Presentation is loading. Please wait.

Presentation is loading. Please wait.

Enabling Active Networks Services on A Gigabit Routing Switch Tal Lavian and the Openetlab Team.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Enabling Active Networks Services on A Gigabit Routing Switch Tal Lavian and the Openetlab Team."— Presentation transcript:

1 Enabling Active Networks Services on A Gigabit Routing Switch Tal Lavian and the Openetlab Team

2 Enabling Active Networks Services on A Gigabit Routing Switch 2 CONTENTS Challenges of Customized Networking and The Active Networks Approach The Gigabit Routing Switch: Accelar The ORE Programmability ORE services and Customer Deployment The ORE ANTS: an example of injecting AN services into network nodes Summary

3 Enabling Active Networks Services on A Gigabit Routing Switch 3 Challenges of Customized Networking Ever more functionality done in hardware –good: bring faster processing ability –bad: reduce the opportunity to introduce new services inside the network Legacy network nodes employing a static and well-defined set of protocols –closed systems that allow configuration of existing services but do not allow service addition –Unsuitable for hosting the deployment of customer services including Active Networks services

4 Enabling Active Networks Services on A Gigabit Routing Switch 4 Active Networks A “programmable” user-networking approach –injects network services to the network “on-the-fly” –supports per-flow service customization –enables ISPs and individuals to add their services To support AN, hardware should provide –Fast processing ability to compete AN computation –the programmability with open networking APIs

5 Enabling Active Networks Services on A Gigabit Routing Switch 5 The Accelar Routing Switch A Nortel Networks L3 Routing Switch Family –distributed ASIC forwarding architecture –packet forwarding up to 256 gbps –VxWorks real-time OS –ORE networking programmability High performance by two separated planes –Forwarding: forwards packets at a wire speed –Control: processes policy control as well as supports the ORE services

6 Enabling Active Networks Services on A Gigabit Routing Switch 6 Switching Fabric CPU System Forwarding Plane (Wire Speed Forwarding) Forwarding Processor Forwarding Rules Statistics &Monitors Forwarding Processor Forwarding Rules Statistics &Monitors Forwarding Processor Forwarding Rules Statistics &Monitors... Accelar Programmable Networking Control Plane ORE Network Services Traffic Packets Filtered packetsNew rules JFWD

7 Enabling Active Networks Services on A Gigabit Routing Switch 7 The ORE Programmability ORE: an Oplet Runtime Environment for injecting customized software into network –an open platform for secure downloading, installation, and safe execution of Java code –provide user-level service API –network services implemented using Java code

8 Enabling Active Networks Services on A Gigabit Routing Switch 8 The ORE Programmability Oplet: a self-contained downloadable unit –encapsulates one or more services –contains service attributes such as dependency –Secure downloading, service installation Service: a downloadable code that implements a specific functionality –includes Active Networks services: EE –Can be built on the top of other services –examples: filtering packet, altering forwarding priority and diverting packets

9 Enabling Active Networks Services on A Gigabit Routing Switch 9 CPU JVM ORE Architecture …MEM JNI/Native Code OREJFWD Filtered packets New forwarding rules Forwarding Engine Monitor status Oplets OpletService, Shell, Logger Jcapture, HTTP, IpPacket Standard Services ANTS Firewall, DiffServ User-defined services Function Services

10 Enabling Active Networks Services on A Gigabit Routing Switch 10 ORE Services Three categories –Standard: ORE-specific APIs for customer service encapsulation and management –System: low-level or underlying access APIs such as packet forwarding and processing services –Customized: user-level service APIs Function: ORE or user services for common use Oplets: application-specific customer services

11 Enabling Active Networks Services on A Gigabit Routing Switch 11 ORE Services System Services –JFWD: Java Forwarding API, see next slide –JMIB: platform MIB access, provides access to hardware instrumentation –JPCAP: packet capturing, provides use of local Berkeley libpcap

12 Enabling Active Networks Services on A Gigabit Routing Switch 12 ORE Services JFWD: a system service –Java Forwarding API, platform-independent –controls packet processing and forwarding –provides access to the hardware instrumentation –typical network mappings IP filters: drop, forward and capture packets IP routing MAC address, ARP and Vlan –native implementation on Accelar and Linux

13 Enabling Active Networks Services on A Gigabit Routing Switch 13 ORE Services Standard Services –OpletService: Oplet service API, extended to define service descriptions and interfaces –ManifestOplet: Oplet encapsulation abstract interface, implemented to create service-specific oplets –Start: ORE startup service, loads given services at startup –Shell: telnet-like user interface, provides shell commands to manipulate oplets and start or stop network services –Logger: ORE log service, provides runtime logs

14 Enabling Active Networks Services on A Gigabit Routing Switch 14 ORE Services Customized services –HTTP: HTTP service –Jcapture: packet capturing service – IpPacket: IP packet utility, constructs IP/TCP/UDP header and payload –JMIB: platform MIB access, provides access to hardware instrumentation –JPCAP: packet capturing, provides use of local Berkeley libpcap

15 Enabling Active Networks Services on A Gigabit Routing Switch 15 Customer Service Deployment Customer service programming –regular Java programming –two ORE APIs: OpletService and ManifestOplet Service code packed in jar and stored in downloading servers ORE downloads service code and starts particular services as instructed A service can be built using other services

16 Enabling Active Networks Services on A Gigabit Routing Switch 16 Customer Deployment: ORE API OpletService: the ORE base service –Extended by customer service interface classes to define service description and interfaces –customers also provide the service implementation classes to implement those interface classes –service implementation classes should include two additional private methods for starting and stopping the service function respectively

17 Enabling Active Networks Services on A Gigabit Routing Switch 17 Customer Deployment: ORE API ManifestOplet: the abstract oplet interface –implemented by customers as concrete oplets to encapsulate the service code –has two methods startService() and stopService() to register or deregister a service at runtime –accompanied by manifest files to cover service information, e.g., oplet name, service description, dependency and package name

18 Enabling Active Networks Services on A Gigabit Routing Switch 18 Customer Deployment: package What are includes in a service package? –Hello.class: the service interface class, extends OpletService –HelloImpl.class: the service implementation class, implements the interface Hello –HelloOplet.class: the Oplet class, implements Manifest and encapsulate service Hello –HelloOplet.mf: the service manifest file, provides the service information

19 Enabling Active Networks Services on A Gigabit Routing Switch 19 Customer Deployment: start How to start customer services? 2 ways at least –at startup the ORE startup service (start) starts those services specified in “start.properties”, which is in the same directory of the service package “start.jar” edit “start.properties” to add or remove your service packages –at runtime customers can use the ORE shell service to manipulate those services by “telnet OREHOST 1999” the whole service lifecycle can be instructed –through the ORE API by remote applications

20 Enabling Active Networks Services on A Gigabit Routing Switch 20 Customer Deployment: To Accelar Injecting customer services onto the Accelar –service code (i.e., jars) stored in external servers for downloading –services can be activated at startup or runtime –once activation successfully, those services work like native services on the Accelar

21 Enabling Active Networks Services on A Gigabit Routing Switch 21 ORE ANTS on the Accelar Deploying the ANTS on the Accelar using ORE MIT ANTS distribution –version 1.2 –no modification to the ANTS code on the Accelar 1100B routing switch –ORE version 0.3.3 –ORE ANTS package –URL: “http://www.openetlab.org/downloads/”http://www.openetlab.org/downloads/ An Active Networks service implementation

22 Enabling Active Networks Services on A Gigabit Routing Switch 22 ORE ANTS: service Service: “AntsNodeService” –wrapping the MIT ANTS code –package “com.nortelnetworks.ore.service.ants” AntsNodeService.class: the AntsNodeService interface AntsNodeServiceImpl.class: the service implementation AntsNodeOplet.class: the Oplet AntsNode.mf: the manifest –service interfaces getNode(): connect to the ANTS code getConfiguration(): set up the service using ANTS configuration

23 Enabling Active Networks Services on A Gigabit Routing Switch 23 The ANTS Ping (Aping) Test The ORE ANTS service tested by APing –an experimental active net built within Nortel –Accelar 1100B: the active router with ORE ANTS –Sun workstations 1: destination active node with MIT ANTS –Sun workstations 2: source active node with MIT ANTS (and APing) –Linux PC: the HTTP server providing the ORE service jar packages and the ORE ANTS configuration

24 Enabling Active Networks Services on A Gigabit Routing Switch 24 Destination Host (Sun Workstation 1) HTTP server (Linux PC) ORE ANTS Active Router (Accelar 1100 B Switch) Download oplets ORE ANTS Testbed Source Host (Sun Workstation 2) ANTS ANTS (APing) 134.177.116.108134.177.116.104 10.120.101.102 134.177.116.106 Router

25 Enabling Active Networks Services on A Gigabit Routing Switch 25 Summary ORE brings the programmability to network The ORE ANTS deployment on the Accelar is a successful instance of injecting Active Networks (AN) services to network nodes Porting AN services to ORE is rather easy If necessary, JFWD or other system services are used by customers to access underlying resource or hardware instrumentation Accelar is still working on strong CPU competence & flexible ASIC programmability

Download ppt "Enabling Active Networks Services on A Gigabit Routing Switch Tal Lavian and the Openetlab Team."

Similar presentations

NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)

NetServ Dynamic in-network service deployment Henning Schulzrinne (Columbia University) Srinivasan Seetharaman (Georgia Tech) Volker Hilt (Bell Labs)
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—4-1 Implementing Inter-VLAN Routing Deploying Multilayer Switching with Cisco Express Forwarding.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—4-1 Implementing Inter-VLAN Routing Deploying Multilayer Switching with Cisco Express Forwarding.
An Overview of Software-Defined Network Presenter: Xitao Wen.

An Overview of Software-Defined Network Presenter: Xitao Wen.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
SDN and Openflow.

SDN and Openflow.
August 2000 1 Extensible Router Workshop – Princeton University Open Networking Better Networking Through Programmability Extensible Router Workshop Princeton.

August Extensible Router Workshop – Princeton University Open Networking Better Networking Through Programmability Extensible Router Workshop Princeton.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung(1203584897) SriramGopinath(1203800749)

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson

1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
Open Innovation via Java-enabled Network Devices Tal Lavian

Open Innovation via Java-enabled Network Devices Tal Lavian
Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.

Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.
An Overview of Software-Defined Network

An Overview of Software-Defined Network
An Overview of Software-Defined Network Presenter: Xitao Wen.

An Overview of Software-Defined Network Presenter: Xitao Wen.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
Course 201 – Administration, Content Inspection and SSL VPN

Course 201 – Administration, Content Inspection and SSL VPN
And how they are used. Hubs send data to all of the devices that are plugged into them. They have no ability to send packets to the correct ports. Cost~$35.

And how they are used. Hubs send data to all of the devices that are plugged into them. They have no ability to send packets to the correct ports. Cost~$35.
Hands-on Networking Fundamentals

Hands-on Networking Fundamentals
CISCO ROUTER.  The Cisco router IOS  Enhanced editing  Administrative functions  Hostnames  Banners  Passwords  Interface descriptions  Verifying.

CISCO ROUTER.  The Cisco router IOS  Enhanced editing  Administrative functions  Hostnames  Banners  Passwords  Interface descriptions  Verifying.

Similar presentations

Ads by Google