Changes between Initial Version and Version 1 of DecommissionedGeniAggregate/NLROpenFlow/ExpansionPlan

Timestamp:

01/12/16 15:25:08 (8 years ago)

Author:

hdempsey@bbn.com

Comment:

--

DecommissionedGeniAggregate/NLROpenFlow/ExpansionPlan

@@ +1 @@
+[[PageOutline]]
+
+THIS PAGE IS OBSOLETE.  NLR no longer exists, so these resources are not available, but we have kept the page for historical reasons.
+= NLR Expansion Plan =
+
+NLR is adding three Pica8 switches to their GENI !OpenFlow backbone deployment; this page describes the plan for this expansion.
+
+= Hardware =
+
+Model: Pica8 P-3780 - 48 x 10GE SFP+ Ports[[BR]]
+[[BR]]
+Tech Specs: [http://www.pica8.com/documents/pica8-datasheet-64x10gbe.pdf]
+
+= Firmware =
+
+There are two firmware options for the Pica8: L2/L3 and OVS.
+
+L2/L3 Mode -  "Standard" Layer2/Layer3 software that supports traditional switching/routing, as well as !OpenFlow version 1.0 - 1.3.  In this mode, the each port supports both layer2/layer3 and !OpenFlow forwarding at the same time (Hybrid mode), and Pica8 calls this functionality "cross-flow."  This mode has support for the protocols needed by the current NLR operational support model (SNMP and TACACS+).  In addition, the CLI used to configure the device is akin to the standard Cisco IOS-XR CLI (commit changes to apply, editable configuration sub-sections, configuration history).  !OpenFlow support is basic and lacks some of the additional !OpenFlow mechanisms like generating flows locally from the device.
+
+OVS - PicOS Open vSwitch software mode that only supports !OpenFlow forwarding.  This mode supports the same versions of !OpenFlow as L2/L3 Mode.  The CLI and functionality of the device is more akin to a Linux server than a traditional router/switch.  In this mode, you use two programs, ovs-vsctl and ovs-ofctl, to configure the switch and !OpenFlow functionality on the switch.  This mode lacks SNMP support, and therefore will not work for basic NLR operational monitoring and graphing tools.  !OpenFlow support in this mode is much more advanced and includes the feature to generate IPv4 flows from the switch locally.
+
+The OVS mode seems superior from an !OpenFlow point of view, but problematic from a management perspective, to a show-stopper extent, so the initial deployment will use the L2/L3 mode.
+
+Barnstormer Softworks (BSSW) has expressed some interest in creating an OVS firmware with SNMP support, which would be very much worth considering.
+
+= Topology =
+
+The new switches will be deployed in Kansas City MO (NLR KANS), El Paso TX (NLR ELPA), and Houston TX (NLR HOUS). They'll add more paths to the current ring, as seen below:
+
+[[Image(NLR Proposed GENI Backbone.png, 80%)]]
+
+= Testing =
+
+The switches will be tested in the NLR lab before being deployed, in three phases (which don't correspond at all to the deployment phases below).
+
+== Phase 1 testing ==
+
+This phase tests the basic operation of the switch, and is complete.
+
+ * Boot in L2/L3 Mode (Complete)
+ * Basic configuration template (Complete)
+   * Username/Password
+   * SNMP
+   * TACACS
+     * Unable to login with "backdoor" username/password if TACACS is enabled.  Until this is addressed, TACACS isn't an option
+     * Unable to configure remote port. Pica8 is aware and will address in future revision.
+   * SSH Enabled / Telnet Disabled
+   * Syslogging
+ * Basic !OpenFlow configuration testing (Complete)
+   * Enable !OpenFlow globally
+   * Connect to !FlowVisor
+   * Verify resource advertisement remotely
+
+== Phase 2 testing ==
+
+This phase tests the Phase 1 deployment configuration, with static flows in the switch. Target completion date: 2013-12-06
+
+ * Layer1Transport testing
+   * layer1transport configured on NLR FOAM with test rules
+   * Configure switch with connection toward layer1transport service
+   * Generate traffic from BSSW test host
+   * Verify basic traffic connectivity
+   * Performance testing?
+
+== Phase 3 testing ==
+
+This phase would test a future BSSW firmware release.
+
+ * BSSW to develop "newer" version of OVS software
+   * SNMP/TACACS enabled
+   * CLI similar to L2/L3 Mode
+ * Future testing?
+
+= Deployment =
+
+The switches will be deployed into the field in two phases (which don't correspond at all to the testing phases above).
+
+== Phase 1 deployment ==
+
+In the Phase 1 deployment, the switches will be put into the field and connected to each other, but only two ports will be enabled on each, and the layer1transport controller will be used to pass traffic between the two ports, with no experimenter control yet.
+
+Deployment schedule:
+
+ * By 2013-12-13: Finish writing MOPs
+ * By 2013-12-20: Ship hardware
+ * By 2014-01-03: Hardware mounted and connected to control/management networks
+ * Week of 2014-01-06: Mainteance windows for GENI dataplane cutover
+
+All three switches will be deployed in parallel.
+
+=== NLR HOUS deployment ===
+
+ * Mount/Power
+ * Connect to NLR Out-of-Band
+ * Connect to NLR !FrameNet for In-Band Management / Control-Plane Traffic
+ * Verify basic IP Connectivity
+ * Establish connection to Layer1Transport on NLR FOAM
+ * Break existing SUNN to ATLA GENI backbone and insert new switch into path
+   * Port 48 --> Atlanta
+   * Port 47 --> Sunnyvale (Soon to be El Paso)
+   * Port 46 --> Kansas City (New Connection / Disabled at this moment)
+ * Verify GENI backbone connectivity
+
+=== NLR ELPA deployment ===
+
+ * Mount/Power
+ * Connect to NLR Out-of-Band
+ * Connect to NLR !FrameNet for In-Band Management / Control-Plane Traffic
+ * Verify basic IP Connectivity
+ * Establish connection to Layer1Transport on NLR FOAM
+ * Break existing SUNN to HOUS to ATLA GENI backbone and insert new switch into path
+   * Port 48 --> Atlanta (Soon to be Houston)
+   * Port 47 --> Sunnyvale
+   * Port 46 --> Denver (Disabled at this moment)
+ * Verify GENI backbone connectivity
+
+=== NLR KANS deployment ===
+
+ * Mount/Power
+ * Connect to NLR Out-of-Band
+ * Connect to NLR !FrameNet for In-Band Management / Control-Plane Traffic
+ * Verify basic IP Connectivity
+ * Establish connection to Layer1Transport on NLR FOAM
+ * Break existing SEAT to DENV backbone and insert new switch into path
+   * Port 48 --> Chicago
+   * Port 47 --> Denver
+   * Port 46 --> Houston (Disabled at this moment)
+ * Verify GENI backbone connectivity
+
+=== NLR DENV maintenance ===
+
+ * Connect 10GE Port (28) toward El Paso
+
+== Phase 2 deployment ==
+
+In the Phase 2 deployment, the switches will be reconfigured to be controlled by the NLR !FlowVisor, and the third port on each will be activated, allowing experimenter control and more interesting experimenter topologies.
+
+On the new switches, VLANs 3715 and 3716 won't cross-connect with VLAN 1750, and we simply won't have campuses connect in to the new switches directly. (Enabling this would be a third phase, which we can plan and carry out if it turns out to be necessary.)
+
+The NLR rspecs will be a bit more complicated after Phase 2 is complete: They'll need a new openflow:group for the new switches, and a separate match for them that includes the relevant dl_vlan match.
+
+FIXME: What happens with auto-approval in this phase, now that NLR FOAM has a mix of VLAN-hybrid and non-hybrid switches? We don't know for sure, but are confident that this isn't a show-stopper issue.
+
+=== Final topology/configuration ===
+
+ * Connect all 3 switches to NLR !FlowVisor
+ * Enable 3rd direction on all 3 switches (and Denver HP)
+   * El Paso --> Denver
+   * Houston --> Kansas City
+ * Remove Layer1Transport connectivity on all switches?