Upload File

openstack neutron service chaining and insertion

19
OpenStack Neutron Service Insertion and Chaining Icehouse Summit Nov 2013 Sumit Naiksatam, Kanzhe Jiang

Upload: sumit-naiksatam

Post on 29-Jun-2015

2.039 views

Category:

Technology


0 download

Report

Tags:

DESCRIPTION

This is the service insertion and chaining proposal which was presented during the OpenStack Icehouse Design Summit (Hong Kong, Nov 2013).

TRANSCRIPT

Page 1: OpenStack Neutron Service Chaining and Insertion

OpenStack Neutron Service Insertion and Chaining

Icehouse Summit Nov 2013

Sumit Naiksatam, Kanzhe Jiang

Page 2: OpenStack Neutron Service Chaining and Insertion

Resource Model

Page 3: OpenStack Neutron Service Chaining and Insertion

Service Insertion Context and different insertion modes

Page 4: OpenStack Neutron Service Chaining and Insertion

Service Insertion Context

Page 5: OpenStack Neutron Service Chaining and Insertion

L3 insertion

Page 6: OpenStack Neutron Service Chaining and Insertion

L3 Insertion

Page 7: OpenStack Neutron Service Chaining and Insertion

L3 Insertion

Page 8: OpenStack Neutron Service Chaining and Insertion

L3 Insertion

Page 9: OpenStack Neutron Service Chaining and Insertion

L2 Insertion

Page 10: OpenStack Neutron Service Chaining and Insertion

Bump in the Wire

Page 11: OpenStack Neutron Service Chaining and Insertion

Tap

Page 12: OpenStack Neutron Service Chaining and Insertion

Service Chain Resource

Page 13: OpenStack Neutron Service Chaining and Insertion

Create and insert individual service

Page 14: OpenStack Neutron Service Chaining and Insertion

Chooses Service Provider Name from list of available service providers.

$ neutron service-provider-list

-----------------------------------------------------| Service Type | Name | Default ||----------------------------------------------------| FIREWALL | IPTables | True || FIREWALL | VendorA | False || VPN | OpenSwan | True || VPN | VendorB | False |-----------------------------------------------------

Page 15: OpenStack Neutron Service Chaining and Insertion

Create service instance (firewall in this case)

$ neutron firewall-create <firewall_policy_id>

OR

$ neutron firewall-create <firewall_policy_id> \ --provider VendorA

OR

$ neutron firewall-create <firewall_policy_id> \ --provider VendorA \ --insertion-context router_id=<router_id>

Page 16: OpenStack Neutron Service Chaining and Insertion

Create a Service Chain

Page 17: OpenStack Neutron Service Chaining and Insertion

Chooses Service Provider Name from list of available service providers.

$ neutron service-provider-list-----------------------------------------------------| Service Type | Name | Default ||----------------------------------------------------| FIREWALL | IPTables | True || FIREWALL | VendorA | False || VPN | OpenSwan | True || VPN | VendorB | False |-----------------------------------------------------

$ neutron service-chain-provider-list

-----------------------------------------------| Chain Name | Services ||----------------------------------------------|Firewall-VPN-Ref-Chain| [IPTables,OpenSwan] |-----------------------------------------------

Page 18: OpenStack Neutron Service Chaining and Insertion

Create each service in the eventual chain

$ neutron firewall-create <firewall_policy_id> \ --provider IPTables \ –-in-chain True \ … … …

$ neutron vpn-service-create \ --provider OpenSwan \ –-in-chain True \ … … …

Page 19: OpenStack Neutron Service Chaining and Insertion

Create chain

$ neutron service-chain-create \ --provider Firewall-VPN-Ref-Chain \ --services <firewall_instance_id, vpn_instance_id> \ --name my_fw_vpn_chain \ --source-insertion-context --router_id=<router_id> … … …


Backward Chaining

Backward n Forward Chaining

Forward Chaining vs. Backward Chaining - Hinkelmannknut.hinkelmann.ch/lectures/KE2011/KE-4_FC_vs_BC.pdfProf. Dr. Knut Hinkelmann MSc BIS/ 2 Forward Chaining vs. Backward Chaining Logical

Demo: Service Function Chaining Across OpenStack and … · 2019-07-08 · extending and consolidating state-of-the-art tools and technologies originated from Network Function Virtualization

Chaining Operator in Climb - blog.vjeux.com · Climb Introduction Method Chaining jQuery Method Chaining Extended Climb Image Processing Implementation Attempts Dollar macro Extensions

Delivering Standard Openstack Security NFV Service ... ovn.pdf · Service Chaining at Scale with Networking-SFC and Networking ... Preventing Across the Cyber Attack* Life Cycle Unauthorized

Service Function Chaining in Openstack Neutron

1 Hashing: Collision Resolution Schemes Collision Resolution Techniques Separate Chaining Separate Chaining with String Keys Separate Chaining versus Open-addressing

CLIPS Enhanced with Objects, Backward Chaining ... · to implement backward chaining in a pure forward chaining environment, and finally we give some simple explanation facilities

Backward Chaining Hamster

98 625-CD-520-001 ASTER Scenario: Backward Chaining INSERTION RETRIEVAL PRODUCTION Subscribe Search & Order Store External Data Provider User Deliver Generate

Forward Chaining

OpenStack Orchestrated Service Chaining · OpenStack Orchestrated Service Chaining ... OpenStack (Compute Node) VM Service Function ... PowerPoint Presentation Author:

Service Chaining for NFV and Delivery of other ...jain/talks/ftp/adn_in15p.pdfEach Cloud belongs to a different Cloud Service Provider (CSP) ... OpenStack OpenDaylight EC2 Enterprise

Chaining Interrupts. Short contents What does chaining interrupts mean? TSR programs Chaining an interrupt example program Reentrancy problems with DOS

Behavior Chaining

Api chaining(tm)

Climb – Chaining Operators - Report

SPEECH MOTOR CHAINING PROCEDURES - Speech Production …speechproductionlab.syr.edu/_PDFs/Chaining Manual v1.1.pdf · Some Notes on the Speech Motor Chaining Procedures These procedures

Chaining Interrupts

Backward Chaining and Forward Chaining Procedures Compared in

Application Bug Chaining

STUDENT ACTIVITY MANUAL - agedweb.orgagedweb.org/agmech/UofA Survey Student Workbook-web.pdf · This Student Activity Manual is designed to provide ... - Chaining - Chaining CHAINING

Cybera ONE® · (NFV) cloud. Providing centralized management and orchestration, the NFV cloud’s service insertion framework (SIF) enables the chaining of virtual network functions,

SDN/NFV: Service Chaining

eCATT Chaining

Forward Chaining in HALO

Forward Backward Chaining

ONOS Update...Application Stores & Primitives CORD Virtual Tenant Networks CORD Optical Line Terminator Segment Routing OpenStack Networking Service Function Chaining ACL Management

Establishing Service Function Chaining ... - openstack.id · $ openstack sfc flow classifier create --ethertype IPv4 --source-ip-prefix 192.168.0.97/32 --destination-ip-prefix 192.168.0.101/32

forward and backward chaining

BACKWARD CHAINING FORWARD CHAINING DAN …

Overcoming OpenStack Obstacles in vCPE - Wind Riverevents.windriver.com/wrcd01/wrcm/2016/06/... · Service chaining (also referred to as ... 05 | Overcoming OpenStack Obstacles in

State of the OpenDaylight Union - · PDF file• OVSDB Neutron • SN Integration Aggregator • Service Function Chaining ... OpenStack and OpenDaylight Integration Compute Node VM

Complex Hashing & Chaining