/GccComputersLtd
http://www.linkedin.com/company/gcc-computers-ltd
http://twitter.com/gcc_computers
http://www.youtube.com/channel/UCjWj_h4lrCdw65x2xbM3lhQ
http://www.gcc.com.cy/
Alcatel-Lucent Cloud: Network Functions Virtualization - The New Virtual Real...Alcatel-Lucent Cloud
Companies are facing cloud challenges; capacity expansion, commoditization, network and data center merging, network becoming a programmable platform, transformation at web speed. The answer is parallel scaling and the creation of the NFV Industry Group. NFV will greatly enhance the ability of "network applications" to elastically scale to meet changing demand patterns. Alcatel-Lucent is leading the way in this new reality.
vCPE 2.0 – the business case for an open vCPE frameworkCloudify Community
More at http://cloudify.co/webinars/open-vCPE-framework-webinar.html
Oded Nahum discusses the importance of the vCPE use case and why we need to make it more open. He also talks about why it makes financial sense for telcos to do this in the long term.
Implementing vCPE with OpenStack and Software Defined NetworksPLUMgrid
Service providers and the broader vendor community have made progress in virtualizing key vCPE network functions. Concurrently, there is a strong push to bring these functions to the cloud. This session will discuss how Openstack is enabling this transformation and the role played by technologies like SDN and NFV. It will also discuss the latest advances in the networking stack of the Linux kernel which further enable these network functions to run in a fully distributed architecture. Finally, it will tie all these concepts together proposing a model for implementing virtual CPE services.
V cpe deployment-best-practices-presentationNir Cohen
A review of the various vCPE implementation options available for service providers and the factors that should be considered to avoid pitfalls and ensure optimal results.
Alcatel-Lucent Cloud: Shaping the Future NFV OSS David Amzallag TM Forum 2013Alcatel-Lucent Cloud
Communication service providers have started to re-think the network with the objective to remove the walls between network services and network infrastructure, reduce expenditures and to achieve network elasticity and scalability. This new vision aims to change the way telcos are building and managing their networks and spans Software Defined Networking (SDN) as well as Network Functions Virtualization (NFV). As many network services will be comprised of virtualized network functions together with non-virtualized network functions, the expectations for a new operational model are including, among others, a real-time, zero-touch and fully programmable OSS that will share responsibilities with legacy OSS, Cloud Management/ Orchestration System, SDN Controllers and a new OSS for Applications. Follow David Amzallag on twitter @david_amzallag
SDN and Photonics for Dynamic Cloud Connectivity ADVA
Check out Achim Autenrieth's slide set from his OFC workshop entitled "SDN and Photonics for Dynamic Cloud Connectivity. This is all about SDN, Cloud Connectivity and the optical network Hypervisor.
Peleg Erlich presentation on the Principles and Attributes of NFV Orchestration and Automation at the ETSI Future Networks Workshop from 9-11, April 2013 in SOPHIA ANTIPOLIS, FRANCE.
Verizon Selects Ensemble Connector to Deliver VNS uCPEADVA
Get the lowdown on why Verizon chose Ensemble Connector to drive its new Virtual Network Services (VNS) universal customer premises equipment (uCPE) solution.
Learn more about how today's service provider's networks are built to deliver yesterday's services and how the Next generation service require a new approach with our Evolved Programmable Network's offerings will enable business transformation for new service deliveries.
Our MicroMux™ module is the latest addition to our FSP 3000 CloudConnect™ solution. It’s been specifically designed for internet content providers and cloud service providers that need data center interconnect technology that can both support current service demands and effectively scale for future growth. Our FSP 3000 CloudConnect™ platform now offers 10GbE, 40GbE and 100GbE client ports with unmatched energy efficiency, density and openness.
In his 2016 ACE SCHOOL & RUS SYMPOSIUM talk, Bill Nelson explained how NFV is particularly beneficial for those delivering broadband to rural areas. He showed how much rural communication service providers can achieve with the ability to quickly automate system management and move a network environment with a few keystrokes. And he revealed how providers can win new business by partnering with larger competitors or competing with them on price.
STATUS UPDATE OF COLO PROJECT XIAOWEI YANG, HUAWEI AND WILL AULD, INTELThe Linux Foundation
We have presented the idea of coarse grain lock-stepping (COLO) virtual machiens for non-stop service in last year's xen summit. We have made significant progress in the past year and submitted the patch series to the community. It is a good time for us to present the latest status to the community and call for participation.
Multilayer optimization deals with projected traffic demands of each type of service traffic, by constructing and analyzing different combinations for handling traffic across the transport layers to end up with a whole that is much less than the sum of the parts.
Moreover, when combined with centralized SDN control it promises to be a platform for innovative services that generate new revenue streams. While the payoffs are huge, SDN-controlled multilayer-optimized networks are not trivial.
There is a rocket science element to the underlying algorithms, and this increases in complexity when combined with real time control.
The presentation will discuss the motivations, benefits, and approaches, for SDN-controlled, multilayer optimized networks.
Five Ways Virtual CPE Reduces Costs and Enables Innovative Enterprise ServicesGCC Computers
How service providers can contain costs and complexity
by virtualizing CPE functions.
Follow GCC Computers
http://www.facebook.com/GccComputersLtd
http://www.linkedin.com/company/gcc-computers-ltd
http://twitter.com/gcc_computers
http://www.youtube.com/channel/UCjWj_h4lrCdw65x2xbM3lhQ
http://www.gcc.com.cy/
Alcatel-Lucent Cloud: Network Functions Virtualization - The New Virtual Real...Alcatel-Lucent Cloud
Companies are facing cloud challenges; capacity expansion, commoditization, network and data center merging, network becoming a programmable platform, transformation at web speed. The answer is parallel scaling and the creation of the NFV Industry Group. NFV will greatly enhance the ability of "network applications" to elastically scale to meet changing demand patterns. Alcatel-Lucent is leading the way in this new reality.
vCPE 2.0 – the business case for an open vCPE frameworkCloudify Community
More at http://cloudify.co/webinars/open-vCPE-framework-webinar.html
Oded Nahum discusses the importance of the vCPE use case and why we need to make it more open. He also talks about why it makes financial sense for telcos to do this in the long term.
Implementing vCPE with OpenStack and Software Defined NetworksPLUMgrid
Service providers and the broader vendor community have made progress in virtualizing key vCPE network functions. Concurrently, there is a strong push to bring these functions to the cloud. This session will discuss how Openstack is enabling this transformation and the role played by technologies like SDN and NFV. It will also discuss the latest advances in the networking stack of the Linux kernel which further enable these network functions to run in a fully distributed architecture. Finally, it will tie all these concepts together proposing a model for implementing virtual CPE services.
V cpe deployment-best-practices-presentationNir Cohen
A review of the various vCPE implementation options available for service providers and the factors that should be considered to avoid pitfalls and ensure optimal results.
Alcatel-Lucent Cloud: Shaping the Future NFV OSS David Amzallag TM Forum 2013Alcatel-Lucent Cloud
Communication service providers have started to re-think the network with the objective to remove the walls between network services and network infrastructure, reduce expenditures and to achieve network elasticity and scalability. This new vision aims to change the way telcos are building and managing their networks and spans Software Defined Networking (SDN) as well as Network Functions Virtualization (NFV). As many network services will be comprised of virtualized network functions together with non-virtualized network functions, the expectations for a new operational model are including, among others, a real-time, zero-touch and fully programmable OSS that will share responsibilities with legacy OSS, Cloud Management/ Orchestration System, SDN Controllers and a new OSS for Applications. Follow David Amzallag on twitter @david_amzallag
SDN and Photonics for Dynamic Cloud Connectivity ADVA
Check out Achim Autenrieth's slide set from his OFC workshop entitled "SDN and Photonics for Dynamic Cloud Connectivity. This is all about SDN, Cloud Connectivity and the optical network Hypervisor.
Peleg Erlich presentation on the Principles and Attributes of NFV Orchestration and Automation at the ETSI Future Networks Workshop from 9-11, April 2013 in SOPHIA ANTIPOLIS, FRANCE.
Verizon Selects Ensemble Connector to Deliver VNS uCPEADVA
Get the lowdown on why Verizon chose Ensemble Connector to drive its new Virtual Network Services (VNS) universal customer premises equipment (uCPE) solution.
Learn more about how today's service provider's networks are built to deliver yesterday's services and how the Next generation service require a new approach with our Evolved Programmable Network's offerings will enable business transformation for new service deliveries.
Our MicroMux™ module is the latest addition to our FSP 3000 CloudConnect™ solution. It’s been specifically designed for internet content providers and cloud service providers that need data center interconnect technology that can both support current service demands and effectively scale for future growth. Our FSP 3000 CloudConnect™ platform now offers 10GbE, 40GbE and 100GbE client ports with unmatched energy efficiency, density and openness.
In his 2016 ACE SCHOOL & RUS SYMPOSIUM talk, Bill Nelson explained how NFV is particularly beneficial for those delivering broadband to rural areas. He showed how much rural communication service providers can achieve with the ability to quickly automate system management and move a network environment with a few keystrokes. And he revealed how providers can win new business by partnering with larger competitors or competing with them on price.
STATUS UPDATE OF COLO PROJECT XIAOWEI YANG, HUAWEI AND WILL AULD, INTELThe Linux Foundation
We have presented the idea of coarse grain lock-stepping (COLO) virtual machiens for non-stop service in last year's xen summit. We have made significant progress in the past year and submitted the patch series to the community. It is a good time for us to present the latest status to the community and call for participation.
Industry 4.0: Building the Unified Namespace with Confluent, HiveMQ and Spark...confluent
Our talk will explore the transformative impact of integrating Confluent, HiveMQ, and SparkPlug in Industry 4.0, emphasizing the creation of a Unified Namespace.
In addition to the creation of a Unified Namespace, our webinar will also delve into Stream Governance and Scaling, highlighting how these aspects are crucial for managing complex data flows and ensuring robust, scalable IIoT-Platforms.
You will learn how to ensure data accuracy and reliability, expand your data processing capabilities, and optimize your data management processes.
Don't miss out on this opportunity to learn from industry experts and take your business to the next level.
The presentation will provide a brief overview of Tungsten Fabric, and the new features in the recent 5.0 release. A demo of Tungsten Fabric will follow, with an overview of core functionality, and newly released features.
Speaker: Nick Davey, Cloud - SDN Product Manager
A presentation about UCS and usNIC to the Math & Computer Science and Leadership Computing Facility divisions at Argonne National Laboratory (ANL). Presented to ANL by Dave Goodell (Cisco) on 2014-09-02.
EclipseEmbeddedDay2009-OSGi: Best Tool In Your Embedded Systems ToolboxBrett Hackleman
We discuss several of our past and current OSGi-based solutions for defense systems, mining equipment, construction equipment, industrial automation, and automotive/telematics domains. We present some best practices for building flexible, cross-platform, high-performance embedded application and the resulting lessons learned along the way. We demonstrate how the Eclipse Runtime Components and Frameworks can be used to access communication buses such as CAN, J1939, J1850, and MIL-STD-1553. Finally, we explain how using OSGi and Equinox can simplify the development, testing, and deployment of your next application, whether embedded or not.
POLYTEDA LLC, a provider of semiconductor design software and PV-services announced the general availability of PowerDRC/LVS version 2.2.
This release is dedicated to delivering fill layer generation for multi-CPU mode, new KLayout integration functionality and other significant improvements for multi-CPU mode
describing and comparing different protocols when it come to deploying apis on edge computing devices.
5 different categories are analyzed and 7 protocols are examined
5G promises to change the way we live our lives, with unprecedented services and unparalleled user experience. Operators need to build an underlying connectivity infrastructure that is capable of delivering on demands like ultra-low latency and hyper-flexible bandwidth. This webinar will focus on the most critical aspects of the 5G transport network and discuss what is required in terms of slicing, edge computing and the need for openness and interworking. Addressing each of these aspects properly will enable operators to offer state of the art 5G services that will be the foundation of what some people believe will become the 4th industrial revolution.
Topics of discussion:
What factors and demands will influence the infrastructure design?
The impact of 5G on connectivity infrastructure and network requirements
The optional technological solutions and preferred solutions
Multilayer optimization deals with projected traffic demands of each type of service traffic, by constructing and analyzing different combinations for handling traffic across the transport layers to end up with a whole that is much less than the sum of the parts.
Moreover, when combined with centralized SDN control it promises to be a platform for innovative services that generate new revenue streams. While the payoffs are huge, SDN-controlled multilayer-optimized networks are not trivial.
There is a rocket science element to the underlying algorithms, and this increases in complexity when combined with real time control.
The presentation will discuss the motivations, benefits, and approaches, for SDN-controlled, multilayer optimized networks.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
3. ECI Proprietary 3
STATE OF OPENFLOW
• Openflow (OF) is the leading protocol for SDN
implementations
• OF is currently stateless by design
Stateless Stateful
4. ECI Proprietary 4
PROBLEM STATEMENT
• OF fails to provide good solution to some
popular use cases that are based on
tasteful frame-by-frame decision:
̶ APS (Automatic protection switching)
̶ Load balancing
̶ Bandwidth capping
• No notion of a flow as a set of
interrelated ingress and egress
traffic streams
• No notion of flow context, e.g.
User, Originating VM
• No ability to generate frames
(e.g. CCMs, 1588, etc.)
6. ECI Proprietary 6
PROPOSED SOLUTION
• Add Stateful flow table, context, frame
generation and states to OF
• Offload flow and state processing to the FE
• Extend OF with new flow table type
“Stateful”
• Associate “Stateful” table with a set of
programmable state machines
• Extend OF to enable association
and programming of state machines
• Controller retains global
network view
7. ECI Proprietary 7
STATE MACHINES
0: iconst_2
1: istore_1
2: iload_1
3: sipush 1000
6: if_icmpge 44
9: iconst_2
10: istore_2
SM_j...
PROPOSED SOLUTION - DETAILS
Table 0 Table 1 Table n Stateful Table
Execution
Set
Action Set Action Set
Action Set
Packetout
Packet in
Programmable module within
the switch, maintains and runs the
various user-defined state machines
Converted from high level programs
into bytecode
Modified Openflow Switch
0: iconst_2
1: istore_1
2: iload_1
3: sipush 1000
6: if_icmpge 44
9: iconst_2
10: istore_2
SM_i
9. ECI Proprietary 9
CREATING A VENDOR AGNOSTIC SOLUTION
Deciding on a one way to develop state machines /applications could be
problematic
Same goes for deciding on one single way to implement in the switches
On the other hand, loose definitions would lead to interoperability
problems
̶ Same problems that hurdled OF in the first place
10. ECI Proprietary 10
ADOPTING THE BYTECODE APPROACH
Enables separation of the programming
language from the HW implementation
Any high level language may be used
Any DP ASICs/NPUs etc. can be used
The only part which is standardized is the bytecode
Ensures: no vendor locking, no strict
implementation restrictions and big
ecosystem
Completing technologies can be
seamlessly integrated into same
architecture using same compiler and
same JVM infrastructure
Write Java source code
Windows
Text editor
Source code
Compiler
Bytecode
Intel x86
Create & Modify Java
Bytecode
JVMA
Windows
Run
Intel x86
Bytecode
JVMA
Solaris
Sun
SPARC
Bytecode
JVMA
Mac
MAS
Power PC
11. ECI Proprietary 11
Create in any bytecode
compliant tool
SDN controller
USING
BYTECODE
WITH OPEN
FLOW DEVELOPMENT ENV.
HostOS
Text editor
Source code
Compiler
Bytecode
Of apps P4 code other
BytecodeJVMA
Datapath Multicore
Embedded OS A
Switch
Vendor C
BytecodeJVMA
Datapath NPU
Embedded OS A
Switch
Vendor B
BytecodeJVMA
Datapath ASIC
Embedded OS A
Switch
Vendor A
13. ECI Proprietary 13
USE CASE: AUTOMATIC PROTECTION SWITCHING
Y.1731 APS is a set of mechanisms to detect and isolate faults on Ethernet networks. These faults can be
simple connectivity faults or more complex faults due to misconfigurations (cross-connect & remote MEP
errors). The basic principal is that end nodes (MEPs) exchange regular messages called Continuity Check
Messages (CCM). The message rate is configurable from 3.3ms up to 10 minutes for each service.
Service
Provider #1
Service
Provider #2
14. ECI Proprietary 14
Y.1731 STATE MACHINES
DELAY MEASUREMENT
ETH-SLM:
Fame Loss
Measurement
Synthetic Loss
Message (SLM)
Synthetic Loss
Reply (SLR)
ETH-LM:
Fame Loss
Measurement
Loss Message
Measurement
(LMM)
Loss Message
Reply (LMR)
FRAME LOSS MEASUREMENT CONTINUALLY CHECK PROTOCOL
ETH-DM:
Frame Delay
(FD) & Frame
Delay Variation/
Jitter (FDV)
Measurements
Delay Measurement
Message (DMM)
Delay Measurement
Reply (DMR)
Notes:
• Clock synchronization will be done via
NTP
• CCM intervals: 3.3ms, 10ms (default),
100ms, 1s, 10s, 1min, 10min
Typewriter
On
main
link
1 CCM
Missing
2 CCMs
Missing
No CCM
received
No CCM
Received
No CCM
Received
Received
CCM
Received
CCM
Received
CCM
10 intervals
Received
CCM
Failed link
1.Send link
failure alarm
2.Instantiate
APS
15. ECI Proprietary
SDN App
OF Switch
Host D
AccessSwitch
CCM Generator
Y.1731
OpenFlow
SDN Controller
DBCEP
OPTION 1: APS AS A SDN APP
• CCM is generated at
app and not at port
• Spurious delay added
to state machine
• Overloaded NBI/ SBI
Host C
Host B
Host A
APS Path
Selector
Rules
WAN1
WAN2
WAN3
WAN4
SDN APP
VNIC
NIC
Scheduler
16. ECI Proprietary
Standard Switch
SDN App
OF Switch
Host D
AccessSwitch
Y.1731
DB
OPTION 2: APS ON A HYBRID SWITCH
• OpenFlow is out of
the loop
• SDN is limited to the
stateless operations
• “Split Brain” operation
Host C
Host B
Host A
WAN1
WAN2
WAN3
WAN4
SDN APP
VNIC
NIC
Scheduler
NMS
SDN Controller
OpenFlow
APS
17. ECI Proprietary
SDN App
OF Switch
Host D
AccessSwitch
CCM GeneratorY.1731
DBCEP
PROPOSED SOLUTION: APS STATE MACHINES AT
OPEN FLOW SWITCH
• CCM is generated at
switch, where it should
• Full control by SDN app
and controller
• Frame operation is
delegated to switch and
SDN controller is
offloaded
Host C
Host B
Host A
WAN1
WAN2
WAN3
WAN4
SDN APP
VNIC
NIC
Scheduler
Path Selector Logic and State machine templates
SDN Controller
OpenFlow
APS
18. ECI Proprietary 18
STATEFUL FIREWALL FOR CLOUD
VMa VMb
Web Server App logic Database
VMa
VSwitch a
VMb
VSwitch b
19. ECI Proprietary 19
USE CASE CONT. - TCP STATE MACHINE
TCP connection have several states such
as: closed, listen, Syn received,
established etc.)
This state would be tracked in the stateful
flow table with Stateful OF, so the OF sate
would be would be the TCP state
The state can be inferred from the TCP
flags (e.g. syn, ack, fin etc) and they
sequence in which they appear in the
traffic, as detailed in the TCP state
machine description
20. ECI Proprietary 20
SUPERIOR FRAME
PROCESSING
Achieved by offloading state
management from controller
and app to the switch
SUPERIOR DISTRIBUTION
OF FRAME PROCESSING
across the network
by utilizing many switches vs.
few controllers or apps
SUPERIOR OPTIMIZATION
for state machine
processing
by leveraging multicore NPs
etc.
STATEFUL APS FOR CLOUD – ADVANTAGES OF
PROPOSAL
22. ECI Proprietary 22
WHY WAS IT NOT
IMPLEMENTED
UNTIL NOW?
Actually the openflow specification does
include state machine specifications for
two use cases: LAG and Link protection
These use cases had been
“baked” into the protocol without
further programmability
Our suggestion is to make
the OF specification truly
programmable
23. ECI Proprietary 23
HOWEVER, IS STILL SDN?
Lets check the proposed solution using
criteria for SDN as stipulated by ONF:
Directly programmable
Agile
Centrally managed
Programmatically configured
Open standards-based
and vendor-neutral
+
+
24. ECI Proprietary 24
WILL IT FRAGMENT THE OPENFLOW SWITCH
IMPLEMENTATION?
• Even today there are many types of “Ethernet” switches
• There is no one implementation of an Ethernet switch
• Each implementation is used for a specific use case
• The same will be with stateful OF switches that will be used as needed
Stateless operations mean that the match and actions on frames are based only on information included in the frame’s header.
Stateful operations also take into account any information derived from states or history
The Bytcode approach enables separation of the programming language from the HW implementation
This means that any high level language may be used to create the state machines
This also means that any DP ASICs/NPUs etc. can be used with no restrictions
The only part which is standardized is the bytcode, and that has been perfected by Java for a long time
Using this approach, the is no vendor locking, no strict implementation restrictions and big ecosystem
This also means that completing technologies like P4 can be seamlessly integrated into same architecture using same compiler and same JVM infra
Consider the following example:
A common cloud application is a web application which is composed of three tiers:
Web server
App Logic
Database
For security reason Webserver may initiate connection to the AppLogic but AppLogic may not initiate connection to the web server.
In a standard openflow implementation of a stateless firewall we can put a rule that when a first frame is coming from VMa with destination to VMb, we will allow it on both directions and when a first frame comes from VMb to VMa , we will not allow it
For security reason we would only want to allow traffic from VMb to VMa only when the TCP connection status is “established”
The problem with a stateless firewall occurs when we allow the traffic from VMa to VMb on both directions regardless of the state of the TCP connection, as VMb may communicate with VMa, after the session TCP session had ended