SURFnet ‘BoD’
Bram Peeters (Gerben, Hans)LHCONE, Geneva - February 11th, 2014
BoD: the basics
• ‘Bandwidth on Demand’
• Dedicated bandwidth – 1Mbps-10Gbps today, 100Gbps mid-term– Large circuits that get happy from guarantees– Time is a parameter
• Reserving bandwidth– By human user via GUI– Via machine-machine interface (API: NSI)
2
Where?
3
NetherLight SURFnet
ServiceProvider
A
InstitutionA
InstitutionB
Institution C
GOLE A
GOLE B
MSP
MSP
MSP
How? BoD setup – in SURFnet7 & NetherLight
NOC engineer ApplicationUser
NSINSIInter Domain
GUI APIBoD
Ciena OneControl NMS
Identity Provider
Group ProviderGUI MTOSI
4
SURFnet Autorisatie
Beheer
BoD == building block
• BoD is a building block only, not a complete solution
• Therefore: integration needed:– Applications (cloud VM/storage, workflow, research,
…)– Frameworks (cloud computing, automatic bypass, …)– Portals (SURFdashboard, Service Providers, …)
– Interdomain: standardize on NSI efforts
5
End-to-End?
• Actively implementing NSI Connection Service v2.0 within SURFnet and NetherLight
• Customer software advised to request through NSI
• Automated GOLE as proof and playground for interdomain
• Connection Service is here now, still developing Topology Exchange, Discovery and Monitoring
7
SURFnet/Esnet pathfinderInter-domain BoD
Internet2 ION
SURFnet BoD
RNP OpenNSA
SURFnet/ESnetpathfinder
NSI Connection Service
NSI Topology Service
Doing it – Automated Gole
Moving into production
• Build a semi-production system with NSI v2.0– “quick and dirty” implementation of fully functioning
system– SURFnet together with NORDUnet
• Get enough experience to do real evaluation and improve for production implementation
SURFnet7 NSI Authentication
11
SURFnet7 BoD
User application
OAuth2 Access Token
MTOSI NSI request
OAuth2 Access Token
1) User creates token using BoD GUI
2) User stores token in application
3) Token is included in NSI request
4) BoD uses token to authenticate on behalf of user
W
bram.peeters[at]surfnet.nl
www.surfnet.nl
Creative Commons “Attribution” license: http://creativecommons.org/licenses/by/3.0/