open-source nfv platform? opnfv! - cisco live

Open-source NFV platform? OPNFV!

Frank Brockners

BRKSDN-2333

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKDCN-2390


“The 20th century was about invention, the 21st is about mashups and integration”

Toby Ford,FD.io Mini-Summit Sept, 2016

BRKSDN-2333 5


NFV Stacks – A User Perspective:Above and below “The Line”

Network Controller;

IO Abstraction & Feature

Path

Virtual Machine/Container

Life Cycle Manager

Service/WF Life Cycle

Manager

VM Policy, Network Policy

Service Provisioning, Service

Configuration

Service Chaining, Service Monitoring

Auto Recovery, Elastic Scaling, Workload

Placement, Service Assurance

Hypervisor/Host//Container

Compute Network Storage

Phys./virtual Network Control

Group Policy, Chaining

High-Performance

Flexible Feature Paths

VM/Container PolicyService Monitoring

Auto HealingElastic Scaling

Service Provisioning

Workload Placement

Service Configuration

Service Model App IntentWorkFlow Topology

6BRKSDN-2333


OpenSource Building Blocks: ~ 2014/15

Hardware

Network Control

Operating Systems

VIM Management System

Orchestration

Application Layer / App Server

IO Abstraction & Feature Path

PaaS

Clo

ud I

nfr

a &

Toolin

gIn

frastr

uctu

re

PaaS platforms

Network Data Analytics

7BRKSDN-2333


OpenSource Building Blocks2015 – 2017: Several New LF Projects

8BRKSDN-2333

PaaS

Clo

ud I

nfr

a &

Toolin

gIn

frastr

uctu

re

Additional

PaaS platforms

*

Hardware

Network Control

Operating Systems


Orchestration





Composing the NO-STACK-WORLD

Hardware

Network Control

Operating Systems


Orchestration



Application Layer / App Server The “No-Stack-Developer”

Evolve/Integrate/Install/Test

OPNFV

• Compose

• Deploy

• Test

• Evolve

• Iterate

• OPNFV

9BRKSDN-2333


Assembling Platforms:OpenSource Building Blocks

PaaS

Clo

ud I

nfr

a &

Toolin

gIn

frastr

uctu

re

Additional

PaaS platforms

CI/C

D

Hardware

Network Control

Operating Systems


Orchestration



Evolve/Integrate/Install/Test


10BRKSDN-2333


“Systems integration as an open community effort.”


Open Platform for NFV (OPNFV) facilitates the

development and evolution of NFV

components across various open source

ecosystems.

Through system level integration, deployment

and testing, OPNFV creates a reference NFV

platform to accelerate the transformation of

enterprise and service provider networks.

BRKSDN-2333 12


Network

Virtualization Storage

Virtualization

OPNFV Danube Overview

13BRKSDN-2333

Compute

Virtualization

Management and Orchestration

Virtual Network Functions

OpenStack

KVM OpenDaylight

OVS

ONOS

Compute Storage Network

Infrastructure

Pharos Community Labs

OPNFV Bare Metal Lab

Upstream Project

Collaboration:

Integration Testing New Features

OpenContrail

Ceph

ODPDPDK

Alignment

Installation

Composition

Functional

System

Performance

NFV Features

Continuous Integration / Continuous Deployment

Documentation

Security

FD.io

Data Plane

LXD


Create.Compose.Deploy.Test.

Iterate.


Enhancing the “Stack”:Evolving/Developing while Integrating

PaaS

Clo

ud

In

fra

& T

oo

ling

Infr

astr

uctu

reC

I/C

D

Hardware

Network Control

Operating Systems, virt. Infra


Orchestration



Integrate/Install


System Test & Security Audit

Infra control & CI/CD(Pharos, Releng, Octopus)

Installation, Upgrade(Apex, Joid, Fuel, Compass, Daisy,Escalator, Genesis)

Documentation(OPNFVdocs)

Create Scenarios/Stacks(IPv6, FastDataStacks, Armband, Apex, Daisy,ONOSFW, OpenContrail,, Joid, Fuel, Compass)

Storage Performance Test(Storperf)

System Testing(Yardstick, FuncTest, Qtip)

Dataplane Performance Test(Vsperf, Fastpath)

SDN Controller Performance Test(Cperf)

Dataplane Evolution & Test(DPACC, OVSDPDK, FastDataStacks)

Hypervisor for NFV(KVM4NFV)

Network Policy(FastDataStacks, Copper, PolicyTest)

Fault Management/Localization, Audit(Doctor, Pinpoint, Prediction, Bottlenecks, Inspector)

Model and Policy Driven Control(Copper, Movie, Models, Domino, Parser)

Resource Control/Scheduling(Promise, Resource Scheduler (RS))

NFV services (service chaining, VPN, ..)(VNFFG, SFC, SDNVPN)

NFV deployment architectures(Multi-Site, EdgeNFV)

Security(Moon)

NFV Telemetry Data Acquisition(VNF Event Stream, Barometer)

MANO solutionsOpera (Open-O), Orchestra (OpenBaton)

BRKSDN-2333 16


Create.Compose: A typical workflow

RequirementArchitecture

& Gaps

Solution & review

internally

Reach & develop

upstream

Integrate, test and

document

Present demos, collect

feedback

BRKSDN-2333 17


Example: OPNFV Doctor project

• Goal:

• Develop and build fault management and maintenance framework for high availabilityof Network Services running on top of virtualized infrastructure.

Proposed with a very clear target / key feature:

• Immediate notification of unavailability of virtualized resourcesfrom VIM to Consumer

• Members:

• NEC (PTL: Ryota Mibu), AT&T, Cisco, Cloudbase Solutions, Corenova, Ericsson, Hephaex, Huawei, Intel, KDDI, KT, Nokia, NTT DOCOMO, Spirent, Sprint, Telecom Italia, Vmsec, ZTE

• https://wiki.opnfv.org/display/doctor/

BRKSDN-2333 18

https://wiki.opnfv.org/display/doctor/


OPNFV Doctor project – Timeline...

ARNO (May/2015)

- Requirement document

BRAHMAPUTRA (March/2016)

- Ceilometer “Immediate

Notification”

- Nova “Mark Host Down”

- Functional test cases

- PoC demo at OPNFV

Summit

- Documentation updates

COLORADO (Sept/2016)

- Nova:

“Get valid server state”

- Integration of Congress

as Doctor Inspector

- Extended functional tests

- PoC demo at OPNFV Summit and

OpenStack Summit Barcelona


DANUBE (March/2017)

- Neutron “Port Status update”

- Inspector design guidelines

- Performance profiler


BRKSDN-2333 19


Example: OPNFV FastDataStacks Project

20BRKSDN-2333

• Create a new stack which significantly evolves networking for NFV: Introduce Solution Stacks with FD.io/VPP

• OpenStack – ODL (Layer2) – VPP


• OpenStack – VPP

• Work areas:

• OpenStack (ML2 driver: networking-vpp)

• ODL enhancements (GBP Neutron Mapper, VPP Renderer)

• FD.io - VPP/Honeycomb enhancements

• OPNFV Installer integration (APEX)

• OPNFV System-level testing

• Contributors:

https://wiki.opnfv.org/display/fds



OPNFV FastDataStacks project – Timeline...

21BRKSDN-2333

Colorado 3.0

(Dec/2016)

- Enhanced O/S-

ODL(L2)-VPP stack

(Infra complete:

Neutron / GBP Mapper

/ GBP Renderer / VBD

/ Honeycomb / VPP)

- Enhanced system-level

testing

- L2 networking using

ODL (incl. east-west

security groups), L3

networking uses

qrouter/OVS

- O/S-VPP (Infra:

Neutron ML2-VPP /

Networking-vpp-agent /

VPP)

- Automatic Install,

Overlays: VLAN

Danube 1.0

(March/2017)

- Enhanced O/S-

ODL(L3)-VPP

stack (Infra

complete:

Neutron / GBP

Mapper / GBP

Renderer / VBD /

Honeycomb /

VPP)

- L2 and L3

networking

using ODL (incl.

east-west

security groups)

Danube 2.0

(May/2017)

- Enhanced O/S-

ODL(L3/L2)-VPP

stack: HA for

OpenStack and

ODL (clustering)

Euphrates 1.0

(November/2017)

- Enhanced O/S-

ODL-VPP stack:

DVR with VPP

(pure L3 for east-

west and north-

south

communication);

Dynamic VXLAN-

tunnel control via

LISP


Building/evolving features means contributing upstreamTeam Up To Drive Required Change Upstream

Swimming upstream

is hard

Team-up to increase

the likelihood to succeed

Swimming upstream

is dangerous

BRKSDN-2333 22



Iterate.


Install on

reference

system(s)

Test on

reference system(s)

Lab1Lab2

Lab3

Lab1Lab2

Lab3

Integrate & build*

as a system

*OPNFV currently composes builts from

existing artifacts (e.g. RPMs) rather

than builds from source

Choice of existing and new components,

System state definition

OPNFV CI/CD Projects:Octopus, Releng

BRKSDN-2333 24


OPNFV CI/CD – Project CI

yesnew

changes?

no

Clone repoPoll changes

Build

Build

Build

Build Server

Upload ISO

Push Image

Google Cloud

Storage

Docker

Hub

Patchset

Verification

Verified

+1/-1

Patch

BRKSDN-2333 25


OPNFV CI/CD – Platform CI

Jumphost

Initiate

Run for certain

Scenario

Download

ISO

Deploy Functest Yardstick

Pull Down

Functest ImagePull Down

Yardstick Image

Labs connected 24x7

using JNLP

Google Cloud

Storage

Docker

HubDocker

Hub

Pharos POD

(SUT)

BRKSDN-2333 26


OPNFV Development WorkflowProject Team OPNFV Gerrit OPNFV CI/Test OPNFV Release Upstream Gerrit Upstream CI/Test Upstream Release

Requirement

Patch

TestRelease

Downstream

Release

Test

Test

Fast feedback

• Fast development cycle

• Fast feedback, < 1 day

• OPNFV specific issues can be

tested/detected in time;

• Correction in same release

Document

• Long development cycle

• Downstream will delay to next release

• Slow feedback, > 5 months

• OPNFV specific issues cannot be

tested/detected in time


Cross Community CI (XCI)

contribute contribute contribute contribute

pull from master, deploy, test

and/or

verify patchset, post feedbackBRKSDN-2333 28


Goals:

• Facilitate collaborative testing

• Provide developers with substantial resources

• Ensure OPNFV applicability across architectures, environments and vendors

• Create more robust, interoperable releases

Deploy – Develop - TestPharos Project: Community Labs

BRKSDN-2333 29

https://www.opnfv.org/developers/pharos

https://wiki.opnfv.org/display/pharos/Pharos+Home




Infrastructure – Distributed Pharos Labs

• Facilitate collaborative testing

• Ensure OPNFV applicability across architectures, environments and vendors

• Create more robust, interoperable releases



BRKSDN-2333 30




Pharos Architecture

BRKSDN-2333 31


Infrastructure Homogeneity

Lab as a Service

Resources booked via dashboard

BRKSDN-2333 32


CI/CD Dynamic Resource Allocation

Installer X

Dedicated Resources

Installer Y

Scenario A

Scenario B

Resources Dynamically Allocated

Dedicated Resources

BRKSDN-2333 33


OPNFV – testing and integration project

Infrastructure

Compute Storage Network

Virtualization

Cloud Management

Virtualized Network Functions

NFV orchestration

VNF VNF VNF VNF

BRKSDN-2333 34


Types of testing

Functional Performance Stress Security

Infrastructure

Features

Components

VNF

MANO

…

Network

Storage

Compute

Virtual layer

Traffic gen.

…

Network

Storage

Compute

…

Upgradability

Backup&Restore

.

.

.

BRKSDN-2333 35


OPNFV Test Ecosystem

36BRKSDN-2333


Test:Functional Testing: Example Project FuncTest

vPing SSHVerify private & public connectivity

vPing userdataVerify nova-metadata service and private connectivity

Tempest test OpenStack native tests (200+ tests)

Rally bench testsBenchmark the OpenStack deployment

ODL suite

Robot framework, ODL functional testing

ONOS suite

TestON framework

vIMS

OpenSource solution by Clearwater

Promise

Resource reservation and management project

Doctor

Fault management and maintenance project

BGPVPN

OpenStack Neutron BGPVPN project integration

BRKSDN-2333 37


System-Level testing: Example Project YardStick

1. Define infrastructure

2. Identify VNF

type

3. Select Test Cases

4. Execute Tests

5. Collect Results

6. Integrate VNF application

Pre-Deployment

validation of NFVI

Control plane/User plane

Main components

Real time constraints

Hardware

Metrics

Test cases 1 … N

Test stimuli

Test environment

ETSI GS

NFV-TST001

Chapter 6

Pre-Deployment

validation

of NFV

infrastructure

Configure

Deploy

Test

Validate

- System under Test (SUT)

- Deployment rules

- Execute benchmarks

- Trigger External scripts

for SUT disturbances

- Collect results

- Graphical results

- Assertion

- Generate template or

- External templates

YardStick Test-Framework

BRKSDN-2333 38

https://docbox.etsi.org/ISG/NFV/Open/Drafts/TST001_-_Pre-deployment_Validation/


Performance/Speed Capacity/Scale Reliability/Availability

Compute - Latency for random memory access- Latency for cache read/write operations- Processing speed (instructions per second)-Throughput for random memory access (bytes per second)

- Number of cores and threads- Available memory size- Cache size- Processor utilization (max, average, standard deviation)- Memory utilization (max, average, standard deviation)- Cache utilization (max, average, standard deviation)

- Processor availability (Error free processing time)- Memory availability (Error free memory time)- Processor mean-time-to-failure- Memory mean-time-to-failure- Number of processing faults per second

Network - Throughput per NFVI node (frames/byte per second)- Throughput provided to a VM (frames/byte per second)- Latency per traffic flow- Latency between VMs- Latency between NFVI nodes- Packet delay variation (jitter) between VMs- Packet delay variation (jitter) between NFVI nodes

- Number of connections- Number of frames sent/received- Maximum throughput between VMs (frames/byte per second)- Maximum throughput between NFVI nodes (frames/byte per second)- Network utilization (max, average, standard deviation)- Number of traffic flows

- NIC availability (Error free connection time)- Link availability (Error free transmission time)- NIC mean-time-to-failure- Network timeout duration due to link failure- Frame loss rate

Storage - Sequential read/write IOPS- Random read/write IOPS- Latency for storage read/write operations- Throughput for storage read/write operations

- Storage/Disk size- Capacity allocation (block-based, object-based)- Block size- Maximum sequential read/write IOPS- Maximum random read/write IOPS- Disk utilization (max, average, standard deviation)

- Disk availability (Error free disk access time)- Disk mean-time-to-failure- Number of failed storage read/write operations per second

BRKSDN-2333 39


Test Dashboards

BRKSDN-2333 40


Test Dashboards

BRKSDN-2333 41


Operations and Troubleshooting support:Operating OpenStack Networking is not that simple

42BRKSDN-2333

https://www.openstack.org/videos/video/troublesho

oting-neutron-physical-and-virtual-networks

(“Operations War Stories” from OS Summit)


OPNFV Project Calipso

• Solves virtual networking discovery issues

• Monitoring support for ‘day2 net operations’

• Discover, Analyze, Monitor, Visualize

• Substantially lowering administration overhead for maintenance and troubleshooting cycles in cloud environments ( < 90% for discovery, analysis and monitoring of v-nets)

• Highly Customized and Modeled

• calipso.io and http://docs.opnfv.org/en/stable-euphrates/submodules/calipso/docs/release/monitoring-guide.html

43BRKSDN-2333

http://calipso.io/

http://docs.opnfv.org/en/stable-euphrates/submodules/calipso/docs/release/monitoring-guide.html


Calipso

44BRKSDN-2333


Calipso feature set today (‘out of the box’):

• Auto-discovery of virtual networking components, their detailed data for K8S and OpenStack

• Auto-discovery and end-to-end monitoring for virtual-physical-virtual for ACI/APIC use-cases

• Analysis of inter-connections and dependency (links) with embedded impact analysis

• Monitoring of virtual networking objects and links for health and status, some statistics

• Visualization of topologies, statuses, settings, browsing tree and an embedded search engine.

• API for Eco-system integrations.

• Support multi-region and multi-tenancy in multiple OpenStack, K8s environments

• Integrated monitoring and a plug-in framework, ready for many type of devices

• A unified ‘all-in-one’ Installer for simple deployment.

• Modeled, Federated and customized, ‘model driven design’ and ‘micro-services’ architectures.

BRKSDN-2333 46


OPNFV NFVbench: Evaluating NFVI performance

• Full-Stack NFV blackboxNFV-benchmark:NFVbench tool

• Different connection scenarios(PVP, PVVP, ..)

• Different traffic patterns

• NDR/PDR detection

• Different VNFs

• Compare a FastDataStack to legacy stacks with other virtual switches, e.g. OVS

47BRKSDN-2333

FastDataStack full NFV stack deployment

NIC

NIC

VPP

UCS-BFabricSwitch

VNF1 Compute 1

Compute 2

NIC Controller

NIC Jumphost

VPP

VPP

VNF2

NovaHoneyComb

NovaHoneyComb

UnderCloud

OverCloud

ControllerHoneyComb

NIC NFVbench (with Trex)

© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 48BRKSDN-2333

An NFV Solution Stack is only as good as its foundation


OPNFV Releases


June 4, 2015

Baseline foundation of

components necessary to build

an NFV platform from upstream

components

Massively parallel simultaneous release process. Advancements in infrastructure, processes, and upstream collaboration

Platform support for NFV applications and key improvements in services and support

March 1, 2016 September 26, 2016 April 4, 2017

OPNFV Release History

Brings together end-to-end networking stacks, including MANO, data plane acceleration, and architecture advancements.

BRKSDN-2333 50


• The only platform that brings together elements across multiple end-to-end open networking stacks

• Foundational support and introduction of capabilities for MANO including integration with ONAP (Open-O)

• Enhanced DevOps automation and testing methodologies, including performance and benchmarking test suites

• Architectural improvements including greater network control flexibility, HA, and multisite improvements

• Focus on NFV performance including acceleration of the data plane via FD.iointegration and enhancements to OVS-DPDK and KVM

• Feature enrichment and maturity in core NFVI/VIM functionality such as IPv6, Service Function Chaining (SFC), L2 and L3 Virtual Private Network (VPN), fault management and analysis, and a continued commitment to support multiple hardware architectures

OPNFV Danube (April 2017)

BRKSDN-2333 51


OPNFV Euphrates (October 2017)• Introduces Kubernetes container orchestration engine as an

alternative VIM, and with SDN controllers including basic functional and performance testing capabilities. A containerized version of OpenStack simplifies OpenStack lifecycle management.

• Integrates cross-community continuous integration (XCI), where the OPNFV CI pipeline integrates the latest upstream code, reducing feedback time on a new feature or bug-fix from months to days.

• Delivers an extensive set of tools to test the NFVI/VIM layer (i.e. NFV cloud), VNFs and complete network services. With two new projects: SampleVNF and NFVbench

• Includes new carrier-grade features through a new project, Calipso, where operators gain visibility to their complex virtual networks and access powerful service assurance framework.

• Performance improvements on the ARM architecture and in L3 performance with FD.io; new security, SFC, FD.io and EVPN features.

Focus on Analytics and Benchmarking

• Barometer

(CollectD for OPNFV)

• VNF Event Stream (VES)

• Bamboo

(PNDA.io for OPNFV)

• Virtual Infrastructure

Networking Assurance

(Calipso)

• NFVbench (Full Stack NFVI

one-shot benchmarking)

• Yardstick

• Qtip

BRKSDN-2333 52


XCI:

Deploy.Test(OPNFV, ODL, ONAP,

FD.io, PNDA.io, ...)

Develop.Integrate:

Management &

Orchestration:

Develop.Integrate:

NFV-I

OPNFV and ONAP: Thoughts on alignment

BRKSDN-2333 53


Example:

The OPNFV FastDataStacks project


Foundational Assets For NFV Infrastructure:A stack is only as good as its foundation

• Virtual Forwarder

• Feature rich, high performance, highly scalable virtual switch-router

• Leverages hardware accelerators

• Runs in user space

• Modular and easy extensible

• Forwarder Diversity: Hardware and Software

• Virtual Domains link and interact with physical domains

• Domains and Policy

• Connectivity should reflect business logic instead of physical L2/L3 constructs

Network Controller

Forwarder – Switch/Router

Virtual Machine/Container

Life Cycle Manager

Service/WF Life Cycle

Manager

Service

Model

App

Intent

WorkFlow

Topology

BRKSDN-2333 55


Networking Foundation for NFV InfrastructureChoices

• VPP

• Highly scalable, highperformance, extensible virtualforwarder

• OpenDaylight

• Extensible controller platform

• Decouple business logic from network constructs: Group Based Policy as mediator between business logic and network constructs

• Support for a diverse set of network devices

• Clustering for HA

56BRKSDN-2333


Introducing Vector Packet Processor - VPP

• VPP is a rapid packet processing development platform for highly performing network applications

• 14+ MPPS, single core

• Multimillion entry FIBs

• 480Gbps bi-dir on 24 cores

• Runs on commodity CPUs and leverages DPDK

• Creates a vector of packet indices and processes them using a directed graph of nodes – resulting in a highly performant solution.

• Runs as a Linux user-space application

• Ships as part of both embedded & server products, in volume;

• Active development since 2002

• See also: FD.IO (The Fast Data Project)

Network IO

Packet Processing: VPP

Management Agent

NC/Y REST ...

BRKSDN-2333 57

https://fd.io/


Phy-VS-PhyVPP Performance at Scale

64B

1518B0.0

200.0

400.0

600.0[Gbps]]

480Gbps zero frame loss

64B

1518B0.0

100.0

200.0

300.0[Mpps]

200Mpps zero frame loss

64B

0

200

400

600[Gbps]]

IMIX => 342 Gbps,1518B => 462 Gbps

64B

0

100

200

300[Mpps]

64B => 238 Mpps

IPv6, 24 of 72 cores IPv4+ 2k Whitelist, 36 of 72 cores Zero-packet-loss Throughput

for 12 port 40GE

Hardware:

Cisco UCS C460 M4

Intel® C610 series chipset

4 x Intel® Xeon® Processor E7-8890

v3

(18 cores, 2.5GHz, 45MB Cache)

2133 MHz, 512 GB Total

9 x 2p40GE Intel XL710

18 x 40GE = 720GE !!

Latency

18 x 7.7trillion packets soak test

Average latency: <23 usec

Min Latency: 7…10 usec

Max Latency: 3.5 ms

Headroom

Average vector size ~24-27

Max vector size 255

Headroom for much more

throughput/features

NIC/PCI bus is the limit not vpp

BRKSDN-2333 58


NFV is about forwarding delay:VPP means low delay

• Low long-term max packet delay with FD.io VPP

• 0.007ms < 0.023ms < 3.5ms

• Other vSwitches

• >120ms long term max delay

• Tests environment

• stock Ubuntu 14.04.03 LTS Kernel: 3.13.0-63-generic (no Linux tuning)

• Cisco UCS C460 M4 (4 x Intel® Xeon® Processor E7-8890 v3 (18 cores, 2.5GHz, 45MB Cache), 9 x 2p40GE Intel XL710)

59

Average Delay

< 23 usec

Min Delay

< 10 usec Max Delay

< 3.5 msec

BRKSDN-2333


VPP Features as of 17.01 Release

Tunnels/Encaps

GRE/VXLAN/VXLAN-GPE/LISP-GPE/NSHIPSEC

Including HW offload when available

Interfaces

DPDK/Netmap/AF_Packet/TunTapVhost-user - multi-queue, reconnect,Jumbo Frame Support

MPLS

MPLS over Ethernet/GREDeep label stacks supported

Segment Routing

SR MPLS/IPv6Including Multicast

Inband iOAM

Telemetry export infra (raw IPFIX)iOAM for VXLAN-GPE (NGENA)SRv6 and iOAM co-existenceiOAM proxy mode / cachingiOAM probe and responder

LISP

LISP xTR/RTRL2 Overlays over LISP and GRE encapsMultitenancyMultihomeMap/Resolver FailoverSource/Dest control plane supportMap-Register/Map-Notify/

‘ RLOC-probing

Language Bindings

C/Java/Python/Lua

Hardware Platforms

Pure Userspace - X86,ARM 32/64,Power, Raspberry Pi

Routing

IPv4/IPv614+ MPPS, single coreHierarchical FIBsMultimillion FIB entriesSource RPFThousands of VRFs

Controlled cross-VRF lookupsMultipath – ECMP and Unequal Cost

Network Services

DHCPv4 client/proxyDHCPv6 ProxyMAP/LW46 – IPv4aasMagLev-like LoadIdentifier Locator AddressingNSH SFC SFF’s & NSH ProxyLLDPBFDPolicerMultiple million Classifiers –

Arbitrary N-tuple

Switching

VLAN SupportSingle/ Double tagL2 forwd w/EFP/BridgeDomain concepts

VTR – push/pop/Translate (1:1,1:2, 2:1,2:2)Mac Learning – default limit of 50k addrBridging

Split-horizon group support/EFP FilteringProxy ArpArp terminationIRB - BVI Support with RouterMac assigmtFloodingInput ACLsInterface cross-connectL2 GRE over IPSec tunnels

Monitoring

Simple Port Analyzer (SPAN)IP Flow Export (IPFIX)Counters for everythingLawful Intercept

Security

Mandatory Input Checks:

TTL expiration

header checksum

L2 length < IP length

ARP resolution/snooping

ARP proxy

SNAT

Ingress Port Range Filtering

Per interface whitelists

Policy/Security Groups/GBP

(Classifier)

BRKSDN-2333 60


Rapid Release Cadence – ~3 months16-09

Release:

VPP, Honeycomb,

NSH_SFC, ONE

17-01

Release:

VPP, Honeycomb,

NSH_SFC, ONE

17-04

Release:

VPP, Honeycomb,

NSH_SFC, ONE…

16-09 NewFeatures

Enhanced LISP support for

L2 overlays

Multitenancy

Multihoming

Re-encapsulating Tunnel

Routers (RTR) support

Map-Resolver failover

algorithm

New plugins for

SNAT

MagLev-like Load

Identifier Locator

Addressing

NSH SFC SFF’s & NSH

Proxy

Port range ingress filtering

Dynamically ordered

subgraphs

17-01 New Features

Hierarchical FIB

Performance Improvements

DPDK input and output nodes

L2 Path

IPv4 lookup node

IPSEC Performance

SW and HW Crypto Support

HQoS support

Simple Port Analyzer (SPAN)

BFD, ACL, IPFIX, SNAT

L2 GRE over IPSec tunnels

LLDP

LISP Enhancements

Source/Dest control plane

L2 over LISP and GRE

Map-Register/Map-Notify

RLOC-probing

Flow Per Packet

17-04 New Features

VPP Userspace Host Stack

TCP stack

DHCPv4 & DHCPv6 relay/proxy

ND Proxy

SNAT

CGN: port allocation & address pool

CPE: External interface

NAT64, LW46

Segment Routing

SRv6 Network Programming

SR Traffic Engineering

SR LocalSIDs

Framework to expand LocalSIDs

w/ plugins

iOAM

UDP Pinger

IOAM as type 2 metadata in NSH

Anycast active server selection

IPFIX Improvements (IPv6)

17-07 New Features

VPP Userspace Host Stack

Improved Linux Host Stack Compatibility

Improved loss recovery (RFC5681, RFC6582,

RF6675)

Basic implementation of Eifel detection

algorithm (RFC3522)

Interfaces

memif: IP mode, jumbo frames, multi queue

Network Features

MPLS Multicast FIB

BFD FIB integration

NAT64 support

GRE over IPv6

LISP

- NSH support

- L2 ARP

ACL multi-core suuport

GTP-U support

17-07

Release:

VPP, Honeycomb,

NSH_SFC, ONE

BRKSDN-2333 61


Control & configuration plane for VPP: HoneycombA generic, model driven (YANG) management agent

• Northbound interfaces:

• RESTCONF

• NETCONF

• Generic data processing layer (transaction management, validation)

• Data processing layer: Pipeline processing data from northbound interfaces down to translation layer

• Translation layer: Invoked by above layer to handle configuration updates or when polling operational state from VPP. Specific translation code lives in this layer in a form of extensions/plugins

• Extensible, pluggable translation layer to handle resulting data in any way

HoneyComb

BRKSDN-2333 62


HoneyComb – Key Features

• Key Features:

• Config, Operational, Context data processing, Persistence & Reconciliation, Rollback, CRUD operations on data, Notifications, Simple JSON plugin configuration

• Infrastructure:

• Utilizes existing Opendaylight components and tools: • Yangtools, MD-SAL, Netconf, Restconf

• Does not use ODL’s config subsystem, OSGi or any other container

• Wired into a special data processing pipeline

• Running in a JVM

• Reduced Footprint (compared to ODL)

• < 100Mb RAM, < 10sec Startup time, < 30Mb of disk

BRKSDN-2333 63


Group Based Policy in Open DaylightGroup policy for generic “end points”

• Application-focused policy expressions:Policies mirror application semantics. Capture policy requirements without detailed knowledge of networking.

• Improved automation: Grouping constructs allow higher level automation tools to easily manipulate groups of network endpoints simultaneously.

• Consistent policy by grouping end points and applying policy to groups

• Extensible because of implementation independence, hence applicable to policy for connectivity, security, L4-7, QoS, etc.

See also: https://wiki.opendaylight.org/view/Group_Policy:Main

BRKSDN-2333 64

https://wiki.opendaylight.org/view/Group_Policy:Main


OK. Ready to integrate!

65BRKSDN-2333


Evolving The OPNFV Scenario Set

• OPNFV uses “scenarios” (i.e. compositions of features and their configuration) as key release vehicle

• Let‘s create a new stack which significantly evolves networking for NFV

• Introduce Scenarios with VPP for OPNFV

• os-nosdn-fdio-noha, os-nosdn-fdio-ha

• os-odl_l2-fdio-noha, os-odl_l2-fdio-ha

• os-odl_l3-fdio-noha, os-odl_l3-fdio-ha

66

+ VPP

Install Tools

VM Control

Network Control

Apex, Compass,

Fuel, Juju

OpenStack

OpenDaylight,

ONOS, OpenContrail

Hypervisor KVM, KVM4NFV

Forwarder OVS, OVS-DPDK

Components in OPNFV

Category

BRKSDN-2333


OPNFV FastDataStacks (FDS)

• Integrate VPP into existing OPNFV scenarios

• Initial scenarios



• OpenStack – VPP

• ...

• Diverse set of contributors:

• https://wiki.opnfv.org/display/fds

67

Install Tools

VM Control

Network Control

Apex

OpenStack

OpenDaylight

L2

Hypervisor KVM

Forwarder VPP

Apex

OpenStack

OpenDaylight

L3

KVM

VPP

Apex

OpenStack

KVM

VPP

BRKSDN-2333



FastDataStacks Component Development:Direct Integration of VPP with OpenStack

• OpenStack

• Networking-vpp ML2 driver

• FD.io

• VPP – Enhancements

• CSIT – VPP component tests

• OPNFV

• Overall System Composition – Integration into CI/CD

• Installer: Integration of VPP into APEX

• System Test: FuncTest and Yardstick system test application to FDS

See also:

FDS Architecture: https://wiki.opnfv.org/display/fds/OpenStack-ODL-VPP+integration+design+and+architecture

Neutron

ML2-agent

VPP

...

DPDK

System Install(APEX)

System Test(FuncTest, Yardstick)

ML2-driver: networking-vpp

etcd

https://wiki.opnfv.org/display/fds/OpenStack-ODL-VPP+integration+design+and+architecture


Networking-vpp: overall architecture

Compute Node

VPP

VP

P A

ge

nt

VM VM VM

vhostuser

Compute Node

VPP

VP

P A

ge

nt

VM VM VM

vhostuser

Neutron Server

ML2 VPP

Mechanism Driver

journaling

HTTP/json

dpdkdpdk

vlan / flat network

BRKSDN-2333 69


FastDataStacks: OS – FD.ioExample: 3 node setup: 1 x Controller, 2 x Compute

Computenode-0 Computenode-1

ML2 Agent ML2 AgentML2 Agent

qrouter (NAT)

Te

na

nt n

etw

ork

i/f

Te

na

nt n

etw

ork

i/f Tenant network i/f

Bridge

Domain VM 2vhost-

user

Controlnode-0

VPP

External network i/f

Internet

DHCPtap

OVS (br-ex)

tap

VPP

VPP

OpenStack Services

VM 1Bridge

Domain

Bridge

Domain

vhost-

user

VLAN / Flat network

ML2 VPP

Mechanism Driver

Neutron Server


Networking-vpp: current feature set

• Network types

• VLAN: supported since version 16.09

• VXLAN-GPE: supported since version 17.04

• Port types

• VM connectivity done using fast vhostuserinterfaces

• TAP interfaces for services such as DHCP

• Security

• Security-groups based on VPP stateful ACLs

• Port Security can be disabled for true fastpath

• Role Based Access Control and secure TLS connections for etcd

• JSON Web Token (RFC 7519) with X.509 Certificate

• Tap as a Service (scheduled for 17.10)

• Layer 3 Networking

• North-South Floating IP

• North-South SNAT

• East-West Internal Gateway

• Robustness

• If Neutron commits to it, it will happen

• Component state resync in case of failure: recovers from restart of Neutron, the agent and VPP

BRKSDN-2333 71


Networking-vpp: port creation process

Compute Node

VPP

VP

P A

ge

nt

VM

vhostuser

Neutron Server

ML2 VPP

Mechanism Driver

dpdk

2

35

4

3

networking-vpp/nodes/vpp-

rocks/ports/c367e21f-ae39-4549-b87d-

2e69636155c6

{"allowed_address_pairs": [], "segmentation_id":

194, "mtu": 1500, "binding_type": "plugtap",

"physnet": "physnet", "mac_address":

"fa:16:3e:03:ce:ff", "port_security_enabled": false,

"fixed_ips": [{"subnet_id": "006fce47-6072-4099-

a695-c3caa140fff7", "ip_address": "10.0.0.2"},

{"subnet_id": "81b2fbdc-c350-4f35-9b9b-

909cf33a4426", "ip_address":

"fd59:3bf6:c35d:0:f816:3eff:fe03:ceff"}],

"network_type": "vlan", "security_groups": []}

/networking-vpp/state/vpp-rocks/ports/d2069a46-3a47-4ec7-94fb-

3b1bcd4c6dc0

{"net_data": {"segmentation_id": null, "if_physnet": "tap-2", "bridge_domain_id": 3,

"if_uplink_idx": [3], "network_type": "flat", "physnet": "physnet"}, "bind_type":

"plugtap", "ext_tap_name": "tapd2069a46-3a", "mac": "fa:16:3e:5d:fe:c4",

"bridge_name": "br-d2069a46-3a", "int_tap_name": "vppd2069a46-3a", "iface_idx":

6}

Request Notification

1 5

1

2


FastDataStacks Component DevelopmentController-based integration of VPP with OpenStack

• OpenDaylight

• GBP Neutron Mapper

• GBP Renderer Manager enhancements

• VPP Renderer

• Virtual Bridge Domain Mgr / Topology Manager

• FD.io

• HoneyComb – Enhancements

• VPP – Enhancements

• CSIT – VPP component tests

• OPNFV

• Overall System Composition – Integration into CI/CD

• Installer: Integration of VPP into APEX

• System Test: FuncTest and Yardstick system test application to FDS

See also:

FDS Architecture: https://wiki.opnfv.org/display/fds/OpenStack-ODL-VPP+integration+design+and+architecture

Neutron

Neutron NorthBound

GBP Neutron Mapper

Topology Mgr - VBD

Honeycomb (Dataplane Agent)

VPP

REST

Netconf/YANG

...

VPP renderer

DPDK

GBP Renderer Manager

System Install(APEX)

System Test(FuncTest, Yardstick)

https://wiki.opnfv.org/display/fds/OpenStack-ODL-VPP+integration+design+and+architecture



HoneyComb HoneyCombHoneyComb

qrouter (NAT)

Te

na

nt n

etw

ork

i/f

Te

na

nt n

etw

ork


Bridge

Domain VM 2vhost-

user

Controlnode-0

VXLAN

VPP


DHCPtap

OVS (br-ex)

tap

VXLAN

VXLAN

74BRKSDN-2333

FastDataStacks: OS – ODL(L2) – FD.io Example: 3 node setup: 1 x Controller, 2 x Compute

VPP

VPP

OpenStack Services Network Control

VM 1Bridge

Domain

Bridge

Domain

vhost-

user

Internet



Te

na

nt n

etw

ork

i/f

Te

na

nt n

etw

ork


Bridge

Domain VM 2vhost-

user

Controlnode-0

VXLAN

VPP


Internet

DHCPtap

VXLAN

VXLAN

75BRKSDN-2333

FastDataStacks: OS – ODL(L3) – FD.io Example: 3 node setup: 1 x Controller, 2 x Compute

VPP

VPP


VM 1Bridge

Domain

Bridge

Domain

vhost-

user

HoneyComb HoneyCombHoneyComb


Honeycomb

VPP 2

Example: Creating a Neutron vhostuser port on VPP

76

Topology Manager (vBD)

Honeycomb

VPP 1

VPP Renderer

Neutron

Neutron NorthBound

GBP Neutron Mapper

GBP Renderer Manager

Netconf/YANG

POST PORT(id=<uuid>, host_id=<vpp>, vif_type=vhostuser)

Update Port

Map Port to GBP Endpoint

Update/Create Policy involving GBP Endpoint

Resolve Policy

Apply policy, update nodes

configure interfaces over Netconf

Netconf/YANG

Bridge domain and tunnel config

vhostuserVM VXLAN Tunnel

Configure bridge domain on nodes over NetConf

BRKSDN-2333


Let’s install an OPNFV Solution Stack:Using APEX/TripleO Installer to install a FastDataStack

78BRKSDN-2333


Apex Installer

• Apex is an OPNFV Installation and Deployment tool based on the RDO Project's Triple-O OpenStack installation tool

• Triple-O is an image based life cycle deployment tool that is a member of the OpenStack Big Tent Governance

• https://wiki.opnfv.org/display/apex

• https://wiki.opnfv.org/display/apex/Integration+Guide

BRKSDN-2333 79

https://wiki.opnfv.org/display/apex

https://wiki.opnfv.org/display/apex/Integration+Guide


APEX Install & Build

• Jump Host Setup

• Apex ISO

• CentOS Virtualization Host + Apex RPMs

• Git Repo (local build)

• Build artifacts:

• CentOS ISO

• Apex RPMs

• Undercloud libvirt image

• Glance overcloud imagesOvercloud Compute 1..N

Nova compute

FD.io: Honeycomb, VPP

Overcloud Controller

OpenStack Services

OpenDaylight

OVS (br-ext)

FD.io: Honeycomb, VPP

qrouter

Undercloud VM

OpenStack

APEX / TripleO

NIC 0

NIC 2

NIC 0

NIC 1

NIC 2

NIC 0

NIC 1

Admin

Public

Tenant

BRKSDN-2333 80


Jump Host

Apex: Deployment

Jump Host

Libvirt image → Undercloud VM

BRKSDN-2333 82


Jump Host

Apex: Deployment

Undercloud (VM)

Glance images → OPNFV (overcloud)

Apex: Deployment

BRKSDN-2333 83


Jump Host

Undercloud (VM)

OPNFV ComputeOPNFV Compute

OPNFV ControlOPNFV ControlOPNFV Control

OPNFV Compute

“Overcloud”

Apex: Deployment

BRKSDN-2333 84


Apex: Deployment

BRKSDN-2333 85


nohup opnfv-deploy --debug -n /etc/opnfv-

apex/network_settings.yaml -d /etc/opnfv-apex/os-odl_l2-

fdio-noha.yaml -i /etc/opnfv-apex/inventory.yaml &

APEX deploy command:3 config files

BRKSDN-2333 86


global_params:

ha_enabled: false

deploy_options:

sdn_controller: opendaylight #Use OpenDaylight as network controller

sdn_l3: false

odl_version: boron #OpenDaylight Boron is required for FDS

tacker: true

congress: true

sfc: false

vpn: false

vpp: true #use VPP

dataplane: fdio #use VPP for communication between compute nodes

performance:

Controller:

kernel:

hugepages: 1024 #VPP setups default to 1024

hugepagesz: 2M

intel_iommu: 'on'

iommu: pt

Compute:

kernel:

hugepagesz: 2M

hugepages: 2048 #Should be as high as possible for the compute nodes

intel_iommu: 'on' #enable IOMMU

iommu: pt #IOMMU pass through mode – disable IOMMU for the hypervisor

Example:/etc/opnfv-apex/os-odl_l2-fdio-noha.yaml

BRKSDN-2333 87


root@pirl-opnfv: tail -5 nohup.out

== Keystone users ==

Warning keystonerc not sourced

Undercloud IP: 192.168.122.7, please connect by doing 'opnfv-util undercloud'

Overcloud dashboard available at http://192.168.3.85/dashboard

INFO: Post Install Configuration Complete

Deployment done!

BRKSDN-2333 88


Ready...

BRKSDN-2333 90


Let’s use our “FastDataStack” OPNFV Solution

91BRKSDN-2333


Running a FastDataStack (1/2)

92

1. Get an imagewget -O /tmp/cirros-0.3.4-x86_64-disk.img http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img

2. Upload the image into Glance and make it support hugepagesglance image-create --name "cirros-0.3.4-x86_64" --file /tmp/cirros-0.3.4-x86_64-disk.img --disk-format qcow2

--container-format bare --visibility public--progressglance image-update --property hw_mem_page_size=large ad74564d-fd22-414b-9fa3-619e87f781a9

3. Create a flavor with hugepages enablednova flavor-create --is-public true opnfv 42 768 1 1nova flavor-key opnfv set hw:mem_page_size=large

4. Create a Neutron networkneutron net-create vxlannet --provider:network_type vxlan

BRKSDN-2333


Running a FastDataStack (2/2)

93

5. Assign a Subnet to your networkneutron subnet-create vxlannet 10.11.12.0/24 --name vxlansubnet

6. Create a Neutron Routerneutron router-create r1neutron router-interface-add r1 subnet=vxlansubnetneutron router-gateway-set r1 external

7. (Optional) Create Ports for your VMsneutron port-create vxlannet --name vm-compute-0-1-portneutron port-create vxlannet --name vm-compute-1-1-port(booting the VMs will do this for you)

8. Boot your VMsnova boot --image cirros-0.3.4-x86_64 --flavor opnfv

--nic port-id=`neutron port-list | grep vm-compute-0-1-port | cut -f 2 -d " "` vm-compute-0-1--availability-zone nova:overcloud-novacompute-0.localdomain.com

nova boot --image cirros-0.3.4-x86_64 --flavor opnfv --nic port-id=`neutron port-list | grep vm-compute-1-1-port | cut -f 2 -d " "` vm-compute-1-1--availability-zone nova:overcloud-novacompute-1.localdomain.com

BRKSDN-2333


[root@overcloud-controller-0 ~]# neutron port-list

+------------------+------------------+------------------+---------------------+

| id | name | mac_address | fixed_ips |

+------------------+------------------+------------------+---------------------+

| 8904fbf0-5a9b- | | fa:16:3e:8c:8f:f | {"subnet_id": "1e9a |

| 48f2-b88f- | | 2 | 5a26-478e-4837-a659 |

| e115093d2594 | | | -ca7f6105a7e3", |

| | | | "ip_address": |

| | | | "10.11.12.2"} |

| 9bf477cb-a016 | vm- | fa:16:3e:db:e5:0 | {"subnet_id": "1e9a |

| -407e-a97a- | compute-0-1-port | 2 | 5a26-478e-4837-a659 |

| 7f15b35c3bad | | | -ca7f6105a7e3", |

| | | | "ip_address": |

| | | | "10.11.12.3"} |

| b504c2a4-6c6c-41 | vm- | fa:16:3e:99:24:4 | {"subnet_id": "1e9a |

| c0-b011-a3e747c6 | compute-1-1-port | 1 | 5a26-478e-4837-a659 |

| 3568 | | | -ca7f6105a7e3", |

| | | | "ip_address": |

| | | | "10.11.12.4"} |

| f70a5d22-e6cd- | | fa:16:3e:3f:50:e | {"subnet_id": "1e9a |

| 4c36-8b7c- | | 4 | 5a26-478e-4837-a659 |

| 66ddd14c469f | | | -ca7f6105a7e3", |

| | | | "ip_address": |

| | | | "10.11.12.1"} |

+------------------+------------------+------------------+---------------------+

Port for VM #1

Port for VM #2

DHCP tap port

qrouter tap port

Network Setup Complete:Example OpenStack Perspective: Check your ports

BRKSDN-2333 94


[root@overcloud-controller-0 ~]# curl -XGET -u admin:admin http://localhost:8081/restconf/operational/network-

topology:network-topology/ | python -mjson.tool

{

"network-topology": {

"topology": [

{

"link": [

{

"destination": {

"dest-node": "overcloud-novacompute-0.opnfvapex.com",

"dest-tp": "vxlan_tunnel5"

},

"link-id": "overcloud-novacompute-1.opnfvapex.com-1-overcloud-novacompute-0.opnfvapex.com",

"source": {

"source-node": "overcloud-novacompute-1.opnfvapex.com",

"source-tp": "vxlan_tunnel4"

},

"vbridge-topology:tunnel": "vxlan_tunnel4"

},

{

"destination": {

"dest-node": "overcloud-controller-0.opnfvapex.com",

"dest-tp": "vxlan_tunnel4"

},

"link-id": "overcloud-novacompute-0.opnfvapex.com-1-overcloud-controller-0.opnfvapex.com",

"source": {

"source-node": "overcloud-novacompute-0.opnfvapex.com",

"source-tp": "vxlan_tunnel4"

},

"vbridge-topology:tunnel": "vxlan_tunnel4"

},

ODL – Active Network Topology

[... abbreviated ...]

Network Setup Complete:Example ODL Perspective: Active Network Topology

95BRKSDN-2333


Network Setup Complete:Example HoneyComb Perspective: Interfaces

96

[root@overcloud-controller-0 ~]# curl -XGET -v -u admin:admin http://localhost:8182/restconf/config/ietf-interfaces:interfaces/ | python -m json.tool% Total % Received % Xferd Average Speed Time Time Time Current

Dload Upload Total Spent Left Speed

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* About to connect() to localhost port 8182 (#0)* Trying ::1...

* Connection refused

* Trying 127.0.0.1...* Connected to localhost (127.0.0.1) port 8182 (#0)

* Server auth using Basic with user 'admin'

> GET /restconf/config/ietf-interfaces:interfaces/ HTTP/1.1

> Authorization: Basic YWRtaW46YWRtaW4=> User-Agent: curl/7.29.0

> Host: localhost:8182

> Accept: */*>

< HTTP/1.1 200 OK

< Date: Sun, 18 Sep 2016 10:29:10 GMT

< Content-Type: application/yang.data+json< Transfer-Encoding: chunked

< Server: Jetty(9.3.11.v20160721)

<{ [data not shown]

100 1499 0 1499 0 0 150k 0 --:--:-- --:--:-- --:--:-- 162k

* Connection #0 to host localhost left intact

{"interfaces": {

"interface": [

{"description": "neutron port",

"enabled": true,

"link-up-down-trap-enable": "enabled","name": "neutron_port_f70a5d22-e6cd-4c36-8b7c-66ddd14c469f",

"type": "v3po:tap",

"v3po:l2": {

"bridge-domain": "fea5f755-6457-4ff5-a4a1-e6404e6b6407"},

"v3po:tap": {

"mac": "fa:16:3e:3f:50:e4","tap-name": "qr-f70a5d22-e6"

}

},

Ctl

QR

C0 C1

DHCP

BRKSDN-2333


[root@overcloud-controller-0 ~]# vppctl show int addr

TenGigabitEthernet7/0/0 (up):

192.168.0.23/24

local0 (dn):

tap-0 (up):

l2 bridge bd_id 1 shg 0

tap-1 (up):


vxlan_tunnel0 (up):


vxlan_tunnel1 (up):


Network Setup Complete:Example VPP perspective - vppctl show int addr

BRKSDN-2333 97


OPNFV FastDataStacks project – Timeline...

99BRKSDN-2333

Colorado 1.0

(Sep/2016)

- Base O/S-

ODL(L2)-VPP

stack (Infra:

Neutron / GBP

Mapper / GBP

Renderer / VBD /

Honeycomb /

VPP)

- Automatic Install

- Basic system-

level testing

- L2 networking

using ODL (no

east-west security

groups), L3

networking uses

qrouter/OVS

- Overlays: VXLAN,

VLAN

Colorado 3.0

(Dec/2016)

- Enhanced O/S-

ODL(L2)-VPP stack

(Infra complete:

Neutron / GBP Mapper

/ GBP Renderer / VBD

/ Honeycomb / VPP)

- Enhanced system-level

testing

- L2 networking using

ODL (incl. east-west

security groups), L3

networking uses

qrouter/OVS

- O/S-VPP (Infra:

Neutron ML2-VPP /

Networking-vpp-agent /

VPP)

- Automatic Install,

Overlays: VLAN

Danube 1.0

(March/2017)

- Enhanced O/S-

ODL(L3)-VPP

stack (Infra

complete:

Neutron / GBP

Mapper / GBP

Renderer / VBD /

Honeycomb /

VPP)

- L2 and L3

networking

using ODL (incl.

east-west

security groups)

Danube 2.0

(May/2017)

- Enhanced O/S-

ODL(L3/L2)-VPP

stack: HA for

OpenStack and

ODL (clustering)

Euphrates 1.0

(November/2017)

- Enhanced O/S-

ODL-VPP stack:

DVR with VPP

(pure L3 for east-

west and north-

south

communication);

Dynamic VXLAN-

tunnel control via

LISP


DVR with VPP

100BRKSDN-2333


Ten

ant

net

wo

rk i/

f

Ten

ant

net

wo

rk i/

f Tenant network i/f

VM 2vhost-user

Controlnode-0

VPP


Internet

DHCP tapVPP

VPP


VM 1vhost-user

Honey-comb

Honey-comb

Honey-comb


Internet

L3FIB

L3FIB

GBP LISP

L3FIB

VXLAN VXLAN

VXLAN

LISPcontrolled

ARP-proxy

ARP-proxy

DHCP-Relay

DHCP-Relay

NATNAT



Iterate.


Cisco Spark

Questions? Use Cisco Spark to communicate with the speaker after the session

1. Find this session in the Cisco Live Mobile App

2. Click “Join the Discussion”

3. Install Spark or go directly to the space

4. Enter messages/questions in the space

How

cs.co/ciscolivebot#BRKDCN-2390


• Please complete your Online Session Evaluations after each session

• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.

Complete Your Online Session Evaluation

http://ciscolive.com/Online

http://www.ciscolive.com/global/on-demand-library/


Continue Your Education

• Demos in the Cisco campus

• Walk-in Self-Paced Labs

• Tech Circle

• Meet the Engineer 1:1 meetings

• Related sessions

104BRKSDN-2333

Thank you

open-source nfv platform? opnfv! - cisco live

Documents