6Internet2 Community Innovation Story Abundant Bandwidth100G, for nowNetwork ProgrammabilitySDN, Network VirtualizationFriction-Free ScienceScience DMZ
7Internet2 Community Innovation Story Abundant Bandwidth100G, for nowNetwork ProgrammabilitySDN, Network VirtualizationFriction-Free ScienceScience DMZ
8Network Virtualization on Internet2 “Advanced” is why Internet2 exists.
9Network Virtualization on Internet2 “Advanced” is why Internet2 exists.
10Network Virtualization on Internet2 “Advanced” is why Internet2 exists.
11Network Virtualization on Internet2 Control a slice of the national network!Enable:Rapid prototyping of advanced applicationsRapid prototyping of new network servicesRapid advancement of network research“Advanced” is why Internet2 exists.
12Network Virtualization on Internet2 Network Virtualization: Puts members in control of (a slice of) the networkChange in paradigm:Turning the “commons” on its headPrivate network capabilities with shared network costsLarge scale networking is normally about lowest common denominatorLarge scale virtualized networking is about creating custom facilitiesExtend the local domain into the national (eventually global) arena
13Network Virtualization Use Case For most applications run in a campus environment, the traditional routed Layer 3 infrastructure provided by the Internet2 Advanced Layer 3 Service (AL3S) provides all the needed functionality and performance.For some applications, the ability to run on a server in a campus environment or on a GENI Rack, connected by a Layer 2 VLAN, should suffice.For a few advanced applications, particularly in the network research arena, there is a need to run their own controller on a virtual network.General use case for supporting network virtualization on the Internet2 Network.
14Use Case Examples (1) Production Service Staging Network Research GENI wants to move to Stitching v3.0, but Stitching 2.0 is in wide useSet up a slice, deploy a second OESS, deploy new version of FOAM Stitching AggregatorWhen it’s tested and ready, move to the production OESS stackNetwork ResearchNetwork researcher has a better idea how to do networkingSet up a slice, deploy new network controller, write paperService PrototypingLook at alternatives to AL3SImplement a route server that speaks OpenFlow on southbound interface with no routersDeploy in a slice, begin peering with other domainsEvaluate efficacy, operational savingsOver time transition to new service
15Use Case Examples (2) Private Networks Want something akin to Atlantic Wave, original vision for LHCONE, or GENI Virtual NetworkSet up a distributed SDX across multiple domainsNetwork virtualization experiments are already underwayPrototyping IP over SDN solution (no routers!)Prototyping cloud-based servicesPrototyping multi-domain virtual networksDANCES
16Technology behind Network Virtualization Vendors such as Brocade provide switches that implement OpenFlow.Through close development partnerships, Internet2 can deploy advanced technology.Internet2 and Indiana University have developed a second-generation, open source hypervisor, called Flowspace Firewall (FSFW).FSFW divvies up the available VLANs on a network into VLAN ranges, known as slices.FSFW acts as a proxy between one or more OpenFlow controllers and a set of switches within a single administrative domain.FSFW only carries OpenFlow commands from a controller to a switch (or the reverse) if the command falls within the allocated range of VLANs for that controller.FSFW acts as a resource protector, ensuring that no controller overconsumes scarce resources such as the rate at which OpenFlow rules can be fed to a switch or the number of OpenFlow entries in the Flow Table.Technology enables Innovation in the Internet2 Community
19Prototype Multi-Domain Layer 2 Service Backdrop:Internet2 operates a Layer 2 ServiceCampuses (e.g. University of Utah) operate a Layer 2 ServiceRegional Networks (e.g. MAX) operate a Layer 2 ServiceExchange Points (e.g. AMPATH/FIU) operate a Layer 2 ServiceIs there a way to create a Multi-Domain Layer 2 Service?Common capabilitiesWillingness to collaborateWillingness to contribute to a common projectMaintain local controlWithdraw at any timeEnable (illusion of) global controlControl remote administrative domainsNo change in software, just configuration
20An SDX is a next generation Independent Exchange Point (IXP) An SDX is a next generation Independent Exchange Point (IXP). See report from recent GENI workshop.
21There will be many SDXs (e.g. STARLIGHT, MAN LAN, WIX).
22You could knit them together with an interdomain protocol like IDCP, NSI, or GENI stitching …