| 444 | == Change Set AE: Allow Restricted Shared VLANs == |
| 445 | Experimenters want to be able to offer services on GENI for other slices, or to connect multiple slices together. This is termed 'cross slice stitching'; connecting 2 slices at layer 2. As background, note that GENI has the notion of a 'shared VLAN'. This is a VLAN that gets a name and that is marked public, allowing anyone to connect to it. At InstaGENI, there is a `PerformOperationalAction` to convert a newly allocated LAN into a shared VLAN. This topic was discussed at [wiki:GEC21Agenda/DeveloperRoundtable#Cross-SliceStitching1 GEC21], and again at [wiki:GEC22Agenda/DeveloperRoundtable#CrossSliceStitching1 GEC22]. |
| 446 | |
| 447 | '''Proposal''': Add to the existing POA `geni_sharelan` a new option `restricted` with default value `false` (old behavior). When true, the created shared VLAN requires a new credential when requesting a connection to this new Shared VLAN. |
| 448 | The POA method will return in this case a GENI SFA credential with owner <user calling the method> and target <sliver of the shared VLAN, or the shared VLAN in some way; contents are not specified but should be sufficient for the aggregate to authorize the call>. |
| 449 | |
| 450 | Note that shared vlan names are scoped within the AM and must be unique within the AM. |
| 451 | |
| 452 | The server slice aggregate manager (the AM at which the shared VLAN was created) should include the shared vlan (whether restricted or not) in the advertisement RSpec for the aggregate, indicating if this LAN is shared or not. The current `shared-vlan` RSpec suffices, but needs an attribute to indicate the VLAN is `restricted`. |
| 453 | |
| 454 | '''Proposal''': add a new optional attribute to the existing `shared-vlan` extension `restricted` with type `xml:boolean` and default value `false`. |
| 455 | |
| 456 | Slices desiring to connect to this restricted shared VLAN negotiate with the service slice. The service slice must delegate the shared VLAN credential to the client slice user (the mechanism for doing so is not specified by this proposal, but the format for a delegated credential is [wiki:GeniApiCredentials#Delegation specified]. Then the client slice user must include this extra credential in the call to `createsliver` or `allocate` (in the existing `credentials` argument to those API calls). |
| 457 | |
| 458 | The aggregate can then create a LAN for the client slice that connects to the specified shared VLAN, allowing traffic to flow freely between the two slices. |
| 459 | |
| 460 | Note that there could also be an additional `PerformOperationalAction` command to modify an existing 'client' slice to connect a LAN belonging to that slice to one of these 'restricted shared VLANs'. We have not specified the syntax for such an operation. |
| 461 | |
| 462 | A server slice can identify which client slice is contacting it using the information from the client's manifest RSpec. To make this data available reliably to the server slice, the aggregate manager can sign the manifest RSpec of the 'client' slice, and the client slice can pass this (out of band) to the 'server' slice. (The XML-DSIG signature is a new child element under `rspec`.) |
| 463 | |