1 / 17

Next Generation Internet Architectures: Emerging Trends, Challenges and Solutions

Next Generation Internet Architectures: Emerging Trends, Challenges and Solutions. Dr. Riad Hartani Chief Architect, Caspian Bangkok, May 4 th 2006. Agenda. IPv6: Where are we today…Briefly ! Emerging Networks Trends and Implications Evolution of IPv6 Router Architectures

olina
Download Presentation

Next Generation Internet Architectures: Emerging Trends, Challenges and Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Next Generation Internet Architectures: Emerging Trends, Challenges and Solutions Dr. Riad Hartani Chief Architect, Caspian Bangkok, May 4th 2006

  2. Agenda • IPv6: Where are we today…Briefly ! • Emerging Networks Trends and Implications • Evolution of IPv6 Router Architectures • Benefits and Applications • Q&A

  3. IPv6 Networks: State of the Art • Motivations for IPv6 well understood • Addressing space, routing hierarchy, dynamic configuration, security, mobility • Popularity of P2P and Multimedia services • Protocol specifications largely finalized • IETF specifications for IPv6 migration ready • Interoperability demonstrated, major router/application vendors support • Ongoing network/services deployments • Aggressive deployment in the Far East, Semi-aggressive deployments in Europe, Slow deployments in America, mainly government/federal driven • Consumer electronics, computing industries (grid/collaborative networking) and retail industries driving applications developments

  4. Network Trends and Challenges • FACTS: • Services and network convergence accelerating – Internet Protocol based • Towards an always on ubiquitous broadband connectivity (DSL, FTTH, Wifi, Wimax, etc.) • TRENDS: • From centralized to distributed information models (P2P content distribution, grid computing, etc.) • Emergence of overlay service providers (e.g. Skype, etc.) – Disruptive competitive landscape • Shift from geography specific competition to global competition (e.g. Google, Yahoo, Microsoft, etc.)

  5. Networks Trends and Challenges • CHALLENGES: • Challenge 1: How to improve Internet (node and network levels) traffic control & oversubscription dimensioning ? • Challenge 2: How to delivery QoS with low OPEX, in fixed/mobile environments ? • Challenge 3: How to secure / protect the infrastructure ? • CONSTRAINTS: • Constraint 1: No change to IP / MPLS protocols • Constraint 2: No change to principles that made the Internet successful

  6. IPv6 Routers Architecture Evolution • Architectural Principles • - Evolution towards traffic aware QoS, traffic control and routing • - Evolution towards behavioral models, optimal for Privacy, Application Agnostic, Neutrality, Encryption, Privacy, etc. • - Leverage TCP/UDP/IP inherent characteristics DPI Appliances - Traffic Analysis - Stateful processing IP/MPLS -Deterministic QoS -Deterministic routing

  7. Conventional vs. Stateful IPv6 Routing Architectures RAM RAM • Conventional Forwarding/Routing • Forwarding each packet • Switch to output • Class-based QoS Route Each Packet Switch Fabric Queue (Class) & Forward RAM RAM • Flow-based Forwarding/Routing • Hash for flow identification • 2M flows/s and 6M flows per 10 Gig • Flexible definition of flows: IP flows, Pseudo-WireoMPLS flows, IPoMPLS flows • Create “soft” state or look up • Route, switch, filters, stats • Per-flow QoS behavior • Leverage flow state for advanced QoS • Shape, police, CAC, congestion control RAM RAM Hash, Lookup State, Route, Store, WFQ/Flow, Switch Switching Network Lookup State, Store, and WFQ/Flow RAM RAM

  8. Per Flow Actions / Controls Generic actions based on traffic control principles Specific actions based on specific network services Flow Aware Traffic Management Principles • Identification Methods • Function of network service • Function of traffic control business case Dynamic Flow/Aggregate Identification Per-Flow Traffic Control

  9. Flow Aware Architecture Benefits • Customized congestion/resources control schemes for Video/Voice/P2P/Wireless traffic • Advanced application level QoS (Shaping/Policing/CAC) guarantees • Preventive DDOS security models • Others: Traffic aware routing, Dynamic services diagnostic, Lawful intercept, etc. State  Intelligence  Improved nodal behavior  Enhanced network services at lower cost

  10. Example: IPv6 Dynamic Flow Identification & Customized Congestion Management • Non-interactive Traffic • Large FTP Transfers • Some P2P (large transfers) • Interactive Traffic • Browsing • Streaming • Voice/Video over IP • Some P2P (skype, small transfers, etc) • Small web downloads • Unknown Traffic • Browsing • Streaming • Voice/Video over IP • Some P2P (skype, small transfers, etc) • Small web downloads • Large FTP Transfers • Some P2P (large transfers) • Flow routers leverage state information to characterize traffic flows • Can enforce specified congestion control policies • (responsive vs. unresponsive, high rate vs. low rate, short lived vs. long lived, P2P vs. web, “legal” vs. “illegal” content )

  11. Example: IPv6 Flow-aware Connection Admission Control • All flows allowed into a class • wRED on class congestion • Many flows affected - poor service lack of determinism Port Without CAC Port • New flows CACed • Preserves integrity of existing flows, no performance degradation • Enables ON/OFF service model With CAC New UDP/TCP flows rejected

  12. Example: IPv6 Flow-based Shaping/Policing • Shaping aims at changing characteristics of input stream to produce an output stream with required characteristics • Benefits for the end users, and • For the downstream network • Policing aims at enforcing traffic contracts • Flow routing allows shaping and policing of desired flows Port Flows are shaped/policed based on requirements

  13. Example: IPv6 Flow Graduation Application Non Interactive Traffic Class Flows dynamically thresholds are graduated to a different class, policy routed or mirrored Unknown Flows Unknown Traffic Class (Default) Dynamic Traffic Aware Management, Routing Corporate Flows Virtual Leased Line Class VoIP and VIDoIP Flows Video & Voice over IP Class BGP, IS-IS, OSPF Flows Control Traffic Class

  14. Example: IPv6 Covert Intercept • VoIP hides in Internet • Which links to monitor? • HTTP & random ports used 1% VoIP 4% Video 11% HTTP 17% TCP Explicit Identification and analysis of Traffic Dynamic Re-routing of traffic 67% P2P

  15. Other Carrier Network Other Carrier Network Example: Flow-based DDOS Prevention in IPv6 • Put in specific focal points for DOS attacks • Detect anomalies in traffic flows, online • Raise alarms to operator for immediate investigation • Fast, inexpensive way to detect attack before customer is impacted ISP Dynamic Security Models

  16. Conclusions • Gradual migration from IPv4 to IPv6 with long term co-existence of IPv4 and IPv6 • Deployment of IPv6 networks required to satisfy evolving network/service architecture models • Stateful IPv6 routers nodal behavior, fully interoperable with existing technologies – a new resources management model, QoS and security architectures • Enhances value proposition & ROI of migration to IPv6

  17. Thank you !Riad Hartani, Caspianrhartani@caspian.com

More Related