SlideShare a Scribd company logo
Neutron-Neutron
interconnections
Thomas Morin
VM VM VM VM VM VM
?
2
How to interconnect two OpenStack deployments ?
( …… two or more OpenStack ? two regions ?)
Between datacenters or between NFV POPs,
you may want network interconnections with
the following properties:
on demandon demand
VM VM VM VM VM VM
?
… between NFV PoPs
and/or datacenters…
private addressing
& isolation
private addressing
& isolation
++
avoid the overhead of
packet encryption
avoid the overhead of
packet encryption
++
3
Doing this with
an orchestrator ?
VM VM VM VM VM VM
?
… between NFV PoPs
and/or datacenters…
?
? ?
not always possible...
not always wanted...
 contexts where there isn't a
single organization involved
 need to expose an API to the
projects
 extra complexity
4
“Neutron-Neutron” API:
●
check if the reverse link
is defined on the other side
●
bis: not yet 
●
bis: OK ! 
●
expose/retrieve the technical
details on how to do realize
connectivity ()
●
parameters vary depending
on the technique to use
At the end of the exchange...
Each side has the necessary
information and can setup the
interconnection ()
“User facing” API :
let a project define that a local
Router is linked to a Router on
another Openstack
=> define the link symmetrically
on both sides (,)
Let's extend
Neutron's API !
VM VM VM VM VM VM
Neutron Neutron
 

 
bis

bis
5
 Trusting that the interconnection preserves isolation
 Goal:
 no interconnection setup unless explictly asked by each project/tenant
 How ?
 Interconnect if and only if both sides agree (symmetric link check)
 Each OpenStack instance has to trust the packets from the other OpenStack instances
 This proposal is for organizations/entities trusting each other,
and trusting the network used to carry interconnections
 Authenticating Neutron-Neutron API exchanges
 Each Neutron component on each side needs credentials to talk to the other side
 Not to act as the project/tenant
 Not to act as admin
 Only need creds for a specific role with read-only access to interconnection info
 Keystone federation is not strictly needed for functionality, but will be in practice necessary to
avoid too much configuration overhead
Multitenancy & need for network isolation
imply that we address trust questions
6
Multiple interconnection techniques are possible...
● Requirements for a
technique to be applicable
– Provide isolated network
connectivity
● L2 and/or L3
– Interoperability preferred:
makes the solution applicable
between two OpenStack that
do not use the same SDN
controller solution
● Examples
– VLAN hand-off
– VXLAN gateway
– L2GW
– BGP VPNs
– ...
Example with BGP VPNs
● How ?
– each side provides the routing identifier which the other side
will use to import routes for this interconnection
– connectivity realized whether as an overlay over the WAN, or
with the collaboration of WAN BGP VPN routing
● Benefits ?
– Each side independently allocates identifiers
=> no need to coordinate the use of a common space of
identifiers
● (because BGP RTs have are structured, prefixed typically by
an AS number)
– Can be implemented in Neutron by reusing the existing
BGPVPN Interconnection API
● (the BGPVPN Interconnection API already allows
interconnections, but not on demand because requiring the‑demand because requiring the 
admin to create resources)
● will work with Neutron ref. drivers and many SDN controllers
– Applicable to both IP and Ethernet interconnects
7
Neutron-Neutron interconnections
Wrap up
● Allows interconnections
– On-demand
– No need for an orchestrator
– Light on packet dataplane (no IPSec)
● between OpenStack instances
– two OpenStack instances or more
– between trusting entities
– inter clouds, inter regions, inter DCs, between NFV POPs‑demand because requiring the  ‑demand because requiring the  ‑demand because requiring the 
– including when these instances use a different SDN solution
● Next steps ?
– Neutron Specs being redacted
– Implementation to be proposed based on a PoC implementation by Orange
● Service composition: reusing the existing
Neutron BGPVPN Interconnection service
VM VM VM VM VM VM
?

More Related Content

What's hot

An Introduction to OpenStack Networking
An Introduction to OpenStack NetworkingAn Introduction to OpenStack Networking
An Introduction to OpenStack Networking
Scott Lowe
 
OpenStack Neutron Tutorial
OpenStack Neutron TutorialOpenStack Neutron Tutorial
OpenStack Neutron Tutorial
mestery
 
Training open stack networking -neutron
Training open stack networking -neutronTraining open stack networking -neutron
Training open stack networking -neutron
Haifeng Yan (颜海峰)
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutron
mestery
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack Networking
PLUMgrid
 
Neutron behind the scenes
Neutron   behind the scenesNeutron   behind the scenes
Neutron behind the scenes
inbroker
 
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsNeutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Thomas Morin
 
Open stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsOpen stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetups
yfauser
 
OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr
David Lenwell
 
OpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote SlidesOpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote Slides
mestery
 
OpenStack Networking
OpenStack NetworkingOpenStack Networking
OpenStack Networking
Ilya Shakhat
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
mestery
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
Anil Bidari ( CEO , Cloud Enabled)
 
Neutron: br-ex is now deprecated! what is modern way?
Neutron: br-ex is now deprecated! what is modern way?Neutron: br-ex is now deprecated! what is modern way?
Neutron: br-ex is now deprecated! what is modern way?
Akihiro Motoki
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
yfauser
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havana
Kamesh Pemmaraju
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
vivekkonnect
 
Openstack Neutron & Interconnections with BGP/MPLS VPNs
Openstack Neutron & Interconnections with BGP/MPLS VPNsOpenstack Neutron & Interconnections with BGP/MPLS VPNs
Openstack Neutron & Interconnections with BGP/MPLS VPNs
Thomas Morin
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron Insights
Atul Pandey
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
markmcclain
 

What's hot (20)

An Introduction to OpenStack Networking
An Introduction to OpenStack NetworkingAn Introduction to OpenStack Networking
An Introduction to OpenStack Networking
 
OpenStack Neutron Tutorial
OpenStack Neutron TutorialOpenStack Neutron Tutorial
OpenStack Neutron Tutorial
 
Training open stack networking -neutron
Training open stack networking -neutronTraining open stack networking -neutron
Training open stack networking -neutron
 
Open Source Backends for OpenStack Neutron
Open Source Backends for OpenStack NeutronOpen Source Backends for OpenStack Neutron
Open Source Backends for OpenStack Neutron
 
Navigating OpenStack Networking
Navigating OpenStack NetworkingNavigating OpenStack Networking
Navigating OpenStack Networking
 
Neutron behind the scenes
Neutron   behind the scenesNeutron   behind the scenes
Neutron behind the scenes
 
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deploymentsNeutron-to-Neutron: interconnecting multiple OpenStack deployments
Neutron-to-Neutron: interconnecting multiple OpenStack deployments
 
Open stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetupsOpen stack networking_101_update_2014-os-meetups
Open stack networking_101_update_2014-os-meetups
 
OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr OpenStack Neutron 201 1hr
OpenStack Neutron 201 1hr
 
OpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote SlidesOpenStack Tokyo Summit Keynote Slides
OpenStack Tokyo Summit Keynote Slides
 
OpenStack Networking
OpenStack NetworkingOpenStack Networking
OpenStack Networking
 
OpenStack Neutron Liberty Updates
OpenStack Neutron Liberty UpdatesOpenStack Neutron Liberty Updates
OpenStack Neutron Liberty Updates
 
OpenStack Neutron behind the Scenes
OpenStack Neutron behind the ScenesOpenStack Neutron behind the Scenes
OpenStack Neutron behind the Scenes
 
Neutron: br-ex is now deprecated! what is modern way?
Neutron: br-ex is now deprecated! what is modern way?Neutron: br-ex is now deprecated! what is modern way?
Neutron: br-ex is now deprecated! what is modern way?
 
Open stack networking_101_update_2014
Open stack networking_101_update_2014Open stack networking_101_update_2014
Open stack networking_101_update_2014
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havana
 
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/NeutronOverview of Distributed Virtual Router (DVR) in Openstack/Neutron
Overview of Distributed Virtual Router (DVR) in Openstack/Neutron
 
Openstack Neutron & Interconnections with BGP/MPLS VPNs
Openstack Neutron & Interconnections with BGP/MPLS VPNsOpenstack Neutron & Interconnections with BGP/MPLS VPNs
Openstack Neutron & Interconnections with BGP/MPLS VPNs
 
Openstack Neutron Insights
Openstack Neutron InsightsOpenstack Neutron Insights
Openstack Neutron Insights
 
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack NetworkingONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
ONUG Tutorial: Bridges and Tunnels Drive Through OpenStack Networking
 

Similar to OpenStack Neutron-Neutron interconnections

SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center Networking
Thomas Graf
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined Networking
Digicomp Academy AG
 
Netforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayNetforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebay
Aliasgar Ginwala
 
Virtual Networking (1) (1).pptx
Virtual Networking (1) (1).pptxVirtual Networking (1) (1).pptx
Virtual Networking (1) (1).pptx
KrishnaMishra386849
 
Openstack Networking Internals - first part
Openstack Networking Internals - first partOpenstack Networking Internals - first part
Openstack Networking Internals - first part
lilliput12
 
Why sdn
Why sdnWhy sdn
Why sdn
lz1dsb
 
Examen1ccna3v5.0
Examen1ccna3v5.0Examen1ccna3v5.0
Examen1ccna3v5.0
Juan Carlos Banegas
 
Addressing Network Operator Challenges in YANG push Data Mesh Integration
Addressing Network Operator Challenges in YANG push Data Mesh IntegrationAddressing Network Operator Challenges in YANG push Data Mesh Integration
Addressing Network Operator Challenges in YANG push Data Mesh Integration
ThomasGraf42
 
Software Defined Networking
Software Defined NetworkingSoftware Defined Networking
Software Defined Networking
Abhijeet Singh Panwar
 
Interconnecting Neutron and Network Operators' BGP VPNs
Interconnecting Neutron and Network Operators' BGP VPNsInterconnecting Neutron and Network Operators' BGP VPNs
Interconnecting Neutron and Network Operators' BGP VPNs
Thomas Morin
 
Using Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M usersUsing Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M users
Mirantis
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
Kingston Smiler
 
10 sdn-vir-6up
10 sdn-vir-6up10 sdn-vir-6up
10 sdn-vir-6up
Sachin Siddappa
 
CloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX Boxes
CloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX BoxesCloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX Boxes
CloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX Boxes
GIST (Gwangju Institute of Science and Technology)
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
mestery
 
Routed networks sydney
Routed networks sydneyRouted networks sydney
Routed networks sydney
Miguel Lavalle
 
OpenStack SDN
OpenStack SDNOpenStack SDN
OpenStack SDN
Adrian Norte Fernandez
 
Azure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesAzure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet Topologies
Marius Zaharia
 
Netsft2017 day in_life_of_nfv
Netsft2017 day in_life_of_nfvNetsft2017 day in_life_of_nfv
Netsft2017 day in_life_of_nfv
Intel
 
OpenStack sdn
OpenStack sdnOpenStack sdn

Similar to OpenStack Neutron-Neutron interconnections (20)

SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center Networking
 
Network Virtualization & Software-defined Networking
Network Virtualization & Software-defined NetworkingNetwork Virtualization & Software-defined Networking
Network Virtualization & Software-defined Networking
 
Netforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebayNetforce: extending neutron to support routed networks at scale in ebay
Netforce: extending neutron to support routed networks at scale in ebay
 
Virtual Networking (1) (1).pptx
Virtual Networking (1) (1).pptxVirtual Networking (1) (1).pptx
Virtual Networking (1) (1).pptx
 
Openstack Networking Internals - first part
Openstack Networking Internals - first partOpenstack Networking Internals - first part
Openstack Networking Internals - first part
 
Why sdn
Why sdnWhy sdn
Why sdn
 
Examen1ccna3v5.0
Examen1ccna3v5.0Examen1ccna3v5.0
Examen1ccna3v5.0
 
Addressing Network Operator Challenges in YANG push Data Mesh Integration
Addressing Network Operator Challenges in YANG push Data Mesh IntegrationAddressing Network Operator Challenges in YANG push Data Mesh Integration
Addressing Network Operator Challenges in YANG push Data Mesh Integration
 
Software Defined Networking
Software Defined NetworkingSoftware Defined Networking
Software Defined Networking
 
Interconnecting Neutron and Network Operators' BGP VPNs
Interconnecting Neutron and Network Operators' BGP VPNsInterconnecting Neutron and Network Operators' BGP VPNs
Interconnecting Neutron and Network Operators' BGP VPNs
 
Using Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M usersUsing Kubernetes to make cellular data plans cheaper for 50M users
Using Kubernetes to make cellular data plans cheaper for 50M users
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
 
10 sdn-vir-6up
10 sdn-vir-6up10 sdn-vir-6up
10 sdn-vir-6up
 
CloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX Boxes
CloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX BoxesCloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX Boxes
CloudComp 2015 - SDN-Cloud Testbed with Hyper-convergent SmartX Boxes
 
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward LibertyOpenStack Neutron: What's New In Kilo and a Look Toward Liberty
OpenStack Neutron: What's New In Kilo and a Look Toward Liberty
 
Routed networks sydney
Routed networks sydneyRouted networks sydney
Routed networks sydney
 
OpenStack SDN
OpenStack SDNOpenStack SDN
OpenStack SDN
 
Azure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet TopologiesAzure Networking: Innovative Features and Multi-VNet Topologies
Azure Networking: Innovative Features and Multi-VNet Topologies
 
Netsft2017 day in_life_of_nfv
Netsft2017 day in_life_of_nfvNetsft2017 day in_life_of_nfv
Netsft2017 day in_life_of_nfv
 
OpenStack sdn
OpenStack sdnOpenStack sdn
OpenStack sdn
 

Recently uploaded

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
Operating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptxOperating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptx
Pravash Chandra Das
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
Pixlogix Infotech
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
flufftailshop
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms  calicut university B. sc Cs 4th sem.pdfdbms  calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
Shinana2
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
Wouter Lemaire
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
Intelisync
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
GDSC PJATK
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Jeffrey Haguewood
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
Tomaz Bratanic
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 

Recently uploaded (20)

HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
Operating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptxOperating System Used by Users in day-to-day life.pptx
Operating System Used by Users in day-to-day life.pptx
 
Best 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERPBest 20 SEO Techniques To Improve Website Visibility In SERP
Best 20 SEO Techniques To Improve Website Visibility In SERP
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
 
dbms calicut university B. sc Cs 4th sem.pdf
dbms  calicut university B. sc Cs 4th sem.pdfdbms  calicut university B. sc Cs 4th sem.pdf
dbms calicut university B. sc Cs 4th sem.pdf
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
UI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentationUI5 Controls simplified - UI5con2024 presentation
UI5 Controls simplified - UI5con2024 presentation
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024A Comprehensive Guide to DeFi Development Services in 2024
A Comprehensive Guide to DeFi Development Services in 2024
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
 
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
GraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracyGraphRAG for Life Science to increase LLM accuracy
GraphRAG for Life Science to increase LLM accuracy
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 

OpenStack Neutron-Neutron interconnections

  • 2. 2 How to interconnect two OpenStack deployments ? ( …… two or more OpenStack ? two regions ?) Between datacenters or between NFV POPs, you may want network interconnections with the following properties: on demandon demand VM VM VM VM VM VM ? … between NFV PoPs and/or datacenters… private addressing & isolation private addressing & isolation ++ avoid the overhead of packet encryption avoid the overhead of packet encryption ++
  • 3. 3 Doing this with an orchestrator ? VM VM VM VM VM VM ? … between NFV PoPs and/or datacenters… ? ? ? not always possible... not always wanted...  contexts where there isn't a single organization involved  need to expose an API to the projects  extra complexity
  • 4. 4 “Neutron-Neutron” API: ● check if the reverse link is defined on the other side ● bis: not yet  ● bis: OK !  ● expose/retrieve the technical details on how to do realize connectivity () ● parameters vary depending on the technique to use At the end of the exchange... Each side has the necessary information and can setup the interconnection () “User facing” API : let a project define that a local Router is linked to a Router on another Openstack => define the link symmetrically on both sides (,) Let's extend Neutron's API ! VM VM VM VM VM VM Neutron Neutron      bis  bis
  • 5. 5  Trusting that the interconnection preserves isolation  Goal:  no interconnection setup unless explictly asked by each project/tenant  How ?  Interconnect if and only if both sides agree (symmetric link check)  Each OpenStack instance has to trust the packets from the other OpenStack instances  This proposal is for organizations/entities trusting each other, and trusting the network used to carry interconnections  Authenticating Neutron-Neutron API exchanges  Each Neutron component on each side needs credentials to talk to the other side  Not to act as the project/tenant  Not to act as admin  Only need creds for a specific role with read-only access to interconnection info  Keystone federation is not strictly needed for functionality, but will be in practice necessary to avoid too much configuration overhead Multitenancy & need for network isolation imply that we address trust questions
  • 6. 6 Multiple interconnection techniques are possible... ● Requirements for a technique to be applicable – Provide isolated network connectivity ● L2 and/or L3 – Interoperability preferred: makes the solution applicable between two OpenStack that do not use the same SDN controller solution ● Examples – VLAN hand-off – VXLAN gateway – L2GW – BGP VPNs – ... Example with BGP VPNs ● How ? – each side provides the routing identifier which the other side will use to import routes for this interconnection – connectivity realized whether as an overlay over the WAN, or with the collaboration of WAN BGP VPN routing ● Benefits ? – Each side independently allocates identifiers => no need to coordinate the use of a common space of identifiers ● (because BGP RTs have are structured, prefixed typically by an AS number) – Can be implemented in Neutron by reusing the existing BGPVPN Interconnection API ● (the BGPVPN Interconnection API already allows interconnections, but not on demand because requiring the‑demand because requiring the admin to create resources) ● will work with Neutron ref. drivers and many SDN controllers – Applicable to both IP and Ethernet interconnects
  • 7. 7 Neutron-Neutron interconnections Wrap up ● Allows interconnections – On-demand – No need for an orchestrator – Light on packet dataplane (no IPSec) ● between OpenStack instances – two OpenStack instances or more – between trusting entities – inter clouds, inter regions, inter DCs, between NFV POPs‑demand because requiring the ‑demand because requiring the ‑demand because requiring the – including when these instances use a different SDN solution ● Next steps ? – Neutron Specs being redacted – Implementation to be proposed based on a PoC implementation by Orange ● Service composition: reusing the existing Neutron BGPVPN Interconnection service VM VM VM VM VM VM ?