SDN use case 1: VPN Fengkai Li.

Slides:



Advertisements
Similar presentations
All rights reserved © 2000, Alcatel 1 CPE-based VPNs Hans De Neve Alcatel Network Strategy Group.
Advertisements

Guide to Network Defense and Countermeasures Second Edition
© 2006 Cisco Systems, Inc. All rights reserved. MPLS v2.2—4-1 MPLS VPN Technology Introducing VPNs.
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
Agenda Virtual Private Networks (VPNs) Motivation and Basics Deployment Topologies IPSEC (IP Security) Authentication Header (AH) Encapsulating Security.
Chapter 10 Virtual Private Networks. VPN Defined  A segment of the public network made to appear part of a private network so that it can be used to.
MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
Draft-li-mpls-network-virtualization-framework-00IETF 88 SPRING WG1 Framework of Network Virtualization Based on MPLS Global Label draft-li-mpls-network-virtualization-framework-00.
Vic Liu Liang Xia Zu Qiang Speaker: Vic Liu China Mobile Network as a Service Architecture draft-liu-nvo3-naas-arch-01.
FINAL YEAR PROJECT. FINAL YEAR PROJECT IMPLEMENTATION OF VPN USING IPSEC.
MPLS Concepts Introducing Basic MPLS Concepts. Outline Overview What Are the Foundations of Traditional IP Routing? Basic MPLS Features Benefits of MPLS.
XRBLOCK IETF 85 Atlanta Network Virtualization Architecture Design and Control Plane Requirements draft-fw-nvo3-server2vcenter-01 draft-wu-nvo3-nve2nve.
Draft-ietf-l3sm-l3vpn-service-model S. Litkowski R. Shakir L. Tomotaki K. D’Souza.
MPLS Virtual Private Networks (VPNs)
Kurt Jung – Sr. Research Analyst KEMP Technologies
SDN-O LCM for Mercury Release Key Points and Overview
Virtual Private Network Access for Remote Networks
ONAP and MEF LSO External API Framework Functional Reference Architecture 12 July 2017 Andy Mayer, Ph.D. © 2016 AT&T Intellectual Property. All rights.
Module 4: Configuring Site to Site VPN with Pre-shared keys
Behrouz A. Forouzan TCP/IP Protocol Suite, 3rd Ed.
CompTIA Security+ Study Guide (SY0-401)
Now you don’t need to take any stress about the Cisco Exam
TRILL DataCenter/Campus/PBB Inter-connect over IP core with BGP
Examples based on draft-cheng-supa-applicability-00.txt
PCNSE7 Palo Alto Networks Certified Network Security Engineer
Virtual Private Network
Phare EIONET Centralised Training Session
IP-NNI Joint Task Force Status Update
OPEN-O Multiple VIM Driver Project Use Cases
Chapter 18 IP Security  IP Security (IPSec)
NFV Updates Deepanshu Gautam.
Project Proposals: ODL-SDNi App
SUPA/YMCA (Yang Models for Configuration and topology Abstraction)
2TCloud - Veeam Cloud Connect
Enterprise vCPE use case requirement
Enterprise vCPE use case requirement
Virtual LANs.
IP-NNI Joint Task Force Status Update
Proposal for TOSCA: Carrier’s SDN Service Orchestration/Composition
CompTIA Security+ Study Guide (SY0-401)
Introduction to Dynamic Routing Protocol
Proposal for TOSCA: Carrier’s SDN Service Orchestration/Composition
Private Network Laid Over ThinCPEs routing area related work
Implement Inter-VLAN Routing
Brief Introduction to IEEE P802.1CF
Introduction to Dynamic Routing Protocol
Network management system
Network base Network base.
Key concepts covered in Midterm III
Kireeti Kompella Juniper Networks
IFA007: VNF LCM The Or-Vnfm reference point is used for exchanges between Network Functions Virtualization Orchestrator (NFVO) and Virtualized Network.
ACTORS DESCRIPTION PNF
Providing Teleworker Services
See your OpenStack Network Like Never Before
Firewalls Jiang Long Spring 2002.
Providing Teleworker Services
Implement Inter-VLAN Routing
Agenda Create certificates for the GlobalProtect Portal, internal gateway, and external gateway. Attach certificates to a SSL-TLS Service Profile. Configure.
Implement Inter-VLAN Routing
Suggested Major Functional Components for s
NFV adhoc Shitao li.
Chapter 5 SNMP Management
MICROSOFT NETWORK VIRTUALIZATION
Site-to-site (S2S) VPN Gateway between Azure and On-Premises
Chapter 5 SNMP Management
Jason Sones VNO North America – Nuage Networks from Nokia Sherif Awad
Applying CIM to SD-WAN Weiqiang Cheng, Feng Yang(CMCC)
OCI – VPN Connect Internet Customer Premises
Presentation transcript:

SDN use case 1: VPN Fengkai Li

Way to carry out SDN related work Work item 3: Customer Facing Services. Multi-Site connection service Parental Control Internet Service Customized “Complex” Services, Service Catalog Work item 2: The way, method, algorithm to orchestrate the SDN basic atomic SDN service to create the customized “complex” service. Orchestration Functionalities Way Moving forward VPN TE Security QoS NAT Work item 1: Standardize the basic/atomic SDN services, as well as some primitive components of basic/atomic SDN service. Basic/Atomic SDN services Basic objects/nodes Basic relationships/operations …… 2018/9/23

Technology Dependent or Independent For the SDN VPN service: Connection, Entity, Gateways, technology independent End user oriented part within in VPN service. Mapping, technology dependent Service provider/Operator oriented part within in VPN service. Generalization: Each SDN service will have two main kinds of components/attributes: Technology independent related for SDN service end user Customer facing requirements, which are from the end users’ point of view SDN service end users do not want to involve in the details, implementations of the service Technology dependent for SDN service provider/operator SDN service providers’ or operators’ configuration, policy, implementation, activation of the service Previous figure, to be modified 2018/9/23

Leverage current work in NFV&SDN Ad Hoc VPN service Constitutions of VPN Service Service holder Technology independent parts: Entities to be connected by VPN service Connection between/among entities Gateway Technology dependent parts: Mapping policy TOSCA simple profile for NFV NSD vld connection_point VLD Connectivity Type Service type Service sub-type How to map the VPN service requirements to the existing design of the document? 2018/9/23

VPN basic concept and SDN VPN service VPN creates a secure network connection over a public network, such as the Internet or a private network owned by a service provider. Target user: Tenants, End users SDN VPN service management and administration: Service provider, Operator Descriptions: For tenants, end users: Connectivity service: Between or among sites Site to DC Site to Internet Self-service for adding/deleting sites, bandwidth adjusting, QoS, etc. Underlay VPN technology independent For service providers, Operators: Specify VPN service implementing underlying techniques, such as VxLAN, GRE, IPSec, etc. VPN service configurations, activations. 2018/9/23

Reorganizing the VPN service attributes Constitutions of VPN Service: VPN Service holder Owner of this VPN service ID/Name/Description, for descriptions of the service and references. Status, both the administrative and operative status Mapping policies for the technology specific implementation of the VPN service. Within the VPN service Entity/entities to be connected by VPN Connections between/among entities Gateway for layer 3 connections VPN Service Technology dependent part Technology independent part Mapping Connection Entity Gateway Figure updated with technology independent and dependent parts 2018/9/23

Connection Properties/attributes: Owner of this VPN service. ID/Name/Description, for descriptions of the service and references. Topology, connection type, P2P, Hub Spoke, Full Mesh. Bandwidth. Entity/Entities connected by the connection. Administrative/operative status. Technology specification, such VxLan, IPSec, GRE, etc. Mapping policy. 2018/9/23

Entity/Entities Properties/attributes: Owner of this Entity/Entities ID/Name/Description, for descriptions. Type of entity/entities, such as subnet, network, router, VLAN, CIDR, VNI, etc. Gateway, for the gateway info for subnet, network, VLAN, CIDR, VNI. Topology Role, for the role concept in the connection, hub|spoke|none. Connection ID, the connection entity/entities belongs to. 2018/9/23

Gateway Properties/attributes: Owner of this gateway. ID/Name/Description, for descriptions. IP address Network element ID, the gateway belongs to. 2018/9/23

Mapping policy Properties/attributes: Owner of this mapping policy. ID/Name/Description, for descriptions. Type, specifying the underlying technology for the VPN implementation. VxLAN parameters: Arp proxy … IPSec parameters: crypto profile …… GRE parameters: Tunnel key …. May some of these be needed by tenants or end users? 2018/9/23

Scenario Suggested by Dmytro Gassanov within the vEPC proposal. Also: P2P VPN connection Suggested by Dmytro Gassanov within the vEPC proposal. Also: VPN is a kind of VL in NSD May refer to ETSI IFA015 for VLD attributes defined. 2018/9/23

Thank you! 2018/9/23

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.