37
The MANTICORE Project: Providing Users with a Logical IP Network Service Eduard Grasa, Fundació i2cat
| Date post: | 24-Apr-2015 |
| Category: |
Documents |
| Upload: | networksguy |
| View: | 584 times |
| Download: | 1 times |
The MANTICORE Project: Providing Users with a Logical IP Network Service
Eduard Grasa, Fundació i2cat
Agenda
• The MANTICORE Project Vision
• MANTICORE Implementation
– The IaaS Framework (UCLP Evolution)
– User Roles
– Software Architecture
• How does it work: GUI preview
• DEMO at TNC 2008
• Future work: MANTICORE and RPSL
• MANTICORE and the FEDERICA Project
2
Beyond bandwidth on demand services
• The main goal: Create an innovative service that provides the network NOC and/or the end user with the ability to customize the configuration of its own dedicated IP physical and/or logical network.
• Several research challenges:– Representation of routing devices: physical equipment from
different vendors, multiple configuration protocols, APIs, …– Representation of routing policies: Some mechanism must be
created to provide the user with the ability to express potentially complex requests (such as BGP policies) in a simple way.
– Federation of user-defined autonomous systems (ASs): Users can create their own IP domains and choose to what other IP domains they want to peer with.
3
The MANTICORE vision
Other user(s) IP Network or the Internet
Physical Router
Logical Router
Physical Link
Logical Link
User Site
Each user’s IP network is represented by a different color
4
The MANTICORE use cases
5
Use case 1
Single LR
Use case 3
External
routing
Other User(s) IP network and/or
peering networks
Use case 2
Multiple LR
Agenda
• The MANTICORE Project Vision
• MANTICORE Implementation
– The IaaS Framework (UCLP Evolution)
– User Roles
– Software Architecture
• How does it work: GUI preview
• DEMO at TNC 2008
• Future work: MANTICORE and RPSL
• MANTICORE and the FEDERICA Project
6
What is virtualization?What is IaaS?
• Virtualization consists of representing a physical device/substrate as a Software entity (P2V)– Initially started with PC virtualization (VMware, Virtual Iron,
VirtualPC)– These were used locally in the data centres – Amazon and BlueLock pioneer the IaaS service by renting
hardware using proprietary solutions
• IaaS is equivalent of SaaS for hardware devices– Users pay to use shared infrastructures– Monthly fees or Pay per use– Long term exchanges compared to on-demand services– Users control/own the infrastructure
7
UCLP, Argia and the IaaS Framework• Two UCLP research programs were put in place by CANARIE to
provide a virtualization solution for optical networks starting in 2001– UCLP initial goal was to provide end to end paths across domains– UCLPv2 goals were to create reusable and configurable network
blocks
• UCLPv2 concepts are evolving into many different Physical to Virtual (P2V) products and R&D projects that are built on the IaaS Framework:– Argia -> Product for Optical Networks – Ether -> R&D for Ethernet and MPLS Networks – MANTICORE -> R&D for virtualized IP Networks – GRIM -> R&D for Instruments and Sensors
RMC MANTICOREETHER
GRIM CHRONOS
8
IaaS FrameworkWhat is the IaaS Framework?
• The Infrastructure as a Service (IaaS Framework), http://www.iaasframework.com is,– A generalized approach to the outcome of years of research
under the UCLP Research programs funded by CANARIE– A set of software resources used to administer a domain
from user workspaces, to resource exchanges, permissions and security
– A list of operation providers that can be used to quickly provide functionalities like permissions/security, reservation, topology and allow them to seamlessly integrate in the Resource Management Centre (RMC)
– Libraries and tools to manage persistence or communication with the hardware devices
– The enabling technology for upcoming products and R&D initiatives
9
Device Controller Services
Device Virtualization Services
Optical SwitchResources
Router Resources
Scenarios Resources
Network Virtualization Services
Ethernet Switch Resources
IP NetworkResources
TDM Timeslot
Resources
Ethernet Port
Resources
WDM Resources
ConnectionsResources
VLAN Resources
Physical Network
Resources
Resource List Resources
Application Services
WS
MANTICORE (IP Research Project)
WS
Framework (Open Source)
WS
Ether™ (Product) (Ethernet Networks)
WS
Argia™ (Product) (Optical Networks)
Resource Management Centre and User Web Portal.
WS
GRIM(Virtual Instruments Research)
GRIM Resources
Instrument Resources
Appliance Resource
Support Services
User WorkspaceResources
Unless specified otherwise the development is being performed in partnership by i2CAT, CRC and Inocybe Technologies.
RCP WEB (Development)
. . .
IaaS Framework, Products and Research Projects Architecture
10
• Physical Network Administrator: Owners of physical infrastructure. He can virtualize (create a software object that represents all or a part of a physical infrastructure) the physical infrastructure and give permissions to users (=export virtual resources) so they can have limited control over the resources.
• APN (or Virtual Network) Administrator: He gathers resources from one or more physical network administrators or other APN Administrators (by asking them or through resource brokers). He also assigns the resources he’s harvested to different services (for instance, he could assign a set of ethernet port resources to the VLAN Service, or a set of logical routers to the IP Network Service).
• End User: Just uses the services provided by the software. For instance, if there is a reservation service, the user can ask for network reservations; if there is an IP Network Service, the user can configure its IP Network; if there is a VLAN Service, the user can ask for an end to end VLAN, and so on (this type of user JUST SEES THE SERVICE INTERFACE, he cannot collect or trade virtual resources, it is the traditional end user).
User Roles
11
Resource Trading
User A
Provider 1
User B
Provider 2
User C
Resource List
Resource ListResource List
Resource List
12
Network Virtualization Services• They offer a service to the end user on top of the virtual resources.
The following could be examples of network virtualization services:
Reservation Service
Creates point to point connections (inmediate or in advance) over SONET/SDH resources (withVCAT, LCAS, GFP)
IP Network Service
Creates an IP network Service where the user can configure internal routing protocols, external peering, …
…
Other.. (put the service that you want here)
GMPLS Service
Has the functionalities of a GMPLS node (Connection Controller, Routing Controller, …) Speaks GMPLS Protocols (OSPF, RSVP), and can be seen as a GMPLS domain by external entities
13
MANTICORE Software Architecture
14
Router-WS Virtual Resource Services
Ethernet Resource WS
TDM Resource WS
. . .
IP Network
WS
GUI client(s)
RPSL may be used to let the GUI specify high level routing policies (internal as well as external) to the IP Network WS
Transforms the routing configuration abstract description in high level operations that will be invoked in the Router WS over one or more virtual resources
Represent the physical (ports) or logical interfaces (VLANs, TDM Channels) that users can access.
Transforms the high level operations over one or more virtual resources into specific commands that each particular routing device can understand
Netconf
Juniper device
Protocol X
Other vendor device
Protocol Y
Software router
User WorkspaceWS
Manage user accounts, get user credentials, authenticate
IP Network Service Functionality
• General configuration of the router interfaces:– The user can configure the IP address, the NETMASK, the
status (up or down) and other general parameters of the interface.
• Add/Delete static route– The user applies a static entry to the routing table. This static
entry can be for one or more source interfaces.
• Configure an IGP on a interface or the whole network– The user of an IP Network can apply a dynamic routing
protocol (initially OSPF and RIP) to every interface inside it, and modify the IGP parameters.
• Configure an EGP on an interface or the whole network– The user can decide to what other IP Networks he wants to
peer with, and choose what routes are advertised to external networks. Simple BGP configurations will be generated (iBGP will also be configured between BGP nodes of the same AS)
15
First implementation limitations
• Only deal with Juniper routers using the Netconf JunOS XML API
• RPSL (will explain later) won’t be used as a means of describing abstract routing configurations (instead, a proprietary simple and limited representation will be used).
• WS-Security: WS Messages are not encrypted nor signed.
• The implementation is a proof of concept, not a complete solution: working prototypes of the services will be implemented, but some features and performance optimization will be left for future work
16
Agenda
• The MANTICORE Project Vision
• MANTICORE Implementation
– The IaaS Framework (UCLP Evolution)
– User Roles
– Software Architecture
• How does it work: GUI preview
• DEMO at TNC 2008
• Future work: MANTICORE and RPSL
• MANTICORE and the FEDERICA Project
17
Example deployment
• Two organizations:– NORDUnet: Physical Network Administrator. In this very
simple example it operates a network with one physical router.
– i2CAT: Virtual Network Administrator. In this very simple example it will request two logical routers to NORDUnet.
• MANTICORE Software deployment
18
NORDUnet Server:
- User Workspace WS- Ethernet Resource WS- IP Network WS- Router WS
i2cat Server:(optional)
- User Workspace WS- Ethernet Resource WS- IP Network WS
NORDUnet discovers the physical router
19
• When NORDUnet first launches the GUI client, it must create a new physical network and add all the routers they want to manage to it.
NORDUnet Physical Network with the Router
20
NORDUnet PN Admin creates logical routers
21
• NORDUnet admin creates some logical interfaces, two logical routers and assigns these logical interfaces to the logical routers.
• He also creates a logical tunnel between the two logical routers (new LT interfaces are created).
NORDUnet PN with the Router and the LRs
22
Creation of virtual links and virtual interfaces
• NORDUnet PN Admin creates a resource list (list of resources that can be accessed by NORDUnet or a 3rd party).
• NORDUnet PN Admin creates virtual interfaces and virtual links (kind of proxy objects that represent the remotely configurable interfaces and links), and adds them to the resource list.
23
Exporting resources
• NORDUnet PN Admin exports the resource list to i2cat (permissions are set on the resources so that i2cat’s users can access and modify the resources on the resource list).
• i2cat APN Admin, launches its GUI Client, logs into the server and downloads the resource list.
24
NORDUnet Server:i2cat Server:(optional)
Resource List
i2cat’s IP Network
• i2cat APN Admin creates a new IP Network and adds the resources of the resource list to it.
25
• Now he can configure the IP parameters of the interfaces, configure IGPs, configure the peering, ...
Example: RIP Configuration wizards
26
Agenda
• The MANTICORE Project Vision
• MANTICORE Implementation
– The IaaS Framework (UCLP Evolution)
– User Roles
– Software Architecture
• How does it work: GUI preview
• DEMO at TNC 2008
• Future work: MANTICORE and RPSL
• MANTICORE and the FEDERICA Project
27
TNC 2008 MANTICORE Demo
28
• During the Terena Networking Conference 2008 (Bruges, 19-22 May) at the Juniper booth, the following scenario is going to be demonstrated.
router1.rediris.es
router4.rediris.es
router2.rediris.es
router3.rediris.es
router5.rediris.es
AREA 0
AS10AS20
ge-0/0/0
ge-0/0/0
ge-1/0/0
ge-1/0/0
ge-2/0/0 ge-2/0/0
ge-3/0/0
ge-3/0/0
ge-3/0/0
ge-3/0/0
192.168.0.1
192.168.0.2
192.168.1.1
192.168.1.2
192.168.2.2
192.168.2.1
192.168.20.1
192.168.20.2
192.168.10.1
192.168.10.2
AS1
eBGPlo0: 10.10.1.1/32
lo0: 10.10.1.3/32
lo0: 10.10.1.2/32
lo0: 10.10.10.4/32
lo0: 10.10.20.5/32
static
Agenda
• The MANTICORE Project Vision
• MANTICORE Implementation
– The IaaS Framework (UCLP Evolution)
– User Roles
– Software Architecture
• How does it work: GUI preview
• DEMO at TNC 2008
• Future work: MANTICORE and RPSL
• MANTICORE and the FEDERICA Project
29
RPSL: Routing Policy Specification Language
• Language used to describe the routing policies of an AS. E.g.
30
davew@byron:~$ whois as1213aut-num: AS1213as-name: HEANET
import: from AS3549 # Global Crossing action pref=100; accept ANYimport: from AS2850 # UCD action pref=50; accept AS2850
export: to AS3549 # Global Crossing announce AS-HEANETexport: to AS2850 # UCD [client] announce ANY
...but just send you ours
Transit providerWe'll take entire internet's routes
Client - we only wantto see your own network
...we'll send you all we've got
RPSL in MANTICORE• RPSL can be used as a means of describing the external routing policies as
well as the IGP configurations (with minor extensions).
• These RPSL descriptions can be taken as an input by the IP Network WS and then generate the high level operations to invoke at the Router WS (remember the architecture picture).
• Implementation status: RPSL RFCs (2622, RPSL and 4012, RPSLng) have been studied, and some preliminary RPSL descriptions for the MANTICORE use cases have been generated. Not implemented yet due to time constraints.
31
Router-WS Virtual Resource Services
Ethernet Resource WS
TDM Resource WS
. . .
IP Network
WS
GUI client(s)
RPSL may be used to let the GUI specify high level routing policies (internal as well as external) to the IP Network WS
Transforms the routing configuration abstract description in high level operations that will be invoked in the Router WS over one or more virtual resources
Represent the physical (ports) or logical interfaces (VLANs, TDM Channels) that users can access.
Transforms the high level operations over one or more virtual resources into specific commands that each particular routing device can understand
Netconf
Juniper device
Protocol X
Other vendor device
Protocol Y
Software router
User WorkspaceWS
Manage user accounts, get user credentials, authenticate
Other Future Work
• Integrate MANTICORE with the other IaaS Framework based network virtualization solutions:– With Argia, product for optical networks (TDM, WDM, Fibre).– With Ether, upcoming product for Ethernet and MPLS networks.
• Create drivers for other router vendors
• Add more features to the IP Network WS– Allow APN Admins and end users to create new logical
interfaces– Provide means of describing more complex routing policies – Other?
• Work to be carried out within the FEDERICA project– See next section
32
Agenda
• The MANTICORE Project Vision
• MANTICORE Implementation
– The IaaS Framework (UCLP Evolution)
– User Roles
– Software Architecture
• How does it work: GUI preview
• DEMO at TNC 2008
• Future work: MANTICORE and RPSL
• MANTICORE and the FEDERICA Project
33
FEDERICA e-Infrastructure
What: 7th FP project in the area “Capacities - Research Infrastructures”3.7 MEuro EC contribution, 5.2 ME budget, 20 partners, 461 Person Months
When: 1st January 2008 - 30 June 2010 (30 months)
Virtualization infrastructure, a “Network Factory” to provide “slices” to researchers in Future Internet, where a slice is a mix of network circuits and computing elements.
Built using resources (Gb Ethernet circuits) from GÉANT2 and NRENs as contributions to the project.
Open to interconnect other Infrastructures
Connected to Internet (through NRENs)
FEDERICA - Goals Summary— Act as a forum and support for researchers/projects on “Future Internet”.
Support of experimental activities to validate theoretical concepts, scenarios, architectures, control and management solutions. Users have full control of their slice
— Provide on European scale network and system agnostic e-infrastructure to be deployed in phases. Provide its operation, maintenance and on-demand configuration
— Validate and gather experimental information for the next generation of research networking also through basic tool validation
— Dissemination and cooperation between NRENs and researchers’ community
— Contribution to standards in form of requirements and experience
Inscope
— Internal extended research, e.g. advanced optical technology— Development and support of Grid applications — Offer raw computing power— Offer transit capacity
Out ofscope
MANTICORE Activities inside FEDERICA
36
• Add support for more routers (including software routers)
• Interoperability with the IPsphere Framework– The IPsphere Forum has produced the IPsphere Framework
spec, which facilitates the creation of multi-stakeholder and multi-technology services.
– The interoperability implementation must allow users of IPsphere to compose resources coming from MANTICORE (e.g. Logical routers or IP Networks) into an IPsphere Service.
• Add support for virtual machines– Be able to offer a virtual machine as a resource (in a resource
list), the same way it is done with the logical router.
Thanks for your attention! More information:
• MANTICORE:
– Victor Reijs, Network Development Manager, HEAnet
Limited ([email protected])
– Sergi Figuerola, Coordinator of the Network Technologies
Cluster, Fundacio i2cat ([email protected])
• IaaS Framework:
– Inocybe Technologies Inc. http://www.inocybe.ca
– IaaS Framework website: http://www.iaasframework.com
37
![Manticore...[1] FMA [2] FMA [3] Cycles Manticore Floating-Point Repetition (Xfrep) Programmable micro-loop buffer Allows offloading of inner loop bodies mv r0, zero loop: addi r0,](https://static.documents.pub/doc/80x56/60b44fba28663b33853e2574/manticore-1-fma-2-fma-3-cycles-manticore-floating-point-repetition-xfrep.jpg)
