The Hybrid- Open ( HOpen ) router architecture. Brian Field / Comcast

The Hybrid- Open ( HOpen ) router architecture Brian Field / Comcast 1

Background Lots of excitement in the SDN space Programmability (config) Network virtualizaqon (exisqng features) What if I need a new feature on a router- - today? Does the exisqng SDN paradigm help this? No [not really] This talk presents a new SDN paradigm: Something we can Do Now. 2

Router plazorm evoluqon Controller OpenFlow BGP, ISIS, PIM, etc. BGP, ISIS OF OF API BGP, ISIS, PIM, etc HTTP CLI Proprietry OS/chassis CLI Proprietry OS/chassis How do we transition across this gap? Open source network code Apache mumble hw COTS hw Legacy Router stack OF enabled router stack open source router stack Web stack (role model) 3

We glue them together HOpen BGP, ISIS BGP, ISIS, PIM, etc Legacy open protocols New protos / features CLI Open source network code Vendor code Open source network code Proprietry OS/chassis mumble hw Open Hybrid platform "HOpen" 4

In theory, over Qme. Vendor Open Vendor Open Vendor Open HOpen platform (today) HOpen platform (tomorrow) HOpen platform 5 (tomorrow++)

Unicorns and rainbows - - Wouldn t it be great if the HOpen plazorm existed today? Legacy open protocols Insert ideas here Vendor code Insert code here Hybrid platform BField / Nanog June 2014 6

Actually it does Platform OS CLI Software Control Plane SNMP/ show hardware based New Control Protocol Drop in your own code / binaries next to vendor code What might be an interesqng use case to develop on this plazorm? BField / Nanog June 2014 7

Segment RouQng Introduced to IETF in 2013 Isn t supported on deployed plazorms SR 101: Traffic engineering Service chaining Comcast interested in IPv6 SR 8

Segment Router Packet............ Ver Traffic Class Flow Label Payload Len 43 (SR) Hop Limit Source Address Destination Address 17 (TCP) Hdr Ext Len Routing Type Next Segment Last Segment Flags HMAC Key ID Policy List Flags Segment List[0] (128 bits ipv6 address) Segments (SIDs) Segment List[n] (128 bits ipv6 address) Policy List[0] (128 bits ipv6 address) (optional) Policy List[1] (128 bits ipv6 address) (optional) Policy List[2] (128 bits ipv6 address) (optional) HMAC (256 bits) (optional) TCP header layer payload Segment Router Header IPv6 Header Transport & Payload 9

Segment RouQng OperaQon IPv6 packet with SRH is delivered to Dest Addr. Router or applicaqon Process data, then consult SRH and determine next Segment ID (SID) Update SRH IPv6 packet with next SID as next DA. Forward. Details shared in NANOG 58 June 2013. hjp://www.nanog.org/sites/default/files/ wed.general.segment.filsfils.13.pdf 10

Router Control Plane OperaQon [Punt traffic 101] Application Processes BGP <x.x.x.x, TCP, 179> OSPF <224.0.0.5, 89, --> IP Stack (Kernel) 2000:1:1/128 (loopback) 2000:1:1/128 (GE1) 2000:2:1/128 (GE j) 2000:42:1/128 (GE n) Software [Platform OS] Hardware Control Plane Policer (COPP) Filter / throttle what or much can reach platform OS Hardware Forwarding ASIC ASIC If DA == router IP, punt packet to platform OS Physical Ports GE 1 GEj GE k GE n 11

What we did Comcast executable SR <2001:1:1, 43> BGP <x.x.x.x, TCP, 179> OSPF <224.0.0.5, 89, --> 1) Loopback Int 0 (lo0) - Assign SID IPv6/128 IP Stack (Kernel) Hardware Forwarding 2000:1:1/128 (loopback) Control Plane Policer (COPP) ASIC 2000:1:1/128 (GE1) 2) Announce SID/128 in ISIS 2000:2:1/128 (GE j) 3) Update COPP 2000:42:1/128 (GE n) 4) Code logic: Bind (SID/128, 43) While (1) { Receive SRH packet Process Data Process SRH header Forward updated SR packet } * Written in Golang ASIC Software [Platform OS] Hardware Physical Ports GE 1 GEj Worked! GE k GE n 12

SR packets on the wire 13

What did we just do? Took the first step Controller OpenFlow Vendor Open BGP, ISIS, PIM, etc. BGP, ISIS OF OF API BGP, ISIS, PIM, etc CLI CLI Open source network code Proprietry OS/chassis Proprietry OS/chassis mumble hw Legacy Router stack OF enabled router stack HOpen platform open source router 14 stack

Extending Wouldn t it be great if We had the ability for the SR process to tag it s prefix announcements in ISIS that the /128 is SR capable? Extend this to other services/features we might want to support per internal /128 Crud this vendor s ISIS implementaqon doesn t support ISIS admin tags Wait, lets hack this new feature into open source ISIS and run that instead of the vendor s ISIS! 15

Running Modified Open Source ISIS on HOpen PlaZorm 1) Arista EOS running Quagga ISISd code 5) Quagga ISISd generating new TLV 2) SYSID 3) New command dev'd into Quagga ISISd 8) 6 <tag, prefix> values encoded using defined TLV structure 4) Second Arista EoS running stock ISIS has "UP" ADJ with Arista based Quagga ISISId 6) We picked 200 as Type for new TLV 7) Struture for new TLV BField / Nanog June 2014 16

Second step towards HOpen Controller OpenFlow Vendor Open Vendor Open BGP, ISIS, PIM, etc. BGP, ISIS OF OF API BGP, ISIS, PIM, etc CLI CLI Open source network code Proprietry OS/chassis Proprietry OS/chassis mumble hw Legacy Router stack OF enabled router stack HOpen platform open source router stack 17

What does this mean? HOpen is an alternaqve SDN paradigm: Leverage the control plane work the vendor has done Supplement with Operator code or / Open Source for new features HOpen - - Best of both worlds: Vendor support for legacy features Operator can develop new features as needed, prove value, vendor rolls into their code base. Maybe in an Open Source kinda way 18

Rough consensus and working code This paradigm enables [unaffiliated] individuals to create, develop and deploy new control plane protocols on producqon rouqng plazorms Does this change how things work in IETF? Might this be good? Does NANOG start to have: Hackathon s? Inter- op work, etc.? 19

Quote Qme With great power comes great responsibility - - Voltaire (and later FDR, Ben Parker Spiderman s uncle) 20

Thanks! brian_field@cable.comcast.com BField / Nanog June 2014 21