hello th there
play

HELLO TH THERE ipsum dolor sit amet lorem ipsum lorem ipsum dolor - PowerPoint PPT Presentation

Rese Re search Project 2 Sup Supervision System and Network Engineering Aren Vijn & Joris Claassen Lorem ipsum dolor sit amet, consectetur lorem ipsum dolor Lorem ipsum dolor sit amet conse lorem HELLO TH THERE ipsum dolor sit amet


  1. Rese Re search Project 2 Sup Supervision System and Network Engineering Arïen Vijn & Joris Claassen Lorem ipsum dolor sit amet, consectetur lorem ipsum dolor Lorem ipsum dolor sit amet conse lorem HELLO TH THERE ipsum dolor sit amet lorem ipsum lorem ipsum dolor sit amet lorem ipsum dolor sit amet lorem ipsum dolor sit amet Lorem ipsum dolor sit amet, consectetur lorem ipsum dolor Lorem ipsum dolor sit amet conse lorem ipsum dolor sit amet lorem ipsum lorem ipsum dolor sit amet lorem ipsum Software Defined Internet Exchanges A feasibility evaluation at the AMS-IX Siem Hermans, Jeroen Schutrup

  2. Research Question 2 What is the feasibility of transitioning the AMS-IX to an Industrial Scale Software Defined Internet Exchange Point?

  3. The Amsterdam Internet Exchange* 3 *Not only situated in Amsterdam • Providing peering services • Saves costs • Resilience • Common shared Layer 2 Ethernet platform • Built on top of MPLS/VPLS Amsterdam San Fran. New York Hong Kong Carribean Chicago Kenya

  4. Technical concepts 4 SDX basics BGP Tra raff ffic c deli livery ry • Routing on prefix • No end-to-end policies • Indirect policies • SDX leverages SDX s Ope penFlow • Fabric is perceived as a • single entity Use Cas Use Cases • Application specific peering • (D)DoS mitigation • Et cetera. • Primarily helpful for inbound • traffic engineering

  5. Sounds familiar... 5

  6. Sounds familiar... 6 RFC 5575 - Dissemination of Flow Specification Rules

  7. Sounds familiar... 7 RFC 5575 - Dissemination of Flow Specification Rules ……so why not FlowSpec? • Not transparent to the participant • Adoption is limited due to ossification of the Internet • Scalability issues at large scale • TCAM allocation for ACL / PBR rules is limited

  8. Related Work 8 Sources • Feamster et al. SDX: A Software Defined Internet Exchange". In: Open Networking Summit (2013) • Gup Gupta et et al. al. An An Ind ndustrial-Scale Soft Software Def Defined Internet Exc Exchange Po Point". In: 13 13th USENIX Sym Symposi sium on n Net etworked Sys Systems s Des Design an and d Implementation (NSDI 16 16), 20 2016, 16, pp pp. . 1-14 14.

  9. Growth pattern 9 • Original paper tests up to 500 participants • Growing closer towards 800 unique participants • Scalability is an important factor for feasibility • AMS-IX is continuously growing

  10. Technical concepts 10 iSDX controller • Traditional route server • Every participant calculates its own forwarding entries • Configuration conflicts are resolved by Refmon

  11. Methodology 11 Controller enhancements • Enh Enhancements ts - Bypass the route server - Fixing program breaking bugs - Addition of Redis • Da Data ta set set: : AMS-IX RIB dump • IPv4 ~150k unique prefixes • IPv6 ~17k unique prefixes

  12. Methodology 12 Controller enhancements • Enh Enhancements ts - Bypass the route server - Fixing program breaking bugs (3) (3) - Addition of Redis (4) (4) • Da Data ta set set: : AMS-IX RIB dump • IPv4 ~150k unique prefixes • IPv6 ~17k unique prefixes • Lim Limita tati tions • iSDX requires multiple tables • Switch platform (MLXe) • OpenFlow (OF) 1.0 switch • NetIron 5.9, OF 1.3 compliant • No support for Virtual Chassis • Futu uture: : Brocade SLX • Fallb llback: Open vSwitch

  13. Methodology 13 Test scenarios Sc Scen enario io #1 #1 - Validation • Up to four outbound policies for 10% of the total participants. Up to 800 peers. Scen Scenario io #2 #2 - Policy expansion • Up to sixteen outbound policies for 10, 30 or 50% of the total participants. Up to 800 peers. Scen Scenario io #3 #3 - Granular policies • Up to four prefix based outbound policies for 10% of the total prefixes. Up to 800 peers.

  14. Results 14 Scenario #1 – Validation • Repro roducti tion of of re resu sults ts • Matches original iSDX scalability findings • Linear growth pattern perceived as participants increase Maximum supported flows heavily • dependent on switch platform • Brocade MLXe supports 128,000 flows per chassis • New Brocade SLX platform • More capable Merchant Silicon (Broadcom Tomahawk, Jericho)

  15. Results 15 Scenario #2 – Policy Validation Grow rowth th patt pattern • • Similar growth pattern Scalability is heavily tied to constraints set by perceived as in Scenario #1 the IXP (Tolerated amount of policies, port Amount of flows exceeds • ranges, et cetera.) current hardware platform

  16. Results 16 Scenario #3 – Granular policies Impact • Defining policies on destination prefix heavily impacts scalability • Aggregation is possible but not performed by iSDX • Total amount of policies for AMS-IX scale exceeds 140 million flow entries • Exceeds capabilities of an any current hardware platform

  17. Technical concepts 17 iSDX Fabric X

  18. Results 18 MAC compression iSDX on on the he fab abric ic Abstracts ASes from ports • Embeds Next-Hop ASes in MAC address • Overriding BGP behavior • • Scales up to 28 ASes in one iSDX design choice • MAC

  19. Infrastructural impact 19 • iSDX was as des esig igned for or vi virtu rtual l chas hassis is infr nfrastru tructu ture res (Brocade VCS, Cisco VSS/VPC, Juniper VC) • AM AMS-IX IX ha has s MPL PLS/VPLS mult lti-hop infr nfrastr truct cture • Implementation is still feasible • OpenFlow pipeline on the edges • Normal MPLS traffic forwarding • MAC learning via VPLS infrastructure

  20. Conclusion 20 • Sca Scala labil ility • Compression of flows has limitations • Defining fine-grained policies is still limited by hardware at this kind of scale • iSDX as a concept is feasible • Scalability is feasible if the AMS-IX heavily constrains boundaries • Affects neutrality of the IXP • Dep Deplo loyment t impact • Allows for gradual transition to iSDX design • iSDX can be deployed alongside current MPLS/VPLS infrastructure

  21. Future work 21 Mov ovin ing forw orward rd • Rewrite controller software • Improve robustness • Include support for IPv6 • Include multi-threading in the Fabric Manager (Refmon) • More efficient policy distribution over PE switches Allow for extended scalability in multi-hop configurations • • Include MPLS state in iSDX controller Omit the need for a second lookup • • Include support for defining policies per port • Work in process: ENDEAVOUR project at the University of Louvain (prof. M. Canini)

  22. Re Rese search Project 2 System and Network Engineering Thank you Thank you siem.hermans@os3.nl github.com/jeroen92/sdx-ixp jeroen.schutrup@os3.nl

  23. Re Rese search Project 2 System and Network Engineering Questions ? siem.hermans@os3.nl github.com/jeroen92/sdx-ixp jeroen.schutrup@os3.nl

Recommend


More recommend