Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

JRA2 GN4Phase1 PID

advertisement 
GN4 Phase 1 - Project Initiation
Document (PID)
0.1.1
Activity JRA2: Future Network & Services Infrastructure and
Operations
Start month
End month
1
12
0.1.1.1 Background and Reasoning
Nowadays, GÉANT and the NRENs have the infrastructure capabilities and the expertise to offer advanced,
special purpose networking services beyond the big fat pipes in order to address the unique requirements of their
user community. The current trends and technologies in the area of Software-Defined Networking (SDN),
Network (Function) Virtualization (NFV), Network-as-a-Service (NaaS) provisioning are in fact offering a fertile
environment for the development and delivery of the next generation REN services and operations.
SDN, NFV and NaaS form a landscape where:

The control plane is programmable and no longer depending upon functionality that is inherent to the
data plane infrastructure.

The network can be engineered in a modular way, so that the same physical elements can support
different control and management principles.

Resources and functions can be enabled dynamically, driven by user needs.

Virtualization of resources ensures better utilization and multi-tenancy

Heterogeneous substrates can be abstracted in terms of resources and capabilities and offered as a
service.

Applications and users are able to control the resources and capabilities of the network infrastructure,
under certain delegation schemes.

Primitive controls and capabilities can be composed to offer composite services of added-value.

Advanced capabilities and service models can be extended to the last mile, as provisioning and control
is no longer a matter of embedded hardware and control plane capabilities.
In this environment, SDN has introduced a major shift in network infrastructure and service architectures, by
providing an open means to control resources. NFV has provided a modelling framework for network functions
with significant flexibility that allows for them to be realized by software and moved to or instantiated in various
locations in the network. Programmable resources and flexible functions on top of them offer a unique set of
capabilities for customized service offerings. NaaS comes in handy to export such capabilities to the users and
applications in the form of services, although it can also be used on its own to export legacy equipment features
and functions ‘as a service’1. The interplay of these technologies for delivering value to the users, as proposed
by this Activity, is depicted in Figure 1.
1
For example, NaaS-based implementations of Virtual Network Functions (VNFs) have been showcased via
OpenNaaS [OPENNAAS], which supports out-of-the-box virtual routers’ management in certain routing
platforms (i.e. Juniper MX series).
1
In this landscape, advanced applications/use-cases from the R&E community as well as requirements for more
intelligent and efficient operations call upon GÉANT and the NRENs to overcome traditional service provisioning
and operational models. Expectations include:

Multi tenancy, multi-point network fabrics, e.g. for interconnecting clouds

Programmable traffic processing/monitoring for troubleshooting, network monitoring, application
performance tuning or security purposes

User-empowered configuration and provisioning (in co-existance with core management and operations)

Traffic engineering controls to serve data transfers (shortest path, optimal path, application-to-network
interaction-based optimisations)

On-demand operational capabilities such as IDS, firewalling, traffic tapping
Figure 1. SDN, NFV and NaaS paradigms are instrumental in delivering value to the R&E community through
the next generation of network services
The expected outcomes of the Activity are:

the introduction, through Proofs of Concept (PoCs), of next-generation network services for GÉANT,
where most of the intelligence stays with the software and the data plane is restrained to forwarding
traffic

the realization of e2e extensions of multi-domain services through user control upon the last mile

advanced network support of cloud providers and users

the adoption of a northbound APIs for applications to interact with the network in the GÉANT-NREN
service area

the foundation for advanced operational capabilities in the longer term, such as autonomic network
management utilizing SDN [AUTOFLOW]
Overall, the Activity will strengthen the position of GÉANT as an R&E service provider by delivering custom
service capabilities to meet the specialized needs of its user community.
2
0.1.1.2 Timing
0.1.1.3 Objectives
By utilizing the aforementioned technologies and paradigms, the Activity aims to:

Assess from a technical and economical point of view the introduction of SDN/NFV/NaaS capabilities to
REN production environments

Architecturally and functionally define advanced service models

Evaluate and extend as needed software products for the realization of the service models defined

Implement PoCs for use-cases matching user community and operational needs
0.1.1.4 Description of Work
The activity JRA2: Future Network & Services Infrastructure and Operations will be divided between the following
Tasks:




Task 0: Activity Leadership.
Task 1: Future Network Services’ requirements and architectures
Task 2: Future Network Services’ software solutions
Task 3: Future Network Services’ use cases and PoCs
These are described in detail below.
Task 0: Activity Leadership
This Task is to lead the JRA2 Activity as a whole, to manage and coordinate the work of all 3 Tasks.
It will ensure the overall technical coherence of the implementation of the work plan, as well as its timely and
efficient execution.
The Task will coordinate liaison efforts with other GÉANT activities and the global community working on relevant
technologies and service models. It will also handle inter-Task communication, liaison and coordination, as in
several cases, the work outputs of a task are to be fed into another (e.g. from Task 1 into Task 2 and from Tasks
1 & 2 into Task 3).
3
The Task will handle exceptions and escalations emerging within the activity as a result of deviations from plans
or changes in the external environment, such as the announcement of new products, solutions and specifications
for the technologies in scope as well as the rapid evolution of the industry trends.
The Activity and Task Leaders are responsible for managing the PMF processes within the Activity as well as
reporting and outreach.
Task 1: Future Network Service’s requirements and architectures
SDN/NFV/NaaS technologies empower RENs to overcome their Service Provider (SP) boundaries, their limited
knowledge of the semantics of application data and the constraints imposed by control and management
systems2 of legacy solutions. Software-based and virtualization features deliver to RENs a toolbox of control and
management functions, which can in turn be assembled into specialized and custom service models and
exposition of user-friendly capabilities.
This Task aims to deliver the architecture, specification and requirements for selected future network services
and operational capabilities in the GÉANT-NREN context. It will extend the models of existing GÉANT services
(BoD and MDVPN) in order to bring services closer to users and enable them with advanced control and
management capabilities. At the same time, it will introduce novel service models to address the requirements of
specialized applications and add value to the GÉAN service area. Overall, the work proposed aims at adding
operational flexibility and efficiency to service delivery.
Paramount to the adoption of the proposed service models is their techno-economic implications upon the
existing REN infrarstructures and operational environments. The Task will deliver a small-scale assessment
(CAPEX, OPEX) of the path towards NFV and SDN adoption, through the enabling of such capabilities in existing
hardware or the replacement of proprietary network equipment with SDN-powered commodity hardware. This
assessment will include a recommendation for gradual adoption of such capabilities, with a focus on the case of
production GÉANT, addressing maturity, scalability and security issues.
The sevice models addressed will be:

Network on Demand (NoD): Controlled delegation of the last mile configuration/provisioning to the enduser for end-to-end special purpose network service delivery. This refers to extending a BoD, MDVPN
or lightpath service delivery point (usually at the ingress of a campus) to the application endpoint.

NaaS-powered MDVPN: Utilizing the modelling of resources, resource abstractions and their capabilities
to enhance the existing service model with controlled delegation and automation.

INaaS: A combination of Infrastructure as a Service (IaaS) with NaaS for virtually extending a user
network into a remotely hosted cloud facility. NaaS can enable both provisioning of virtually dedicated
connectivity between the network and the cloud resources as well as delegated management capabilities
(e.g. addressing) to the user.

SDN and NFV-based attack mitigation: SDN and OpenFlow in particular can be utilized both for malicious
traffic redirection and for traffic filtering purposes. Security-related features, such as specific flows being
directed to network security appliances for analysis can be directly introduced to the network while
interoperating with existing solutions. Moreover, unlike other technologies, OpenFlow can be used
intelligently to apply measures closer to the source of suspicious traffic. At the same time, NFV can be
used to implement functions such as deep packet inspection without specialized hardware.

Connectivity services based on SDN: Leveraging the promising results from GN3plus OpenCall projects
DynPac and DREAMER ([DYNPAC], [DREAMER]) on exploiting SDN to deliver the functionalities of an
IP/MPLS control plane and flexible IP and circuit-oriented connectivity services in the context of GÉANTNRENs
As part of the development of these service models and the corresponding operational needs, the Task will
identify, investigate and provide specifications, where needed, on the following horizontal topics:

2
The universal northbound SDN controller interface and the NaaS software stack required for the
realization of the aforementioned service models but also to be exposed towards the advanced
applications served by GÉANT and the NRENs
Such and Element and Network Management Systems (EMS/NMSs)
4

The functional elements and procedures for control delegation, AAI, automation, partitioning of resources
required by the service models

The monitoring and accounting elements required by the service models. These include:
o
Monitoring, accounting and performance verification with focus on multi-tenancy: per-tenant
OAM monitoring at the data plane and control-plane driven flow accounting and
monitoring/sampling
o
Optimizations in data plane monitoring, namely adaptive monitoring, based on control plane
activity as enabled by SDN
A separate work item is defined for modelling of physical, abstracted resources and their capabilities. This work
item will build upon existing developments in previous work and research efforts (e.g in the OGF NML WG and
EC-funded projects) to extend and augment the modelling of physical and virtual resources as well as their
capabilities across layers. Such modelling is required for SDN and NaaS-based service delivery across multiple
service types.
Finally, the Task will be tracking relevant standardization/specification organizations (IETF, ONF, OGF, ETSI)
and related technologies (e.g. OpenFlow, NFV, NSI).
Objectives

To provide clear outcomes regarding the technical feasibility and costs for introducing SDN-NFV
capabilities to GÉANT and the NREN infrastructures

To deliver concise novel service models

To analyze the operational and functional requirements of such service models and specify solutions
Work Plan
Work
item
number
Work item title
Work item description
1
Techno-economic assessment of NFV
and SDN adoption
Analysis of the feasibility to introduce SDN, NFV
capabilities to the current production environment of
RENs, including associated OPEX and CAPEX.
2
NoD
Service model specification, functional and operational
requirements,
identification
of
the
software
components to be reused/developed.
3
NaaS-MDVPN
Service model specification, functional and operational
requirements,
identification
of
the
software
components to be reused/developed.
4
INaaS
Service model specification, functional and operational
requirements,
identification
of
the
software
components to be reused/developed.
5
SDN-based attack mitigation
Service model specification, functional and operational
requirements identification of the software components
to be reused/developed.
6
SDN-based connectivity services
Evaluation of the DYNPAC & DREAMER outcomes as
well as relevant developments globally. Technical and
operational analysis of the benefits and drawbacks of
SDN-based connectivity services as compared to
conventional models used currently. Conclusions to be
addressed in the subsequent phases of GN4.
5
7
Resource modelling
This work item will provide specifications of physical
and virtual resource modelling and capabilities
modelling (as per the NaaS principles) for technologies
and layers where such specifications are missing,
while at the same time being required by the service
models in scope.
Task 2: Future Network Service’s software solutions
In software-defined and virtualized-function network environments, software plays a much larger role than in
traditional networking. Much of the network functionality runs on servers, including software controllers, softwarebased function modules and applications. However, this software ecosystem is rapidly evolving and at the same
time too complex to follow for a single NREN or service design team. Maintenance and support of the software
components themselves is also a non-negligible task. In order to avoid efforts’ duplication and incompatibility of
solutions adopted within the GÉANT-NREN multi-domain environment, the Task will focus on evaluation,
assessment and extensions as/when needed of software products delivering SDN, NFV and NaaS capabilities.
More specifically, for the adoption of SDN capabilities, the Task will work to assess, in collaboration with the
industry, the available SDN controller solutions. It will then deliver a recommendation for the controller framework
that the GÉANT community should adopt. This will consequently allow the development of network service
applications exploiting SDN features on top of a common northbound interface (see Figure 2), within GN4 and
beyond.
nte
Si
Iaa
Mu
ltido
ma
in
se
rv
ice
s
g ra
Au
tio
ton
n
ma o mi c
na
ge netw
m e o rk
Ap
nt
ca plica
ch
ing tions
sch wit
em h
Te
stb
es
ed
se
Se
rvi
cu
ce
rity
s
ap
pli
ca
Mu
tio
l
ns
fra ti-ten
me a n
wo cy
rks
Additionally, the Task will assess other SDN, NFV and NaaS software solutions (such as OpenVirtex network
hypervisor [OPENVIRTEX] and the OpenNaaS platform [OPENNAAS]) as well as network service applications
(e.g. the Defense4All DDoS attack detection and traffic diversion solution [DEF4ALL]) that address the
requirements defined in Task 1 and the corresponding PoCs planned for Task 3. This assessment will aim to
ensure reusability of existing software products to achieve the goals of the Activity to the extent possible, while
at the same time the Task will identify the needs for and proceed with prototyping of software modules where
needed.
API
SDN controller
Network
Figure 2. A common northbound SDN interface will enable the seamless deployment of network service
applications exploiting SDN features within the GÉANT-NREN service area
Objectives

To establish an ecosystem of SDN, NFV and NaaS software elements and applications that are useful
in the GÉANT, NREN and academic environments
6


To reduce the cost of future network application development, by adopting ready-made solutions where
possible and offer production quality code
To enable the introduction of novel network capabilities in GÉANT and NRENs in the form of software
components
Work Plan
3
Work
item
number
Work item title
Work item description
1
Joint software developments’ framework
This work item will establish the environment for the
joint evaluation, development and maintenance of
ready-made software and its extensions/adaptations
for the delivery of SDN, NFV and NaaS capabilities to
GÉANT-NREN infrastructures. It includes:

The establishment of a dedicated repository
of software components specific to the goals
of the Activity

The definition of metrics and a methodology
to assess ready-made solutions, including the
performance of software-based functions
against their implementation by conventional
hardware appliances

The establishment of a regularly updated
requirements-to-features matrix for the
solutions under assessment, based on Task 1
service model requirements
2
SDN Controller evaluation
This work item will build upon GN3plus findings to
conduct an assessment of available SDN controller
solutions, will provide a recommendation for the
controller framework that the GÉANT community
should adopt, as well as its extension if needed, and
its northbound interface towards network applications.
4
NaaS and NFV software evaluation and
roadmap
This work item focuses on assessment of the
OpenNaaS suite, as well as other NaaS and NFV
products3 related to Task 1 requirements and service
models. OpenNaaS will be evaluated in the context of
a universal NaaS solution, upon which all GÉANT
network services can be offered as network
applications as a follow-up to relevant GN3plus
developments. Based on the operational assessment
but also the service model requirements as emerging
from Task 1, a roadmap for the adoption and/or
adaptation/extension
of
selected
software
components will be provided.
3
Evaluation of SDN, NFV and network
application solutions
The work item will carry out an assessment of
software products beyond those evaluated in work
items 3 and 4 that address the requirements of service
models as specified in Task 1, with the aim to ensure
Due to a rapidly evolving market, the exact list of software solutions to be assessed will be compiled during M1
of the project.
7
reusability of software solutions to achieve the goals
of the Activity.
Examples of such products are the Internet2 Internet2
FlowSpace Firewall [I2AL2SFF] and OpenStack NFV
modules [OPSTNFV].
4
PoC prototyping
This work item will carry out all the prototype
implementation and integration work required to
implement the PoCs defined in Task 3 based on Task
1 specifications. It is expected that pre-existing
software modules, as evaluated by Task 2, will be
extensively reused and therefore, the prototyping
work will be limited to the extent possible.
Task 3: Future Network Services’ testing and PoCs
This Task will inherit the specifications of service models from Task 1 as well as the results of the software
assessment and prototyping from Task 2 to design and deliver functional PoCs for four of the service models
empowerd by SDN/NFV and/or NaaS technologies, as presented here.
It will also support software testing activities, as conducted by Task 2, by interfacing with TaaS centrally on behalf
of the Activity and providing access to its experimentation services.
The Task will utilize TaaS resources, extended to NREN infrastructure if/as needed. Emphasis will be placed on
minimizing the additional equipment/infrastructure needed to implement each of the PoCs.
For each of the PoCs, at least one wide dissemination action (e.g. demo) will be implemented.
The Task will conclude by a PoC documentation and conclusions document, which will include, for each PoC, at
least one specific use-case directly relevant to a GÉANT-NREN user community/group.
Objectives



Prove the concept of the proposed service models.
Deliver prototypes that can be taken up by service activities to develop full scale service capabilities in
subsequent phases of the Activity.
Disseminate upcoming GÉANT-NREN service offerings to the wider community by highlighting realistic
use cases.
Work Plan
Work
item
number
Work item title
Work item description
1
SDN/NFV/NaaS software components
and network applications testing support
This work item will support testing and evaluation of
software components as conducted by Task 2 and the
deployment of PoCs in the current Task. It will ensure
access to TaaS and address specialized requirements
for deployment and testing of individual software
elements as and when needed.
2
NoD PoC
This work item will design, implement and
demonstrate a functional PoC for the NoD service
model
8
3
NaaS-MDVPN PoC
This work item will design, implement and
demonstrate a functional PoC for the NaaS-powered
MDVPN service model
4
INaaS PoC
This work item will design, implement and
demonstrate a functional PoC for the INaaS service
model
5
SDN-based attack mitigation PoC
This work item will design, implement and
demonstrate a functional PoC for the SDN-based
attack mitigation service model
0.1.1.5 Deliverables
Deliverable
no.
Deliverable name and brief description
WP
no.
Nature
Dissemination
level
Delivery
date
(project
month)
D2.2.1
SDN/NFV/NaaS software evaluation
2
R
P
M11
D2.3.1
Future Services PoCs: implementation and 3
dissemination report
R,D
P
M12
Table 1: JRA2 deliverables
0.1.1.6 Milestones
Milestone
number
Milestone name
M2.1.1
Completion
of
techno-economic
study on adoption
of SDN/NFV by
RENs
M2.1.2
NoD specification
M2.1.3
NaaS-MDVPN
specification
M2.1.4
INaaS specification
Description
Work
package(s)
involved
Expected
date
Means of
verification
Analysis and conclusion on
the feasibility of introducing
SDN, NFV capabilities to the
current
production
environment
of
RENs,
including associated OPEX
and CAPEX.
1
M3
Internal report
Service model specification,
functional and operational
requirements,
software
components architecture for
the NoD model
1
M6
Internal report
Service model specification,
functional and operational
requirements,
software
components architecture for
the NaaS-MDVPN model
1
M6
Internal report
Service model specification,
functional and operational
requirements,
software
1
M6
Internal report
9
Milestone
number
Milestone name
Description
Work
package(s)
involved
Expected
date
Means of
verification
M6
Internal report
M3
Repository
made
available online
components architecture for
the INaaS model
M2.1.5
SDN -based attack Service model specification, 1
mitigation
functional and operational
specification
requirements,
software
components architecture for
the SDN -based attack
mitigation model
M2.2.1
Software
framework in place
Delivery of the repository of
software components and an
initial
requirements-tofeatures matrix
1
Table 2: JRA2 milestones
0.1.1.7 Dependencies
List any major tasks that can only be performed once other tasks are fully or partially completed in your Activity
or any other Activity. It is important to include both the tasks that are responsibility of this project/activity to
deliver or the task upon which your project or activity is dependent upon. Please also list what you expect from
other activities, or what are you going to provide to other activities or any other inter-relations.
Work Item 1 of Task 1 presupposes a strong link with vendors of the GÉANT backbone infrastructure, ideally
access to their test lab environments to assess their products in terms of SDN/NFV adoption and compliance
and detailed view upon product roadmaps.
Work Item 1 of Task 2 depends on horizontal software infrastructure and processes of the project.
Work Item 4 of Task 2 presupposes the establishmen of a dedicated team of software developers with expertise
on SDN/NFV/NaaS platforms and the relevant software technologies
Work Items 2-5 of Task 3 pressupose that at least one of the participating NREN will be able to provide
infrastructure/resources for the purposes of deploying the PoCs to complement TaaS and other GÉANT
resources if/as needed.
Tasks 2 and 3 depend significantly on the TaaS infrastructure and services. It is expected that multiple instances
of TaaS slices will be required throughout the duration of the Activity, as well as specialized operational support
of the testing and PoCs deployed.
Risk: SDN and NFV are rapidly evolving. Getting concensus on controller framework and software design choices
may slow down the work.
0.1.1.8 Project Components
Provide a graphical presentation of the components showing their interdependencies (Pert diagram or similar)
10
TASK 1
TASK 2
Standards
Joint software developments’ framework
Monitoring/accounting
INaaS
SDNbased
attack
mitigation
SDN-based
connectivity
services
Northbound API
Delegation and AAI
Functional
requirements
SDN
Controller
evaluation
Resource and capabilities’ modelling
Software
components
NaaSMDVPN
Functional &
operational
specifications
NoD
Software
capabilities
NaaS and
NFV
software
evaluation
and
roadmap
Evaluation
of SDN,
NFV and
network
application
solutions
PoC
prototyping
Testing support
Techno-economic assessment
TASK 3
NoD PoC
NaaSMDVPN
PoC
INaaS PoC
SDN-based
attack
mitigation
PoC
Software components’ and network applications’ testing support
11
Appendix: Handling of NIFs submitted for JRA2
[29] Suggested to be redirected to JRA3.
[45] Suggested to be redirected to JRA3.
[52] Service aspects are in T1, software-related aspects in T2 and use case aspects in T3
[53] Model and requirements in T1, software assessment-development in T2, PoC in T3
[54] Design in T1, development in T2 and PoC in T3
[74] Model and requirements in T1, software assessment-development in T2, PoC in T3
[75] Software assessment in T2
[97] Requirements and analysis in T1, existing tools assessment in T2
[99] Requirements and analysis in T1, software prototyping in T2
[101] Discussions pending with the authors, the JRA Coordinator and the PMO
[106] Scaled down, after consultation with the authors, and included in T1 as a standalone Work Item 6.
[112] Model and requirements in T1, software assessment-development in T2, PoC in T3
[121] Addressed as the core topic of T2
[135] Suggested to be submitted as an Open Call proposal.
12
References
[AUTOFLOW]
GN3plus OpenCall project AUTOFLOW: Autonomic OpenFlow,
http://www.geant.net/opencall/Software_Defined_Networking/Pages/Home.aspx#AUTOFLOW
[DEF4ALL]
https://wiki.opendaylight.org/view/Project_Proposals:Defense4All
[DREAMER]
http://www.geant.net/opencall/Software_Defined_Networking/Pages/Home.aspx#DYNPAC
[DYNPAC]
http://www.geant.net/opencall/Software_Defined_Networking/Pages/Home.aspx#DREAMER
[I2AL2SFF]
http://www.internet2.edu/media/cms_page_media/427/20131215%20-%20BoydBalas%20-%20Network%20Virtualization_1.pptx
[OPENNAAS]
http://opennaas.org/
[OPENVIRTEX] https://www.usenix.org/system/files/conference/ons2014/ons2014-paper-al_shabibi.pdf
[OPSTNFV]
https://wiki.openstack.org/wiki/Horizon-NFV-configuration
13
Related documents
Thomas Edwards, Fox - Hollywood Post Alliance
Thomas Edwards, Fox - Hollywood Post Alliance
Brendan_Jennings TSSG Waterford Institue of Technology
Brendan_Jennings TSSG Waterford Institue of Technology
Meridian - ShareCourse
Meridian - ShareCourse
Slides
Slides
iSTAMP
iSTAMP
RaZER
RaZER
Overview of NFV and connecting with SDN
Overview of NFV and connecting with SDN
Zen and the Art of Network Architecture
Zen and the Art of Network Architecture
Hosts SDN Alliance Taiwan
Hosts SDN Alliance Taiwan
Download
advertisement