beba behavioural based forwarding deliverable report d7.1 ... · 1.0 29/02/2016 bonola cnit final...

BEBA Behavioural Based

Forwarding Grant Agreement: 644122

BEBA/WP7 – D7.1 Version: 1.0 of 25

BebaBEhavioural BAsed forwarding


Forwarding

Deliverable Report

D7.1 – Intermediate dissemination, standardization and exploitation plan

Deliverable title Intermediate dissemination, standardization and exploitation plan

Version 1.0 Due date of deliverable (month) M12

Actual submission date of the deliverable (dd/mm/yyyy) 02/03/2016

Start date of project (dd/mm/yyyy) 01/01/2015

Duration of the project 27 months Work Package WP7 Leader for this deliverable CNIT Other contributing partners ALL

Authors

Marco Bonola, Giuseppe Bianchi, Paola Magri, Daniela Tonti, Alessandra Guardati, Fabian Schneider, Saverio Nicolini, Julien Boite, Mathieu Bouet, Viktor Pus, Pavel Benáček, Georgios Katsikas, Dejan Kostic





Project co-funded by the European Commission within the Horizon 2020

(H2020) Programme DISSEMINATION LEVEL

PU Public X PP Restricted to other programme participants (including the Commission

Services)

RE Restricted to a group specified by the consortium (including the Commission Services)

CO Confidential, only for members of the consortium (including the Commission Services)

REVISION HISTORY

Revision Date Author Organisation Description 1.0 29/02/2016 Bonola CNIT Final version

PROPRIETARY RIGHTS STATEMENT

This document contains information, which is proprietary to the BEBA consortium. Neither this document nor the information contained herein shall be used, duplicated or communicated by any means to any third party, in whole or in parts, except with the prior written consent of the BEBA consortium. This restriction legend shall not be altered or obliterated on or from this document.

STATEMENT OF ORIGINALITY

This deliverable contains original unpublished work except where clearly indicated otherwise. Acknowledgement of previously published material and of the work of others has been made through appropriate citation, quotation or both.





TABLE OF CONTENT

EXECUTIVE SUMMARY ................................................................................................ 4

1 BEBA PROJECT OVERVIEW ................................................................................... 5

2 DISSEMINATION ACTIVITIES IN THE BEBA PROJECT .......................................... 8

2.1 PROJECT FACTSHEET ............................................................................................ 8

2.2 PROJECT PRESENTATION ........................................................................................ 8

2.3 DEMONSTRATIONS, TUTORIALS AND PRESENTATIONS ....................................................... 8

2.4 PUBLICATIONS ................................................................................................. 11

2.5 PROJECT WEBSITE ............................................................................................. 17

3 STANDARDIZATION ACTIVITIES IN THE BEBA PROJECT .................................... 19

3.1 SDN ARCHITECTURE IN ONF ................................................................................ 19

3.2 OPENFLOW PROTOCOL IN ONF .............................................................................. 19

3.2.1 Stateful packet processing (OpenState) ....................................................... 20

3.2.2 In-switch packet generation ..................................................................... 20

3.2.3 Current status and next steps .................................................................. 20

4 REPORT ON PRELIMINARY EXPLOITATION ACTIVITIES .................................... 22

REFERENCES ............................................................................................................ 25





Executive summary This report summarizes the details of the BEBA WP7 actions and results focusing on its two different tasks as defined by the project:

1. T7.1 Dissemination (from M1 to M12) 2. T7.2 ONF standardization (from M9 to M12)

The document outline is structured in relation to the two tasks and a summary per task is provided next:

Task 7.1 Dissemination

The dissemination activities within the project have focused on different aspects in order to cover a wide range of the potential audience interested in the research done in the BEBA project.

In this first year (from M1 to M12) 6 between conference and journal publications have been released to the research community summarizing the main findings of the project. The quality and quantity of the research output is inline and exceeds the originally planned objectives.

With respect to reaching out for having an impact on related activities performed by different projects and research groups 13 dissemination activities among demonstrations, tutorials and invited talks.

Task 7.2 ONF standardization

Task 7.2 progressed as scheduled and focused and in its first 3 months the BEBA project has been active in two working groups of the ONF. In the Architecture WG, we ensured that the general concept of enabling the delegation of control functions from the SDN controller to network elements is permitted and mentioned in the SDN architecture document released by ONF. In the OpenDataPath WG, we propose two extensions to the OpenFlow protocol.





1 BeBa project overview BEBA aims at providing the unprecedented ability to program, in a platform-agnostic manner, not only “just” plain forwarding rules, but also dynamic (custom) states determining which forwarding rules should be applied at a given time, and the relevant policies formalizing how states should evolve.

By introducing intelligence directly into the data plane nodes, BEBA will free SDN programmers from having to necessarily rely on the centralized controller intervention to implement more complex forwarding strategies.

Moreover, BEBA will therefore permit organizations and network operators to deploy part of their stateful flow processing operations directly on the fast data path and inside the switch. This will dramatically improve the ability to instantly (i.e. at real-time, packet-level, temporal time-scale) modify the forwarding data plane in reaction to specific packet-level events, and in front of sudden changes or anomalies in the traffic behaviour, including attacks.

Figure 1 Project structure

BEBA will start from defining novel use case application scenarios and requirements, which will inspire the extension of the basic SDN match/action forwarding behaviour into more complex





approaches based on eXtended Finite State Machines. Indeed, BEBA will design a novel abstraction and API that will provide autonomous stateful reconfiguration of forwarding rules on the basis of packet-level, flow-level and monitoring- level triggering events.

Such an ambition goal will be achieved in two separate, and yet strongly interconnected, phases. In a first phase, BEBA will provide a basic design for a stateful, platform-agnostic, data plane programming interface that will give the fundamental ability to associate and update the status associated to a flow. Such API will minimally depart from the current OpenFlow specification and will be easily implemented by extending publicly available OpenFlow implementations.

In a second phase, the project will focus on something much more ambitious. BEBA will aim at transforming a switch into a sort of network/flow processor programmed through a platform-independent abstraction. Our belief is that this can be accomplished by further introducing the ability to store temporary data into “memory registries” associated to flow entries, and provide the ability to enforce state transitions only if conditions on such registries are satisfied, as well as support registry updates upon the occurrence of events and/or state transitions.

According to such novel abstraction, BEBA will extend the data plane and control plane mechanisms, data structures and protocols and on top of these will allow the deployment of novel monitoring security and innovative forwarding applications.

As of this writing, all tasks except 6.1 and 7.3 have been started od completed (see figure 1). The following milestones have been accomplished or are focused by ongoing work.

Milestone number

Milestone name Status

1 Use case and requirements definition

Completed

2 Base specification delivery

Completed

3 Base API prototype Completed

4 Full specification delivery

Ongoing

5 Full specification prototype

Ongoing





6 Use case applications deployment

Ongoing

8 Standardization and disseminations activities

finalization

Ongoing

Figure 2 Project timeline

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27MILESTONES M M M M M M M

WP1 Project Management Q Q Q Q Q Q Q Q D

WP2 Behavioral forwarding abstraction D D Dr DrT2.1 Basic programming abstraction cT2.2 Extended API and stateful processing architecture cT2.3 Proof of concept validation c c

WP3 Data Plane design and implementation D Dr D DrT3.1 Analysis and identification of monitoring, mitigation, and forwarding extensions c cT3.2 Functional extensions design and implementation c cT3.3 Software acceleration c c

WP4 Control Plane extensions D D DT4.1 In-switch offloading of control tasks c cT4.2 Verification and reliability c c

WP5 Monitoring, security and innovative forwarding applications D D DrT5.1 Use cases and application scenarios cT5.2 Node-level middlebox-type applications' programming c cT5.3 Network-wide applications c c

WP6 Validation and trials D D DT6.1 Performance, functional, and applications' assessment in controlled environments c cT6.2 On-field assessment in real world deployments c c

WP7 Dissemination, standardization and exploitation D D DT7.1 Dissemination c c cT7.2 ONF standardization c cT7.3 Open source promotion c

Project Months & phasesphase 1 - base specif. phase 2 - extension and consolidation phase 3 - validation





2 Dissemination activities in the BEBA Project Within Task 7.1 several dissemination activities have been conducted during the first year of the project. In particular, the BEBA consortium activities focused on:

1. Project factsheets

2. Project presentation

3. Demonstrations, tutorials and invited talks

4. Publications: proceedings and journals

5. Project website

2.1 Project Factsheet The project factsheet provides project overview, partners involved and contractual information of duration and budget. The project factsheet can be downloaded from the project website:

http://www.beba-project.eu/public_deliverables/BEBA_Factsheet.pdf

2.2 Project Presentation The project overview, key concept, consortium and work plan have been presented at the the Net Futures 2015 - Future Internet Architectures Cluster, 24-25 March 2015, Brussels (Belgium). The project presentation can be downloaded from the project website:

http://www.beba-project.eu/presentations/2015-03-BeBa-netfutures.pdf

2.3 Demonstrations, tutorials and presentations The talks given by project partners to date can be distinguished into general project presentations (some of which aimed at present the project, its main vision and its challenges/achievements to the European research community) and more technical ones (tutorial and demonstrations), addressing particular issues targeted by the project.

The following table gives the summary of talks, tutorial and demonstration given by the BEBA partners.





Event, date, location

Title Audience Type Speaker Partners involved

Italian Networking Workshop, 14-16 January, Cavalese (Italy)

Behavioral-based forwarding: Towards Wire-speed Platform-agnostic Control of OpenFlow Switches

Research Talk Giuseppe Bianchi

CNIT

Net Futures 2015 - Future Internet Architectures Cluster, 24-25 March 2015, Brussels (Belgium)

BEBA project presentation

EU, research

Talk, Project presentation

Giuseppe Bianchi

CNIT

IEEE Netsoft Tutorial, 13-17 April 2015, London (UK)

From dumb to smarter switches in software defined networks: an overview of data plane evolution

Research Tutorial Antonio Capone, Carmelo Cascone

CNIT

SOSR - Open Networking Summit 2015 (ONS) 17-18 June 2015, Santa Monica (CA, US)

OpenState: platform-agnostic behavioral (stateful) forwarding via minimal OpenFlow extensions

Research, industry

Demo and Poster session

Marco Bonola, Carmelo Cascone

CNIT

ECOOP 2016, July 6, Prague (Czech Republic)

From dumb to smarter switches in software defined networks: toward a stateful dataplane

Research Talk Antonio Capone

CNIT





IEEE ComSoc summer school, 7 July, Trento (Italy)

From dumb to smarter switches in software defined networks: towards a stateful data plane

Research Talk Giuseppe Bianchi, Antonio Capone

CNIT

IEEE IWCMC 2015, 25 August, Dubrovnik (Croatia)

Network Programmability: A Holistic Perspective

Research, industry

Talk Giuseppe Bianchi

CNIT

ITaS 2015, 10 September, Sochi (Russia)

Network Programmability: A Holistic Perspective

Research, industry

Talk Giuseppe Bianchi

CNIT

P4 Workshop, 18 November, Stanford University (US)

openstate.p4: Supporting Stateful Forwarding in P4

Research Talk Antonio Capone, Carmelo Cascone

CNIT

P4 Workshop, 18 November, Stanford University (US)

P4 Implementation of a Stateful Data Plane and its Application for Failure Resiliency

Research Demo Davide Sanvito

CNIT

IEEE Infocom 2016 Demo and Poster Sessions (upcoming)

A length-aware cuckoo filter for faster IP lookup

Research, industry

Demo To Be presented

CNIT





CN@Labex seminar in Eurecom, 10 December 2015

Network Programmability: A holistic perspective

Research Talk Giuseppe Bianchi

CNIT

2.4 Publications To date BEBA has published 5 scientific papers to international conferences, 1 journal papers and 1 extedned abstract which covered the following aspects:

• Basic finite state machine dataplane abstraction and HW implementation • Acelerated mechinsms for high speed processing • Novel SDN stateful use cases • Novel SDN primitives

The following table gives the summary of the works published by the BEBA partners.

Title and Abstract Published in Type Authors Partners involved

Title Detour Planning for Fast and Reliable Failure Recovery in SDN with OpenState

Abstract A reliable and scalable mechanism to provide protection against a link or node failure has additional requirements in the context of SDN and OpenFlow. Not only it has to minimize the load on the controller, but it must be able to react even when the controller is unreachable. In this paper we present a protection scheme based on precomputed backup paths and inspired by MPLS “crankback” routing, that guarantees instantaneous recovery times and

Proceedings of the conference “Design of Reliable Communication Networks 2015”

Paper A. Capone, C. Cascone, A.Q.T. Nguyen, B. Sansò

CNIT





aims at zero packet-loss after failure detection, regardless of controller reachability, even when OpenFlow’s “fast-failover” feature cannot be used. The proposed mechanism is based on OpenState, an OpenFlow extension that allows a programmer to specify how forwarding rules should autonomously adapt in a stateful fashion, reducing the need to rely on remote controllers. We present the scheme as well as two different formulations for the computation of backup paths. Title Stateful Openflow: Hardware Proof of Concept” in the proceedings of the conference

Abstract This paper presents a hardware implementation of Openstate, an extension of OpenFlow that allows performing stateful control functionalities directly inside the switch, without requiring the intervention of an external controller. The paper shows how, with a minimal reworking of the OpenFlow’s basic architecture, and reusing the same building blocks, it is possible to greatly extend the intelligence of an OpenFlow switch allowing the offload of many control task directly in the switch. An FPGA based implementation of an Openstate prototype is here presented, the different architectural design choices are discussed, and the performance and limitations of the developed prototype are examinated. Finally, the paper proposes a discussion on the performance achievable by using

Proceedings of the conference IEEE HPSR 2015

Paper S. Pontarelli, M. Bonola, G. Bianchi, A. Capone, C. Cascone

CNIT





an ASIC implementation of the OpenState switch

Title Towards Scalable SDN Switches: Enabling Faster Flow Table Entries Installation

Proceedings of the conference ACM SIGCOMM 2015

Extended Abstract

Roberto Bifulco, Anton Matsiuk

NEC

Title OMASS: One Memory Access Set Separation

Abstract In many applications there is a need to identify to which of a group of sets an element x belongs, if any. For example, in a router, this functionality can be used to determine the next hop of an incoming packet. This problem is generally known as Set

Separation and has been widely studied. Most existing solutions make use of hash based algorithms, particularly when a small percentage of false positives is allowed. A known approach is to use a collection of Bloom filters in parallel.

Such schemes can require several memory accesses, a significant limitation for some implementations. We propose an approach using Block Bloom Filters, where each element is first hashed to a single memory block that stores a small Bloom filter that tracks the element and the set or sets the element belongs too. In a naive solution, when an element x in a set S is stored, it necessarily increases the false positive probability for finding that x is in another set T. In this paper, we

IEEE Transactions on Knowledge and Data Engineering

Long Paper

M. Mitzenmacher, P. Reviriego, S. Pontarelli

CNIT





introduce our One Memory Access Set Separation (OMASS) scheme to avoid this problem. OMASS is designed so that for a given element x, the corresponding Bloom filter bits for each set map to different positions in the memory word. This ensures that the false positive rates for the Bloom filters for element x under other sets are not affected. In addition, OMASS requires fewer hash functions compared to the naive solution.

Title Traffic Management Applications for Stateful SDN Data Plane

Abstract The successful OpenFlow approach to Software Defined Networking (SDN) allows network programmability through a central controller able to orchestrate a set of dumb switches. However, the simple match/action abstraction of Open Flow switches constrains the evolution of the forwarding rules to be fully managed by the controller. This can be particularly limiting for a number of applications that are affected by the delay of the slow control path, like traffic management applications. Some recent proposals are pushing toward an evolution of the OpenFlow abstraction to enable the evolution of forwarding policies directly in the data plane based on state machines and local events. In this paper, we present two traffic management applications that exploit a stateful data plane and their prototype implementation based on OpenState,

Proceedings of the European Workshop on Software Defined Networks

Paper C. Cascone, L. Pollini, D. Sanvito, A. Capone,

CNIT





an OpenFlow evolution that we recently proposed.

Title Automatic Generation of 100 Gbps Packet Parsers from P4 Description

Abstract Software Defined Networking and OpenFlow offer an ele- gant way to decouple network control plane from data plane. This decoupling has led to great innovation in the control plane, yet the data plane changes come at much slower pace, mainly due to the hard-wired implementation of network switches. The P4 language aims to overcome this obstacle by providing a description of a customized packet processing functionality for configurable switches. That enables a new generation of possibly heterogeneous networking hardware that can be run-time tailored for the needs of particular applications from various domains, such as HPC.

In this paper we contribute to the idea of P4 by presenting design, analysis and experimental results of our packet parser generator. The generator converts a parse graph description of P4 to a synthetizable VHDL code suitable for FPGA implementation. Our results show that the generated circuit is able to parse 100 Gbps traffic with fairly complex protocol structure at line rate on a Xilinx Virtex-7 FPGA. The

Proceedings of First International Workshop on Heterogeneous High-performance Reconfigurable Computing

Paper P. Benáček, V. Puš

CESNET





approach can be used not only in switches, but also in other appliances, such as application accelerators and smart NICs. We compare the generated output to a hand- written parser to show that the price for configurability is only slightly larger and slower circuit.

Title Improving SDN with InSPired Switches

Abstract In SDN, complex protocol interactions that require forging network packets are handled on the controller side. While this ensures flexibility, both performance and scalability are impacted, introducing serious concerns about the applicability of SDN at scale. To improve on these issues, without infringing the SDN principles of control and data planes separation, we propose an API for programming the generation of packets in SDN switches. Our InSP API allows a programmer to define in-switch packet generation operations, which include the specification of triggering conditions, packet’s content and forwarding actions. To validate our design, we implemented the InSP API in an OpenFlow software switch and in a controller, requiring only minor modifications. Finally, we demonstrate that the application of the InSP API, for the implementation of a typical ARP-handling use case, is beneficial for the scalability of both switches and controller.

Proceedings of the conference SOSR 2016

Paper R. Bifulco, J. Boite, M. Bouet, F. Schneider

NEC, TCS





2.5 Project Website The project website is http://beba-project.eu. The web site is mostly meant for external contacts and designed accordingly; the main focus is put on a clear structure that enables the reader to quickly and easily find information. With its website the BEBA consortium wants to inform the stakeholders about the project status and results. To reach this in an effective way, the following aspects are considered:

• Use of a simple and clean structure in order to be quickly understood by the visitor. Allow fast and easy access to all available information. This should be done by considering the widely used “three clicks” rule for website design.

• Provide the information to the project on different levels of detail, allowing users with diverse backgrounds and experiences to understand the content.

• Provide continuously updated information on results that are achieved in the various working areas (e.g. general architecture, data protection mechanisms, standards, publications etc.) of the project. This information should enable the visitor to get a quick overview of the approach taken and the main results achieved.

• Provide contact information not only to the overall project management but also to the people involved in the various working areas, in order to enable interested people to discuss topics directly with the experts.

• Provide information on related events like conferences in a news flash • Provide all public deliverables and BEBA papers for download. • Possibly make use of existing (preferably open source) software and try to fully avoid

development of any new components.

The website has been launched in January 2015 and consists of the following sections:

1- THE PROJECT: a general info section containing the project overview, key concepts and work plan

2- OUR TEAM: in this section all the partners composing the project consortium are listed and briefly described

3- NEWS and EVENTS: this section represents the project newsletter in which the most important events and news are listed

4- DISSEMINATION: in this section the list of publications and presentations is provided

5- DOWNLOADS: through this section all the opensource project source code is available

6- CONTACTS





“

Figure 3: Snapshot of the BEBA project website





3 Standardization Activities in the BeBa Project From its inception the BEBA project targeted standardization of the its extensions of the programmability surface of software-defined network (SDN) elements. The programmability surface is exposed via the protocol facilitating the decoupling of control and user-plane in SDN. Given the continued prevalence of OpenFlow as this control protocol, the BEBA project designed and developed its control channel extensions for the OpenFlow protocol as is documented in the other deliverables. Consequently, the BEBA project also chose ONF as the primary target for our standardization activities.

To this end we have been active in two working groups of the ONF. In the Architecture WG, we ensured that the general concept of enabling the delegation of control functions from the SDN controller to network elements is permitted and mentioned in the SDN architecture document released by ONF. In the OpenDataPath WG, we propose two extensions to the OpenFlow protocol.

3.1 SDN Architecture in ONF The Architecture WG in the ONF is tasked with defining the functional blocks and the interfaces between them that are used to build a software-defined network. In the current SDN architecture [1] the ONF defines the major building blocks as applications, SDN controllers and resource groups (representing network elements) (see Figure 2 in [1]).

The OpenFlow standard so far focusses on allowing the programming of packet forwarding by exposing an interface to create, modify and delete entries in the table of the forwarding pipeline. This pipeline is assumed to be stateless and all complex control tasks such as MAC learning or responding to legacy control protocol are carried out by the SDN controller.

The BABA project targets to offload such control functions to the network elements, and establish and interface to program such control functions via the OpenFlow protocol. We presented the BEBA ideas to the Architecture WG, and agreed that this is completely supported by the architecture. On the one hand the SDN architecture does not prescribe the exact functions of a network element, and on the other hand it explicitly allows the delegation of control functions from the SDN controller to the network elements (see Section 6.5 in [1]). The ONF has not identified further architectural implications from the BEBA approach.

3.2 OpenFlow protocol in ONF

The OpenDataPath WG (previously called Extensibilty WG) has the task of defining new features in and maintenance of the OpenFlow protocol. This is the place to contribute the extensions to the OpenFlow protocol.

From the discussion in the BEBA project we identified two OpenFlow protocol extensions that should be standardized (see attached presentation).





3.2.1 Stateful packet processing (OpenState) In short what we proposed to the ONF was

• Create new “state table” type: exact match, DEFAULT if miss

• Move state in packet metadata to flow table

• Key extractor: full headers => selected bit sequence

• Actions can include state updates

• Update scope can be different from lookup scope

For further reading, interested people in the ONF were referred to [2],[3], and [4]. This proposal is also related to the “learn()” proposal and should most probably merged or aligned.

3.2.2 In-switch packet generation

Short description what this feature should do

• Create new “packet template table” type:

o Template has byte array of packet contents and metadata

• Copy instructions: Program how to change template

o Data source can be a received packet or a table (e.g. state table)

• New instruction to refer to packet from flow table

o Additional action specify what to do with the generated packet

• Option to use timers as triggers

This mechanism is described in more detail in [5].

3.2.3 Current status and next steps

Up until today we proposed both of OpenState and in-switch packet generation as an extension to be included in the OpenFlow 1.6 specification. Both of them have been accepted as work items by the ONF. In order to arrive at this point we have been presenting the general idea of both extensions at the ONF member workday in September 2015 in Santa Clara, CA. And again in the conference call in the last week of January 2016 where all proposals for OF1.6 extensions need to be presented. As per ONF ways of working two tickets (EXT-562 and EXT-563, links require a ONF JIRA account, only available to members) have been created to track and document discussion around the proposed extension. The next steps for both tickets are:





1. Finalize the text for specification of the extension. For OpenState we already have a specification level text and for in-switch packet generation we are in the process of finishing one (target for completion is April 2016).

2. Discuss in the ONF, agree on and adapt the specification text according to the agreement. For OpenState we need to negotiate a way on how to merge with the proprietary “learn()” extension implemented (but not standardized) already in OVS. Note that we have BEBA project internal work on how to implement OpenState in OVS using the “learn()” extension. This should enable us to identify advantages and disadvantages of the different proposals. For in-switch packet generation, we do not foresee the need for negotiation with an different proposal.

3. Provide an implementation prototype of the agree extension specification, that is either available as open-source or made available to the other members of the ONF.





4 Report on preliminary exploitation activities In the following we provide a summary per partner of the exploitation activities performed during the first year of the project. Even though, as expected, the consortium was more involved in S&T activities, preliminary exploitation results have been accomplished.

CNIT

CNIT is working on exploitation on both academic/scientific contributions and technical development outcomes. Since the final result of the project is an extremely innovative re-thinking of the SDN architecture, CNIT’s exploitation activities for the first year include:

1. Conference and journal publications: CNIT already published 4 papers (3 conference proceedings, 1 journal)

2. Distribution of the open source implementation of the BEBA PoC switch and controller (respectively based on widely used OpenFlow switch and controllers ofsoftswitch13 [6] and ryu [7])

3. Several bachelor’s and master’s thesis and student training opportunities 4. Part-time jobs opportunities for MS students

TCS

Thales is a company focused on innovation and uses research projects to improve its products in order to satisfy the demands of its clients. BEBA’s results will be used for its ability to do rapid prototyping in our research department and presented to the business lines in charge of the Critical Information Systems and Resilient Infrastructure Networks. Thales offering mainly relies on two interesting technological pillars:

• Cloud technologies. Thales has a network of 3,900 IT professionals and 13 Service Centers throughout France dedicated to delivering comprehensive solutions to exacting customers who want to outsource the design, development and/or operation of all or some of their information systems. High value-added results-based SLA shape the framework for Thales's customer commitments, which are anchored in integrity, security, availability, resilience and service continuity.

• Resilient network technologies. The many interconnections needed to exchange information can lead to greater vulnerability to intentional threats (cyber-attacks, for example) and accidents such as natural catastrophes. Thales's Nexium solution consists in designing and deploying complex communications architectures that guarantee availability under all circumstances, even in crisis situations, to achieve network resilience, i.e. the capacity of networks to withstand shocks and guarantee high-level end-to-end transmissions that are efficient, dependable, secure and inter-operable.





In order to meet the growing demands of Thales customers for more distributed or hybrid (private/public) information systems with a high level of security, resilience, scalability at a lower cost, Thales has identified SDN as a key enabler for the Cloud and Nexium suites. This promising technology will allow reducing the development life-cycle, increasing reactivity to face incidents (e.g., cybersecurity attacks, failures), bringing more controllability to customer applications (e.g., Network as a Service (NaaS), APIs), and supporting, through network virtualization, multiple security levels in the same infrastructure. BEBA will allow Thales to develop these two activities taking advantage of a more efficient approach for SDN networks. Some of Thales' clients are already aware of SDN and ask for solutions based on SDN architectures. This proves that Thales' involvement in this technology is beneficial. Emerging innovative technologies are of primal importance for Thales. In this context SDN, stands as the corner stone between network management and Infrastructure as a Service (IaaS) management, thus enabling NaaS. Decoupling the control plane from the hardware enables conceiving networking as software applications. BEBA improves the SDN approach with an abstraction model to program the network and push in-switch behavior programmatically, and has the goal of developing new high value-added applications in the field of monitoring and security. Thales aims at exploiting BEBA’s innovative results to develop and improve its most successful services, especially for network security and resilience. In particular, BEBA’s developments and results could be integrated into the development cycle of Thales' products relying on the SDN technology for bringing added value either during the elaboration process or in production environments.

NEC

NEC’s exploitation activities for the first project year include:

1. integration of BEBA technologies into NEC's SDN solutions to improve scalability of current SDN (OpenFlow-based) networks

2. integration of BEBA switches in NEC's solution for datacenter and carrier networks, in the context of the NEC's SDN portfolio;

3. integration of the performance improvements in software switches into the NEC's virtual switching technologies

4. extensions of the security-related use cases developed during the project for the deployment in industrial, mission-critical networks

6WIND

BEBA’s results will be used to create new optimized algorithms of networking stacks in order to keep sustaining high performances for SDNs and NFV use cases such as 4G and 5G networks, new access networks. The main exploitation opportunity for 6wind (which will be concretized in the second year of the project, when all S&T activities will be concluded) will be the extension and performance improvements in their accelerated software data plane solutions.





CESNET

CESNET’s plan to exploit BEBA’s results in its own production network is necessarily depending on the successful accomplishment of the real world trial activity in the frame of WP6 (which has started at the end of year 1).

Nevertheless, since CESNET is the association of Czech universities, thus also an academic organization, it has preliminarily exploited BEBA’s results through contribution to scientific conferences (in particular 1 publication and 1 submission under review).

KTH

KTH, as a pure academic partner, has completely exploited the BEBA’s results to increase increase their standings and ranking in the academic area. In particular, even if not yet published, two submissions to SDN to key scientific conferences have been realized.

More over, a preliminary plan (for the first semester of the academic year 2016-2017) to update the teaching material with the latest BEBA’s technological achievements in the field of SDN has been realized so as to improve the quality of the offered studies.





References [1] ONF, SDN Architecture, Issue 1.1, 2016, ONF TR-521

[2] http://openstate-sdn.org/

[3] http://openstate-sdn.org/pub/openstate-ccr.pdf

[4] https://github.com/OpenState-SDN/openstate-spec/releases

[5] R. Bifulco, J. Boite, M. Bouet, F. Schneider, Improving SDN with InSPired Switches, accepted for publication in SOSR’16

[6] “OpenFlow 1.3 Software Switch,” http://cpqd.github.io/ofsoftswitch13/.

[7] “RYU software framework,” http://osrg.github.io/ryu/

beba behavioural based forwarding deliverable report d7.1 ... · 1.0 29/02/2016 bonola cnit final...

Documents