OpenADN: A Case for Open Application Delivery Networking

Similar documents
Application Delivery Using SDN

Application Delivery Using Software Defined Networking

Network Virtualization and Application Delivery Using Software Defined Networking

Insert Title Here. Middleware Architecture for Cloud Based Services 11/18/2014

Network Virtualization and Application Delivery Using Software Defined Networking

OpenADN: Mobile Apps on Global Clouds Using OpenFlow and SDN

OpenADN: Service Chaining of Globally Distributed VNFs

Current Trends in Internet Evolution and a Framework for Application Delivery

OpenADN: : Mobile Apps on Global Clouds Using Software Defined Networking

OpenADN: Mobile Apps on Global Clouds Using Software Defined Networking

Raj Jain (Washington University in Saint Louis) Mohammed Samaka (Qatar University)

Network Virtualization: Recent Developments

Mobile Applications on

Network Virtualization: Recent Developments Overview

Architectures for Carrier Network Evolution

Next Generation Internet: Architectures for Future Internet Evolution

Next Generation Internet and Wireless Networking Research at Washington University in St. Louis

Application Deployment in Future Global Multi-Cloud Environment

Network Virtualization and Application Delivery Using Software Defined Networking

Five Trends Leading to Opportunities in Multi-Cloud Global Application Delivery

Hot Topics in Networking Research for Carrier Network Evolution

Current Trends in Internet Evolution and a Framework for Application Delivery

Software Defined Multi-Cloud Networking at the Tactical Edge

15-744: Computer Networking. Middleboxes and NFV

A Future Internet Architecture Based on De-Conflated Identities

Next Generation Internet and Wireless Networking Research at Washington University

Lecture 10.1 A real SDN implementation: the Google B4 case. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it

Service Chaining for NFV and Delivery of other Applications in a Global Multi-Cloud Environment

Deployment Scenarios for Standalone Content Engines

Internet 3.0: The Next Generation Internet

Distributed Systems. 21. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2018

OpenFlow: What s it Good for?

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

CS November 2018

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Software Defined Networking at the Tactical Edge

CS November 2017

SteelConnect. The Future of Networking is here. It s Application-Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

Internet of Things: Research Issues

Next Generation Internet and Wireless Networking, and Security Research at. Washington University in St. Louis

Chapter 5 Network Layer: The Control Plane

BROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK

A Ten Minute Introduction to Middleboxes. Justine Sherry, UC Berkeley

Internet 3.0: The Next Generation Internet

Router Virtualization Protocols

Exam : Implementing Microsoft Azure Infrastructure Solutions

Cisco Wide Area Bonjour Solution Overview

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

Enabling Agile Service Chaining with Service Based Routing

L7 Application Visibility for NFV and Data Centers

Never Drop a Call With TecInfo SIP Proxy White Paper

Five Trends in Computing Leading to Multi-Cloud Applications and Their Management

How Teridion Works. A Teridion Technical Paper. A Technical Overview of the Teridion Virtual Network. Teridion Engineering March 2017

Software Defined Networking

SDN TO BE OR NOT TO BE. Uwe Richter SE Director Russia/CIS, East and South East Europe

SDN Use-Cases. internet exchange, home networks. TELE4642: Week8. Materials from Prof. Nick Feamster is gratefully acknowledged

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Network Layer: The Control Plane

SD-WAN Deployment Guide (CVD)

lecture 18: network virtualization platform (NVP) 5590: software defined networking anduo wang, Temple University TTLMAN 401B, R 17:30-20:00

31270 Networking Essentials Focus, Pre-Quiz, and Sample Exam Answers

Chapter 5 Network Layer: The Control Plane

Security Considerations for Cloud Readiness

Software-Defined Networking (SDN) Overview

Using the Cisco ACE Application Control Engine Application Switches with the Cisco ACE XML Gateway

Chapter 4: Networking and the Internet. Network Classifications. Network topologies. Network topologies (continued) Connecting Networks.

Flex Tenancy :48:27 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

Choosing the Right Acceleration Solution

Management and Orchestration with F5 BIG-IQ 4.5. Philippe Bogaerts F5 Networks

UNIVERSITY OF CAGLIARI

What is an application delivery controller?

Software Defined Networking(SDN) Wireless application

Introduction to Computer Science. William Hsu Department of Computer Science and Engineering National Taiwan Ocean University

Dynamic Network Segmentation

Internet 3.0: Ten Problems with Current Internet Architecture and Solutions for the Next Generation

NetScaler for Apps and Desktops CNS-222; 5 Days; Instructor-led

Making Middleboxes Someone Else s Problem: Network Processing as a Cloud Service

Raj Jain

Virtual ID: A Technique for Mobility, Multi- Homing, and Location Privacy in Next Generation Wireless Networks

Cisco ASA Next-Generation Firewall Services

Configuration Example

Network Automation and Branch Agility The Network Helps Enable Digital Business. Rajinder Singh Product Sales Specialist June 2016

Migration Technologies. Dual Stack and Tunneling Using GRE, 6to4, and 6in4.

All-in one security for large and medium-sized businesses.

VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH

Introduction to Computer Networking: Trends and Issues

A Practical Approach to IPv6

Hybride Cloud Szenarien HHochverfügbar mit KEMP Loadbalancern. Köln am 10.Oktober 2017

Introduction to Segment Routing

IP Mobility Design Considerations

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

White Paper. OCP Enabled Switching. SDN Solutions Guide

Introduction. The Safe-T Solution

Internet 3.0: The Next Generation Internet

What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

Cloud Native Security. OpenShift Commons Briefing

Cisco Tetration Analytics

Middleboxes in Cellular Networks

Transcription:

OpenADN: A Case for Open Application Delivery Networking Subharthi Paul, Raj Jain, Jianli Pan Washington University in Saint Louis {Pauls, jain, jp10}@cse.wustl.edu International Conference on Computer Communications and Networking (ICCCN 2013) Nassau, Bahamas, July 30-August 2, 2013 These slides and audio/video recordings are available at: 1 Jay Iyer, Dave Oran Cisco Systems {jiyer,oran}@cisco.com

Overview 1. Application Delivery in a Data Center 2. Application Delivery in a Multi-Cloud Environment 3. Our Solution: OpenADN 4. OpenADN Design Issues 5. OpenADN Design 2

Clouds and Mobile Apps August 25, 2006: Amazon announced EC2 Birth of Cloud Computing in reality (Prior theoretical concepts of computing as a utility) Web Services To Drive Future Growth For Amazon ($2B in 2012, $7B in 2019) - Forbes, Aug 12, 2012 June 29, 2007: Apple announced iphone Birth of Mobile Internet, Mobile Apps Almost all services are now mobile apps: Google, Facebook, Bank of America, Almost all services need to be global (World is flat) Almost all services use cloud computing Networks need to support efficient service setup and delivery 3

Service Center Evolution 1. 1. Single Server 2. 2. Data Center 3. Multi-Cloud 3. Multi-Cloud Load Balancers SSL Off loaders Application Replication, Partitioning Global Internet Need to make the global Internet look like a data center 4

Application Delivery in a Data Center Replication: Performance and Fault Tolerance If Load on S1 >0.5, send to S2 If link to US broken, send to UK Content-Based Partitioning: Video messages to Server S1 Accounting to Server S2 Context Based Partitioning: Application Context: Different API calls Reads to S1, Writes to S2 User Context: If Windows Phone user, send to S1 If laptop user, send to HD, send to S2 Multi-Segment: User-ISP Proxy-Load Balancer-Firewall-Server Users Middle Boxes Proxies ADCs Servers Mobile Video Data Reads Data Writes Desktop Video 5

Application Deployment Environment Application logic in servers Security (firewall, intrusion detection, SSL offload) in middle boxes Performance optimization (WAN optimizers, content caches) middleboxes Application-level policy routing (APR): Partitioning and replication middleboxes Application Servers L2 Switches Application Level Gateways (ALG) & Content-Based Routers CBR) Load Balancers Application Firewalls Load Balancers Intrusion Detection and Prevention Systems Load Balancers SSL Offloaders Load Balancers L2 Switches CBR ALG CBR ALG CBR ALG CBR ALG SSL SSL SSL SSL Data Center Public Internet 6

Middlebox Deployment Number of middleboxes (Application Delivery Controllers) is comparable to the number of routers Appliance Type Market size of optimization ADCs will grow from 1.5B in 2009 to $2.24B in 2013 [17] Security appliances will grow from $1.5B in 2010 to $10B in 2016 [13] 7 Number Firewalls 166 NIDS 127 Conferencing/Media Gateways 110 Load Balancers 67 Proxy Caches 66 VPN devices 45 WAN optimizers 44 Voice Gateways 11 Middleboxes total 636 Routers ~ 900

Single-Cloud Failover Deployment Application Servers Application Servers Application Delivery Infrastructure Enterprise Datacenter Bounced traffic Cloud Datacenter Internet User Traffic Under usage spikes and failures, some of the application servers are replicated in cloud. Traffic is bounced through middleboxes in enterprise data centers. 8

Independent Cloud Deployment Application Servers Application Servers Application Delivery Infrastructure Enterprise Datacenter Enterprise Virtual Appliance Infrastructure Cloud Datacenter Internet User Traffic Virtual appliances are used 9 User Traffic Non-standard techniques (e.g., changing link weights) used to route traffic in datacenters are not available in clouds since networks are not visible to ASPs.

Multi-Cloud Deployments Application Instance 1 Application Instance K Application Instance N Other Middlebox Services Cloud Datacenter 1 Application-Level Routing Outsourcing Application-Level Routing Outsourced Application-Level Routing Service Cloud Datacenter N Internet (IP Routing) User Traffic Need a globally distributed front-end service is required for application partitioning 10

Google WAN Google L7 Proxy Access ISP Network POP Google WAN Google Data Center #1 Access ISP Google appliances in Tier 3 ISPs Details of Google WAN are not public ISPs can not use it: L7 proxies require data visibility Google L7 Proxy 11 Google Data Center #2

Our Solution: OpenADN Open Application Delivery Networking Platform Platform = OpenADN aware clients, servers, switches, and middle-boxes Allows Application Service Providers (ASPs) to quickly setup services on Internet using cloud computing Global datacenter Servers A1, B1 Servers A2 OpenADN middle-box Access ISP Internet Access ISP OpenADN Aware Legacy Clients Clients 12

Design Issues 1. Who will implement? ASP or ISP? Neither Application nor networking Middle Application specific but need performance similar to networking ASPs can extend applications or ISPs can provide application specific routing by providing programmability 2. Middleboxes are deployed in a chain User to SSL offloader to IDS to Firewall to Content based router to load balancer to Application Server Multiple TCP Segments 13

Design Issues (Cont) 3. Each TCP segment ends in a Waypoint Waypoint = middlebox or server 4. A connection from one waypoint instance to the next waypoint instance is called a stream 5. Switching context: Application partitioning based on content, application context, networking context, or user context Need to put meta-tags in the header that help waypoints correctly route the packets 6. Sender and Receiver Policies: Receivers may be services. 14

Design Issues (Cont) 7. Data Privacy: Need a way for ISPs to implement this without looking at the data 8. Dynamic Application Deployment State: ISPs need to know where and how many waypoints are up 15

Design Approach 1. Application Delivery Networking (ADN) layer between the networking and higher layers 2. The packets require classification and routing based on content 3. Classification is done in ASP trusted entity since it needs access to data and encoded in a meta-tag 16

OpenADN Label OpenADN L4.5 SSL Label Network Level Application Meta- Tag Application Meta- Tag L2 Hdr [L2.5 Hdr] L3 Hdr OpenADN L3.5 APLS Hdr L4 Hdr OpenADN L4.5 SSL Hdr L5-7 Hdr+Data Encrypted If required OpenADN L3.5 APLS Label Flag Bits Segment ID, Stream ID Way-Point Entity ID Handoff Locator Layer 3.5: Application Label Switching (APLS) Hop-by-hop transport between waypoints in a segment Layer 4.5: Segment Switching Layer (SSL) Between application segments 17

OpenADN Labels (Cont) Layer 4.5 Label: Stack of meta-tags one for each segment. At the egress of a segment, a meta-tag is popped and used during the next segment Layer 3.5 Label: <Segment ID, Stream ID>: Specific instance of an application segment Waypoint ID: Previous or next Waypoint (as indicated by Flag bits) Handoff Locator: Middlebox copies this to the destination IP address. Helps switch the packet to the next OpenADN switch 18

Sender and Receiver Policies Sender Label U Receiver Label S Receiver Label S U S Handoff Policy Domain U A B D Policy Domain S F C E Sender (U) Receiver (S) S U Handoff Receiver Label U Sender Label S Receiver Label U Each packet has two labels: Sender Label, Receiver Label Sender label is popped at egress of sender domain and packet is sent to the ingress of the receiver domain 19

OpenADN in SDN s s Layered Abstractions Northbound API Southbound API DATA PLANE CONTROL PLANE APPLICATIONS ASP1 OpenADN Controller OpenFlow +OpenADN Forwarding HW ASP2 OpenADN Controller Network Controller Software OpenFlow Forwarding HW 20 OpenADN Controller Forwarding HW Web Page Forwarding HW SDN provides standardized mechanisms for distribution of control information OpenADN aware devices use enhanced OpenFlow State ISP s Controller State ASP1 Policies Policies ASP 1 s ASP 2 s Controller Control Controller ISP OpenADN Aware Legacy (OpenADN Unaware) ASP2 Middle-boxes

Key Features of OpenADN 1. Edge devices only. Core network can be current TCP/IP based, OpenFlow or future SDN based 2. Coexistence (Backward compatibility): Old on New. New on Old 3. Incremental Deployment 4. Economic Incentive for first adopters 5. Resource owners (ISPs) keep complete control over their resources 21

Summary 1. Application delivery requires multiple segments between numerous middleboxes that are handled in an ad-hoc manner in datacenters 2. Distributing applications over a multi-cloud environment requires collaboration between ASPs and ISPs 3. OpenADN provides allows ISPs to provide application delivery and partitioning services without looking at the application data 4. Both ASPs and ISPs keep complete control over their resources by co-ordinating in the control plane using SDN. 22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback