2012+OGF35+Delft+NSI+Overview+v3

Report
NORDUnet
Nordic infrastructure for Research & Education
The OGF
Network Services Interface
Framework
An Overview, Status, and Futures
Presented to:
OGF 35
June 17-19, 2012
Delft, NL
Jerry Sobieski
Director., Int’l Research Initiatives
NORDUnet
NORDUnet
Nordic infrastructure for Research & Education
What is NSI?
• NSI := “Network Services Interface”
• It is intended to provide a single ubiquitous means for
users, world wide, to dynamically manage network
connection services.
• The OGF NSI standards work has generated two
documents so far:
– The NSI Framework document – describes the high level abstracted
notions of the NSI environment
– The NSI Connection Service Protocol – describes the functional
primitives that control point to point connections through their
lifecycle.
• This presentation will provide some technical details, current
status, futures,…
• ..And we’ll close with some thoughts about NSI relevance, the
standards process, and how we gain momentum through OGF
What is “NSI””
NORDUnet
Nordic infrastructure for Research & Education
• NSI is an architecture for inter-domain, automated,
network connection provisioning.
• It defines an abstract model of a network “Connection”
• It specifies a very simple and generic multi-domain
“Topology” model over which Connections are established
• It defines an automated “Network Service Agent” (NSA) that
represent each service domain in the topology
• It defines a simple high level protocol between NSAs that
manages a connection over its lifetime.
Ingress
“A”
Access
Egress
Z”
Network Service
Agents
NS
Access
Transport
Section
NSI Protocol
Connections
A
STP
A.1 Network
A
NS
A
STP
A.2
NS
A
STP
STP
STP
B.2 STP
C.2
B.1 Network
C.1 Network
B
Topology
C
NORDUnet
Nordic infrastructure for Research & Education
Overview of NSI Architecture
User’s NSI Requesting
Agent (RA)
Network Services Agents
NSA
Requesting
Agent (RA)
NSI protocol
Network Services Interface
Provider
Agent (PA)
B
NSA
C
A
NRM
Network
Resource
Manager
A
E
D
D
Domain C
E
NORDUnet
Nordic infrastructure for Research & Education
Basic NSI Objects (2)
• Several other basic NSI objects include:
– The Service Termination Point (STP)
– The Service Demarcation Point (SDP)
– The intra-domain Network Resource Manager (NRM)
“Service Demarcation Point”
“Service Termination
Points”
A
Network
“Aruba”
C
B
D
NSA
Network E
“Bonaire”
NSA
NRM
Network
Resource
Manager
NORDUnet
Nordic infrastructure for Research & Education
An “Inter-Domain” Model
• NSI Framework describes a high level functionality that
occurs across and between network service domains –
not inside those domains.
– It leaves intra-domain technical details to local engineers and
automated tools.
• The NSI Framework is technology agnostic.
– It does not expect or require specific transport or switching
technologies in the underlying infrastructure.
– It leaves intra-domain technical details to local engineers and
automated tools.
• It is secure by design;
– Authentication and Authorization at two levels is performed at
every domain boundary for every NSI service request.
• NSI is therefore well suited to multi-domain, multitechnology, and/or multi-layer network services.
NORDUnet NSI Connection Service Protocol
Nordic infrastructure for Research & Education
• The NSI Connection Service (NSI-CS) is the first
protocol defined under the NSI Framework
• NSI-CS Primitives:
– Reserve, Provision, Release, Terminate, and
Query.
• Supports both “chain” signaling and novel “tree”
signaling
• Allows users to schedule connections in advance.
• Allows service providers to refine common service
specifications without modifying the protocol
standard itself.
NORDUnet
Nordic infrastructure for Research & Education
NSI CS Protocol
• The CS protocol is a “request/response”
protocol:
– Requesting Agents issue primitive
“requests” from RA to PA,
– Provider Agents issue a
corresponding “response”
(confirmed or fail) from PA to RA.
– Each NSA manages a state table associated
with each Connections it has serviced.
• The CS protocol is designed to provide
consistent life cycle state transitions for
all NSI connections regardless of how
they are segmented or processed across
multiple networks
RA
Resv.rq
reserving
Resv.cf
scheduled
provisioning
In-service
Prov.rq
Prov.cf
Rel.rq
releasing
Rel.cf
released
Term.rq
terminating
Term.cf
PA
NORDUnet
Nordic infrastructure for Research & Education
NSI “Segmentation”
• It is the responsibility of each NSA to examine a
Reservation Request and to choose a domain level
path for the requested connection.
• …and then to decompose the path into a set of
“segments” that can be either
– a) delegated to other NSAs (e.g. to reserve a portion of
the path across one or more foreign domains), or
– b) delegated internally to the local NRM.
• Such path selection and segmentation can be
performed recursively in two modes:
– Conventional “Chain” provisioning in a sequential hop by
hop fashion
– Or a novel “Tree” process where the segments are
reserved directly with downstream NSAs.
NORDUnet
NSI Connection Segmentation
Nordic infrastructure for Research & Education
A
“Aruba”
J
K
B
Z
STP A
“Bonaire”
Y
STP Z
A>J
Ingress
Service Termination Point
“A”
Access
J==K
Egress
Service Termination Point
“J”
Access
Transport
A>J
A
J==K
J
Transport
Segment 1
K>Z
Ingress STP
“K”
Access
Access
STP K
STP J
Egress STP
“Z”
Transport
K>Z
K
Z
Transport
Segment 2
Access
Access
NORDUnet Connection Request Processing
Nordic infrastructure for Research & Education
Conventional hop-by-hop “Chain”
model
RA
A
1
PA
B
6
2
PA
C
Novel “Tree” model allows user path
selection
A
PA
3
D
1
4
5
B
A
2
6
5
3
4
C
D
Z
A
M
1
B
2
5
A
6
C
3
4
D
Hybrid processing that mixes
tree and chain allows for 3rd
party requests, federations of
networks, etc.
Z
Z
NORDUnet
The NSI “Service Tree”
Nordic infrastructure for Research & Education
The process of decomposition and segmentation
defines the NSI “Service Tree”
uRA – “ultimate Requesting Agent”, or user
C
Aggregator NSAs – do PF and
segmentation
1
Tree model
B
2
A
8
7Chain model
5
6
3
D
Chain model
4
Leaf NSAs – Interface to local NRMs
for actual data plane control.
Tree model
NORDUnet
Putting it all together…
Nordic infrastructure for Research & Education
The user application
Appl
RA
PA
NSA
NSA
NSA
RM
RM
NSA
RM
NORDUnet
Nordic infrastructure for Research & Education
NSI Road Map
• OGF NSI-CS version 1.1 is capped:
– Basic Framework
– Basic primitives
– Security
– Basic NSI Topology
– Hard coded service definition
– Web Service implementation
• The WSDL can be found at:
http://code.google.com/p/ogf-nsiproject/source/checkout
NORDUnet
Nordic infrastructure for Research & Education
NSI Road Map
NSI v2.0 feature set drafted at OGF34 Oxford
Features to be refined at OGF35 Delft
– Formal
Authorization/Security
Profile
– NSI & NML topology
convergence
– Dynamic inter-domain
topology discovery and
update
– Compact enumeration of
STPs, SDPs, etc.
– Common Service Definitions
– Versioning
– Simplified State Machine
– Enhanced Error handling and
state processing
– More powerful Connection
endpoint semantics
– Control plane topology
– Simplified Client (RA)
requirements
– Firewall/NAT interoperability
– Uni-directional
STPs/connections
– ERO style route pinning
NORDUnet
Nordic infrastructure for Research & Education
NSI-CS Development Road Map
• OGF NSI-CS version 1.1 is in field test now in the
Automated GOLE testbed
 Sep 2011: First NSI CS Interop Plugfest – GLIF 2011 Rio de Janeiro, BR
 Oct 2011: First NSI Transport Provisioning Future Internet Assembly 2011
Poznan, PL
 Nov 2011: Global NSI / AutoGOLE Demonstration Supercomputing 2011
Seattle, US
• OGF NSI-CS version 2.0

–
–
–
V2.0 Feature set identified: Mar 2012
Draft NSI-CS v2.0 document target: Jul 2012
V2.0 Alpha test/interop Oct 2012 OGF/GLIF Workshop, Chicago
V2.0 Beta testing/[alpha] production service demo: Nov 2012, SC2012 Salt
Lake City
– NSI-CS V2.1 / Errata document target: Dec 2012
– Production Service deployments: EoY 2012
NORDUnet
Nordic infrastructure for Research & Education
NSI Software Implementations
• Software Implementations
–
–
–
–
–
–
–
OpenNSA – NORDUnet (Copenhagen, DK)
OpenDRAC – SURFnet (Amsterdam, NL)
G-LAMBDA-A - AIST (Tsukuba, JP)
G-LAMBDA-K – KDDI Labs (Fujimino, JP)
AutoBAHN – GEANT (Poznan, PL)
DynamicKL – KISTI (Daejeon, KR)
OSCARS is expected 2012-Q3/Q4
• Hardware/NRMs covered:
–
–
–
–
–
–
–
–
Juniper / “JunOS” : L2 & MPLS provisioning - OpenNSA
Brocade: L2 switching - AutoBAHN, OpenNSA
Ciena (Nortel) SDH & L2 switching – OpenDRAC
Dell L2: G-LAMBDA-A
NTT optical: G-LAMBDA-A
Force10: L2 switching – OpenNSA
Argia: L2 Switching - OpenNSA
Ciena NMS – DRAC (TBD)
NORDUnet
Nordic infrastructure for Research & Education
Field Testing NSI v1.1
• Testing of NSI has proceeded in three stages:
– Initial Lab testing by respective developers for self
consistency and hardware functionality
– “GLIF Plugfest” interoperability testing to prove
inter-operability between implementations.
• Plugfest Rio – GLIF fall 2011 in Rio de Janiero
• Plugfest Windy City – GLIF fall 2012 in Chicago
– Then field deployment in the GLIF Automated GOLE
global fabric
– NSI is being heavily and continually tested via the
AutoGOLE testbed. This is good for protocol, good
for applications to begin integration on a global
basis, and good for NSI visibility beyond just OGF.
The Automated GOLE Fabric
NORDUnet
Nordic infrastructure for Research & Education
Nordunet
GLORIAD
KRLight
NetherLight
StarLight
PSNC
GEANT
ACE
KDDI Labs
JGN-X
AIST
ESnet
MANLAN USLHCnet
CzechLight
UvA
Cern
Cal Tech
The GLIF Automated GOLE Pilot was initiated in 2010 to
provide a global fabric of Open Lightpath Exchanges for the
specific purpose of maturing the dynamic provisioning
software and services, demonstrating the value and
viability of GOLEs to advanced network service models,
and to develop a set of BCP for these services.
NORDUnet
Nordic infrastructure for Research & Education
KRLight.ets
GLORIAD.ets
Daejeon
DynamicKL
Chicago
OpenNSA
A
KRLight
KDDI-Labs.ets
WIX.ets
NorthernLight.ets CzechLight.ets
Washington
OpenNSA
Copenhagen
OpenNSA
A
JGN-X
A
StarLight.ets
JGNX.ets
Tokyo
G-LAMBDA-K
Chicago
OpenNSA/Argia
A
CESNET
NORDUnet +
SURFnet
GLORIAD
Fujimino
G-LAMBDA-K
A
US LHCnet
Prague
OpenDRAC
Pionier.ets
ACE
Poznan
Pionier
NetherLight.ets
Amsterdam
OpenDRAC
A
GEANT
A
AIST.ets
ESnet.ets
Tsukuba
G-LAMBDA-A
Chicago
OSCARS
A AutoBAHN
UvALight.ets
University of Ams.
OpenNSA
A
GEANT.ets
Paris
AutoBAHN
NSI Networks (“A”=Aggregator)
NSI peerings (SDPs) unless otherwise indicated these are vlans 1780-1783
NSI Control plane peerings without data plane connections (in progress)
NORDUnet
Nordic infrastructure for Research & Education
Initial monitoring & visualization
“Automated Earth” viz
(Takatoshi Ikeda, KDDI-Labs)
“NSI Monitor” viz
(Tomohiro Kudoh, AIST)
NORDUnet
Nordic infrastructure for Research & Education
Pointers
• Visualization
• AIST Java status monitor:
http://163.220.30.174:8070/monitor.jnlp
• KDDI Labs Google earth plugin: http://kote-ps-1.ps.jgnx.jp/ps/autoearth-nsi/
• KDDI Labs Google earth kml: http://kote-ps-1.ps.jgnx.jp/ps/autoearth-nsiAutoMAP.kml
NORDUnet
Nordic infrastructure for Research & Education
Production NSI Services
• NSI v2.0 is targeted for production deployment:
–
–
–
–
–
NORDUnet plans a production NSI based service in CY2013-Q1
SURFnet plans a production NSI based service in CY2013-Q1
StarLight plans a production NSI based service in CY2013-Q1
Pionier plans a production NSI based service in CY2013-Q1
…the list is growing
• In parallel with protocol development, the NSI community
are developing operations and administrative tools
– NOC Query and manage local service segments
– Logging and accounting
– End to end performance verification and debugging tools
• NSI protocols are evolving and maturing very rapidly – now need to
address service definitions and engineering plans
• Applications:
•
•
•
•
NEXPRES – EVLBI (currently testing from OSO to JIVE)
CO-Universe – HD video
LHCONE – HEP (a proof of concept for GOLE architecture)
Others in works (under the radar)…
NORDUnet
Nordic infrastructure for Research & Education
We’ve been here before…
• There have been a number of efforts over the last 15-20
years to make dynamic network connection oriented
services an integral part of high performance networks:
• DRAGON, FENIUS, AutoBAHN, IDCP, UCLP, GLAMBDA, Frederica,
OSCARS, DRAC, MANTICORE, Phosphorus, O-BGP, HOPI, …
• ITU Q931, Q2764 and ATM Forum Q-2931 signaling, G.709, ASON,
• IETF RSVP, RSVP-TE, and GMPLS signaling and routing protocols
• IEEE 802.3, 802.1Q, .1ad, .1ah, …
• MPLS*, ATM, SONET/SDH, MEF, Lambda switching,…
• These have all made progress, but none took root…
• Wide skepticism of non-IP services
• Many interesting but non-interoperable and incomplete service
models.
• Not Invented Here syndrome
• Issues such as inter-domain topology management were “known to
be” intractable
• AAI, end-to-end performance guarantees, scheduling, etc were
poorly understood in a multi-domain, multi-service, heterogeneous
environment.
NORDUnet
Nordic infrastructure for Research & Education
Why NSI? Why now?
• NSI does not try to boil the ocean (!)
– Presents a simple inter-domain connection provisioning
model,
– It will grow incrementally in both global reach and
sophistication over time…
• NSI takes a Global perspective to Connection Services the service architecture must be scalable:
– Automated agents perform the resource management – no
man-in-the-middle of these processes
– Inter-domain (multi-domain) approach is necessary for
global reach
– Must be secure to be globally viable in the 21st century
– Must respect local network autonomy
– Must separate the protocols from technology to allow for
wide diversity of infrastructure and longevity of the
framework concepts
NORDUnet
Nordic infrastructure for Research & Education
NSI in a Virtual SDN world
• “Networks” still have two key components:
– Switching & forwarding Nodes – e.g. routers and switches
– And transport Links that connect the Nodes.
• In real world, every virtual network layer is constructed upon a virtual
layer below it…
– To assume otherwise is not realistic in current networks
• Software Defined Networking relies upon the basic nodes and links
model as much as ever…
• NSI builds those links
– Predictable, reliable transport performance between nodes
– Common provisioning framework across domains enables global links
between SDN nodes
– NSI is a control plane tool - it coexists with and adapts to new data plane
technologies.
– NSI has addressed the reality of real world multi-domain network
switching and forwarding technologies. (AAI, security and privacy,
autonomy, heterogeneity of infrastructure, topology integration, etc.)
• NSI is complementary to and is an enabling tool for emerging
technologies such as OpenFlow, GENI, etc.
NORDUnet
Nordic infrastructure for Research & Education
Why is NSI different
• NSI represents an open and consensus driven approach to interdomain provisioning of LightPath (Connection) services
– It is an Open standard – anyone [who is well informed] can participate
in the discussion/specification
– Consensus standards create “buy-in” – i.e. when everyone has had a
voice in its specification, and understands its inner workings,
everyone is willing to adopt it and deploy it.
• The NSI Working Group has actively courted wide participation
– We have invited key organizations to particiapte
– We have tried to keep the broader community informed of progress
– We have invested substantial effort into showing tangible progress
and presenting high visibility demonstrations of the resulting OGF NSI
standard
• NSI represents the best opportunity in 20+ years to see a single
common control architecture deployed globally to provide network
performance guarantees.
– Wide scale deployment within the R&E community
– Commercial adoption and Vendor support for the OGF NSI Standard
NORDUnet
Nordic infrastructure for Research & Education
OGF NSI Working Group
• The OGF NSI WG is an Open working group
• This means if you have ideas you would like to see incorporated
into the NSI framework and/or protocols, please get active in
the process:
• Contact one of the active WG members and pick their brain
• Join the mailing list, lurk, read the literature, and get up to
speed, then join the calls…
• Contribute – ask, comment, propose…help us sort thru the
issues to achieve clarity within the group and consensus within
the broader community

similar documents