gn3plus sa3t3 multi domain vpn
play

GN3Plus SA3T3 - Multi Domain VPN - technical architecture 2nd - PowerPoint PPT Presentation

Aug 26, 2023 •133 likes •276 views

GN3Plus SA3T3 - Multi Domain VPN - technical architecture 2nd TERENA Network Architects Workshop (Prague) 14 th Nov. 2013 Xavier Jeannin / RENATER, SA3T3 Task Leader Tomasz Szewczyk / PSNC, SA3T3 Deputy Outline What is Multi-domain VPN

  1. GN3Plus SA3T3 - Multi Domain VPN - technical architecture 2nd TERENA Network Architects Workshop (Prague) – 14 th Nov. 2013 Xavier Jeannin / RENATER, SA3T3 Task Leader Tomasz Szewczyk / PSNC, SA3T3 Deputy

  2. Outline What is Multi-domain VPN (MDVPN)? MDVPN architecture components Proof of concept Reason to deploy MDVPN Conclusions 2 Connect | Communicate | Collaborate

  3. Multi-domain VPN (MDVPN) A joint service provided by GEANT and NRENs Baseline transport infrastructure for many data transmission services “Umbrella” for VPNs L3 or L2 VPNs spanned over several domains only by configuring the edge routers Point-to-point and multipoint topologies High scalability – Total number of provisioned VPNs has no impact on GEANT and NREN core Based on MPLS and BGP protocols RFC 4364 (BGP/MPLS IP VPNs) RFC 3107 (BGP Labeled Unicast) Well known and proven technology Available in almost all box and right now No material investment only configuration 3 Connect | Communicate | Collaborate

  4. MDVPN service overview • Hierarchical Multi-domain infrastructure • GEANT - Carrier of Carriers • NRENs – peers • Ready to cooperate with non-MPLS domains and regional/metro networks • Bandwidth management • Independent traffic engineering in each domain • BGP based “path” selection VPN provider (NRENs) VPN transport provider (GEANT) 4 Connect | Communicate | Collaborate

  5. MDVPN technical principle overview Underlying principle behind this Multi-Domain VPN technology MPLS transmission path from a PE up to the remote PE in another domain – MDVPN design supports non-MPLS domains as well Signaling is split in 2 parts – Transmission path between PE routers – BGP (labelled unicast SAFI) – Loopback prefixes (/32 only) – Labels for VPN prefixes exchange between PE routers – BGP or LDP BGP / LDP 5 Connect | Communicate | Collaborate

  6. MDVPN technical principle overview VPN Route Reflector (VR) Extended scalability and flexibility Easy implementation RR VR 6 Connect | Communicate | Collaborate

  7. MDVPN technical principle overview VPN Proxy Interoperability with non-MPLS domains (NRENs) – Route/prefix information exchange through BGP session (Option A) – Data exchange through physical or logical interface Not “visible” for end user – End users located in non-MPLS domain are getting access to the same set of VPN services which are available for other end users Enables collaboration with networks outside Europe and GEANT service area VPN proxy 7 Connect | Communicate | Collaborate

  8. MDVPN traffic flow Transparent transport technology Scalability in the core Label hierarchy and… No MAC learning and/or prefixes for end user traffic No VLAN ID negotiations between NRENs and GEANT MDVPN End User VPN Provider VPN transport service provider VPN Provider End User VPN1 VPN1 NREN B NREN A (MPLS domain) (MPLS domain) GEANT Data Data (Carrier of Carriers) Label Label Data Label Label Data Label Label Label Data 8 Connect | Communicate | Collaborate

  9. Proof of concept Multidomain infrastructure Carrier of Carrier infrastructure emulated in the lab – VPN Route Reflector – VPN proxy NREN’s labs connected Multi-domain VPNs MP L3VPN, P2P L2VPN Some monitoring functionalities tested/presented 9 Connect | Communicate | Collaborate

  10. SA3T3 work: MDVPN service Very positive feedback from NRENs Service specification already published D7.1 (DS3.3.1): MDVPN Service Architecture http://www.geant.net/Resources/Deliverables/Documents/D7.1_DS%203%203%201-MDVPN-service-architecture.pdf 10 Connect | Communicate | Collaborate

  11. Reason to deploy MDVPN A set of services useful for end users Cover a wide scope of user needs – Long-term infrastructure with intensive network usage – Quick point-to-point for a conference demonstration A End-to-End services – European and Worldwide scope Rapid to deploy – VPN provisioning only on PE routers Flexibility – Ready to meet user needs Unique service Offered jointly by GEANT and NRENs – Not provided by commercial telecoms An innovative service and a scale deployment never seen Interoperable with other services (like BoD or network virtualization) Ability to deliver the service directly to “the desk” – Small CE devices + simple configuration 11 Connect | Communicate | Collaborate

  12. Example Use case: XiFi project 12 Connect | Communicate | Collaborate

  13. Conclusions A seamless infrastructure at European level for delivering VPN services to end users – Useful service for science and education – An original network service Based on stable and scalable technology – MPLS transport – RFC based BGP/LDP signaling OPEX cost reduction for NREN and DANTE – Easy and fast provisioning (less maintenance overhead) 13 Connect | Communicate | Collaborate

  14. Connect | Communicate | Collaborate www.geant.net www.twitter.com/GEANTnews | www.facebook.com/GEANTnetwork | www.youtube.com/GEANTtv 14 Connect | Communicate | Collaborate

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

GN3+ SA3T3 / Multi-Domain-VPN service: Collaboration of NRENs NOC 10 th TF NOC meeting

GN3+ SA3T3 / Multi-Domain-VPN service: Collaboration of NRENs NOC 10 th TF NOC meeting

GN3+ SA3T3 / Multi-Domain-VPN service: Collaboration of NRENs NOC 10 th TF NOC meeting (Cambridge) Friday, 21 March 2014 Xavier Jeannin / RENATER, SA3T3 Task Leader Miguel Angel Sotos / RedIRIS Bojan Jakovljevic / AMRES Agenda What is

517 views • 15 slides
GN3+ SA3T3 / Multi-Domain-VPN service: Collaboration of NRENs NOC 9 th TF NOC meeting (Prague)

GN3+ SA3T3 / Multi-Domain-VPN service: Collaboration of NRENs NOC 9 th TF NOC meeting (Prague)

GN3+ SA3T3 / Multi-Domain-VPN service: Collaboration of NRENs NOC 9 th TF NOC meeting (Prague) Thursday, 14 November 2013 Xavier Jeannin / RENATER, SA3T3 Task Leader Miguel Angel Sotos / RedIRIS Bojan Jakovljevic / AMRES Agenda MDVPN a

171 views • 13 slides
Multi-Domain VPN service, a seamless infrastructure for Regional Network, NRENs and GEANT JRES

Multi-Domain VPN service, a seamless infrastructure for Regional Network, NRENs and GEANT JRES

Multi-Domain VPN service, a seamless infrastructure for Regional Network, NRENs and GEANT JRES 2013 (Montpellier) Thursday, 12 december 2013 Xavier Jeannin - RENATER, GN3plus, SA3T3 Task Leader Alain Bidaud - Responsable Technique du CRIHAN

398 views • 18 slides
Multi-Site Vs. Domain A Commerce Case Study May 7, 2019 Page 1 | Multi-Site Vs Domain: A

Multi-Site Vs. Domain A Commerce Case Study May 7, 2019 Page 1 | Multi-Site Vs Domain: A

Multi-Site Vs. Domain A Commerce Case Study May 7, 2019 Page 1 | Multi-Site Vs Domain: A Commerce Case Study John E. Picozzi Senior Drupal Architect Drupal Providence 401-228-7660 oomphinc.com 72 Clifford Street, oomph.is/jpicozzi

585 views • 29 slides
Dialogues CS294S/W Project Pitch Multi-Domain Dialogues Multiple domains in the same

Dialogues CS294S/W Project Pitch Multi-Domain Dialogues Multiple domains in the same

Multi-domain Transactional Dialogues CS294S/W Project Pitch Multi-Domain Dialogues Multiple domains in the same conversation (not just one after the other) Switching from one domain to the other, and back Passing data from one

610 views • 6 slides
COMMON: Coordinated Multi layer Multi domain Optical Network Framework for Large scale

COMMON: Coordinated Multi layer Multi domain Optical Network Framework for Large scale

COMMON: Coordinated Multi layer Multi domain Optical Network Framework for Large scale Science Applications (2010 2013) PI: Dr. Vinod Vokkarane Associate Professor, University of Massachusetts at Dartmouth (Currently on Sabbatical:

749 views • 48 slides
COMMON: Coordinated Multi-layer Multi-domain Optical Network Framework for Large-scale Science

COMMON: Coordinated Multi-layer Multi-domain Optical Network Framework for Large-scale Science

COMMON: Coordinated Multi-layer Multi-domain Optical Network Framework for Large-scale Science Applications (2010-2013) PI: Dr. Vinod Vokkarane Associate Professor, University of Massachusetts at Dartmouth (Sabbatical: Visiting Scientist, MIT)

589 views • 29 slides
COMMON: Coordinated Multi-layer Multi-domain Optical Network Framework for Large-scale Science

COMMON: Coordinated Multi-layer Multi-domain Optical Network Framework for Large-scale Science

COMMON: Coordinated Multi-layer Multi-domain Optical Network Framework for Large-scale Science Applications Vinod Vokkarane (University of Massachusetts at Dartmouth) Addendum - Updated list of Project Tasks and Deliverables We intend to

562 views • 3 slides
Winning in Close Combat Ground Forces in Multi-Domain Battle Institute of Land Warfare

Winning in Close Combat Ground Forces in Multi-Domain Battle Institute of Land Warfare

2017 Global Force Symposium and Exposition Training and Doctrine Command Winning in Close Combat: Ground Forces in Multi-Domain Battle Innovation for Complex World Winning in Close Combat Ground Forces in Multi-Domain Battle Institute of Land

849 views • 23 slides
GN3 view on multi-d domain services and its implications on NOC implications on NOC Cs Cs Ann

GN3 view on multi-d domain services and its implications on NOC implications on NOC Cs Cs Ann

GN3 view on multi-d domain services and its implications on NOC implications on NOC Cs Cs Ann Harding (SWITCH) TF-NOC preparation me eeting Copenhagen, Denmark, 3.5.2010 connect communicate collaborate Agenda Starting point for

355 views • 16 slides
CLOUD POWER NREN collaboration on service delivery and adoption in GANT GN3plus SA7 TF-MSP

CLOUD POWER NREN collaboration on service delivery and adoption in GANT GN3plus SA7 TF-MSP

CLOUD POWER NREN collaboration on service delivery and adoption in GANT GN3plus SA7 TF-MSP March 18, Amsterdam Collaborate, to enable and facilitate our community to use online services on a large scale, with the right conditions

840 views • 66 slides
Feasibility of ILA as Network Virtualisation Overlay in multi-domain, multi-tenant Cloud Tako

Feasibility of ILA as Network Virtualisation Overlay in multi-domain, multi-tenant Cloud Tako

Feasibility of ILA as Network Virtualisation Overlay in multi-domain, multi-tenant Cloud Tako Marks Bsc. 04-07-2017 System and Network Engineering University of Amsterdam 1 Introduction A Network Virtualisation Overlay (NVO) is a collection

614 views • 29 slides
GN3plus JRA 1 Network architectures for Horizon 2020 Tony Breach, NORDUnet A/S 2nd TERENA

GN3plus JRA 1 Network architectures for Horizon 2020 Tony Breach, NORDUnet A/S 2nd TERENA

GN3plus JRA 1 Network architectures for Horizon 2020 Tony Breach, NORDUnet A/S 2nd TERENA Network Architects Workshopp Prague, 13-14th of November 2013 connect communicate collaborate JRA1 Background One of the output from GN3 was an

261 views • 12 slides
Multi-domain resso urces and service operation (GN3-JRA ti (GN3 JRA A2/SA2 A2/SA2 update) d

Multi-domain resso urces and service operation (GN3-JRA ti (GN3 JRA A2/SA2 A2/SA2 update) d

Multi-domain resso urces and service operation (GN3-JRA ti (GN3 JRA A2/SA2 A2/SA2 update) d t ) Tangui Coulouarn, Forsknings net/UNI-C 3rd E2E Workshop on Applicat tions and Services 29-30 November 2010, Prague connect communicate

509 views • 22 slides
A view into a new GN3Plus Service Jerry Sobieski (NORDUnet) TERENA Architecture Workshop Nov 13,

A view into a new GN3Plus Service Jerry Sobieski (NORDUnet) TERENA Architecture Workshop Nov 13,

Testbeds as a Service Building Future Networks A view into a new GN3Plus Service Jerry Sobieski (NORDUnet) TERENA Architecture Workshop Nov 13, 2013 From Innovation to Infrastructure Network Innovation requires testing to prove out...

360 views • 24 slides
A multi-source domain annotation pipeline for quantitative metagenomic and metatranscriptomic

A multi-source domain annotation pipeline for quantitative metagenomic and metatranscriptomic

A multi-source domain annotation pipeline for quantitative metagenomic and metatranscriptomic functional profiling Ari Ugarte, Riccardo Vicedomini , Juliana Silva Bernardes, Alessandra Carbone 9 September, 2018 Laboratory of Computational and

793 views • 30 slides
Supervised Learning Artificial Neural Networks Marco Chiarandini Department of Mathematics &

Supervised Learning Artificial Neural Networks Marco Chiarandini Department of Mathematics &

Lecture 11 Supervised Learning Artificial Neural Networks Marco Chiarandini Department of Mathematics & Computer Science University of Southern Denmark Slides by Stuart Russell and Peter Norvig Neural Networks Course Overview Other

426 views • 41 slides
CS885 Reinforcement Learning Lecture 4a: May 11, 2018 Deep Neural Networks [GBC] Chap. 6, 7, 8

CS885 Reinforcement Learning Lecture 4a: May 11, 2018 Deep Neural Networks [GBC] Chap. 6, 7, 8

CS885 Reinforcement Learning Lecture 4a: May 11, 2018 Deep Neural Networks [GBC] Chap. 6, 7, 8 University of Waterloo CS885 Spring 2018 Pascal Poupart 1 Quick recap Markov Decision Processes: value iteration ( " + * ,- Pr "

624 views • 18 slides
Learning From Data Lecture 21 Neural Networks: Backpropagation Forward propagation: algorithmic

Learning From Data Lecture 21 Neural Networks: Backpropagation Forward propagation: algorithmic

Learning From Data Lecture 21 Neural Networks: Backpropagation Forward propagation: algorithmic computation h ( x ) e ( x ) Backpropagation: algorithmic computation of weights M. Magdon-Ismail CSCI 4100/6100 recap: The Neural Network

294 views • 14 slides
Perceptron Lecturer: Barnabas Poczos Disclaimer : These notes have not been subjected to the usual

Perceptron Lecturer: Barnabas Poczos Disclaimer : These notes have not been subjected to the usual

Introduction to Machine Learning (Lecture Notes) Perceptron Lecturer: Barnabas Poczos Disclaimer : These notes have not been subjected to the usual scrutiny reserved for formal publications. They may be distributed outside this class only with

376 views • 10 slides
Fuel Cell Electric Buses Transitioning to Zero Emissions Jaimie Levin Renewable Power to

Fuel Cell Electric Buses Transitioning to Zero Emissions Jaimie Levin Renewable Power to

Fuel Cell Electric Buses Transitioning to Zero Emissions Jaimie Levin Renewable Power to Clean Fuels Symposium Sr. Management Consultant NW Natural Gas Portland Center for Transportation May 20, 2019 and the Environment About CTE

814 views • 26 slides
Transport Technology Research Innovation Grant (T-TRIG) Briefing webinars 9 th & 14 th

Transport Technology Research Innovation Grant (T-TRIG) Briefing webinars 9 th & 14 th

Transport Technology Research Innovation Grant (T-TRIG) Briefing webinars 9 th & 14 th December 2016 Moving Britain Ahead December 16 OFFICIAL Transport Technology Research Innovation Grant (T-TRIG) 1 Outline Introduction

410 views • 27 slides
ASCR-NP : Experimental NP Graham Heyes - JLab, July 5th 2016 Introduction DAQ.

ASCR-NP : Experimental NP Graham Heyes - JLab, July 5th 2016 Introduction DAQ.

ASCR-NP : Experimental NP Graham Heyes - JLab, July 5th 2016 Introduction DAQ. Streaming Trends in technology. Other labs. Simula;on and analysis. Opportuni;es for collabora;on. Concluding remarks. Trends in

729 views • 38 slides
UK Rail Summit 13 September 2017 Is rail franchising working? Anthony Smith Chief Executive Why

UK Rail Summit 13 September 2017 Is rail franchising working? Anthony Smith Chief Executive Why

UK Rail Summit 13 September 2017 Is rail franchising working? Anthony Smith Chief Executive Why franchise? Heathrow Express 97% overall satisfaction Hull Trains 97% overall satisfaction Grand Central 94% overall satisfaction

272 views • 6 slides

More recommend