How Cisco Participates In Open Source
• Contributions 100+ projects, for over 25 years
• Linux Kernel – 25th largest contributor in the world
• Protocol development: SCTP, XMPP, PTS/VNTAG, LISP, …
• OpenDaylight
• OpenStack
• OPNFV – Open Platform for NFV
• Apache SpamAssassin, OVS, …
• Eclipse Tigerstripe, Krikkit, …
• Sourcefire snort, razorback, clamav, …
• Mozilla Ikran, Open.h264
• ConfD
• And many, many more…
• Community participation
• Linux Foundation, Snort, Eclipse, Apache, FreeBSD, Mozilla, etc.
Networking Open Source Project Participation ~ 2 years
Cisco and OpenStack
• Cisco Validated Designs for production deployments
• Work closely and jointly with customers to design and build their OpenStack environment
• OpenStack based Global Intercloud hosted across Cisco and partners data centers
• Cisco Webex Service running on OpenStack
• Automation (Puppet) and architectures (HA) for production deployment and operational support
• Neutron/Nova Plug-ins for Cisco product lines – Nexus, CSR, ACI, UCS
• Code contributions across several services – Network. Compute, Dashboard, Storage
• Foundation Board member
Community Participation
Engineering/ Automation
Partners/ Customers
Cloud Services
OPNFV
• Open Platform for Network Function Virtualization (OPNFV)
• Realization of ETSI NFV Architecture
• Integration of open source components – “the glue”
• Interoperable across industry partners and usage models
• Active in upstream open source communities
• System integration as open community effort
OPNFV
• Open Platform for Network Function Virtualization (OPNFV)
• Realization of ETSI NFV architecture
• Integration of open source components –“the glue”
• Interoperable across industry partners and usage models
• Active in upstream open source communities
• System integration as open community effort
18
Evolution of Programmable Networking
• Many industries are transitioning to a more dynamic model to deliver network services
• The great unsolved problem is how to deliver network services in this more dynamic environment
• Inordinate attention has been focused on the non-local network control plane (controllers)
• Necessary, but insufficient
• There is a giant gap in the capabilities that foster delivery of dynamic Data Plane Services
Programmable Data Plane
Issues/Limitations with Existing Data Plane Solutions
• Known issues with Performance, Scalability & Stability
• Overly Complex Architectures
- Hard to evolve
- Slow rate of innovation
- Steep learning curve
• Hard to deploy/upgrade/operate
- slow cycles, too many kernel dependencies
• Lack of :
- automated end-to-end system testing frameworks
- leads to unpredictable system behavior
- support for diverse/custom hardware
- portability across compute platforms
- optimal use of compute microarchitectures
- network level instrumentation
- Few debugability features
- Few if any Statistics/Counters exposed
Fast Data Project – FD.io
• Collaborative open source project in Linux foundation
• High performance I/O services framework for dynamic computing
• User space I/O services framework
• Hardware, kernel, and deployment (bare metal, VM, container) agnostic
• 6WIND, Brocade, Cavium, Cisco, Comcast, Ericsson, Huaiwei, Inocybe, Intem, Mesosphere, Project Calico (Metaswitch), PLUMgrid, Red Hat
Introducing VPP – Vector Packet Processor Introducing Vector Packet Processor - VPP
§ VPP is a rapid packet processing development platform for
highly performing network applications.
§ It runs on commodity CPUs and leverages DPDK
§ It creates a vector of packet indices and processes them
using a directed graph of nodes – resulting in a highly
performant solution.
§ Runs as a Linux user-space application
§ Ships as part of both embedded & server products, in volume
§ Active development since 2002
DRAFT - Linux Foundation Confidential 4
NetworkIO
PacketProcessing
DataPlaneManagementAgent
BareMetal/VM/Container
VPP in the Overall Stack
fd.io Foundation 10
Hardware
Application Layer / App Server
VM/VIM Management Systems
Network Controller
Operating Systems
Data Plane Services
Orchestration
Network IO VPP Packet Processing
vSwitch FD.io evolution
VPP processes the vector of packets through a Packet Processing graph.
Openstack to VPP integration VPP vs OVS performance
https://fd.io/technology
VPP Feature summary VPP Feature Summary
DRAFT - Linux Foundation Confidential 8
14+ MPPS, single core
Multimillion entry FIBs
Source RPF
Thousands of VRFs
Controlled cross-VRF
lookups
Multipath – ECMP and Unequal
Cost
Multiple million Classifiers –
Arbitrary N-tuple
VLAN Support – Single/Double
tag
Counters for everything
Mandatory Input Checks:
TTL expiration
header checksum
L2 length < IP length
ARP resolution/snooping
ARP proxy
IPv4/IPv6 IPv4
GRE, MPLS-GRE, NSH-GRE,
VXLAN
IPSEC
DHCP client/proxy
CG NAT
IPv6
Neighbor discovery
Router Advertisement
DHCPv6 Proxy
L2TPv3
Segment Routing
MAP/LW46 – IPv4aas
iOAM
MPLS
MPLS-o-Ethernet –
Deep label stacks
supported
L2
VLAN Support
Single/ Double tag
L2 forwarding with EFP/
BridgeDomain concepts
VTR – push/pop/Translate
(1:1,1:2, 2:1,2:2)
Mac Learning – default limit of
50k addresses
Bridging – Split-horizon group
support/EFP Filtering
Proxy Arp
Arp termination
IRB – BVI Support with
RouterMac assignment
Flooding
Input ACLs
Interface cross-connect
========
TC5 120ge.vpp.24t24pc.ip4.cop
TC5.0 120ge.2pnic.6nic.rss2.vpp.24t24pc.ip4.cop
d. testcase-vpp-ip4-cop-scale
120ge.2pnic.6nic.rss2.vpp.24t24pc.ip4.2m.cop.2.copip4dst.2k.match.100
64B, 138.000Mpps, 92,736Gbps
IMIX, 40.124832Mpps, 120.000Gbps
1518, 9.752925Mpps, 120.000Gbps
---------------
Thread 1 vpp_wk_0 (lcore 2)
Time 45.1, average vectors/node 23.44, last 128 main loops 1.44 per node 23.00
vector rates in 4.6791e6, out 4.6791e6, drop 0.0000e0, punt 0.0000e0
Name State Calls Vectors Suspends Clocks Vectors/Call
TenGigabitEtherneta/0/1-output active 9003498 211054648 0 1.63e1 23.44
TenGigabitEtherneta/0/1-tx active 9003498 211054648 0 7.94e1 23.44
cop-input active 9003498 211054648 0 2.23e1 23.44
dpdk-input polling 45658750 211054648 0 1.52e2 4.62
ip4-cop-whitelist active 9003498 211054648 0 4.34e1 23.44
ip4-input active 9003498 211054648 0 4.98e1 23.44
ip4-lookup active 9003498 211054648 0 6.25e1 23.44
ip4-rewrite-transit active 9003498 211054648 0 3.43e1 23.44
---------------
Thread 24 vpp_wk_23 (lcore 29)
Time 45.1, average vectors/node 27.04, last 128 main loops 1.75 per node 28.00
vector rates in 4.6791e6, out 4.6791e6, drop 0.0000e0, punt 0.0000e0
Name State Calls Vectors Suspends Clocks Vectors/Call
TenGigabitEthernet88/0/0-outpu active 7805705 211055503 0 1.54e1 27.04
TenGigabitEthernet88/0/0-tx active 7805705 211055503 0 7.75e1 27.04
cop-input active 7805705 211055503 0 2.12e1 27.04
dpdk-input polling 46628961 211055503 0 1.60e2 4.53
ip4-cop-whitelist active 7805705 211055503 0 4.35e1 27.04
ip4-input active 7805705 211055503 0 4.86e1 27.04
ip4-lookup active 7805705 211055503 0 6.02e1 27.04
ip4-rewrite-transit active 7805705 211055503 0 3.36e1 27.04
Embedded Telemetry
Cisco Confidential
VPP vRouter/vSwitch: Local Programmability
1
4
Linux Host
Kernel
DPDK
VPP App External
App
Low Level API
• Complete
• Feature Rich
• High Performance
• Example: 500k routes/s
• Shared memory/message queue
• Box local
• All CLI tasks can be done via API
Generated Low Level Bindings - existing today
• C clients
• Java clients
• Others can be done
Cisco Confidential
VPP vRouter/vSwitch: Remote Programmability
fd.io Foundation 1
5
Linux Host
Kernel
DPDK
VPP App Data Plane
Management
Agent
High Level API: An approach
• Data Plane Management Agent
• Speaks low level API to VPP
• Box (or VM or container) local
• Exposes higher level API via some
binding
Flexibility:
• VPP does not force a particular Data
Plane Management Agent
• VPP does not force only *one* High
Level API
• Anybody can bring a Data Plane
Management Agent
• High Level API/Data Plane
Management Agent
• Match VPP app needs
netconf/yang REST Other (BGP)
Cisco Confidential
Continuous Performance Lab (CPL)
• Fully automated testing infrastructure
• Covers both programmability and data planes
• Continuous verification of code/feature
• Functionality and performance
• Code breakage and performance degradations identified before patch review
• Review, commit and release resource protected
• Fully open sourced test framework to be included at launch
Develop
Submit Patch
Automated Testing
Deploy
• Virtualisation / automation / orchestration has made real-time service provisioning possible
• Open source big data / analytics technologies now being widely applied outside of big web companies
• OSS architectures simply not keeping pace with the rest of industry
• No coherent industry direction on how OSS needs to change in the presence of these new technologies
Panda Context
Cisco Confidential 18 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
OSS Analytics is a big data problem! i.e. OSS analytics applications can be addressed by performing a
query function against the entire OSS data set Fault management = (event data)
Performance management = (metric data)
Billing mediation = (event data, metric data)
Capacity management = (metric data)
Security analytics = (metric data, route data)
…
Relationship Between Orchestration and Analytics
Orchestration OSS Analytics
Data Center Core Access &
Aggregation
User
Sta
te
Da
ta
Related as loosely coupled
but tightly integrated systems
OSS analytics is responsible for
collecting data from the
infrastructure, monitoring and
analysis
The “F_APS” in FCAPS
Orchestration is responsible
for service provisioning and
pushes state to the
infrastructure
The “C” in FCAPS
We have platforms for
orchestration in NSO, ODL,
Openstack
We need a companion
platform for OSS Analytics
PlAtform for Network Data Analytics - Vision
• Simple, scalable, open big data / analytics platform
• Forms a generic big data analytics platform supporting different types of analytics applications for cloud based networks and services
- Operational Intelligence, e.g. OSS
- Business intelligence, e.g. BSS
• Leverage rapid innovation in Big Data analytics space
Orchestration
Controllers
Customer
Devices
Applications
QoE Monitoring
Infr
astr
uct
ure
an
d
serv
ice-
leve
l dat
a C
ust
om
er-l
evel
d
ata
Data
Distribution
Data Store
& Processing
Open Data Platform
Producers:
Data aggregation
Event Data
Log Data
Metric Data
Network Telemetry
Data Sources
App
App
App
App
App
App
App
Consumers:
Data analysis
Applications
Inventory Topology Geography Geography
Context:
Horizontally
Scalable Data
Platform
Applications
App
App
App
Live stream
PlAtform for Network Data Analytics - Principles
Orchestration
Controllers
Customer
Devices
Applications
QoE Monitoring
Infr
astr
uct
ure
an
d
serv
ice-
leve
l dat
a C
ust
om
er-l
evel
d
ata
Data
Distribution
Data Store
& Processing
Master Data
Store
Open Data Platform
Batch
Processing
Stream
processing
Real Time
Data Store
Deep H
isto
rical Q
uery
R
eal T
ime Q
uery
Producers:
Data aggregation
Event Data
Log Data
Metric Data
Network Telemetry
Data Sources
Inventory Topology Geography Geography
Context:
• Decouple data aggregation (publishers) from data analysis (consumers) – allow any OSS app the potential to access any data source
• Simple, scalable, open data distribution platform
- Scale-out architecture with support for horizontal scale in all core components
- Very highly available core platform
- Low and predictable latency
• Immutable dataset with minimal filtering/processing on ingress
• Analytics based approach to analysis functions
• Support for streaming apps, real-time queries and batch processing
Live stream
App
App
App
App
App
App
App
Consumers:
Data analysis
Applications
App
PlAtform for Network Data Analytics - Benefits
Data
Distribution
Data Store
& Processing
Master Data
Store
Open Data Platform
Batch
Processing
Stream
processing
Real Time
Data Store
Deep H
isto
rical Q
uery
R
eal T
ime Q
uery
Producers:
Data aggregation
Event Data
Log Data
Metric Data
Network Telemetry
Data Sources
Capacity Analytics
Billing (Mediation)
Business Intelligence
Fault Analysis
Perf Analysis
Log Analytics
Security and Threat Analysis
Inventory
Consumers:
Data analysis
Applications
Inventory Topology Geography Geography
Context:
Live stream
SNMP
Logs
SNMP
Monit,
Collectd,
Logstash,
Ceilometer
Netflow
• An open system architecture
• Collect data once – allow any analysis application to mine any data source, leveraging the full value of the OSS dataset
• Extensible – add new OSS analysis functions quickly and seamlessly with minimum of development cost
• Leverage rapid innovation in Big Data analytics space
• SDO and OSS “partnership” – a collaborative loop
• SDOs to align with properly governed OSS projects
• Proven, neutral third-party management, proper licensing, support infrastructure, public participation
• Linux Foundation, Apache Foundation, OpenStack Foundation, Eclipse Foundation
• Reward the “right type of open” projects – active and open communities
• Projects that produce utility for the industry vs “dead code repository”
• Support projects that compliment the standards development
• Example: OpenDaylight (Linux Foundation) – driving YANG modeling into IETF and other OSS
• Example: OPNFV (Linux Foundation) – NFV Platform, leveraging ETSI NFV architecture & specs
Embrace “Good” Open Source