NORDUnet Nordic Infrastructure for Research & Education LINK POLICY A Problem Statement Lars Fischer Winter GLIF Baton Rouge, 25-26 January 2012
NORDUnet GLIF model – Policy Free Nordic infrastructure for Research & Education Control Control plane Control plane Control plane plane GOLE User A GOLE GOLE NREN B NREN A CPE CPE GOLE Resource
NORDUnet NORDUnet Europe 2012 Nordic infrastructure for Research & Education
NORDUnet NORDUnet Atlantic 2011 Nordic infrastructure for Research & Education
NORDUnet NORDUnet N.A. 2012 Nordic infrastructure for Research & Education
NORDUnet …however, we do have policy Nordic infrastructure for Research & Education • Cannot afford policy-free links • Cost • Links acquired to serve specific projects, science disciplines • (GLIF) Policy description today • Informal, often not in writing • Not in a computer-parseable description language • No system of policy exchange • Typical policy is “good sense judgment”, enforced by telephone. The “ask me” policy. • This does not scale. And will not work for automatic provisioning. • We need a way to describe, publish, exchange, discover policy • …and enforce it
NORDUnet Policy: Links, not GOLEs Nordic infrastructure for Research & Education Control Control plane Control plane Control plane plane GOLE User A GOLE GOLE NREN B NREN A CPE CPE GOLE Resource
NORDUnet Link Resouces Nordic infrastructure for Research & Education • More inter-GOLE links being put in place • …and more GOLEs • by NRENs, Regionals, Continental networks • by projects, discipline-specific efforts • Distributed GOLEs (that are not networks?) • Even efforts to provide continent-wide exchanges – Internet2, GÉANT • User communities starting to use GOLE model • LHCONE • This is great • …but from a policy (description & enforcement) point of view, it’s getting worse
NORDUnet AutoGOLE – Link Policy Nordic infrastructure for Research & Education Network Services Agent NSA Requesting Agent (RA) Network Services Interfae B Provider NSI protocol Agent (PA) NSA C A Network Resource Manager NRM E A D E D Domain B Domain C
NORDUnet Policy-aware path-finding? Nordic infrastructure for Research & Education KRLight.ets NorthernLight.ets CzechLight.ets Daejeon Copenhagen Prague DynamicKL OpenNSA DRAC A A KRLight + CESNET NORDUnet + KDDI-Labs.ets GLORIAD SURFnet Fujimino G-LAMBDA-K Pionier JGN-X ACE A A JGNX.ets StarLight.ets Pionier.ets NetherLight.ets Tokyo Poznan Chicago Amsterdam G-LAMBDA-K AutoBAHN OpenNSA/Argia DRAC US LHCnet GEANT A A ESnet.ets AIST .ets UvALight.ets GEANT .ets Tsukuba Chicago University of Amsterdam Paris G-LAMBDA-A OSCARS DRAC AutoBAHN NSI Networks (“A”=Aggregator) NSI peerings (SDPs) unless otherwise indicated these are vlans 1780-1783 The Playground
NORDUnet Policy enforcement at GOLEs Nordic infrastructure for Research & Education GOLE Policy Agent Policy • GOLE as the guardian of the link resources connected to it • Policy-aware GOLEs • Is this only a AutoGOLE issue, or general? • If we can’t have automatic policy enforcement, we’re defeating the whole point of doing AutoGOLE in the first place
NORDUnet Policy Description Nordic infrastructure for Research & Education • Objectives • So we can understand it • So it can be enforced by GOLEs • So it can be communicated to those looking for resources • So it can be understood by path-finders • GOLEs can guarantee correct use of resources • Implications • GOLE functionality • AutoGOLE connection service, path-finding • Topology exchange • (GOLE) Service Description
NORDUnet Nordic Infrastructure for Research & Education Thank You Lars Fischer lars@nordu.net http://www.nordu.net
Recommend
More recommend
