HY436: Network Virtualization

Similar documents
Virtualization of networks

Virtualization of networks

Virtualization. Stefan Schmid - 1

COMP 631: NETWORKED & DISTRIBUTED SYSTEMS 10/18/16 COMP 631: NETWORKED & DISTRIBUTED SYSTEMS. Virtualization. Jasleen Kaur.

Virtualization and Benefits

Software Defined Networks and OpenFlow. Courtesy of: AT&T Tech Talks.

Can the Production Network Be the Testbed?

End to End SLA for Enterprise Multi-Tenant Applications

Slicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)

OFELIA The European OpenFlow Experimental Facility

Cross-Site Virtual Network Provisioning in Cloud and Fog Computing

CS-580K/480K Advanced Topics in Cloud Computing. Network Virtualization

Advanced Computer Networks. Network Virtualization

Software Defined Networking

Network Virtualization

So#ware Defined Networks and OpenFlow

Cloud Networking (VITMMA02) Server Virtualization Data Center Gear

Master Course Computer Networks IN2097

Network+ Guide to Networks 6 th Edition

Internet Technology. 15. Things we didn t get to talk about. Paul Krzyzanowski. Rutgers University. Spring Paul Krzyzanowski

Network+ Guide to Networks 7 th Edition

UNIVERSITY OF CAGLIARI

Cloud Networking (VITMMA02) Software Defined Networking (SDN) in the Cloud

Data Center Configuration. 1. Configuring VXLAN

PSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco

Deployments and Network Topologies

Some Musings on OpenFlow and SDN for Enterprise Networks. David Meyer Open Networking Summit October 18-19, 2011

MPLS in the DCN. Introduction CHAPTER

Advanced Computer Networks. RDMA, Network Virtualization

Oracle IaaS, a modern felhő infrastruktúra

VXLAN Overview: Cisco Nexus 9000 Series Switches

OSHI - Open Source Hybrid IP/SDN networking (and its emulation on Mininet and on distributed SDN testbeds)

From Zero Touch Provisioning to Secure Business Intent

Managing and Securing Computer Networks. Guy Leduc. Chapter 2: Software-Defined Networks (SDN) Chapter 2. Chapter goals:

Enterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV.

A New Approach to Fixing Internet Application Performance. Elad Rave, Founder and CEO

Cloud Networking From Theory to Practice. Ivan Pepelnjak NIL Data Communications

WIND RIVER TITANIUM CLOUD FOR TELECOMMUNICATIONS

MidoNet Scalability Report

Unify Virtual and Physical Networking with Cisco Virtual Interface Card

Introducing Avaya SDN Fx with FatPipe Networks Next Generation SD-WAN

Network Virtualization: from a Network Provider Perspective

Software-Defined Networking (SDN) Overview

Virtual Security Gateway Overview

Software Defined Networking

Data Path acceleration techniques in a NFV world

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Data Center Interconnect Solution Overview

Virtualizing Managed Business Services for SoHo/SME Leveraging SDN/NFV and vcpe

SDN AND THE DATAPLANE. CHI-NOG 3 June 14 th, 2014

VIRTUALIZING SERVER CONNECTIVITY IN THE CLOUD

Lenovo ThinkSystem NE Release Notes. For Lenovo Cloud Network Operating System 10.6

PEARL. Programmable Virtual Router Platform Enabling Future Internet Innovation

SAFEGUARDING YOUR VIRTUALIZED RESOURCES ON THE CLOUD. May 2012

Software Defined Networks and OpenFlow

Cloud Security Best Practices

Quantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer

Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU)

ITTC High-Performance Networking The University of Kansas EECS 881 Architecture and Topology

ANALYSIS OF VIRTUAL NETWORKS IN DATA CENTERS.

Centralization of Network using Openflow Protocol

Virtualization of Customer Premises Equipment (vcpe)

Networking for Enterprise Private Clouds

Intel Open Network Platform. Recep Ozdag Intel Networking Division May 8, 2013

Xen and CloudStack. Ewan Mellor. Director, Engineering, Open-source Cloud Platforms Citrix Systems

An Analysis and Empirical Study of Container Networks

Taxonomy of SDN. Vara Varavithya 17 January 2018

OpenStack Networking: Where to Next?

Nuage Networks Product Architecture. White Paper

A Datapath-centric Virtualization Mechanism for OpenFlow Networks

Virtualizing The Network For Fun and Profit. Building a Next-Generation Network Infrastructure using EVPN/VXLAN

The Next Opportunity in the Data Centre

Overlay Networks. Behnam Momeni Computer Engineering Department Sharif University of Technology

ONUG SDN Federation/Operability

Lecture 7: Data Center Networks

4. Miscellaneous: network virtualization

Provisioning Overlay Networks

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco

Lenovo ThinkSystem NE1032/NE1032T/NE1072T. Release Notes. For Lenovo Cloud Network Operating System 10.6

Design principles/protocol functions

TEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS

ON.Lab Overview SDN: New Approach to Networking. Bill Snow

Networking in Virtual Infrastructure and Future Internet. NCHC Jen-Wei Hu

Pluribus Adaptive Cloud Fabric

Connecting NetOpen Nodes for NetOpen Resource Aggregate

BROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK

Wireless software defined networks: 5G or beyond 4G

VM Migration, Containers (Lecture 12, cs262a)

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

VNS3 3.5 Container System Add-Ons

IX: A Protected Dataplane Operating System for High Throughput and Low Latency

Brocade and VMware Strategic Partners. Kyle Creason Brocade Systems Engineer

Citrix CloudPlatform (powered by Apache CloudStack) Version 4.5 Concepts Guide

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

Distributed Systems. 31. The Cloud: Infrastructure as a Service Paul Krzyzanowski. Rutgers University. Fall 2013

Ferdinand von Tüllenburg Layer-2 Failure Recovery Methods in Critical Communication Networks

The Internet of Things Meets Big Data Is Your Network Prepared?

Container Adoption for NFV Challenges & Opportunities. Sriram Natarajan, T-Labs Silicon Valley Innovation Center

Pradeep Kathail Chief Software Architect Network Operating Systems Technology Group, Cisco Systems Inc.

DPDK Summit China 2017

Transcription:

HY436: Network Virtualization 20/10/2014 Xenofontas Dimitropoulos Credits: Bing Wang, Rob Sherwood, Ben Pfaff, Nick Feamster

Agenda Network virtualization basics Early Forms of Vnets Overlay networks VPNs Vnets: External Vnets with FlowVisor/OpenVirteX Internal Vnets with Open vswitch

From Virtual Operating Systems

To Virtual Resources (in general) Example: Microsoft s Virtualization Technologies Further reading: http://en.wikipedia.org/wiki/virtualization

The Rise of Virtualization Technologies Increase in adoption of virtualization technologies in the enterprise

What is network virtualization? Decoupling of the services provided by a (virtualized) network from the physical network Virtual network is a container of network services (L2-L7) provisioned by software Faithful reproduction of services provided by physical network Credit for definition: Bruce Davie, VMware Principal Engineer

Types of Network Virtualization External network virtualization Segment a physical network into multiple vnets Combine many physical nets into a virtual unit Internal network virtualization Providing network-like functionality within a system

External Net Virtualization Configure systems physically attached to the same local network into separate virtual networks Source: Cisco Net Virtualization Solutions

External Net Virtualization Combine systems on separate local networks into a VLAN spanning the segments of a large network Source: Cisco Net Virtualization Solutions

Internal Net Virtualization Source: Cisco Virtual Interface Cards

Virtual Switches Work much like physical Ethernet switches Detect VMs connected to virtual ports Forward traffic to the correct virtual ports Uses x86, not ASICs VMware s vswitch Overview

Vnets enable abstract topologies Applications see abstract topology, which may differ than the physical topology Common example one big switch topology: Promise: simplified programming and operations

What led to Net Virtualization? Path A: Internet ossification Mostly the path of the research community Net Virtualization Path B: Natural extension of cloud computing to the network Mostly the path of the industry

Internet Ossification Very difficult to experiment on real networks with new technologies for IP, routing, etc. Experimentation approaches: Further reading: R. Sherwood et al. Can the production network be the testbed? OSDI 2010

Promise of Net Virtualization Rapid network innovation: Network services delivered at software speed New forms of network control Isolation allows experimental vnets deployments Vendor choice (hardware/software from different vendors) Simplified programming

Promise of (Net) Virtualization Re-use resources for multiple vnets Reduce hardware costs Increase resource utilization Decrease energy costs Dynamic resource scaling Fault and disaster recovery, i.e., decouple software from hardware faults Easier management of logical resources Much like cloud computing

Vnets Design Goals? Flexibility: different topologies, routing and forwarding architectures; independent configuration Manageability: provide high-level abstractions Scalability: maximize the number of vnets that can coexist Isolation: Isolate vnets and resources Heterogeneity: support for different technologies Further reading: Nick Feamster s lecture http://youtu.be/g1lcf5valsc?list=plpherdrlyny-otgzzlltcbmidtldnuxct

Virtual Networks vs. SDN SDN separates data from control plane and centralizes control Virtual networks separate logical from physical networks SDN helps virtualize a network, but network virtualization predates SDN Further reading: http://networkheresy.com/2013/04/29/netvirt-delivering/

Agenda This lecture: Early Types of Vnets External Vnets with FlowVisor Internal Vnets with Open vswtich SDN in the Cloud lecture: Data center networking basics Vnet applications in the cloud Other SDN apps in the cloud

Some Early Types of Vnets Overlay and p2p networks Virtual Private Networks (VPN) provide remote access to company s network Group remote computers in the same Virtual Local Area Network (VLAN) (2 nd lecture) They are also Vnets, but were designed for different goals

Overlay Networks r applications, running at various sites as nodes on an application-level network r create logical links (e.g., TCP or UDP connections) pairwise between each other r each logical link: multiple physical links, routing defined by native Internet routing

Overlay network

Overlay network Focus at the application level

Internet Routing r BGP defines routes between stub networks Internet 2 Berkeley.net UMass.net C&W Mediaone UCLA Noho.net

Internet Routing r BGP defines routes between stub networks Internet 2 Berkeley.net UMass.net C&W UCLA Noho-to-UMass Mediaone Noho.net

Internet Routing r BGP defines routes between stub networks Internet 2 Berkeley.net UMass.net C&W UCLA Noho-to-Berkeley Mediaone Noho.net

Internet Routing Berkeley.net Congestion or failure: Noho to Berkely BGPdetermined route may not change (or will change slowly) UCLA Internet 2 Noho-to-Berkeley UMass.net C&W Mediaone Noho.net

Internet Routing Berkeley.net Internet 2 Noho to UMass to Berkeley r r route not visible or available via BGP! MediaOne can t route to Berkeley via Internet2 UMass.net Congestion or failure: Noho to Berkely BGPdetermined route may not change (or will change slowly) UCLA Noho-to-Berkeley C&W Mediaone Noho.net

RON: Resilient Overlay Networks Further reading: http://nms.csail.mit.edu/ron/ Premise: by building application overlay network, can increase performance, reliability of routing application-layer router Two-hop (application-level) noho-to-berkeley route

RON Experiments r r r r measure loss, latency, and throughput with and without RON 13 hosts in the US and Europe 3 days of measurements from data collected in March 2001 30-minute average loss rates m A 30 minute outage is very serious!

An order-of-magnitude fewer failures Loss Rate 10% 20% 30% 50% 80% 100% 30-minute average loss rates RON No Better Change 479 127 32 20 14 10 57 4 0 0 0 0 RON Worse 47 15 6,825 path hours represented here 12 path hours of essentially complete outage 76 path hours of TCP outage RON routed around all of these! One indirection hop provides almost all the benefit! 0 0 0 0

RON Research Issues how to design overlay networks? Measurement and self-configuration Fast fail-over Sophisticated metrics application-sensitive (e.g., delay versus throughput) path selection effect of RON on underlying network If everyone does RON, are we better off? Interacting levels of control (network- and application-layer routing

Virtual Private Networks (VPN) VPNs Networks perceived as being private networks by customers using them, but built over shared infrastructure owned by service provider (SP) r r SP infrastructure: m backbone m provider edge devices Customer: m customer edge devices (communicating over shared backbone)

VPN reference architecture customer edge device provider edge device

VPN: logical view virtual private network customer edge device provider edge device

Leased-line VPN customer sites interconnected via static virtual channels leased lines customer site connects to provider edge

Customer premise VPN All VPN functions implemented by customer customer sites interconnected via tunnels tunnels encrypted typically SP treats VPN packets like all other packets

Drawbacks r r Leased-line VPN: configuration costs, maintainence by SP: long time, much manpower CPE-based VPN: expertise by customer to acquire, configure, manage VPN Network-based VPN r r customer s routers connect to SP routers SP routers maintain separate (independent) IP contexts for each VPN m sites can use private addressing m traffic from one vpn can not be injected into another

Network-based Layer 3 VPNs multiple virtual routers in single provider edge device

Tunneling

VPNs: why? r Privacy r security r works well with mobility (looks like you are always at home) r cost: many forms of newer VPNs are cheaper than leased line VPNs m ability to share at lower layers even though logically separate means lower cost m exploit multiple paths, redundancy, fault-recovery in lower layers m Need isolation mechanisms to ensure resources shared appropriately r abstraction and manageability: all machines with addresses that are in are trusted no matter where they are

Agenda Network virtualization basics Early Forms of Vnets Overlay networks VPNs Vnets: External Vnets with FlowVisor/OpenVirteX Internal Vnets with Open vswtich

FlowVisor https://github.com/opennetworkinglab/flowvisor/wiki Transparent OpenFlow proxy between switches and controllers Network slices Creates network slices which are managed by different controllers Enforces isolation between slices Source: http://www.nict.go.jp/en/press/2013/04/26-1.html

FlowVisor Message Handling Alice Controller Bob Controller Cathy Controller Rule Policy Check: Is this rule allowed? OpenFlow FlowVisor OpenFlow Policy Check: Who controls this packet? Full Line Rate Forwarding OpenFlow Firmware Packet In Packet Packet Data Path

Policy: Limits Slice Resources FlowSpace: which packets does the slice control? Link bandwidth Number of flow table rules Fraction of switch/router CPU Topology (subgraph)

FlowSpace: Maps Packets to Slices

FlowVisor Deployment: Stanford Real production network o 15 switches, 35 APs o 25+ users o Several years of use Same physical network hosts Stanford demos o 7 different demos See demos in http://archive.openflow.org/videos/

Real User Traffic: Opt-In Allow users to Opt-In to services in real-time Users can delegate control of individual flows to slices Add new FlowSpace to each slice's policy Example: "Slice 1 will handle my HTTP traffic" "Slice 2 will handle my VoIP traffic" "Slice 3 will handle everything else"

FlowVisor Deployments: GENI Testbed GENI stands for Global Environment for Network Innovations

OFELIA Testbed TU Berlin IBBT, Belgium ETH Zurich i2cat, Spain UNIVBRIS, UK CNIT, Italy CREATE-NET, Italy UFU, Brasil CTTC, Spain http://www.fp7-ofelia.eu/

Slicing like FlowVisor Address space virtualization vnets can use same addresses OpenVirteX (OVX) inserts tags to identify slices Custom topologies http://www.openvirtex.org/

Underlay vs. Overlay Vnets Isolated slices Underlay approach: Slicing (e.g. FlowVisor) Overlay approach: App-specific topology abstraction App NOS 1 App NOS 2 App Virtualization Layer Virtualization or Slicing Layer Network OS Packet Forwarding Packet Packet Forwarding Packet Forwarding Forwarding Can be combined Packet Forwarding Packet Packet Forwarding Packet Forwarding Forwarding

Agenda Network virtualization basics Early Forms of Vnets Overlay networks VPNs Vnets: External Vnets with FlowVisor/OpenVirteX Internal Vnets with Open vswitch

Open vswitch (OVS) http://openvswitch.org Open source switch for hardware virtualization Supported by: Xen, KVM, VirtualBox, OpenStrack, OpenNebula, etc. Runs within the hypervisor or standalone Comes with Linux kernel

Open vswitch: Design Overview ovs-vswitchd: The Open vswitch deamon manages and controls OVS instances on the local machine Hypervisor physical machine Virtual machines VM 1 VM 2 VM 3 VNIC VNIC VNIC VNIC VNIC Host operating system ovs-vswitchd NIC NIC...other network elements... Controller Adminstrative CLI/GUI

Open vswitch: Cache Hierarchy Hypervisor physical machine Virtual machines VM 1 VM 2 VM 3 VNIC VNIC VNIC VNIC VNIC Host operating system ovs-vswitchd user kernel OVS kernel module Hypervisor Cache hierarchy: <1μs: Kernel module <1ms: ovs-vswitchd <10ms: controller Controller NIC NIC

Challenges with Virtual Switches Feature Heterogeneity: Cannot use advanced hardware features for load balancing and traffic shaping of physical switches Increased latency and decreased throughput: The hypervisor adds overhead More switches to manage Large broadcast domains resulting from VLAN trunking

OVS integral part of NVP solution: Core does simple forwarding Edge does middlebox functions

Agenda Network virtualization basics Early Forms of Vnets Overlay networks VPNs Vnets: External Vnets with FlowVisor/OpenVirteX Internal Vnets with Open vswitch

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback