towards wide-area network virtualization panagiotis papadimitriou leibniz universität hannover with...
TRANSCRIPT
Towards Wide-Area Network Virtualization
Panagiotis Papadimitriou
Leibniz Universität Hannover
With acknowledgments to Zdravko Bozakov, David Dietrich, Amr Rizk (Leibniz Universität Hannover)
Laurent Mathy (University of Liege)
Christoph Werle, Roland Bless (Karlsruhe Institute of Technology)
Dagstuhl Seminar on Future Internet
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Introduction
Increasing need for wide-area network service deployment
Network service deployment in the existing Internet infrastructure: Wide-area deployment without any performance or reliability guarantees Performance and reliability for services deployed at an ISP
Deployment limited to the ISP’s geographic footprint
How can we enable the coexistence of multiple service-tailored networks at large scale?
2
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Network Virtualization: An Enabler
3
Management of Virtual Networks
Provisioning of Virtual Networks(on-demand instantiation of virtual networks)
PhysicalInfrastructure
VirtualizedSubstrate
VirtualNetwork
VirtualNetwork
Virtualization of Resources(partitioning of physical infrastructure into “slices”)
Management of Virtual Networks
Provisioning of Virtual Networks(on-demand instantiation of virtual networks)
PhysicalInfrastructure
VirtualizedSubstrate
VirtualNetwork
VirtualNetwork
Virtualization of Resources(partitioning of physical infrastructure into “slices”)
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Roles and Actors
4
Service Provider
Service Provider (SP) Deploys services on VNs
Infrastructure Provider (InP) Owns and manages the physical
infrastructure Leases resources for VNs
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
VN Request
Roles and Actors
5
Service Provider (SP) Deploys services on VNs
Infrastructure Provider (InP) Owns and manages the physical
infrastructure Leases resources for VNs
Service Provider
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Roles and Actors
6
Service Provider
?
Service Provider (SP) Deploys services on VNs
Infrastructure Provider (InP) Owns and manages the physical
infrastructure Leases resources for VNs
VN Request
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Roles and Actors
7
Service Provider
Service Provider (SP) Deploys services on VNs
Virtual Network Provider (VNP) Assembles resources from one or
multiple InPs into a VN
Infrastructure Provider (InP) Owns and manages the physical
infrastructure Leases resources for VNs
VN Provider
VN Request
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Challenges
8
Service Provider
VN Provider
Limited knowledge of the substrate network: Substrate network topology Substrate resource availability
Interoperability between InPs: Inter-domain virtual link setup
VN Request
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Substrate Network Visibility
9
?
?? VN Provider‘s visibility on substrate
network topology and resources is limited to:
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Substrate Network Visibility
10
VN Provider‘s visibility on substrate network topology and resources is limited to:
Offered virtual node types (similar to Amazon EC2)
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Substrate Network Visibility
11
VN Provider‘s visibility on substrate network topology and resources is limited to:
Offered virtual node types (similar to Amazon EC2)
Location of peering nodes
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Substrate Network Visibility
12
VN Provider‘s visibility on substrate network topology and resources is limited to:
Offered virtual node types (similar to Amazon EC2)
Location of peering nodes
Cost for sending traffic between peering nodes
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
VN Request Description
VN topology (undirected weighted graph) as VN request description:
Introduces constraints in VN embedding
SPs may prefer a higher level of abstraction
Alternative VN request descriptions:
Bandwidth demands expressed by a traffic matrix
Hose model
13
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Multi-Domain Virtual Network Embedding
14
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Multi-Domain Virtual Network Embedding
Resource Assignment
Resource Matching
VN Request
VN Setup
15
VN Request Partitioning
Resource Allocation
InP
VN Provider
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Multi-Domain Virtual Network Embedding
Resource Assignment
Resource Matching
VN Request
VN Setup
16
VN Request Partitioning
Resource Allocation
InP
VN Provider
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Resource Matching
17
VN Provider matches requested to advertised resources Candidates for each requested
resource are identified
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Resource Matching
18
VN Provider matches requested to advertised resources Candidates for each requested
resource are identified
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Resource Matching
19
VN Provider matches requested to advertised resources Candidates for each requested
resource are identified
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Resource Matching
20
VN Provider matches requested to advertised resources Candidates for each requested
resource are identified
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Resource Matching
21
VN Provider matches requested to advertised resources Candidates for each requested
resource are identified
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
VN Request Partitioning
22
VN Provider partitions the VN request among InPs
Objective: Minimize the expenditure for the Service Provider
Output: VN segment requests (virtual nodes assigned to peering nodes, bandwidth demands)
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
VN Request Partitioning
23
VN Provider partitions the VN request among InPs
Objective: Minimize the expenditure for the Service Provider
Output: VN segment requests (virtual nodes assigned to peering nodes, bandwidth demands)
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
VN Request Partitioning
24
VN Provider partitions the VN request among InPs
Objective: Minimize the expenditure for the Service Provider
Output: VN segment requests (virtual nodes assigned to peering nodes, bandwidth demands)
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Resource Assignment
25
Each InP maps its assigned VN segment onto its substrate network:
VN segment mapping should comply with the virtual node to peering node bindings
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
VN Embedding Efficiency with LID
Comparison method:
Limited information disclosure (LID) vs. full information disclosure (FID)
VN embedding cost
VN request acceptance rate
26
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Extra Cost under LID
27
LID incurs15-30% extra cost
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Origins of Extra Cost
28
Extra cost is correlated with extra link cost Extra link cost is due to longer paths
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
VN Request Acceptance Rate
29
Lower VN acceptance rate and revenue for InPs under LID
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup
30
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup
Objective: Interoperable solution for virtual link setup with QoS guarantees across
InPs
Approach: Couple virtual link setup signaling with QoS reservation signaling for
efficiency Rely on existing QoS resource reservation protocol (IETF NSIS) Add new object to NSIS QoS NSLP to carry the required information
for virtual link setup
Requirements: NSIS support in routers IP-based substrate New QoS NSLP object support (only) in virtual link end-points
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Protocol (VLSP)
NSIS QoS NSLP extension with new Virtual Link Setup Protocol (VLSP) object: Virtual link setup at the end-points via VLSP Resource reservation and QoS via NSLP object at the intermediate nodes
Virtual Network ID
Source Virtual Node ID
Destination Virtual Node ID
Source Virtual Interface ID Destination Virtual Interface ID
Virtual Link ID (optional) Virtual Link Type (optional)
640 127
GIST
TCP/UDP/…
QoSNSLP
VLSP
IP
NTLP
NSLP
VLSP object NSIS QoS NSLP/VLSP
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
eth1IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
eth1IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
2. Initialize virtual link setupVM1@A VM1@B
eth1IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
3. RESERVE+ VLSP Object
2. Initialize virtual link setupVM1@A VM1@B
eth1IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
3. RESERVE+ VLSP Object
4. Ignore VLSP object, perform admission control
2. Initialize virtual link setupVM1@A VM1@B
eth1IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
3. RESERVE+ VLSP Object
5. RESERVE+ VLSP Object
4. Ignore VLSP object, perform admission control
2. Initialize virtual link setupVM1@A VM1@B
eth1IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
3. RESERVE+ VLSP Object
5. RESERVE+ VLSP Object
4. Ignore VLSP object, perform admission control
2. Initialize virtual link setupVM1@A VM1@B
6. Setup virtual linkVM1@A VM1@B
eth1IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
3. RESERVE+ VLSP Object
5. RESERVE+ VLSP Object
4. Ignore VLSP object, perform admission control
2. Initialize virtual link setupVM1@A VM1@B
7. RESPONSE
6. Setup virtual linkVM1@A VM1@B
eth1IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
3. RESERVE+ VLSP Object
5. RESERVE+ VLSP Object
4. Ignore VLSP object, perform admission control
2. Initialize virtual link setupVM1@A VM1@B
7. RESPONSE
6. Setup virtual linkVM1@A VM1@B
eth1
8. Reserve resources
IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
3. RESERVE+ VLSP Object
5. RESERVE+ VLSP Object
4. Ignore VLSP object, perform admission control
2. Initialize virtual link setupVM1@A VM1@B
7. RESPONSE
9. RESPONSE
6. Setup virtual linkVM1@A VM1@B
eth1
8. Reserve resources
IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Virtual Link Setup Workflow
NSISDaemon
Router X
eth0
IP forwarding
eth0
ManagementDaemon
NSISDaemon
VM2VM1
InPManagement
Node
Router A Router B
eth0
vif1
VM2
Multiplexing/QoS Multiplexing/QoS
1. Setup virtual link from VM1@A VM1@B
3. RESERVE+ VLSP Object
5. RESERVE+ VLSP Object
4. Ignore VLSP object, perform admission control
2. Initialize virtual link setupVM1@A VM1@B
7. RESPONSE
9. RESPONSE
6. Setup virtual linkVM1@A VM1@B
eth1
8. Reserve resources
10. Setup virtual linkVM1@A VM1@B
virtual link
IP in IP tunnel
VM1
vif1
ManagementDaemon
NSISDaemon
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
SDN Virtualization
44
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
SDN Virtualization
Tenants are granted virtual networks with limited control and access on network devices
45
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
SDN Virtualization
Tenants are granted virtual networks with limited control and access on network devices
Solution: Virtual networks programmable as SDNs (vSDNs)
SDN virtualization benefits:
Tenants: Advanced control and access on network slices
Providers: New cloud computing model:
SDN as a Service (SDNaaS)
46
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
SDN Virtualization Challenges
Automation of vSDN setup vSDN mapping Transparent allocation of isolated flowspaces
Selection of identifiers Generation and installation of flow entries for packet forwarding and
encapsulation Binding traffic to logical context using tagging
Transparent vSDN operation Translation of references to logical/physical resource identifiers to
appropriate context Policy control to prevent access to unauthorized vSDN resources
Scalability of hypervisor Distribution of vSDN configurations across multiple controllers
47
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
SDN Hypervisor Overview
Distributed hypervisor Multiple autonomous controller
proxies Coordinated by management
module
Dataplane segmentation Multiple SDN domains Switches within a domain controlled
by the same controller proxy
48
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
SDN Hypervisor Design Challenges
Collaboration among controller proxies for operations across multiple SDN domains
Dynamic segmentation of SDN as vSDNs are provisioned or released
Support for arbitrary vSDN topologies
Suitability of existing virtual network embedding algorithms for vSDN mapping
49
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet
Conclusions
Multi-domain VN embedding with VNPs: Suboptimality due to limited information disclosure
One example of emerging business models that require separation between the network operations and the physical infrastructure
Will VNPs materialize or a single InP will prevail (Amazon)?
New cloud computing models may emerge from SDN virtualization Scalable SDN hypervisor design entails significant challenges
50
Towards Wide-Area Network VirtualizationDagstuhl Seminar on Future Internet 51
Thank you!Panagiotis Papadimitriou
E-mail: [email protected]
WWW: http://www.ikt.uni-hannover.de/