Network as a Service principlevirtual CPE as a Service

1

TERENA Network Architects WorkshopVictor Reijs, HEAnetvictor.reijs@heanet.ie

22 November 2012

Agenda

• Clouds and XaaS services...• OpenFlow, SDN and NaaS...• Why Network as a Service?...• Cloud resources...• A Danish cloud...• OpenNaaS architecture...• Use cases (virtual CPE)...• Questions and Answers…

Clouds and XaaS services

• SaaS: Software as a Service• PaaS: Platform as a Service• IaaS: Infrastructure as a Service

– NaaS: Network as a Service

• MaaS: Management as a Service

http://csrc.nist.gov/publications/drafts/800‐146/Draft‐NIST‐SP800‐146.pdf

Essential characteristics

• On‐demand self‐service• Broad network access• Resource pooling• Rapid elasticity• Measured service

OpenFlow, SDN and NaaS

• OpenFlowManagement protocol for forwarding tables

• SDNSupports a control plane abstraction

• NaaSIntegration; virtualisation; and service oriented

SDN’s design axis

Centralised control Decentralised

Microflow Aggregated

Reactive forwarding Proactive

Virtual systems Physical

Fully consistent state Eventually consistent

http://opennetsummit.org/talks/ONS2012/heller‐mon‐intro.pdf

Why Network as a Service? (1/2)

• IP cloud• On‐demand self‐service• Broad network access• Resource pooling• Rapid elasticity• Measured service

Why Network as a Service? (2/2)

• Lower layers• More flexibility in routing (NetFlow resource)• Allowing applications with more dynamic network needs, which need more than Internet‐service: security/VPN, capacity and energy‐consumption

Cloud resources• Machine and human resources (Amazon Mechanical Turk 

Worker) have an important function to play in generating services

• They can be integrated nowadays properly: using for instance APIs, WebServices

• Resources can be for working (Worker‐Resources: WoR) or for managing the Working‐Resources (Management‐Resources: MaR)

• Management‐Resources becomes an User issue: making it a single domain... 

• Management‐Resources (follows FCAPS): Trouble; Configuration&Activation; Information; Quality; and Policy

• Standardisation is important: OGF, DMTF, ISOF‐RG, TMF, eTOM

A Danish cloud

http://www.2dots‐era.com/2012/08/lego‐cloud‐sculptures‐x‐eric‐maldre.html

LEGO stud specification

http://en.wikipedia.org/wiki/File:Lego_dimensions.svg

Resource shopping listWorker 

Resource*Management Resource*

Fibre/Air

Ethernet

IP

Video

* defined in MaaS: GN3‐JRA1‐T4

Going to the marketplace

Putting together with the  LEGO studs

http://www.youtube.com/watch?v=wa‐trX3ifR8

OpenNaaS architecture

Platform

CLI

Persisten

ce

Que

ue

Resource

Manager

. . . 

Security

Protocol Session Manager

Resource Lifecycle

Resource Layer

Router Resou

rce

Network Re

source

BoDRe

source

Optical Switch 

Resource

. . .

Remoting

Scrip

ting

GUI

Ope

nNeb

ula

Ope

nStack

NS

NSA

 (NSI)

. . . 

3P Extensions

3P Middleware

Network Intelligence• Integration with Northbound 

Middleware• IaaS/Cloud managers• Other NMS.

• The user

NaaS Layer• Network HAL abstraction to 

infrastructure.• Resources manageable by the user.

• Access controlled by the Sec. Manager.

Platform• Reusable building blocks, common to 

all extensions.• Controls access to the infrastructure.

• Integrity, Policy, etc..

Managed infrastructure

BoD

Use cases

• virtual Client Premises Equipment (vCPE) (HEAnet)...

• Supporting of moving VMs within hybrid clouds (private/community/public) (GridIreland/NORDUnet)

• Multiple providers acting on same hardware (DeIC/Danish Health network)

• Multimedia network (University of Bristol)

virtual Client Premises Equipment

Client 1 Client 2 Client 3

Core routers

AggregatedvCPE

CPE

Virtualise the network resourcesMake routers virtually

Configure them up

Make links between them

Delegate partial controlto the user

Nice interface

Quick, easy changes

Automatic inventory

Automatic monitoring

Access tooutside networks

P2P provisioning system

OpenNaaS

Provisioning system for logical routers

Open source

CLI + RESTful API

Developing a GUI

Integrated with Bandwidth on Demand

Including GÉANT BoD

Conclusions

• Getting experience with XaaS• Integration of Network and other layers• Resource management still needs to be defined together with marketplace

• Work in progress, but plan to provide pilot/operational vCPE services in 2013

Q&A