Pier Luigi Ventre

Traffic Engineering with Segment Routing: SDN-Based Architectural Design and Open Source Implementation

Traffic Engineering (TE) in IP carrier networks is one of the functions that can benefit from the Software Defined Networking paradigm. However traditional per-flow routing requires a direct interaction between the SDN controller and each node that is involved in the traffic paths. Segment Routing (SR) may simplify the route enforcement delegating all the configuration and per-flow state at the border of the network. In this work we propose an architecture that integrates the SDN paradigm with SR based TE, for which we have provided an open source reference implementation. We have designed and implemented a simple TE/SR heuristic for flow allocation and we show and discuss experimental results.

Hybrid IP/SDN Networking: Open Implementation and Experiment Management Tools

The introduction of SDN in large-scale IP provider networks is still an open issue and different solutions have been suggested so far. In this paper, we propose a hybrid approach that allows the coexistence of traditional IP routing with SDN based forwarding within the same provider domain. The solution is called OSHI-Open Source Hybrid IP/SDN networking, as we have fully implemented it combining and extending open source software. We discuss the OSHI system architecture and the design and implementation of advanced services like pseudo wires and virtual switches. In addition, we describe a set of open source management tools for the emulation of the proposed solution using either the Mininet emulator or distributed physical testbeds. We refer to this suite of tools as Mantoo (management tools). Mantoo includes an extensible Web-based graphical topology designer, which provides different layered network “views” (e.g., from physical links to service relationships among nodes). The suite can validate an input topology, automatically deploy it over a Mininet emulator or a distributed SDN testbed and allows access to emulated nodes by opening consoles in the web GUI. Mantoo provides also tools to evaluate the performance of the deployed nodes.The introduction of SDN in large-scale IP provider networks is still an open issue and different solutions have been suggested so far. In this paper we propose a hybrid approach allowing the coexistence of traditional IP routing with SDN based forwarding within the same provider domain. The solution is called OSHI – Open Source Hybrid IP/SDN networking as we have fully implemented it combining and extending Open Source software. We discuss the OSHI system architecture and the design and implementation of advanced services like Pseudo Wires and Virtual Switches. Moreover we designed and implemented a set of Open Source management tools for the emulation of the proposed solution over the Mininet emulator and over distributed testbeds. We refer to this suite of tools as Mantoo (Management tools). Mantoo includes an extensible webbased graphical topology designer providing different layered network “views” (e.g. from physical links to service relationships among nodes). The framework is able to validate a topology, to automatically deploy it over a Mininet emulator or a distributed SDN testbed, to access nodes by opening consoles directly via the web GUI. Finally, Mantoo provides tools for evaluating the performance of the deployed solution.

ICONA: Inter Cluster Onos Network application

Several Network Operating Systems have been proposed in the last few years for Software Defined Networks; however, only few of them are offering resiliency, scalability and high availability required for production environments. In our demonstration we present a geographically distributed SDN Control Plane, called ICONA, build on top of the Open Networking Operating System (ONOS) and designed to meet the aforementioned Service Providers requirements. During the demo, that runs inside the GEANT OpenFlow pan-european testbed, we show how a Service Provider engineer can easily manage and monitor the network, deploy some services and how ICONA can automatically recover from Control and Data planes failures.

Generalized virtual networking: An enabler for service centric networking and network function virtualization

In this paper we introduce the Generalized Virtual Networking (GVN) concept. GVN provides a framework to influence the routing of packets based on service level information that is carried in the packets. It is based on a protocol header inserted between the Network and Transport layers, therefore it can be seen as a layer 3.5 solution. Technically, GVN is proposed as a new transport layer protocol in the TCP/IP protocol suite. An IP router that is not GVN capable will simply process the IP destination address as usual. Similar concepts have been proposed in other works, and referred to as Service Oriented Networking, Service Centric Networking, Application Delivery Networking, but they are now generalized in the proposed GVN framework. In this respect, the GVN header is a generic container that can be adapted to serve the needs of arbitrary service level routing solutions. The GVN header can be managed by GVN capable end-hosts and applications or can be pushed/popped at the edge of a GVN capable network (like a VLAN tag). In this position paper, we show that Generalized Virtual Networking is a powerful enabler for SCN (Service Centric Networking) and NFV (Network Function Virtualization) and how it couples with the SDN (Software Defined Networking) paradigm.

PMSR — Poor Man's Segment Routing, a minimalistic approach to Segment Routing and a Traffic Engineering use case

The current specification of the Segment Routing (SR) architecture requires enhancements to the intradomain routing protocols (e.g. OSPF and IS-IS) so that the nodes can advertise the Segment Identifiers (SIDs). We propose a simpler solution called PMSR (Poor Mans Segment Routing), that does not require any enhancement to routing protocol. We compare the procedures of PMSR with traditional SR, showing that PMSR can reduce the operation and management complexity. We analyze the set of use cases in the current SR drafts and we claim that PMSR can support the large majority of them. Thanks to the drastic simplification of the control plane, we have been able to develop an open source prototype of PMSR. In the second part of the paper, we consider a Traffic Engineering use case, starting from a traditional flow assignment optimization problem, which allocates hop-by-hop paths to flows. We propose a SR path assignment algorithm and prove that it is optimal with respect to the number of segments allocated to a flow.

D-StreaMon: From middlebox to distributed NFV framework for network monitoring

Many reasons make NFV an attractive paradigm for IT security: lowers costs, agile operations and better isolation as well as fast security updates, improved incident responses and better level of automation. On the other side, the network threats tend to be increasingly complex and distributed, implying huge traffic scale to be monitored and increasingly strict mitigation delay requirements. Considering the current trend of the networking and the requirements to counteract to the evolution of cyber-threats, it is expected that also network monitoring will move towards NFV based solutions. In this paper, we present D-StreaMon an NFV-capable distributed framework for network monitoring realized to face the above described challenges. It relies on the StreaMon platform, a solution for network monitoring originally designed for traditional middleboxes. An evolution path which migrates StreaMon from middleboxes to Virtual Network Functions (VNFs) has been realized.

Performance evaluation and tuning of Virtual Infrastructure Managers for (Micro) Virtual Network Functions

Virtualized Network Functions (VNFs) are emerging as the keystone of 5G network architectures: flexibility, agility, fast instantiation times, consolidation, Commercial Off The Shelf (COTS) hardware support and significant cost savings are fundamental for meeting the requirements of the new generation of mobile networks. In this paper we deal with the management of the virtual computing resources for the execution of Micro VNFs. This functionality is performed by the Virtual Infrastructure Manager (VIM) in the NFV MANagement and Orchestration (MANO) reference architecture.We discuss the VIM instantiation process and propose a generic reference model, starting from the analysis of two Open Source VIMs, namely OpenStack Nova and Nomad. We implemented a tuned version of the VIMs with the specific goal of reducing the duration of the instantiation process. We realized a performance comparison of the two VIMs, both considering the plain and the tuned versions. The tuned VIMs and the performance evaluation tools that we have employed are provided openly and can be downloaded from our repository.

ICONA: A Peer-to-Peer Approach for Software Defined Wide Area Networks Using ONOS

Several Internet Service Providers (ISP) are planning to innovate their infrastructures through a process of network softwarisation and programmability. The Software-Defined-Network (SDN) paradigm aims at improving the design, configuration, maintenance and service provisioning agility of the network through a centralised software control plane which is in charge of managing the entire system. This is easily achievable for local area networks, typical of data centres, where the benefits of having programmable access to the entire network is not restricted by latency. However, in Wide Area Networks, a centralised control plane limits the speed of responsiveness in reaction to time-constrained network events due to unavoidable latencies caused by physical distances. A logical step towards robustness in SDN is to distribute the load of the control plane between entities, each taking care of a portion of the entire geographical network and each providing an east-west communication interface to enable programmability of the entire network. Moreover, a key objective of an SDN control plane targeting an ISP networks is the east-west interface with external domains under the control of other providers. In this article we present ICONA (Inter Cluster Onos Network Application), a tool that has the objective of enabling programmable networks to span multiple clusters of controllers within either a single or multiple administrative domains. In particular, the paper describes the architecture behind ICONA and provides an initial evaluation obtained on a preliminary version of the tool, built on top of the cutting-edge network controller ONOS, Hummingbird release.

A framework for experimenting ICN over SDN solutions using physical and virtual testbeds

ABSTRACT Information Centric Networking (ICN) is a paradigm in which the network layer provides users with access to content by names, instead of providing communication channels between hosts. The ICN paradigm promises to offer a set of advantages with respect to existing (IP) networks for the support of the large majority of current traffic. In this paper, we consider the deployment of ICN by exploiting the Software Defined Networking (SDN) architecture. SDN is characterized by a logically centralized control plane and a well-defined separation between data and control planes. An SDN-enabled network facilitates the introduction of ICN functionality, without requiring a complex transition strategy and the re-deployment of new ICN capable hardware. More in details, in this paper we provide: i) a solution to support ICN by exploiting SDN, extending a previous work of ours; ii) design and implement an open reference environment to deploy and test the ICN over SDN solutions over local and distributed testbeds; iii) design and implementation of a set of Caching policies that leverage on the ICN over SDN approach; iv) performance evaluation of key aspects of the ICN over SDN architecture and of the designed caching policies. All the source code and the monitoring suite are publicly available. To the best of our knowledge, there are no other similar solutions available in Open Source, nor similar emulation platforms, including also a comprehensive set of monitoring tools.

Deploying SDN in GÉANT production network

Since the demand for more bandwidth, agile infrastructures and services grows, it becomes challenging for Service Providers like GEANT to manage the proprietary underlay, while keeping costs low. In such a scenario, Software Defined Networking (SDN), open hardware and open source software prove to be key components to address those challenges. After one year of development, SDX-L2 and BoD, the SDN-ization of the GEANT Open and Bandwidth on Demand (BoD) services, have been brought to the pilot status and GEANT is now testing the outcomes on its operational network. In this demonstration, we show BoD and SDX-L2 “going live” at the GEANT production infrastructure. The pilots run on the same underlay infrastructure thanks to the virtualization capabilities of the network devices. Provisioning of the services is covered during the demo. In the final steps of the demonstration, we show how the infrastructure is able to automatically manage network events and how it remains operational in the case of fault events.