IETF 97 Hackathon SFC IETF 97 November 2016
IETF 97 Hackathon SFC IETF 97, November 2016 Seoul, Korea
Overview • Technologies: – Service Function Chaining (SFC) – Open. Daylight (ODL) – ONOS • Project(s) – Hierarchical SFC with flow-stateful classifier using ODL – Controlling SF access to NSH using ODL – Calendaring in Smart SFC 2 IETF 97 Hackathon
Hierarchical SFC with flow-stateful classifier • Implement Hierarchical SFC with flowstateful/metadata hybrid solution using Open. Daylight • Concept Proposed in: https: //datatracker. ietf. or g/doc/draft-ietf-sfchierarchical/ 3 IETF 97 Hackathon
Service Function Access Control to NSH • Implement the mechanism to control SF access (read/write) to NSH using Open. Daylight • Concept Proposed in: https: //datatracker. ietf. org/doc/draft-vusfc-sf-access-control/ 4 IETF 97 Hackathon
Integrated Scenario 5 IETF 97 Hackathon
Results IBN classifying flow: cookie=0 x 14, duration=1322. 216 s, table=5, n_packets=4, n_bytes=448, priority=550, nsi=255, nsp=1, nshc 1=65536, nshc 2=2, nshc 3=44, nshc 4=4 actions=load: 0 x 1 c>NXM_NX_NSH_C 4[], goto_table: 8 cookie=0 x 0, duration=341331. 140 s, table=8, n_packets=64, n_bytes=8222, priority=999, tcp, in_port=2, nw_src=192. 168. 2. 0/24, nw_dst=192. 168. 2. 0/24 actions=load: 0 x 1 - > NXM_NX_NSH_MDTYPE[], load: 0 x 3 ->NXM_NX_NSH_NP[], load: 0 x 37 -> NXM_NX_NSP[0. . 23], load: 0 xff>NXM_NX_NSI[], load: 0 x 5 ->NXM_NX_NSH_C 1[], load: 0 x 6 - > NXM_NX_NSH_C 2[], load: 0 x 7>NXM_NX_NSH_C 3[], load: 0 x 4 -> NXM_NX_TUN_GPE_NP[], load: 0 xc 0 a 80114>NXM_NX_TUN_IPV 4_DST[], IN_PORT IBN recovering flow: cookie=0 x 14, duration=1376. 960 s, table=6, n_packets=4, n_bytes=448, priority=550, nshc 4=28 actions=load: 0 x 1 ->NXM_NX_NSP[0. . 23], load: 0 xfe-> NXM_NX_NSI[], load: 0 x 10000>NXM_NX_NSH_C 1[], load: 0 x 2 ->NXM_NX_NSH_C 2[], load: 0 x 2 c-> NXM_NX_NSH_C 3[], load: 0 x 4>NXM_NX_NSH_C 4[], load: 0 x 4 -> NXM_NX_TUN_GPE_NP[], load: 0 xaa 0 a 0006>NXM_NX_TUN_IPV 4_DST[], IN_PORT Access control check flows: cookie=0 x 14, duration=9. 570 s, table=12, n_packets=2, n_bytes=224, priority=550, nsi=255, nsp=1, nshc 1=1, nshc 2=2, nshc 3=3, nshc 4=4 actions=load: 0 x 2 c-> NXM_NX_NSH_C 3[], load: 0 x 10000 ->NXM_NX_NSH_C 1[], IN_PORT Access control recover flows: cookie=0 x 14, duration=9. 655 s, table=11, n_packets=1, n_bytes=112, priority=550, nshc 3=44 actions=load: 0 x 1 ->NXM_NX_NSH_C 1[], load: 0 x 2 ->NXM_NX_NSH_C 2[], load: 0 x 3 -> NXM_NX_NSH_C 3[], load: 0 x 4 ->NXM_NX_NSH_C 4[], IN_PORT 6 IETF 97 Hackathon
Results After AC check Top-domain packet After sub-domain In sub-domain After AC recover 7 IETF 97 Hackathon
Smart SFC GUI based chain provisioning considering constraints (CPU, Memory, Jitter, packet loss etc. ). ONOS SFC DB S-SFC APP Manager Explicit chain creation. SFC protection and load balancing. Chain SLA assurance is guaranteed by real time Collector monitoring of SF resources. ONOS Core SF resource management. Dynamic SF addition/deletion based SBI Protocol FW VC Classifier WOC on need basis. DPI SFF 1 NAT SFF 2 Classifier SFF 3 Classifier FW #ONOSProject SFF 4 WOC NAT DPI
Calendaring By default, SFC intent will be converted to flow rule and downloaded to forwarding plane as soon as user creates it. Calendaring feature supports: 1) SFC scheduling within a Time range: - SFC chain will be scheduled within the time range - GUI to support this 2) SFC scheduling within a Time range with repeat option - SFC chain will be repeatedly activa and deactive based on the specified scheduling intervals. - GUI to support this. 1 2 Contributor: 1) Swarup Nayak 2) Nobin Mathew (Remote) 3) Vikram Chowdhury (Remote) 3 #ONOSProject 4
Thank you !!! 10 IETF 97 Hackathon
- Slides: 10