manticore providing users with a logical ip network
play

MANTICORE: Providing Users with a Logical IP Network Service Victor - PowerPoint PPT Presentation

Mar 02, 2023 •122 likes •449 views

MANTICORE: Providing Users with a Logical IP Network Service Victor Reijs (HEAnet) MANTICORE Partners (self funded project): Agenda MANTICORE vision MANTICORE-I implementation Infrastructure as a Service framework

  1. MANTICORE: Providing Users with a Logical IP Network Service Victor Reijs (HEAnet) MANTICORE Partners (self funded project):

  2. Agenda • MANTICORE vision… • MANTICORE-I implementation – Infrastructure as a Service framework… – Software architecture… • MANTICORE-II… • Influence on end-to-end service…

  3. Physical Router User Site Logical Router MANTICORE vision Physical Link Logical Link Each user’s IP network is represented by a different color Other user’s IP network or the Internet

  4. Users NOC MANTICORE use cases

  5. Routing integrity

  6. Logical IP Network Service • Define the edge ports of the IP network • Define the external Routing Service (policy)… • In case there are preferences on internal transport services; provide QoS and internal Routing Service metric • Provide IP address pool (guided by your ISP)

  7. Benefits • On-demand (self definable/WS) IP network • Incorporating integrated route policy and thus increased route integrity • Nothing new compared to VPNs: •Share physical routers/links; not buying your own •No self-assembly required • Drawn back: need of this control plane

  8. Agenda • MANTICORE vision… • MANTICORE-I implementation – Infrastructure as a Service (IaaS) framework… – Software architecture… • MANTICORE-II… • Influence on end-to-end service…

  9. Infrastructure as a Service Framework • Virtualization of workstations • Software as a Service (SAAS) • Infrastructure as a Service (IaaS)

  10. Implementations of IaaS Framework – ARGIA -> Product for Optical Networks – ETHER -> R&D for Ethernet and MPLS Networks – MANTICORE -> Logical IP Network Service – GRIM -> R&D for Instruments and Sensors RMC ETHER MANTICORE GRIM CHRONOS

  11. Infrastructure resource trading User A Resource List Provider 2 Resource List Resource List Resource List Provider 1 User C User B

  12. MANTICORE software architecture User Workspace WS GUI client(s) IP Network WS TDM Ethernet Resource . . . Resource WS WS Router-WS Virtual Resource Services Protocol Y Protocol X Netconf Software router Other vendor Juniper device device

  13. MANTICORE-I implementation • Based on Juniper routers using the Netconf JunOS XML API • An abstract routing language is not used as a means of describing routing configurations (instead, a proprietary simple and limited representation is used). • The implementation is not a complete solution: working prototypes of the services is implemented, and some features and performance optimization are left for future work

  14. MANTICORE-I Logical IP network

  15. Agenda • MANTICORE vision… • MANTICORE-I implementation – Infrastructure as a Service (IaaS) framework… – Software architecture… • MANTICORE-II… • Influence on end-to-end service…

  16. MANTICORE II new features (1/2) • Allow and detect manual configurations and allowing selected resource for other systems (isolation) • Abstract the internal/external routing policy • Support for other manufacturers (i.e. Cisco) • Integration of the enhancements made as part of FP7 FEDERICA project activities (e.g. Xorpsh CLI)

  17. MANTICORE II new features (2/2) • Add more features to the IP Network WS –Ability to set up VPNs –Ability to set up bandwidth guaranteed paths in the IP Network –Firewalling, Access list • Integration with other IaaS based solutions, e.g.: –ARGIA (optical networks: TDM, WDM, fibre) –ETHER (Native Ethernet and MPLS VLL networks) • Authentication/Authorization • This is also an invite to join MANTICORE-II! Planned to start 1Q2009

  18. Agenda • MANTICORE vision… • MANTICORE-I implementation – Infrastructure as a Service (IaaS) framework… – Software architecture… • MANTICORE-II… • Influence on end-to-end service…

  19. Influence on end-to-end service (1/3) • Deployable and SLA: – NREN services ends at Institute boundary Extending to other NREN (using GEANT+ /DCN) is possible (if service available) – Institute’s responsibility to extend the local part to User (fibre, Ethernet, IP) – SLA for NREN service is available – SLA for local part is under Institute’s remit 19

  20. Influence on end-to-end service (2/3) • Acceptable Use Policy (AUP) and route integrity – AUP of NREN service is the normal NREN AUP with the Institute – AUP for the local service with User is under Institute’s remit – Unwanted route leaks with fibre/Ethernet need to be procedurally guaranteed (AUP) – Unwanted route leaks with logical IP network (aka AS) is more controlable 20

  21. Influence on end-to-end service (3/3) • Security and firewalling – Institute must have a scalable security/firewall configuration – fibre/Ethernet need to be procedurally guaranteed (AUP) – logical IP network (aka AS) • firewall could be part of the logical IP network service. • firewall managed by elligable party (Institute?) 21

  22. victor.reijs@heanet.ie Thank you!

  23. Additional agenda • How does it work: GUI preview… • Route Service e.g. using RPSL…

  24. How does it work: GUI preview Two organizations – NREN-A: Physical Network (PN) Admin. In this very simple example it operates a network with one physical router. – i2CAT: Virtual Network (VN) Admin. In this very simple example it will request two logical routers from NREN-A. MANTICORE deployment: NREN-A Server: i2cat Server: (optional) - User Workspace WS - Ethernet Resource WS - User Workspace WS - IP Network WS - Ethernet Resource WS - Router WS - IP Network WS 15

  25. NREN-A discovers the physical router (1/2) • When NREN-A first launches the GUI client, it must create a new physical network and add all the routers they want to manage to it .

  26. NREN A discovers the physical router (2/2)

  27. NREN-A PN Admin creates logical routers (1/2) • Create logical interfaces • Create logical routers • Assign i/fs to routers • Create tunnel between the logical routers

  28. NREN-A PN Admin creates logical routers (2/2)

  29. Giving permissions to links and interfaces • PN Admin creates “resource list” 20

  30. Exporting resources • NREN-A PN Admin exports the resource list to i2cat (permissions are set on the resources so that i2cat’s users can access and modify the resources on the resource list). Resource List i2cat Server: NREN-A Server: (optional) • i2cat VN Admin, launches its GUI Client, logs into the server and downloads the resource list.

  31. i2cat’s IP Network • i2cat VN Admin creates a new IP Network and adds the resources of the received resource list • Now he can configure the IP parameters of the interfaces, configure IGPs, configure the peering, ... OSPF configuration BGP configuration

  32. Route Service e.g. using RPSL aut-num: AS1213 as-name: HEANET descr: HEAnet national network import: from AS1299 # Telia [transit provider] action pref=100 accept ANY import: from AS3257 # Tiscali [transit provider] action pref=100; accept ANY Import: from AS20965 # GEANT [private peer] action pref=50; accept ANY export: to AS1299 # Telia announce AS-HEANET export: to AS3257 # Tiscali announce AS-HEANET export: to AS20965 # GEANT announce AS-HEANET

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Better Humanities Research in the Network Providing Context Tobias Blanke (Kings College)

Better Humanities Research in the Network Providing Context Tobias Blanke (Kings College)

Better Humanities Research in the Network Providing Context Tobias Blanke (Kings College) 21/06/09 C:\Users\eah\Desktop\new_slides\dariah_slides_template_blue.odp page 1 Overview Background of the technical work in DARIAH Overview

393 views • 26 slides
CS 4803 Computer and Network Security Servers Users How do users prove their identities when

CS 4803 Computer and Network Security Servers Users How do users prove their identities when

Many-to-Many Authentication ? CS 4803 Computer and Network Security Servers Users How do users prove their identities when requesting services from machines on the network? Alexandra (Sasha) Boldyreva Nave solution: every server knows

217 views • 5 slides
Views Views In some cases, it is not desirable for all users to see the entire logical model

Views Views In some cases, it is not desirable for all users to see the entire logical model

Views Views In some cases, it is not desirable for all users to see the entire logical model (i.e, all the actual relations stored in the database.) Consider a person who needs to know a customers loan number but has no need to see the

692 views • 14 slides
In 2018, it is estimated that there will be around 2.55 billion social network users around

In 2018, it is estimated that there will be around 2.55 billion social network users around

In 2018, it is estimated that there will be around 2.55 billion social network users around the globe, up from 1.87 billion in 2014. In 2012, 63.1 percent of internet users were also social network users and these figures are expected to

472 views • 14 slides
Securely Implementing Network Protocols: Detecting and Preventing Logical Flaws Mathy Vanhoef

Securely Implementing Network Protocols: Detecting and Preventing Logical Flaws Mathy Vanhoef

Securely Implementing Network Protocols: Detecting and Preventing Logical Flaws Mathy Vanhoef (KU Leuven) Black Hat Webcast, 24 August 2017 @vanhoefm Introduction Many protocols have been affected by logical bugs Design flaws Implementation

692 views • 31 slides
RE mote DI ctionary S erver Chris Keith James Tavares Overview History Users Logical Data

RE mote DI ctionary S erver Chris Keith James Tavares Overview History Users Logical Data

RE mote DI ctionary S erver Chris Keith James Tavares Overview History Users Logical Data Model Atomic Operators Transactions Programming Language APIs System Architecture Physical Data Structures Data Persistence Replication,

544 views • 36 slides
Network Virtualization What is Network Virtualization? Abstraction of the physical network

Network Virtualization What is Network Virtualization? Abstraction of the physical network

Network Virtualization What is Network Virtualization? Abstraction of the physical network Support for multiple logical networks running on a common shared physical substrate A container of network services Aspects of the

589 views • 21 slides
Providing access to IT-services for guests Two solutions for guest users provisioning

Providing access to IT-services for guests Two solutions for guest users provisioning

Providing access to IT-services for guests Two solutions for guest users provisioning Jasmina Hodzic, University of Oslo Background University of Oslo About 7 500 employees (staff and faculty) About 33 000 students

338 views • 20 slides
ML2VR Providing MATLAB Users an Easy Transition to Virtual Reality and Immersive Interactivity

ML2VR Providing MATLAB Users an Easy Transition to Virtual Reality and Immersive Interactivity

ML2VR Providing MATLAB Users an Easy Transition to Virtual Reality and Immersive Interactivity David J. Zielinski Ryan P. McMahan Wenjie Lu Silvia Ferrari Motivation: DiVE: Duke Immersive Virtual Environment. 6-Sided CAVE-type Virtual

351 views • 31 slides
CONDITIONAL EXECUTION: PART 2 yes no x > y? max = y; max = x; logical AND logical OR

CONDITIONAL EXECUTION: PART 2 yes no x > y? max = y; max = x; logical AND logical OR

CONDITIONAL EXECUTION: PART 2 yes no x > y? max = y; max = x; logical AND logical OR logical NOT && || ! Fundamentals of Computer Science I Outline Review: The if-else statement The switch statement A look at

536 views • 25 slides
Basic Computation logical AND logical OR logical NOT && || ! public static void

Basic Computation logical AND logical OR logical NOT && || ! public static void

Basic Computation logical AND logical OR logical NOT && || ! public static void main(String [] args) Fundamentals of Computer Science Outline Data Types Variables Primitive Data Types The String Class Type

922 views • 55 slides
Is a social network users behavior unique? 2 1 8/9/14 Has social data made

Is a social network users behavior unique? 2 1 8/9/14 Has social data made

8/9/14 Social Fingerprinting: Identifying Users of Social Networks by their Data Footprint The University of Tennessee Electrical Engineering and Computer Science Dissertation Defense Denise Koessler Gosnell Is a social network

458 views • 31 slides
Discovery Network Description and Proposed I2 Implementation 1 The Point Main users of I2

Discovery Network Description and Proposed I2 Implementation 1 The Point Main users of I2

Discovery Network Description and Proposed I2 Implementation 1 The Point Main users of I2 likely not permitted on FS network Russia project (Rackspace) Air quality forecasting (NWS / Direct Broadcast) Anything Cray Anything

189 views • 15 slides
Identifying Network Users Using Flow-Based Behavioral Fingerprinting Barsamian, Berk, Murphy

Identifying Network Users Using Flow-Based Behavioral Fingerprinting Barsamian, Berk, Murphy

Identifying Network Users Using Flow-Based Behavioral Fingerprinting Barsamian, Berk, Murphy Presented to FloCon 2013 What Is A User Fingerprint? Users settle into unique patterns of behavior according to their tasks and interests

416 views • 23 slides
A Linear Logical A Linear Logical A Linear Logical Framework Framework Framework Iliano

A Linear Logical A Linear Logical A Linear Logical Framework Framework Framework Iliano

A Linear Logical A Linear Logical A Linear Logical Framework Framework Framework Iliano Cervesato - Frank Pfenning Department of Computer Science Carnegie Mellon University 11 th IEEE Symposium on Logic in Computer Science New

587 views • 30 slides
1 Ring Topology Ring Topology In a ring network, every device has exactly two neighbours

1 Ring Topology Ring Topology In a ring network, every device has exactly two neighbours

What is a Topology? Network topologies describe the ways in which the elements of a network are mapped. They describe the physical and logical arrangement of the network nodes. The physical topology of a network refers to the

279 views • 4 slides
Our solution to the IDAO 2020 qualifiers Max Halford Raphal Sourty Robin Vaysse Webinar on

Our solution to the IDAO 2020 qualifiers Max Halford Raphal Sourty Robin Vaysse Webinar on

Our solution to the IDAO 2020 qualifiers Max Halford Raphal Sourty Robin Vaysse Webinar on Data Analysis for Satellite Tracking Our solution to the IDAO 2020 qualifiers Max Halford, Raphal Sourty, Robin Vaysse 1 / 14 Sunday 12 th April,

162 views • 14 slides
Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT

Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT

Tarzan: A Peer-to-Peer Anonymizing Network Layer Michael J. Freedman, NYU Robert Morris, MIT ACM CCS 2002 http://pdos.lcs.mit.edu/tarzan/ The Grail of Anonymization Participant can communicate anonymously with non-participant User ? ?

976 views • 42 slides
CS 7616 Pattern Recognition Introduction Aaron Bobick School of Interactive Computing

CS 7616 Pattern Recognition Introduction Aaron Bobick School of Interactive Computing

Introduction Introduction CS7616 Pattern Recognition A. Bobick CS7616 Pattern Recognition A. Bobick CS 7616 Pattern Recognition Introduction Aaron Bobick School of Interactive Computing Introduction Introduction CS7616 Pattern

401 views • 29 slides
Learning objectives Participants will be able to 1. Identify at least 5 solutions that

Learning objectives Participants will be able to 1. Identify at least 5 solutions that

2/10/2020 Creating Low cost Assistive Technology Solutions for Communication Impairments. Therese Willkomm, PhD, ATP theresew@unh.edu 603-491-6555 Learning objectives Participants will be able to 1. Identify at least 5 solutions

422 views • 19 slides
Project Things A secure gateway to connect your things to Internet February 2, 2019

Project Things A secure gateway to connect your things to Internet February 2, 2019

Project Things A secure gateway to connect your things to Internet February 2, 2019 <https://fosdem.org/2019/schedule/event/project_things> Speakers Dipesh Monga @ Mozilla Techspeakers Philippe Coval @ Samsung OpenSource 2 The hidden

558 views • 28 slides
Visually Significant Edges Tun O. Aydn, Martin adk, Karol Myszkowski MPI Informatik Edge

Visually Significant Edges Tun O. Aydn, Martin adk, Karol Myszkowski MPI Informatik Edge

Visually Significant Edges Tun O. Aydn, Martin adk, Karol Myszkowski MPI Informatik Edge Detection Zero crossings of the second derivative Marr and Hildreth [1980] Maxima of the first derivative Canny [1986] Multiscale Edge Detection

469 views • 26 slides
Introduction Traditional visual field is done at doctors office High cost Labor

Introduction Traditional visual field is done at doctors office High cost Labor

12/4/2015 Introduction Traditional visual field is done at doctors office High cost Labor intensive Time consuming Would it be possible to test visual field at home? Low or no cost Ying Han, MD, Ph.D Convenient to

470 views • 8 slides
BBM 413 Fundamentals of Image Processing Erkut Erdem Dept. of Computer Engineering Hacettepe

BBM 413 Fundamentals of Image Processing Erkut Erdem Dept. of Computer Engineering Hacettepe

BBM 413 Fundamentals of Image Processing Erkut Erdem Dept. of Computer Engineering Hacettepe University Frequency Domain Techniques Part1 Review - Point Operations Smallest possible neighborhood is of size 1x1 Process each

1.27k views • 83 slides

More recommend