VNode: A Deeply Programmable Network Testbed Through Network Virtualization

Akihiro Nakao Network Virtualization Project Leader

The University of Tokyo 2012/3/2

1

Vision: Advanced Network Virtualization

� �“Network” is a communication infrastructure including link resources as well as processing and storage resources (routers)

� �Network Virtualization is not just virtualizing connectivity (VPN, logical routers), but virtualizing the infrastructure “as a whole”

� �Our objective is to run multiple different deeply programmable networks concurrently in an isolated manner.

2

Deeply Programmable Network

� �Network that flexibly adapts to demands by means of not only programmability in control plane for route control, network management, etc., but also deeper programmability for data-plane for processing data and dealing with new protocols (non-IP), etc.

3

Vision: “Multiple Deeply Programmable” Networks

4 ����������� ��� ������� ���������

Cloud Platform1

Cloud Platform 2

Handsets, PCs Appliances, Sensors,…

Content Oriented NW

Cache Oriented NW

Future NW

Sensor Processing ＮＷ

Cloud Access ＮＷ

ID/Loc NW

Legacy NW

TV Broadcast NW

Slice 1 Slice 2 Slice N

�������� ������� ������������

Key Technical Requirements � � Abstraction

� � Resource Virtualization � � Resource Separation / Consolidation

� � Isolation � � Performance Isolation (QoS) � � Security Isolation (Interference, Intrusion) � � Name-Space Isolation （Network Naming）

� � Elasticity � � On-Demand Slice Creation / Revocation

� � Deep Programmability � � Network Control � � Data Processing � � Protocol Handling

� � AAA � � Resource Accounting � � Developer Authentication 5

DPN: Difference from Prior Arts � �VPN/Logical Router

� � Little programmability � �Intelligent Network

� �Open to carriers, not to others � �Active Network

� � Immature base technologies � �Slice concept missing

� �SDN/ OpenFlow Technology

6

OpenFlow Programmability � � Flow-Level Programmability

� � Route Control � � Access Control � � Network Management

� � Packet-Level Programmability � � Packet Processing •� Cache •� Transcoding •� Network Coding

� � Parsing New Protocols •� IPvN (N>6) •� CCN •� Content Switching/Routing

7

Possible with OpenFlow

Impossible with OpenFlow alone

Possible with OpenFlow +Processors

Not possible with OpenFlow +Processors

Possible with Our Architecture

Deeply Programmable Network

�������������� � ��

8

Proposal: VNode System Requirements � � Resource Abstraction

� � Link and Computational Resource Abstraction � � Evolvable Node Architecture

� � Resource Isolation � � Resource-aware slice operation � � Isolate bandwidth per link sliver (policing/shaping)

� � Dynamic Slice Reconfiguration � � Dynamic topology modification

� � Deep Programmability � � In-Network Data Processing � � Protocol Handling (Non-IP/ANY) � � ANIAS (Any Network In A Slice) / OFIAS (OpenFlow In A Slice)

� � Easy-Opt-In � � Access Gateway

� � Network Accommodation � � Physical and Logical networks integration

VNode Project Chronology

Abstraction Isolation Elasticity Programmability Authentication Authorization Accounting

� � Realizing Advanced Network Virtualization Infrastructure � � 2008-2010 Collaboration (NICT/Utokyo/NTT/NEC/Hitachi/Fujitsu) � � 2011-2014 Collaboration (Utokyo/NTT/NEC/Hitachi/Fujitsu/KDDI)

funded by NICT Project Leader Aki Nakao@UTokyo

Supporting All the Requirements for Advanced Network Virtualization

10

MySlice1

M Slice View

Hybrid View

MMMyySSSSSSSSSSlilliilillliliceeeeeeeeee1

M SliSlice View

biV

w

Slice Operation

agw-f1

agw-f2

agw-f3 agw-f4

agw-f5

agw-f6

agw-f7

Otemachi

Dohjima

Hakata

Sapporo

Koganeii

rp-nh1

rp-nh2

rp-nh3

rp-nh4

Otemachi

Dohjima

Ishikawa Hakusan 11

------ffffffffffffffff

aSSSSSSSSSaaaaaaaaaaaSSSSSSSaaaaaaaaaaaSSSSSSSaaaaaaaaaSaSSSSaaaSSSSSSSSSSSSSSSSS

ppprrrrrrppppppppppppppDoDoDoDooDooooohhhhhhhhhhhhhhhhhjhhhhhhhhhhhhhhjDohhhhhhhhhhhhhhhhhhjhhhhhhhhhhhhDohhhhhhhhhhhhhhhhhhjjhhhhhhhhhhhhhhhhhohhhhhhhhhhhhhhhhhhhhh2

SSSSnh1 nh1nnp-nrp nh3 nhhnp-nrp

rDooDoo

Ishikawa sh wa IshikawIshikawp

IshikHakusanakusansHakusp

HakuNetwork

Virtualization Platform

Slice A

Slice B

Network Virtualization Management System (NMS)

Slice Design

Network Virtualization Node (VNode)

Node Control

Resource Allocation

Create/Modify /Delete Slices

VNode System Architecture

Cloud Platform1

Cloud Platform 2

�������������� ������

� ������������������������

11

����������� ��� ���������� ��

����� �����������������

������

����� ����������

������������������

����

����

����������� �������

����������������

���������

������

����������� �������

����������������

���������������������������

���������������

Operator(s), Developers, and Users

��������

��������

�������

����

�������

�������������

���� ��� ��� ���

��������������� ����

��� !���������

"��� "���"���

����������������

��

�������

���"��"�#$�

"����� ���

"�� !�""�� !�"��"� !�� !�� "�"""���

� ���

��� ��� !���� !��� !���������������������

"�� !!!�� !� ! !"�"��"""��"��

�"���

"��

"���

������

�

�������

����!�"��

6 Vnodes, 2 NC’s, 11 AGW deployed as of now Vnode System Deployment

����������

�

�����

�����������

���� ���� ����� !!� !!!!����

����

����

����

�����

""����

����

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!����

����#�������

��������������� �������������

����� $���%���

������������

�������

�"�

���

���

��

���

���

������

���

���

����� ���������

� ��������� ���

�&�

�������

�����

�����������������������

�����

���

����

���

������� ���������������������������������

VNode: Design Principles � �Evolvable Node Design

� � Redirector •� Defines the structures of virtual networks •� Responsible for link resources

� � Programmer •� Combines various kinds of computational and storage resources •� Responsible for computational and storage resources

-> Enables independent evolution of resources � �Evolvable and Scalable Programmer Design

� � Easy plug-in of arbitrary computational components -> Enables deep programmability

� �Easy-Opt-In � � Accommodate users easily -> Benefits users promptly 13

��������� ��������

VNode

VNode: Nuts & Bolts

VNodeManager

Redirector Part (AX6700+SMCx2)

上側

下側

AX6708S Service Module Card

Programmer Part (IA Serverx4 +ATCAx2+OpenFlow SWx2)

Fast-Path Network Processor Card OpenFlow Switch

14

��

��

��Redirector

Programmer ��

��

����

��

��

�

���

�

�

Slice 2

Slice１

������� ������

Manage Link Slivers

Manage Node Slivers

Node Sliver Link Sliver

Node Sliver Link Sliver

Slice Design

Node Sliver

Node Sliver

Link Sliver Link Sliver

Interface

Interface

Interface

Interface

Slice Implementation

Slice Design

Internet

VNode Infrastructure Architecture

rrnet

DC

%

&

%

& '��

'��Users

Users

Internet Programmer

%

&

Interrrnet

%

&&&

%

&&&

'��

Internet&&&

et

Redirector (R) Programmer (P)

Slice Traffic

Slow Path

Fast Path

VNode Manager

SP

SP

SP

SP

SP

FP

FP

FP

FP

FP

F F F F F

Forwarding Engines

Data Plane

Tunnel Redirection

Redirector Manager Programmer Manager

Redirector

Access Gateway (AGW) VNode

Domain Controller

16

Production Router (10Gbps)

VNode Architecture

User Opt-In

User Opt-In

Forms structure of virtual networks

Enables deep programmability

Redirector

17 17

Redirector (GRE Tunneling)

18

Programmer Architecture

19 19

Node Sliver Variations

20

VNode Programmer Architcture

21

Slow Path Engine � �VM Components

22

Fast Path Engine � �Network Processor Components

23

AGW

24

AAA and Easy-Opt-In

25

End-to-End Protocol Stack

26

Cache Oriented Network Architecture

27

�����������

��� ����

����������� �����������

�������� ��������

����

����

�������������

���������������

�� ��� �

�� ���������

���!���

���"�

#����� #�����

$%&��$%&��

'�()���'�()���

����������)�������

����)�

���!������*�

2222222222222222222222222222222222222222222222222222222222222222222222227777

Nearly 75% Redundancy Elimination

ANIAS (Any Network In A Slice) OFIAS (OpenFlow In A Slice)

Slice 3

Slice 2

Slice 1

OpenFlow and the other protocols coexist

Multiple Different OpenFlow NWs coexist

�������������

�!������"������

#�������

OFIAS Demo (OpenFlow In A Slice)

��$%�

��&�

���������

� !� �����

"����"��#����

$"��%#�� ��

!�%��

'��(� )��&�����

'�����&���'�

��*���&�����

12.2.21 29

��

�������������� ��������������������������� ���� ����������������� ����������

+�,�����

%%

&&

������

''

()*+%,�

()*+%,�

()*+%,�

(*+�,�

Route Switch in OFIAS

(*+�,�

'��(� )��&����

()*+%,�

()*+%,�

'�����&���'�

��*���&�����

()*+%,�

%����"()��� �*�+)� � � %����!()��� �*�+� ,�- +)� � �

(*+�,�

'��(� )��&�����

()*+%,�

()*+%,�

'�����&���'�

��*���&�����

()*+%,�

12.2.21 30

%�� ���-� )��������

Slice Design：OFIAS

���.�/�0

【�/0】12�2�3�

!%���

!%���

!%���&���("40

5 ��� �� )� � �

�/"�

【�/"�】12�2�3�

�6�7���� ��

���"�

*+�【*+�】�(*#�+������� �����,�.%����� �/�

)��� �*��

&���("4!�)$���)$��"�

8)2��$��������*91���� ���3

�)$���)$��.�8)2��$���������*9

1���� ���3

�����!

� ,�- �

�)$���)$��!�8)2��$���������*9

1���� ���3

!%�'�

!%�0�

!%�1�

!%�2�

3�#4 �

*4 #4 �

12.2.21 31

Conclusion � �Deep programmability enabled by advanced network virtualization is key to introducing open-innovation in the network

� �Lots of interesting in-network processing slices proliferating…

32