segment routing in container networks
play

Segment routing in container networks Ben de Graaff Supervisor: - PowerPoint PPT Presentation

Dec 14, 2022 •118 likes •470 views

RP95 Segment routing in container networks Ben de Graaff Supervisor: Marijke Kaat (SURFnet/UvA) Best path Background A B Arbitrary paths Background 1 1 2 A 3 B 4 4 5 A > 1 > 4 > B Pure IPv6 (SRv6) Background 2000:1::

  1. RP95 Segment routing in container networks Ben de Graaff Supervisor: Marijke Kaat (SURFnet/UvA)

  2. Best path Background A B

  3. Arbitrary paths Background 1 1 2 A 3 B 4 4 5 A > 1 > 4 > B

  4. Pure IPv6 (SRv6) Background 2000:1:: 2000:2:: 2000:1::2 1 2 2000:1::A 2000:1::3 2000:B:: A 3 B 2000:A:: 2000:3:: 4 5 2000:4:: 2000:5::

  5. Container networks Background Internet

  6. Platform independent Background Internet LXC

  7. Multi-tenancy Background Internet

  8. Example: load balancer Background Internet Transit policy LB

  9. Research State of segment routing in IPv6 Proof of concept: Container networking Network functions

  10. Network programming src dst dst 4 1 1 2 1 A 4 3 B dst 4 5 src > 1 > 4 > dst

  11. Segment routing header Header Segments left Segment 0 . . . Segment N Extensions

  12. Proof of concept Validate policy Apply policy

  13. Multi-tenancy Results Internet 2000:A:: 1000:1 2000:B:: 1000:2 2000:C:: 1000:3 Segment ID 2000:B:: 1000:1 2000:B:: 1000:2 2000:B:: 1000:3 2000:C:: 1000:1 2000:C:: 1000:3

  14. Container discovery/mobility Results Routing opaque addresses 2: NF Compute final hop 1: Inject SRH Topology ::1:2:3:4 ::a:b:c:d 3: Deliver

  15. Implementation Results Hardware/software

  16. Linux kernel 4.10+ Results Basic routing/policy Limited extension support Implementation quirks…

  17. SRv6 availability Results Hardware Software Vector Packet Processing The Fast Data Project NCS 5500

  18. Technical implementation Technical stuff http://www.story-stick.net/event/here-be-dragons

  19. Virtual topology Results Container VM Container VM VPP VPP Container Network function VPP

  20. eBPF Results myprog.c + LLVM = Latest & greatest bytecode ⇓ Process directly in kernel bpf() syscall Fast, powerful ⇓ Kernel network stack

  21. eBPF Results Validate policy ✗ bpf_redirect Ingress eBPF eth0 veth Container Control app ✗ Egress eBPF tc filter bpf Apply policy

  22. Linux do-it-yourself Results Tun/tap AF_PACKET ip rule iptables fwmark PF_RING ...

  23. Linux do-it-yourself Results Validate policy Raw socket Ingress app AF_PACKET eth0 veth Container ip rule tun Egress app Apply policy

  24. Summary Results Validate policy Apply policy

  25. Ingress policy enforcement? Discussion Internet Ingress veth Container FW eth0 Egress

  26. Future work Ingress path control Linux segment routing Netlink API Develop useful extensions

  27. Conclusion Proof of concept: works SDN easy, at cost of overhead Hardware not strictly required

  28. Related work Cisco, Bell Canada, Comcast, et al, technical workshops @ www.segment-routing.net NFV with SRv6, with SRH unaware hosts (NetSoft 2017, presented today )

  29. RP95 Segment routing in container networks Segment routing is effective at Check out the report for a full list of references enabling SDN and network http://rp.delaat.net/2016-2017/p95/report.pdf functions between containers However, it is not yet widely supported in hardware, software

  30. Backup slides

  31. Security/RH0 Enforce policy at network edges SIDs must be explicitly enabled HMAC: check at ingress

  32. Simplify the network Discussion Remove protocols Remove state https://xkcd.com/927/

  33. MPLS Background 101 102 No LDP, RSVP 202 1 2 required 210 203 111 A 3 B 110 103 4 5 104 105

  34. Multi-tenancy Discussion Layer 2 and 3 cross-connects Multi-tenancy: Segment ID or extension?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

PCEP Extensions for Service Segment Support in Segment Routing

PCEP Extensions for Service Segment Support in Segment Routing

PCEP Extensions for Service Segment Support in Segment Routing draft-dw-pce-service-segment-routing-00 Qin Wu(bill.wu@huawei.com) Dhruv Dhody (dhruv.ietf@gmail.com ) PCEP Extensions for Service Segment support Objective allow a stateful

380 views • 5 slides
Routing In Ad Hoc Networks 1. Introduction to Ad-hoc networks 2. Routing in Ad-hoc networks 3.

Routing In Ad Hoc Networks 1. Introduction to Ad-hoc networks 2. Routing in Ad-hoc networks 3.

Routing In Ad Hoc Networks 1. Introduction to Ad-hoc networks 2. Routing in Ad-hoc networks 3. Proactive routing protocols DSDV 4. Reactive routing protocols DSR, AODV 5. Non-uniform routing protocols ZRP, CEDAR 6. Other

392 views • 22 slides
Optimum Implementation of TI-LFA and Segment Routing on SURFnet 8 RP #22 Peter Prjevara &

Optimum Implementation of TI-LFA and Segment Routing on SURFnet 8 RP #22 Peter Prjevara &

Optimum Implementation of TI-LFA and Segment Routing on SURFnet 8 RP #22 Peter Prjevara & Fouad Makioui Supervisors: Marijke Kaat & Wouter Huisman The Goals of Networks ARPANET - 1974 2 https://en.wikipedia.org/wiki/ARPANET What

648 views • 48 slides
Polynomial-Time What-If Analysis for Prefix-Manipulating MPLS Networks and Segment Routing!

Polynomial-Time What-If Analysis for Prefix-Manipulating MPLS Networks and Segment Routing!

Polynomial-Time What-If Analysis for Prefix-Manipulating MPLS Networks and Segment Routing! ... Stefan Schmid Jiri Srba University of Vienna, Austria Aalborg University, Denmark Polynomial-Time What-If Analysis for Prefix-Manipulating

853 views • 58 slides
Segment Routing (SR) Introduction and Tutorial Adrian Farrel (afarrel@juniper.net) Take-Aways

Segment Routing (SR) Introduction and Tutorial Adrian Farrel (afarrel@juniper.net) Take-Aways

Segment Routing (SR) Introduction and Tutorial Adrian Farrel (afarrel@juniper.net) Take-Aways Some historical context What Segment Routing is trying to achieve Basic building blocks How it works in different SR environments

605 views • 49 slides
Wireless networks Routing: DSR, AODV 1 Routing in Ad Hoc Networks Goals Adapt quickly

Wireless networks Routing: DSR, AODV 1 Routing in Ad Hoc Networks Goals Adapt quickly

Wireless networks Routing: DSR, AODV 1 Routing in Ad Hoc Networks Goals Adapt quickly to topology changes No centralization Loop free routing Load balancing among different routes in case of congestion Supporting

908 views • 89 slides
Implementing IPv6 Segment Routing David Lebrun <david.lebrun@uclouvain.be> UCLouvain

Implementing IPv6 Segment Routing David Lebrun <david.lebrun@uclouvain.be> UCLouvain

Implementing IPv6 Segment Routing David Lebrun <david.lebrun@uclouvain.be> UCLouvain Netdev 1.2, Tokyo, October 2016 1/35 Table of Contents Segment Routing Implementation Network Function Virtualization Conclusion 2/35 Table of

470 views • 35 slides
Routing in Ad-hoc networks P R E S E N T E D B Y - L E W I S T S E N G R A C H I T A G A R W A

Routing in Ad-hoc networks P R E S E N T E D B Y - L E W I S T S E N G R A C H I T A G A R W A

Routing in Ad-hoc networks P R E S E N T E D B Y - L E W I S T S E N G R A C H I T A G A R W A L Ad-hoc networks Infrastructure-less networks No fixed routers (potentially) mobile nodes Dynamically and arbitrarily located

1.15k views • 94 slides
Green Days @ Toulouse Segment Routing based Traffjc Engineering for Energy Effjcient Backbone

Green Days @ Toulouse Segment Routing based Traffjc Engineering for Energy Effjcient Backbone

Green Days @ Toulouse Segment Routing based Traffjc Engineering for Energy Effjcient Backbone Networks Radu Crpa, Olivier Glck, Laurent Lefvre radu.carpa@ens-lyon.fr 16 / 03 / 2015 INRIA AVALON / LIP Ecole Normale CHIST -ERA STAR

584 views • 25 slides
Location- -based Routing in based Routing in Location Sensor Networks II Sensor Networks II

Location- -based Routing in based Routing in Location Sensor Networks II Sensor Networks II

Location- -based Routing in based Routing in Location Sensor Networks II Sensor Networks II Jie Gao Computer Science Department Stony Brook University Papers Papers Geographic routing in practice: Kim, Y.-J., Govindan, R., Karp, B.,

1.26k views • 59 slides
Routing in Multi- -Layer Layer Routing in Multi Transport Networks Transport Networks

Routing in Multi- -Layer Layer Routing in Multi Transport Networks Transport Networks

I nternational Telecom m unication Union ITU-T Routing in Multi- -Layer Layer Routing in Multi Transport Networks Transport Networks Jonathan S adler Office of the CTO Technology S trategy, Tellabs Chair, OIF Architecture & S

483 views • 29 slides
Location- -based Routing in based Routing in Location Sensor Networks Sensor Networks Jie Gao

Location- -based Routing in based Routing in Location Sensor Networks Sensor Networks Jie Gao

Location- -based Routing in based Routing in Location Sensor Networks Sensor Networks Jie Gao Computer Science Department Stony Brook University 9/22/05 Jie Gao, CSE590-fall05 1 Location- -based routing based routing Location

1.07k views • 62 slides
Lecture 13: Routing in multihop Lecture 13: Routing in multihop wireless networks wireless

Lecture 13: Routing in multihop Lecture 13: Routing in multihop wireless networks wireless

Lecture 13: Routing in multihop Lecture 13: Routing in multihop wireless networks wireless networks Mythili Vutukuru CS 653 Spring 2014 March 3, Monday Routing in multihop networks Figure out a path from source to destination. Figure

271 views • 12 slides
Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie Gao Jie Gao Computer Science Department Stony Brook University Papers Papers [Karp00] Karp, B. and Kung, H.T., Greedy Perimeter Stateless

605 views • 49 slides
Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie

Location Location-based Routing in based Routing in Sensor Networks I Sensor Networks I Jie Gao Jie Gao Computer Science Department Stony Brook University 1 Papers Papers [Karp00] Karp, B. and Kung, H.T., Greedy Perimeter Stateless

493 views • 10 slides
Geometric Routing in Sensor Networks III: Geometric Routing in Sensor Networks III: Explore the

Geometric Routing in Sensor Networks III: Geometric Routing in Sensor Networks III: Explore the

Geometric Routing in Sensor Networks III: Geometric Routing in Sensor Networks III: Explore the Global Topology Explore the Global Topology Jie Gao Computer Science Department Stony Brook University 10/5/06 Jie Gao, CSE590-fall06 1 Routing

630 views • 51 slides
Security and OWASP Top 10 with Service Oriented Architectures Adnan Masood Sr. System Architect

Security and OWASP Top 10 with Service Oriented Architectures Adnan Masood Sr. System Architect

Practical Web Application Security and OWASP Top 10 with Service Oriented Architectures Adnan Masood Sr. System Architect Green Dot Corporation What this talk is about? 2 This session is an introduction to web application security

839 views • 60 slides
Chester BO 1442(39) Alternatives Presentation Meeting Town Highway 18 (Thompson Road) Bridge

Chester BO 1442(39) Alternatives Presentation Meeting Town Highway 18 (Thompson Road) Bridge

Chester BO 1442(39) Alternatives Presentation Meeting Town Highway 18 (Thompson Road) Bridge #62 over Williams River August 29, 2019 Introductions Laura Stone, P.E. VTrans Scoping Engineer Jon Griffin, P.E. VTrans Project Manager

621 views • 58 slides
2010 Santa Barbara County Storm Water Public Opinion Survey Commissioned by Project Clean Water,

2010 Santa Barbara County Storm Water Public Opinion Survey Commissioned by Project Clean Water,

2010 Santa Barbara County Storm Water Public Opinion Survey Commissioned by Project Clean Water, Santa Barbara County 320-449 Funded by Coastal Assistance Impact Program, Bureau of Ocean Energy, Management, Regulation, and Enforcement, U.S.

363 views • 32 slides
Follow-up Analysis of Letters of Intent (LOIs) on Rare Diseases: Spring 2015 Cycle Lauren Fayish,

Follow-up Analysis of Letters of Intent (LOIs) on Rare Diseases: Spring 2015 Cycle Lauren Fayish,

Follow-up Analysis of Letters of Intent (LOIs) on Rare Diseases: Spring 2015 Cycle Lauren Fayish, MPH Program Associate, Evaluation & Analysis Laura Forsythe, PhD, MPH Associate Director, Evaluation & Analysis Vadim Y. Gershteyn, MPH

333 views • 15 slides
I L ROUT E 60/ 83 Co mmunity Adviso ry Gro up Me e ting No . 2 July 28, 2009 Outline Ag e

I L ROUT E 60/ 83 Co mmunity Adviso ry Gro up Me e ting No . 2 July 28, 2009 Outline Ag e

I L ROUT E 60/ 83 Co mmunity Adviso ry Gro up Me e ting No . 2 July 28, 2009 Outline Ag e nda Introduction to Participants Recap of Community Advisory Group Meeting No. 1 July 13, 2009 Drainage Traffic Safety

490 views • 26 slides
EMA Workshop on measuring the impact of pharmacovigilance activities December 5-6, 2016 Session

EMA Workshop on measuring the impact of pharmacovigilance activities December 5-6, 2016 Session

EMA Workshop on measuring the impact of pharmacovigilance activities December 5-6, 2016 Session 2 Health Canadas Approach to Measuring Impact of Pharmacovigilance and Regulatory Decisions Dr. John Patrick Stewart, MD, CCFP(EM) Marketed

175 views • 15 slides
The Next Station: University To fulfill the desire of Self- Actualization

The Next Station: University To fulfill the desire of Self- Actualization

The Next Station: University To fulfill the desire of Self- Actualization and to become everything that one is capable of becoming, extract from CTI Group Core Value The Next Station: University The Next

672 views • 32 slides
adult social care staff (ASCOT-Staff): Phase One Sep 2019- March 2021 RDS-SE Event 16 September

adult social care staff (ASCOT-Staff): Phase One Sep 2019- March 2021 RDS-SE Event 16 September

Developing a scale of work-related quality of life for adult social care staff (ASCOT-Staff): Phase One Sep 2019- March 2021 RDS-SE Event 16 September 2020 Professor Shereen Hussein Professor of Care and Health Policy Evaluation Associate

400 views • 24 slides

More recommend