deeply programmable network (dpn) through advanced network
TRANSCRIPT
Deeply Programmable Network (DPN)through Advanced Network Virtualization
1The University of Tokyo Confidential
Aki NakaoUniversity of Tokyo
[email protected]/8/24
Network Vitualization Symposium 2012
The University of Tokyo Confidential 2
Deeply Programmable Network•Network that flexibly adapts to demands by means of not only programmability in control plane for network operations and management, but also deeper programmability for data-plane for processing data and dealing with new protocols (non-IP), etc.•Extension to SDN (Software Defined Network)
The University of Tokyo Confidential
Deep Programmability
3
• Control-Plane Programmability• Route Control• Access Control• Netowrk Management
• Data-Plane Programmability• Packet Data Processing•Cache•Transcode•DPI
• Handling New Protocols• IPvN (N>6)•New Layer2•Named Data Network (NDN)•Content Centric Network (CCN)
Possiblewith OpenFlow
Hard with OpenFlow
Possible with OpenFlow+Processors
Hard with OpenFlowEven with+Processors
DeeplyProgrammableNetwork
DeeperProgrammability
The University of Tokyo Confidential
How deep programmability do we want?
• Control plane programmability only?
• Data plane too (cache, transcode, DPI)?
• OpenFlow in A Slice
• Can we program “OpenFlow”, “OpenFlow++”, or “OpenXXX” data-plane APIs?
• Can we change L2 protocol?4
Several questions to ask:
Yes! we can do all!
The University of Tokyo Confidential
VNode Project• VNode Infrastructure Enables Deeply Programmable Network (Project Leader: Aki Nakao)• 2008-2010 Collaborative Research (NICT/Utokyo/NTT/NEC/Hitachi/Fujitsu)• 2011-2014 Collaborative Research (Utokyo/NTT/NEC/Hitachi/Fujitsu/KDDI)
5
The University of Tokyo Confidential
VNode Infrastructure (extended to US!)
Fukuoka
Hiroshima
Okayama
Osaka
Sendai
NICT Koganei
USA TH SG HK
International Circuit
40Gx240G40G
10G10G
10G
Wireless Testbed
Sapporo
40G10G1GDF
Example
10Gx210Gx2
10G
10G
1G
10G
Tokyo
Nagoya
Kanazawa
•7 VNodes, 2 Network Connectors, 11 Access Gateways •Deep Programmability for Experimenting with Arbitrary Protocols (Non-IP)
AGW
AGW
AGW AGW AGW
AGW
AGW
AGW
AGW
AGW
AGW
AGW
NTT Yokosuka
International CircuitTokyo Area
NICT Otemachi NICT Hakusan UTokyo
VN
VN
VN
NC
NCNC
VN
NC
AccessGatewayVNode
Network Connector
KR
VNVN
VN
AGW
VN
6
•Slice-Around-The-World Project ( A VNode in U of Utah on ION/StarLight! )
The University of Tokyo Confidential
•Create slices for running arbitrary protocols•Programmability for both control plane and data plane•Mainly focused on wired / fixed network virtualization
AGWIPSecTunnel
7
Deep Programmability for Backbone Network
GRETunnel GRE
Tunnel
NC
VNode Infrastructure
GRETunnel
GRETunnel
GRETunnel
IPNetwork
VMNetwork Processor
The University of Tokyo Confidential 8
•“Tangible” small-form-factor (1U) VNode•Deeply programmable, even at L2, yet high performance•Fixed-mobile converged slicing
Deep Programmability for Network Edge
GRETunnel
GRETunnel
GRETunnel
Small-FactorVNode
LightweightSlicing
AccessPoint
Network Edge Slicing
The University of Tokyo Confidential 9
•“Tangible” small-form-factor (1U) VNode•Deeply programmable, even at L2, yet high performance•Fixed-mobile converged slicing
FLARE Open Deeply Programmable Switch
Challenges:
FLARE Architecture
Slice N
Slice 2
Slice 1
Packet Slicer
Node Manager
ControllerFLARE Controller
FLARE Switch
Physical Ports10
Control PlaneData Plane
Virtual Ports
The University of Tokyo Confidential
..
HyperVisor (Packet Slicer +Node Manager)
Solar Wind Version
Slicer D-Plane
SlicerContoller C-Plane
D-Plane
C-Plane
Physical Network Interfaces
Node Manager
D-Plane
C-Plane
FLARE Controller
Create/Remove/Access Sliver
Virtual Network Interfaces Virtual Network Interfaces Virtual Network Interfaces
Sliver=Virtual Machine Environment for Programming (C/D Planes)
12
Developer Programs
Per-Slice Switching
Slicer
Slicer Slice
D-Plane
SlicerContoller C-Plane
D-Plane
C-Plane
D-Plane
C-Plane
Physical Network Interfaces
Slice1 Slice2 SliceN
13
PacketSID1
Packet
Packet
SID-1
PacketSID1Packet
Three Primitives in FLARE
•Extract SliceID (Slicer)• Demux/Mux to/from Slices (Redirector)• Execute Programs on Slices (Programmer)
14
SID
Packet
Arbitrary Offset, Arbitrary Length
PacketSID
General Slicing (Supported in DarkFlow Version)
15
Extracting Slice ID
Internal Packet Format
Multiple Parts
The University of Tokyo Confidential
Light Weight Network Virtualization
(Application of FLARE to NV)
• Tunneling (Good for Fixed Networks)
• VLAN (Limited to Ethernet/ 12bits)
• MPLS (Originally Traffic Engineering)
Essentially just need globally unique Slice ID16
17
Packet SID
Slicer-slice identifies Slice ID(SID)Globally Unique SID Embedded in Trailer
Trailer Slicing
Network VirtualizationThrough Slice ID Embedded in Packet Trailers
18
Packet SID
Packet SID
Packet SID
Globally UniqueSlice ID
IsolatedNetworkNameSpace
Header Trailer
•SID visible at all the layers (if layered architecture is adopted at all)•VLAN Stitching may not be necessary
FLARE (SolarWind Version) Implementation
• Hybrid of many-core processors + x86 processors• LXC Resource Container Running on Data/Control Planes• 1U Form Factor• Trailer Slicing (Embedding Slice ID in Packet Trailers)• 4 x 10Gbps (20 Gbps Non-Blocking Switching)• Up to 16 Data Plane Slices • Control Plane & Data Plane Linux Programmability (Multi-Threaded Click)
• OpenFlow In A Slice (Implemented)19
Slice N
Slice 2
Slice 1
Packet Slicer
Node Manager
ControllerFLARE Controller
FLARE Switch
Physical Ports22The University of Tokyo Confidential
..OpenFlow
Ether Switch
New L2 Switch
Multi-Protocol/Control Coexistence
HyperVisor (Packet Slicer +Node Manager)
OpenFlow vs. FLARE DifferencesOpenFlow FLARE
Arbitrary Frame X(Internet Protocol)
O(Non-Internet Protocol)
Control PlaneProgrammability O
Multiple APIsOpenFlow++
Multiple OpenFlow SWs
Data PlaneProgrammability(Packet Process)
X O
Data PlaneProgrammability(New Protocol)
X O
24The University of Tokyo Confidential
OpenFlow vs. FLARE Differences
OpenFlow FLAREProgrammingModel
Flow Pattern MatchAction
Linux Container (LXC)Multi-Threaded Click
ProcessingEnvironment Not Integrated Integrated
Slicing Programmability
X(Fixed to Flow Matching)
O (fully supported inDarkFlow version)
25
The University of Tokyo Confidential
How deep programmability do we want?
• Control plane programmability only?
• Data plane too (cache, transcode, DPI)?
• Can we program “OpenFlow”, “OpenFlow++”, or “OpenXXX” dataplane APIs?
• Can we change L2 protocol?
26
Several questions to ask:
The University of Tokyo Confidential
A Case in Data Center Network
• Limitation in MAC address space• Conflict of MAC addresses in VM migration
• Limitation in VID (802.1Q) space• The number of tenants increases in IaaS
Data Center Network depends heavily on L2leading to solutions such as EUI-64 and VXLAN
27
The University of Tokyo Confidential
Mac Address Extension
http://en.wikipedia.org/wiki/MAC_address
EUI-64 (64bit Extended Unique Identifier)
28
The University of Tokyo Confidential
Why not just extend MAC ID spacethrough deep programmability enabled by FLARE Switch?
29
Slice 3
Slice 2
Slice 1
FLARE Switch
Extended MAC Address (96-bit MAC)
Extended MAC Switching
(Click Implementation)
Extended MAC (96bit) Switching
End System 1 End System 2
IP Slice VExDMAC ExSMAC T
IPExDMAC ExSMAC T
Slice 1
Slice 1
HyperVisor
30
Extended MAC Address (96-bit MAC)
The University of Tokyo Confidential IPExDMAC ExSMAC T
Slice 1
Performance Check
31
2 Port 10Gbps Switching Performance (Gbps)MTU=1500 bytes
The University of Tokyo Confidential
Gbps
Extended DMAC Extended SMAC Type IP Datagram
GuestVM
Extended
GuestVM
Extended
GuestVM
Extended
GuestVM
Extended WANMigration
FLARE FLARE VNode
32
InterCloud DPN(VM Migration With Extended MAC)
The University of Tokyo Confidential
Starbed(Hokuriku)UTokyo(Tokyo)
Slice 3
Slice 2
Slice 1
FLARE Switch
Extended MAC Address (96-bit MAC)
Extended MAC Switching
Two Different Kinds of Switchingvia Tailer Slicing
End System1 End System2
EthernnetSwitching
MAC Addresss
IP Slice V
IP Slice VExDMAC ExSMAC T
TSMACDMAC
mux/demuxmux/demux
IPExDMAC ExSMAC T IPTSMACDMAC
Slice 2IPTSMACDMAC
Slice 2 Slice 1IPExDMAC ExSMAC T
Slice 1
Slice 1
Slice 2
HyperVisor
34
Extended MAC Address (96-bit MAC)
MAC Addresss
The University of Tokyo Confidential
Examples of Deep Programmability
• Cache Oriented Network Architecture (UTokyo)
• OpenFlow In A Slice (UTokyo)
• Content Oriented Network (Here and There)
• Crazy examples (Non-IP, Extended Mac)
• Artificial Delay for Traffic Control (UTokyo)
35