scalable, efficient, personalized, end-to-end qos provisioning polyrakis andreas [email protected]...
TRANSCRIPT
![Page 1: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/1.jpg)
Scalable, efficient, personalized, end-to-end
QoS Provisioning
Polyrakis [email protected]
Dimitrios Kalogeras [email protected]
21.03.2002
GRNET - NTUA
![Page 2: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/2.jpg)
Contents
Motives & Targets Approach LAN Archtiecture WAN Architecture Demo
![Page 3: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/3.jpg)
Motives Issues in QoS Provisioning
Personalization vs Automation • (LDAP policies)
Personalization vs Scalability • (personalized policies inter-domain signaling)
Scalability vs Automation • (DiffServ RSVP)
Automation vs Personalization• (RSVP LDAP)
Requirements Scalable Personalized Automated (efficient) End-to-End
![Page 4: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/4.jpg)
Projects’ Targets
«Almost» Automatic QoS Provisioning per User /Application Almost ~
• Atomated Administratevelly• (Semi) automated from user
Personalized service Allocation from Administrator User’s request
End-to-End (inter-domain)
![Page 5: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/5.jpg)
Basic Assumptions
Approach LAN – WAN WAN: Architecture Diffserv LAN: Architecture RSVP
A Border router (congestion) in LAN Internal LAN Overprovisioned – GigE Congestion on egress of WAN’s POPs
![Page 6: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/6.jpg)
Approach
LAN problem Authentication Personalization Signaling
DiffServ marking of egress traffic Check ingress traffic BEFORE admitting
![Page 7: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/7.jpg)
Trust Model
Egress - Shengen Model Check on Exit
Ingress – Visa Model Check on entrance
I.e.: Gold traffic between NTUA UoP Check fron NTUA on Exit Free transit in GRnet Check from UoP on entrance
![Page 8: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/8.jpg)
End-2-End?
LANLAN
DiffServ Domain
Tower PC
Laptop computer
Server
Server
Server
QoS Request Accept and Process from LAN PDP LAN Installation- Automatic Reception from WAN Reception of reverse traffic on WAΝ’s PoP Symmetric Procedure on the other end provides
Bidirectional end-2-end Qos
![Page 9: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/9.jpg)
LAN Approach
![Page 10: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/10.jpg)
Modelling Profiles
Set of allowed QoS configuration• Assigned (default QoS Policy)• Requested (Rights for QoS Requests)
Application of Profiles on Users Policies
Logging of requirements Application of Policies on routers
Policies + Profiles + Authentication info (+user requests) Implementation of Targets
![Page 11: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/11.jpg)
Implementation – Policies
QoS Policy – Modular QoS CLI (MQC) Classes – group of traffic with ACLs Action – “priority – Bandwidth” Olympic Metal “Gold, Silver, Bronze” Preconfigured ratio G-S-B
![Page 12: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/12.jpg)
Implementation - LDAP Profiles
Flow Description , Possible CLasses)
Assigned – Requested More conditions
Users ε profilesName LocalIP LocalPort RemoteIP RemotePort Protocol Direction Type Class MaxDayUser MaxDayTot Between
Req Gold TCP 0.0.0.0/0 all 0.0.0.0/0 all tcp both R Gold 15 60 00:-24:00Req Gold UDP to ntua 0.0.0.0/0 all 147.102.0.0/16 all udp both R Gold 15 60 07:00-17:00
Req Silver IP 0.0.0.0/0 all 0.0.0.0/0 all all both R Silver 15 60 07:00-17:00Assigned Silver FTP 0.0.0.0/0 all 0.0.0.0/0 all FTP both A Silver 40 180 00:-24:00
user Profileapolyr Req Gold TCPapolyr Req Gold UDP to ntuaapolyr Req Silver IPapolyr Assigned Silver FTPkkalev Req Gold TCPdkalo Req Gold TCPdkalo Req Gold UDP to ntuadkalo Req Silver IPdkalo Assigned Silver FTP
user Name LocalIP LocalPort RemoteIP RemotePort Protocol Direction Type Classapolyr Req Gold TCP 0.0.0.0/0 all 0.0.0.0/0 all tcp both R Goldapolyr Req Gold UDP to ntua 0.0.0.0/0 all 147.102.0.0/16 all udp both R Goldapolyr Req Silver IP 0.0.0.0/0 all 0.0.0.0/0 all all both R Silverapolyr Assigned Silver FTP 0.0.0.0/0 all 0.0.0.0/0 all FTP both A Silverkkalev Req Gold TCP 0.0.0.0/0 all 0.0.0.0/0 all tcp both R Golddkalo Req Gold TCP 0.0.0.0/0 all 0.0.0.0/0 all tcp both R Golddkalo Req Gold UDP to ntua 0.0.0.0/0 all 147.102.0.0/16 all udp both R Golddkalo Req Silver IP 0.0.0.0/0 all 0.0.0.0/0 all all both R Silverdkalo Assigned Silver FTP 0.0.0.0/0 all 0.0.0.0/0 all FTP both A Silver
user Name MaxDayUser MaxDayTot Betweenapolyr Req Gold TCP 15 60 00:-24:00apolyr Req Gold UDP to ntua 15 60 07:00-17:00apolyr Req Silver IP 15 60 07:00-17:00apolyr Assigned Silver FTP 40 180 00:-24:00kkalev Req Gold TCP 15 60 00:-24:00dkalo Req Gold TCP 15 60 00:-24:00dkalo Req Gold UDP to ntua 15 60 07:00-17:00dkalo Req Silver IP 15 60 07:00-17:00dkalo Assigned Silver FTP 40 180 00:-24:00
PDPMonitoring &Accounting
![Page 13: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/13.jpg)
Implementation – User Interface
Thin Client – Fat Server Web application
Secure Authentication ( Username, Password), secure cookies, One-Time Passwords
Soft-state (RSVP Like) Signaling (manual)
• Automated signaling via RSVP not yet implemented
![Page 14: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/14.jpg)
Implementation – Policy Server
Central Server Policy Decision Point (PDP) Data Base
![Page 15: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/15.jpg)
Implemetation - DataBase
Authentication Information Registered resources from (IP, Ports) User Profiles from LDAP User’s Request
ACL for (MQC)
• Furthermore: Statisitics, monitoring data
![Page 16: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/16.jpg)
Implementation - PDP Data Combination in DataBase ACLs Creation Uploading ACLs on router
Step 1: Database clean up expired users ( authenticated resources) expired requests, requests of expired deleted users of policies of deleted users Of policies with class not matching acls
Step 2: monitoring-accounting application. Policy inactivation when daily usage has expired
user Class User’s profile
Step 3: Revision of acl table Deletion if old rows Rename of old entries to new ones Creation of new rows
Step 4: Creation of incoming and outgoing acl Step 5: Upload of acls on TFTP and HTTP server Step6 6: Comand router to download outgoing acl
![Page 17: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/17.jpg)
host
Directory
Custom SBM
Authentication
Monitoring
QoSSignaling
Router
Policy Server
Policy Decision Point(PDP)
DB
Device-SpecificWrapper
Basic LAN Architecture
![Page 18: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/18.jpg)
WAN Approach
![Page 19: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/19.jpg)
Extension of QoS Requests on Backbone
Installation of incoming policy of every member according to his requirement
Configuration of every member on backbone LDAP Connected Router Static / Dynamic Policy
• Dynamic {url, refresh rate}
Communication with member PDP Easy application on Internet connection
(Geant) Policy communication with ( HTTP)
![Page 20: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/20.jpg)
WAN - Architecture
Directory
Policy Server
NRN
NRN
NRN
NRN
UpStream
NRN’s PoliciesLDAP PoliciesConfiguration Commands
![Page 21: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/21.jpg)
Extension of QoS on Remote side
Check Incoming policy from every member Autonomy NO Backbone management (installation …)
Symmetric implementation on outgoing policy
Extension: Automatic Installation of reverse direction SLAs Between members Between members and GRNET
![Page 22: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/22.jpg)
Demohttp://linux.noc.ntua.gr/qos
![Page 23: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/23.jpg)
Acknowledgements
Kostas Kalevras Thanasis Douitsis
Rania labrou
![Page 24: Scalable, efficient, personalized, end-to-end QoS Provisioning Polyrakis Andreas apolyr@noc.ntua.gr Dimitrios Kalogeras dkalo@noc.ntua.gr 21.03.2002 GRNET](https://reader035.vdocument.in/reader035/viewer/2022081603/56649e4f5503460f94b464b6/html5/thumbnails/24.jpg)
Ευχαριστούμε!!!
?Ερωτήσεις ????