OpenFlow: Experiencias en implementación y operación de testbeds internacionales

OpenFlow: Experiencias en

Implementación y Gestión de

Testbeds Internacionales


implementación y operación de testbeds

internacionales

28 Noviembre 2012Jornadas Técnicas de

RedIRIS

Joan A. García-Espín




Introduction

• OF provides a way of controlling the forwarding of packets through a network element from a remote server, using the OF protocol.

• OF Testbed Facilities enable researchers to try new ideas over production equipment at an affordable cost– Some facilities (OFELIA) offer it at NO cost for academic research

• During the last years i2CAT has been designing, implementing and deploying a Future Internet facility for four main initiatives:– FP7 OFELIA project– FP7 FIBRE project– Géant3 project– Own facility, codenamed EXPERIMENTA

NW Control

application

Processing

Switchpacket/ circuits

OpenFlowcontroller

Experience from FP7 OFELIA

Initial OF island design and OFELIA Control Framework




4

OFELIA at a glance

- Started September 2010- Duration: 3 years- Total budget 6.3M€, funding 4.45M€- 12 partners

– Academic institutions– Industry partners: DT, NEC, ADVA Optical– Stanford university (Nick McKeown, Guru Parulkar) official

partner (control framework, architecture, experience)

- 8 OpenFlow-enabled islands at academic institutions

- Objective: Create a pan-european Openflow testbed

Offer Openflow as a service for European experimenters

Berlin (TUB) partial replacement of existing campus network with OpenFlowenabled Switches

Gent (IBBT) central hub, large-scale emulation

Zürich (ETH) connection to OneLab and GENI

Barcelona (i2CAT)

L2 switches and Optical equipment (ROADM ring)

Essex (UEssex) national hub for UK optical community; L2 switches and L1/L0 ROADMs (optical mesh network), FPGA testbed

Rome and Catania (CNIT)

two islands with focus on Information Centric Networking

Trento (CREATE-NET)

a city-wide distributed island based on L2 switches and NetFPGA; opt-in users via heterogeneous access technologies




5

OFELIA Offering

• The OFELIA facility is open as a best-effort service:– Any user accepting the usage policy is welcome – Connection to the facility through OpenVPN

via the central hub at IBBT in Ghent– Through a GUI, a user can create and run experiments

• An experiment/slice consists of:– A number of end points (Xen-based virtual machines, currently)– OpenFlow access to a set of switches that connect the end points

• The user’s OpenFlow controller can be deployed on one of the VMs– Links between end points and switch ports:

• Best effort (shared), mostly• Dedicated capacity will be available at least on some lines

• Instructions, Wiki, Videos, Open Calls, press releases…http://fp7-ofelia.eu

Feedback is very much appreciated

The control framework software is freeBuild your own OFELIA islands,

connect over to us, develop further

Facility is publicly available for experiments

http://fp7-ofelia.eu/




6

i2CAT OFELIA island overview

i2CAT OFELIA island (Barcelona)

Multi-vendor extensive L2 deployment. Complete meshed topology on the experimental Openflow network. No “opted-in user” traffic, only experimental traffic. Computing equipment (In production) 5x SuperMicro SYS-6010T-T servers.

Network equipment (OF enabled) (In production) 5x NEC IP8800/S3640-24T2XW switches (Ready for production) 3x HP E3500-48G-PoE+yl switches

EXPERIMENTA’s i2CAT testbed (not part of OFELIA) (Conn. on demand) 1x Juniper MX480 3D + OF support




7

Network design:Equipment in the OFELIA island

LDAPNFS DNS Expedient FV

VT-AM NEC NECVPN (OpenVPN L2)

Private (offices, …)

Public internet

Other testbeds

Management

Experimental

Experimental: OpenFlow, connects VMs and OF switches, experimental traffic.Experimental: OpenFlow, connects VMs and OF switches, experimental traffic.Control: Legacy, connects infrastructure and gives access to the users.

• Experimental: OpenFlow, connects VMs and OF switches, experimental traffic.

• Control: IPv4, connects infrastructure and gives access to the user services.

• Management: IPv4, IM management, no user traffic.

Rest of internal services




8

Network design:Federation of OFELIA islands

IBBT

Island

i2CAT

• Unique Ethernet segment spanning all Europe for experimentation• Interconnection through OpenVPN tunnels. In the next months, connect through GEANT backbone ( L2 VPN as backup). • Control and management L3 routed IP4 network, with 2 logical networks (VLAN). Routing OSPF• Access through L2 VPN (from the Internet)

IP4 ctrl&mgmt tunnelOpenflow tunnel

Island

Island

IBBT




9

OFELIA Control Framework (OCF)Capabilities

• Supported resources

• Extensible to new resources: AM Base Class• Easy federation schema:

– Federation at AM’s level: isolating administrative domains – Intra federation (homogenous CF) out of the box– Inter federation (heterogenous CF) focused on resource sharing and

possible through multiple interfaces (SFA, GENI…)

• Multiple user interfaces :

OpenFlow

Switch NetFPGA Optical APs

Virtualized Servers

Xen …

VirtualWall

Emulabnodes

Vertigo(virt.

Topologies)

WebUI CLI …




10

OCF Current Architecture (v0.x)

Expedient:– User WebUI– Plugins: handling visualization, and

resource specific communication.– Clearinghouse: projects/slice mgmt, users

permissions.

VT AM: virtualized servers AM.– API: XMLRPC, custom Rspec.– Agent: VM provisioning and hypervisor

comm.

OPTIN Manager: OF AM.– FlowVisor (openflow proxy controller).

Manage flowvisor flowspace for slicing slice the openflow network

– API: GENI XMLRPC, OF RSpec v1




11

OCF Screenshots (1/2)




12

OCF Screenshots (2/2)

Experience from FP7 FIBREFederation with OMF and intercontinental testbed




14

FIBRE at a glance

• What? • Create a common space between the EU and Brazil for Future Internet (FI) experimental

research into network infrastructure and distributed applications.

• Who? 15 partners, coordinated by i2CAT and UFPA

• How? Requested to the EC 1.1M€ and CNPq R$ 2.3 in funding to perform 6 activities– WP1: Project management– WP2, WP3: Building and operating the Brazilian (WP2) and European (WP3) facilities– WP4: Federation of FIBRE-EU and FIBRE-BR facilities– WP5: Joint pilot experiments to showcase the potential of the federated FIBRE facility– WP6: Dissemination and collaboration

Nextworks

UEssex

i2CATUTH

UPMCNICTAUNIFACS

UFPA

UFG

UFSCar CPqD,USP

RNP, UFFUFRJ




15

CONCEPT: What do we want?

• Federation of testbeds (OCF and OMF –based testbeds)

• Enhancement of actual CFs• Resource sharing

FIBRE-BREnhanced CF

FIBRE-EUEnhanced CF

OFELIAOCF NITOS

OMF

UFG UFPA

UFSCar UNIFACS

UFRJ

USPCPqD RNP

UFF

i2CAT UEssex

• Registration in one site – Access from anyone

FIBRE




16

FIBRE and OFELIA i2CAT islands

Experience from GEANT3 Network Factory

Apply lessons learned to help design a software based OF testbed on top of GEANT3




18

Participants

• GRNET / ICCS(Greece)

• SWITCH(Switzerland)

• Fundació i2CAT(Catalonia, Spain)

• DANTE(United Kingdom)

A perfect-fit collaboration of two European NRENs, a Research Instituteand a pan-European R&D Infrastructure Operator




19

Key facts about OpenFlow in JRA2-T5 Network Factory

• A software-switch based facility

– Architected so that OpenFlow-enabled hardware switches can be introduced seamlessly

• Functionality delivered to end-users:

– Slice request submission

– Slice instantiation

– Slice management

– Slice decommissioning functionalities

• Experimenting within a slice is not disrupted, while the GÉANT production environment remains unaffected




20

GN3 OpenFlow PoP Design Principles

• 5 OpenFlow PoPs interconnected with a full mesh of L2VPNs over GÉANT

– Co-located with GÉANT PoPs

• 2 general purpose servers per PoP for:

– Open vSwitch– XEN hypervisor to deliver user VMs

• Using OpenFlow v1.0 -> VLAN-based slicing– Limited capabilities for non-VLAN slicing for VLAN-based experimentation

• Orchestration software: FP7 OFELIA Control Framework (OCF)– Resource allocation and instantiation (per slice)– Authentication/Authorization (AA) and policy framework– Web-based user interface for slice access and management– Robustness, stability and scalability in terms of number of users, support for concurrent

experiments and number of managed resources.– Monitoring of slices and the OCF components themselves




21

GN3 OpenFlow PoP Implementation over GEANT




22

GN3 OpenFlow PoPA closer look to the setup




23

GN3 OpenFlow PoPUse Cases

• UC#1: LHCONE

LHCONE MPTCP testing group: To carry some of the MPTCP stack & OpenFlow experimentation for LHCONE over the GÉANT OpenFlow testbed.

• UC#2Using OpenFlow as a TE mechanism to manage the backbone paths, etc. to serve specialized applications and protocols at the end systems. Examples:– DC live migration middleware– Ultra-high bandwidth data transport

• UC#3Using OpenFlow to deliver L2 slices for experimentation at L2 and above on the data and control plane. Examples:– Ethernet OAM testing– Protocol development/research

EXPERIMENTA. i2CAT’s Open Experimental Facility




25

EXPERIMENTA Facilities @ Barcelona




Gracias por su atención

Más información en:

www.fibre-ict.eu

www.geant.net

www.fp7-ofelia.eu

Joan A. García-Espín

[email protected]

Jornadas Técnicas de

RedIRIS

Back-up

27




28

OEFELIA Timeline

Operation of the individual islands:– Phase i: OF controllers and switches in place, first local

experiments concluded– Phase ii: Connect islands and extend OF experimentation to

wireless and optics – Phase iii: Automate resource assignment and provide

connections to other FIRE and non-European research facilities

Open Calls to extend facility & consortium on M5 (jan’11) and M17 (jan’12)

- Total budget €830,000 max. 200 K€ funding per experiment• First closed March 2011• Second closed March 2012

Explain how an early operative prototype will be gradually expanded and who will do it, including budgetary issues

Gradual expansion of early operative facility

Open Calls

Three project phases to set-up and extend

the facility

i: Create islands on L2

ii: Connect islands and extend to wireless/optics

iii: Ressource assignment automization and connection to other facilities

M7 M19




29

OFELIA Control Framework (OCF) Introduction

• What is OCF?– OCF is an open source testbed management software originally

developed to be used in the OFELIA facility.

• Objectives of the OCF– Orchestrate and automate testbed resource sharing– Ensure OFELIA distributed and autonomous nature– Offer Openflow network resources (slices)– Provision L2 aware IT resources (VMs)– Allow resource (both network and IT) basic monitoring– Provide an easy to use web interface (at least)




30

OCF Roadmap (v1.x)

Plugin–based UIs– GUI: plugin-based independent

web UI.– CLI: OMNI-based, evolved if

required.

AM APIs: Driver based APIs– Native OFELIA API, intially based

on a GENI evolution towards OFELIA requirements including MONITORING

– SFA– Native GENIv3…

OPENFLOW AM (FOAM BASED)VT AM ……

AM

WEB UI CLI UI

CH

ResourcesDomain

AdministrativeDomain

…




31

Current OFELIA XEN Servers configuration

Dom0

DomU 1

vif1.0 | eth0

vif1.0 | eth1

vif1.n | ethn

DomU N

eth1.999

eth2

ethN

vifN.0 | eth0

vifN.n | ethn

vifN.1 | eth1

eth0 eth1 peth2

peth1.999

pethN

Experimentation interfacesManagement interfaces (SSH)

Server management interface

• eth0 provides access to the server for management and internet.• eth1.999 eth2 ..ethN are linux bridges connecting VIFs (VMs) with physical interfaces of

dom0 (server).• eth1.999 tags control traffic (SSH for the VMs) transparently to the user (IP4 out-band

network)• eth2…ethN are used for experimental (OF) traffic.• Linux bridge to be replaced by Openvswitch soon.

Documents

OpenFlow: Experiencias en implementación y operación de testbeds internacionales