Slides from ONOS/CORD meetup in Tokyo 2018. 20th April 2018.
http://www.e-side.co.jp/onoscordmeetup/#P4_2
Future Mobile User Plane is heavily discussed in many SDOs like 3GPP, IETF etc. and still not concreate. P4 lang is usefull to prototype such changing protocol on software switch and on ASIC/NPU.
This slide introudce one candidate for future Mobile User Plane protocol, SRv6 for Mobile User Plane and proto-type implemented in P4-14.
https://datatracker.ietf.org/doc/draft-ietf-dmm-srv6-mobile-uplane/
SRv6 Mobile User Plane : Initial POC and ImplementationKentaro Ebisawa
SRv6 Mobile Uplane POC results and findings talked at ENOG55 @Nigata http://enog.jp/archives/2014
SRv6 functions: T.M.Tmap, End.M.GTP4.E using VPP and P4 on Tofino switch.
The advent of Network Function Virtualization (NFV) is dramatically changing the way in which telecommunication networks are designed and operated. Traditional specialized physical appliances are replaced with software modules, called Virtual Network functions(VNFs), running on a virtualization infrastructure made up of general purpose servers. Examples of VNFs categories are NATs (Network Address Translation), firewalls, DPIs (Deep Packet Inspection), IDSs (Intrusion Detection System), load balancers, HTTP proxies. Service Function Chaining (SFC) denotes the process of forwarding packets through the sequence of VNFs. IPv6 Segment Routing (SRv6) is a source routing paradigm that allows to steer packets through an ordered list of VNFs in a simple and scalable manner. In this slides, we present the architecture of SFC using SRv6 for both cases of SRv6-aware and SRv6-unaware VNFs. We provide an open source implementation and easy replicable testbed for the presented work.
Segment Routing over IPv6 (SRv6) is an architecture based on the source routing paradigm that seeks the right balance between distributed (network-wide) intelligence and centralized (controller-based) programmability. Using SRv6, network devices have complete control over the forwarding paths and the network functions to be applied to packets, by combining simple network instructions. Moreover, applications can become SRv6 aware and gain control over the network-wide forwarding and processing of packets. SRv6 technology has been implemented in hardware by different vendors (e.g. CISCO, Huawei, Barefoot), in software (e.g. Linux kernel networking) and in software with I/O acceleration (e.g. FD.io Vector Packet Processing using DPDK). Several large scale deployments of SRv6 have been rolled out in 2019 (including Softbank, Iliad, ChinaTelecom, China Unicom), see https://tools.ietf.org/html/draft-matsushima-spring-srv6-deployment-status. This tutorial will provide a quick introduction to SRv6 architecture and protocols and will illustrate the design and implementation of SRv6 services with hands-on examples. The hands-on part will be based on the open-source SRv6 ecosystem developed in the ROSE project: https://netgroup.github.io/rose/
This slides deck presents mobile network protocol interworking idea of which the mobile networking IDs in GTP-U are mapped into IPv6 address with SRv6 concept in stateless. We adopt VPP as the target platform for prototyping the SRv6/GTP-U stateless translation. IETF104 hackathon was the venue where we hacked VPP to implement it.
JANOG43 Forefront of SRv6, Open Source ImplementationsKentaro Ebisawa
Status of SRv6 Open Source Implementations including where you can find the source code. English slide comes after Japanese.
This is a session from JANOG43 "Forefront of SRv6" program held on 23 Jan 2019 @ Kohu Japan.
https://www.janog.gr.jp/meeting/janog43/program/srv6
* Introduction – Miya Kohno
* SRv6 Update – Clarence Filsfils
* SRv6 Mobile user plane Update – Satoru Matsushima
* SRv6 Open Source Implementation Update – Kentaro Ebisawa
* SRv6 Academy Update – Chunghan Lee
* Vendor Update (Huawei) – Ryuichi Takashima
* Vendor Update (Cisco) – Teppei Kamata
Comparison of SRv6 Extensions uSID, SRv6+, C-SRHKentaro Ebisawa
Comparing concept, SID and header format of compressed Segment Routing IPv6 proposals such as uSID, SRv6+, C-SRH. Slide presented at SRv6 Consortium @Tokyo on 23rd Aug 2019.
SRv6 Mobile User Plane : Initial POC and ImplementationKentaro Ebisawa
SRv6 Mobile Uplane POC results and findings talked at ENOG55 @Nigata http://enog.jp/archives/2014
SRv6 functions: T.M.Tmap, End.M.GTP4.E using VPP and P4 on Tofino switch.
The advent of Network Function Virtualization (NFV) is dramatically changing the way in which telecommunication networks are designed and operated. Traditional specialized physical appliances are replaced with software modules, called Virtual Network functions(VNFs), running on a virtualization infrastructure made up of general purpose servers. Examples of VNFs categories are NATs (Network Address Translation), firewalls, DPIs (Deep Packet Inspection), IDSs (Intrusion Detection System), load balancers, HTTP proxies. Service Function Chaining (SFC) denotes the process of forwarding packets through the sequence of VNFs. IPv6 Segment Routing (SRv6) is a source routing paradigm that allows to steer packets through an ordered list of VNFs in a simple and scalable manner. In this slides, we present the architecture of SFC using SRv6 for both cases of SRv6-aware and SRv6-unaware VNFs. We provide an open source implementation and easy replicable testbed for the presented work.
Segment Routing over IPv6 (SRv6) is an architecture based on the source routing paradigm that seeks the right balance between distributed (network-wide) intelligence and centralized (controller-based) programmability. Using SRv6, network devices have complete control over the forwarding paths and the network functions to be applied to packets, by combining simple network instructions. Moreover, applications can become SRv6 aware and gain control over the network-wide forwarding and processing of packets. SRv6 technology has been implemented in hardware by different vendors (e.g. CISCO, Huawei, Barefoot), in software (e.g. Linux kernel networking) and in software with I/O acceleration (e.g. FD.io Vector Packet Processing using DPDK). Several large scale deployments of SRv6 have been rolled out in 2019 (including Softbank, Iliad, ChinaTelecom, China Unicom), see https://tools.ietf.org/html/draft-matsushima-spring-srv6-deployment-status. This tutorial will provide a quick introduction to SRv6 architecture and protocols and will illustrate the design and implementation of SRv6 services with hands-on examples. The hands-on part will be based on the open-source SRv6 ecosystem developed in the ROSE project: https://netgroup.github.io/rose/
This slides deck presents mobile network protocol interworking idea of which the mobile networking IDs in GTP-U are mapped into IPv6 address with SRv6 concept in stateless. We adopt VPP as the target platform for prototyping the SRv6/GTP-U stateless translation. IETF104 hackathon was the venue where we hacked VPP to implement it.
JANOG43 Forefront of SRv6, Open Source ImplementationsKentaro Ebisawa
Status of SRv6 Open Source Implementations including where you can find the source code. English slide comes after Japanese.
This is a session from JANOG43 "Forefront of SRv6" program held on 23 Jan 2019 @ Kohu Japan.
https://www.janog.gr.jp/meeting/janog43/program/srv6
* Introduction – Miya Kohno
* SRv6 Update – Clarence Filsfils
* SRv6 Mobile user plane Update – Satoru Matsushima
* SRv6 Open Source Implementation Update – Kentaro Ebisawa
* SRv6 Academy Update – Chunghan Lee
* Vendor Update (Huawei) – Ryuichi Takashima
* Vendor Update (Cisco) – Teppei Kamata
Comparison of SRv6 Extensions uSID, SRv6+, C-SRHKentaro Ebisawa
Comparing concept, SID and header format of compressed Segment Routing IPv6 proposals such as uSID, SRv6+, C-SRH. Slide presented at SRv6 Consortium @Tokyo on 23rd Aug 2019.
Segment routing is a network technology focused on addressing the pain points of existing IP and Multiprotocol Label Switching (MPLS) networks in terms of simplicity, scale, and ease of operation. It’s a foundation for application engineered routing because it prepares the networks for new business models where applications can direct network behavior.
Segment routing seeks the right balance between distributed intelligence and centralized optimization and programming. It was built for the software-defined networking (SDN) era.
Segment routing enables enhanced packet forwarding behavior. It enables a network to transport unicast packets through a specific forwarding path, other than the normal shortest path that a packet usually takes. This capability benefits many use cases, and you can build those specific paths based on application requirements.
Segment routing uses the source routing paradigm. A node, usually a router but it can also be a switch, a trusted server, or a virtual forwarder running on a hypervisor, steers a packet through an ordered list of instructions, called segments. A segment can represent any instruction, topological or service-based. A segment can have a local semantic to a segment-routing node or global within a segment-routing network. Segment routing allows you to enforce a flow through any topological path and service chain while maintaining per-flow state only at the ingress node to the segment-routing network. To be aligned with modern IP networks, segment routing supports equal-cost multipath (ECMP) by design, and the forwarding within a segment-routing network uses all possible paths, when desired.
Moved to https://speakerdeck.com/ebiken/zebra-srv6-cli-on-linux-dataplane-enog-number-49
Introduction to SRv6, Linux SRv6 implementation and how to add SRv6 CLI to Zebra 2.0 Open Source Network Operation Stack.
Presented at ENOG (Echigo NOG) #49.
Co-Packaged Optics: The OIF’s Work to Standardize Higher Integration Levels f...Leah Wilkinson
OIF Presents:
Co-Packaged Optics: The OIF’s Work to Standardize Higher Integration Levels for Next-Generation Data Center Systems
ECOC Market Focus
New Technologies & Systems/New Markets/New Packaging Platforms
Wed, 15 September 2021
Jeff Hutchins / Ranovus
OIF PLL Working Group Co-Packaging Vice Chair
Mobile Transport Evolution with Unified MPLSCisco Canada
Mobile Service Providers are seeing unprecedented challenges in relation to their Transport architectures with the 3GPP evolution towards IP based Node Bs, LTE (Long Term Evolution) and LTE-Advanced. This presentation will initially discuss the network migration trends and factors that are changing how mobile networks are evolving. A description is provided on Unified MPLS and the current issues that need to be fixed and how this architecture addresses this. A more detailed analysis will then examine the options available for transporting GSM/2G, UMTS/3G traffic and IP/Ethernet Node B deployments and some of factors that need consideration like scalability, resiliency and security. Finally, there is a detailed description of the LTE/LTE - A evolution and the feature requirements made on the transport network. There will be detailed analysis of different LTE models and also some technical enhancements and proposals considered for the implementation of LTE in a Unified MPLS environment.
Segment routing is a technology that is gaining popularity as a way to simplify MPLS networks. It has the benefits of interfacing with software-defined networks and allows for source-based routing. It does this without keeping state in the core of the network and needless to use LDP and RSVP-TE.
Transport API is a solution that enables SDN for Carriers Networks with an evolutionary approach. It automates and simplifies the operation of transport domains for L0, L1 and L2 services. Learn how the OIF's interoperability demo is helping to bring T-API to market.
Segment Routing for IPv6 (SRv6 in short) is the instantiation of the Segment Routing (SR) architecture for the IPv6 data plane. SRv6 is based on loose source routing: a list of segments (represented as IPv6 addresses) can be included in the IPv6 packet headers. According to the “SRv6 Network Programming Model”, the segments can represent both topological way-points (nodes to be crossed along the path towards the destination) and specific operations on the packet to be performed in a node. Examples of such operations are encapsulation and decapsulation, lookup into a specific routing table. More in general, arbitrarily complex behaviors can be associated with an SRv6 segment, like those that are executed in a Virtual Network Function (VNF).
The SRv6 standardization activity in IETF is progressing at a good pace. Recently, several large-scale deployments of SRv6 in operator networks have been disclosed. SRv6 implementations from different vendors are available. Linux supports SRv6 since Feb 2017.
In this tutorial, we first discuss the SRv6 architecture and the SRv6 Network Programming model. We present the main use case scenarios (SRv6 Overlays, Traffic Engineering, Fast Restoration). We introduce the ecosystem of SRv6, which includes different hardware and software implementations (proprietary and Open Source). We analyze the Linux kernel SRv6 implementation, also discussing its packet forwarding performance. Finally, we show how to build SRv6 based services using Linux on a Mininet emulation.
Segment routing is a network technology focused on addressing the pain points of existing IP and Multiprotocol Label Switching (MPLS) networks in terms of simplicity, scale, and ease of operation. It’s a foundation for application engineered routing because it prepares the networks for new business models where applications can direct network behavior.
Segment routing seeks the right balance between distributed intelligence and centralized optimization and programming. It was built for the software-defined networking (SDN) era.
Segment routing enables enhanced packet forwarding behavior. It enables a network to transport unicast packets through a specific forwarding path, other than the normal shortest path that a packet usually takes. This capability benefits many use cases, and you can build those specific paths based on application requirements.
Segment routing uses the source routing paradigm. A node, usually a router but it can also be a switch, a trusted server, or a virtual forwarder running on a hypervisor, steers a packet through an ordered list of instructions, called segments. A segment can represent any instruction, topological or service-based. A segment can have a local semantic to a segment-routing node or global within a segment-routing network. Segment routing allows you to enforce a flow through any topological path and service chain while maintaining per-flow state only at the ingress node to the segment-routing network. To be aligned with modern IP networks, segment routing supports equal-cost multipath (ECMP) by design, and the forwarding within a segment-routing network uses all possible paths, when desired.
Moved to https://speakerdeck.com/ebiken/zebra-srv6-cli-on-linux-dataplane-enog-number-49
Introduction to SRv6, Linux SRv6 implementation and how to add SRv6 CLI to Zebra 2.0 Open Source Network Operation Stack.
Presented at ENOG (Echigo NOG) #49.
Co-Packaged Optics: The OIF’s Work to Standardize Higher Integration Levels f...Leah Wilkinson
OIF Presents:
Co-Packaged Optics: The OIF’s Work to Standardize Higher Integration Levels for Next-Generation Data Center Systems
ECOC Market Focus
New Technologies & Systems/New Markets/New Packaging Platforms
Wed, 15 September 2021
Jeff Hutchins / Ranovus
OIF PLL Working Group Co-Packaging Vice Chair
Mobile Transport Evolution with Unified MPLSCisco Canada
Mobile Service Providers are seeing unprecedented challenges in relation to their Transport architectures with the 3GPP evolution towards IP based Node Bs, LTE (Long Term Evolution) and LTE-Advanced. This presentation will initially discuss the network migration trends and factors that are changing how mobile networks are evolving. A description is provided on Unified MPLS and the current issues that need to be fixed and how this architecture addresses this. A more detailed analysis will then examine the options available for transporting GSM/2G, UMTS/3G traffic and IP/Ethernet Node B deployments and some of factors that need consideration like scalability, resiliency and security. Finally, there is a detailed description of the LTE/LTE - A evolution and the feature requirements made on the transport network. There will be detailed analysis of different LTE models and also some technical enhancements and proposals considered for the implementation of LTE in a Unified MPLS environment.
Segment routing is a technology that is gaining popularity as a way to simplify MPLS networks. It has the benefits of interfacing with software-defined networks and allows for source-based routing. It does this without keeping state in the core of the network and needless to use LDP and RSVP-TE.
Transport API is a solution that enables SDN for Carriers Networks with an evolutionary approach. It automates and simplifies the operation of transport domains for L0, L1 and L2 services. Learn how the OIF's interoperability demo is helping to bring T-API to market.
Segment Routing for IPv6 (SRv6 in short) is the instantiation of the Segment Routing (SR) architecture for the IPv6 data plane. SRv6 is based on loose source routing: a list of segments (represented as IPv6 addresses) can be included in the IPv6 packet headers. According to the “SRv6 Network Programming Model”, the segments can represent both topological way-points (nodes to be crossed along the path towards the destination) and specific operations on the packet to be performed in a node. Examples of such operations are encapsulation and decapsulation, lookup into a specific routing table. More in general, arbitrarily complex behaviors can be associated with an SRv6 segment, like those that are executed in a Virtual Network Function (VNF).
The SRv6 standardization activity in IETF is progressing at a good pace. Recently, several large-scale deployments of SRv6 in operator networks have been disclosed. SRv6 implementations from different vendors are available. Linux supports SRv6 since Feb 2017.
In this tutorial, we first discuss the SRv6 architecture and the SRv6 Network Programming model. We present the main use case scenarios (SRv6 Overlays, Traffic Engineering, Fast Restoration). We introduce the ecosystem of SRv6, which includes different hardware and software implementations (proprietary and Open Source). We analyze the Linux kernel SRv6 implementation, also discussing its packet forwarding performance. Finally, we show how to build SRv6 based services using Linux on a Mininet emulation.
This webinar explains why PISA chips are inevitable, provides overview of machine architecture of such switches, presents a brief primer on the P4 language with sample programs for a variety of networks and demonstrates a powerful network diagnostics application implemented in P4.
Programmability in SDNs is confined to the network control plane. The forwarding plane is still largely dictated by fixed-function switching chips. Our goal is to change that, and to allow programmers to define how packets are to be processed all the way down to the wire.
This is made possible by a new generation of high-performance forwarding chips. At the high-end, PISA (Protocol-Independent Switch Architecture) chips promise multi-Tb/s of packet processing. At the mid- and low-end of the performance spectrum, CPUs, GPUs, FPGAs, and NPUs already offer great flexibility with performance of a few tens to hundreds of Gb/s.
In addition to programmable forwarding chips, we also need a high-level language to dictate the forwarding behavior in a target independent fashion. "P4" (www.p4.org) is such a language. In P4, the programer declares how packets are to be processed, and a compiler generates a configuration for a PISA chip, or a programmable target in general. For example, the programmer might program the switch to be a top-of-rack switch, a firewall, or a load-balancer; and might add features to run automatic diagnostics and novel congestion control algorithms.
In this modern internet era, routing protocol
plays an important role. They forward the packets form source
to destination. There are many routing protocols are used. In
this paper, we evaluated the performance of different routing
protocol like RIP and OSPF for IPv6. OPNET simulation tool
14.5 is used to evaluate the performance of RIP and OSPF in
three network models in which two network models will
perform on one routing protocol only while the third are used to
evaluate the performance of these routing protocol are packet
delay variation, end to end delay, traffic received, traffic sent,
response time, jitter, page response time, object response time,
traffic dropped for IPv6 Etc. we designed three scenarios to
compare their performance.
Cisco Live! :: Introduction to Segment Routing :: BRKRST-2124 | Las Vegas 2017Bruno Teixeira
This session provides an overview of the segment routing technology and its use cases. This new routing paradigm provides high operational simplicity and maximum network scalability and flexibility. You will get an understanding of the basic concepts behind the technology and its wide applicability ranging from simple transport for MPLS services, disjoint routing, traffic engineering and its benefits in the context of software defined networking. Previous knowledge of IP routing and MPLS is required.
Krzysztof Mazepa (Cisco Systems Poland) – architekt sieci / konsultant pracujący z najwiekszymi polskimi operatorami przewodowymi i kablowymi. Jego misją jest „tłumaczenie” wymogów businessowych klientów na oferowane rozwiązania technologiczne. Jego duże doświadczenie, 16 lat pracy w środowisku operatorskim, pozwala mu dostrzeć specyficzne wymagania tego rynku i zaproponować oczekiwane rozwiązanie.
Krzysztof jest częstym prelegentem na konferencjach PLNOG (Polish Network Operator Group), Cisco Forum, EURONOG (European Network Operator’s Group) oraz Cisco Live.
Posiada certyfikaty CCIE (Cisco Certified Internetwork Expert) #18 662, JNCIE (Juniper Networks Certified Internet Expert) #137, VMware Certified Professional 4 #99432 i wiele innych.
Krzysztof jest mieszkańcem Warszawy, w wolnym czasie ćwiczy biegi długodystansowe oraz gra w tenisa.
Temat prezentacji: BGP FlowSpec
Język prezentacji: Polski
Abstrakt: Celem sesji jest pokazanie podstaw działania BGP FlowSpec. Przedstawione zostaną podstawy teoretyczne oraz sposób wykorzystania przez operatorów SP do eliminowania ataków DDoS. Działanie rozwiązania zostanie zaprezentowane w wirtualnym środowisku korzystając z oprogramowania IOS XRv.
DPDK Summit 2015 - NTT - Yoshihiro NakajimaJim St. Leger
DPDK Summit 2015 in San Francisco.
NTT presentation by Yoshihiro Nakajima.
For additional details and the video recording please visit www.dpdksummit.com.
In Network Computing Prototype Using P4 at KSC/KREONET 2019Kentaro Ebisawa
Case Study of P4 applying to CAN (Control Area Network) data pre-processing using FPGA + Netcope P4 compiler.
Presented at KSC / KREONET WORKSHOP 2019 | DAY 1 Session 1: SDN/NFV/P4
http://www.ksc2019.re.kr/
Application Engineered Routing: Allowing Applications to Program the NetworkCisco Canada
<p>Over the past decade, service providers have invested heavily in network infrastructure due to the exploding growth in IP traffic. Lack of advanced interaction between applications and network infrastructure has contributed to this challenging situation in many ways including stifling service innovation, inefficient use of capital resources, and increased complexity leading to a surge in operating expenses. To solve these challenges a breakthrough solution called Application Engineered Routing (AER) was created based on four architectural goals: simple, agile, scalable, and programmable with three main components: purpose-built applications, intelligent SDN controller, and network infrastructure enabled with Segment Routing. Provided is an in-depth overview of AER with a focus on a phased implementation within current NGN environments. Covered will be business outcomes enabled by AER, use cases, components which comprise AER, and a phased implementation approach to transform current NGN environments to an Evolved Programmable Network
Similar to SRv6 Mobile User Plane P4 proto-type (20)
"p4srv6 (P4-16) design document rev1.0" Overview of Open Source SRv6 Mobile Userplane P4-16 on BMv2 design (planned to be public in March) #enog #enog55 @Nigata http://enog.jp/archives/2014
How to build and use GTPing to generate GTP traffic for testing without eNB, SPGW etc. This work was done as part of the preparation of SRv6 mobile user plane POC at SRv6 Consortium, Data plane Study Group, which is a group of people interested in SRv6.
“p4alu” is a P4 program who would parse UDP packet with payload in "p4alu header format" and apply calculation.
This program is tested using BMv2 simple_switch P4 target.
zebra is an open source implementation as a successor of GNU Zebra and Quagga project. Together with openconfigd, it will work as data plane agnostic Network Operation Stack working with variable protocol / functional modules.
OVN (Open Virtual Network) を用いる事により、OVS (Open vSwitch)が動作する複数のサーバー(Hypervisor/Chassis)を横断する仮想ネットワークを構築する事ができます。
本スライドはOVNを用いた論理ネットワークの構成と設定サンプルのメモとなります。
Using OVN, you can build logical network among multiple servers (Hypervisor/Chassis) running OVS (Open vSwitch).
This slide is describes HOW TO example of OVN configuration to create 2 logical switch connecting 4 VMs running on 2 chassis.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Neuro-symbolic is not enough, we need neuro-*semantic*
SRv6 Mobile User Plane P4 proto-type
1. proto-typing new protocol
with P4
SRv6 for Mobile User Plane
2018/04/20
Kentaro Ebisawa <ebiken@pontonetworks.com>
Twitter: @ebiken
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 1
2. About Me
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 3
https://www.linkedin.com/in/ebiken/ https://twitter.com/ebiken
Open Source NOS
Programmable Data Plane
Connected Cars
Future Mobile Networks
In Network Computing
3. Overview of Future Mobile User Plane (Motivation)
Problem statement | Discussion at IETF and 3GPP
Segment Routing IPv6 (SRv6) basics
Overview | Transit & End Functions
SRv6 Mobile User Plane Functions
SRv6 Open Source Implementations
SRv6 Mobile User Plane Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 4
Agenda
4. Overview of Future Mobile User Plane
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 5
5. Overview of Future Mobile User Plane
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 6
Demands and Technologies for Future Mobile Network
Demands
(Characteristics)
Technologies
Application
Based Charging
Converged
Access
Slicing
Classification
Edge
Computing Massive
IoT
Ultra Low
Latency
Anchorless
IPv6
adoption
CUPS
Control and User
Plane Separation
ILA
Identifier Locator
Addressing
LISP
Locator/ID Separation
Protocol
6. proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 7
3GPP TR29.892 “Study on User-plane Protocol in 5GC”
http://www.3gpp.org/DynaReport/WID-history--780001.htm
IETF 5gangip
https://www.ietf.org/mailman/listinfo/5gangip
IETF DMM Working Group
https://datatracker.ietf.org/wg/dmm/about/
Future Mobile User Plane discussion at 3GPP / IETF
7. Overview of Future Mobile User Plane
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 8
SRv6 for Mobile User Plane
One of the Proposals for Future Mobile User Plane Technology
IETF101 “SRv6 for Mobile User-Plane” by Satoru Matsushima (Slide 44)
https://datatracker.ietf.org/meeting/101/materials/slides-101-dmm-srv6-for-mobile-user-plane-01
8. Overview of Future Mobile User Plane
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 9
Segment Routing IPv6 for Mobile User Plane
https://datatracker.ietf.org/doc/draft-ietf-dmm-srv6-mobile-uplane/
9. Segment Routing IPv6 (SRv6) basics
protocol header format, example packets
SRv6 functions
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 10
10. SRv6 Basics
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 11
SRv6 is loose source routing method which source node will specify ordered
list of SIDs (Segment IDs) representing the path the packet should take.
#1
#4
#2 #3
#5
SR Endpoint node node whose “MyLocalSID Table” contains an entry for the DA of the packet
Source SR node node originating an IPv6 packet with its IPv6 and Segment Routing Headers
Transit node node not supporting SRv6 or node whose “MyLocalSID Table” does NOT contain DA of the packet
# Endpoint is NOT last destination
1. Source node
could be a host
originating packet
with SRH
2. Or, could be a gateway
who encap packet in
IPv6 header with SRH
3. Transit node doesn’t
need to understand
(support) SRH
4. Endpoint could have
multiple SIDs
11. SRv6 Basics
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 12
SRv6 enables Traffic Engineering and Network Programmability
no or less state in the network
SID locations would be advertised via IGP
no need to replace all network nodes (router/switch)
non-SR nodes will simply forward packet based on IPv6 routing
discussed in IETF WGs
6MAN, SPRING, DMM
draft-ietf-6man-segment-routing-header
draft-filsfils-spring-srv6-network-programming
draft-xuclad-spring-sr-service-chaining
draft-ietf-dmm-srv6-mobile-uplane
12. SRv6 basics
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 13
Segment Routing Header (SRH)
IPv6
Header
IPv6
Extension
Header
Payload
• Routing Type
• 4 (Segment Routing)
• Segments Left
• Index to the next segment in the
Segment List
• Decremented on Endpoint node
• Last Entry
• Index to the first segment in the
Segment List
• Segment List
• Encoded starting from the last
segment of the path (Segment
List [0] contains the last segment)
Reference: draft-ietf-6man-segment-routing-header
13. SRv6 basics
• “SRv6 Network Programming” Internet-Draft document
• draft-filsfils-spring-srv6-network-programming
• Segment List: <S1, S2, S3>
• S1, S2, S3: 1st, 2nd, 3rd segment to visit
• IP Packet: (SA,DA) (S3, S2, S1; SL)
• SA, DA: Source, Destination Address
• SRH with SID list <S1, S2, S3>
• SL: Segments Left
!! Order of segments would be reversed in <...> and (...) !!
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 14
SID List description in “SRv6 Network Programming”
S1
S2
S3
SL
14. SRv6 basics
• SID is 128bit and similar to IPv6 address. But semantics is different.
• LOC, FUNC, ARGS has flexible length. (ARGS could be 0 length)
• SID would be used to route packet to the node SID resides.
• With longest prefix match, and FUNC, ARGS could also be part of the prefix.
• Local SID may, but does not have to, be an IPv6 address associated to
a local interface of the node.
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 15
SRv6 SID (Segment ID) format
128bits
LOC (locator) FUNC (function) ARGS (arguments)
Reference: draft-filsfils-spring-srv6-network-programming
15. SRv6 basics
• draft-ietf-6man-segment-routing-header
• defines two basic functions (End, End.X)
• draft-filsfils-spring-srv6-network-programming
• defines many functions associated with SRv6 SID’s.
• draft-ietf-dmm-srv6-mobile-uplane
• defines functions to enable SRv6 to be used in mobile network
• includes functions for migrating from GTP to SRv6
• draft-xuclad-spring-sr-service-chaining
• defines functions for Service Chaining
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 16
Segment is a set of Functions (instructions)
WORK IN PROGRESS
Functions are actively
added / removed / modified
16. SRv6 basics
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 17
List of SRv6 functions
End Endpoint
Xconnect End.X Endpoint with Layer-3 cross-connect
Table Lookup End.T Endpoint with specific IPv6 table lookup
Search End.S Endpoint in search of a target in table T
Decaps
+ Xconnect
End.DX6 Endpoint with decapsulation and IPv6 crossconnect
End.DX4 Endpoint with decapsulation and IPv4 crossconnect
End.DX2 Endpoint with decapsulation and Layer-2 crossconnect
End.DX2V Endpoint with decapsulation and VLAN L2 table lookup
Decaps
+ Table Lookup
End.DT6 Endpoint with decapsulation and specific IPv6 table lookup
End.DT4 Endpoint with decapsulation and specific IPv4 table lookup
End.DT46 Endpoint with decapsulation and specific IP table lookup
End.DT2U Endpoint with decapsulation and unicast MAC L2 table lookup
End.DT2M Endpoint with decapsulation and L2 table flooding
Binding
End.B6 Endpoint bound to an SRv6 policy
End.B6.Encaps Endpoint bound to an SRv6 encapsulation policy
End.BM Endpoint bound to an SR-MPLS policy
T Transit behavior
Insert
T.Insert Transit with insertion of an SRv6 Policy
T.Insert.Red Transit with reduced insertion of an SRv6 Policy
Encaps
T.Encaps Transit with encapsulation in an SRv6 Policy
T.Encaps.Red Transit with reduce encaps in an SRv6 Policy
T.Encaps.L2 Transit with encapsulation of L2 frames
T.Encaps.L2.Red Transit with reduce encaps of L2 frames in an SRv6 Policy
3) draft-ietf-dmm-srv6-mobile-uplane-01
Mobile
End.MAP Endpoint function with SID mapping
End.M.GTP6.D
Endpoint function with decapsulation from
IPv6/GTP tunnel
End.M.GTP6.E
Endpoint function with encapsulation for
IPv6/GTP tunnel
End.M.GTP4.E
Endpoint function with encapsulation for
IPv4/GTP tunnel
End.Limit Rate Limiting function
T.Tmap
Transit behavior with tunnel decapsulation
and mapping an SRv6 Policy
Application
End.AM SRv6 masquerading proxy
End.AD SRv6 dynamic proxy segments
End.AS SRv6 dynamic Static proxy segments
End.AN SR-aware function (native)
1) draft-filsfils-spring-srv6-network-programming-04
2) draft-xuclad-spring-sr-service-chaining-01
17. SRv6 basics
• Transit function (node)
• The packets DA is NOT an IP address of the node
• The packets DA is NOT listed in “My Local SID Table” of the node
• End function (node)
• The packets DA is IP address of the node, or
• The packets DA is listed in “My Local SID Table”
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 18
End vs Transit function (node)
18. SRv6 basics
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 19
Transit functions
Function Description
T Forwards the packet without inspecting the SRH
T.Insert Transit behavior with insertion of an SRv6 Policy
T.Encaps Transit behavior with encapsulation in an SRv6 policy
T.Encaps.L2 T.Encaps behavior of the received L2 frame
#1
#4
#2 #3
#5
19. SRv6 basics
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 20
Transit functions (T.Insert)
a
#1
b #4
#2 #3
#5
d
c
IPv6 Payload
IPv6 PayloadSRH (SA:a, DA: #1)(d, #5, #3, #2, #1; SL=4)
Next SegmentDestination Host
(SA:a, DA: d)
20. SRv6 basics
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 21
Transit functions (T.Encaps)
IPv6 Payload
IPv6 PayloadSRH IPv6 (SA:b, DA: #4)(#3, #2, #4; SL=2)(SA:b, DA: c)
a
#1
b #4
#2 #3
#5
d
c
Next Segment
(SA:b, DA: c)
21. SRv6 basics
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 22
Inline mode Encap mode
final destination is in SID[0]
final destination is in
encapsulated IP header
Example Wireshark Output
IP + SRH + ICMP IP + SRH + IP + ICMP
22. SRv6 basics
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 23
End functions (End)
End: Update the DA with the next segment and forward the packet accordingly.
IPv6
IPv6 PayloadSRH
(SA:a, DA: #1)(d, #5, #3, #2, #1; SL=4)PayloadSRH
(SA:a, DA: #2)(d, #5, #3, #2, #1; SL=3)
a
#1
b #4
#2 #3
#5
d
c
Next Segment
23. SRv6 Mobile User Plane Functions
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 24
24. SRv6 Mobile User Plane Functions
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 25
Segment Routing IPv6 for Mobile User Plane
draft-ietf-dmm-srv6-mobile-uplane-01
Table of Contents
5. User-plane behaviors . . . . . . . . . . . . . . . . . . . . 6
5.1. Traditional mode (formerly Basic mode) . . . . . . . . . 6
5.1.1. Packet flow - Uplink . . . . . . . . . . . . . . . . 7
5.1.2. Packet flow - Downlink . . . . . . . . . . . . . . . 8
5.1.3. IPv6 user-traffic . . . . . . . . . . . . . . . . . . 8
5.2. Enhanced Mode (formerly Aggregate mode) . . . . . . . . . 8
5.2.1. Packet flow - Uplink . . . . . . . . . . . . . . . . 9
5.2.2. Packet flow - Downlink . . . . . . . . . . . . . . . 10
5.2.3. IPv6 user-traffic . . . . . . . . . . . . . . . . . . 10
5.3. Enhanced mode with unchanged gNB GTP behavior . . . . . . 10
5.3.1. Interworking with IPv6 GTP . . . . . . . . . . . . . 11
5.3.2. Interworking with IPv4 GTP . . . . . . . . . . . . . 14
5.3.3. Extensions to the interworking mechanisms . . . . . . 16
mobile user-plane functions are the same as existing ones
except the use of SRv6 as the data plane instead of GTP-U
improvements in terms of traffic steering and service chaining,
thanks to the use of an SR policy of multiple SIDs
interworking with legacy gNBs that still use GTP
( gNB does not support SRv6 )
SRv6 ONLY
SRv6 + GTP
25. SRv6 Mobile User Plane Functions
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 26
SRv6 Functions in “5.3.1. Interworking with IPv6 GTP”
(Encap GTP) End.M.GTP6.D End (PSP)
End
End.DT6
(Decap GTP)
End.M.GTP6.E
End
End
T.Encaps.Red
Uplink
Downlink
Assuming User Packet (A,Z) is IPv6
PSP: Penultimate Segment Pop
GTP to SRv6
SRv6 to GTP
26. SRv6 Mobile User Plane Functions
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 27
Segment Routing IPv6 for Mobile User Plane
draft-ietf-dmm-srv6-mobile-uplane-01
27. proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 28
List of SRv6 functions
End Endpoint
Xconnect End.X Endpoint with Layer-3 cross-connect
Table Lookup End.T Endpoint with specific IPv6 table lookup
Search End.S Endpoint in search of a target in table T
Decaps
+ Xconnect
End.DX6 Endpoint with decapsulation and IPv6 crossconnect
End.DX4 Endpoint with decapsulation and IPv4 crossconnect
End.DX2 Endpoint with decapsulation and Layer-2 crossconnect
End.DX2V Endpoint with decapsulation and VLAN L2 table lookup
Decaps
+ Table Lookup
End.DT6 Endpoint with decapsulation and specific IPv6 table lookup
End.DT4 Endpoint with decapsulation and specific IPv4 table lookup
End.DT46 Endpoint with decapsulation and specific IP table lookup
End.DT2U Endpoint with decapsulation and unicast MAC L2 table lookup
End.DT2M Endpoint with decapsulation and L2 table flooding
Binding
End.B6 Endpoint bound to an SRv6 policy
End.B6.Encaps Endpoint bound to an SRv6 encapsulation policy
End.BM Endpoint bound to an SR-MPLS policy
T Transit behavior
Insert
T.Insert Transit with insertion of an SRv6 Policy
T.Insert.Red Transit with reduced insertion of an SRv6 Policy
Encaps
T.Encaps Transit with encapsulation in an SRv6 Policy
T.Encaps.Red Transit with reduce encaps in an SRv6 Policy
T.Encaps.L2 Transit with encapsulation of L2 frames
T.Encaps.L2.Red Transit with reduce encaps of L2 frames in an SRv6 Policy
3) draft-ietf-dmm-srv6-mobile-uplane-01
Mobile
End.MAP Endpoint function with SID mapping
End.M.GTP6.D
Endpoint function with decapsulation from
IPv6/GTP tunnel
End.M.GTP6.E
Endpoint function with encapsulation for
IPv6/GTP tunnel
End.M.GTP4.E
Endpoint function with encapsulation for
IPv4/GTP tunnel
End.Limit Rate Limiting function
T.Tmap
Transit behavior with tunnel decapsulation
and mapping an SRv6 Policy
Application
End.AM SRv6 masquerading proxy
End.AD SRv6 dynamic proxy segments
End.AS SRv6 dynamic Static proxy segments
End.AN SR-aware function (native)
1) draft-filsfils-spring-srv6-network-programming-04
2) draft-xuclad-spring-sr-service-chaining-01
Many function with different way to manipulate packet
Functions are actively added / removed / modified
=> Good candidate for P4 proto-typing
28. SRv6 Open Source Implementations
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 29
29. SRv6 Open Source Implementations
• Kernel network stack (4.10 and later)
• http://www.segment-routing.org/
• Contributed by “IP Networking Lab” of Université Catholique de Louvain, Louvain-
la-Neuve, Belgium.
• srext: Linux kernel module
• https://netgroup.github.io/SRv6-net-prog/
• Developed by the Networking Group from University of Rome Tor Vergata, Italy
• Could support “Chaining of SRv6-unaware VNFs” use case (End.AD, End.AM)
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 30
SRv6 Linux Kernel Implementations
30. SRv6 Open Source Implementations
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 31
SRv6 Functions on Linux dataplane (status as of 2018/04/17)
First supported in Kernel 4.10
More functions added in 4.14
source: http://www.segment-routing.net/open-software/linux/
31. SRv6 Open Source Implementations
• Not a Linux Kernel (module) implementation, but works on Linux.
• https://wiki.fd.io/view/VPP/Segment_Routing_for_IPv6
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 32
SRv6 on VPP (by FD.io project)
Supported functions as of 2018/04/17
source: http://www.segment-routing.net/open-software/vpp/
32. SRv6 Open Source Implementations
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 33
CLI for SRv6 on Linux is also available
https://www.slideshare.net/kentaroebisawa/zebra-srv6-cli-on-linux-dataplane-enog49
33. proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 34
Can not find SRv6 functions I want
no SRv6 for Mobile User Plane on Linux Kernel nor VPP
End.MAP, End.M.GTP6.D/E, End.M.GTP4.E, T.Encaps.Red ...
Build them with P4 ☺
34. SRv6 Mobile User Plane
| Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 35
35. SRv6 Mobile User Plane | Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 36
Target Setup (non-routing demo)
UE
(user)
UPF1
(SRGW)
UPF2
(PGW?)
DN
(server)
S1gNB
2001:db8:a::1/64 2001:db8:a::2/64
2001:db8:ff::64/128 2001:db8:1::12/128 2001:db8:1::2/1282001:db8:b::1/128
#0 #15
#16#14#12
#13#11 #1
2001:db8:1::1/128
veth0 veth1
gtpu_encap_v6 End_M_GTP6_D2 End(0) End_DT6
gtpu_decap_v6 End_M_GTP6_E End(1) T_Encaps_Red3
2001:db8:1::11/128
Simply forward packet from port to port
& Apply GTP/SRv6 actions
( No MAC Learning, No L3 Routing)
36. proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 37
GitHub Repo
https://github.com/ebiken/p4srv6
(written in P4-14)
37. SRv6 Mobile User Plane | Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 38
source code structure
https://github.com/ebiken/p4srv6
Main file.
Control and Table definitions.
header, parser, actions definitions
SRv6 related
Generic
GTP related
38. SRv6 Mobile User Plane | Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 39
Control, Tables and Actions
control ingress{
apply(fwd);
apply(gtpu_v6);
apply(srv6_localsid);
}
table fwd {
reads {
standard_metadata.ingress_port: exact;
}
actions {forward; _drop;}
}
table gtpu_v6 {
reads {
ipv6.dstAddr: exact;
}
actions {
gtpu_encap_v6;
gtpu_decap_v6;
}
}
table srv6_localsid {
reads {
ipv6.dstAddr: exact;
}
actions {
srv6_T_Insert1; srv6_T_Insert2; srv6_T_Insert3;
srv6_T_Encaps2; srv6_T_Encaps1; srv6_T_Encaps3;
srv6_T_Encaps_Red2; srv6_T_Encaps_Red3;
srv6_End0; srv6_End1;
srv6_End_DT6;
srv6_End_M_GTP6_D2; srv6_End_M_GTP6_D3;
srv6_End_M_GTP6_E;
}
}
Fwd
Table
GTP Table SRv6 TablePacket Input Packet Output
39. SRv6 Mobile User Plane | Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 40
headers
//// GTPv1 User Data
// flags consists of below bits.
// [flag field name] : typical GTPv1U value
// Version(3bits) : 1 (GTPv1)
// Protocol Type : 1 (GTP)
// Reserved : 0 (must be 0)
// Extention (E) : 0
// Sequence number (S) : 0
// N-PDU number flag (PN) : 0
header_type gtpu_t {
fields { // 8bytes
flags : 8;
type : 8;
length : 16;
teid : 32;
}
}
header gtpu_t gtpu;
header_type ipv6_srh_t {
fields {
nextHeader : 8;
hdrExtLen : 8;
routingType : 8;
segmentsLeft : 8;
lastEntry : 8;
flags : 8;
tag : 16;
}
}
header ipv6_srh_t ipv6_srh;
header_type ipv6_srh_segment_t {
fields {
sid : 128;
}
}
#define SRH_MAX_SEGMENTS 3 // +1 for inline mode
header ipv6_srh_segment_t ¥
ipv6_srh_segment_list[SRH_MAX_SEGMENTS+1];
Using array_instance
for Segment List
40. proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 41
parsers (GTP)
> p4src/include/parser.p4
// GTP signaling and control (GTP-C)
#define UDP_PORT_GTPC 2123
// GTP user data messages (GTP-U)
#define UDP_PORT_GTPU 2152
parser parse_udp {
extract(udp);
return select(latest.dstPort) {
// UDP_PORT_GTPC : parse_gtpc;
UDP_PORT_GTPU : parse_gtpu;
default: ingress;
}
}
> p4src/include/gtp.p4
parser parse_gtpu {
extract(gtpu);
return ingress;
return select(current(0,4)) { // version field
0x04 : parse_gtpu_ipv4;
0x06 : parse_gtpu_ipv6;
}
}
parser parse_gtpu_ipv4 {
extract(gtpu_ipv4);
return ingress;
}
parser parse_gtpu_ipv6 {
extract(gtpu_ipv6);
return ingress;
}
Using 1st 4 bits to
identify payload
41. proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 42
parsers (SRv6)> p4src/include/parser.p4
#define IP_PROTOCOLS_SRV6 43
parser parse_ipv6 {
extract(ipv6);
return select(latest.nextHdr) {
//IP_PROTOCOLS_ICMP6 : parse_icmp6;
IP_PROTOCOLS_TCP : parse_tcp;
IP_PROTOCOLS_UDP : parse_udp;
IP_PROTOCOLS_SRV6 : parse_ipv6_srh;
default: ingress;
}
}
> p4src/include/srv6.p4
parser parse_ipv6_srh {
extract(ipv6_srh);
return parse_ipv6_srh_seg0;
}
parser parse_ipv6_srh_seg0 {
extract(ipv6_srh_segment_list[0]);
return select(ipv6_srh.lastEntry) {
0 : parse_ipv6_srh_payload;
default: parse_ipv6_srh_seg1;
}
}
...
Have parser for each SID
and move on based on
ipv6_srh.lastEntry value
parser parse_ipv6_srh_payload {
return select(ipv6_srh.nextHeader) {
//IP_PROTOCOLS_ICMP : parse_icmp;
IP_PROTOCOLS_IPV4 : parse_ipv4;
IP_PROTOCOLS_TCP : parse_tcp;
IP_PROTOCOLS_UDP : parse_udp;
IP_PROTOCOLS_IPV6 : parse_ipv6_inner;
default: ingress;
}
}
parser parse_ipv6_inner {
extract(ipv6_inner);
return ingress;
}
42. SRv6 Mobile User Plane | Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 43
SRv6 actions (srv6_End_M_GTP6_D)
action srv6_End_M_GTP6_D2(srcAddr, sid0, sid1) {
remove_header(udp);
remove_header(gtpu);
subtract_from_field(ipv6.payloadLen, 16); // UDP(8)+GTPU(8)
modify_field(ipv6.nextHdr, IP_PROTOCOLS_SRV6);
add_to_field(ipv6.payloadLen, 8+16*1); // SRH(8)+Seg(16)*1
ipv6_srh_insert(0); // push srh with nextHeader=0
// TODO: support non-IPv6(41) payload
modify_field(ipv6_srh.nextHeader, IP_PROTOCOLS_IPV6);
add_header(ipv6_srh_segment_list[0]);
modify_field(ipv6_srh_segment_list[0].sid, sid1);
// End.M.GTP6.D use seg0 as DA, but does NOT include it in the seg list.
modify_field(ipv6_srh.hdrExtLen, 2); // 2bytes*(number of seg)
modify_field(ipv6_srh.segmentsLeft, 1);
modify_field(ipv6_srh.lastEntry, 0); // sid0 is not included thus 1 smaller.
// 4. set the outer IPv6 SA to A
modify_field(ipv6.srcAddr, srcAddr);
// 5. set the outer IPv6 DA to S1
modify_field(ipv6.dstAddr, sid0);
// 6. forward according to the first segment of the SRv6 Policy
}
action srv6_End_M_GTP6_D3(srcAddr, sid0, sid1, sid2) {
...
multiple srv6_End_M_GTP_D*
based on number of SIDs to insert.
How to identify nextHeader is still under discussion.
Most likely it would be configured by control plane and
not by identifying based on 1st 4 bits (IP version field)
[IP][UDP][GTP][IP-inner]
=> [IP][SRH][IP-inner]
43. SRv6 Mobile User Plane | Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 44
SRv6 actions (srv6_End_M_GTP6_E) (1/2)
action srv6_End_M_GTP6_E(srcAddr) {
subtract_from_field(ipv6_srh.segmentsLeft, 1);
modify_field(ipv6.srcAddr, srcAddr);
// 4. store TEID in variable new_TEID
bit_and(srv6_meta.teid, 0x000000000000000000000000ffffffff, ipv6.dstAddr);
// 5. pop IP header and all it's extension headers
// don't pop IPv6 header. will reuse it.
remove_header(ipv6_srh);
remove_header(ipv6_srh_segment_list[0]);
remove_header(ipv6_srh_segment_list[1]);
remove_header(ipv6_srh_segment_list[2]);
remove_header(ipv6_srh_segment_list[3]);
// 7. set IPv6 DA to new_DA
// Maybe we need table to call srv6_End_M_GTP6_E1~3 based on SL,
// But let's assume SL=1 when packet reaches SRGW and SL[0] is gNB addr.
modify_field(ipv6.dstAddr, ipv6_srh_segment_list[0].sid);
// Adjust IP length: UDP(8)+GTP(8) - ( SRH(8) + SEG(16)*(n+1) )
srv6_meta.ipv6_payloadLen = ipv6.payloadLen+8+8-8-16; // TODO
modify_field(ipv6.payloadLen, srv6_meta.ipv6_payloadLen);
modify_field(ipv6.nextHdr, IP_PROTOCOLS_UDP);
...
SID of End.M.GTP6.E is SRGW(96)::TEID(32)
mask right most 32 bits to get TEID from SID
[IP][SRH][IP-inner]
=> [IP][UDP][GTP][IP-inner]
44. SRv6 Mobile User Plane | Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 45
SRv6 actions (srv6_End_M_GTP6_E) (2/2)
// 6. push new IPv6 header and GTP-U header
add_header(udp);
add_header(gtpu);
// Although identical, you have to add gtpu_ipv6 and remove ipv6_inner
// to help deparser to understand it would come after gtpu_ipv6 header.
add_header(gtpu_ipv6);
copy_header(gtpu_ipv6, ipv6_inner);
remove_header(ipv6_inner);
modify_field(udp.srcPort, 1000); // TODO: generate from flow label, or random??
modify_field(udp.dstPort, UDP_PORT_GTPU);
// ipv6.payloadLen does not include ipv6 header. udp.len does include udp header.
// Thus, udp.length = ipv6.payloadLen.
modify_field(udp.length_, ipv6.payloadLen);
// TODO: update UDP checksum
// 8. set GTP_TEID to new_TEID
modify_field(gtpu.teid, srv6_meta.teid);
modify_field(gtpu.flags, 0x30);
modify_field(gtpu.type, 255); // G-PDU(255)
// gtpu.length length of payload and optional fields.
// exclude udp(8) and 8 byte mandatory field (including teid)
modify_field(gtpu.length, udp.length_-16);
// 9. lookup the new_DA and forward the packet accordingly
}
[IP][SRH][IP-inner]
=> [IP][UDP][GTP][IP-inner]
deparser identify packet to construct
not as BYTE array but as FIELDs
45. #15 #16
#1
veth1#12
#11
SRv6 Mobile User Plane | Proto-type using P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 46
Setup: demo/IPv6-GTP-Interworking.md
UE
(user)
UPF1
(SRGW)
UPF2
(PGW?)
DN
(server)
S1gNB
#0
#14#13
veth0
namespace
host0
namespace
host1simple_switch (bmv2)
Thrift-port: 9090
simple_switch (bmv2)
Thrift-port: 9091
Running on single host: Ubuntu 16.04.4
Used 2 (two) BMv2 instance with thrift-port 9090/9091
Both end hosts are Linux netns (network namespace)
bmv2/targets/simple_switch/runtime_CLI --thrift-port 9090
bmv2/targets/simple_switch/runtime_CLI --thrift-port 9090
Runtime CLI
49. SRv6 Mobile User Plane | Proto-type using P4
• Running P4 SRv6 on P4 Switch (ASIC) and SmartNIC (NPU/FPGA)
• Interop with other implementations (Linux, Router etc..)
• Test scalability (packet forwarding performance)
• Implement using P4-16
• (hopefully) cleaner way to code de-serializer
• refactor code and integrate with basic switching features (L2/L3 switching)
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 50
Next Steps
50. proto-typing new protocol with P4
proto-typing new protocol with P4, SRv6 for Mobile User Plane | ONOS/CORD meetup in Tokyo | 2018/04/20 51
conclusion
You can proto-type a new protocol quickly using P4
Easy to test/demo (BMv2 software)
Can scale running on hardware (P4 ASIC/NPU)
Source Code Available on GitHub
P4 Proto-type of SRv6 functions with SRv6 for Mobile User Plane
https://github.com/ebiken/p4srv6
how to run demo
https://github.com/ebiken/p4srv6/blob/master/demo/IPv6-GTP-Interworking.md