internet2 and al2s eric boyd senior director of strategic projects
TRANSCRIPT
Internet2 and AL2S
Eric BoydSenior Director of Strategic Projects
=
Internet2 Mission
University Corporation
forAdvanced Internet
Development
This is what we have been able to say for about a year:The 100G testbed of innovation for tomorrow’s Internet is available nationwide, right now.
• Abundant Bandwidth–100G, for now
• Network Programmability–SDN, Network Virtualization
• Friction-Free Science–Science DMZ
Internet2 Community Innovation Story
• Abundant Bandwidth–100G, for now
• Network Programmability–SDN, Network Virtualization
• Friction-Free Science–Science DMZ
Internet2 Community Innovation Story
Network Virtualization on Internet2
Network Virtualization on Internet2
Network Virtualization on Internet2
Network Virtualization on Internet2
• Control a slice of the national network!
• Enable:• Rapid prototyping of
advanced applications• Rapid prototyping of
new network services• Rapid advancement of
network research
• Network Virtualization: Puts members in control of (a slice of) the network
• Change in paradigm:– Turning the “commons” on its head – Private network capabilities with shared network costs
• Large scale networking is normally about lowest common denominator
• Large scale virtualized networking is about creating custom facilities
• Extend the local domain into the national (eventually global) arena
Network Virtualization on Internet2
• For most applications run in a campus environment, the traditional routed Layer 3 infrastructure provided by the Internet2 Advanced Layer 3 Service (AL3S) provides all the needed functionality and performance.
• For some applications, the ability to run on a server in a campus environment or on a GENI Rack, connected by a Layer 2 VLAN, should suffice.
• For a few advanced applications, particularly in the network research arena, there is a need to run their own controller on a virtual network.
Network Virtualization Use Case
• Production Service Staging– GENI wants to move to Stitching v3.0, but Stitching 2.0 is in wide use– Set up a slice, deploy a second OESS, deploy new version of FOAM
Stitching Aggregator– When it’s tested and ready, move to the production OESS stack
• Network Research– Network researcher has a better idea how to do networking– Set up a slice, deploy new network controller, write paper
• Service Prototyping– Look at alternatives to AL3S– Implement a route server that speaks OpenFlow on southbound
interface with no routers– Deploy in a slice, begin peering with other domains– Evaluate efficacy, operational savings– Over time transition to new service
Use Case Examples (1)
• Private Networks– Want something akin to Atlantic Wave, original vision for LHCONE,
or GENI Virtual Network– Set up a distributed SDX across multiple domains
• Network virtualization experiments are already underway– Prototyping IP over SDN solution (no routers!)– Prototyping cloud-based services– Prototyping multi-domain virtual networks– DANCES
Use Case Examples (2)
• Vendors such as Brocade provide switches that implement OpenFlow.• Through close development partnerships, Internet2 can deploy advanced
technology.• Internet2 and Indiana University have developed a second-generation, open
source hypervisor, called Flowspace Firewall (FSFW).– FSFW divvies up the available VLANs on a network into VLAN ranges, known as
slices.– FSFW acts as a proxy between one or more OpenFlow controllers and a set of
switches within a single administrative domain.– FSFW only carries OpenFlow commands from a controller to a switch (or the
reverse) if the command falls within the allocated range of VLANs for that controller.
– FSFW acts as a resource protector, ensuring that no controller overconsumes scarce resources such as the rate at which OpenFlow rules can be fed to a switch or the number of OpenFlow entries in the Flow Table.
• Technology enables Innovation in the Internet2 Community
Technology behind Network Virtualization
• Backdrop:– Internet2 operates a Layer 2 Service– Campuses (e.g. University of Utah) operate a Layer 2 Service– Regional Networks (e.g. MAX) operate a Layer 2 Service– Exchange Points (e.g. AMPATH/FIU) operate a Layer 2 Service
• Is there a way to create a Multi-Domain Layer 2 Service?– Common capabilities– Willingness to collaborate– Willingness to contribute to a common project– Maintain local control
• Withdraw at any time– Enable (illusion of) global control
• Control remote administrative domains– No change in software, just configuration
Prototype Multi-Domain Layer 2 Service
Multi-Domain Sample Network
