• No results found

Note Well. All IETF Contributions are subject to the rules of RFC 5378 and RFC 3979 (updated by RFC 4879).

N/A
N/A
Protected

Academic year: 2021

Share "Note Well. All IETF Contributions are subject to the rules of RFC 5378 and RFC 3979 (updated by RFC 4879)."

Copied!
24
0
0

Loading.... (view fulltext now)

Full text

(1)

Note Well

•Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement

made within the context of an IETF activity is considered an "IETF Contribution". Such statements include oral statements in IETF sessions, as well as written and electronic communications made at any time or place, which are addressed to:

• The IETF plenary session

• The IESG, or any member thereof on behalf of the IESG

• Any IETF mailing list, including the IETF list itself, any working group or design team list, or any other list functioning under IETF

auspices

• Any IETF working group or portion thereof • Any Birds of a Feather (BOF) session

• The IAB or any member thereof on behalf of the IAB • The RFC Editor or the Internet-Drafts function

•All IETF Contributions are subject to the rules ofRFC 5378andRFC 3979(updated byRFC 4879).

•Statements made outside of an IETF session, mailing list or other function, that are clearly not intended to be input to an IETF activity, group

or function, are not IETF Contributions in the context of this notice. Please consultRFC 5378andRFC 3979for details.

•A participant in any IETF activity is deemed to accept all IETF rules of process, as documented in Best Current Practices RFCs and IESG

Statements.

•A participant in any IETF activity acknowledges that written, audio and video records of meetings may be made and may be available to the

(2)
(3)

Agenda

What is intent?

What problem is IB-Nemo trying to solve

Operators and Applications describe their

problem

Description of IB-Nemo

Demo

(4)

What is Intent?

Prescription

Bob wants two aspirin.

Existing rule: Bob is not

allowed to have aspirin

Result: Bob gets nothing.

Intent (Declarative)

Bob wants headache pain

relief

Existing rule: Bob not

allowed to have aspirin

Result: Bob gets

acupuncture and his

headache goes away.

Aspri

n

4

(5)

User

Intent

Context

5

Expressing Intent

Subject

Predicate

object

Intent

Bob wants

headache relief!

Context:

Bob has had

headaches for

weeks

(6)

What is the problem?

Problem 1: Applications want to express Intent

rather than describe network

Problem 2: Need user readable language to

express for most applications

Stream of commands to run of http

Use Readable Commands (node, link, flow)

Question: scripts over http workable,

(7)

0. What, Why, and How

Controller

Application

service needs and requirements

Knows and determines network

(the “What” and “Why”)

Intent NBI: Negotiations

for network service

(restricted to “What”)

= Substance + constraints

Knows and determines

network service delivery

(8)

0. What, Why, and How & Mapping

Controller

Application

Knows and determines network service

Knows and determines network service

needs and requirements

(the “What” and “Why”)

Intent NBI: Negotiations

for network service

(restricted to “What”)

= Substance + constraints

(delivery system-independent)

Knows and determines

network service delivery

(the “How”) mapping functions

Mapping

Function

Mapping

Function

System-specific

System-specific

(9)

1 simple intent comments

Intent Command – with specification

Connection

<name>

Type

<name>

Endnodes

identifier1, identifier-2

Definition of parameters of command

Node

identifer-1;

(10)

An Example: Bandwidth on Demand (B2B) DOCSIS

There is a virtual link between the branch and headquarters

(HQ) offices.

Branch

WAN

HQ

NEMO Script:

Node

branch;

Node

HQ;

Connection

tunnel

Type

P2P

(11)

An Example: Bandwidth on Demand (B2B) DOCSIS

There is a virtual link between the branch and headquarter offices.

o

The bandwidth of the vlink can be adjusted on demand

o

The adjustment can be triggered by "conditions" meet, e.g. The bandwidth

will be adjusted when the timing meets.

Branch

WAN

Headquarter

Condition: from 8am to 6pm, Bandwidth: 10G

Condition: from 6pm to 8am, Bandwidth: 1G

NEMO Script:

Node

branch;

Node

HQ;

Connection

tunnel

Type

P2P

Endnodes

branch, HQ;

Constraint

day

ApplyTo

tunnel

Condition

time>8am & time <6pm

Operation

set:bandwidth=10G;

Constraint

night

ApplyTo

tunnel

Condition

(time>0am & time <8am)|(time>6pm & time <0am)

(12)

Nemo

Script

Nemo

Language

Processing

Nemo

Web GUI

APP

(Nemo)

YANG Network-Wide

Data Models

Yang Device

Models

Yang Device

Models

Transport

netconf

RESTCONF

IB-Nemo uses

Existing Data

Models

(13)

NEMO Script Language

Composed of

3

Primitive

Groups

15

Statements

36

Key

Words

Constraint

Constraint policy_id applies to entity_id Condition (Expression)

Action { [“forwardto” | “gothrough” | “bypass” [Node | Link]] |

[Unlink | Link | Node | UnNode] }

Notify &

Query

Allow to model

Definitions

(14)

Use Cases

Bandwidth on Demand - B2B or VPN case

Virtual DC

Telefonica’s Example

SFC chaining

DOCSIS use case for parental control (put filter

(15)

Protected

Zone Router

Email

server

Telefonica: DC Networks

Create a virtual DC network with three

parts: exterior Unsafe zone, DMZ zone,

interior safe zone

User view

Network definition

Node exterior

Node DMZ

Node interior

Intent Command

Connection

Customer1

type

p2p

EndNodes

Exterior, Interior

gothrough

DMZ

firewall

Router

DMZ

Internet

Access

Node

Access

Node

Interior

Exterior

(16)

Telefonica: DC Networks

Create a virtual DC network for process

of email traffic through firewall and

spam filter before processing

Infrastructure

Network definition

Host

D-Firewall, D-router

node

DMZ

Intent Command

connection

Customer1

type

p2p

EndNodes

Exterior1, interior

gothrough

DMZ(firewall, L2-switch)

DMZ

Interior

Firewall

L2-Switch

L2-Switch

Exterior

(17)

Telefonica: DC Networks

Create a virtual DC network for process

of email traffic through firewall and

spam filter before processing

Infrastructure

Network definition

Host

access-node, PC

node

exterior

Host

D-Firewall, D-router

node

DMZ

Host

PZ-router, email-server

node

Interior

Intent Command

Connection

Customer1

type

p2p

EndNodes

Exterior1, interior

gothrough

DMZ

DMZ

Protected

Zone Router

Exterior

servers

email

servers

Access

Node

Access

Node

Interior

D-firewall

D-Router

D-Router

PC

(18)

Demo

Telefonica description

(19)

Use-Case: Service Chaining

Create Service Chaining Function path

Network functions in path: firewall,

load balancer, WAN optimization

between virtual private cloud and

the internet.

Model Definitions

Flow1 match

Internet-Traffic Policy

ID1

Policy

ID1

gothrough

(firewall, WoC)

Intent states

Link

sf1

Endnodes

(VPC,Internet)

Properties

flow1 inbound flow2

outbound

VPC

Internet

FW

LB

WoC

(20)

FAQ-5

Q1: Why should IETF form a WG to examine a

Intent-based Protocol?

Q2: Can Intent-Based protocol control more than

networks?

Q3: Why an Intent-Based language within a few

commands? How will you control all of the network

management devices that control the network

Q4: Is it Time for IETF Standardization? What will be

missed if IETF does not standardize?

Q5: How will Nemo verify its small set of operations is

useful? Why will you use test cases and data models to

do this?

(21)
(22)
(23)

23

Delightful

Users select what they want on a

portal

Intent engine runs and network

automatically creates network based

on users preloaded constraints

Nightmare

Three wonderful services that SDN

controllers provide collide

SDN controllers fight over control of

network, and both controllers fail

because each assumes control

[multi-writers problem]

Operator’s dreams

Intent

App

2

App 1

SDN

CTL 1

SDN

CTL 2

(24)

Intent NBI engine

Intent

Engine

Rendered

Rules

Network

/Device

Events

Intent NBI

Intent

Mapping

API

EPG1

Bob

Low Latency

Isolate

Bob: EP, IP = 10.1.1.12

Low Latency: <80 ms

Isolate: VxLAN

References

Related documents

The Remote Authentication Dial-in User Service (RADIUS) (RFC 2865) is an IETF-defined Client/server protocol and software that enables remote access servers to communicate with

Firewall (Standby) Layer 3 Router Switch Stack Drive Cell/Area (Ring Topology) Cell/Area Zone Levels 0–2 Demilitarized Zone (DMZ) Demilitarized Zone (DMZ) Enterprise Zone Levels 4

Broadband Modem Access Router Firewall Remote Site Access Router WAN + VPN + IDS Access Router WAN + Firewall + VPN + IDS Cisco Catalyst Switch PIX Firewall External Servers

• Configure a 2600 Router to prevent access to the DMZ Server from the outside Enterprise Network • Test and verify the basic PIX Firewall and the Cisco Router operation

This examination covered the period of January 1, 2009, through December 31, 2012, and encompasses a general review of transactions during the period, the Company’s business

Raise a Purchase Order in Oracle Purchasing stating the description of goods, quantity, unit price, and terms of delivery. Purchase order would be issued after beneficiary

2 The term VALENCIA HONORS SCHOLARS is reserved for those students who successfully complete at least 18 hours of honors coursework, who earn no less than a “C” in each

LIMITING SELECTION OF PROJECTIONS 13 The pj dmstor function is patterned after the C language library strtod function where str is a character string to be read for a dms value to