Deploying Standards-based, Multi-domain, Bandwidth-on-Demand

Similar documents
18th WRNP Workshop RNP May Belém, Brasil Gerben van Malenstein

WELCOME TO GLIF Technical Working Group Summer 2015 meeting. Prague, Czech Republic September 2015

GLIF September 2017 Sydney, Australia Gerben van Malenstein, SURFnet & John Hess, Pacific Wave

Network Services Interface. OGF NSI standards development progress:

Integration of Network Services Interface version 2 with the JUNOS Space SDK

SURFnet network developments 10th E-VLBI workshop 15 Nov Wouter Huisman SURFnet

Virtual Circuits Landscape

Pacific Wave: Building an SDN Exchange

National R&E Networks: Engines for innovation in research

Service Sharing at NORDUnet

Internet2 DCN and Dynamic Circuit GOLEs. Eric Boyd Deputy Technology Officer Internet2 GLIF Catania March 5, 2009

Chin Guok, ESnet. Network Service Interface Signaling and Path Finding

AmLight supports wide-area network demonstrations in Super Computing 2013 (SC13)

GÉANT3 Services. Ann Harding, SWITCH TNC Connectivity and Monitoring Services by and for NRENs. connect communicate collaborate

AutoBAHN Provisioning guaranteed capacity circuits across networks

perfsonar Update Jason Zurawski Internet2 March 5, 2009 The 27th APAN Meeting, Kaohsiung, Taiwan

FELIX project : Overview and the results. Tomohiro Kudoh (The University of Tokyo / AIST) on behalf of all FELIX partners

GLIF CERN Oct John Vollbrecht. 10/13/10 Automate GOLE Pilot 1

1. Introduction. 2. Purpose of this paper and audience. Best Practices 1 for Cloud Provider Connectivity for R&E Users

Multi Domain Service Architecture for Heterogonous Networks A view from GÉANT 3 - SA2: Task 1

5 August 2010 Eric Boyd, Internet2 Deputy CTO

Evolution of OSCARS. Chin Guok, Network Engineer ESnet Network Engineering Group. Winter 2012 Internet2 Joint Techs. Baton Rouge, LA.

IRNC:RXP SDN / SDX Update

The NORDUnet Next Generation Network Building the future (Nordic) network together

Connectivity Services, Autobahn and New Services

DICE Diagnostic Service

How Five International Networks are Enabling International Data-Intensive Research. Internet2 Global Summit 2014

Federated POP: a successful real-world collaboration

GN2 JRA5: Roaming and Authorisation

Inter-domain SDN Data Plane Validation: Next Steps at AmLight

NORDUnet GN3. Next Generation Network in Europe. Click to edit Master subtitle style. Lars Fischer SUNET TREFFpunkt

Testbeds as a Service Building Future Networks A view into a new GN3Plus Service. Jerry Sobieski (NORDUnet) GLIF Oct 2013 Singapore

FEDERICA Federated E-infrastructure Dedicated to European Researchers Innovating in Computing network Architectures

Building 10-Gbps Networks: A few observations on the national and regional scales in the U.S.

Dynamic Circuit Network(DCN) Deployment

Presentation of the LHCONE Architecture document

LHC Open Network Environment (LHCONE)

Global Lambda Integrated Facility Technical Working Group September 2007 Prague, Czech Republic

DYNES: DYnamic NEtwork System

Federated E-infrastructure Dedicated to European Researchers Innovating in Computing network Architectures

Optical Networking Activities in NetherLight

GÉANT Open Service Description. High Performance Interconnectivity to Support Advanced Research

the world with light

Heterogeneous Interconnection between SDN and Layer2 Networks based on NSI

Open Exchange Policy

D6.7 Demonstration of international BoD connectivity at 4 Gb/s

E2E Service Verification Architecture

PoS(11th EVN Symposium)112

Introduction to FEDERICA

Network Testbeds at AmLight: Eight Months Later

FEDERATED POP: A SUCCESSFUL REAL-WORLD COLLABORATION

AARC Overview. Licia Florio, David Groep. 21 Jan presented by David Groep, Nikhef.

Dave McGaugh, Pacific Northwest Gigapop NANOG 39 Toronto, Canada

Internet2: Presentation to Astronomy Community at Haystack. T. Charles Yun April 2002

A collaboration overview: From TF-VSS to GN2 SA6

Vasilis Maglaris. Chairman, NREN Policy Committee - GÉANT Consortium Coordinator, NOVI FIRE Project

GLIF, the Global Lambda Integrated Facility. Kees Neggers Managing Director SURFnet. CCIRN 4 June 2005, Poznan, Poland

Fusion of Bandwidth on Demand and Virtual Organizations

Handling Topology Updates in a Dynamic Tool for Support of Bandwidth on Demand Service

GÉANT Open Service Description. High Performance Interconnectivity to Support Advanced Research

SDN AmLight: One Year Later

MANTICORE II: Integrated logical IP network, a step beyond point to point links

Connecting the e-infrastructure chain

The New Infrastructure Virtualization Paradigm, What Does it Mean for Campus?

Multi-Domain VPN service, a seamless infrastructure for Regional Network, NRENs and GEANT

9 th Annual Global LambdaGrid Workshop October 2009 Daejeon Convention Centre, Daejeon, South Korea

EU Phosphorus Project Harmony. (on

GN2-JRA3 efforts in the control plane area

Next Generation Networking and The HOPI Testbed

Future Internet Experiments over National Research & Education Networks: The Use Cases of FEDERICA & NOVI over European NRENs - GÉANT

GÉANT : e-infrastructure connectivity for the data deluge

LHCOPN LHCONE Networking Meeting Co-Hosted with HEPiX KEK Tsukuba, Japan October 16-19, 2017

JRA5: Roaming and Authorisation

EUMEDCONNECT3 and European R&E Developments

e-infrastructures in FP7 INFO DAY - Paris

INDIGO AAI An overview and status update!

New International Connectivities of SINET5

Lightpath Monitoring in NetherLight

TERENA E2E Workshop

GÉANT Services Supporting International Networking and Collaboration

LHC Open Network Environment. Artur Barczyk California Institute of Technology Baton Rouge, January 25 th, 2012

DCN Activities in Japan

ICONA Inter Cluster ONOS Network Application. CREATE-NET, CNIT/University of Rome Tor Vergata, Consortium GARR

Software Defined Exchanges: The new SDN? Inder Monga Chief Technologist Energy Sciences Network

Solving End-to-End connectivity with GMPLS

Network Virtualization for Future Internet Research

Multi-Domain Virtual Private Network service - a seamless infrastructure for NRENs, GÉANT and NORDUnet

GÉANT Interconnection Policy Reference <GA(18)005 >

SURFnet6 Integrating the IP and Optical worlds Erik-Jan Bos Director of Network Services SURFnet, The Netherlands TrefPunkt Kiruna, mars 2004

The New Internet2 Network

eduroam und andere Themen in GN2-JRA5

Interconnected NRENs in Europe & GÉANT: Mission & Governance Issues

Deliverable DS2.1.1: Multi-Domain Service Architecture

THOUGHTS ON SDN IN DATA INTENSIVE SCIENCE APPLICATIONS

High-speed networks to enable SG-JP collaboration

NM-WG Specification Adoption in perfsonar. Aaron Brown, Internet2, University of Delaware Martin Swany University of Delaware, Internet2

GÉANT Support for Research Within and Beyond Europe

Experiences with Dynamic Circuit Creation in a Regional Network Testbed

Innovation and Experimentation through SDN and Network Virtualization

The Future of the Internet

Transcription:

Nordic Infrastructure for Research & Education Deploying Standards-based, Multi-domain, Bandwidth-on-Demand Lars Fischer 28 th NORDUnet Conference Uppsala, 23 September 2014

The State of BoD Hybrid networking starting 2000 LHCOPN, 2005 But circuits? Automation GLIF, elsewhere Starting 2007 Experiments, demos, trials, single-domain systems AutoBAHN, OSCARS, OpenDRAC GLIF AutoGOLE Multidomain, inter-operability DICE Collaboration

Circuits & Control Planes Control plane Control plane Control plane Control plane OLE User A OLE OLE CPE NREN A NREN B CPE OLE Resource

NSI Standard NSI = Framework for Network Services NSI CS = Connection Service Allows users to setup dynamic circuits Bandwidth guaranties (or not) Traffic engineering, directing flows Or just L2 connectivity between sites Allows multi-domain circuit routing Allows multiple implementations but still has had a hard time getting beyond the demo

Beyond the Endless Demo Chicken / egg situations Lack of use for lack of comprehensive facilities Lack of deployment for lack of user request Lack of deployment for lack of peers There s never really been a usable interdomain circuit service Recognize that it s not longer a technology problem All the bits are there Creating a multi-domain deployment is mostly a matter of several networks deciding to do it, together Decision to partner and act NORDUnet & SURFnet with GÉANT, DeIC, FUNET, others

Team & Project Small core group Gerben van Malenstein, SURFnet Migiel de Vos, SURFnet Hans Trompert, SURFnet Henrik Thostrup Jensen, NORDUnet Alin Pastrama, NORDUnet Kim Kramaric, NORDUnet Erik-Jan Bos, NORDUnet Joint project plans, timelines, specifications Open to input, discussion, collaboration Agile iterations, deadlines, demo early Announce intentions early in community

Objectives Facilitate users & applications Enable initial users Building an NSI/BoD service alone is boring And largely useless Joint effort: SURFnet, NORDUnet, & GÉANT Offer: An integrated BoD service in Europe Multi-domain / multi-provider / multiple technologies Standards-based circuit capability NSI 2.0 it s the only game in town Commitment to standards process Advance the standards

Fill In the Gaps Close collaboration on AAI, Security Topology distribution & Path-finding Policies Not covered in NSI CS2 specification Get to usable, not to perfection AuthZ happens on endpoints Typically with OAuth2 tokens or user attributes No provisioning without authenticated access & endpoint Authorization Transit links are generally used w/o authentication Peering = data + control plane connectivity Control plane is over TLS with bidirectional AuthZ Trust your peer, or don t bother

Support the Long View ds

What We Have Deployment on production platforms Well working NSI 2.0 CS implementations Not another demo offer full capacity Initial users Well tested, connects SURFnet, NORDUnet, and GEANT Have connected UvaLight, FUNET, Demo at TNC 2014 Connecting most of Europe Reaching further w/ AutoGOLE

BoD Capability Map DFN Janet HEAnet NORDUnet Aggregator nsi.nordu.net NORDUnet DEIC PIONEER Funet CARNet GEANT Aggregator beta-bodv3.geant.net SURFnet Aggregator agg.dlp.surfnet.nl GEANT SURFnet UvALight GRnet SURFnet upa bod2.surfnet.net UvALight upa nsa.uvalight.net MANLAN upa oscars.manlan.internet2.edu ESnet MANLAN NetherLight ESnet upa oscars.es.net NetherLight upa bod.netherlight.net NetherLight Aggregator agg.netherlight.net CzechLight upa opennsa.cesnet.cz CzechLight ESnet Aggregator nsi-aggr-west.es.net icair (StarLight) EVTS.A-GOLE deployment Version 9, September 16, 2014 Hans Trompert, SURFnet icair upa pmri061.it.northwestern.edu AIST 163.220.30.173 Singaren? AMpath control plane (tree based) Control plane (Gof3 extensions + chain based) data plane Control plane peerswith SoutherLight Aggregator southernlight.net.br RNP upa idc.cipo.rnp.br KRLight nsi2.kisti.re.kr KDDI 210.196.65.114 Verified control or data plane Not verified control or data plane SouthernLight RNP JGN-X 202.180.38.130 SINET 150.100.12.124

Advances Authorization for NSI CS Multi-domain topology & pathfinding chaining that works Major gaps filled We ve come a long way in <10 months Essential for production service Consensus on Authorization fell into place faster than expected Consensus on pathfinding is taking a little longer; NSI community favours support for tree model

BoD Capability BoD E2E Service Service offering not well understood Range of options from manual provisioning to web interface to application integrations We re not sure we understand what a service should look like, but we do know that they will never learn unless we enable the service to happen Network Circuit Capability a pre-requisite for Experiments Engaging in European / Global projects Building end-user services Engage with campuses and user communities

NORDUnet Provisioning Tail-F NCS: production management platform for NORDUnet MPLS / IP infrastructure. In production for managing IP peers Speaks Netconf towards (edge) devices OpenNSA Open source NSI v2 CS service agent At NORDUnet, use REST+HTML towards NCS Supports many other backends BoD Transport MPLS tunnels over production network Available on MPLS edge Initially London, Amsterdam, Helsinki, Copenhagen Eventually entire NORDUnet MPLS fabridc Control plane security with TLS and user attributes/tokens for authn

NORDUnet Architecture Network Inventory OpenNSA REST (HTML + XML) NCS Netconf MANLAN MPLS edge devide NORDUnet MPLS fabric MPLS MPLS edge devide MPLS edge devide edge devide DeIC NetherLight FUNET

ELIXIR Early User

Next Steps More standards work Link policy; policing of traffic AAI & Topology Standardization Monitoring NOC Tools PerfSONAR Performance Verification Finalize operations deployment Security, Audits NOC support / handover Committed to maintaining a NSI production capability

HONORARY MENTION Partners The TEAM SURFNET GEANT and also UvA FUNET DeIC Friends in the NSI WG specifically ESnet GLIF NSI Imp & AutoGOLE LHC community Enlighten your research initiative

Are we done, yet? Consider Transport circuit capability Cross-connect circuit capability Authentication Identity Management ( ) Security ( ) Topology Exchange ( ) Link Policy management Performance Verification for end-to-end Service Level management Virtualization OLE service architecture Much to do!

Nordic Infrastructure for Research & Education Thank You Lars Fischer lars@nordu.net http://www.nordu.net

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback