GN3+ SA3T3 / Multi-Domain-VPN service: Collaboration of NREN s NOC

Transcription

1 GN3+ SA3T3 / Multi-Domain-VPN service: Collaboration of NREN s NOC 10 th TF NOC meeting (Cambridge) Friday, 21 March 2014 Xavier Jeannin / RENATER, SA3T3 Task Leader Miguel Angel Sotos / RedIRIS Bojan Jakovljevic / AMRES

2 Agenda What is MDVPN? Status of MD-VPN deployment Role of the NOCs MD-VPN operation model VPN Provisioning Monitoring Troubleshooting Conclusions on MDVPN operation 2

3 What is MD-VPN? 1/3 A joint service provided by GEANT and NRENs Extending the original IP cooperation between GEANT, NRENs and regional networks to deliver new services Share the same cooperation model used for traditional IP traffic exchange NREN NOC collaboration required MD-VPN creates a baseline transport infrastructure for a bundle of data transmission services Umbrella for P2P or multipoint transmission Multi-domain networking Layer3 or Layer2 VPNs spanned over several domains 3

4 What is MD-VPN? 2/3 VPN1 VPN2 RR ABR SSP ABR RR VPN1 VPN2 Configure only at edge VPN3 NREN A ABR SSP SSP ABR NREN B VPN1 VPN multiplexing - Configure only once SSP GEANT VPN proxy SSP NREN E (non MPLS) VPN2 VPN1 ABR VPN2 VPN3 RR NREN C ABR SSP ABR RR VPN3 Regional Network VPN2 VPN provider VPN provider and VPN transport provider VPN transport provider 4

5 Added value for end-users Safe infrastructure Dedicated virtual network No firewall needed No additional transmission delay (DPI) High performance Safe Inter-university Research and Educational Network (S.I.R.E.N) Site A Site B Site C 5

6 MD-VPN status Deployment phase Multi-domain operation validation (4th quarter 2013 end of 1st quarter 2014) Technical Pilot Phase Setting-up GEANT pilot (1st quarter 2014) Pilot generalization phase (2nd and 3rd quarter 2014) Adding MD-VPN service to GEANT portfolio end of GN3 plus A first scientist project XiFi XIFI is a project of the European Public-Private-Partnership on Future Internet 6

7 MD-VPN status the 20th Febr Current pilot running on production infrastructure NREN currently connected NREN nearly connected DeiC SUnet FUnet Active XiFi L3VPN Future XiFi L3VPN Litnet XiFi TSSG HEAnet NORDUnet PSNC VPN Route reflector FCCN GEANT CESNET XiFi Sevilla RedIRIS XiFi Malaga RENATER XiFi Lannion GARR XiFi Trento DFN AMRES XiFi Berlin 7

8 MD-VPN operation model VPN Provisioning Monitoring Day-to-day monitoring Statistics Monitoring Troubleshooting Ensure OLA commitment are achieved 8

9 MDVPN Provisioning Process workflow * DANTE can play the role of the Initiator NREN Authoritative End user 2 DANTE I want L3VPN ASTRO 1 List creation 2 3 * Initiator NREN 6 6 MD-VPN database 4 Service Order: L3VPN ASTRO RT 2200:001 Central information hosted within DANTE: VPN Name VPN type RT, RENs involved used Technical contact list 5 Service Order validate or not via VPN-ASTROproviders@MDVPN... NREN List VPN-ASTROproviders@MDV PN.dante.net 2 NREN + Users List VPN-ASTROoperation@MDVPN.d ante.net Feedbacks to the user requester VPN implemenation announced via VPN- ASTROoperation@MDVPN NREN NREN NREN Involved NREN End users NREN : Checks with their own users Implements the VPN 9

10 What to monitor? Monitoring is decentralized: s (DANTE and NRENs) SSPs (DANTE and NRENs) VPN Route Reflector (VR) (DANTE) VPN-Proxy (DANTE) Peerings to be monitored 10

11 MD-VPN monitoring plan for NG3plus SSP monitored by GEANT availability MD-VPN Looking Glass Prospective:, User VPN monitoring NREN collaboration on monitoring a L3VN is deployed on all s and ASBRs A loopback is put into this L3VPN and pinged in order to check if ASBR or is alive and the service up 11

12 MD-VPN troubleshooting 1. DANTE will take care of its own MD-VPN features VPN transport service (Carrier of Carrier) VPN Route Reflector VPN Proxy 2. Escalation process will be the same process as for IP service The MDSD coordinates the troubleshooting NRENs NRENs appeals to DANTE if they cannot fix the pb NREN coordinates the troubleshooting of their Regional Network Regional Networks appeals to its NRENs if they cannot fix the pb 12

13 support to NRENs: coordination task Key points Information related to the VPN VPN database (NREN involved in the VPN, Route Target, ) Information channel Between network providers Between network provider and users Make available list tools that allow NREN to set-up their VPN list VPN-ASTRO-providers@dante.net VPN-ASTRO-operation@dante.net Feedback to the end users 13

14 Conclusions on MDVPN operation Next step: Database model and Operation cookbook Collaboration around the operational model Dissemination toward NREN s NOC Prospective Improve MDVPN operation Monitoring Advanced MDVPN 14

15