This document provides a tutorial on NETCONF and YANG, which are standards for network configuration and management. NETCONF was designed to address operators' requirements for easier network-wide configuration, validation of changes, and transactional management across multiple devices. It uses SSH for secure transport and XML encoding. YANG provides data models to define the configuration and state data. The tutorial covers the background and motivation for these standards, an overview of NETCONF operations and examples, and a demonstration of YANG data modeling. It explains how NETCONF enables network-wide atomic transactions, fulfilling a key operator need and improving the cost and complexity of network management.
The document discusses Cisco's SD-WAN solution with Viptela. It provides an overview of the key components of Cisco's SD-WAN architecture including the management plane (vManage), control plane (vSmart), data plane (vEdge), and orchestration plane (vBond). It also summarizes capabilities like zero touch provisioning, VPN segmentation, application policies, and centralized management.
Introduction to Software Defined Networking (SDN)rjain51
Class lecture by Prof. Raj Jain on Introduction to . The talk covers Origins of SDN, What is SDN?, Original Definition of SDN, What = Why We need SDN?, SDN Definition, XMPP, XMPP in Data Centers, Path Computation Element, PCE, Forwarding and Control Element, Sample ForCES Exchanges, Application Layer Traffic Optimization, ALTO, ALTO Extension, Current SDN Debate: What vs. How?, SDN Controller Functions, RESTful APIs, OSGi Framework, Open Daylight SDN Controller, OpenDaylight Tools, Affinity Metadata Service, SDN Related Organizations and Projects, SDN Web Sites, Hierarchy of Operations, Introduction to, Origins of SDN, What is SDN?, Original Definition of SDN, What = Why We need SDN?, SDN Definition, XMPP, XMPP in Data Centers, Path Computation Element, PCE, Forwarding and Control Element, Sample ForCES Exchanges, Application Layer Traffic Optimization, ALTO, ALTO Extension, Current SDN Debate: What vs. How?, SDN Controller Functions, RESTful APIs, OSGi Framework, Open Daylight SDN Controller, OpenDaylight Tools, Affinity Metadata Service, SDN Related Organizations and Projects, SDN Web Sites. Video recording available in YouTube.
The document provides information about an upcoming training course on deploying MPLS L3 VPNs. It includes details about the trainers, Nurul Islam Roman and Jessica Wei, their backgrounds and areas of expertise. It also outlines the course agenda which will cover topics such as MPLS VPN models, terminology, operation, configuration examples and service deployment scenarios.
This document outlines best practices for Internet exchange points (IXPs). It discusses that an IXP is a layer 2 Ethernet network connecting members through assigned IP addresses using only BGP. IXPs allow members to exchange their own and customer routes to improve traffic performance and save costs on internet transit. The document also provides guidelines for members and operators, such as disabling unwanted protocols, not leaking IXP prefixes, and implementing port security and storm control.
Slide deck to give some theoretical background before stepping into the hands-on tutorial at http://sdnhub.org/tutorials/opendaylight. Compared to earlier version of this slide deck, this tutorial slide deck has been updated to focus more on MD-SAL and YANG modeled app development.
Marek Isalski, Faelix.net Ltd, describes the MikroTik range of routers and their applications, gives a pros and cons summary, and recommendations for budget provider edge deployment.
This document provides a tutorial on NETCONF and YANG, which are standards for network configuration and management. NETCONF was designed to address operators' requirements for easier network-wide configuration, validation of changes, and transactional management across multiple devices. It uses SSH for secure transport and XML encoding. YANG provides data models to define the configuration and state data. The tutorial covers the background and motivation for these standards, an overview of NETCONF operations and examples, and a demonstration of YANG data modeling. It explains how NETCONF enables network-wide atomic transactions, fulfilling a key operator need and improving the cost and complexity of network management.
The document discusses Cisco's SD-WAN solution with Viptela. It provides an overview of the key components of Cisco's SD-WAN architecture including the management plane (vManage), control plane (vSmart), data plane (vEdge), and orchestration plane (vBond). It also summarizes capabilities like zero touch provisioning, VPN segmentation, application policies, and centralized management.
Introduction to Software Defined Networking (SDN)rjain51
Class lecture by Prof. Raj Jain on Introduction to . The talk covers Origins of SDN, What is SDN?, Original Definition of SDN, What = Why We need SDN?, SDN Definition, XMPP, XMPP in Data Centers, Path Computation Element, PCE, Forwarding and Control Element, Sample ForCES Exchanges, Application Layer Traffic Optimization, ALTO, ALTO Extension, Current SDN Debate: What vs. How?, SDN Controller Functions, RESTful APIs, OSGi Framework, Open Daylight SDN Controller, OpenDaylight Tools, Affinity Metadata Service, SDN Related Organizations and Projects, SDN Web Sites, Hierarchy of Operations, Introduction to, Origins of SDN, What is SDN?, Original Definition of SDN, What = Why We need SDN?, SDN Definition, XMPP, XMPP in Data Centers, Path Computation Element, PCE, Forwarding and Control Element, Sample ForCES Exchanges, Application Layer Traffic Optimization, ALTO, ALTO Extension, Current SDN Debate: What vs. How?, SDN Controller Functions, RESTful APIs, OSGi Framework, Open Daylight SDN Controller, OpenDaylight Tools, Affinity Metadata Service, SDN Related Organizations and Projects, SDN Web Sites. Video recording available in YouTube.
The document provides information about an upcoming training course on deploying MPLS L3 VPNs. It includes details about the trainers, Nurul Islam Roman and Jessica Wei, their backgrounds and areas of expertise. It also outlines the course agenda which will cover topics such as MPLS VPN models, terminology, operation, configuration examples and service deployment scenarios.
This document outlines best practices for Internet exchange points (IXPs). It discusses that an IXP is a layer 2 Ethernet network connecting members through assigned IP addresses using only BGP. IXPs allow members to exchange their own and customer routes to improve traffic performance and save costs on internet transit. The document also provides guidelines for members and operators, such as disabling unwanted protocols, not leaking IXP prefixes, and implementing port security and storm control.
Slide deck to give some theoretical background before stepping into the hands-on tutorial at http://sdnhub.org/tutorials/opendaylight. Compared to earlier version of this slide deck, this tutorial slide deck has been updated to focus more on MD-SAL and YANG modeled app development.
Marek Isalski, Faelix.net Ltd, describes the MikroTik range of routers and their applications, gives a pros and cons summary, and recommendations for budget provider edge deployment.
The advent of Network Function Virtualization (NFV) is dramatically changing the way in which telecommunication networks are designed and operated. Traditional specialized physical appliances are replaced with software modules, called Virtual Network functions(VNFs), running on a virtualization infrastructure made up of general purpose servers. Examples of VNFs categories are NATs (Network Address Translation), firewalls, DPIs (Deep Packet Inspection), IDSs (Intrusion Detection System), load balancers, HTTP proxies. Service Function Chaining (SFC) denotes the process of forwarding packets through the sequence of VNFs. IPv6 Segment Routing (SRv6) is a source routing paradigm that allows to steer packets through an ordered list of VNFs in a simple and scalable manner. In this slides, we present the architecture of SFC using SRv6 for both cases of SRv6-aware and SRv6-unaware VNFs. We provide an open source implementation and easy replicable testbed for the presented work.
Demystifying EVPN in the data center: Part 1 in 2 episode seriesCumulus Networks
Network operators are slowly but surely embracing L3-based leaf-spine designs. However, either due to legacy applications or certain multi-tenancy requirements, the need for L2 across racks is still present. How do you solve the problem of providing L2 across multiple racks? EVPN is quickly emerging as the best answer to this question.
In this episode of our 2-part series on EVPN, we start with a discussion of the use cases, a review of the technologies EVPN competes with, and dive into an evaluation of the pros and cons of each.
For a recording of the live event, go to http://go.cumulusnetworks.com/l/32472/2017-09-22/95t27t
Calling VoWiFi... The Next Mobile Operator Service is here... Cisco Canada
The document provides housekeeping notes for a Cisco Connect Toronto 2015 session. It reminds attendees to silence phones and laptops, ask questions during the session, and complete a survey for a chance to win a headset. It also provides information on Cisco dCloud and accessing demos and labs, and discusses VoWiFi including benefits for mobile operators, architectures, and call flows.
This document explains MPLS Layer 3 VPNs. It discusses how Layer 3 VPNs allow routing information to be shared between customer sites using protocols like OSPF and BGP across the service provider's MPLS network. It describes how Virtual Routing and Forwarding instances (VRFs), MP-BGP, Route Distinguishers (RDs), and Route Targets (RTs) work together to separate routing information for different customers and establish VPN connectivity between their sites while avoiding overlapping address spaces.
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewAmeen Wayok
This document discusses Virtual Private LAN Service (VPLS) and provides an overview of VPLS technical concepts. VPLS defines an architecture that delivers Ethernet multipoint services over an MPLS network by emulating an Ethernet bridge. Key components of VPLS include provider edge devices, pseudowires to connect customer sites, and virtual switch instances to segment customer traffic. VPLS supports both direct attachment and hierarchical architectures. Loop prevention is achieved through a full mesh of pseudowires between provider edges and split horizon forwarding in the MPLS core.
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC
This document discusses deploying MPLS L3VPN. It begins with an overview of MPLS and VPN terminology. It then covers the MPLS reference architecture and different node types. It describes how IP/VPN technologies use separate routing tables at provider edge (PE) routers to provide independent virtual routing and forwarding (VRF) instances for each VPN customer. The control plane uses multiprotocol BGP (MP-BGP) to distribute VPN routes between PE routers using route distinguisher (RD), route target (RT), and labels. The forwarding plane uses these labels to encapsulate and transport customer IP packets across the MPLS core. The document then discusses various IP/VPN services including load sharing, hub-and-spoke
The document discusses various methods of configuring MPLS in a network, including:
1. Configuring LDP to automatically establish label-switched paths between routers.
2. Configuring RSVP signaling to establish an explicit LSP from Batam to Ambon with a bandwidth reservation of 500Mb.
3. Integrating LSP routes into the unicast routing table and verifying LSP establishment through traceroute.
Introduction to OpenDaylight & Application DevelopmentMichelle Holley
This document provides an introduction to OpenDaylight, an open source platform for Software-Defined Networking (SDN). It outlines what OpenDaylight is, its community and releases, the components within OpenDaylight including northbound and southbound interfaces, and some example network applications that can be built on OpenDaylight. It also provides an overview of how to develop applications using OpenDaylight, covering technologies like OSGi, MD-SAL, and the Yang modeling language.
Router-on-a-stick is a method of inter-VLAN routing where a single router interface acts as a trunk link to a switch. This interface is divided into multiple logical subinterfaces, each tied to a VLAN and assigned an IP address. When a host in one VLAN sends traffic to a different VLAN, the switch tags it with the VLAN ID. The router routes the traffic to the correct subinterface and VLAN based on the IP addresses and switch port VLAN configurations. This allows a router to interconnect multiple VLANs using only one physical interface, reducing hardware costs compared to using one interface per VLAN.
The document discusses Layer 2 VPN over MPLS, including concepts of Virtual Private Wire Service (VPWS) and Virtual Private LAN Service (VPLS). It covers characteristics of Layer 3 and Layer 2 VPNs and concepts of L2 VPN signaling using protocols like LDP and BGP. The document also provides examples of encapsulation and data flow for Ethernet over MPLS (EoMPLS) and Frame Relay over MPLS (FRoMPLS) L2 VPN services.
The document discusses the OpenDaylight SDN controller. It provides an overview of OpenDaylight, describing it as an open-source project that promotes Software Defined Networking using technologies like Eclipse, Maven, and OSGi. The document also covers basic hands-on steps for installing and using the OpenDaylight controller, including setting up the environment, writing controller code, using Mininet and the controller's web UI.
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpecCisco Russia
The document discusses using BGP FlowSpec to provide network security for an internet service provider. It begins with an introduction to BGP FlowSpec, describing its components and how rules are distributed using BGP. It then covers using BGP FlowSpec for different DDoS mitigation scenarios, including stateless amplification attacks, stateless L3/L4 attacks, and stateful attacks targeting application resources. Configuration and other use cases are also briefly mentioned.
Synopsis: A discussion of the requirements for next generation network management identified in RFC 3535 which lead to the development of NETCONF and YANG.
Using MikroTik routers for BGP transit and IX points Pavel Odintsov
This document discusses using MikroTik routers for BGP transit and internet exchange (IX) points. It covers how to configure BGP to import routes from transit carriers and IXes, export routes to customers, and control outgoing traffic preferences. Communities are used to mark routes from different providers and for blackholing DDoS attacks. Recommended BGP attribute values are provided to control traffic flow. Acknowledgments are given to DE-CIX for information used in the presentation.
This document provides an overview and design guide for implementing VXLAN and vCNS networks. It begins with an introduction to VXLAN including competing solutions, why it was created, and current adoption status. It then discusses the key components needed for a VXLAN deployment including vCNS Edge, vSphere Distributed Switch, and VTEPs. The document reviews multicast configuration options and considerations, as well as high-level logical and physical deployment diagrams. It concludes with a discussion of VXLAN performance overhead and using VXLAN with HP Virtual Connect.
This document provides guidance on IPv6 address planning. It discusses how to obtain IPv6 address space from regional internet registries or upstream ISPs. It recommends allocating address space for infrastructure, point-to-point links, LANs, and customers. Specific allocation sizes are suggested, such as a /48 for infrastructure and a /48 or smaller for customers depending on their needs. The document also discusses nibble boundaries and examples of IPv6 address plans including for ISP infrastructure, point-to-point links to customers, and allocating to customers.
EVPN is a network virtualization technology that allows Ethernet services to be delivered across MPLS or IP networks. It uses BGP for the control plane to distribute MAC and IP addresses and can support both single-active and all-active multi-homing topologies. EVPN provides flexibility in service delivery and has been widely adopted by major service providers and cloud providers for a variety of use cases including data center interconnect and virtual machine mobility. Automation of EVPN configuration can simplify provisioning and management through the use of tools like NetBox, Python scripts, Ansible, and workflow managers.
VRF (Virtual Routing and Forwarding) provides logical isolation of routing domains within a physical network. The document discusses VRF support in Linux kernels and Cumulus Linux. It provides examples of VRF configuration and management, including interface assignment, routing protocols, and troubleshooting tools. VRF allows multiple routing instances to operate on the same physical router or switch for improved network segmentation and security.
Webinar topic: MPLS on Router OS V7 - Part 1
Presenter: Achmad Mardiansyah & M. Taufik Nurhuda
In this webinar series, How MPLS on Router OS V7 works
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/en/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord
Recording available on Youtube
https://youtu.be/SvZrYNA0-rQ
Multi-tenant Framework for SDN VirtualizationHao Jiang
This document proposes a multi-tenant framework on the northbound side of SDN that would allow multiple organizational entities to transparently share the underlying data plane resources of an SDN provider network. It first reviews existing approaches like OpenDaylight's Virtual Tenant Network, which creates virtual network environments within the SDN controller. The proposed framework would provide each tenant independent network services and control through northbound APIs to monitor and manage their own virtual networks, while the SDN provider manages shared backbone resources and tenant access. Key aspects like authentication, authorization, resource allocation, and monitoring are discussed.
The advent of Network Function Virtualization (NFV) is dramatically changing the way in which telecommunication networks are designed and operated. Traditional specialized physical appliances are replaced with software modules, called Virtual Network functions(VNFs), running on a virtualization infrastructure made up of general purpose servers. Examples of VNFs categories are NATs (Network Address Translation), firewalls, DPIs (Deep Packet Inspection), IDSs (Intrusion Detection System), load balancers, HTTP proxies. Service Function Chaining (SFC) denotes the process of forwarding packets through the sequence of VNFs. IPv6 Segment Routing (SRv6) is a source routing paradigm that allows to steer packets through an ordered list of VNFs in a simple and scalable manner. In this slides, we present the architecture of SFC using SRv6 for both cases of SRv6-aware and SRv6-unaware VNFs. We provide an open source implementation and easy replicable testbed for the presented work.
Demystifying EVPN in the data center: Part 1 in 2 episode seriesCumulus Networks
Network operators are slowly but surely embracing L3-based leaf-spine designs. However, either due to legacy applications or certain multi-tenancy requirements, the need for L2 across racks is still present. How do you solve the problem of providing L2 across multiple racks? EVPN is quickly emerging as the best answer to this question.
In this episode of our 2-part series on EVPN, we start with a discussion of the use cases, a review of the technologies EVPN competes with, and dive into an evaluation of the pros and cons of each.
For a recording of the live event, go to http://go.cumulusnetworks.com/l/32472/2017-09-22/95t27t
Calling VoWiFi... The Next Mobile Operator Service is here... Cisco Canada
The document provides housekeeping notes for a Cisco Connect Toronto 2015 session. It reminds attendees to silence phones and laptops, ask questions during the session, and complete a survey for a chance to win a headset. It also provides information on Cisco dCloud and accessing demos and labs, and discusses VoWiFi including benefits for mobile operators, architectures, and call flows.
This document explains MPLS Layer 3 VPNs. It discusses how Layer 3 VPNs allow routing information to be shared between customer sites using protocols like OSPF and BGP across the service provider's MPLS network. It describes how Virtual Routing and Forwarding instances (VRFs), MP-BGP, Route Distinguishers (RDs), and Route Targets (RTs) work together to separate routing information for different customers and establish VPN connectivity between their sites while avoiding overlapping address spaces.
CISCO Virtual Private LAN Service (VPLS) Technical Deployment OverviewAmeen Wayok
This document discusses Virtual Private LAN Service (VPLS) and provides an overview of VPLS technical concepts. VPLS defines an architecture that delivers Ethernet multipoint services over an MPLS network by emulating an Ethernet bridge. Key components of VPLS include provider edge devices, pseudowires to connect customer sites, and virtual switch instances to segment customer traffic. VPLS supports both direct attachment and hierarchical architectures. Loop prevention is achieved through a full mesh of pseudowires between provider edges and split horizon forwarding in the MPLS core.
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]APNIC
This document discusses deploying MPLS L3VPN. It begins with an overview of MPLS and VPN terminology. It then covers the MPLS reference architecture and different node types. It describes how IP/VPN technologies use separate routing tables at provider edge (PE) routers to provide independent virtual routing and forwarding (VRF) instances for each VPN customer. The control plane uses multiprotocol BGP (MP-BGP) to distribute VPN routes between PE routers using route distinguisher (RD), route target (RT), and labels. The forwarding plane uses these labels to encapsulate and transport customer IP packets across the MPLS core. The document then discusses various IP/VPN services including load sharing, hub-and-spoke
The document discusses various methods of configuring MPLS in a network, including:
1. Configuring LDP to automatically establish label-switched paths between routers.
2. Configuring RSVP signaling to establish an explicit LSP from Batam to Ambon with a bandwidth reservation of 500Mb.
3. Integrating LSP routes into the unicast routing table and verifying LSP establishment through traceroute.
Introduction to OpenDaylight & Application DevelopmentMichelle Holley
This document provides an introduction to OpenDaylight, an open source platform for Software-Defined Networking (SDN). It outlines what OpenDaylight is, its community and releases, the components within OpenDaylight including northbound and southbound interfaces, and some example network applications that can be built on OpenDaylight. It also provides an overview of how to develop applications using OpenDaylight, covering technologies like OSGi, MD-SAL, and the Yang modeling language.
Router-on-a-stick is a method of inter-VLAN routing where a single router interface acts as a trunk link to a switch. This interface is divided into multiple logical subinterfaces, each tied to a VLAN and assigned an IP address. When a host in one VLAN sends traffic to a different VLAN, the switch tags it with the VLAN ID. The router routes the traffic to the correct subinterface and VLAN based on the IP addresses and switch port VLAN configurations. This allows a router to interconnect multiple VLANs using only one physical interface, reducing hardware costs compared to using one interface per VLAN.
The document discusses Layer 2 VPN over MPLS, including concepts of Virtual Private Wire Service (VPWS) and Virtual Private LAN Service (VPLS). It covers characteristics of Layer 3 and Layer 2 VPNs and concepts of L2 VPN signaling using protocols like LDP and BGP. The document also provides examples of encapsulation and data flow for Ethernet over MPLS (EoMPLS) and Frame Relay over MPLS (FRoMPLS) L2 VPN services.
The document discusses the OpenDaylight SDN controller. It provides an overview of OpenDaylight, describing it as an open-source project that promotes Software Defined Networking using technologies like Eclipse, Maven, and OSGi. The document also covers basic hands-on steps for installing and using the OpenDaylight controller, including setting up the environment, writing controller code, using Mininet and the controller's web UI.
Обеспечение безопасности сети оператора связи с помощью BGP FlowSpecCisco Russia
The document discusses using BGP FlowSpec to provide network security for an internet service provider. It begins with an introduction to BGP FlowSpec, describing its components and how rules are distributed using BGP. It then covers using BGP FlowSpec for different DDoS mitigation scenarios, including stateless amplification attacks, stateless L3/L4 attacks, and stateful attacks targeting application resources. Configuration and other use cases are also briefly mentioned.
Synopsis: A discussion of the requirements for next generation network management identified in RFC 3535 which lead to the development of NETCONF and YANG.
Using MikroTik routers for BGP transit and IX points Pavel Odintsov
This document discusses using MikroTik routers for BGP transit and internet exchange (IX) points. It covers how to configure BGP to import routes from transit carriers and IXes, export routes to customers, and control outgoing traffic preferences. Communities are used to mark routes from different providers and for blackholing DDoS attacks. Recommended BGP attribute values are provided to control traffic flow. Acknowledgments are given to DE-CIX for information used in the presentation.
This document provides an overview and design guide for implementing VXLAN and vCNS networks. It begins with an introduction to VXLAN including competing solutions, why it was created, and current adoption status. It then discusses the key components needed for a VXLAN deployment including vCNS Edge, vSphere Distributed Switch, and VTEPs. The document reviews multicast configuration options and considerations, as well as high-level logical and physical deployment diagrams. It concludes with a discussion of VXLAN performance overhead and using VXLAN with HP Virtual Connect.
This document provides guidance on IPv6 address planning. It discusses how to obtain IPv6 address space from regional internet registries or upstream ISPs. It recommends allocating address space for infrastructure, point-to-point links, LANs, and customers. Specific allocation sizes are suggested, such as a /48 for infrastructure and a /48 or smaller for customers depending on their needs. The document also discusses nibble boundaries and examples of IPv6 address plans including for ISP infrastructure, point-to-point links to customers, and allocating to customers.
EVPN is a network virtualization technology that allows Ethernet services to be delivered across MPLS or IP networks. It uses BGP for the control plane to distribute MAC and IP addresses and can support both single-active and all-active multi-homing topologies. EVPN provides flexibility in service delivery and has been widely adopted by major service providers and cloud providers for a variety of use cases including data center interconnect and virtual machine mobility. Automation of EVPN configuration can simplify provisioning and management through the use of tools like NetBox, Python scripts, Ansible, and workflow managers.
VRF (Virtual Routing and Forwarding) provides logical isolation of routing domains within a physical network. The document discusses VRF support in Linux kernels and Cumulus Linux. It provides examples of VRF configuration and management, including interface assignment, routing protocols, and troubleshooting tools. VRF allows multiple routing instances to operate on the same physical router or switch for improved network segmentation and security.
Webinar topic: MPLS on Router OS V7 - Part 1
Presenter: Achmad Mardiansyah & M. Taufik Nurhuda
In this webinar series, How MPLS on Router OS V7 works
Please share your feedback or webinar ideas here: http://bit.ly/glcfeedback
Check our schedule for future events: https://www.glcnetworks.com/en/schedule/
Follow our social media for updates: Facebook, Instagram, YouTube Channel, and telegram also discord
Recording available on Youtube
https://youtu.be/SvZrYNA0-rQ
Multi-tenant Framework for SDN VirtualizationHao Jiang
This document proposes a multi-tenant framework on the northbound side of SDN that would allow multiple organizational entities to transparently share the underlying data plane resources of an SDN provider network. It first reviews existing approaches like OpenDaylight's Virtual Tenant Network, which creates virtual network environments within the SDN controller. The proposed framework would provide each tenant independent network services and control through northbound APIs to monitor and manage their own virtual networks, while the SDN provider manages shared backbone resources and tenant access. Key aspects like authentication, authorization, resource allocation, and monitoring are discussed.
Introduction to the Helium release of OpenDaylightSDN Hub
"Helium" is the second release of OpenDaylight made on Oct 2, 2014. This release has more expanded support for Yang, modeling and autogeneration of REST API, improved performance of MD-SAL datastore using Tree-based Akka storage, better integration with OpenStack Neutron API, support for Group-based Policy and support for Service Function Chaining.
Collaborating with OpenDaylight for a Network-Enabled CloudTesora
OpenDaylight is an open source SDN platform developed under the Linux Foundation. It aims to promote adoption of SDN through an industry-supported common platform. OpenDaylight has over 31,000 commits from nearly 700 contributors, representing over 2.6 million lines of Java code. It is used in over 150 commercial deployments and integrates with OpenStack for network virtualization and NFV services. Future releases will improve scaling, performance, and application integration through projects like Genius and NetVirt.
This document summarizes a presentation about odl-mdsal-clustering, which provides a distributed data store for OpenDaylight. The presentation covers the components, requirements, design, testing, monitoring, challenges and insights of the distributed data store. It uses Akka clustering and Raft consensus to provide a highly available datastore across multiple nodes. Future work includes improving remote notifications, dynamic server management and more fine-grained sharding capabilities.
The document discusses OpenDaylight Network Virtualization and its future direction. It provides an overview of the SDN market and OpenDaylight topics such as the Hydrogen release and growing number of sponsors. It then discusses network virtualization, the Virtual Tenant Network (VTN) project in OpenDaylight, which implements virtual network abstractions and reactive control over the OpenFlow network. Finally, it briefly introduces Open DOVE, an overlay network virtualization platform integrated with OpenDaylight that provides multi-tenant isolated networks using encapsulation.
This document discusses load balancing in a software defined networking (SDN) environment using the OpenDaylight controller. It provides background on SDN and OpenDaylight, including how SDN works, advantages, framework, layers in SDN, and OpenFlow protocol. It describes using Mininet to emulate a network topology and implement load balancing policies like round robin and random at the controller. The project tests these policies and measures results like traffic flow using tools like Wireshark and the OpenDaylight portal.
Schedule based network orchestration using opendaylightCoreStack
Orchestration of Project Onboarding in an IT/ITES Environment enabling the automated provisioning and deployment of networking infrastructure for project workspaces.
This document discusses OpenDaylight's implementation of OpenFlow clustering. Key points:
- OpenDaylight uses components like the OpenFlow plugin, Entity Ownership Service, and clustered datastore to implement clustering.
- Clustering provides high availability (via controller failover) and scalability. OpenFlow 1.3+ supports master/slave roles to facilitate failover.
- The Entity Ownership Service elects a master controller for each switch using strategies like first candidate or least loaded. It notifies of ownership changes.
- Challenges include race conditions, switch connection flapping, partitioning, and scale. Areas of future work are listed.
【EPN Seminar Nov.10.2015】 Services Function Chaining Architecture, Standardiz...シスコシステムズ合同会社
The document provides an overview of services function chaining architecture, standards, and the Opendaylight implementation. It discusses the services function chaining architecture, the network service header data plane, and how Opendaylight implements services function chaining through Yang models, a UI, data plane components, and integration with group based policy.
The document discusses network slicing inputs from several standards organizations:
- NGMN defines network slicing and describes the basic concept. ITU refers to NGMN's definition.
- ONF uses NGMN's definition of network slicing. 3GPP references NGMN in TR22.891 and other specifications.
- 3GPP TR38.801 describes RAN aspects of network slicing. TR22.891 includes 13 requirements for network slicing.
- ETSI NFV discusses how network slice lifecycle management interacts with NFV MANO. 5G Americas looks at the end-to-end network slicing architecture and governance.
DEVNET-1175 OpenDaylight Service Function ChainingCisco DevNet
This tutorial will overview the OpenDaylight Service Function Chaining (SFC) architecture, implementation and operation. A description of the SFC components and the Network Service Header (NSH) will be presented. This talk will conclude with a step-by-step demonstration of SFC configuration and operation using the GUI and REST interfaces.
Docker networking basics & coupling with Software Defined NetworksAdrien Blind
This presentation reminds Docker networking, exposes Software Defined Network basic paradigms, and then proposes a mixed-up implementation taking benefits of a coupled use of these two technologies. Implementation model proposed could be a good starting point to create multi-tenant PaaS platforms.
As a bonus, OpenStack Neutron internal design is presented.
You can also have a look on our previous presentation related to enterprise patterns for Docker:
http://fr.slideshare.net/ArnaudMAZIN/docker-meetup-paris-enterprise-docker
Overview of Distributed Virtual Router (DVR) in Openstack/Neutronvivekkonnect
The document discusses distributed virtual routers (DVR) in OpenStack Neutron. It describes the high-level architecture of DVR, which distributes routing functions from network nodes to compute nodes to improve performance and scalability compared to legacy centralized routing. Key aspects covered include east-west and north-south routing mechanisms, configuration, agent operation modes, database extensions, scheduling, and support for services. Plans are outlined for enhancing DVR in upcoming OpenStack releases.
Ligato - A platform for development of Cloud-Native VNF's - SDN/NFV London me...Haidee McMahon
1. The document discusses the need for cloud-native network functions (CNFs) and proposes a platform called Ligato to develop CNFs.
2. Ligato provides lifecycle management, high-performance networking and forwarding, and easy installation and operation for container-based CNFs.
3. It describes how Ligato enables service function chaining by orchestrating CNFs and uses containers, VPP, and overlays for high performance networking between CNFs.
Ch 02 --- sdn and openflow architectureYoram Orzach
This document provides an overview of SDN and OpenFlow. It describes the traditional network structure with separate control, forwarding, and management planes. With SDN, the control plane is centralized into a controller that programs "dumb" switches via the OpenFlow protocol. The controller manages flow tables on switches to determine how traffic is forwarded. Key OpenFlow components include the controller, OpenFlow channel, flow tables, group tables, and meter tables. The document provides examples of how OpenFlow can implement switching, routing, firewalls, and other network functions through flow table entries.
1. The document discusses OpenStack Neutron and Open vSwitch (OVS), describing their architecture and configuration. It explains that Neutron uses OVS to provide virtual networking and switching capabilities between virtual machines.
2. Key components of the Neutron-OVS architecture include the Neutron server, OVS agents on compute nodes, and the OVS daemon that implements the switch in the kernel and userspace.
3. The document also provides examples of configuring an OVS bridge and ports for virtual networking in OpenStack.
Joint presentation on behalf of the Society of Cable Telecommunications Engineers (SCTE) between Cox Communications (Mazen Khaddem) and Cisco Systems (Dr. Loukas Paraschis). Presentation covers different SDN categories, NFV examples in business services, and use cases for WAN SDN.
JDO 2019: Service mesh with Istio - Mariusz GilPROIDEA
Architektura mikroserwisowa niesie ze sobą wiele wyzwań, zarówno w kwestii kodu i odpowiedzialności realizowanych przez poszczególne usługi jak i komunikacji pomiędzy nimi. Ta sieć powiązanych ze sobą aplikacji, nieustannie komunikujących się z użyciem różnych protokołów staje się zwykle wraz z upływem czasu coraz bardziej skomplikowana i trudniejsza w codziennym zarządzaniu. Istio jest jednym z narzędzi pomagających zapanować nad skomplikowanym service meshem, oferującym szereg funkcjonalności związanych choćby z load balancingiem ruchu sieciowego, autentykacji, monitoringu, trackowania… W trakcie prezentacji zapoznasz się więc zarówno z architekturą Istio jak i typowymi przypadkami użycia tego rozwiązania.
DragonFlow sdn based distributed virtual router for openstack neutronEran Gampel
Dragonflow is an implementation of a fully distributed virtual router for OpenStack® Neutron™ that is based on a light weight SDN controller
blog.gampel.net
Network and Service Virtualization tutorial at ONUG Spring 2015SDN Hub
Tutorial at ONUG Spring 2015 on Network and Service Virtualization. The tutorial covers three converging trends 1) Network virtualization, 2) Service virtualization, 3) overlay networking for Docker and OpenStack. The talk concludes with pointers to the hands-on portion of the tutorial that uses LorisPack, and the operational lessons learned.
Enhancing Network Visibility Based On Open Converged Network ApplianceOpen Networking Summit
Dr. Dongheon Lee' and Dr. Junho Suh's presentation from the 2017 Open Networking Summit.
As the mobile traffic carried by cellular networks has been growing rapidly and the networks gets bigger and more complex, network operators have been forced to search for solutions to substantially enhance network visibility. This talk introduces SKT integrated Network Analyzer (TiNA) and Converged Appliance Platform (T-CAP) which help us improving the efficiency of network operation, troubleshooting, and analyzing traffic. TiNA is composed of virtual network packet broker, flow analyzer, high speed packet dump system, connection performance analyzer, and 3D-based network management system. T-CAP is an open architecture of a server-switch type hardware. We will review how to implement those TiNA functions based on open source (e.g., DPDK, Spark Streaming) and T-CAP. Finally, we will also discuss about the use-cases of TiNA and T-CAP for the private cloud & telco network infrastructure.
Optimizing QoE and Latency of Live Video Streaming Using Edge Computing a...Alpen-Adria-Universität
Nowadays, HTTP Adaptive Streaming (HAS) has become the de-facto standard for delivering video over the Internet. More users have started generating and delivering high-quality live streams (usually 4K resolution) through popular online streaming platforms, resulting in a rise in live streaming traffic. Typically, the video contents are generated by streamers and watched by many audiences, geographically distributed in various locations far away from the streamers. The resource limitation in the network (e.g., bandwidth) is a challenging issue for network and video providers to meet the users’ requested quality. This dissertation leverages edge computing capabilities and in-network intelligence to design, implement, and evaluate approaches to optimize Quality of Experience (QoE) and end-to-end (E2E) latency of live HAS. In addition, improving transcoding performance and optimizing the cost of running live HAS services and the network’s backhaul utilization are considered. Motivated by the mentioned issue, the dissertation proposes five contributions in two classes: optimizing resource utilization and light-weight transcoding.
This document discusses Contrail 3.0.2 cloud solution with nested KVM virtual machines. It begins with an overview of data center orchestration with OpenStack and Contrail. It then covers overlay networking using MPLS over GRE and MPLS over UDP tunnels. The document demonstrates how to create nested KVM virtualization and shows routes and packet forwarding between nested virtual machines and physical hosts. It provides commands to view routes, tunnels, and trace packets between nested and physical systems.
Intelligent Network Services through Active Flow ManipulationTal Lavian Ph.D.
Active Flow Manipulation Abstractions:
Aggregate data into traffic flows
Flows whose characteristics can be identified in real-time
E.g., “all UDP packets to a particular service”, “all TCP packets from a particular machine”.
Actions to be performed in the traffic flows
Actions that can be performed in real-time
E.g., “Change the priority of all traffic destined to a particular service on a particular machine”, “Stop all traffic out of a particular link of a router”.
Understanding network and service virtualizationSDN Hub
This document discusses network and service virtualization technologies. It begins with an overview of challenges with current network architectures and how virtualization addresses them. It then covers three key trends: 1) network virtualization using SDN to program networks dynamically, 2) service virtualization using NFV to virtualize network functions, and 3) new infrastructure tools like Open vSwitch, OpenDaylight, and Docker networking. Finally, it discusses approaches to deploying network and service virtualization and provides a vendor landscape.
Unified Stream Processing at Scale with Apache Samza - BDS2017Jacob Maes
The shift to stream processing at LinkedIn has accelerated over the past few years. We now have over 200 Samza applications in production processing more than 260B events per day. Many of these are new applications, but there have also been more migrations from existing online and offline applications. To support the influx of new use cases, we have improved the flexibility, efficiency and reliability of Apache Samza.
In this talk, we will take a brief look at the broader streaming ecosystem at LinkedIn, then we will zoom in on a few representative use cases and explain how they are powered by recent advancements to Apache Samza including a unified high level API, flexible deployment model, batch processing, and more.
Enabling Active Flow Manipulation (AFM) in Silicon-based Network Forwarding E...Tal Lavian Ph.D.
Programmable Internet:
Enhance internetworking functions.
Move computations into the network for value added services.
Manage the network more capably than possible with SNMP.
More quickly introduce Diffserv or Inserv to support new multimedia applications
Implement traffic control algorithms to support QoS.
Replacing iptables with eBPF in Kubernetes with CiliumMichal Rostecki
Cilium is an open source project which provides networking, security and load balancing for application services that are deployed using Linux container technologies by using the native eBPF technology in the Linux kernel. In this presentation we talked about:
- The evolution of the BPF filters and explained the advantages of eBPF Filters and its use cases today in Linux especially on how Cilium networking utilizes the eBPF Filters to secure the Kubernetes workload with increased performance when compared to legacy iptables.
- How Cilium uses SOCKMAP for layer 7 policy enforcement - How Cilium integrates with Istio and handles L7 Network Policies with Envoy Proxies.
- The new features since the last release such as running Kubernetes cluster without kube-proxy, providing clusterwide NetworkPolicies, providing fully distributed networking and security observability platform for cloud native workloads etc.
About overlay network in CORD(Central Office Re-architected as a Datacenter), overlay network is driven by VTN application in ONOS controller, and this talk will deep into how VTN use OpenFlow rules to construct Service Networking in CORD.
Paper PDF is available: https://dl.acm.org/citation.cfm?id=3195871
Accepted and presented at 5th Workshop on CrossCloud Infrastructures & Platforms, EuroSys Conference, April 2018
This document discusses use cases and requirements for different cloud customer segments using Contrail. It describes Contrail's ability to enable IT as a service, enterprise migration to the cloud with legacy interconnects, public cloud services, and IoT/M2M use cases. It provides an overview of how Contrail works including its components, scale out architecture, and interaction with OpenStack. It also summarizes Contrail's features such as routing, security, analytics, and gateway services.
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)Thomas Graf
Open vSwitch (OVS) has long been a critical component of the Neutron's reference implementation, offering reliable and flexible virtual switching for cloud environments.
Being an early adopter of the OVS technology, Neutron's reference implementation made some compromises to stay within the early, stable featureset OVS exposed. In particular, Security Groups (SG) have been so far implemented by leveraging hybrid Linux Bridging and IPTables, which come at a significant performance overhead. However, thanks to recent developments and ongoing improvements within the OVS community, we are now able to implement feature-complete security groups directly within OVS.
In this talk we will summarize the existing Security Groups implementation in Neutron and compare its performance with the Open vSwitch-only approach. We hope this analysis will form the foundation of future improvements to the Neutron Open vSwitch reference design.
This presentation by Juraj Čorba, Chair of OECD Working Party on Artificial Intelligence Governance (AIGO), was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
• For a full set of 530+ questions. Go to
https://skillcertpro.com/product/servicenow-cis-itsm-exam-questions/
• SkillCertPro offers detailed explanations to each question which helps to understand the concepts better.
• It is recommended to score above 85% in SkillCertPro exams before attempting a real exam.
• SkillCertPro updates exam questions every 2 weeks.
• You will get life time access and life time free updates
• SkillCertPro assures 100% pass guarantee in first attempt.
This presentation by OECD, OECD Secretariat, was made during the discussion “Pro-competitive Industrial Policy” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/pcip.
This presentation was uploaded with the author’s consent.
Gamify it until you make it Improving Agile Development and Operations with ...Ben Linders
So many challenges, so little time. While we’re busy developing software and keeping it operational, we also need to sharpen the saw, but how? Gamification can be a way to look at how you’re doing and find out where to improve. It’s a great way to have everyone involved and get the best out of people.
In this presentation, Ben Linders will show how playing games with the DevOps coaching cards can help to explore your current development and deployment (DevOps) practices and decide as a team what to improve or experiment with.
The games that we play are based on an engagement model. Instead of imposing change, the games enable people to pull in ideas for change and apply those in a way that best suits their collective needs.
By playing games, you can learn from each other. Teams can use games, exercises, and coaching cards to discuss values, principles, and practices, and share their experiences and learnings.
Different game formats can be used to share experiences on DevOps principles and practices and explore how they can be applied effectively. This presentation provides an overview of playing formats and will inspire you to come up with your own formats.
This presentation by Tim Capel, Director of the UK Information Commissioner’s Office Legal Service, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
The importance of sustainable and efficient computational practices in artificial intelligence (AI) and deep learning has become increasingly critical. This webinar focuses on the intersection of sustainability and AI, highlighting the significance of energy-efficient deep learning, innovative randomization techniques in neural networks, the potential of reservoir computing, and the cutting-edge realm of neuromorphic computing. This webinar aims to connect theoretical knowledge with practical applications and provide insights into how these innovative approaches can lead to more robust, efficient, and environmentally conscious AI systems.
Webinar Speaker: Prof. Claudio Gallicchio, Assistant Professor, University of Pisa
Claudio Gallicchio is an Assistant Professor at the Department of Computer Science of the University of Pisa, Italy. His research involves merging concepts from Deep Learning, Dynamical Systems, and Randomized Neural Systems, and he has co-authored over 100 scientific publications on the subject. He is the founder of the IEEE CIS Task Force on Reservoir Computing, and the co-founder and chair of the IEEE Task Force on Randomization-based Neural Networks and Learning Systems. He is an associate editor of IEEE Transactions on Neural Networks and Learning Systems (TNNLS).
This presentation by OECD, OECD Secretariat, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
This presentation by Thibault Schrepel, Associate Professor of Law at Vrije Universiteit Amsterdam University, was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
1.) Introduction
Our Movement is not new; it is the same as it was for Freedom, Justice, and Equality since we were labeled as slaves. However, this movement at its core must entail economics.
2.) Historical Context
This is the same movement because none of the previous movements, such as boycotts, were ever completed. For some, maybe, but for the most part, it’s just a place to keep your stable until you’re ready to assimilate them into your system. The rest of the crabs are left in the world’s worst parts, begging for scraps.
3.) Economic Empowerment
Our Movement aims to show that it is indeed possible for the less fortunate to establish their economic system. Everyone else – Caucasian, Asian, Mexican, Israeli, Jews, etc. – has their systems, and they all set up and usurp money from the less fortunate. So, the less fortunate buy from every one of them, yet none of them buy from the less fortunate. Moreover, the less fortunate really don’t have anything to sell.
4.) Collaboration with Organizations
Our Movement will demonstrate how organizations such as the National Association for the Advancement of Colored People, National Urban League, Black Lives Matter, and others can assist in creating a much more indestructible Black Wall Street.
5.) Vision for the Future
Our Movement will not settle for less than those who came before us and stopped before the rights were equal. The economy, jobs, healthcare, education, housing, incarceration – everything is unfair, and what isn’t is rigged for the less fortunate to fail, as evidenced in society.
6.) Call to Action
Our movement has started and implemented everything needed for the advancement of the economic system. There are positions for only those who understand the importance of this movement, as failure to address it will continue the degradation of the people deemed less fortunate.
No, this isn’t Noah’s Ark, nor am I a Prophet. I’m just a man who wrote a couple of books, created a magnificent website: http://www.thearkproject.llc, and who truly hopes to try and initiate a truly sustainable economic system for deprived people. We may not all have the same beliefs, but if our methods are tried, tested, and proven, we can come together and help others. My website: http://www.thearkproject.llc is very informative and considerably controversial. Please check it out, and if you are afraid, leave immediately; it’s no place for cowards. The last Prophet said: “Whoever among you sees an evil action, then let him change it with his hand [by taking action]; if he cannot, then with his tongue [by speaking out]; and if he cannot, then, with his heart – and that is the weakest of faith.” [Sahih Muslim] If we all, or even some of us, did this, there would be significant change. We are able to witness it on small and grand scales, for example, from climate control to business partnerships. I encourage, invite, and challenge you all to support me by visiting my website.
This presentation by Professor Giuseppe Colangelo, Jean Monnet Professor of European Innovation Policy, was made during the discussion “The Intersection between Competition and Data Privacy” held at the 143rd meeting of the OECD Competition Committee on 13 June 2024. More papers and presentations on the topic can be found at oe.cd/ibcdp.
This presentation was uploaded with the author’s consent.
This presentation by Yong Lim, Professor of Economic Law at Seoul National University School of Law, was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
This presentation by OECD, OECD Secretariat, was made during the discussion “Artificial Intelligence, Data and Competition” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/aicomp.
This presentation was uploaded with the author’s consent.
Why Psychological Safety Matters for Software Teams - ACE 2024 - Ben Linders.pdfBen Linders
Psychological safety in teams is important; team members must feel safe and able to communicate and collaborate effectively to deliver value. It’s also necessary to build long-lasting teams since things will happen and relationships will be strained.
But, how safe is a team? How can we determine if there are any factors that make the team unsafe or have an impact on the team’s culture?
In this mini-workshop, we’ll play games for psychological safety and team culture utilizing a deck of coaching cards, The Psychological Safety Cards. We will learn how to use gamification to gain a better understanding of what’s going on in teams. Individuals share what they have learned from working in teams, what has impacted the team’s safety and culture, and what has led to positive change.
Different game formats will be played in groups in parallel. Examples are an ice-breaker to get people talking about psychological safety, a constellation where people take positions about aspects of psychological safety in their team or organization, and collaborative card games where people work together to create an environment that fosters psychological safety.
This presentation by Nathaniel Lane, Associate Professor in Economics at Oxford University, was made during the discussion “Pro-competitive Industrial Policy” held at the 143rd meeting of the OECD Competition Committee on 12 June 2024. More papers and presentations on the topic can be found at oe.cd/pcip.
This presentation was uploaded with the author’s consent.
2. www.opendaylight.org
Contribution from NEC based technology from our products
Consists of VTN Manager and VTN Coordinator
OpenDaylight Virtual Tenant Network(VTN)
VTN
Coordinator
VTN
Manager
・Offers VTN API (northbound)
・Build VTN model using
OpenDaylight API
・Control VTN spanning
multiple SDN controllers
VTN Coordinator:
・Offers virtual node feature
・End-to-end dynamic path
control per VTN
VTN Manager:
3. www.opendaylight.org
• Two policy models on VTN multi tenant virtual network
• Flow Filter Model
• Path Map Model
• Multi tenancy ensures that policies of one VTN do not
affect other VTNs
• Inheritance
• VTN-level policy is inherited to all elements belonging to
the VTN
• Element-level policy overrides VTN-level policy
• Current implementation makes best use of OpenFlow
protocol
VTN Policy
4. www.opendaylight.org
Flow Filter Model (only part of full VTN model)
+type = {in|out}
+location
One of: vtn | vBridge | vNode_name+IF
+statistics
General per IF and FFEntry and per flow
+flowfilterentries: Flow Filter Entry
Flow Filter
+vNode_name
+interface_name
+new dst MAC
+new src MAC
+direction
redir_dst
+name: String
+flowlistentries: Flow List Entry
Flow List
+match
Similar to OF match
+sequence number
Flow List Entry
+flowlists: Flow List
+sequence number
+action_type = {pass, drop, redirect}
+redirect_destination: redir_dst
+set = {priority|dscp}
Mark packets on the wire
Flow Filter Entry
1
1
1
1
1
*
*
Match:
This selects the traffic
to apply markings
Combine:
Allows to create
different sets of
traffic
Action:
Action type
and marking
Policy Target:
Where in topology
to apply markings
5. www.opendaylight.org
Policy Target Description
VTN logical representation of tenant network
Virtual
node
(vNode)
vBridge logical representation of L2 switch function
vRouter logical representation of L3 router function
vTerminal
Logical representation of virtual node that is
connected to an interface mapped to a physical
port
vTunnel
logical representation of Tunnel
(consists of vTEPs and vBypass(es))
vTEP logical representation of Tunnel End Point (TEP)
vBypass
logical representation of connectivity between
controlled networks
Virtual
Interface
Interface
representation of end point on the virtual node
(VM, servers, appliance, vBridge, vRouter, etc)
Flow Filter Model: Policy Target (VTN info model)
6. www.opendaylight.org
VTN Example
DC 1 DC 2 DC 3
Inter-DC
network
Controller 1 Controller 3
VTN
vRouter
vBridge vBridgevBridge vBridgevTunnel
Controller 2
Logical Network
interface vLink
Physical Network
VTN(Underlay)
vTep vTepvBypass
7. www.opendaylight.org
Fields for matching conditions
Flow Filter Model: Matching Conditions
Command Number Description
mac-destination-address <mac-address> 1 Destination Mac Address
mac-source-address <mac-address> 2 Source Mac Address
mac-ether-type <ether-type-number> 3 Ether type
mac-vlan-priority <vlan-priority-number> 4 VLAN Priority
ip-destination-address <ip-address>/<prefix-length> 5 Destination IP Address
ip-source-address <ip-address>/<prefix-length> 6 Source IP Address
ip-protocol <protocol-number> 7 Protocol Type
ip-dscp <dscp-number> 8 DSCP
l4-destination-port <port-number> [ to <end-port> ] 9 Destination Port
l4-source-port <port-number> [ to <end-port> ] 10 Source Port
Data
Src
MAC
VLAN
Priority
Src
IP
TCP/UDP
Dst Port
TCP/UDP
Src Port
Dst
MAC
Dst
IP
Ingress
Port
Ether
Type
VLAN
id
IP
ToS
IP
Proto
L1 L2 L3 L4
1 2 3 4 5 6 7 8 9 10
8. www.opendaylight.org
Flow Filter Model: Actions
Intent Description Behavior
Pass Pass packets
Drop Drop packets
Redirect Redirect packets to
a specified point
Priority Set a priority of
packets
Bandwidth Set policing
Statistics Collect statistics
information
Pass
FlowFilter pass
Drop
FlowFilter drop
Redirect
FlowFilter redirect
FlowFilter statistics Collect Statistics
Priority
FlowFilter priority
FlowFilter pass
9. www.opendaylight.org
Flow Filter Model: Action: Drop
vtn Tenant1
{
vbridge vBridge1
{
flow-filter in
{
sequence-number 1
{
match flow-list match-list-a
action drop
}
(snip)
}
Prohibit traffic
Server-BServer-A
Tenant1vBridge1
Example Configuration
Intent VTN Model
Flow Filter
Flow List: match-list-a
flow-list match-list-a type ipv4 {
sequence-number 10 {
ip-destination-address 192.168.10.3/32
}
}
192.168.10.3
10. www.opendaylight.org
Flow Filter Model: Action: Priority
vtn Tenant1
{
vbridge vBridge1
{
flow-filter in
{
sequence-number 1
{
match flow-list match-list-a
set ip-dscp 55
}
(snip)
}
Traffic priority
Server-BServer-A
Tenant1vBridge1
Example Configuration
Intent VTN Model
192.168.10.3
11. www.opendaylight.org
Flow Filter Model: Action: Bandwidth
policing profile POLICING1 {
sequence-number 10{
match flow-list match-list-a
two-rate three-color {
meter rate-unit kbps cir 6000 cbs 48128 pir 8000 pbs 64000
green-action pass
yellow-action penalty priority 5 ip-dscp 12 drop-precedence 2
red-action drop
(snip)
}
vtn Tenant1
{
vbridge vBridge1
{
policing map profile POLICING1
(snip)
}
Throughput thresholds
and limits
Server-BServer-A
Tenant1vBridge1
Example Configuration
Intent VTN Model
192.168.10.3
13. www.opendaylight.org
Policy target
Path: Set cost on physical link and select a shortest (smallest-cost) path
Matching condition
Specify flows with OpenFlow matching condition
Action
Correlate selected paths with specified flows on physical n/w and/or VTN
Path Map Model
Intent Description Behavior
path map Select a path for flows
which match the
matching condition.
(destination is same)
(mentioned
earlier)
redirect
Redirect packets to a
specified point
(destination is changed)
Path Map
Redirect
FlowFilter redirect
VTN is an abbreviation of virtual tenant network, which provides multi tenancy of virtual network.
We contributed VTN to OpenDaylight based on our product technology. It consists of VTN Manager and VTN coordinator. VTN manager provides end-to-end dynamic path control per VTN. VTN coordinator is implemented as an application of OpenDaylight controller, and it controls VTN spanning multiple controllers.
Two policy models are supported in VTN. One is flow filter model, and another is path map model. Both the models are applied on VTNs. Policies applied on one VTN don't affect policies applied on other VTNs. VTN policy also provides inheritance. VTN-level policy is effective to all elements in it. Element-level policy overrides VTN-level policy. Although these models are more like intent basis, we made best use of OpenFlow protocol to implement these models.
I will start with Flow Filter Model. This is a set of class diagram to show some flow filter case.
Flow list corresponds to a classifier. It defines matching conditions. Flow Filter defines policy target and action.
Now I am going to talk about them each by each.
Now lets look in to the Target’s where the flow filter can be applied.
Flow Filter can be applied to VTN, virtual node, and virtual interface.
Virtual nodes are abstractions of physical network resources. vBridge/vRouter represents L2/L3 functions. vTerminal represents a special virtual node which is specifically used for flow filter redirect. vTunnel is Tunnel, vTep is tunnel end point, and vBypass is controlled network connectivity. Interface represents end point on virtual node.
This is the example of VTN by using those VTN elements. In this case, VTN encompasses 3 data centers. VTN policy can be applied to VTN itself and those VTN elements as well.
For Flow filter’s matching, OpenFlow matching conditions are used. As you know, any combinations of those tuples are used.
There are several intent actions supported.
Pass allows packets to go through. Drop prohibits packets to pass. Redirect changes a destination of packets and sends them to the destination. Priority is a marking capability.
Bandwidth sets policing, and statistics collects statistics information.
I will show you some of them in detail in the following slides.
This example shows that action drop is set to vBridge for packets specified in this match condition list.
This example is for priority. It shows that TOS is remarked as 55 to Tenant1 vBridge for packets specified in this match condition list.
Intent bandwidth uses policing capability. In this case, two rate three color feature is used.
This example is for redirect. Traffic matched with this condition at vBridge1 would be forwarded to this vTerminal1.
Then, I will explain Path Map model.
Policy target is path. When there are multi paths between a source and a destination, the smallest cost path is selected after setting cost on physical links on those multi paths.
Then, flows are selected with openflow matching conditions.
Finally action is for those selected flows to take the selected path. This action is taken on physical n/w and or VTN.
Path map consists of Flow condition, Path policy and path map.
On the left hand side the cost setting example is shown. As a result of setting 1million instead of 1000, the lower path would be selected.
On the right hand side the high level picture of path map is shown. Flows matched with flow condition take the path designated with Path map definition.