IoT를 위한 SDN/NFV 기술

신명기, ETRI mkshin@etri.re.kr

2015. 1.22-23 2015 소프트웨어 컨버전스 심포지움

1

Problem and Challenges • Problems with end-to-end IP networking to

resource-constrained IoT devices Need adaptation and/or mapping functions for end-to-end

global IP networking Manage a large number of devices with variety of IoT protocols

• Capability mismatch between devices MTU differences, simplified vs. full protocol stack (e.g., CoAP/UDP

vs. HTTP/TCP), single stack vs. dual stack, processing and communications bandwidth, sleep schedule, security protocols, etc.

• Rapid interaction between services and infrastructure E M il i ti ( l i / t)

2

(e.g.,) Variety of IoT Protocols • Various Physical Layers

WiFi, WiMAX, BLE, NFC, LTE, …

• Various 6LO Functions IPv6-over-foo adaptation layer using

6LoWPAN technologies (RFC4944, RFC6282, RFC6775 ..)

• Constrained Application Protocol RFC 7252 CoAP and related mapping

protocols

• Constrained Security Protocols DTLS In Constrained Environments (DICE,

draft-ietf-dice-profile-05) Authentication and Authorization for

Constrained Environments (ACE Work-in-

Radio Transmission

Wi-Fi WiMAX Bluetooth NFC LTE

MAC

6LO Adaptation Layer

IPv4/IPv6

UDP

CoAP, DICE, ACE, ….

System Layer

Application Layer

Physical Layer

Link Layer

Network Layer

Transport Layer

Application Layer

Control Functions

Note that we will mainly focus on end-to-end networking to resource-constrained nodes

i 6 O C C O t l t

3

IoT Management Issues • System and architecture Support multiple device classes Minimize state maintained on constrained devices Support for lossy and unreliable links

• Protocols and configuration Compact encoding of management data, Protocol extensibility Self-configuration capability

• Monitoring • Security and Energy Management

4

6Lo Functions • IPv6 over Networks of Resource-constrained Nodes (6Lo WG) • IPv6-over-foo adaptation layer specifications using

6LoWPAN technologies (RFC4944, RFC6282, RFC6775 ….) →Transmission of IPv6 Packets over BLUETOOTH(R) Low Energy →Transmission of IPv6 Packets over DECT Ultra Low Energy →Transmission of IPv6 over MS/TP Networks →Transmission of IPv6 packets over ITU-T G.9959 Networks →Transmission of IPv6 Packets over IEEE 1901.2 Narrowband

Powerline Communication Networks →Transmission of IPv6 Packets over Near Field Communication (NFC)

5

IETF 6lo Functions (6LoWPAN – RFC4944)

ETRI, IPv6 over NFC 개발사례

Test-bed Intel Galileo board with Debian Linux OS

NFC Antenna

NFC Shield

IETF CoAP Function • Why CoAP for IoT applications?

• Constrained devices (Energy, Resource-constrained) • Light-weight, Low power

• What about HTTP for IoT Apps. ? • High Latency • High Packet Loss

• Features • A RESTful protocol • Both synchronous and asynchronous • Specialized for IoT applications • Easy to proxy to/from HTTP • CoAP header + option: 10~20 bytes (HTTP의 약 1/10)

Our Approach • SDN and NFV can solve those

problems and challenges. SDIoT : A Software-defined end-to-

end IoT infrastructure (including aka, IoT service chaining support)

• IoT Infrastructure could be built by means of NFV with integration of SDN which makes it more agile.

• SDN and NFV will be enablers for new IoT Infrastructure.

SDN NFV

IoT Infrastructure

9

SDN – Standards • To decouple control planes from

data plane through OPEN Network APIs Directly control and manage the

NET/INF in programmatic manner (넓은범위의 정의)

• TWO approaches (Abstraction) • New architecture – OF1.3.4/1.4 (Flow

Tables’ operations) • Existing architecture – Interface to the

“X” systems (i.e., Routing, SFC, etc.) • IETF I2RS, SFC WG, I2NSF BoF (YANG data modeling) • Protocols – NetConf, XMPP, ALTO, … 기타 PCE ForCES MPLS Segment

Controller

Apps POSIX-like NBAPIs OPEN INTERFACE

1.Net Apps

2.Directly control and manage the NET in programmatic manner

OF I2X {/w YANG}

OF-enabled Devices

Legacy Devices

10

SDN - Open Source http://www.opendaylight.org/

• Network Apps & Orchestration • Controller Platform • Physical & Virtual Network

Devices • NFV와의 연동고려 • Controller Platform

• Bidirectional REST for the Northbound API

• a collection of dynamically pluggable modules to perform needed network tasks.

• The southbound interface is capable of supporting multiple protocols (as separate plugins), e.g. OpenFlow 1.0, OpenFlow 1.3, BGP-LS, etc. These modules are dynamically linked into a Service Abstraction Layer (SAL). 11

NFV - Standard • To relocate network

functions from dedicated HW appliances to generic servers

• ONE approach (ETSI NFV ISG Framework)

• Phase-1 (BB) • Phase-2 (Information modeling

for multi-vendor interoperability)

• Protocols

12

NFV – Open Source • NFV Infrastructure

(NFVI) • To provide access to basic

resources—compute, storage and networking—through hypervisors and SDN functions

• Virtualized infrastructure manager (VIM):

• To manage the VNFI and provides the management capability required to deploy applications running in a virtual environment,

https://www.opnfv.org/

13

Two Questions 1) How to abstract IoT’s behaviors by SDN

concept ? 2) How to relocate various IoT functions from

HW appliances to VMs and make them connected or chained together ?

14

Control Abstraction Layer

IoT Devices

IoT-aware Services/ Applications/Stuff

IoT Controls IoT’s

Control Plane

Properties and behaviors Connectivity (Mesh, radio/wireless …) QoS Energy Real-time + delay/Jiter Reliability (/w verification) Sensing/actuaction Security … ..

Yang Modeling

Q) How to abstract IoT’s behaviors by SDN Concept ?

Device Abstraction Layer

Abstraction & Separation

15

ODL – (IOTDM) • 시스코 & ETRI (2014.11) • IDM Core

• Definition of a YANG model representing the oneM2M resource tree

• Integration of existing common IoT southbound protocols: CoAP, MQTT, HTTP

• Security Manager – User Authentication and Policy Enforcement

• SB protocols, GW function, 서비스 체이닝 기능에 대해 추적으로 확장할 계획을 논의중

16

https://wiki.opendaylight.org/view/IoTDM:Main (코드 릴리즈 및 dev 페이지)) https://wiki.opendaylight.org/view/Project_Proposals:Internet_of_Things_Data_Management_(IOTDM) (프로포절 페이지)

ODL – (IOTDM)

17

Yang Data Model Tree (oneM2M Device)

MIB for Monitoring 6LoWPAN

Q) How to relocate IoT GW functions ?

Radio Transmission

Wi-Fi WiBro Bluetooth NFC LTE

MAC

6LO Adaptation Layer

IPv6

UDP

Controls (SDN)

CoAP-to-HTTP, DICE-to-TLS

System Layer

Application Layer

Virtualization Layer

IoT VNF (SW)

IoT Common

GW (HW)

IoT SDN (SW)

Virtualization & Relocation

Radio Transmission

Wi-Fi WiMAX Bluetooth NFC LTE

MAC

6LO Adaptation Layer

IPv4/IPv6

UDP

CoAP-to-HTTP, DICE-to-TLS

System Layer

Application Layer

Control Functions

19

Q) How to relocate IoT GW functions ?

Virtualization & Relocation

Radio Transmission

Wi-Fi WiMAX Bluetooth NFC LTE

MAC

6LO Adaptation Layer

IPv4/IPv6

UDP

CoAP-to-HTTP, DICE-to-TLS

System Layer

Application Layer

Control Functions

Radio Transmission

Wi-Fi WiBro Bluetooth NFC LTE

MAC

6lo adaptation layer

IPv6

UDP

Controls (SDN)

CoAP-to-HTTP, DICE-to-TLS

System Layer

Application Layer

Virtualization Layer

IoT VNF (SW)

IoT Common

GW (HW)

IoT SDN (SW)

20

NFV IoT GW Functions Candidates • IoT DPI functions • L2~L3

• IP mapping function for non-IP nodes • 6LO functions (IPv6 Packets over WPAN, BT, Low Power Wi-Fi, NFC,

etc. ) • RFC4944, RFC6282, RFC6775, and • Many other WG I-Ds (work-in-progresses)

• L4~L7 • CoAP-HTTP protocols mapping <draft-ietf-core-http-mapping>

• DICE-TLS protocols mapping …

21

Io T nodes /w IP Io T GW

BLE, NFC

Interfaces

IPv6 Interface

Server

VNFs

CoAP-to-HTTP

DPI

DICE-to-TLS

6Lo adaptation

Service Chaining Operation Example for E2E IoT Networking SFC1 : DPI 6LO(WPAN) DICE/TLS

….. SFC2 : DPI 6LO(NFC) CoAP/HTTP

22

SFC Yang Data Model • Dratf-penno-sfc-yang-09문서의 모듈 구조 2014. 10. 27 update

Service Function Chaining

Service Function

Service Function Chain

Service Node

Service Function Path

Service Function Forwarder

Service Function Forwarder Open

vSwitch

Service-Function-Type

Service-Locator

Service Function ietf-inet-types ietf-yang-type

import

공통 import

Service Function Type

Service Locator

Service Locator

Service Function Forwarder

ETRI Development and Prototype

SDN/NFV-enabled end-to-end IoT network services

VNF1

VNF3 VNF5a

VNF4

SFC-1

End Point

End Point

VNF2a

VNF2b VNF5b SFC-2

memory storage

OpenStack Controller/Orchestrator

Virtualization Layer

OpenStack Agent SDN Switch

SDN Controller

compute network

Network Complier, Verification Tools …

IPv6 over NFC functions <draft-hong-6lo-ipv6-over-nfc>

NFC Shield

Intel Galileo board with Debian Linux OS

24

Summary and Plan • SDN and NFV offer a new way to design, deploy and

manage IoT end-to-end network services. • SDN provides rapid interaction between services and infrastructure. • NFV makes IoT service functions chaining more agile.

• Our challenge is that how to relocate various IoT functions to VMs on top of generic servers and abstract their behaviors by SDN.

• We are now developing a prototype, which is mainly focused on various 6LO, CoAP functions chaining.

• We are also planning to propose a new (bar) BoF for I2NCN (Interface to Network of Constrained Nodes) at next IETF meeting.

25