NEC contribution to OpenDaylight: Virtual Tenant Network (VTN)

Similar documents
OpenDaylight Network Virtualization and its Future Direction

Software Defined Network (SDN)

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Carrier/WAN SDN Brocade Flow Optimizer Making SDN Consumable

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Outline. Why Neutron? What is Neutron? API Abstractions Plugin Architecture

How To Orchestrate The Clouddusing Network With Andn

What is SDN? And Why Should I Care? Jim Metzler Vice President Ashton Metzler & Associates

Software Defined Networking A quantum leap for Devops?

IPOP-TinCan: User-defined IP-over-P2P Virtual Private Networks

SDN Solutions ~SDN for Carrier Data Center~ November, 2013 NEC Corporation

SDN CONTROLLER. Emil Gągała. PLNOG, , Kraków

SDN v praxi overlay sítí pro OpenStack Daniel Prchal daniel.prchal@hpe.com

Virtualization, SDN and NFV

Quantum Hyper- V plugin

What is VLAN Routing?

Network Virtualization and Software-defined Networking. Chris Wright and Thomas Graf Red Hat June 14, 2013

How To Make A Vpc More Secure With A Cloud Network Overlay (Network) On A Vlan) On An Openstack Vlan On A Server On A Network On A 2D (Vlan) (Vpn) On Your Vlan

Software-Defined Networking for the Data Center. Dr. Peer Hasselmeyer NEC Laboratories Europe

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Software Defined Networking (SDN) OpenFlow and OpenStack. Vivek Dasgupta Principal Software Maintenance Engineer Red Hat

SDN AND SECURITY: Why Take Over the Hosts When You Can Take Over the Network

Open Fabric SDN The Comprehensive SDN approach. Jake Howering, Director SDN Product Line Management Bithika Khargharia, PhD, Senior Engineer

Data Center Network Virtualisation Standards. Matthew Bocci, Director of Technology & Standards, IP Division IETF NVO3 Co-chair

Ethernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲 端 運 算 行 動 應 用 研 究 中 心

The State of OpenFlow: Advice for Those Considering SDN. Steve Wallace Executive Director, InCNTRE SDN Lab Indiana University

Palo Alto Networks. Security Models in the Software Defined Data Center

SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT

OpenStack/Quantum SDNbased network virtulization with Ryu

COMPSCI 314: SDN: Software Defined Networking

SDN and OpenFlow. Naresh Thukkani (ONF T&I Contributor) Technical Leader, Criterion Networks

CTS2134 Introduction to Networking. Module Network Security

Defining SDN. Overview of SDN Terminology & Concepts. Presented by: Shangxin Du, Cisco TAC Panelist: Pix Xu Jan 2014

Software Defined Networking

Spotlight On Backbone Technologies

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

How To Write A Network Plan In Openflow V1.3.3 (For A Test)

OpenDaylight Project Proposal Dynamic Flow Management

Bring your virtualized networking stack to the next level

SOFTWARE DEFINED NETWORKING: A PATH TO PROGRAMMABLE NETWORKS. Jason Kleeh September 27, 2012

Using SDN-OpenFlow for High-level Services

Utility Computing and Cloud Networking. Delivering Networking as a Service

Surviving the SDN Wars. Curt Beckmann Chair of Forwarding Abstractions WG, ONF and EMEA CTO

How OpenFlow-based SDN can increase network security

Securing Networks with PIX and ASA

How To Manage A Network From A Microsoft Lab

Software Defined Network Application in Hospital

VLAN 802.1Q. 1. VLAN Overview. 1. VLAN Overview. 2. VLAN Trunk. 3. Why use VLANs? 4. LAN to LAN communication. 5. Management port

Windows Server 2012 Hyper-V Virtual Switch Extension Software UNIVERGE PF1000 Overview. IT Network Global Solutions Division UNIVERGE Support Center

Testing Network Security Using OPNET

SDN/Virtualization and Cloud Computing

Software Defined Networking using VXLAN

enetworks TM IP Quality of Service B.1 Overview of IP Prioritization

Knowledgebase Solution

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera VERSION May, 2015

SDN Applications for IXPs and Service Providers. Jason Kleeh Senior Product Manager January, 2013

OpenFlow and Software Defined Networking presented by Greg Ferro. OpenFlow Functions and Flow Tables

CheckPoint Software Technologies LTD. How to Configure Firewall-1 With Connect Control

LTE - Can SDN paradigm be applied?

Firewall Defaults and Some Basic Rules

Ethernet-based Software Defined Network (SDN)

Underneath OpenStack Quantum: Software Defined Networking with Open vswitch

White Paper NEC ProgrammableFlow: An Open and Programmable Network Fabric for Datacenters and the Cloud

Stanford SDN-Based Private Cloud. Johan van Reijendam Stanford University

Figure 41-1 IP Filter Rules

Extending Networking to Fit the Cloud

Brocade SDN/OpenFlow. Norival Figueira Office of the CTO. January 9, /2015 BROCADE COMMUNICATIONS SYSTEMS, INC. ALL RIGHTS RESERVED.

Bringing OpenFlow s Power to Real Networks

VXLAN: Scaling Data Center Capacity. White Paper

Introduction to Software Defined Networking

The 2013 Guide to Network Virtualization and SDN

A Case for Overlays in DCN Virtualization Katherine Barabash, Rami Cohen, David Hadas, Vinit Jain, Renato Recio and Benny Rochwerger IBM

Internet Protocol: IP packet headers. vendredi 18 octobre 13

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

IP Filter/Firewall Setup

2. What is the maximum value of each octet in an IP address? A. 28 B. 255 C. 256 D. None of the above

Securing Local Area Network with OpenFlow

Secure Cloud Computing with a Virtualized Network Infrastructure

Installing Intercloud Fabric Firewall

Lecture 02b Cloud Computing II

SSL Inspection Step-by-Step Guide. June 6, 2016

New Cloud Networking Enabled by ProgrammableFlow

Building Scalable Multi-Tenant Cloud Networks with OpenFlow and OpenStack

Datacenter Network Virtualization in Multi-Tenant Environments

Implementing OpenDaylight in a Carrier Network

Designing Virtual Network Security Architectures Dave Shackleford

Building an Open, Adaptive & Responsive Data Center using OpenDaylight

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure

Network Functions Virtualization in Home Networks

Deploying ACLs to Manage Network Security

The 2013 Guide to Network Virtualization and SDN

DCB for Network Virtualization Overlays. Rakesh Sharma, IBM Austin IEEE 802 Plenary, Nov 2013, Dallas, TX

Transcription:

NEC contribution to OpenDaylight: Virtual Tenant Network (VTN) June. 2013 NEC Page 1

Agenda OpenDaylight Virtual Tenant Network - VTN Model Live Demo VTN Implementation Page 2

OpenDaylight Virtual Tenant Network (VTN)

VTN models VTN design using the following components Components vbridge vrouter Description logical representation of L2 switch function. logical representation of L3 router function. Virtual node (vnode) Virtual interface vtep vtunnel vbypass interface logical representation of Tunnel End Point - TEP. logical representation of Tunnel. logical representation of connectivity between controlled networks. representation of end point on the virtual node. Virtual Link vlink logical representation of L1 connectivity between virtual interfaces. vbridge vrouter vbypass vtunnel vtep vbridge interface vrouter interface vlink Page 4

VTN Feature Set Virtual Network Provisioning VTN design (Add/Delete/Change) VTN model operation (Add/Delete/Change) Flow Control over Virtual Network Flow filter (Forward, Drop, Redirect or Remarking) QoS Control over Virtual Network Policing Forward, Drop, Remarking or Drop-precedence for three-color action Virtual Network Monitoring VTN information collection Traffic statistics Failure events Page 5

VTN Workflow VTN Workflow Virtual Network Provisioning Virtual Network Provisioning Y Flow Control over Virtual Network? N Y VTN Creation? N Flow Filter VTN Creation QoS Control over Virtual Network? Y N N Y vnode Addition? Policing vnode Addition Interface and vlink Addition Mapping to Physical Resource Page 6

VTN Workflow Flow Filter Flow List Creation Match Condition Policing Flow List Creation Match Condition Flow Filter setting to an Interface Action Policing Profile Creation Rate & Action Policing Map setting to an Interface Page 7

Multiple SDN Controller Orchestration Enables to construct virtual networks in data centers and over interconnects between them. Easy to add and delete SDN controllers dynamically. vbridge vbridge vbridge vbypass vbridge VTN vrouter VTN Controller 1 Controller 2 Controller 3 DC 1 DC 2 Inter-DC network DC 3 Page 8

vbypass Represents external network domain not controlled by SDN controller. Enables to deploy VTNs cross the external network (e.g. WAN) which SDN controller does not control. Virtual Network vbr1 vbypass capability: L2 or L3 vbr2 Physical Network External network OpenFlow domain 1 OpenFlow domain 2 Page 9

Mapping of Physical Network Resources Mapping between virtual network and physical network According to three mapping configuration, physical network is sliced and mapped to virtual networks. Mapping Physical Mapping Key Virtual Note Port mapping Switch ID, Port ID (VLAN ID option) vbridge interface Untagged frame mapping is also supported. VLAN mapping VLAN ID (Switch ID option) vbridge MAC mapping MAC address vbridge Will be supported in the future release. Page 10

Flow Filter Functions Flow filter defines action to specific matching conditions. Flow Filter can be applied to any virtual interface. Matching conditions Source/Destination MAC address Ether Type VLAN Priority Source/Destination IP address DSCP IP Protocol TCP/UDP source/destination port ICMP type ICMP code Action Forward, Drop, Redirect or Remarking Page 11

Flow Filter Functions ACL Action Pass Drop Redirection - WayPoint routing Remarking Description Passes particular packets matching the specified conditions Discards particular packets matching the specified conditions Redirects packets to a desired virtual interface. Changing source/destination MAC (e.g. for routed firewall) Not changing source/destination MAC (e.g. for transparent firewall) Remarks VLAN priority and/or DSCP fields BR1 RT BR2 Page 12

Flow Filter Redirect Use Cases L2 Firewall L2 Firewall Server1 BR1 Server2 Server1 BR1 VRT BR2 Server2 L3 Firewall Modify Dst Mac Server1 BR1 VRT BR2 Server2 Page 13

Flow Filter Redirect Use Cases L2 Firewall L2 Firewall Server1 BR1 Server2 Server1 BR1 VRT BR2 Server2 Matching Condition: Destination port 80 Action: Redirect and modify destination MAC to MAC_FW1 IP: 10.0.1.253 MAC: MAC_FW1 L3 Firewall IP: 10.0.2.253 MAC: MAC_FW2 1. Send ARP request from Firewall to Server2 2. Send ARP reply from Server2 to Firewall 3. Send HTTP request from Firewall to Server2 Server1 BR1 VRT BR2 Server2 IP: 10.0.1.1 MAC: MAC_S1 GW: 10.0.1.254 IP: 10.0.1.254 MAC: MAC_R1 IP: 10.0.2.254 MAC: MAC_R2 IP: 10.0.2.1 MAC: MAC_S2 GW: 10.0.2.254 Page 14

APIs for VTN Provides Web API (REST) GET/PUT/POST/DELETE to virtual network resources XML or JSON format Accessible Resources via API VTN vbridge vrouter vtep vtunnel vbypass vlink Interface Port mapping VLAN mapping Flow Filter Controller Physical Switch / Port / Link (Read only) Alarm (Read only) Page 15

VTN API Use case OpenStack nova Quantum API Quantum Plug-in System Center 3 rd party Orchestration Application for appliance GUI VTN Coordinator VTN Manager Page 16

Proposed NEC Contributions 1. VTN Coordinator (code is available) Provide API of VTN for users Use OpenDaylight APIs to realize VTN models Coordinate VTNs across multiple SDN controllers 2. VTN Manager (to be developed) Provide virtual nodes functions Provide virtual packets forwarding functions VTN Coordinator VTN Manager Page 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information