Presentation is loading. Please wait.

Presentation is loading. Please wait.

User-driven Networking in IaaS Clouds Daniel Kouril, Tomas Rebok, Michal Prochazka Masaryk University/CESNET EGI-Geant Symposium, 27th September 2014.

Published byCorey Owen Modified over 9 years ago

Similar presentations

Presentation on theme: "User-driven Networking in IaaS Clouds Daniel Kouril, Tomas Rebok, Michal Prochazka Masaryk University/CESNET EGI-Geant Symposium, 27th September 2014."— Presentation transcript:

1 User-driven Networking in IaaS Clouds Daniel Kouril, Tomas Rebok, Michal Prochazka Masaryk University/CESNET EGI-Geant Symposium, 27th September 2014

2 Requirements for Advanced Networking Addressing schemas ipv4, ipv6, non-ip protocols Simulation of various communication technologies (GPRS, ADSL, Wifi) Detailed monitoring of individual connections between individual nodes Controlled completely by user with no/minimal involvement of cloud admins Traffic contained within a sandbox

3 Solution ISO L2 control needed to fulfill requirements Ethernet-like arrangement ISO L2 networking: Point-to-point links between two nodes Interconnections of links (frame switching) Overlay L2 network on the top of cloud Pseudo-wires Virtualized switch

4

5 LAN Management Node (switch) Standard Linux VM Multiple network interfaces Network monitoring enabled Auxiliary services deployed

6 Current implementation Pseudo-wires implemented using VLANs Traffic cannot leak LAN Management Node Openvswitch used as software switch Piloted in OpenNebula environment Network configuration updated Network templates L2, L3 filtering disabled on interfaces Netem/tc used to set network parameters API developed to instatiate the links, host, parameters, …

7 Current limitations LANs limited to a single hardware host Basic cloud setup needed at the beginning

8 Cyber Proving Ground Environment for Security Research and Training Sandboxed environment for forensics, trainings, gaming Realistic networking Network containment Network-level monitoring of single links Netflows, DPI

9 Sandbox example

10 User-driven Networking in IaaS Clouds ? Daniel Kouril, Tomas Rebok, Michal Prochazka http://www.muni.cz/ics/kypo https://twitter.com/csirtmu

Download ppt "User-driven Networking in IaaS Clouds Daniel Kouril, Tomas Rebok, Michal Prochazka Masaryk University/CESNET EGI-Geant Symposium, 27th September 2014."

Similar presentations

LAN Segmentation Virtual LAN (VLAN).

LAN Segmentation Virtual LAN (VLAN).
Virtual LANs.

Virtual LANs.
Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.

Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Www.sown.org.uk Southampton Open Wireless Network The Topology Talk.

Southampton Open Wireless Network The Topology Talk.
1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.

1 Version 3.0 Module 8 Virtual LANs. 2 Version 3.0.
1 Computer Networks Internetworking Devices. 2 Repeaters Hubs Bridges –Learning algorithms –Problem of closed loops Switches Routers.

1 Computer Networks Internetworking Devices. 2 Repeaters Hubs Bridges –Learning algorithms –Problem of closed loops Switches Routers.
FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.

FI-WARE – Future Internet Core Platform FI-WARE Cloud Hosting July 2011 High-level description.
VLANs Semester 3, Chapter 3 Allan Johnson Website:

VLANs Semester 3, Chapter 3 Allan Johnson Website:
Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.

Topics 1.Security options and settings 2.Layer 2 vs. Layer 3 connection types 3.Advanced network and routing options 4.Local connections 5.Offline mode.
Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.
1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.

1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—2-1 Module Summary  Ethernet cables and segments can span only a limited physical distance,

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—2-1 Module Summary  Ethernet cables and segments can span only a limited physical distance,
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.

Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.
CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.

CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.
Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.

Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—1 Interconnecting Cisco Network Devices.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—1 Interconnecting Cisco Network Devices.
Connecting LANs, Backbone Networks, and Virtual LANs

Connecting LANs, Backbone Networks, and Virtual LANs
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Implement Inter-VLAN Routing Chapter 6 Modified.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Implement Inter-VLAN Routing Chapter 6 Modified.
Ethernet Errors and Problems

Ethernet Errors and Problems

Similar presentations

Ads by Google