1 / 37

The MANTICORE Project: Providing Users with a Logical IP Network Service

The MANTICORE Project: Providing Users with a Logical IP Network Service. Eduard Grasa , Fundació i2cat. Agenda. The MANTICORE Project Vision MANTICORE Implementation The IaaS Framework (UCLP Evolution) User Roles Software Architecture How does it work: GUI preview DEMO at TNC 2008

annice
Download Presentation

The MANTICORE Project: Providing Users with a Logical IP Network Service

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The MANTICORE Project: Providing Users with a Logical IP Network Service Eduard Grasa, Fundació i2cat

  2. Agenda • The MANTICORE Project Vision • MANTICORE Implementation • The IaaS Framework (UCLP Evolution) • User Roles • Software Architecture • How does it work: GUI preview • DEMO at TNC 2008 • Future work: MANTICORE and RPSL • MANTICORE and the FEDERICA Project

  3. Beyond bandwidth on demand services • The main goal: Create an innovative service that provides the network NOC and/or the end user with the ability to customize the configuration of its own dedicated IP physical and/or logical network. • Several research challenges: • Representation of routing devices: physical equipment from different vendors, multiple configuration protocols, APIs, … • Representation of routing policies: Some mechanism must be created to provide the user with the ability to express potentially complex requests (such as BGP policies) in a simple way. • Federation of user-defined autonomous systems (ASs): Users can create their own IP domains and choose to what other IP domains they want to peer with.

  4. The MANTICORE vision Physical Router User Site Logical Router Each user’s IP network is represented by a different color Physical Link Logical Link Other user(s) IP Network or the Internet

  5. Other User(s) IP network and/or peering networks The MANTICORE use cases Use case 1 Single LR Use case 2 Multiple LR Use case 3 External routing

  6. Agenda • The MANTICORE Project Vision • MANTICORE Implementation • The IaaS Framework (UCLP Evolution) • User Roles • Software Architecture • How does it work: GUI preview • DEMO at TNC 2008 • Future work: MANTICORE and RPSL • MANTICORE and the FEDERICA Project

  7. What is virtualization?What is IaaS? • Virtualization consists of representing a physical device/substrate as a Software entity (P2V) • Initially started with PC virtualization (VMware, Virtual Iron, VirtualPC) • These were used locally in the data centres • Amazon and BlueLock pioneer the IaaS service by renting hardware using proprietary solutions • IaaS is equivalent of SaaS for hardware devices • Users pay to use shared infrastructures • Monthly fees or Pay per use • Long term exchanges compared to on-demand services • Users control/own the infrastructure

  8. UCLP, Argia and the IaaS Framework • Two UCLP research programs were put in place by CANARIE to provide a virtualization solution for optical networks starting in 2001 • UCLP initial goal was to provide end to end paths across domains • UCLPv2 goals were to create reusable and configurable network blocks • UCLPv2 concepts are evolving into many different Physical to Virtual (P2V) products and R&D projects that are built on the IaaS Framework: • Argia -> Product for Optical Networks • Ether -> R&D for Ethernet and MPLS Networks • MANTICORE -> R&D for virtualized IP Networks • GRIM -> R&D for Instruments and Sensors RMC ETHER MANTICORE GRIM CHRONOS

  9. IaaS FrameworkWhat is the IaaS Framework? • The Infrastructure as a Service (IaaS Framework), http://www.iaasframework.com is, • A generalized approach to the outcome of years of research under the UCLP Research programs funded by CANARIE • A set of software resources used to administer a domain from user workspaces, to resource exchanges, permissions and security • A list of operation providers that can be used to quickly provide functionalities like permissions/security, reservation, topology and allow them to seamlessly integrate in the Resource Management Centre (RMC) • Libraries and tools to manage persistence or communication with the hardware devices • The enabling technology for upcoming products and R&D initiatives

  10. Physical Network Resources Resource List Resources Scenarios Resources User Workspace Resources TDM Timeslot Resources Ethernet Port Resources WS WS WS WS Connections Resources VLAN Resources Appliance Resource Ethernet Switch Resources Optical Switch Resources Router Resources IaaS Framework, Products and Research Projects Architecture Unless specified otherwise the development is being performed in partnership by i2CAT, CRC and Inocybe Technologies. WS Framework (Open Source) Ether™ (Product) (Ethernet Networks) MANTICORE (IP Research Project) GRIM (Virtual Instruments Research) Argia™ (Product) (Optical Networks) Application Services Resource Management Centre and User Web Portal. RCP WEB (Development) Device Virtualization Services Network Virtualization Services IP Network Resources Instrument Resources Support Services Device Controller Services GRIM Resources WDM Resources . . .

  11. User Roles • Physical Network Administrator: Owners of physical infrastructure. He can virtualize (create a software object that represents all or a part of a physical infrastructure) the physical infrastructure and give permissions to users (=export virtual resources) so they can have limited control over the resources. • APN (or Virtual Network) Administrator: He gathers resources from one or more physical network administrators or other APN Administrators (by asking them or through resource brokers). He also assigns the resources he’s harvested to different services (for instance, he could assign a set of ethernet port resources to the VLAN Service, or a set of logical routers to the IP Network Service). • End User: Just uses the services provided by the software. For instance, if there is a reservation service, the user can ask for network reservations; if there is an IP Network Service, the user can configure its IP Network; if there is a VLAN Service, the user can ask for an end to end VLAN, and so on (this type of user JUST SEES THE SERVICE INTERFACE, he cannot collect or trade virtual resources, it is the traditional end user).

  12. Resource Trading User A Provider 2 Resource List Resource List Resource List Resource List Provider 1 User C User B

  13. Network Virtualization Services Creates point to point connections (inmediate or in advance) over SONET/SDH resources (withVCAT, LCAS, GFP) ReservationService … IP Network Service Creates an IP network Service where the user can configure internal routing protocols, external peering, … Other.. (put the service that you want here) Has the functionalities of a GMPLS node (Connection Controller, Routing Controller, …) Speaks GMPLS Protocols (OSPF, RSVP), and can be seen as a GMPLS domain by external entities GMPLS Service They offer a service to the end user on top of the virtual resources. The following could be examples of network virtualization services:

  14. IP Network WS Router-WS MANTICORE Software Architecture Manage user accounts, get user credentials, authenticate RPSL may be used to let the GUI specify high level routing policies (internal as well as external) to the IP Network WS User Workspace WS GUI client(s) Transforms the routing configuration abstract description in high level operations that will be invoked in the Router WS over one or more virtual resources TDM Resource WS Ethernet Resource WS Transforms the high level operations over one or more virtual resources into specific commands that each particular routing device can understand . . . Represent the physical (ports) or logical interfaces (VLANs, TDM Channels) that users can access. Virtual Resource Services Protocol Y Protocol X Netconf Software router Other vendor device Juniper device

  15. IP Network Service Functionality • General configuration of the router interfaces: • The user can configure the IP address, the NETMASK, the status (up or down) and other general parameters of the interface. • Add/Delete static route • The user applies a static entry to the routing table. This static entry can be for one or more source interfaces. • Configure an IGP on a interface or the whole network • The user of an IP Network can apply a dynamic routing protocol (initially OSPF and RIP) to every interface inside it, and modify the IGP parameters. • Configure an EGP on an interface or the whole network • The user can decide to what other IP Networks he wants to peer with, and choose what routes are advertised to external networks. Simple BGP configurations will be generated (iBGP will also be configured between BGP nodes of the same AS)

  16. First implementation limitations • Only deal with Juniper routers using the Netconf JunOS XML API • RPSL (will explain later) won’t be used as a means of describing abstract routing configurations (instead, a proprietary simple and limited representation will be used). • WS-Security: WS Messages are not encrypted nor signed. • The implementation is a proof of concept, not a complete solution: working prototypes of the services will be implemented, but some features and performance optimization will be left for future work

  17. Agenda • The MANTICORE Project Vision • MANTICORE Implementation • The IaaS Framework (UCLP Evolution) • User Roles • Software Architecture • How does it work: GUI preview • DEMO at TNC 2008 • Future work: MANTICORE and RPSL • MANTICORE and the FEDERICA Project

  18. Example deployment • NORDUnet Server: • User Workspace WS • Ethernet Resource WS • IP Network WS • Router WS • i2cat Server: • (optional) • User Workspace WS • Ethernet Resource WS • IP Network WS • Two organizations: • NORDUnet: Physical Network Administrator. In this very simple example it operates a network with one physical router. • i2CAT: Virtual Network Administrator. In this very simple example it will request two logical routers to NORDUnet. • MANTICORE Software deployment

  19. NORDUnet discovers the physical router When NORDUnet first launches the GUI client, it must create a new physical network and add all the routers they want to manage to it.

  20. NORDUnet Physical Network with the Router

  21. NORDUnet PN Admin creates logical routers • He also creates a logical tunnel between the two logical routers (new LT interfaces are created). • NORDUnet admin creates some logical interfaces, two logical routers and assigns these logical interfaces to the logical routers.

  22. NORDUnet PN with the Router and the LRs

  23. Creation of virtual links and virtual interfaces • NORDUnet PN Admin creates a resource list (list of resources that can be accessed by NORDUnet or a 3rd party). • NORDUnet PN Admin creates virtual interfaces and virtual links (kind of proxy objects that represent the remotely configurable interfaces and links), and adds them to the resource list.

  24. Exporting resources Resource List i2cat Server: (optional) NORDUnet Server: • NORDUnet PN Admin exports the resource list to i2cat (permissions are set on the resources so that i2cat’s users can access and modify the resources on the resource list). • i2cat APN Admin, launches its GUI Client, logs into the server and downloads the resource list.

  25. i2cat’s IP Network • Now he can configure the IP parameters of the interfaces, configure IGPs, configure the peering, ... • i2cat APN Admin creates a new IP Network and adds the resources of the resource list to it.

  26. Example: RIP Configuration wizards

  27. Agenda • The MANTICORE Project Vision • MANTICORE Implementation • The IaaS Framework (UCLP Evolution) • User Roles • Software Architecture • How does it work: GUI preview • DEMO at TNC 2008 • Future work: MANTICORE and RPSL • MANTICORE and the FEDERICA Project

  28. router1.rediris.es router4.rediris.es router2.rediris.es router3.rediris.es router5.rediris.es TNC 2008 MANTICORE Demo lo0: 10.10.20.5/32 lo0: 10.10.10.4/32 AS10 ge-3/0/0 192.168.20.2 static eBGP 192.168.10.2 AS20 lo0: 10.10.1.1/32 lo0: 10.10.1.2/32 ge-3/0/0 ge-3/0/0 ge-3/0/0 192.168.1.1 192.168.20.1 ge-2/0/0 ge-2/0/0 192.168.10.1 192.168.1.2 ge-1/0/0 ge-0/0/0 192.168.0.1 192.168.2.1 ge-1/0/0 AS1 192.168.0.2 ge-0/0/0 AREA 0 192.168.2.2 lo0: 10.10.1.3/32 • During the Terena Networking Conference 2008 (Bruges, 19-22 May) at the Juniper booth, the following scenario is going to be demonstrated.

  29. Agenda • The MANTICORE Project Vision • MANTICORE Implementation • The IaaS Framework (UCLP Evolution) • User Roles • Software Architecture • How does it work: GUI preview • DEMO at TNC 2008 • Future work: MANTICORE and RPSL • MANTICORE and the FEDERICA Project

  30. Transit provider We'll take entire internet's routes Client - we only want to see your own network ...but just send you ours ...we'll send you all we've got RPSL: Routing Policy Specification Language davew@byron:~$ whois as1213 aut-num: AS1213 as-name: HEANET import: from AS3549 # Global Crossing action pref=100; accept ANY import: from AS2850 # UCD action pref=50; accept AS2850 export: to AS3549 # Global Crossing announce AS-HEANET export: to AS2850 # UCD [client] announce ANY • Language used to describe the routing policies of an AS. E.g.

  31. IP Network WS Router-WS RPSL in MANTICORE Manage user accounts, get user credentials, authenticate RPSL may be used to let the GUI specify high level routing policies (internal as well as external) to the IP Network WS User Workspace WS GUI client(s) Transforms the routing configuration abstract description in high level operations that will be invoked in the Router WS over one or more virtual resources TDM Resource WS Ethernet Resource WS Transforms the high level operations over one or more virtual resources into specific commands that each particular routing device can understand . . . Represent the physical (ports) or logical interfaces (VLANs, TDM Channels) that users can access. Virtual Resource Services Protocol Y Protocol X Netconf Software router Other vendor device Juniper device • RPSL can be used as a means of describing the external routing policies as well as the IGP configurations (with minor extensions). • These RPSL descriptions can be taken as an input by the IP Network WS and then generate the high level operations to invoke at the Router WS (remember the architecture picture). • Implementation status: RPSL RFCs (2622, RPSL and 4012, RPSLng) have been studied, and some preliminary RPSL descriptions for the MANTICORE use cases have been generated. Not implemented yet due to time constraints.

  32. Other Future Work • Integrate MANTICORE with the other IaaS Framework based network virtualization solutions: • With Argia, product for optical networks (TDM, WDM, Fibre). • With Ether, upcoming product for Ethernet and MPLS networks. • Create drivers for other router vendors • Add more features to the IP Network WS • Allow APN Admins and end users to create new logical interfaces • Provide means of describing more complex routing policies • Other? • Work to be carried out within the FEDERICA project • See next section

  33. Agenda • The MANTICORE Project Vision • MANTICORE Implementation • The IaaS Framework (UCLP Evolution) • User Roles • Software Architecture • How does it work: GUI preview • DEMO at TNC 2008 • Future work: MANTICORE and RPSL • MANTICORE and the FEDERICA Project

  34. FEDERICA e-Infrastructure What: 7thFP project in the area “Capacities - Research Infrastructures” 3.7 MEuro EC contribution, 5.2 ME budget, 20 partners, 461 Person Months When: 1st January 2008 - 30 June 2010 (30 months) Virtualization infrastructure, a “Network Factory” to provide “slices” to researchers in Future Internet, where a slice is a mix of network circuits and computing elements. Built using resources (Gb Ethernet circuits) from GÉANT2 and NRENs as contributions to the project. Open to interconnect other Infrastructures Connected to Internet (through NRENs)

  35. Act as a forum and support for researchers/projects on “Future Internet”. Support of experimental activities to validate theoretical concepts, scenarios, architectures, control and management solutions. Users have full control of their slice • Provide on European scale network and system agnostic e-infrastructure to be deployed in phases. Provide its operation, maintenance and on-demand configuration • Validate and gather experimental information for the next generation of research networking also through basic tool validation • Dissemination and cooperation between NRENs and researchers’ community • Contribution to standards in form of requirements and experience Inscope Out ofscope • Internal extended research, e.g. advanced optical technology • Development and support of Grid applications • Offer rawcomputing power • Offer transit capacity FEDERICA - Goals Summary

  36. MANTICORE Activities inside FEDERICA • Add support for more routers (including software routers) • Interoperability with the IPsphere Framework • The IPsphere Forum has produced the IPsphere Framework spec, which facilitates the creation of multi-stakeholder and multi-technology services. • The interoperability implementation must allow users of IPsphere to compose resources coming from MANTICORE (e.g. Logical routers or IP Networks) into an IPsphere Service. • Add support for virtual machines • Be able to offer a virtual machine as a resource (in a resource list), the same way it is done with the logical router.

  37. Thanks for your attention! More information: • MANTICORE: • Victor Reijs, Network Development Manager, HEAnet Limited (victor.reijs@heanet.ie) • Sergi Figuerola, Coordinator of the Network Technologies Cluster, Fundacio i2cat (sergi.figuerola@i2cat.net) • IaaS Framework: • Inocybe Technologies Inc. http://www.inocybe.ca • IaaS Framework website: http://www.iaasframework.com

More Related