GNA – Global Network Architecture Web: http://gna-re.net/ Work in Progress document GNA Network Services Document name: Author(s): Contributor(s): Date: Version: GNA Network Services Erik-Jan Bos, Dale Finkelson, David Wilde, Gerben van Malenstein GNA Technical Team 9 February 2016 V1.0-Technical Table of Contents 1. Introduction ................................................................................................... 1 2. Definitions ..................................................................................................... 2 3. Required Services ........................................................................................... 3 Deterministic Services .................................................................................................................................... 4 Non-Deterministic Services .......................................................................................................................... 4 Other Services .................................................................................................................................................... 4 4. Service delivery .............................................................................................. 4 5. Set-Up/Tear-Down Methodology ................................................................... 5 6. Possible Implementation techniques .............................................................. 5 7. Developing Innovation Services ...................................................................... 6 8. Network Services not part of GNA .................................................................. 7 9. Conclusion ..................................................................................................... 7 Executive Summary This document outlines a set of services and possible implementation techniques for participants in a GNA network project. It also points out areas or services that are not viewed to be a part of a GNA network project (at this time). 1. Introduction The Global Network Architecture (GNA) is a blueprint for the intercontinental network interconnections for R&E Networks around the globe. These R&E 1 GNA – Global Network Architecture Web: http://gna-re.net/ Work in Progress document Network organizations have agreed to align their investment strategies in order to be able to jointly create a much more powerful set of network services with a global reach. This is an inclusive effort, with the overall aim and goal to have a better and more resilient network infrastructure for Research and Education, on a global scale. The implementation of the GNA will not be a big bang, but is expected to grow gradually as more R&E Networks make investments along the lines of the ideas from this activity. The resulting network could be known as the GNA Infrastructure for R&E (GIRE)1, and this term is used in this document but has not yet been agreed. Current thinking is that an initial set of GNA Network Services will be agreed upon and be labeled GNA v1.0. An associated roadmap will plot the development of v1.0 services and new services in time, leading to minor updates called v1.1, v1.2, etc., and major updates v2.0, etc.. Technically speaking, GIRE is a set of contributed circuits landing on Open Exchange Points, all subscribing to a set of commonly agreed principles. It is not a standalone network, with one owner or one operator, and it should also not be thought of as having a separate and dedicated AS Number being one routed infrastructure. Rather, in the big picture, it is a shared substrate adhering to a common set of architecture, operations, and security principles upon which participants create the network services that interconnect them. A core set of services will be available over this substrate. These services will enable the GIRE participants to utilize the substrate for their networking needs, e.g. by creating value-add network services on top of the substrate. This document provides a description of the primitive network services available on this substrate. It will also describe potential network services that may be offered at a later date. The physical infrastructure of GIRE consists essentially of a set of highperformance links and Open Exchange Points, jointly referred to as the (tangible) architecture elements of the GIRE. 2. Definitions The following set of terms are defined here and used in this document, and at a later stage this is planned to go into a dedicated GNA Definitions document. Gire refers to gyre, which is “a ringlike system of ocean currents rotating clockwise in the Northern Hemisphere and counterclockwise in the Southern Hemisphere”. 1 2 GNA – Global Network Architecture Web: http://gna-re.net/ Work in Progress document Link: A circuit or wavelength between two Open Exchange Points made available for service implementation. A link may have a policy associated with it, as set by the link owner. Link Policy: A link may have requirements concerning how and to whom bandwidth may be allocated, these requirements would be expressed as policy. Link Owner: The entity that holds the contract for the link with the carrier or fiber company. Link owners can also determine policy on a link. End-to-End Deterministic Service: Ability to deliver traffic end to end in a manner that is determined by the classification of the traffic and/or guaranteed by a well-defined set of parameters. Participant: Connectors and contributors will be Research and Education Networks, such as national R&E Networks (e.g. AARNet, SURFnet), Regional R&E Networks (e.g. RedCLARA, GÉANT Association) and mission specific networks (e.g. ESnet). Third Parties: Commercial service providers, connected to a Participant or to an Open Exchange Point, for the use of delivering services to the R&E Community. Open Exchange Point: A location where physical links are terminated, interconnection between participants is facilitated and services are implemented in a policy free manner. Also, access to the colocation site -in which the Open Exchange Point is located- is available under non-discriminatory and fair conditions. 3. Required Services There are a fairly small set of primitive or basic services that the substrate will offer and thus that the exchange points will need to develop a means to implement. How these are implemented could vary from location to location and is not a primary concern of this document. The reporting, operational expectations, and open statistics as described in the GNA operations documentation, must be fully supported by the Open Exchange Point operators. 3 GNA – Global Network Architecture Web: http://gna-re.net/ Work in Progress document Deterministic Services Two types of point-to-point deterministic services are defined: I. Guaranteed Bandwidth Service: A participating organization will be allowed to specify some amount of bandwidth for guaranteed delivery. Each participating organization may have some portion of each link – or set of links – available to them for guaranteed delivery of flows. II. Guaranteed Bandwidth Service with Bursting Capabilities: This service is based on the Guaranteed Bandwidth Service. It adds bursting capabilities. In this case a network service has guaranteed bandwidth available and is also able to exceed this bandwidth as long as there is additional Best Effort capacity available to the service. Non-Deterministic Services III. Best Effort Service: All participating organizations are allowed to inject traffic for best effort delivery without any restrictions on amount. Being best effort this traffic may be eligible for drop during congestion, e.g. as a result of an outage on another link, and thus not be delivered in any deterministic fashion. IV. Flow Separation: In some cases an organization may wish to have some particular traffic separated from other traffic by means of a VLAN or other technology. This is still Best Effort traffic. The separation may be for better accounting on a specific application or other point-to-point activities. Other Services V. Special Use Service: Any participating organization can request a fixed amount of any link for a discrete period of time for a special event. Examples would be requesting 80G over a specific (short) term to be used for application demonstration at a conference or other event. Details of how these requests would be approved are TBD. These requests may be either Deterministic or NonDeterministic. 4. Service delivery The following services are expected to be delivered by the participating R&E Network organizations to their constituencies, using the GNA substrate: 1. Multi-point service 2. Overlay services (like LHCONE): L2 / L3 / MDVPN / Content peering 4 GNA – Global Network Architecture Web: http://gna-re.net/ Work in Progress document 3. Point-to-point Anywhere-in-the-World2 4. Monitoring & Trouble tickets (flowing back along provisioning lines across multiple networks / verification) 5. Tie into Compute & Tie into Storage (as part of the L3 overlay / towards CDN service & caching)3 6. Slicing (of OSS) 7. Encryption & Certification on transport layer (P2P / P2MP / Overlay) 8. Security Services / Forensics / Boundary DDoS mitigation For each of these services, generic concepts will apply: • Verification of Services • Automation as much as possible • High-availability (resiliency) Version Management for the GNA Network Services will be a key, as A cookbook explaining what it means to be connected to the GIRE, and how a new R&E Network is able to join will be developed as part of the discussions going forward, and a first version of the GNA Cookbook will arise from these discussions. 5. Set-Up/Tear-Down Methodology All of the basic service types above will be available through the Open Exchange Points. A feature that must be implemented by the Open Exchange Point operator, on a per service basis, is automated service set-up and teardown. In this instance a participating organization will be allowed to set-up a service type for a certain period of time without the need for operator intervention. The technology used for dynamic services will be open protocol and standards based. At time of writing, the Network Services Interface (NSI) standardized by the Open Grid Forum (OGF) will be a interdomain signaling standard for this type of service. 6. Possible Implementation techniques There are of course many means whereby these services could be implemented and the way in which that is done may well change over time. The only real Parameters to be specified: Presentation such as Eth, Services Supported such as QinQ, Capacity, Label swapping, VLAN retagging. This is expected to become ultimately a service using ENNI ports between networks. 3 This needs discussions with these domains; two flavors are foreseen: NFV and Dedicated. 2 5 GNA – Global Network Architecture Web: http://gna-re.net/ Work in Progress document constraint right now is that the exchanges must offer these services in such way that they can interoperate with the organizations that are relying on the services offered by the operators of the Open Exchange Points. As an example, one means to offer the Best Effort Service may be using VLANs: every exchange will need to have the ability to provide VLANs across their switch infrastructure to enable packets to flow between participant ports. This capability needs to support a range of Ethernet standards, such as the various speeds all the way up to the highest current speed, QinQ and MAC-learning. One way to offer the Guaranteed Bandwidth Service may be by use of differentiated services: exchange points must support 2 or more classes of service for individual packets within one VLAN. A Participant would mark packets tagged with this VLAN with 802.1p bits in the packet header thus enabling prioritization. Another use case that needs to be considered at some point may be the availability of the non-guaranteed capacity on the links to the general R&E community independent of their status as a Participant. This Commons capacity may be made available to the general R&E community on the GNA substrate without regard to whether the organization is a part of the GNA. How and to what degree this is implemented will need to be discussed. This will allow for the creation of a global peering fabric for R&E Networks (this is for further study at this moment). 7. Developing Innovation Services The services delivered by GIRE are not a static set, but rather will evolve as the technology matures and as the requirements from the Participants and the endusers evolve. These networks do after all exist to meet the needs of the community of users the Participants serve. Virtualization services are currently under discussion while development has been taking place for some time now. As protocols like NSI, OpenFlow, and others become universally available across Open Exchange Point platforms these will become more critical for production services. This implies that Open Exchange Points would need to offer flow-based services together in a unified way. The tools for this are still being developed and implemented in some networks, while interoperability is a serious issue already. It is anticipated that virtualization services join the list of required services any time soon, after the GNA Technical Team has had time to work with software architects. 6 GNA – Global Network Architecture Web: http://gna-re.net/ Work in Progress document 8. Potential Network Services enabled by the GNA In this discussion it is also important to understand what are not GNA core services: These are capabilities enabled by the GNA services described in this document. Working with the participating Open Exchange Point operators, and coordinated through the Operations body for GIRE, the GNA Participants may create these services over the GIRE, as their own value-added services. These include but are not limited to: IP networks: Provisioning of routed networks is not a primitive service of the GNA substrate, though of course using the basic service types (e.g. implemented by VLANs) participants can create/stitch together their own IP networks. Peering: The GNA does not directly participate in any peering, there will not be an AS number associated with the GNA. Though again peering arrangements are enabled by the services available from the Substrate and participating Open Exchange Points. Commercial Peering Service: these are facilitated by the substrate – on a lower level, e.g. VLAN – but are not direct services of the GNA. Infrastructure Sharing: This could be enabled by the use of virtualization services. This would allow participants to extend their infrastructure and thus the services they offer to other parts of the globe. Testbed as a Service: Similar to the Infrastructure Sharing this could be enabled by the use of virtualization. CDN: It might well be possible to use the GNA substrate to build a Content Delivery Network. This might consist of multiple sets of servers located at Exchange Point facilities and attached to the Exchange Points. This would enable low latency access to those facilities. 9. Conclusion Finally there is a set of potential services that should be studied further. These could become GNA services or they could be further above the net services that are made possible by the substrate. Among those so far mentioned would be: A distributed R&E VPN service. 7 GNA – Global Network Architecture Web: http://gna-re.net/ Work in Progress document Global DNS service (coordination in this space in the R&E Networking world) Making capacity available at the Optical level. This could be another instance of infrastructure sharing between participants. The GNA Network Services discussion will continue to evolve, and feedback remains welcome, while the GNA Technical Team continues to evolve the GNA thinking. 8