Network in the Cloud: a Map-and-Encap Approach
Size: px
Start display at page:

Download "Network in the Cloud: a Map-and-Encap Approach"

Transcription

1 Network in the Cloud: a Map-and-Encap Approach Damien Saucez Wassim Haddad Inria Ericsson IEEE CloudNet 12

2 Enterprise network www ISP1 SOHO ISP2 Internet 2

3 Enterprise network (contd.) Survey on 57 enterprise networks [19] Sherry et al Making middleboxes someone else's problem: network processing as a cloud service, Sigcomm 12 3

4 Motivation Observation: digital communications are essential for enterprises Problem: fast, secure, and reliable Internet connectivity is expensive high OPEX high CAPEX Solution: outsource network operations and services to reduce costs supported by enterprises 4

5 Why not moving the infrastructure in the Cloud? The concept exists [1,19], some call it Network-as-a-Services... gives tenants access to network infrastructure in the Cloud to implement custom forwarding decisions [1]... but the lack of a simple and cheap technology to redirect traffic to the Cloud limits its deployment 5

6 Requirements for a -enabler protocol We need a protocol able to divert packets to/from providers that has unified control-plane and data-plane is available in today s equipment can be deployed in the current Internet has simple of maintenance and operation can support highly dynamic changes APLOMB [19] could do it, but relies on home made protocol LISP is the perfect protocol candidate relies on the map-and-encap principle 6

7 Locator/Identifier Separation Protocol (LISP) Split the IP address space in two at the border routers Endpoint IDentifiers (EID) identify end-systems and edge routers non-globally routable end systems in a site share the same EID prefix Routing LOCators (RLOC) attached to core routers (router interfaces) globally routable Use Map-and-Encap to glue the two spaces 7

8 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR ITR AS3 AS1 2001:DB8A::/56 ITR /8 2001:DB8A::beef 8

9 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR ITR AS3 dst: cafe 2001:DB8A::beef AS1 2001:DB8A::/56 8 ITR /8

10 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR ITR dst: cafe AS1 2001:DB8A::/56 ITR AS3 2/8 2001:DB8A::beef 8

11 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR Map-Request: 2001:DB8B::cafe? ITR dst: cafe AS1 2001:DB8A::/56 ITR AS3 2/8 2001:DB8A::beef 8

12 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR Map-Reply: 2001:DB8B::/ % % ITR dst: cafe AS1 2001:DB8A::/56 ITR AS3 2/8 2001:DB8A::beef 8

13 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR / dst: cafe ITR AS1 2001:DB8A::/56 ITR AS3 2/8 2001:DB8A::beef 8

14 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ dst: cafe ETR :DB8B::cafe AS5 2001:DB8B::/56 ETR ITR AS3 AS1 2001:DB8A::/56 ITR /8 2001:DB8A::beef 8

15 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 dst: cafe 2001:DB8B::/56 ETR ITR AS3 AS1 2001:DB8A::/56 ITR /8 2001:DB8A::beef 8

16 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR dst: cafe ITR AS3 AS1 2001:DB8A::/56 ITR /8 2001:DB8A::beef 8

17 Moving packets in the Cloud with LISP 9

18 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router

19 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router

20 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router

21 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router

22 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router

23 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router

24 From the Internet Mapping System ISP1 ISP2 Internet 11 LISP router

25 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router

26 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router

27 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router

28 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router

29 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router

30 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router

31 Chaining security VPN Audit LISP router 12

32 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit LISP router 12

33 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit LISP router 12

34 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: LISP router 12

35 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: LISP router 12

36 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: LISP router 12

37 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 LISP router 12

38 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 LISP router 12

39 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 LISP router 12

40 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 LISP router 12

41 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 instance-id: 0x3 LISP router 12

42 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 instance-id: 0x3 LISP router 12

43 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 instance-id: 0x3 instance-id: 0x4 LISP router 12

44 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 instance-id: 0x3 instance-id: 0x4 LISP router 12

45 Summary Maintaining fast, secure, and reliable Internet connectivity is expensive for enterprises Moving network infrastructure to the Cloud (i.e., Network-as-a-Service) reduces costs LISP is an enabler for 13

46 Network in the Cloud: a Map-and-Encap Approach Damien Saucez Wassim Haddad Inria Ericsson IEEE CloudNet 12

47 Backup 15

48 Outsourcing Outsource: obtain (goods or a service) by contract from an outside supplier [20] Network management is often outsourced to external enterprises to reduce OPEX but devices still have to be deployed locally High level services (e.g., web server, s) are frequently outsourced to the Cloud but low-level services (e.g., firewall, IDS) are not 16 [20] Oxford dictionary

Similar documents

Locator/ID Separation Protocol (LISP)

Locator/ID Separation Protocol (LISP) Locator/ID Separation Protocol (LISP) Damien Saucez* INRIA Sophia Antipolis FRNOG 18, December 2 th, 2011 * special thanks to Olivier Bonaventure, Luigi Iannone and Dino Farinacci Disclaimer Not a vendor

More information

LISP-Click. D. Saucez, V. N. Nguyen and O. Bonaventure. Université catholique de Louvain.

LISP-Click. D. Saucez, V. N. Nguyen and O. Bonaventure. Université catholique de Louvain. LISP-Click D. Saucez, V. N. Nguyen and O. Bonaventure Université catholique de Louvain http://inl.info.ucl.ac.be A Click implementation of the Locator/ID Separation Protocol 2 The Internet is Broken! 3

More information

Locator ID Separation Protocol (LISP) Overview

Locator ID Separation Protocol (LISP) Overview Locator ID Separation Protocol (LISP) is a network architecture and protocol that implements the use of two namespaces instead of a single IP address: Endpoint identifiers (EIDs) assigned to end hosts.

More information

Internet of the future. Master ESTEL - March 17 th 2014

Internet of the future. Master ESTEL - March 17 th 2014 Internet of the future Master ESTEL - March 17 th 2014 Contact information Damien Saucez Email: damien.saucez@inria.fr Mobile: +32 497 19.34.83 Phone: +33 4 89.73.24.18 2 Internet today 3 Internet Protocol

More information

LISP: Intro and Update

LISP: Intro and Update LISP: Intro and Update RIPE Berlin May, 2008 Vince Fuller (for Dino, Dave, Darrel, et al) http://www.vaf.net/prezos/lisp-ripe-short.pdf Agenda What is LISP? What problem is LISP solving? www.vaf.net/prezos/rrg-prague.pdf

More information

Making Middleboxes Someone Else s Problem: Network Processing as a Cloud Service

Making Middleboxes Someone Else s Problem: Network Processing as a Cloud Service Making Middleboxes Someone Else s Problem: Network Processing as a Cloud Service Justine Sherry*, Shaddi Hasan*, Colin Scott*, Arvind Krishnamurthy, Sylvia Ratnasamy*, and Vyas Sekar * Typical Enterprise

More information

Evaluating the Benefits of the Locator/Identifier Separation

Evaluating the Benefits of the Locator/Identifier Separation Evaluating the Benefits of the Locator/Identifier Separation Bruno Quoitin IP Networking Lab Computer Science and Engineering Dept. Université catholique de Louvain, Belgium (bruno.quoitin@uclouvain.be)

More information

APT: A Practical Transit-Mapping Service Overview and Comparisons

APT: A Practical Transit-Mapping Service Overview and Comparisons APT: A Practical Transit-Mapping Service Overview and Comparisons draft-jen-apt Dan Jen, Michael Meisel, Dan Massey, Lan Wang, Beichuan Zhang, and Lixia Zhang The Big Picture APT is similar to LISP at

More information

IP Routing: LISP Configuration Guide, Cisco IOS Release 15M&T

IP Routing: LISP Configuration Guide, Cisco IOS Release 15M&T First Published: 2012-07-27 Last Modified: 2013-03-29 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)

More information

Enterprise IPv6 Transition Strategy

Enterprise IPv6 Transition Strategy Abstract Government mandates, e-business and Internet growth requirements, and impending IPv4 address exhaustion concerns are prompting many enterprises to begin implementing an IPv6 transition strategy.

More information

15-744: Computer Networking. Middleboxes and NFV

15-744: Computer Networking. Middleboxes and NFV 15-744: Computer Networking Middleboxes and NFV Middleboxes and NFV Overview of NFV Challenge of middleboxes Middlebox consolidation Outsourcing middlebox functionality Readings: Network Functions Virtualization

More information

LISP Router IPv6 Configuration Commands

LISP Router IPv6 Configuration Commands ipv6 alt-vrf, page 2 ipv6 etr, page 4 ipv6 etr accept-map-request-mapping, page 6 ipv6 etr map-cache-ttl, page 8 ipv6 etr map-server, page 10 ipv6 itr, page 13 ipv6 itr map-resolver, page 15 ipv6 map-cache-limit,

More information

LISP: What and Why. RIPE Berlin May, Vince Fuller (for Dino, Dave, Darrel, et al)

LISP: What and Why. RIPE Berlin May, Vince Fuller (for Dino, Dave, Darrel, et al) LISP: What and Why RIPE Berlin May, 2008 Vince Fuller (for Dino, Dave, Darrel, et al) http://www.vaf.net/prezos/lisp-ripe-long.pdf Agenda What is the problem? What is LISP? Why Locator/ID Separation? Data

More information

IP Mobility Design Considerations

IP Mobility Design Considerations CHAPTER 4 The Cisco Locator/ID Separation Protocol Technology in extended subnet mode with OTV L2 extension on the Cloud Services Router (CSR1000V) will be utilized in this DRaaS 2.0 System. This provides

More information

LISP Generalized SMR

LISP Generalized SMR The feature enables LISP xtr (ITR and ETR) to update map cache when there is a change in database mapping. Note There is no configuration commands for this feature. This feature is turned on automatically.

More information

LISP (Locator/Identifier Separation Protocol)

LISP (Locator/Identifier Separation Protocol) LISP (Locator/Identifier Separation Protocol) Damien Saucez* June 28 th, 2010 http://inl.info.ucl.ac.be *Thanks to Olivier Bonaventure and Pierre François Department of Computing Science and Engineering

More information

Cisco IOS LISP Application Note Series: Lab Testing Guide

Cisco IOS LISP Application Note Series: Lab Testing Guide Cisco IOS LISP Application Note Series: Lab Testing Guide Version 3.0 (28 April 2011) Background The LISP Application Note Series provides targeted information that focuses on the integration configuration

More information

LISP Locator/ID Separation Protocol

LISP Locator/ID Separation Protocol LISP Locator/ID Separation Protocol Hernán Contreras G. Consulting Systems Engineer hcontrer@cisco.com LISP Next Gen Routing Architecture Locator-ID Separation Protocol (LISP) Elevator Pitch LISP is a

More information

Cisco IOS LISP Application Note Series: Access Control Lists

Cisco IOS LISP Application Note Series: Access Control Lists Cisco IOS LISP Application Note Series: Access Control Lists Version 1.1 (28 April 2011) Background The LISP Application Note Series provides targeted information that focuses on the integration and configuration

More information

Integration of LISP and LISP-MN in INET

Integration of LISP and LISP-MN in INET Institute of Computer Science Chair of Communication Networks Prof. Dr.-Ing. P. Tran-Gia, Matthias Hartmann (University of Wuerzburg, Germany) Michael Höfling, Michael Menth (University of Tuebingen, Germany)

More information

Lecture 7 Advanced Networking Virtual LAN. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Lecture 7 Advanced Networking Virtual LAN. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Lecture 7 Advanced Networking Virtual LAN Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Advanced Networking Scenario: Data Center Network Single Multiple, interconnected via Internet

More information

APT Incremental Deployment

APT Incremental Deployment APT Incremental Deployment Dan Jen, Michael Meisel, Daniel Massey, Lan Wang, Beichuan Zhang, Lixia Zhang http://www.cs.ucla.edu/~meisel/draft-apt-incremental-00.txt 1 Why This Talk Incrememtal deployability

More information

INTRODUCTION 2 DOCUMENT USE PREREQUISITES 2

INTRODUCTION 2 DOCUMENT USE PREREQUISITES 2 Table of Contents INTRODUCTION 2 DOCUMENT USE PREREQUISITES 2 LISP MOBILITY MODES OF OPERATION/CONSUMPTION SCENARIOS 3 LISP SINGLE HOP SCENARIO 3 LISP MULTI- HOP SCENARIO 3 LISP IGP ASSIT MODE 4 LISP INTEGRATION

More information

DNA SA Border Node Support

DNA SA Border Node Support Digital Network Architecture (DNA) Security Access (SA) is an Enterprise architecture that brings together multiple building blocks needed for a programmable, secure, and highly automated fabric. Secure

More information

SCION: A Secure Internet Architecture Samuel Hitz CTO Anapaya Systems ETH Zurich

SCION: A Secure Internet Architecture Samuel Hitz CTO Anapaya Systems ETH Zurich SCION: A Secure Internet Architecture Samuel Hitz CTO Anapaya Systems ETH Zurich March 2019 Internet: The network of networks The Internet is a network of Autonomous Systems (ASes). Each AS is itself a

More information

Stability and Consistency of the LISP Pull Routing Architecture

Stability and Consistency of the LISP Pull Routing Architecture Stability and Consistency of the LISP Pull Routing Architecture Yue Li, Damien Saucez, Luigi Iannone, Benoit Donnet Telecom ParisTech France Université Côte d Azur, Inria France Université de Liège, Montefiore

More information

FIRMS: a Future InteRnet Mapping System

FIRMS: a Future InteRnet Mapping System Institute of Computer Science Department of Distributed Systems Prof. Dr.-Ing. P. Tran-Gia FIRMS: a Future InteRnet Mapping System Michael Menth, Matthias Hartmann, Michael Höfling Overview The FIRMS architecture

More information

On the Dynamics of Locators in LISP

On the Dynamics of Locators in LISP On the Dynamics of Locators in LISP Damien Saucez 1 and Benoit Donnet 2 1 INRIA, Sophia Antipolis, France 2 Université deliège, Liège, Belgium Abstract. In the Internet, IP addresses play the dual role

More information

LISP: A NOVEL APPROACH FOR FUTURE ATN/IPS

LISP: A NOVEL APPROACH FOR FUTURE ATN/IPS LISP: A NOVEL APPROACH FOR FUTURE ATN/IPS Bernhard Haindl, Manfred Lindner, Wolfgang Kampichler ICAO Meeting 07/2014 2014-07-15 HAINDL Bernhard Trends / Requirements For Future Networks Multihoming / Availability

More information

Future Routing and Addressing Models

Future Routing and Addressing Models Future Routing and Addressing Models Rob Evans JANET(UK) The JNT Association 2008 Networkshop 36 1 If it ain't broke... BGP is the inter-domain protocol of choice. Not that there's much choice. Carries

More information

Business Strategy Theatre

Business Strategy Theatre Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:

More information

TLEN 5710 Capstone. Final Paper. Date 4/25/2014. Defining a Routing Architecture for Multi-Tenant Virtual Data Centers to support Host.

TLEN 5710 Capstone. Final Paper. Date 4/25/2014. Defining a Routing Architecture for Multi-Tenant Virtual Data Centers to support Host. TLEN 5710 Capstone Final Paper Date 4/25/2014 Defining a Routing Architecture for Multi-Tenant Virtual Data Centers to support Host Migration Members - Amit Kolekar, Ebin George, Deepak Pishe, Dipesh Rathod

More information

Interdomain Traffic Engineering in a Locator/Identifier Separation Context

Interdomain Traffic Engineering in a Locator/Identifier Separation Context 1 Interdomain Traffic Engineering in a Locator/Identifier Separation Context Damien Saucez, Benoit Donnet, Luigi Iannone, Olivier Bonaventure Université catholique de Louvain, Belgium Abstract The Routing

More information

LISP: A Level of Indirection for Routing

LISP: A Level of Indirection for Routing LISP: A Level of Indirection for Routing ESCC/Internet2 Joint Techs Workshop University of Hawaii January 20-24, 2008 David Meyer & A Cast of 1000s (Vince Fuller, Darrel Lewis, Eliot Lear, Scott Brim,

More information

Embark: Securely Outsourcing Middleboxes to the Cloud

Embark: Securely Outsourcing Middleboxes to the Cloud Embark: Securely Outsourcing Middleboxes to the Cloud Chang Lan, Justine Sherry, Raluca Ada Popa, Sylvia Ratnasamy, Zhi Liu UC Berkeley Tsinghua University 1 Background Middleboxes are prevalent and problematic

More information

LISP. - innovative mobility w/ Cisco Architectures. Gerd Pflueger Consulting Systems Engineer Central Europe Version 0.

LISP. - innovative mobility w/ Cisco Architectures. Gerd Pflueger Consulting Systems Engineer Central Europe Version 0. Version 0.2 22 March 2012 LISP - innovative mobility w/ Cisco Architectures Gerd Pflueger Consulting Systems Engineer Central Europe gerd@cisco.com 2012 Cisco and/or its affiliates. All rights reserved.

More information

ICN IDENTIFIER / LOCATOR. Marc Mosko Palo Alto Research Center ICNRG Interim Meeting (Berlin, 2016)

ICN IDENTIFIER / LOCATOR. Marc Mosko Palo Alto Research Center ICNRG Interim Meeting (Berlin, 2016) ICN IDENTIFIER / LOCATOR Marc Mosko Palo Alto Research Center ICNRG Interim Meeting (Berlin, 2016) 1 A brief review of ID/Locators in IETF It s long, and we ll skim over it Then we discuss the CCNx & NDN

More information

Internet Engineering Task Force (IETF) Request for Comments: Cisco Systems January 2013

Internet Engineering Task Force (IETF) Request for Comments: Cisco Systems January 2013 Internet Engineering Task Force (IETF) Request for Comments: 6831 Category: Experimental ISSN: 2070-1721 D. Farinacci D. Meyer J. Zwiebel S. Venaas Cisco Systems January 2013 The Locator/ID Separation

More information

Validation of a LISP Simulator

Validation of a LISP Simulator Validation of a LISP Simulator Albert Cabellos-Aparicio, Jordi Domingo-Pascual Technical University of Catalonia Barcelona, Spain Damien Saucez, Olivier Bonaventure Université catholique de Louvain Louvain-La-Neuve,

More information

NewNet Cross-Pollination Meeting

NewNet Cross-Pollination Meeting NewNet Cross-Pollination Meeting Département INFRES 1 What this talk is not about... UDP/4672 (5.55%) UDP/33410 (4.83%) TCP/445 (4.13%) UDP/59230 (3.72%) UDP/22802 (3.54%) UDP/16630 (2.93%) UDP/3283 (6.12%)

More information

Internet Engineering Task Force (IETF) Category: Experimental ISSN: D. Meyer D. Lewis. Cisco Systems. January 2013

Internet Engineering Task Force (IETF) Category: Experimental ISSN: D. Meyer D. Lewis. Cisco Systems. January 2013 Internet Engineering Task Force (IETF) Request for Comments: 6830 Category: Experimental ISSN: 2070-1721 D. Farinacci Cisco Systems V. Fuller D. Meyer D. Lewis Cisco Systems January 2013 The Locator/ID

More information

LISP Mobile-Node. draft-meyer-lisp-mn-05.txt. Chris White, Darrel Lewis, Dave Meyer, Dino Farinacci cisco Systems

LISP Mobile-Node. draft-meyer-lisp-mn-05.txt. Chris White, Darrel Lewis, Dave Meyer, Dino Farinacci cisco Systems LISP Mobile-Node draft-meyer-lisp-mn-05.txt Chris White, Darrel Lewis, Dave Meyer, Dino Farinacci cisco Systems EID: dino@cisco.com RLOC: IRTF MobOpts Quebec City July 28 2011 What if... A mobile device

More information

Membership test for Mapping Information optimization draft-flinck-lisp-membertest-00

Membership test for Mapping Information optimization draft-flinck-lisp-membertest-00 Membership test for Mapping Information optimization draft-flinck-lisp-membertest-00 1 Nokia Siemens Networks HFl / 18.3.2010 The problem we are addressing If an Ingress Tunnel Router acting as a gateway

More information

Internet Engineering Task Force (IETF) Category: Experimental. O. Bonaventure Universite catholique de Louvain January 2013

Internet Engineering Task Force (IETF) Category: Experimental. O. Bonaventure Universite catholique de Louvain January 2013 Internet Engineering Task Force (IETF) Request for Comments: 6834 Category: Experimental ISSN: 2070-1721 L. Iannone Telecom ParisTech D. Saucez INRIA Sophia Antipolis O. Bonaventure Universite catholique

More information

LISP Parallel Model Virtualization

LISP Parallel Model Virtualization Finding Feature Information, page 1 Information About, page 1 How to Configure, page 6 Configuration Examples for, page 24 Additional References, page 25 Feature Information for, page 26 Finding Feature

More information

Network Function Virtualization (NFV)

Network Function Virtualization (NFV) Network Function Virtualization (NFV) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ References 1. R. Mijumbi et al., Network Function Virtualization:

More information

LISP A Next-Generation Networking Architecture

LISP A Next-Generation Networking Architecture LISP A Next-Generation Networking Architecture LISP Disjointed RLOC Space Technical Details Version 0.8 30 October 2013 LISP Disjointed RLOC Space Details Agenda LISP Disjointed RLOC Space Technical Details

More information

LISP Multicast. Finding Feature Information. Prerequisites for LISP Multicast

LISP Multicast. Finding Feature Information. Prerequisites for LISP Multicast The feature introduces support for carrying multicast traffic over a Locator ID Separation Protocol (LISP) overlay. This support currently allows for unicast transport of multicast traffic with head-end

More information

Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services)

Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) 1 Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) Vyas Sekar vnfo joint with Seyed Fayazbakhsh, Mike Reiter VRA joint with Chen Chen, Petros Mania9s,

More information

TTL Propagate Disable and Site-ID Qualification

TTL Propagate Disable and Site-ID Qualification The TTL Propagate Disable feature supports disabling of the TTL (Time-To-Live) propagation for implementing the traceroute tool in a LISP network when RLOC and EID belong to different address-family. The

More information

Network function virtualization

Network function virtualization Network function virtualization Ankit Singla ETH Zürich Spring 2017 News from SIGCOMM 2017 36 papers (out of 250 submissions) On every topic we covered / will cover 2 papers from ETH! 2 An update Beyond

More information

GETVPN+LISP Lab Guide

GETVPN+LISP Lab Guide GETVPN+LISP Lab Guide Developers and Lab Proctors This lab was created by: Gregg Schudel, TME LISP Development Team Version 1.0: Created by Gregg Schudel Lab proctor: Gregg Schudel (gschudel@cisco.com)

More information

Mobility and Virtualization in the Data Center with LISP and OTV

Mobility and Virtualization in the Data Center with LISP and OTV Cisco Expo 2012 Mobility and Virtualization in the Data Center with LISP and OTV Tech DC2 Martin Diviš Cisco, CSE, mdivis@cisco.com Cisco Expo 2012 Cisco and/or its affiliates. All rights reserved. 1 Twitter

More information

IPsec VPN. Quick Guide 3/19/ EarthLink. Trademarks are property of their respective owners. All rights reserved.

IPsec VPN. Quick Guide 3/19/ EarthLink. Trademarks are property of their respective owners. All rights reserved. IPsec VPN Quick Guide 3/19/15 2014 EarthLink. Trademarks are property of their respective owners. All rights reserved. 2 IPsec VPN Customers Business Challenges Bandwidth constrained Improving the customer

More information

Request for Comments: 8112 Category: Informational. I. Kouvelas Arista D. Lewis Cisco Systems May 2017

Request for Comments: 8112 Category: Informational. I. Kouvelas Arista D. Lewis Cisco Systems May 2017 Independent Submission Request for Comments: 8112 Category: Informational ISSN: 2070-1721 D. Farinacci lispers.net A. Jain Juniper Networks I. Kouvelas Arista D. Lewis Cisco Systems May 2017 Locator/ID

More information

HAIR: Hierarchical Architecture for Internet Routing

HAIR: Hierarchical Architecture for Internet Routing HAIR: Hierarchical Architecture for Internet Routing Re-Architecting the Internet ReArch 09 Wolfgang Mühlbauer ETH Zürich / TU Berlin wolfgang.muehlbauer@tik.ee.ethz.ch Anja Feldmann Luca Cittadini Randy

More information

2015 Spring Technical Forum Proceedings

2015 Spring Technical Forum Proceedings Approaches for IPv4 as a Service Brian Field Ph.D. Comcast Abstract IPv6 has been gaining traction both as a necessary service provider technology and as an increasing carrier of Internet traffic. Within

More information

Mobility and Virtualization in the Data Center with LISP and OTV

Mobility and Virtualization in the Data Center with LISP and OTV Mobility and Virtualization in the Data Center with LISP and OTV Agenda Mobility and Virtualization in the Data Center Introduction to LISP LISP Data Center Use Cases LAN Extensions: OTV LISP + OTV Deployment

More information

Core of Multicast VPNs: Rationale for Using mldp in the MVPN Core

Core of Multicast VPNs: Rationale for Using mldp in the MVPN Core Core of Multicast VPNs: Rationale for Using mldp in the MVPN Core Exploring Suitability of Using mldp Versus P2MP RSVP-TE in the MVPN Core Multicast Virtual Private Network (MVPN) is a popular technology

More information

A configuration-only approach to shrinking FIBs. Prof Paul Francis (Cornell)

A configuration-only approach to shrinking FIBs. Prof Paul Francis (Cornell) A configuration-only approach to shrinking FIBs Prof Paul Francis (Cornell) 1 Virtual Aggregation An approach to shrinking FIBs (and RIBs) In routers, not in route reflectors Works with legacy routers

More information

Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade

Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade fkoelmel@broc 10/28/2013 2 2012 Brocade Communications Systems, Inc. Proprietary Information ETHERNET FABRICS

More information

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13

Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q&A Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q. What is the Cisco Cloud Services Router 1000V? A. The Cisco Cloud Services Router 1000V (CSR 1000V) is a router in virtual

More information

Deploying LISP Host Mobility with an Extended Subnet

Deploying LISP Host Mobility with an Extended Subnet CHAPTER 4 Deploying LISP Host Mobility with an Extended Subnet Figure 4-1 shows the Enterprise datacenter deployment topology where the 10.17.1.0/24 subnet in VLAN 1301 is extended between the West and

More information

SDN Use-Cases. internet exchange, home networks. TELE4642: Week8. Materials from Prof. Nick Feamster is gratefully acknowledged

SDN Use-Cases. internet exchange, home networks. TELE4642: Week8. Materials from Prof. Nick Feamster is gratefully acknowledged SDN Use-Cases internet exchange, home networks TELE4642: Week8 Materials from Prof. Nick Feamster is gratefully acknowledged Overview n SDX: A Software-Defined Internet Exchange n SDN-enabled Home Networks

More information

TBGP: A more scalable and functional BGP. Paul Francis Jan. 2004

TBGP: A more scalable and functional BGP. Paul Francis Jan. 2004 TBGP: A more scalable and functional BGP Paul Francis Jan. 2004 BGP: Border Gateway Protocol BGP is the top-level routing protocol in the Internet It holds the Internet together BGP allows routers to tell

More information

EIGRP Over the Top. Finding Feature Information. Information About EIGRP Over the Top. EIGRP Over the Top Overview

EIGRP Over the Top. Finding Feature Information. Information About EIGRP Over the Top. EIGRP Over the Top Overview The feature enables a single end-to-end routing domain between two or more Enhanced Interior Gateway Routing Protocol (EIGRP) sites that are connected using a private or a public WAN connection. This module

More information

AN OPEN CONTROL-PLANE IMPLEMENTATION FOR LISP NETWORKS

AN OPEN CONTROL-PLANE IMPLEMENTATION FOR LISP NETWORKS Proceedings of IC-NIDC2012 AN OPEN CONTROL-PLANE IMPLEMENTATION FOR LISP NETWORKS Dung Phung Chi (1,2), Stefano Secci (2), Guy Pujolle (2), Patrick Raad (3), Pascal Gallard (3) (1) VNU, Hanoi, Vietnam,

More information

Software Defined Networking

Software Defined Networking Software Defined Networking Daniel Zappala CS 460 Computer Networking Brigham Young University Proliferation of Middleboxes 2/16 a router that manipulatees traffic rather than just forwarding it NAT rewrite

More information

SENSS: Software-defined Security Service

SENSS: Software-defined Security Service SENSS: Software-defined Security Service Minlan Yu University of Southern California Joint work with Abdulla Alwabel, Ying Zhang, Jelena Mirkovic 1 Growing DDoS Attacks Average monthly size of DDoS attacks

More information

LISP-TREE: A DNS Hierarchy to Support the LISP Mapping System

LISP-TREE: A DNS Hierarchy to Support the LISP Mapping System 1 LISP-TREE: A DNS Hierarchy to Support the LISP Mapping System Loránd Jakab, Albert Cabellos-Aparicio, Florin Coras, Damien Saucez, and Olivier Bonaventure Abstract During the last years, some operators

More information

Multicast Overlay Models & Mechanisms

Multicast Overlay Models & Mechanisms Multicast Overlay Models & Mechanisms Orlando IETF March 2013 Dino Farinacci farinacci@gmail.com!1 Agenda - Multicast Delivery Models Multicast-over-Unicast (MBONE) Multicast Native Virtualizing Multicast

More information

Understanding the Evolving Internet

Understanding the Evolving Internet Understanding the Evolving Internet Ram Durairajan Assistant Professor, Computer and Information Science Co-director, Oregon Networking Research Group University of Oregon 0 Internet is a complex system

More information

NETWORK VIRTUALIZATION IN THE HOME Chris Donley CableLabs

NETWORK VIRTUALIZATION IN THE HOME Chris Donley CableLabs NETWORK VIRTUALIZATION IN THE HOME Chris Donley CableLabs Abstract Networks are becoming virtualized. While there has been significant focus on virtualization in core and data center networks, network

More information

Cisco Nexus 7000 Series NX-OS LISP Command Reference

Cisco Nexus 7000 Series NX-OS LISP Command Reference First Published: 2016-11-24 Last Modified: -- Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax:

More information

Campus Fabric. How To Integrate With Your Existing Networks. Kedar Karmarkar - Technical Leader BRKCRS-2801

Campus Fabric. How To Integrate With Your Existing Networks. Kedar Karmarkar - Technical Leader BRKCRS-2801 Campus Fabric How To Integrate With Your Existing Networks Kedar Karmarkar - Technical Leader Campus Fabric Abstract Is your Campus network facing some, or all, of these challenges? Host Mobility (w/o

More information

Benefits of SD-WAN to the Distributed Enterprise

Benefits of SD-WAN to the Distributed Enterprise WHITE PAPER Benefits of SD-WAN to the Distributed Enterprise 1 B enefits of SD-WAN to the Distributed Enterprise Branch Networking Today More Bandwidth, More Complexity Branch or remote office network

More information

Location ID Separation Protocol. Gregory Johnson -

Location ID Separation Protocol. Gregory Johnson - Location ID Separation Protocol Gregory Johnson - grjohnso@cisco.com LISP - Agenda LISP Overview LISP Operations LISP Use Cases LISP Status (Standards and in the Community) Summary 2 LISP Overview 2010

More information

MPLS vs SDWAN.

MPLS vs SDWAN. MPLS vs SDWAN MPLS MPLS It offers excellent QoS when it comes to avoiding packet loss and keeping a business s most important traffic flowing. This reliability is especially essential to maintain the quality

More information

SDN TO BE OR NOT TO BE. Uwe Richter SE Director Russia/CIS, East and South East Europe

SDN TO BE OR NOT TO BE. Uwe Richter SE Director Russia/CIS, East and South East Europe SDN TO BE OR NOT TO BE Uwe Richter SE Director Russia/CIS, East and South East Europe uwe@juniper.net FUNDAMENTAL PROBLEMS TO SOLVE Want more innovation in networking Want it more quickly too Want more

More information

VNF Chain Allocation and Management at Data Center Scale

VNF Chain Allocation and Management at Data Center Scale VNF Chain Allocation and Management at Data Center Scale Internet Cloud Provider Tenants Nodir Kodirov, Sam Bayless, Fabian Ruffy, Ivan Beschastnikh, Holger Hoos, Alan Hu Network Functions (NF) are useful

More information

Cisco 4000 Series Integrated Services Routers: Architecture for Branch-Office Agility

Cisco 4000 Series Integrated Services Routers: Architecture for Branch-Office Agility White Paper Cisco 4000 Series Integrated Services Routers: Architecture for Branch-Office Agility The Cisco 4000 Series Integrated Services Routers (ISRs) are designed for distributed organizations with

More information

Cisco ISR G2 Management Overview

Cisco ISR G2 Management Overview Cisco ISR G2 Management Overview Introduction The new Cisco Integrated Services Routers Generation 2 (ISR G2) Family of routers delivers the borderless network that can transform the branch office and

More information

Service Insertion with ACI using F5 iworkflow

Service Insertion with ACI using F5 iworkflow Service Insertion with ACI using F5 iworkflow Gert Wolfis F5 EMEA Cloud SE October 2016 Agenda F5 and Cisco ACI Joint Solution Cisco ACI L4 L7 Service Insertion Overview F5 and Cisco ACI Integration Models

More information

Introduction. Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution

Introduction. Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution Introduction Service providers and IT departments of every type are seeking

More information

Data Center Virtualization: VirtualWire

Data Center Virtualization: VirtualWire Data Center Virtualization: VirtualWire Hakim Weatherspoon Assistant Professor, Dept of Computer Science CS 5413: High Performance Systems and Networking November 21, 2014 Slides from USENIX Workshop on

More information

LISP ELP Probing to Enhance LISP Traffic Engineering

LISP ELP Probing to Enhance LISP Traffic Engineering LISP ELP Probing to Enhance LISP Traffic Engineering draft-filyurin-lisp-elp-probing-00.txt Dino Farinacci (farinacci@gmail.com) Truman Boyes (tboyes@bloomberg.net) Robet Raszuk (rraszuk@bloomberg.net)

More information

Citrix Workspace. Lausanne Laurent Strauss Christophe Beaugrand

Citrix Workspace. Lausanne Laurent Strauss Christophe Beaugrand Workspace Lausanne 09.03.2017 Laurent Strauss Christophe Beaugrand WorkspaceSuite Improve employee productivity Deliver a high performance user experience Empower entire workforce Secure enterprise content

More information

Cisco Nexus 7000 Series NX-OS LISP Configuration Guide

Cisco Nexus 7000 Series NX-OS LISP Configuration Guide First Published: 2011-10-25 Last Modified: 2014-04-25 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)

More information

OPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT

OPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT OPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT sdn-and-nfv-technical---georgia-tech---sep-2013---v2 Bruno Rijsman, Distinguished Engineer 24 September 2013 Use Cases 2 Copyright 2013 Juniper Networks,

More information

Customer IPv6 Delivery

Customer IPv6 Delivery Customer IPv6 Delivery The Nextgen Experience Chris Chaundy, Nextgen Networks October 2011 Agenda Nextgen Network s strategy Just get a prefix and turn it on!?!? Scope of the project Hardware considerations

More information

Internet Engineering Task Force (IETF) Category: Experimental. D. Meyer Brocade V. Fuller September 2016

Internet Engineering Task Force (IETF) Category: Experimental. D. Meyer Brocade V. Fuller September 2016 Internet Engineering Task Force (IETF) Request for Comments: 7954 Category: Experimental ISSN: 2070-1721 L. Iannone Telecom ParisTech D. Lewis Cisco Systems, Inc. D. Meyer Brocade V. Fuller September 2016

More information

WAN VPN Solutions. How Cisco Uses VPN Solutions to Extend the WAN. A Cisco on Cisco Case Study: Inside Cisco IT

WAN VPN Solutions. How Cisco Uses VPN Solutions to Extend the WAN. A Cisco on Cisco Case Study: Inside Cisco IT WAN VPN Solutions How Cisco Uses VPN Solutions to Extend the WAN A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Finding cost-effective alternatives to dedicated circuits connecting remote

More information

Internet Engineering Task Force (IETF) Request for Comments: D. Lewis Cisco Systems January 2013

Internet Engineering Task Force (IETF) Request for Comments: D. Lewis Cisco Systems January 2013 Internet Engineering Task Force (IETF) Request for Comments: 6836 Category: Experimental ISSN: 2070-1721 V. Fuller D. Farinacci D. Meyer D. Lewis Cisco Systems January 2013 Locator/ID Separation Protocol

More information

Deployment Scenarios

Deployment Scenarios This chapter describes and shows some typical deployment scenarios for the Cisco 860, Cisco 880, and Cisco 890 series Intergrated Services Routers (ISRs): About the, page 1 Enterprise Small Branch, page

More information

A Scalable Routing System Design for the Future Internet

A Scalable Routing System Design for the Future Internet A Scalable Routing System Design for the Future Internet Dan Massey (Colorado State University) Lan Wang (University of Memphis) Beichuan Zhang (University of Arizona) Lixia Zhang (UCLA) 1 Where We Are

More information

And Then There Were More:

And Then There Were More: David Naylor Carnegie Mellon And Then There Were More: Secure Communication for More Than Two Parties Richard Li University of Utah Christos Gkantsidis Microsoft Research Thomas Karagiannis Microsoft Research

More information

A Ten Minute Introduction to Middleboxes. Justine Sherry, UC Berkeley

A Ten Minute Introduction to Middleboxes. Justine Sherry, UC Berkeley A Ten Minute Introduction to Middleboxes Justine Sherry, UC Berkeley This Talk: Three Questions! What is a middlebox? What are some recent trends in middlebox engineering? What research challenges do middleboxes

More information

WHITE PAPER. Applying Software-Defined Security to the Branch Office

WHITE PAPER. Applying Software-Defined Security to the Branch Office Applying Software-Defined Security to the Branch Office Branch Security Overview Increasingly, the branch or remote office is becoming a common entry point for cyber-attacks into the enterprise. Industry

More information

NFV and SDN what does it mean to enterprises?

NFV and SDN what does it mean to enterprises? OPINION NFV and SDN what does it mean to enterprises? By Clive Hamilton, VP Network Services, NTT Europe Rethinking the enterprise network The typical enterprise network now comprises hundreds or even

More information

/14/$ IEEE

/14/$ IEEE The OpenLISP Control Plane Architecture Dung Chi Phung, UPMC and VNU Stefano Secci, UPMC Damien Saucez, INRIA Sophia Antipolis Luigi Iannone, Telecom ParisTech Abstract Among many options tackling the

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback