Network in the Cloud: a Map-and-Encap Approach
|
|
- Jade Pitts
- 5 years ago
- Views:
Transcription
1 Network in the Cloud: a Map-and-Encap Approach Damien Saucez Wassim Haddad Inria Ericsson IEEE CloudNet 12
2 Enterprise network www ISP1 SOHO ISP2 Internet 2
3 Enterprise network (contd.) Survey on 57 enterprise networks [19] Sherry et al Making middleboxes someone else's problem: network processing as a cloud service, Sigcomm 12 3
4 Motivation Observation: digital communications are essential for enterprises Problem: fast, secure, and reliable Internet connectivity is expensive high OPEX high CAPEX Solution: outsource network operations and services to reduce costs supported by enterprises 4
5 Why not moving the infrastructure in the Cloud? The concept exists [1,19], some call it Network-as-a-Services... gives tenants access to network infrastructure in the Cloud to implement custom forwarding decisions [1]... but the lack of a simple and cheap technology to redirect traffic to the Cloud limits its deployment 5
6 Requirements for a -enabler protocol We need a protocol able to divert packets to/from providers that has unified control-plane and data-plane is available in today s equipment can be deployed in the current Internet has simple of maintenance and operation can support highly dynamic changes APLOMB [19] could do it, but relies on home made protocol LISP is the perfect protocol candidate relies on the map-and-encap principle 6
7 Locator/Identifier Separation Protocol (LISP) Split the IP address space in two at the border routers Endpoint IDentifiers (EID) identify end-systems and edge routers non-globally routable end systems in a site share the same EID prefix Routing LOCators (RLOC) attached to core routers (router interfaces) globally routable Use Map-and-Encap to glue the two spaces 7
8 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR ITR AS3 AS1 2001:DB8A::/56 ITR /8 2001:DB8A::beef 8
9 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR ITR AS3 dst: cafe 2001:DB8A::beef AS1 2001:DB8A::/56 8 ITR /8
10 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR ITR dst: cafe AS1 2001:DB8A::/56 ITR AS3 2/8 2001:DB8A::beef 8
11 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR Map-Request: 2001:DB8B::cafe? ITR dst: cafe AS1 2001:DB8A::/56 ITR AS3 2/8 2001:DB8A::beef 8
12 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR Map-Reply: 2001:DB8B::/ % % ITR dst: cafe AS1 2001:DB8A::/56 ITR AS3 2/8 2001:DB8A::beef 8
13 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR / dst: cafe ITR AS1 2001:DB8A::/56 ITR AS3 2/8 2001:DB8A::beef 8
14 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ dst: cafe ETR :DB8B::cafe AS5 2001:DB8B::/56 ETR ITR AS3 AS1 2001:DB8A::/56 ITR /8 2001:DB8A::beef 8
15 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 dst: cafe 2001:DB8B::/56 ETR ITR AS3 AS1 2001:DB8A::/56 ITR /8 2001:DB8A::beef 8
16 Mapping System 2001:DB8B::/ % % 2001:DB8A::/ % % LISP in a nutshell AS4 3/8 AS2 1/ ETR 2001:DB8B::cafe AS5 2001:DB8B::/56 ETR dst: cafe ITR AS3 AS1 2001:DB8A::/56 ITR /8 2001:DB8A::beef 8
17 Moving packets in the Cloud with LISP 9
18 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router
19 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router
20 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router
21 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router
22 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router
23 To the Internet Mapping System ISP1 ISP2 Internet 10 LISP router
24 From the Internet Mapping System ISP1 ISP2 Internet 11 LISP router
25 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router
26 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router
27 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router
28 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router
29 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router
30 From the Internet Mapping System ISP1 ISP2 BGP Internet 11 LISP router
31 Chaining security VPN Audit LISP router 12
32 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit LISP router 12
33 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit LISP router 12
34 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: LISP router 12
35 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: LISP router 12
36 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: LISP router 12
37 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 LISP router 12
38 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 LISP router 12
39 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 LISP router 12
40 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 LISP router 12
41 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 instance-id: 0x3 LISP router 12
42 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 instance-id: 0x3 LISP router 12
43 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 instance-id: 0x3 instance-id: 0x4 LISP router 12
44 Chaining Order Operation Input Output 1 Security firewall native instance-id: 0x1 2 VPN VPN instance-id: 0x1 instance-id: 0x2 3 Audit Netflow instance-id: 0x2 instance-id: 0x3 4 Security deep packet inspection instance-id: 0x3 instance-id: 0x4 security VPN Audit BGP: instance-id: 0x1 instance-id: 0x2 instance-id: 0x3 instance-id: 0x4 LISP router 12
45 Summary Maintaining fast, secure, and reliable Internet connectivity is expensive for enterprises Moving network infrastructure to the Cloud (i.e., Network-as-a-Service) reduces costs LISP is an enabler for 13
46 Network in the Cloud: a Map-and-Encap Approach Damien Saucez Wassim Haddad Inria Ericsson IEEE CloudNet 12
47 Backup 15
48 Outsourcing Outsource: obtain (goods or a service) by contract from an outside supplier [20] Network management is often outsourced to external enterprises to reduce OPEX but devices still have to be deployed locally High level services (e.g., web server, s) are frequently outsourced to the Cloud but low-level services (e.g., firewall, IDS) are not 16 [20] Oxford dictionary
Locator/ID Separation Protocol (LISP)
Locator/ID Separation Protocol (LISP) Damien Saucez* INRIA Sophia Antipolis FRNOG 18, December 2 th, 2011 * special thanks to Olivier Bonaventure, Luigi Iannone and Dino Farinacci Disclaimer Not a vendor
More informationLISP-Click. D. Saucez, V. N. Nguyen and O. Bonaventure. Université catholique de Louvain.
LISP-Click D. Saucez, V. N. Nguyen and O. Bonaventure Université catholique de Louvain http://inl.info.ucl.ac.be A Click implementation of the Locator/ID Separation Protocol 2 The Internet is Broken! 3
More informationLocator ID Separation Protocol (LISP) Overview
Locator ID Separation Protocol (LISP) is a network architecture and protocol that implements the use of two namespaces instead of a single IP address: Endpoint identifiers (EIDs) assigned to end hosts.
More informationInternet of the future. Master ESTEL - March 17 th 2014
Internet of the future Master ESTEL - March 17 th 2014 Contact information Damien Saucez Email: damien.saucez@inria.fr Mobile: +32 497 19.34.83 Phone: +33 4 89.73.24.18 2 Internet today 3 Internet Protocol
More informationLISP: Intro and Update
LISP: Intro and Update RIPE Berlin May, 2008 Vince Fuller (for Dino, Dave, Darrel, et al) http://www.vaf.net/prezos/lisp-ripe-short.pdf Agenda What is LISP? What problem is LISP solving? www.vaf.net/prezos/rrg-prague.pdf
More informationMaking Middleboxes Someone Else s Problem: Network Processing as a Cloud Service
Making Middleboxes Someone Else s Problem: Network Processing as a Cloud Service Justine Sherry*, Shaddi Hasan*, Colin Scott*, Arvind Krishnamurthy, Sylvia Ratnasamy*, and Vyas Sekar * Typical Enterprise
More informationEvaluating the Benefits of the Locator/Identifier Separation
Evaluating the Benefits of the Locator/Identifier Separation Bruno Quoitin IP Networking Lab Computer Science and Engineering Dept. Université catholique de Louvain, Belgium (bruno.quoitin@uclouvain.be)
More informationAPT: A Practical Transit-Mapping Service Overview and Comparisons
APT: A Practical Transit-Mapping Service Overview and Comparisons draft-jen-apt Dan Jen, Michael Meisel, Dan Massey, Lan Wang, Beichuan Zhang, and Lixia Zhang The Big Picture APT is similar to LISP at
More informationIP Routing: LISP Configuration Guide, Cisco IOS Release 15M&T
First Published: 2012-07-27 Last Modified: 2013-03-29 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)
More informationEnterprise IPv6 Transition Strategy
Abstract Government mandates, e-business and Internet growth requirements, and impending IPv4 address exhaustion concerns are prompting many enterprises to begin implementing an IPv6 transition strategy.
More information15-744: Computer Networking. Middleboxes and NFV
15-744: Computer Networking Middleboxes and NFV Middleboxes and NFV Overview of NFV Challenge of middleboxes Middlebox consolidation Outsourcing middlebox functionality Readings: Network Functions Virtualization
More informationLISP Router IPv6 Configuration Commands
ipv6 alt-vrf, page 2 ipv6 etr, page 4 ipv6 etr accept-map-request-mapping, page 6 ipv6 etr map-cache-ttl, page 8 ipv6 etr map-server, page 10 ipv6 itr, page 13 ipv6 itr map-resolver, page 15 ipv6 map-cache-limit,
More informationLISP: What and Why. RIPE Berlin May, Vince Fuller (for Dino, Dave, Darrel, et al)
LISP: What and Why RIPE Berlin May, 2008 Vince Fuller (for Dino, Dave, Darrel, et al) http://www.vaf.net/prezos/lisp-ripe-long.pdf Agenda What is the problem? What is LISP? Why Locator/ID Separation? Data
More informationIP Mobility Design Considerations
CHAPTER 4 The Cisco Locator/ID Separation Protocol Technology in extended subnet mode with OTV L2 extension on the Cloud Services Router (CSR1000V) will be utilized in this DRaaS 2.0 System. This provides
More informationLISP Generalized SMR
The feature enables LISP xtr (ITR and ETR) to update map cache when there is a change in database mapping. Note There is no configuration commands for this feature. This feature is turned on automatically.
More informationLISP (Locator/Identifier Separation Protocol)
LISP (Locator/Identifier Separation Protocol) Damien Saucez* June 28 th, 2010 http://inl.info.ucl.ac.be *Thanks to Olivier Bonaventure and Pierre François Department of Computing Science and Engineering
More informationCisco IOS LISP Application Note Series: Lab Testing Guide
Cisco IOS LISP Application Note Series: Lab Testing Guide Version 3.0 (28 April 2011) Background The LISP Application Note Series provides targeted information that focuses on the integration configuration
More informationLISP Locator/ID Separation Protocol
LISP Locator/ID Separation Protocol Hernán Contreras G. Consulting Systems Engineer hcontrer@cisco.com LISP Next Gen Routing Architecture Locator-ID Separation Protocol (LISP) Elevator Pitch LISP is a
More informationCisco IOS LISP Application Note Series: Access Control Lists
Cisco IOS LISP Application Note Series: Access Control Lists Version 1.1 (28 April 2011) Background The LISP Application Note Series provides targeted information that focuses on the integration and configuration
More informationIntegration of LISP and LISP-MN in INET
Institute of Computer Science Chair of Communication Networks Prof. Dr.-Ing. P. Tran-Gia, Matthias Hartmann (University of Wuerzburg, Germany) Michael Höfling, Michael Menth (University of Tuebingen, Germany)
More informationLecture 7 Advanced Networking Virtual LAN. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 7 Advanced Networking Virtual LAN Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Advanced Networking Scenario: Data Center Network Single Multiple, interconnected via Internet
More informationAPT Incremental Deployment
APT Incremental Deployment Dan Jen, Michael Meisel, Daniel Massey, Lan Wang, Beichuan Zhang, Lixia Zhang http://www.cs.ucla.edu/~meisel/draft-apt-incremental-00.txt 1 Why This Talk Incrememtal deployability
More informationINTRODUCTION 2 DOCUMENT USE PREREQUISITES 2
Table of Contents INTRODUCTION 2 DOCUMENT USE PREREQUISITES 2 LISP MOBILITY MODES OF OPERATION/CONSUMPTION SCENARIOS 3 LISP SINGLE HOP SCENARIO 3 LISP MULTI- HOP SCENARIO 3 LISP IGP ASSIT MODE 4 LISP INTEGRATION
More informationDNA SA Border Node Support
Digital Network Architecture (DNA) Security Access (SA) is an Enterprise architecture that brings together multiple building blocks needed for a programmable, secure, and highly automated fabric. Secure
More informationSCION: A Secure Internet Architecture Samuel Hitz CTO Anapaya Systems ETH Zurich
SCION: A Secure Internet Architecture Samuel Hitz CTO Anapaya Systems ETH Zurich March 2019 Internet: The network of networks The Internet is a network of Autonomous Systems (ASes). Each AS is itself a
More informationStability and Consistency of the LISP Pull Routing Architecture
Stability and Consistency of the LISP Pull Routing Architecture Yue Li, Damien Saucez, Luigi Iannone, Benoit Donnet Telecom ParisTech France Université Côte d Azur, Inria France Université de Liège, Montefiore
More informationFIRMS: a Future InteRnet Mapping System
Institute of Computer Science Department of Distributed Systems Prof. Dr.-Ing. P. Tran-Gia FIRMS: a Future InteRnet Mapping System Michael Menth, Matthias Hartmann, Michael Höfling Overview The FIRMS architecture
More informationOn the Dynamics of Locators in LISP
On the Dynamics of Locators in LISP Damien Saucez 1 and Benoit Donnet 2 1 INRIA, Sophia Antipolis, France 2 Université deliège, Liège, Belgium Abstract. In the Internet, IP addresses play the dual role
More informationLISP: A NOVEL APPROACH FOR FUTURE ATN/IPS
LISP: A NOVEL APPROACH FOR FUTURE ATN/IPS Bernhard Haindl, Manfred Lindner, Wolfgang Kampichler ICAO Meeting 07/2014 2014-07-15 HAINDL Bernhard Trends / Requirements For Future Networks Multihoming / Availability
More informationFuture Routing and Addressing Models
Future Routing and Addressing Models Rob Evans JANET(UK) The JNT Association 2008 Networkshop 36 1 If it ain't broke... BGP is the inter-domain protocol of choice. Not that there's much choice. Carries
More informationBusiness Strategy Theatre
Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:
More informationTLEN 5710 Capstone. Final Paper. Date 4/25/2014. Defining a Routing Architecture for Multi-Tenant Virtual Data Centers to support Host.
TLEN 5710 Capstone Final Paper Date 4/25/2014 Defining a Routing Architecture for Multi-Tenant Virtual Data Centers to support Host Migration Members - Amit Kolekar, Ebin George, Deepak Pishe, Dipesh Rathod
More informationInterdomain Traffic Engineering in a Locator/Identifier Separation Context
1 Interdomain Traffic Engineering in a Locator/Identifier Separation Context Damien Saucez, Benoit Donnet, Luigi Iannone, Olivier Bonaventure Université catholique de Louvain, Belgium Abstract The Routing
More informationLISP: A Level of Indirection for Routing
LISP: A Level of Indirection for Routing ESCC/Internet2 Joint Techs Workshop University of Hawaii January 20-24, 2008 David Meyer & A Cast of 1000s (Vince Fuller, Darrel Lewis, Eliot Lear, Scott Brim,
More informationEmbark: Securely Outsourcing Middleboxes to the Cloud
Embark: Securely Outsourcing Middleboxes to the Cloud Chang Lan, Justine Sherry, Raluca Ada Popa, Sylvia Ratnasamy, Zhi Liu UC Berkeley Tsinghua University 1 Background Middleboxes are prevalent and problematic
More informationLISP. - innovative mobility w/ Cisco Architectures. Gerd Pflueger Consulting Systems Engineer Central Europe Version 0.
Version 0.2 22 March 2012 LISP - innovative mobility w/ Cisco Architectures Gerd Pflueger Consulting Systems Engineer Central Europe gerd@cisco.com 2012 Cisco and/or its affiliates. All rights reserved.
More informationICN IDENTIFIER / LOCATOR. Marc Mosko Palo Alto Research Center ICNRG Interim Meeting (Berlin, 2016)
ICN IDENTIFIER / LOCATOR Marc Mosko Palo Alto Research Center ICNRG Interim Meeting (Berlin, 2016) 1 A brief review of ID/Locators in IETF It s long, and we ll skim over it Then we discuss the CCNx & NDN
More informationInternet Engineering Task Force (IETF) Request for Comments: Cisco Systems January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6831 Category: Experimental ISSN: 2070-1721 D. Farinacci D. Meyer J. Zwiebel S. Venaas Cisco Systems January 2013 The Locator/ID Separation
More informationValidation of a LISP Simulator
Validation of a LISP Simulator Albert Cabellos-Aparicio, Jordi Domingo-Pascual Technical University of Catalonia Barcelona, Spain Damien Saucez, Olivier Bonaventure Université catholique de Louvain Louvain-La-Neuve,
More informationNewNet Cross-Pollination Meeting
NewNet Cross-Pollination Meeting Département INFRES 1 What this talk is not about... UDP/4672 (5.55%) UDP/33410 (4.83%) TCP/445 (4.13%) UDP/59230 (3.72%) UDP/22802 (3.54%) UDP/16630 (2.93%) UDP/3283 (6.12%)
More informationInternet Engineering Task Force (IETF) Category: Experimental ISSN: D. Meyer D. Lewis. Cisco Systems. January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6830 Category: Experimental ISSN: 2070-1721 D. Farinacci Cisco Systems V. Fuller D. Meyer D. Lewis Cisco Systems January 2013 The Locator/ID
More informationLISP Mobile-Node. draft-meyer-lisp-mn-05.txt. Chris White, Darrel Lewis, Dave Meyer, Dino Farinacci cisco Systems
LISP Mobile-Node draft-meyer-lisp-mn-05.txt Chris White, Darrel Lewis, Dave Meyer, Dino Farinacci cisco Systems EID: dino@cisco.com RLOC: IRTF MobOpts Quebec City July 28 2011 What if... A mobile device
More informationMembership test for Mapping Information optimization draft-flinck-lisp-membertest-00
Membership test for Mapping Information optimization draft-flinck-lisp-membertest-00 1 Nokia Siemens Networks HFl / 18.3.2010 The problem we are addressing If an Ingress Tunnel Router acting as a gateway
More informationInternet Engineering Task Force (IETF) Category: Experimental. O. Bonaventure Universite catholique de Louvain January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6834 Category: Experimental ISSN: 2070-1721 L. Iannone Telecom ParisTech D. Saucez INRIA Sophia Antipolis O. Bonaventure Universite catholique
More informationLISP Parallel Model Virtualization
Finding Feature Information, page 1 Information About, page 1 How to Configure, page 6 Configuration Examples for, page 24 Additional References, page 25 Feature Information for, page 26 Finding Feature
More informationNetwork Function Virtualization (NFV)
Network Function Virtualization (NFV) Roch Glitho, PhD Associate Professor and Canada Research Chair My URL - http://users.encs.concordia.ca/~glitho/ References 1. R. Mijumbi et al., Network Function Virtualization:
More informationLISP A Next-Generation Networking Architecture
LISP A Next-Generation Networking Architecture LISP Disjointed RLOC Space Technical Details Version 0.8 30 October 2013 LISP Disjointed RLOC Space Details Agenda LISP Disjointed RLOC Space Technical Details
More informationLISP Multicast. Finding Feature Information. Prerequisites for LISP Multicast
The feature introduces support for carrying multicast traffic over a Locator ID Separation Protocol (LISP) overlay. This support currently allows for unicast transport of multicast traffic with head-end
More informationVerifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services)
1 Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) Vyas Sekar vnfo joint with Seyed Fayazbakhsh, Mike Reiter VRA joint with Chen Chen, Petros Mania9s,
More informationTTL Propagate Disable and Site-ID Qualification
The TTL Propagate Disable feature supports disabling of the TTL (Time-To-Live) propagation for implementing the traceroute tool in a LISP network when RLOC and EID belong to different address-family. The
More informationNetwork function virtualization
Network function virtualization Ankit Singla ETH Zürich Spring 2017 News from SIGCOMM 2017 36 papers (out of 250 submissions) On every topic we covered / will cover 2 papers from ETH! 2 An update Beyond
More informationGETVPN+LISP Lab Guide
GETVPN+LISP Lab Guide Developers and Lab Proctors This lab was created by: Gregg Schudel, TME LISP Development Team Version 1.0: Created by Gregg Schudel Lab proctor: Gregg Schudel (gschudel@cisco.com)
More informationMobility and Virtualization in the Data Center with LISP and OTV
Cisco Expo 2012 Mobility and Virtualization in the Data Center with LISP and OTV Tech DC2 Martin Diviš Cisco, CSE, mdivis@cisco.com Cisco Expo 2012 Cisco and/or its affiliates. All rights reserved. 1 Twitter
More informationIPsec VPN. Quick Guide 3/19/ EarthLink. Trademarks are property of their respective owners. All rights reserved.
IPsec VPN Quick Guide 3/19/15 2014 EarthLink. Trademarks are property of their respective owners. All rights reserved. 2 IPsec VPN Customers Business Challenges Bandwidth constrained Improving the customer
More informationRequest for Comments: 8112 Category: Informational. I. Kouvelas Arista D. Lewis Cisco Systems May 2017
Independent Submission Request for Comments: 8112 Category: Informational ISSN: 2070-1721 D. Farinacci lispers.net A. Jain Juniper Networks I. Kouvelas Arista D. Lewis Cisco Systems May 2017 Locator/ID
More informationHAIR: Hierarchical Architecture for Internet Routing
HAIR: Hierarchical Architecture for Internet Routing Re-Architecting the Internet ReArch 09 Wolfgang Mühlbauer ETH Zürich / TU Berlin wolfgang.muehlbauer@tik.ee.ethz.ch Anja Feldmann Luca Cittadini Randy
More information2015 Spring Technical Forum Proceedings
Approaches for IPv4 as a Service Brian Field Ph.D. Comcast Abstract IPv6 has been gaining traction both as a necessary service provider technology and as an increasing carrier of Internet traffic. Within
More informationMobility and Virtualization in the Data Center with LISP and OTV
Mobility and Virtualization in the Data Center with LISP and OTV Agenda Mobility and Virtualization in the Data Center Introduction to LISP LISP Data Center Use Cases LAN Extensions: OTV LISP + OTV Deployment
More informationCore of Multicast VPNs: Rationale for Using mldp in the MVPN Core
Core of Multicast VPNs: Rationale for Using mldp in the MVPN Core Exploring Suitability of Using mldp Versus P2MP RSVP-TE in the MVPN Core Multicast Virtual Private Network (MVPN) is a popular technology
More informationA configuration-only approach to shrinking FIBs. Prof Paul Francis (Cornell)
A configuration-only approach to shrinking FIBs Prof Paul Francis (Cornell) 1 Virtual Aggregation An approach to shrinking FIBs (and RIBs) In routers, not in route reflectors Works with legacy routers
More informationEthernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade
Ethernet Fabrics- the logical step to Software Defined Networking (SDN) Frank Koelmel, Brocade fkoelmel@broc 10/28/2013 2 2012 Brocade Communications Systems, Inc. Proprietary Information ETHERNET FABRICS
More informationCisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13
Q&A Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q. What is the Cisco Cloud Services Router 1000V? A. The Cisco Cloud Services Router 1000V (CSR 1000V) is a router in virtual
More informationDeploying LISP Host Mobility with an Extended Subnet
CHAPTER 4 Deploying LISP Host Mobility with an Extended Subnet Figure 4-1 shows the Enterprise datacenter deployment topology where the 10.17.1.0/24 subnet in VLAN 1301 is extended between the West and
More informationSDN Use-Cases. internet exchange, home networks. TELE4642: Week8. Materials from Prof. Nick Feamster is gratefully acknowledged
SDN Use-Cases internet exchange, home networks TELE4642: Week8 Materials from Prof. Nick Feamster is gratefully acknowledged Overview n SDX: A Software-Defined Internet Exchange n SDN-enabled Home Networks
More informationTBGP: A more scalable and functional BGP. Paul Francis Jan. 2004
TBGP: A more scalable and functional BGP Paul Francis Jan. 2004 BGP: Border Gateway Protocol BGP is the top-level routing protocol in the Internet It holds the Internet together BGP allows routers to tell
More informationEIGRP Over the Top. Finding Feature Information. Information About EIGRP Over the Top. EIGRP Over the Top Overview
The feature enables a single end-to-end routing domain between two or more Enhanced Interior Gateway Routing Protocol (EIGRP) sites that are connected using a private or a public WAN connection. This module
More informationAN OPEN CONTROL-PLANE IMPLEMENTATION FOR LISP NETWORKS
Proceedings of IC-NIDC2012 AN OPEN CONTROL-PLANE IMPLEMENTATION FOR LISP NETWORKS Dung Phung Chi (1,2), Stefano Secci (2), Guy Pujolle (2), Patrick Raad (3), Pascal Gallard (3) (1) VNU, Hanoi, Vietnam,
More informationSoftware Defined Networking
Software Defined Networking Daniel Zappala CS 460 Computer Networking Brigham Young University Proliferation of Middleboxes 2/16 a router that manipulatees traffic rather than just forwarding it NAT rewrite
More informationSENSS: Software-defined Security Service
SENSS: Software-defined Security Service Minlan Yu University of Southern California Joint work with Abdulla Alwabel, Ying Zhang, Jelena Mirkovic 1 Growing DDoS Attacks Average monthly size of DDoS attacks
More informationLISP-TREE: A DNS Hierarchy to Support the LISP Mapping System
1 LISP-TREE: A DNS Hierarchy to Support the LISP Mapping System Loránd Jakab, Albert Cabellos-Aparicio, Florin Coras, Damien Saucez, and Olivier Bonaventure Abstract During the last years, some operators
More informationMulticast Overlay Models & Mechanisms
Multicast Overlay Models & Mechanisms Orlando IETF March 2013 Dino Farinacci farinacci@gmail.com!1 Agenda - Multicast Delivery Models Multicast-over-Unicast (MBONE) Multicast Native Virtualizing Multicast
More informationUnderstanding the Evolving Internet
Understanding the Evolving Internet Ram Durairajan Assistant Professor, Computer and Information Science Co-director, Oregon Networking Research Group University of Oregon 0 Internet is a complex system
More informationNETWORK VIRTUALIZATION IN THE HOME Chris Donley CableLabs
NETWORK VIRTUALIZATION IN THE HOME Chris Donley CableLabs Abstract Networks are becoming virtualized. While there has been significant focus on virtualization in core and data center networks, network
More informationCisco Nexus 7000 Series NX-OS LISP Command Reference
First Published: 2016-11-24 Last Modified: -- Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax:
More informationCampus Fabric. How To Integrate With Your Existing Networks. Kedar Karmarkar - Technical Leader BRKCRS-2801
Campus Fabric How To Integrate With Your Existing Networks Kedar Karmarkar - Technical Leader Campus Fabric Abstract Is your Campus network facing some, or all, of these challenges? Host Mobility (w/o
More informationBenefits of SD-WAN to the Distributed Enterprise
WHITE PAPER Benefits of SD-WAN to the Distributed Enterprise 1 B enefits of SD-WAN to the Distributed Enterprise Branch Networking Today More Bandwidth, More Complexity Branch or remote office network
More informationLocation ID Separation Protocol. Gregory Johnson -
Location ID Separation Protocol Gregory Johnson - grjohnso@cisco.com LISP - Agenda LISP Overview LISP Operations LISP Use Cases LISP Status (Standards and in the Community) Summary 2 LISP Overview 2010
More informationMPLS vs SDWAN.
MPLS vs SDWAN MPLS MPLS It offers excellent QoS when it comes to avoiding packet loss and keeping a business s most important traffic flowing. This reliability is especially essential to maintain the quality
More informationSDN TO BE OR NOT TO BE. Uwe Richter SE Director Russia/CIS, East and South East Europe
SDN TO BE OR NOT TO BE Uwe Richter SE Director Russia/CIS, East and South East Europe uwe@juniper.net FUNDAMENTAL PROBLEMS TO SOLVE Want more innovation in networking Want it more quickly too Want more
More informationVNF Chain Allocation and Management at Data Center Scale
VNF Chain Allocation and Management at Data Center Scale Internet Cloud Provider Tenants Nodir Kodirov, Sam Bayless, Fabian Ruffy, Ivan Beschastnikh, Holger Hoos, Alan Hu Network Functions (NF) are useful
More informationCisco 4000 Series Integrated Services Routers: Architecture for Branch-Office Agility
White Paper Cisco 4000 Series Integrated Services Routers: Architecture for Branch-Office Agility The Cisco 4000 Series Integrated Services Routers (ISRs) are designed for distributed organizations with
More informationCisco ISR G2 Management Overview
Cisco ISR G2 Management Overview Introduction The new Cisco Integrated Services Routers Generation 2 (ISR G2) Family of routers delivers the borderless network that can transform the branch office and
More informationService Insertion with ACI using F5 iworkflow
Service Insertion with ACI using F5 iworkflow Gert Wolfis F5 EMEA Cloud SE October 2016 Agenda F5 and Cisco ACI Joint Solution Cisco ACI L4 L7 Service Insertion Overview F5 and Cisco ACI Integration Models
More informationIntroduction. Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution
Delivering Management as Agile as the Cloud: Enabling New Architectures with CA Technologies Virtual Network Assurance Solution Introduction Service providers and IT departments of every type are seeking
More informationData Center Virtualization: VirtualWire
Data Center Virtualization: VirtualWire Hakim Weatherspoon Assistant Professor, Dept of Computer Science CS 5413: High Performance Systems and Networking November 21, 2014 Slides from USENIX Workshop on
More informationLISP ELP Probing to Enhance LISP Traffic Engineering
LISP ELP Probing to Enhance LISP Traffic Engineering draft-filyurin-lisp-elp-probing-00.txt Dino Farinacci (farinacci@gmail.com) Truman Boyes (tboyes@bloomberg.net) Robet Raszuk (rraszuk@bloomberg.net)
More informationCitrix Workspace. Lausanne Laurent Strauss Christophe Beaugrand
Workspace Lausanne 09.03.2017 Laurent Strauss Christophe Beaugrand WorkspaceSuite Improve employee productivity Deliver a high performance user experience Empower entire workforce Secure enterprise content
More informationCisco Nexus 7000 Series NX-OS LISP Configuration Guide
First Published: 2011-10-25 Last Modified: 2014-04-25 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)
More informationOPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT
OPEN CONTRAIL ARCHITECTURE GEORGIA TECH SDN EVENT sdn-and-nfv-technical---georgia-tech---sep-2013---v2 Bruno Rijsman, Distinguished Engineer 24 September 2013 Use Cases 2 Copyright 2013 Juniper Networks,
More informationCustomer IPv6 Delivery
Customer IPv6 Delivery The Nextgen Experience Chris Chaundy, Nextgen Networks October 2011 Agenda Nextgen Network s strategy Just get a prefix and turn it on!?!? Scope of the project Hardware considerations
More informationInternet Engineering Task Force (IETF) Category: Experimental. D. Meyer Brocade V. Fuller September 2016
Internet Engineering Task Force (IETF) Request for Comments: 7954 Category: Experimental ISSN: 2070-1721 L. Iannone Telecom ParisTech D. Lewis Cisco Systems, Inc. D. Meyer Brocade V. Fuller September 2016
More informationWAN VPN Solutions. How Cisco Uses VPN Solutions to Extend the WAN. A Cisco on Cisco Case Study: Inside Cisco IT
WAN VPN Solutions How Cisco Uses VPN Solutions to Extend the WAN A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge Finding cost-effective alternatives to dedicated circuits connecting remote
More informationInternet Engineering Task Force (IETF) Request for Comments: D. Lewis Cisco Systems January 2013
Internet Engineering Task Force (IETF) Request for Comments: 6836 Category: Experimental ISSN: 2070-1721 V. Fuller D. Farinacci D. Meyer D. Lewis Cisco Systems January 2013 Locator/ID Separation Protocol
More informationDeployment Scenarios
This chapter describes and shows some typical deployment scenarios for the Cisco 860, Cisco 880, and Cisco 890 series Intergrated Services Routers (ISRs): About the, page 1 Enterprise Small Branch, page
More informationA Scalable Routing System Design for the Future Internet
A Scalable Routing System Design for the Future Internet Dan Massey (Colorado State University) Lan Wang (University of Memphis) Beichuan Zhang (University of Arizona) Lixia Zhang (UCLA) 1 Where We Are
More informationAnd Then There Were More:
David Naylor Carnegie Mellon And Then There Were More: Secure Communication for More Than Two Parties Richard Li University of Utah Christos Gkantsidis Microsoft Research Thomas Karagiannis Microsoft Research
More informationA Ten Minute Introduction to Middleboxes. Justine Sherry, UC Berkeley
A Ten Minute Introduction to Middleboxes Justine Sherry, UC Berkeley This Talk: Three Questions! What is a middlebox? What are some recent trends in middlebox engineering? What research challenges do middleboxes
More informationWHITE PAPER. Applying Software-Defined Security to the Branch Office
Applying Software-Defined Security to the Branch Office Branch Security Overview Increasingly, the branch or remote office is becoming a common entry point for cyber-attacks into the enterprise. Industry
More informationNFV and SDN what does it mean to enterprises?
OPINION NFV and SDN what does it mean to enterprises? By Clive Hamilton, VP Network Services, NTT Europe Rethinking the enterprise network The typical enterprise network now comprises hundreds or even
More information/14/$ IEEE
The OpenLISP Control Plane Architecture Dung Chi Phung, UPMC and VNU Stefano Secci, UPMC Damien Saucez, INRIA Sophia Antipolis Luigi Iannone, Telecom ParisTech Abstract Among many options tackling the
More information