Part2: Lecture 02 Network Virtualization · – Support research without breaking real services!...
77
Part2: Lecture 02 Network Virtualization
Transcript of Part2: Lecture 02 Network Virtualization · – Support research without breaking real services!...
Part2: Lecture 02!Network Virtualization!
Last time?!• Fiber optics!
– Cabling !– Single mode multi mode!– Safety!– Laser classes!
• TDM and DWDM!
• GFP and OTN!
• Attenuation!– Power budgets!– Sensitivity!
Connection provisioning!• What do optical networks do?!
– Provide communication paths between locations!
• How do they do it? By managing:!
– Connection provisioning and connection recovery!!
Where do you put the intelligence?!
Network models!
Management plane
Control plane
Routing plane
Data plane
Application
Network
Transport
Session
Presentation
Data Link
Physical
OSI model
Management plane!
The systems, interfaces, and protocols used to manage the network and its services.!
Management plane
Control plane
Routing plane
Data plane
Control planes!
The logic and hardware required for the physical transfer of data in the network. !
This intelligence is typically realized in the form of various communication protocols. !
Such protocols can be broadly classified into signaling, discovery protocols and routing. !
Management plane
Control plane
Routing plane
Data plane
Data plane!
Management plane
Control plane
Routing plane
Data plane The logic and hardware required for the physical transfer of data in the network. !
Control planes!
Partitions!A network can be partitioned (recursively) in smaller parts:!• Topological partitions!• Control domains!
Control planes can operate:!• Intradomain, within the same control domain;!• Interdomain, to build an unified end-to-end control
architecture across control domains.!
Partitioning:!information exchange!
How do you transfer information between control domains?!
Control plane interfaces !• The User-Network Interface
(UNI)!This is the control interface
between a node in the client network and a node in the optical network.!
!• The Interior Network-
Network Interface (I-NNI)!This is the control interface
between two subnetworks (or nodes) within the same control domain.!
• The Exterior Network-Network (E-NNI)!This is the control interface
between two nodes in different control domains. !
Control plane abstraction!Control functionality can be distinct from the transport functionality,
I.e is not implemented in the devices.!
Control plane functions!Neighbor discovery!
a function whereby a network element automatically determines the details of its connectivity to all its data plane neighbors. Neighbor discovery applies to both the UNI and the NNI.!
!Routing!
Consists of two aspects: automatic topology and resource discovery. !!Signaling !
the syntax and the semantics of communication between control agents in establishing and maintaining connections.!
Local resource management!The representation and accounting of locally available resources controlled by a control agent.!
DCN!DCN - the Data Communication Network - is the infrastructure
used for messaging between control plane agents in the network.!
It is also used to provide connectivity between control plane agents.!
!Communication is packet oriented, most often based on IP (v4 or
v6).!!It can be:!
in-fiber - if the network is associated with the optical data plane!out-of-fiber - if the network is based on a separate network technology (I.e. a
separate IP network)!
Test Time!
Network virtualization!
Ossification of the Internet!Many aspects of networking are ‘set in stone’.!
New protocols are difficult to implement.!Most changes are incremental updates.!There is no service tailored to application needs.!!Research community started in 2005 to think about it:!1. T. Anderson, L. Peterson, S. Shenker, J. Turner, Overcoming the
Internet impasse through virtualization, Computer 38 (4) (2005) 34–41.!
2. J. Turner, D. Taylor, Diversifying the internet, in: Proceedings of the IEEE Global Telecommunications Conference (GLOBECOM’05), vol.2, 2005.!
Network virtualization!A virtual network (VN) is a collection of virtual nodes and virtual links. Essentially, a virtual network is a subset of the underlying physical network resources.!!!!!!!A network environment supporting virtualization allows the coexistence of multiple virtual networks on the same physical substrate.!!
Virtualization in the network!• Decoupling the services provided by a network from the
physical infrastructure!• Virtual network is a “container” of network services, provisioned
by software!• Faithful reproduction of services provided by a physical
network!– Analogy to a VM – complete reproduction of physical machine (CPU,
memory, I/O, etc.)!
Slide courtesy of :!http://www.opennetsummit.org/pdf/2013/presentations/bruce_davie.pdf!
Slide courtesy of :!http://www.opennetsummit.org/pdf/2013/presentations/bruce_davie.pdf!
Why?!1. Sharing the network
– Different controllers for different users/traffic!– Isolation (bandwidth, table space, flow space)!!
2. Abstracting the topology– One big virtual switch!– Many virtual switches to one physical switch!– Arbitrary network topologies!
…while presenting a familiar abstraction!– A network!
Slide courtesy of :!http://www.opennetsummit.org/pdf/2013/presentations/bruce_davie.pdf!
Network sharing!
Virtualized Network Backbone!
Virtualized data center/services!User groups!
Why sharing the network?!• Multiple administrative groups!
– Different departments on a campus!• Multiple customers!
– Tenants in a shared data center!– Researchers on a shared infrastructure!
• Experiments vs. operational network!– Support research without breaking real services!
• Expanding a network’s footprint!– Lease components in another carrier’s network!
• Multiple services or applications in one domain!
Challenges!The network security issues for a shared infrastructure:!!1. Access control!
– Legitimate users need to authenticated and authorized to access the portion of the network/resources they have been assigned;!
!2. Path isolation!
– Mapping of users and resources has to be done effectively to avoid interference!
3. Services!– The right services have to available to the right users!
Why Abstract the Topology?!• Partial deployment!
– Tunnel through components you don’t control!• Simplicity!
– Hide inessential details, churn, migration, …!• Privacy!
– Hide internal details of the network!• Scalability!
– Present a smaller topology and fewer events!• Experimentation!
– Try topologies that don’t really exist!!
Benefits!• Rapid innovation: network services now delivered at software !Speeds!!• New forms of network control: API to NV controller allows creation and
management of virtual networks under software control !
• Snapshot, rollback etc. !
• Vendor choice: decoupled networking services from underlying hardware !
• Simplified programming: expose abstractions that make sense to programmers !
• Simplified operations: network state managed like a VM – provision centrally in SW, snapshot, rollback, etc.!
Network Virtualization History!• Dedicated overlays for incremental deployment!
– Mbone (multicast) and 6bone (IPv6)!• Overlays for improving the network!
– Resilient Overlay Networks (RON)!• Shared experimental testbeds!
– PlanetLab, Emulab, Orbit, …!• Virtualizing the network infrastructure!
– Overcoming Internet impasse through virtualization!– Later testbeds like GENI, VINI, …!
GENI!
Three main components:!!• GENI racks: virtualized
computation and storage resources.!
• Software-defined networks (SDNs): virtualized, programmable network resources.!
• WiMAX: virtualized cellular wireless communication (at selected campuses).!
ExoGENI!
Types of VNE!
Types of VNE!Four main types of VNEs:!- VLANs – Virtual Local Area Networks!- VPNs – Virtual Private Networks!- Overlay Networks!- Active Networks and Programmable Networks!
VLANs !They create a single broadcast domain that groups hosts with a common ‘interest’.!!Pros:!Configured via software they are easy to manage!Provide isolation and are cost effective.!
802.1Q VLAN frame format!type
2-byte Tag Protocol Identifier (value: 81-00)
Tag Control Information (12 bit VLAN ID field, 3 bit priority field like IP TOS)
Recomputed CRC
802.1 frame
802.1Q frame
dest. address
source address data (payload) CRC preamble
dest. address
source address preamble data (payload) CRC
type
VPNs!
Basic VPN component!Customer edges (CEs) are connected to one or more provider edges (PEs).!!A service provider (SP) manages and provisions the VPN:!PPVPN - Provider Provisioned VPN.!!!VPNs can operate at different layers:!• Layer1 VPNs!• Layer2 VPNs!• Layer3 VPNs!• Higher level VPNs!
Know more: Provider Provisioned VPNs terminology RFC 4026 – March 2005
Pause!
Overlay networks!• An overlay network is a virtual network that creates a virtual
topology on top of the physical topology of another network. !
• Nodes in an overlay network are connected through virtual links which correspond to paths in the underlying network. Overlays are typically implemented in the application layer.!
Overlay Network!
• Nodes are connected by logical/virtual links!• Logical Network Layer implemented on top of
the physical network!• Uses different addresses for routing messages!!
Digression into p2p nets!
Architecture!• Unstructured p2p!
No structure for the overlay network.!!
• Structured p2p!
Specific topology that is ‘easy’ search through!
DHTs and p2p!Distributed Hash Table is distributed over the nodes in the P2P network in order to locate content.!!The DHT stores the location (IP address of peer in charge) of the content across the network.!No need for an indexer or central server.!!Notable DHTs:!• Chord!• Pastry!• Tapestry!• Kademlia!
DHT identifiers!In Chord there is an m -bit identifier. Related to an identifier circle.!Given m:!• Assign integer identifier to each peer in range [0,2m-1]!• Require each key to be an integer in same range!!To get integer key, hash original key!
– e.g., key = hash(“Led Zeppelin IV”)!m=2!
0!
1!
2!
3!
Assigning keys to peers!• Assign integer to each peer!• Convert each key to an integer !
• Put (key,value) pair in the peer that is closest to the key!• Given key k the key will be stored at successor(k)!
Closest is the immediate successor of the key (equal or follows).!First node clockwise from k.!!• e.g.,m=4; peers: 1,3,4,5,8,10,12,14; !
– key = 13, then successor peer = 14!– key = 15, then successor peer = 1!
Chord uses SHA-1 hash codes instead of integers!
0001
0011
0100
0101
1000 1010
1100
1111
Who’s responsible for key 1110 ?
I am
O(N) messages!on average to resolve!query, when there!are N peers!
1110
1110
1110
1110
1110
1110
Query!
• Queries for content are passed around the circle.!
Query with shortcuts!
• each peer keeps track of IP addresses of predecessor, successor, short cuts.!
• reduced from 6 to 2 messages.!
1
3
4
5
8 10
12
15
Who’s responsible for key 1110?
VXLAN!
Virtual Extensible LAN.!!• High scalability:!
– From 4096 VLAN ID (12 bits) to 16Millions VNID (VXLAN Network Identifier).!
• Better utilization of network paths relying on L3 routing.!
Interesting that this is supported by software switches too (Open vSwitch)!
!!
VTEPs!VXLAN is a Layer 2 overlay scheme over a Layer 3 network.!It uses VXLAN tunnel endpoint (VTEP) devices to map tenants' end devices to VXLAN segments and to perform VXLAN encapsulation and de-encapsulation.!! !
VXLAN packet format!
It uses MAC Address-in-User Datagram Protocol (MAC-in-UDP).!
How do learn MAC addresses?!
EVPN!
Want to know more? http://blogs.cisco.com/perspectives/a-summary-of-cisco-vxlan-control-planes-multicast-unicast-mp-bgp-evpn-2
Programmable networks!
Programmable networks!• A. T. Campbell, H. G. De Meer, M. E. Kounavis, K. Miki, J. B. Vicente, and D.
Villela, “A survey of programmable networks,” SIGCOMM Comput. Commun. Rev., vol. 29, no. 2, p. 7, Apr. 1999.!
Programmability and virtualization!
• Are programmable networks VNEs?!!Maybe not directly, but programmability can ensure the coexistence of multiple networks.!!The key is to separate the control plane from the data plane:!Control plane à control software!Data planeà the network hardware!
Active networks (I)!Allows packets flowing through the network to modify the network behaviour.!!
Software Defined Networking!
A short intro based on the course of prof. Jennifer Rexford !
http://www.cs.princeton.edu/courses/archive/fall13/cos597E/syllabus.html!
!
59
SDN and Network Virtualization!
SDN and network virtualization!
• Network virtualization != SDN!– Predates SDN!– Doesn’t require SDN!!
• Easier to virtualize an SDN switch!– Run separate controller per virtual network!– Partition the space of all flows!– Leverage open interface to the hardware!
Software Defined Networks!control plane: distributed algorithms!data plane: packet processing!
decouple control and data planes!!
Software Defined Networks!
decouple control and data planes!by providing open standard API!
Software Defined Networks!
(Logically) Centralized Controller!Controller Platform
Protocols è Applications!Controller Platform Controller Application
Seamless Mobility!• See host sending traffic at new location!• Modify rules to reroute the traffic!
Server Load Balancing!• Pre-install load-balancing policy!• Split traffic based on source IP!
src=0*, dst=1.2.3.4
src=1*, dst=1.2.3.4
10.0.0.1
10.0.0.2
Example SDN Applications!• Seamless mobility and migration!• Server load balancing!• Dynamic access control!• Using multiple wireless access points!• Energy-efficient networking!• Adaptive traffic monitoring!• Denial-of-Service attack detection!• Network virtualization!
See http://www.openflow.org/videos/
Entire backbone runs on SDN
A Major Trend in Networking!
Bought for $1.2 x 109 (mostly cash)
Simple, Open Data-Plane API!• Prioritized list of rules!
– Pattern: match packet header bits!– Actions: drop, forward, modify, send to controller !– Priority: disambiguate overlapping patterns!– Counters: #bytes and #packets!
1. src=1.2.*.*, dest=3.4.5.* à drop 2. src = *.*.*.*, dest=3.4.*.* à forward(2) 3. src=10.1.2.3, dest=*.*.*.* à send to controller
NVF!• Network
Function Virtualization!
Moving networking functionalities outside the network nodes or in virtual network devices.!!
SDN vs NFV (I)!
SDN vs NFV (II)!
SDN vs NFV (III)!
Literature!
Chapter 27 – Network and Information Infrastructure Virtualization!
Chapter 5 – Modern Optical Control Planes!
Towards a diversified internet !by Turner et al.!!!A survey of network virtualization by Chowdhuri et al.!!
Home reading!
For the test on Mar 09 read:!“MPLS: The magic behind the myth”!
by G. Armitage!
