1 / 10

ESnet On-demand Secure Circuits and Advance Reservation System (OSCARS)

ESnet On-demand Secure Circuits and Advance Reservation System (OSCARS). Chin Guok Network Engineering Group. Energy Sciences Network Lawrence Berkeley National Laboratory. Thomas Ndousse Visit February 6 2008. Networking for the Future of Science. Outline. OSCARS Status

jadyn
Download Presentation

ESnet On-demand Secure Circuits and Advance Reservation System (OSCARS)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. ESnet On-demand Secure Circuits and Advance Reservation System (OSCARS) Chin Guok Network Engineering Group Energy Sciences Network Lawrence Berkeley National Laboratory Thomas Ndousse Visit February 6 2008 Networking for the Future of Science

  2. Outline • OSCARS Status • OSCARS Related Research Areas • Extending OSCARS to Layer 1 • Topology Exchange and Updates • Path Computation and Scheduling • Authentication and Authorization • Ease of Use for End-User • Monitoring and Troubleshooting

  3. OSCARS Status Update • ESnet Centric Deployment • Prototype layer 3 (IP) guaranteed bandwidth virtual circuit service deployed in ESnet (1Q05) • Prototype layer 2 (Ethernet VLAN) virtual circuit service deployed in ESnet (3Q07) • Inter-Domain Collaborative Efforts • Terapaths • Inter-domain interoperability for layer 3 virtual circuits demonstrated (3Q06) • Inter-domain interoperability for layer 2 virtual circuits demonstrated at SC07 (4Q07) • LambdaStation • Inter-domain interoperability for layer 2 virtual circuits demonstrated at SC07 (4Q07) • HOPI/DRAGON • Inter-domain exchange of control messages demonstrated (1Q07) • Integration of OSCARS and DRAGON has been successful (1Q07) • DICE • First draft of topology exchange schema has been formalized (in collaboration with NMWG) (2Q07), interoperability test demonstrated 3Q07 • Initial implementation of reservation and signaling messages demonstrated at SC07 (4Q07) • UVA • Integration of Token based authorization in OSCARS under testing • Nortel • Topology exchange demonstrated successfully 3Q07 • Inter-domain interoperability for layer 2 virtual circuits demonstrated at SC07 (4Q07)

  4. OSCARS Related Research Areas • Extending OSCARS to Layer 1 • Topology Exchange and Updates • Path Computation and Scheduling • Authentication and Authorization • Ease of Use for End Users • Monitoring and Troubleshooting

  5. Extending OSCARS to Layer 1 • Current Implementation / Issues • OSCARS supports both Layer 2 and Layer 3 virtual circuits from the user’s point of view • Internally within ESnet both circuits “types” are carried as MPLS LSPs • Research Directions • Implementing a Layer 1 testbed to extend OSCARS into the optical layer • Develop mechanisms to seamless integrate MPLS (Layer 2.5) with GMPLS (Layer 1) • Collaborators: Internet2 DCN, DRAGON, Hybrid Multi-Layer Network Control (Hybrid-MLN) project

  6. Topology Exchange and Updates • Current Implementation / Issues • Topology information stored and exchanged is based on static configuration, time dimension is not integrated • Exchange protocol between Inter-Domain Controllers (IDCs) is reasonably heavy weight, and not designed for dynamic topology updates • Each IDC has global topology (n2 topology exchange) • Research Directions • Design network topology “listener” (e.g. OSPF-TE neighbor instance) to track real-time topology changes, and integrate Network Management System (NMS) and outage calendar into topology updates • Design topology exchange protocol for more dynamic updates and global scalability between IDCs • Collaborators: DICE Control Plane Group, NMWG, GLIF, Hybrid-MLN project

  7. Path Computation and Scheduling • Current Implementation / Issues • Reserving bandwidth in the future is difficult, especially when topology is non-static (i.e. line upgrades, unscheduled outages), optimizing bandwidth scheduling is extremely difficult (i.e. original computed path may be invalid and require recalculation) when time dimension is added • Current implementation requires initiating IDC to compute end-to-end path based on static global topology, this may result in multiple tries before entire end-to-end has availability • Research Directions • Research in “Augmented” path computation (i.e. static topology augmented with time dependencies, AUPs, domain specific contraints) • Research sequential partial path computation (e.g. per domain vis-à-vis IP BGP routing) • Determine best fit options to reduce multiple resource scheduling tries • Collaborators: Dice Control Plane Group, GLIF, Hybrid-MLN project

  8. Authentication and Authorization • Current Implementation / Issues • Current implementation uses X.509 certificates for authentication across IDCs (requiring acceptance of trusted chain), authentication mechanisms are distinct to each IDC • Using signed SOAP messages over SSL for messaging is costly (especially in the signaling phase) • Research Directions • Research alternative authentication and authentication methods (e.g. Shibboleth, VOMS) • Consider using tokens for signaling phase, and pushing token validation out to network edge devices • Collaborators: DICE Control Plane Group, GN2 JRA5, Universiteit van Amsterdam

  9. Ease of Use for End-User • Current Implementation / Issues • Current use requires end user to determine reservation parameters (i.e. source, destination, bandwidth, duration of use, etc) • Use of ESnet SDN is based on user’s perception of what would be appropriate to provision a virtual circuit for • Research Directions • Investigate how to make use of this service in a manner that is transparent to the user, either by • Putting the intelligence in the user’s application (e.g. middleware), or • Designing the intelligence in the network (e.g. proxy) • Collaborators: Internet2, DRAGON, Phoebus

  10. Monitoring and Troubleshooting • Current Implementation / Issues • This is the single largest deficit in deploying OSCARS as a production service in ESnet • Research Directions • Closer coupling between ESnet NMS and OSCARS • Develop tools to monitor condition of local circuits • Leverage perfSONAR to monitor end-to-end and local circuit status, utilization, etc • Collaborators: DICE Control Plane Group, perfSONAR

More Related