Sponsored by the National Science Foundation

Programmable Networks and GENI

Marshall Brinn, GPO

GEC15

0830-1000 October 25, 2012

Sponsored by the National Science Foundation 2October 25, 2012

Outline

• Introduction• Presentations

– Deniz Gurkan (Houston)– Kiran Nagaraja (Winlab Rutgers)– Prasad Calyam (OSU)– Ashish Vullmiri (Illinois)

• Panel Discussion

Sponsored by the National Science Foundation 3October 25, 2012

Introduction

The goal of the session is to review, from the perspective of an experimenter, how one CAN and how one SHOULD control network operations on the GENI-provided data plane.

Sponsored by the National Science Foundation 4October 25, 2012

Data Plane Schematic: Custom Virtual Topology Embedded in Resource Topology

GENI has a (growing) set of compute and network resources. These are managed by aggregates who can provide slivers (real or virtual resources or resource bundles) in response to AM API requests which can be stitched together into segregated custom topologies.

Sponsored by the National Science Foundation 5October 25, 2012

GENI-provided data plane

• Custom: – Generated based on experimenter’s request RSpec

(Resource Specification)– Mixtures of virtual and ‘bare-metal’ compute nodes– Embedded in available topology of aggregates and

network connections.• “Stitched” across aggregates as requested and possible

– ‘Custom’ may include dimensions of geography, physical connectivity, network type (wired/wireless)

The data plane that GENI provides to experimenters is custom, segregated, Layer 2 linked and deeply programmable

Sponsored by the National Science Foundation 6October 25, 2012

GENI-provided data plane [2]

• Segregated:– Traffic between topologies (slices) are kept separate

• Your slice’s traffic can’t enter my slice and vice versa, except by special mutual arrangement.

– We expect to use VLAN tags as the segregation mechanism• May require some VLAN translation, management of limited

VLAN tag resources at different aggregates• May impose limitations on experimenter (VLAN tag in header)

– GENI does not make performance isolation assurances in general• But there are some resources that do provide such assurances

The data plane that GENI provides to experimenters is custom, segregated, Layer 2 linked and deeply programmable

Sponsored by the National Science Foundation 7October 25, 2012

GENI-provided data plane [3]

• Layer 2 Linked:• Provides Layer 2 ‘data plane’ network between compute nodes, as

specified in request RSpec– Not necessarily one broadcast domain.

• Also provides Layer 3 ‘control plane’ access to compute nodes either by public IP address or aggregate-provided SSH proxy.

The data plane that GENI provides to experimenters is custom, segregated, and Layer 2 linked and deeply programmable.

Sponsored by the National Science Foundation 8October 25, 2012

GENI-provided data plane [4]

• Deeply Programmable:• Allows for programming all details of network operations on the

data plane• Ranging from routing decisions to frame edits to completely new

L3 protocols.

The data plane that GENI provides to experimenters is custom, segregated, and Layer 2 linked and deeply programmable.

This aspect is the focus of this session.

Sponsored by the National Science Foundation 9October 25, 2012

Loci of Deep Programmability

• Physical Switch– All GENI racks (at campus, regional, backbone) are expected to

contain an OF switch.– Uneven OpenFlow support across vendors.

• Some provide ‘hybrid’ (OF or non-OF per-port) mode.

• Software Switch– OVS is provided standard in most recent Linux distributions

• Within OVS, experimenters can:– Can write own modules, protocols– OF switch support is provided with OVS, so it can provide controller for

networking at each node

• New ‘GENI-in-a-Box’ capability uses OVS to construct its topologies

– XORP and Click are other popular S/W switches

There are many potential sites of network programming in a GENI data plane topology

Sponsored by the National Science Foundation 10October 25, 2012

Domains of Network Programmability

• Rule-based frame handling– Setting Flowspace rules (in FlowVisor)– Setting routing rules in kernel tables– Setting flow_mod rules in OF switch

• In-the-loop frame handling– OF Controller can do this, providing fine-grained

(though inefficient) per-frame control

• Encapsulation, Tunneling approaches• Implementation of non-IP L3 protocols

Any of these network control approaches (and others) can be effected at different locations: e.g. OF controllers, in custom network drivers, in OVS modules

Sponsored by the National Science Foundation 11October 25, 2012

Data Plane: Experimenter View

• To the experimenter, their topology should SEEM like a LAN (albeit, in fact, ‘wide area’)– Or a series of LAN’s

• Each node may have multiple interfaces: complex topologies dictate which nodes communicate over which interfaces

– Can’t see intermediate hops that aren’t visible to GENI (tunneled, e.g.)• There may be hops that aren’t GENI nodes

– There are likely to be some restrictions on L2 headers (specifically changing VLAN tags)

– May be limits on L2 broadcast (vice P2P).

Sponsored by the National Science Foundation 12October 25, 2012

Questions for speakers and discussion

• What have experimenters been able to do in terms of network programming on GENI data planes?– What has been easy, what has been difficult?

• What future capabilities would experimenters like to see delivered to support them in their network programming efforts?– Perhaps graphical tools? Topology or path services?

• GENI provides a lot of capabilities beyond data plane provisioning (e.g AuthN, AuthZ, Logging, Monitoring). – Is there anything from the federation or GMOC level that would

help with deep network programmability?

Sponsored by the National Science Foundation 13October 25, 2012

Speakers / Panel

• Deniz Gurkan (Houston)• Kiran Nagaraja (Winlab Rutgers)• Prasad Calyam (OSU)• Ashish Vullmiri (Illinois)

Sponsored by the National Science Foundation

Panel Discussion