Internet2 Network: Convergence of Innovation, SDN, and Cloud Computing Eric Boyd Senior Director of...

Internet2 Network: Convergence of Innovation, SDN, and Cloud Computing Eric Boyd Senior Director of Strategic Projects

= Internet2 Mission University Corporation for Advanced Internet Development

This is what we have been able to say for the last few years: The 100G testbed of innovation for tomorrows Internet is available nationwide, right now.

Abundant Bandwidth 100G, for now Network Programmability Software Defined Networking (SDN) Network Virtualization Network Function Virtualization (NFV) Friction-Free Science Science DMZ Internet2 Community Innovation Story

Internet2 AL3S consists of Juniper MX-960s running as conventional routers. Internet2 AL2S consists of a heterogenous mixture of Brocade MLX-16s and Juniper MX-960s. All AL2S nodes run in pure SDN mode. (For now, OpenFlow 1.0) Have run in production in this fashion since October, 2012. On this substrate, the hierarchy of Internet2 services are built. Software-Defined Networking Substrate

Network Virtualization on Internet2

Control a slice of the national network! Enable: Rapid prototyping of advanced applications Rapid prototyping of new network services Rapid advancement of network research

Network Virtualization: Puts members in control of (a slice of) the network Change in paradigm: Turning the commons on its head Private network capabilities with shared network costs Large scale networking is normally about lowest common denominator Large scale virtualized networking is about creating custom facilities Extend the local domain into the national (eventually global) arena Network Virtualization on Internet2

For most applications run in a campus environment, the traditional routed Layer 3 infrastructure provided by the Internet2 Advanced Layer 3 Service (AL3S) provides all the needed functionality and performance. For some applications, the ability to run on a server in a campus environment or on a GENI Rack, connected by a Layer 2 VLAN, should suffice. For a few advanced applications, particularly in the network research arena, there is a need to run their own controller on a virtual network. Network Virtualization Use Case

Production Service Staging GENI wants to move to Stitching v3.0, but Stitching 2.0 is in wide use Set up a slice, deploy a second OESS, deploy new version of FOAM Stitching Aggregator When its tested and ready, move to the production OESS stack Network Research Network researcher has a better idea how to do networking Set up a slice, deploy new network controller, write paper Service Prototyping Look at alternatives to AL3S Implement a route server that speaks OpenFlow on southbound interface with no routers Deploy in a slice, begin peering with other domains Evaluate efficacy, operational savings Over time transition to new service Use Case Examples (1)

Private Networks Want something akin to Atlantic Wave, original vision for LHCONE, or GENI Virtual Network Set up a distributed SDX across multiple domains Network virtualization experiments are already underway Prototyping IP over SDN solution (no routers!) Prototyping cloud-based services Prototyping multi-domain virtual networks DANCES Use Case Examples (2)

Vendors such as Brocade provide switches that implement OpenFlow. Through close development partnerships, Internet2 can deploy advanced technology. Internet2 and Indiana University have developed a second-generation, open source hypervisor, called Flowspace Firewall (FSFW). FSFW divvies up the available VLANs on a network into VLAN ranges, known as slices. FSFW acts as a proxy between one or more OpenFlow controllers and a set of switches within a single administrative domain. FSFW only carries OpenFlow commands from a controller to a switch (or the reverse) if the command falls within the allocated range of VLANs for that controller. FSFW acts as a resource protector, ensuring that no controller overconsumes scarce resources such as the rate at which OpenFlow rules can be fed to a switch or the number of OpenFlow entries in the Flow Table. Technology enables Innovation in the Internet2 Community Technology behind Network Virtualization

Backdrop: Internet2 operates a Layer 2 Service Campuses (e.g. University of Utah) operate a Layer 2 Service Regional Networks (e.g. MAX) operate a Layer 2 Service Exchange Points (e.g. AMPATH/FIU) operate a Layer 2 Service Is there a way to create a Multi-Domain Layer 2 Service? Common capabilities Willingness to collaborate Willingness to contribute to a common project Maintain local control Withdraw at any time Enable (illusion of) global control Control remote administrative domains No change in software, just configuration Prototype Multi-Domain Layer 2 Service

Multi-Domain Sample Network

NFV is very popular with service providers Accelerate the deployment of new services Replace proprietary, short-lived hardware appliances Leverage VM technology to consolidate many network equipment types onto industry standard high volume servers What does that mean for the R&E community? Growing need for network functions (VPN, DTN, Science DMZ, etc.) Similar arguments to service providers How do we integrate NFVs into the R&E ecosystem? Location? Provided by? Used by? Network Function Virtualization

Questions? Eric Boyd [email protected]

Internet2 Network: Convergence of Innovation, SDN, and Cloud Computing Eric Boyd Senior Director of...

Documents

Transcript of Internet2 Network: Convergence of Innovation, SDN, and Cloud Computing Eric Boyd Senior Director of...