Presentation is loading. Please wait.

Presentation is loading. Please wait.

SDN use case 1: VPN Fengkai Li.

Published byBarnard Lewis Modified over 5 years ago

Similar presentations

Presentation on theme: "SDN use case 1: VPN Fengkai Li."— Presentation transcript:

1 SDN use case 1: VPN Fengkai Li

2 Way to carry out SDN related work
Work item 3: Customer Facing Services. Multi-Site connection service Parental Control Internet Service Customized “Complex” Services, Service Catalog Work item 2: The way, method, algorithm to orchestrate the SDN basic atomic SDN service to create the customized “complex” service. Orchestration Functionalities Way Moving forward VPN TE Security QoS NAT Work item 1: Standardize the basic/atomic SDN services, as well as some primitive components of basic/atomic SDN service. Basic/Atomic SDN services Basic objects/nodes Basic relationships/operations …… 2018/9/23

3 Technology Dependent or Independent
For the SDN VPN service: Connection, Entity, Gateways, technology independent End user oriented part within in VPN service. Mapping, technology dependent Service provider/Operator oriented part within in VPN service. Generalization: Each SDN service will have two main kinds of components/attributes: Technology independent related for SDN service end user Customer facing requirements, which are from the end users’ point of view SDN service end users do not want to involve in the details, implementations of the service Technology dependent for SDN service provider/operator SDN service providers’ or operators’ configuration, policy, implementation, activation of the service Previous figure, to be modified 2018/9/23

4 Leverage current work in NFV&SDN Ad Hoc
VPN service Constitutions of VPN Service Service holder Technology independent parts: Entities to be connected by VPN service Connection between/among entities Gateway Technology dependent parts: Mapping policy TOSCA simple profile for NFV NSD vld connection_point VLD Connectivity Type Service type Service sub-type How to map the VPN service requirements to the existing design of the document? 2018/9/23

5 VPN basic concept and SDN VPN service
VPN creates a secure network connection over a public network, such as the Internet or a private network owned by a service provider. Target user: Tenants, End users SDN VPN service management and administration: Service provider, Operator Descriptions: For tenants, end users: Connectivity service: Between or among sites Site to DC Site to Internet Self-service for adding/deleting sites, bandwidth adjusting, QoS, etc. Underlay VPN technology independent For service providers, Operators: Specify VPN service implementing underlying techniques, such as VxLAN, GRE, IPSec, etc. VPN service configurations, activations. 2018/9/23

6 Reorganizing the VPN service attributes
Constitutions of VPN Service: VPN Service holder Owner of this VPN service ID/Name/Description, for descriptions of the service and references. Status, both the administrative and operative status Mapping policies for the technology specific implementation of the VPN service. Within the VPN service Entity/entities to be connected by VPN Connections between/among entities Gateway for layer 3 connections VPN Service Technology dependent part Technology independent part Mapping Connection Entity Gateway Figure updated with technology independent and dependent parts 2018/9/23

7 Connection Properties/attributes: Owner of this VPN service.
ID/Name/Description, for descriptions of the service and references. Topology, connection type, P2P, Hub Spoke, Full Mesh. Bandwidth. Entity/Entities connected by the connection. Administrative/operative status. Technology specification, such VxLan, IPSec, GRE, etc. Mapping policy. 2018/9/23

8 Entity/Entities Properties/attributes: Owner of this Entity/Entities
ID/Name/Description, for descriptions. Type of entity/entities, such as subnet, network, router, VLAN, CIDR, VNI, etc. Gateway, for the gateway info for subnet, network, VLAN, CIDR, VNI. Topology Role, for the role concept in the connection, hub|spoke|none. Connection ID, the connection entity/entities belongs to. 2018/9/23

9 Gateway Properties/attributes: Owner of this gateway.
ID/Name/Description, for descriptions. IP address Network element ID, the gateway belongs to. 2018/9/23

10 Mapping policy Properties/attributes: Owner of this mapping policy.
ID/Name/Description, for descriptions. Type, specifying the underlying technology for the VPN implementation. VxLAN parameters: Arp proxy IPSec parameters: crypto profile …… GRE parameters: Tunnel key …. May some of these be needed by tenants or end users? 2018/9/23

11 Scenario Suggested by Dmytro Gassanov within the vEPC proposal. Also:
P2P VPN connection Suggested by Dmytro Gassanov within the vEPC proposal. Also: VPN is a kind of VL in NSD May refer to ETSI IFA015 for VLD attributes defined. 2018/9/23

12 Thank you! 2018/9/23

Download ppt "SDN use case 1: VPN Fengkai Li."

Similar presentations

All rights reserved © 2000, Alcatel 1 CPE-based VPNs Hans De Neve Alcatel Network Strategy Group.

All rights reserved © 2000, Alcatel 1 CPE-based VPNs Hans De Neve Alcatel Network Strategy Group.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.

© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.

Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
Chapter 10 Virtual Private Networks. VPN Defined  A segment of the public network made to appear part of a private network so that it can be used to.

Chapter 10 Virtual Private Networks. VPN Defined  A segment of the public network made to appear part of a private network so that it can be used to.
MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,

MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Draft-li-mpls-network-virtualization-framework-00IETF 88 SPRING WG1 Framework of Network Virtualization Based on MPLS Global Label draft-li-mpls-network-virtualization-framework-00.

Draft-li-mpls-network-virtualization-framework-00IETF 88 SPRING WG1 Framework of Network Virtualization Based on MPLS Global Label draft-li-mpls-network-virtualization-framework-00.
Vic Liu Liang Xia Zu Qiang Speaker: Vic Liu China Mobile Network as a Service Architecture draft-liu-nvo3-naas-arch-01.

Vic Liu Liang Xia Zu Qiang Speaker: Vic Liu China Mobile Network as a Service Architecture draft-liu-nvo3-naas-arch-01.
FINAL YEAR PROJECT. FINAL YEAR PROJECT IMPLEMENTATION OF VPN USING IPSEC.

FINAL YEAR PROJECT. FINAL YEAR PROJECT IMPLEMENTATION OF VPN USING IPSEC.
MPLS Concepts Introducing Basic MPLS Concepts. Outline Overview What Are the Foundations of Traditional IP Routing? Basic MPLS Features Benefits of MPLS.

MPLS Concepts Introducing Basic MPLS Concepts. Outline Overview What Are the Foundations of Traditional IP Routing? Basic MPLS Features Benefits of MPLS.
2016-6-6XRBLOCK IETF 85 Atlanta Network Virtualization Architecture Design and Control Plane Requirements draft-fw-nvo3-server2vcenter-01 draft-wu-nvo3-nve2nve.

XRBLOCK IETF 85 Atlanta Network Virtualization Architecture Design and Control Plane Requirements draft-fw-nvo3-server2vcenter-01 draft-wu-nvo3-nve2nve.
Draft-ietf-l3sm-l3vpn-service-model S. Litkowski R. Shakir L. Tomotaki K. D’Souza.

Draft-ietf-l3sm-l3vpn-service-model S. Litkowski R. Shakir L. Tomotaki K. D’Souza.
MPLS Virtual Private Networks (VPNs)

MPLS Virtual Private Networks (VPNs)
Kurt Jung – Sr. Research Analyst KEMP Technologies

Kurt Jung – Sr. Research Analyst KEMP Technologies
SDN-O LCM for Mercury Release Key Points and Overview

SDN-O LCM for Mercury Release Key Points and Overview
Virtual Private Network Access for Remote Networks

Virtual Private Network Access for Remote Networks
ONAP and MEF LSO External API Framework Functional Reference Architecture 12 July 2017 Andy Mayer, Ph.D. © 2016 AT&T Intellectual Property. All rights.

ONAP and MEF LSO External API Framework Functional Reference Architecture 12 July 2017 Andy Mayer, Ph.D. © 2016 AT&T Intellectual Property. All rights.

Similar presentations

Ads by Google