pristine rina-sdk-icc-2016
Post on 20-Jan-2017
447 Views
Preview:
TRANSCRIPT
An SDK to exploit RINA programmability
A Software Development Kit to exploit RINA
programmability
Eduard Grasa (presenter), Vincenzo Maffione, Francesco Salvestrini, Leonardo Bergesio, Miquel Tarzan
FP7 PRISTINEICC 2016, Kuala Lumpur, May 24th 2016
2
WHAT IS RINA?1
3
RINA highlights• Network architecture resulting from a fundamental theory of
computer networking
• Networking is InterProcess Communication (IPC) and only IPC. Unifies networking and distributed computing: the network is a distributed application that provides IPC
• There is a single type of layer with programmable functions, that repeats as many times as needed by the network designers
• All layers provide the same service: communication (flows) between two or more application instances, with certain characteristics (delay, loss, in-order-delivery, etc)
• There are only 3 types of systems: hosts, interior and border routers. No middleboxes (firewalls, NATs, etc) are needed
• Deploy it over, under and next to current networking technologies
1
2
3
4
5
6
4
From the “TCP/IP” protocol suite …
• Functional layers organized for modularity, each layer provides a different service to each other– As the RM is applied to the real world, it proofs to be
incomplete. As a consequence, new layers are patched into the reference model as needed (layers 2.5, VLANs, VPNs, virtual network overlays, tunnels, MAC-in-MAC, etc.)
(Theory) (Practice)
5
… to the RINA architectureSingle type of layer, consistent API, programmable policies
Host
Border router Interior Router
DIF
DIF DIF
Border router
DIFDIF
DIF (Distributed IPC Facility)
Host
App A
App B
Consistent API through
layers
IPC API
Data Transfer Data Transfer Control Layer Management
SDU Delimiting
Data Transfer
Relaying and Multiplexing
SDU Protection
Retransmission Control
Flow Control
RIB Daemon
RIB
CDAP Parser/Generator
CACEP
Enrollment
Flow Allocation
Resource Allocation
Routing
Authentication
State VectorState VectorState Vector
Data Transfer Data Transfer
Retransmission Control
Retransmission Control
Flow ControlFlow Control
Increasing timescale (functions performed less often) and complexity
Namespace Management
Security Management
Large-scale RINA Experimentation on FIRE+ 6
DeploymentClean-slate concepts but incremental deployment
• IPv6 brings very small improvements to IPv4, but requires a clean slate deployment (not compatible to IPv4)
• RINA can be deployed incrementally where it has the right incentives, and interoperate with current technologies (IP, Ethernet, MPLS, etc.)– Over IP (just like any overlay such as VXLAN, NVGRE, GTP-U, etc.)– Below IP (just like any underlay such as MPLS or MAC-in-MAC)– Next to IP (gateways/protocol translation such as IPv6)
IP Network
RINA Provider
RINA Network
Sockets ApplicationsRINA supported Applications
IP or Ethernet or MPLS, etc
7
RECURSION, VIRTUALIZATION AND PROGRAMMABILITY2
8
Recursion instead of virtualization (I)• RINA recursive layering structure cleans up and
generalizes the current protocol stack.• Example 1: PBB-VPLS (Virtual Private LAN Service)
– Uses MAC-in-MAC encapsulation to isolate provider’s core from customers addresses and VLANs
9
Recursion instead of virtualization (I)• RINA recursive layering structure cleans up and
generalizes the current protocol stack.• Example 1: PBB-VPLS (Virtual Private LAN Service)
– Uses MAC-in-MAC encapsulation to isolate provider’s core from customers addresses and VLANs
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
10
Recursion instead of virtualization (I)• RINA recursive layering structure cleans up and
generalizes the current protocol stack.• Example 1: PBB-VPLS (Virtual Private LAN Service)
– Uses MAC-in-MAC encapsulation to isolate provider’s core from customers addresses and VLANs
Metro DIF Metro DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
11
Recursion instead of virtualization (I)• RINA recursive layering structure cleans up and
generalizes the current protocol stack.• Example 1: PBB-VPLS (Virtual Private LAN Service)
– Uses MAC-in-MAC encapsulation to isolate provider’s core from customers addresses and VLANs
Metro DIF Metro DIFCore DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
12
Recursion instead of virtualization (I)• RINA recursive layering structure cleans up and
generalizes the current protocol stack.• Example 1: PBB-VPLS (Virtual Private LAN Service)
– Uses MAC-in-MAC encapsulation to isolate provider’s core from customers addresses and VLANs
Provider VPN Service DIF
Metro DIF Metro DIFCore DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
13
Recursion instead of virtualization (I)• RINA recursive layering structure cleans up and
generalizes the current protocol stack.• Example 1: PBB-VPLS (Virtual Private LAN Service)
– Uses MAC-in-MAC encapsulation to isolate provider’s core from customers addresses and VLANs
Green Customer VPN DIF
Provider VPN Service DIF
Metro DIF Metro DIFCore DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIFPtP DIFPtP DIFPtP DIF PtP DIF PtP DIF PtP DIF
14
Recursion instead of virtualization (II)• Example 2: LTE (Long Term Evolution)
– Uses PDCP, GTP to transport user’s IP payload, and also relies on internal IP network.
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
15
Recursion instead of virtualization (II)• Example 2: LTE (Long Term Evolution)
– Uses PDCP, GTP to transport user’s IP payload, and also relies on internal IP network.
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
16
Recursion instead of virtualization (II)• Example 2: LTE (Long Term Evolution)
– Uses PDCP, GTP to transport user’s IP payload, and also relies on internal IP network.
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
Mobile Operator Transport DIF
Mobile Operator Transport DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
17
Recursion instead of virtualization (II)• Example 2: LTE (Long Term Evolution)
– Uses PDCP, GTP to transport user’s IP payload, and also relies on internal IP network.
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
Multi-access radio DIF
Mobile Operator Transport DIF
Mobile Operator Transport DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
18
Recursion instead of virtualization (II)• Example 2: LTE (Long Term Evolution)
– Uses PDCP, GTP to transport user’s IP payload, and also relies on internal IP network.
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
Mobile Access Network Top Level DIF
Multi-access radio DIF
Mobile Operator Transport DIF
Mobile Operator Transport DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
19
Recursion instead of virtualization (II)• Example 2: LTE (Long Term Evolution)
– Uses PDCP, GTP to transport user’s IP payload, and also relies on internal IP network.
IP (e.g. Internet)
TCP or UDP
PDCP GTP-U
Protocol conversion
GTP-U
RLC
MAC
L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1
UDP
IP (LTE transport)
MAC MAC. . .
L1 . . . L1UE
eNodeB S-GW P-GW
EPS bearerEPS bearer
LTE-Uu
S1-U S5/S8
MAC
L1
SGi
Public Internet DIF
Mobile Access Network Top Level DIF
Multi-access radio DIF
Mobile Operator Transport DIF
Mobile Operator Transport DIF
PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF
20
Recursion instead of virtualization (III)• Example 3: Data Center Network with NVO3
– Network Virtualization Over Layer 3, uses overlay virtual networks on top of the DCN’s fabric layer 3 to support multi-tenancy
• Recursion provides a cleaner, simpler solution than virtualization– Repeat the same building block, with the same interface.
ToR ToRFabric Spine Fabric
Server ServerIPv4 or IPv6 (Fabric layer)
UDPVM VM
Ethernet Ethernet Ethernet Ethernet
VXLAN802.1Q802.3 802.1Q
IPv4 or IPv6 (tenant overlay)
TCP or UDP or SCTP, … (transport layer)
802.3
Protocol conversion, Local bridging
21
Recursion instead of virtualization (III)• Example 3: Data Center Network with NVO3
– Network Virtualization Over Layer 3, uses overlay virtual networks on top of the DCN’s fabric layer 3 to support multi-tenancy
• Recursion provides a cleaner, simpler solution than virtualization– Repeat the same building block, with the same interface.
ToR ToRFabric Spine Fabric
Server ServerIPv4 or IPv6 (Fabric layer)
UDPVM VM
Ethernet Ethernet Ethernet Ethernet
VXLAN802.1Q802.3 802.1Q
IPv4 or IPv6 (tenant overlay)
TCP or UDP or SCTP, … (transport layer)
802.3
Protocol conversion, Local bridging PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF PtP DIFPtP DIFPtP DIF
22
Recursion instead of virtualization (III)• Example 3: Data Center Network with NVO3
– Network Virtualization Over Layer 3, uses overlay virtual networks on top of the DCN’s fabric layer 3 to support multi-tenancy
• Recursion provides a cleaner, simpler solution than virtualization– Repeat the same building block, with the same interface.
ToR ToRFabric Spine Fabric
Server ServerIPv4 or IPv6 (Fabric layer)
UDPVM VM
Ethernet Ethernet Ethernet Ethernet
VXLAN802.1Q802.3 802.1Q
IPv4 or IPv6 (tenant overlay)
TCP or UDP or SCTP, … (transport layer)
802.3
Protocol conversion, Local bridging PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF PtP DIFPtP DIFPtP DIF
DC Fabric DIF
23
Recursion instead of virtualization (III)• Example 3: Data Center Network with NVO3
– Network Virtualization Over Layer 3, uses overlay virtual networks on top of the DCN’s fabric layer 3 to support multi-tenancy
• Recursion provides a cleaner, simpler solution than virtualization– Repeat the same building block, with the same interface.
ToR ToRFabric Spine Fabric
Server ServerIPv4 or IPv6 (Fabric layer)
UDPVM VM
Ethernet Ethernet Ethernet Ethernet
VXLAN802.1Q802.3 802.1Q
IPv4 or IPv6 (tenant overlay)
TCP or UDP or SCTP, … (transport layer)
802.3
Protocol conversion, Local bridging PtP DIF PtP DIF PtP DIF PtP DIF
PtP DIF PtP DIFPtP DIFPtP DIF
DC Fabric DIF
Tenant DIF
24
Network Programmability• Centralized control of
data forwarding– GSMPv3 (label switches:
ATM, MPLS, optical), OpenFlow (Ethernet, IP, evolving)
• APIs for controlling network services & network devices– ONF SDN architecture,
IEEE P1520 (P1520 distinguished between virtual devices and hardware)
ONF‘s SDN architecture
25
Separation of mechanism from policyIPC API
Data Transfer Data Transfer Control Layer Management
SDU Delimiting
Data Transfer
Relaying and Multiplexing
SDU Protection
Retransmission Control
Flow Control
RIB Daemon
RIB
CDAP Parser/Generator
CACEP
Enrollment
Flow Allocation
Resource Allocation
Routing
Authentication
State VectorState VectorState Vector
Data Transfer Data Transfer
Retransmission Control
Retransmission Control
Flow ControlFlow Control
Namespace Management
Security Management
• All layers have the same mechanisms and 2 protocols (EFCP for data transfer, CDAP for layer management), programmable via policies.– All data transfer and layer management functions are programmable!
• Don’t specify/implement protocols, only policies– Re-use common layer structure, re-use policies across layers
• This approach greatly simplifies the network structure, minimizing the management overhead and the cost of supporting new requirements, new physical media or new applications
26
DESIGN AND IMPLEMENTATION OF AN SDK FOR IRATI3
27
IRATI design: decisions and tradeoffs
Decision Pros Cons
Linux/OS vs other Operating systems
Adoption, Community, Stability, Documentation, Support
Monolithic kernel (RINA/ IPC Model may be better suited to micro-kernels)
User/kernel splitvs user-space only
IPC as a fundamental OS service, access device drivers, hardware
offload, IP over RINA, performance
More complex implementation and
debuggingC/C++
vs Java, Python, … Native implementation Portability, Skills to master language (users)
Multiple user-space daemons vs single one
Reliability, Isolation between IPCPs and IPC Manager
Communication overhead, more complex impl.
Soft-irqs/tasklets vs. workqueues (kernel)
Minimize latency and context switches of data going through the
“stack”More complex kernel
locking and debugging
Overview of IRATI and its SDK
Normal IPC Process (Layer Management)
User space
IRATI RINA implementation
KernelKernel IPC Manager
Normal IPC Process (Data Transfer/Control)
Shim IPCPover 802.1Q
IPCP Daemon(Layer Mgmt)
IPC Manager Daemon
Normal IPCP(Data Transfer)
SHIM IPCP
App
zoom in
zoom in
zoom in
Normal IPCP(Data transfer)
Error and Flow Control Protocol
Relaying and Multiplexing Task
SDU Protection
SDK support
RTT
polic
y
Tx ct
rl po
licy
ECN
po
licy
. . .
SDK support
Forw
arpo
licy
Sche
dupo
licy
Max
Q
polic
y
Mon
it p
olic
y
SDK support
TTL
polic
y
CRC
polic
y
Encr
yppo
licy
Normal IPCP(Layer Mgmt)
RIB & RIB Daemon
librina
Resource allocation
Flow allocation
Enrollment
Namespace Management
Security Management
Routing
SDK support
Auth
.po
licy
Acc.
ctrl
polic
y
Coor
dpo
licy
SDK support
Addr
ess
ass
ign
Dire
ctor
y re
plic
a
Addr
ess
valid
at
SDK supportNew flowpolicy
SDK support
PFT
gen
polic
y
Push
bak
notif
y
Enroll. sequence
SDK support
Routing policyIPC Manager
librina
Management Agent
IPCM logic
Network Manager
(NMS DAF)
SDK supportRIB & RIB Daemon
Shim IPCP
Shim IPCP
RINA Plugins Infrastructure (RPI)Kernel RPI (kRPI)
29
PolicySet lifecycle PolicySet classes• Different policy-set class per component, since each component has different policies.
● “OO” approach● All policy set classes derive
from base class● All components derive from
base class
● Plugins are Loadable Kernel Modules (LKM)● They publish a set of policy sets, becomes available to the RINA stack.
● Factories, named after each policy set, provide operations to create/delete instances of policy set classes
RINA Plugins Infrastructure (RPI)User-space RPI uRPI)
30
● Same concepts as kRPI (factories, lifecycle, policy classes), different impl● Plugins are shared objects dynamically loaded by the IPCP Daemon, loaded
through the libdl library
31
SDK Usage: Experimentation with IRATIData transfer policies: RMT and EFCP
• Programmed data transfer policies to manage congestion in a distributed cloud environment.
• Two touch points: i) ECN-marking policies for the RMT; ii) flow control policies that react to ECN-marked PDUs in EFCP
“TCP Tahoe” (EFCP) + RED (RMT)
DEC Binary feedback (EFCP and RMT)
32
ONGOING RINA INITIATIVES4
33
Research, open source, standards• Current research projects
– FP7 PRISTINE (2014-2016) http://ict-pristine-eu – H2020 ARCFIRE (2016-2017) http://ict-arcfire.eu – Norwegian project OCARINA(2016-2021)– BU RINA team http://csr.bu.edu/rina
• Open source implementations– IRATI (Linux OS, C/C++, kernel components, policy framework, RINA over
X) http://github.com/irati/stack – RINASim (RINA simulator, OMNeT++)
– ProtoRINA (Java, RINA over UDP, quick prototyping)
• Key RINA standardization activities– Pouzin Society (experimental specs) http://pouzinsociety.org – ISO SC6 WG7 (2 new projects: Future Network – Architectures, Future
Network- Protocols)– ETSI Next Generation Protocols ISG
1
2
3
4
1
2
3
1
2
3
top related