VPN4DC Discussion VPN4DC Team 11-16-2011 Taipei, Taiwan.

Slides:

Advertisements

Similar presentations

Elastic Provisioning In Virtual Private Clouds

Advertisements

Technology Directions for IP Infrastructure GH 3/7/00.

All rights reserved © 2000, Alcatel 1 CPE-based VPNs Hans De Neve Alcatel Network Strategy Group.

Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Multicast in BGP/MPLS VPNs and VPLS draft-raggarwa-l3vpn-mvpn-vpls-mcast-

Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 E-VPN and Data Center R. Aggarwal

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

What’s New: Windows Server 2012 R2 Tim Vander Kooi Systems Architect

The Case for Enterprise Ready Virtual Private Clouds Timothy Wood, Alexandre Gerber *, K.K. Ramakrishnan *, Jacobus van der Merwe *, and Prashant Shenoy.

Take your CMS to the cloud to lighten the load Brett Pollak Campus Web Office UC San Diego.

Module 1: Demystifying Software Defined Networking Module 2: Realizing SDN - Microsoft’s Software Defined Networking Solutions with Windows Server 2012.

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

L3vpn end-system draft Pedro Marques. Overview Defines a mechanism to associate an end- system virtual interface to an L3VPN. – Co-located forwarder:

Network Overlay Framework Draft-lasserre-nvo3-framework-01.

Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Provider Opportunities for Enterprise MPLS APRICOT 2006, Perth Matt.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

Goal of The Paper  What exactly is a VPN?  Why do you need a VPN?  what are some of the technologies used in deploying a VPN?  How does a VPN work?

Presenter: Vikash Nath MCP, CCNA, MCTS. On-Premise Private Cloud Public Cloud Hybrid Cloud.

VPN Extension Requirements for Private Clouds draft-so-vepc-00.txt.

BGP L3VPN Virtual PE draft-fang-l3vpn-virtual-pe-01

1 © J. Liebeherr, All rights reserved Virtual Private Networks.

Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.

MPLS And The Data Center Adrian Farrel Old Dog Consulting / Juniper Networks

IETF-82 draft-bitar-datacenter-vpn-applicability-01.txt Page - 1 Cloud Networking: Framework and VPN Applicability draft-bitar-datacenter-vpn-applicability-01.txt.

Microsoft Azure Virtual Networks. Networking Compute Storage Virtual Machine Operating System Applications Data & Access Runtime Provision.

Network+ Guide to Networks 6 th Edition Chapter 10 Virtual Networks and Remote Access.

ITU-T Study Group 13 Communications to IETF CCAMP Working Group Marco Carugi ITU-T SG13 Liaison Officer to IETF CCAMP

Virtual Subnet : A L3VPN-based Subnet Extension Solution draft-xu-virtual-subnet-10 Xiaohu Xu (Huawei) Susan Hares (Huawei) Yongbing Fan.

Kenji Kumaki KDDI, Editor Raymond Zhang BT Nabil Bitar Verizon

Draft-boutros-bess-evpn-vpws-service-edge-gateway-00 Sami Boutros Ali Sajassi Patrice Brissette [Cisco Systems] Daniel Voyer [Bell Canada] IETF 92,

LB VIP:Input Endpoint Internal Endpoint foo.cloudapp.net  VIP.

Using LISP for Secure Hybrid Cloud Extension draft-freitasbellagamba-lisp-hybrid-cloud-use-case-00 Santiago Freitas Patrice Bellagamba Yves Hertoghs IETF.

Use Case for Distributed Data Center in SUPA

CustomerSegment and workloads Your Datacenter Active Directory SharePoint SQL Server.

Lucy Yong Susan Hares September 20, 2012 Boston

MDC-B350: Part 1 Room: You are in it Time: Now What we introduced in SP1 recap How to setup your datacenter networking from scratch What’s new in R2.

Draft-bitar-nvo3-vpn-applicability-00.txt Page - 1 Cloud Networking: Framework and VPN Applicability draft-bitar-nvo3-vpn-applicability-00.txt Nabil Bitar.

Virtual Subnet: A Scalable Cloud Data Center Interconnect Solution draft-xu-virtual-subnet-06 Xiaohu Xu IETF82, TAIWAN.

MDC417 Follow me on Working as Practice Manager for Insight, he is a subject matter expert in cloud, virtualization and management.

Cloud Scale Performance & Diagnosability Comprehensive SDN Core Infrastructure Enhancements vRSS Remote Live Monitoring NIC Teaming Hyper-V Network.

Page 1 TCP/IP Networking and Remote Access Lecture 9 Hassan Shuja 11/23/2004.

Dynamic Virtual Networks (DVNE) Margaret Wasserman & Paddy Nallur November 11, 2010 IETF Beijing, China.

IETF 81 Quebec City1 Requirements and Framework of VPN-oriented Data Center Services Ning

Vic Liu Liang Xia Zu Qiang Speaker: Vic Liu China Mobile Network as a Service Architecture draft-liu-nvo3-naas-arch-01.

80th IETF Prague Czech1 Requirements and Framework of VPN-oriented Cloud Services Ning

Enabling Technologies (Chapter 1)  Understand the technology and importance of:  Virtualization  Cloud Computing  WAN Acceleration  Deep Packet Inspection.

BGP L3VPN Virtual CE draft-fang-l3vpn-virtual-ce-01 Luyuan Fang Cisco John Evans Cisco David Ward Cisco Rex Fernando Cisco John Mullooly Cisco Ning So.

BGP L3VPN Virtual PE draft-fang-l3vpn-virtual-pe-04 Luyuan Fang David Ward Rex Fernando Maria Napierala Nabil Bitar Dhananjaya Rao Bruno Rijsman Ning So.

73rd IETF Minneapolis Nov Framework and Requirements for Virtual Private Multicast Service (VPMS) draft-kamite-l2vpn-vpms-frmwk-requirements-02.txt.

WS-B327 Dynamic, policy-driven network (re)configuration Consistent, profile- based deployment of SDN traffic policies through distributed.

BGP/MPLS VPN Virtual PE draft-fang-l3vpn-virtual-pe-05 Luyuan Fang, Ed. David Ward Rex Fernando Maria Napierala Nabil Bitar Dhananjaya Rao Bruno Rijsman.

VM Network Virtualization Pedro Marques Ping Pan Luyuan.

Benefits For hoster or private cloud: Multi-tenant gateway reduces cost Enhanced Reliability with Clustering Works Seamlessly with Hyper-V network.

Network Virtualization Overlays Use Cases draft-timy-nvo3-use-case-01 Lucy Yong Mehmet Toy Aldrin Isaac Vishwas Manral Linda Dunbar Vancouver July 31,

80th IETF Prague Czech1 Requirements and Framework of VPN-oriented Cloud Services Ning

| Basel Fabric Management with Virtual Machine Manager Philipp Witschi – Cloud Architect & Microsoft vTSP Thomas Maurer – Cloud Architect & Microsoft MVP.

XRBLOCK IETF 85 Atlanta Network Virtualization Architecture Design and Control Plane Requirements draft-fw-nvo3-server2vcenter-01 draft-wu-nvo3-nve2nve.

Marin Franković MVP: SCCDM Algebra visoko učilište What’s new in Azure for IT Pro.

Recent Progress in Routing Standardization An IETF update for UKNOF 23 Old Dog Consulting Adrian

IP/MPLS VPN Protocol GAP Analysis For NVO3 draft-hy-nvo3-vpn-protocol-gap-analysis-02 Lucy Yong Susan Hares March 2013 Orlando FL.

Address Resolution Issues Induced by VPN-oriented Cloud Service

VPN Extension Requirements for Private Clouds

Use Case for Distributed Data Center in SUPA

Applicability Statement for Layer 1 Virtual Private Networks (L1VPNs) Basic Mode draft-takeda-l1vpn-applicability-basic-mode-00.txt Deborah Brungard (AT&T)

Virtual Subnet : A L3VPN-based Subnet Extension Solution

Cloud/Data Center Operations and Management Discussion

Design and Implement Cloud Data Platform Solutions

Multicast in Virtual Router-based IP VPNs

Microsoft Virtual Academy

Presentation transcript:

VPN4DC Discussion VPN4DC Team Taipei, Taiwan

Contributors of VPN4DC Initiative Amit Shukla Juniper Ben Niven-JenkinsVelocix Bhumip KhasnabishZTE Dave McDysanVerizon Deborah BrungardAT&T Fred Backer Cisco Henry YuTW Telecom Ichiro FukudaNTT James UttaroAT&T John M. HeinzCenturyLink Linda Dunbar Huawei Lianyuan LiCMCC Lizhong JinZTE Lucy YoungHuawei Luyuan FangCisco Manuel PaulDT Maria NapieralaAT&T Marshall EubanksLiftPort Group Masahiro Maruyoshi NTT Michael KoHuawei Symantec Nabil BitarVerizon Ning SoVerizon Robert RaszukNTT Thomas MorinFT Pedro Marques Ping PanInfinera Paul UnbehagenAlcatel Lucent Susan HaresHuawei Tom NadeauCA Yuichi IkejiriNTT

10 VPN4DC Active Internet Draft

What do we want to achieve? Develop standards-based any-to-any vpn (may use mpls, ipv4/v6 technologies) Data center connections through control protocol signaling to addressing large scale VPN in DC multi-tenant environment. – L3 technologies WILL be used for inter and intra DC connections – L2vpn technologies MAY be used within data centers – DCs can belong to service providers, Content providers, and enterprises. – Providers are likely interconnect with multiple DC-vendors and vice-versa cv Host VM Host VM cv Host VM Layer 3 VPNs (MPLS or IP) Provider NetworksProvider DCsEnterprise

What are the new problems? The new DC related needs compare with the existing provider provisioned L3VPN solution environment (MPLS or IP)? – Multi-tenancy hosting in DC, provider offered cloud services through shared infra – Scalability in the data center: large number of hosts, e.g. 100,000+ hosts in single data center, each host supports 25 VMs – Mobility – Security and authentication in the new environment

Who Needs l3 VPN for DC Connection? (co-authors of req. drafts, and active contributors of VPN4DC) Ning SoVerizon Nabil BitarVerizon Dave McDysanVerizon Henry YuTW Telecom John M. HeinzCenturyLink Maria NapieralaAT&T James UttaroAT&T Robert RasuzkNTT Ichiro FukudaNTT Yuichi IkejiriNTT Masahiro Maruyoshi NTT Thomas MorinFT Manuel PaulDT Lianyuan LiCMCC

Connectivity Requirements Hosts in DCs joining a VRF in near real-time Formation of any-host-to-any-host connectivity within a VRF Service requirement (bandwidth, QoS, and etc.) exchange between hosts and L3VPN Host address assignment control OAM interworking

Service Requirements VPN4DC computing services – Virtual Machines (VMs) and/or physical servers in a virtualized carrier data center being attached to a customer VPN – Requirements: auto-provisioning, VM and server instantiation and removal, VM migration policy control, VM monitoring VPN4DC storage services – disk space, either virtual or actual blocks of hard drives in data centers, being added to a customer’s VPN – Requirements: content replication control, storage space auto- provisioning, storage migration policy control, content life cycle management

Service Requirements Intra-DC Network Requirements – Requirements when VPNs are extended into DC using VPN Gateway Traffic separation per VPN and per service DC virtual resource assignment control and reporting Dynamic configuration and provisioning control of DC virtual resources QoS support Virtual Resources Management Requirements – DC virtual resources include physical servers and VMs, disk spaces, memories, intra-DC network connections and bandwidth. – Requirements include Resource partition and assignment Resource accessibility control and management

Other Requirements Security requirements Auto-configuration requirements OAM requirements And etc.

Is this IETF problem to solve? Yes, layer 3 (IP or MPLS) VPN connectivity is in IETF routing area IP protocol extensions or new mechanism for current solutions to DC

DC Connection Scenarios The DCs can in Public Cloud or Private Cloud Connection can be combinations of any type of Cloud Examples of VPN connection scenarios – Enterprise CE to Service Provider DCs – Enterprise DC to Service Provider DCs – Enterprise DC to Content Provider DCs – Content provider DC to Service Provider DCs – Intra-DC connections – Content Provider

L3 VPN DC Connection Examples cv Host cv Host cv Host VM ExamplesABC 1EnterpriseNetwork Service ProviderSP Cloud Service 2EnterpriseNetwork Service ProviderCloud Service 3Cloud ProviderNetwork Service ProviderSP Cloud Service VM A BC

Dynamic Secure Interconnect Example A1 Internet NAT B1 A2 A4 A3 B3 CGN B4 NA T B2

What are in and what are out? In Scope for first phase – Any-to-any layer 3 VPN connectivity, focusing on route isolation – Develop both IP and MPLS solutions, as well hybrid solutions – Inter-DC and intra-DC layer 3 connections – Inter-vpn connectivity / Extranet VPNs – Mechanism for cloud resource mapping to the customer VPN – Security authentication for VM to VPN mapping Possible future phase – L3/L2 Hybrid VPN – Multicast Out of scope – New encryption algorithms (not in IETF) – Pure L2 VPN solutions (L2VPN)