eduard grasa fundació i2cat

Eduard GrasaFundació i2CAT

MANTICORE II: IP Network as a Service pilots at HEAnet, NORDUnet and RedIRIS

Motivation: Separate infrastructure ownership and maintenance from usage• Today’s example: cloud computing

2

I need more computing power to run my business

Option A: Buy hardware

Option B: Get some VMs from a

cloud provider

What if I want to provide network services?

3

Network Service Provider

Option A: Buy hardware

Option B: Get some sort of VPN

(It’s ok, but I loose features compared to Option A)

Option C: Any equivalent of “just get

some VMs from a cloud provider”?

A possible option C (I)

4


Marketplace

I want a network with POPs @ sites A, B, C:• POP A requirements: …• POP B requirements: …• POP C requirements: …Interconnection between POPs at X Gbps, maximum delay of Y ms.

Ok, I’ll see what I can find!

A possible option C (II)

5

Marketplace

Let’s search the infrastructure providers offerings

Infrastructure Provider


Infrastructure Providers have previously published their offerings

at the market, with the usage conditions (Price, SLA)

A possible option C (III)

6


Marketplace

Ok, here’s your network, it will cost you X € per day, let’s go to Paypal to finish the transaction. You’ll receive an email with the details about your network, with the contact information of your providers and a link to a management application.

Cool! I’ll configure the network addressing, internal routing, firewalls and external routing policies, and will be ready for my customers!

A possible option C (IV)

7


Nice! My customers can request the setup of their own services and administer them without annoying me… Thanks automation!Customer A

Brilliant! I can setup a new VPN through a web page, I don’t even have to send an email to the network admin!

Customer B

Cool, We can configure our own routing policies in our virtual CPE… Without buying any hardware!

So it’s all about IaaS and automation

• Is this scenario possible? practical? • What sort of tools would be required to help this scenario

become a reality?• What use cases would this technology make possible?• What relationships would the different actors have?• Is this feasible in a research environment? And in a

commercial environment?

8


Marketplace



Customer

Overview• MANTICORE research timeline

• Current work: MANTICORE II

• (Near) Future work: MANTYCHORE FP7

9

MANTICORE Projects Timeline

10

2007 2008 2009 2010 2011 2012 2013 2014

MANTICORE I MANTICORE II MANTYCHORE ?

Proof of concept of the management tools – IP Networks with routers only

Demo at TNC 2008

Definition of the scenario for a NREN use case

Robust, modular implementation of the management toolsPilot tests at 3 NRENs: HEAnet, NORDUnet and RedIRIS Initial marketplace design and simulationFirst commercial study

Tools enhancement to increase scope to layer 2 and layer 1 (complete IP Network)Pre-operational services with real users. Initially 3 user communities: e-health, Grid, Media.In depth commercial feasibility study by an operatorMarketplace implementationResearch on zero-carbon infrastructures, collaborate with GSN

Self funded: 120 k€ + equipment loans

Self funded: 200 k€ + equipment donation

In negotiations with EC (FP7): 1.4 M€




11

Manage parallel networks sharing the same substrate

Physical Router

Router Instance (may be a physical router)

Physical Link

User Site

Each user’s IP network is represented by a different color

Each router instance can be temporarily owned by a different user (router instances

offered as IaaS)

IP Networks can be made of router instances from different providers

12

Other user’s IP Network or the

Internet

Logical Link (may be a full physical link)

• Infrastructure Provider: The infrastructure owner. Assigns permissions to the infrastructure resources so that external users can control them. In MANTICORE II, infrastructure providers are NRENs (HEAnet, NORDUnet, RedIRIS) providing control over physical or virtual routers.

• Service Provider: Gains access to several infrastructure instances and aggregates them under his management domain, providing an IP Network Service to their users.– E.g. Can be the NREN– E.g. Can be someone that wants to provide an IP Network Service for a specific task (e.g. to

carry out a research project, to support a distributed research community).

• End user: Uses the IP Network Service. Has access to modify the characteristics of the service: addressing, internal routing, external routing,

• Marketplace: Acts as a broker between the different actors. They can also interact directly, but marketplaces facilitate multiple parties interaction.

13

Actors in Manticore II

How does the tool look like?Inventory view

14

How does the tool look like?Creating a router instance

15

How does the tool look like?Managing permissions

16

How does the tool look like?IP Network View / IP Network Permissions

17

How does the tool look like?Configuring BGP

18

19

Pilot plans: HEAnet• Goal: Use MANTICORE software to provide a virtualized CPE to a

pseudo-customer site. Timeframe: June 14th – July 26th

• Physical CPEs land the BGP session from the NREN and provide a service demarcation point. Configuration of the CPE is mainly owned by the customer.

• The CPE will be provided through logical routers, and MANTICORE will allow authenticated customers to modify its configuration

HEAnet Core

Ethernet p2p link

Ethernet p2p link

Access router(MANTICORE)

End Station (Pseudo customer site)

HEAnet test lab

20

Pilot plans: HEAnet (II)

• First scenario: Single virtual CPE. The CPE will have 2 uplinks to the core, will advertise the customer address space and will accept a default route on each interface.

• Steps that will be accomplished in this scenario:– HEAnet admin will use MANTICORE with administrative privileges to provision the virtual CPE on the

access router– HEAnet admin will delegate control of the virtual CPE to the pseudo customer user– The pseudo customer user will configure the logical router to meet the functionality of a single CPE as

specified above, including BGP session to the core, and addressing for the end station

– Demonstrate connectivity between the end station and the Internet

End Station (Pseudo customer site)To HEAnet core

To HEAnet core

Virtual CPE

21

Pilot plans: HEAnet (III)

• Second scenario: Two virtual CPEs. Each CPE will have an uplink to the core, advertise the address space and accept a default route each one. They will peer with iBGP, and provide each one a link to the end station, and use VRRP to provide resilient access.

• Steps that will be accomplished in this scenario:– HEAnet admin will use MANTICORE with administrative privileges to provision the virtual CPEs on the access

router– HEAnet admin will delegate control of the virtual CPE to the pseudo customer user– The pseudo customer user will configure the logical router to meet the functionality of the CPEs as specified

– Demonstrate connectivity between the end station and the Internet, even in the case of the failure of one of the two virtual CPEs

End Station (Pseudo customer site)

To HEAnet core

Virtual CPE

To HEAnet core

Virtual CPE

22

Pilot plans: NORDUnet• Goal: MANTICORE as a NOC tool for provisioning virtual network

elements and provide virtual network resources for for customers. Timeframe: July 1st – August 15th

• Phased approach:

– Phase 1: The tools will primarily be used in our lab setup for managing our courses and other activities that need easy deployment of virtual test networks (MANTICORE II scope)

– Phase 2: Trials for advanced users and projects will be run lab resources and the pan-Nordic dynamic end-2-end services testbed.

– Later phases we will involve Nordic NREN networks.

23

Pilot plans: NORDUnet (II)• Initial setup and introduction

– Install the software– Enable provisioning on lab equipment– Investigate authentication options

• Document and simulate service deployment within NORDUnet NOC– Document the setup– Create procedures for the NOC– Trial allocation of network elements, provisioning of virtual networks, and virtual network

administration

• Provision virtual network to a test customer– Simulate a customer order– Run through the deployment process created in the last step

– Simulate customer traffic on the virtual network.– Evaluate and write pilot report

• Goal: Use MANTICORE to enable PASITO partners to control the routing hardware in the testbed. Timeframe: June 14th – July 16th

• PASITO (Plataforma de Ánalisis de Servicios de Telecomunicaciones) is a spanish platform dedicated to the testing and validation of new Internet services and protocols.

• RedIRIS is going to integrate MANTICORE in the RedIRIS POP of the PASITO network, providing virtualised equipment to all the partners involved in such network.

24

Pilot plans: RedIRIS

• The pilot test will showcase:– PASITO Administrator (RedIRIS) creates a logical router– PASITO Administrator (manually still) configures L2

connectivity to the logical router– PASITO Administrator gives permissions to the PASITO partner

(i2CAT) to control the router– PASITO partner uses the PASITO router to extend its test

network, therefore it configures the PASITO router to talk to the router at i2CAT’s premises

25

Pilot plans: RedIRIS (II)




26

MANTYCHORE FP7 Overview• What? Main goal

– Provide the European research community with IP Networks as a Service over the NRENs e-Infrastructure for the benefit of their research activities, enhancing the quality of the tools available for European Research and increasing the research capabilities and participation of researchers.

• Who? 7 partners– Project Coordinator and tool developer: i2CAT Foundation – 2 NRENs: HEAnet , NORDUnet– 3 users: UNI-C , University of Essex , Trinity College Dublin– 1 commercial operator: Telefónica I+D

• How? Requested to the EC ~1.4M€ in funding to perform 7 activities– 3 NAs: NA1-Project Management; NA2-Dissemination, Exploitation,

Standardization and Liaisons; NA3-Consolidating the user community and users training.

– 2 SAs: SA1-MANTICORE software refinement; SA2-MANTICORE services for virtual research communities

– 2 JRAs: JRA1-Infrastructure resources marketplace; JRA2-Zero Carbon emission virtual infrastructures.

27

Initial users: e-Health, Media and Grid

28

IP Network as a Service

Grid Site

1

Grid Site

2

VMsVM

VM V

M

VMsVM

VM V

M

Grid Site

3

VMsVM

VM V

M

Grid Site

4

VMsVM

VM V

M

Grid Site

5

VMsVM

VM V

M

Grid Site

6

VMsVM

VM V

M

Grid-Ireland “Cloud Layer”, TCD Improving the Health Data Network,

Dedicated IP Networks to support media services,

Fixed connections + VPNs

+ MANTICORE managed

IP Networks

router

router

router

ConnectionAgreement

System

Site 1

router

Site 2

routerAuthorized User

29

Project Outcomes• MANTICORE Toolset (binaries + source code):

– MANTICORE Server– Web application for administrators and users

• Operational experience on providing IP Networks as a Service in NRENs• User experience and feedback on using the service in 3 different areas

(e-Health, Media, Grid) and evaluation of the commercial potential of the service (Telefónica I+D)

• Research and Experimentation results:– Clean energy powered e-Infrastructures, energy metering, impact of virtual

infrastructure relocation on the user experience.– Resource marketplaces as a mechanism for automatically negotiating and

allocating infrastructure resources.

• Results delivered by a mature consortium that has been working since 2007 to deploy operational IaaS network services.

• IP Network as a Service fully encompasses the vision of a Future Internet built on services and virtualization technologies.

• How it will be achieved:– HEAnet and NORDUnet will offer pre-operational services to virtual

research communities– 3 different research communities (e-Health in Denmark, Grid in Ireland

and media in the UK) will use the IP Network services and evaluate how they facilitate their research activities (in terms of flexibility, efficiency, budget savings, …)

– Telefonica I+D will carry out a study on the feasibility of using MANTICORE services in a commercial environment, from an operator’s point of view

– Collaboration with other projects and NRENs to bring MANTICORE services to the maximum number of users (letters of support from redIRIS, DANTE, SURFnet, JAnet, Sigmanet, OSAMI-commons, Clarin, IBBT)

30

Enable HEAnet and NORDUnet to provide IP Network Services to their customers through the MANTICORE tools, enhancing their service portfolio; thus providing virtual research communities with a useful service that can improve their research activities and optimize the efficiency of use of e-Infrastructures.

Objective 1: IP Network as a Service

• How it will be achieved:– Integration of MANTICORE II results with Argia and Ether

• Integration of all the engine drivers: The IaaS Framework engine module provides a model to manage and configure any device model of any vendor. This integration will allow the management and configuration of devices at layers 1, 2 and 3 of the OSI model.

• Integration of all web services: This integration will provide a unified remote interface to be able to access layer 1-3 based network services.

• Integration of all UI modules: Users and administrators will be able to request the integrated layer 1-3 services or manage them by using a single GUI.

– Software refinement based on requirements of the NRENs and user communities• The software will be customized to make sure it fulfils the needs of all the project

stakeholders

31

Refine and expand the MANTICORE services provided by means of integrating the results of the privately funded MANTICORE II project with the IaaS Framework based solutions for optical (Argia) and Ethernet/MPLS networks (Ether); thus being able to provide integrated services at levels 1-3 to the research community.

Objective 2: Integrated Layer 1-3 services

• How it will be achieved:– Study and simulation of the different mechanisms required to

implement the resource marketplace (resource publication, request submission and resource matchmaking and allocation mechanisms)

– Implementation of a marketplace prototype, and integration with the SA1 software.

– Deployment of the prototype, and use of it as a means for the user communities to discover and access HEAnet’s and NORDUnet’s resources.

32

Innovate in the business model used in services based on IaaS, establishing a marketplace where all Infrastructure Providers can publish their available resources with their usage conditions (SLA, price), and all customers can automatically negotiate the SLAs getting the best resource combination for their needs.

Objective 3: Marketplace for resource trading

33

The Green Star Network (GSN)Canadian consortium to research how to lower ICT CO2 emissions

• GSN project deliverables:– GSN: An open architecture ICT

service delivery network

– Sales of Carbon credits by relocation of service implementation within GSN

– Open source middleware that optimizes the use of ICT resource powered by renewable energy sources

– Use cases, white papers, and business resources for GSN dissemination, sustainability and growth

• How it will be achieved:– GSN uses virtualization technologies to allow the nodes in a network (both

hosts and network devices) to change its location based on renewable energy availability (hidro, solar, wind).

– MANTICORE and GSN will collaborate in a joint experimentation to identify and try to address the issues of having the nodes in the network powered by unreliable power sources.

– MANTICORE and GSN will use a joint infrastructure, with some nodes powered by renewable energy sources, to experiment with and validate the scenarios identified by both projects.

34

Use MANTICORE services to contribute to the research performed in the GreenStar Network (GSN) project to enable carbon-neutral infrastructures.

Objective 4: Carbon neutral e-infrastructures

• Target:– Evaluate the likehood of success of MANTICORE services in a

commercial environment and elaborate a business plan. • Activities:

1. Analyze market situation for IaaS services (commodities, prices, supply and demand, trends, revenue models, size …)

2. Identify:• Market actors:

– Stakeholders: e.g. network providers, infrastructure providers, vendors, …– Potential Users: e.g. academic communities, scientific corporations, distributed

business, …– Incoming actors: e.g. city councils, virtual operators, …

• MANTICORE services:– Direct: Router as a Service and IP Network as a Service.– Derivative: new customized and dynamic connectivity services.

• Competitors and Risks.

35

MANTICORE Commercial ExploitationTID Feasibility study of commercial MANTICORE services (I)

3. Analyze applicability in an operator’s ecosystem.• Suitability• Applicability • Feasibility

4. Elaborate business model based on:• Developed marketplace (JRA1) where all infrastructure providers can

announce available resources and all customers can automatically negotiate SLAs in order to get the best combination of resources.

– Short term business case: NRENs announce resources and conditions of usage to researchers

– Mid/long term: Porting MANTICORE tools and services to commercial plane, i.e., European ICT businesses.

• The study of deployment and operation of MANTICORE services (SA2)

36

MANTICORE Commercial ExploitationTID Feasibility study of commercial MANTICORE services (II)

Thank you for your attention

Questions?

MANTICORE II Teami2CAT: Sergi Figuerola, Pau Minoves,

Xavier Barrera, Carlos Baez, Laia Ferrao, Eduard Grasa

HEAnet: Victor Reijs, Dave WilsonNORDUnet: Lars Fischer, Per Nihlen,

Linus NordbergRedIRIS: Alberto Escolano, Tomás P.

de Miguel

University of Essex: Dimitra Simeonidou, Chinwe Abosi, Reza Nejabati

Telefonica I+D: Isidro Cabello, Cristina Peña, David Ortega

Juniper: Jean Marc UzéCisco: Klaas Wierenga, Chris Lonvick,

Steve Wolff

eduard grasa fundació i2cat

Documents

network services

slaa possible option

possible option c iv

option aoption c

network admin

scenario possible

pop c requirements

pop b requirements