wiki:GENIExperimenter/Tutorials/NFV

Version 9 (modified by matta@cs.bu.edu, 2 years ago) (diff)

--

NFV Tutorial: Managing a Virtual Network Function using SDN and Control Theory

Abstract

The virtualization of network functions (e.g., load balancer, intrusion detection system) has enabled the deployment of such functions anytime and anywhere. This tutorial discusses the deployment of a Virtual Network Function (VNF) and challenges associated with the cost and performance of delivering its service. Specifically, VNF instances can be dynamically deployed to meet changing conditions, i.e., more (less) instances to accommodate higher (less) traffic demand or more (less) stringent service requirements. To illustrate these issues, we present a basic set of GENI experiments on a topology that contains traffic sources, a destination, VNF instances of an intrusion detection system (i.e., Snort), an Open vSwitch (OVS), and a controller. The controller is used to steer traffic toward one or more Snort instances as needed so any intrusion can be detected reliably and in a timely fashion. OpenFlow, as a communication protocol standard of a Software Defined Networking (SDN) architecture, is used to install (update) controller-derived forwarding rules on the OVS switch. To measure load on Snort hosts, we leverage the distributed publish-subscribe architecture of our Recursive InterNetwork Architecture (RINA). These measurements (by sensor processes) are fed to the controller to make its decisions. We show results for both a load-independent controller and a load-dependent control-theoretic controller.

Overview

This is a basic tutorial that guides you through an experiment using OpenFlow and Network Function Virtualization (NFV). It is recommended that you first read about OpenFlow and go over a basic OpenFlow tutorial on GENI. The goal of this tutorial is to give you a hands-on experience with OpenFlow, and how it can be used for NFV deployment. Using a basic topology, which contains two sources, a destination, two virtual network functions (IDS), an OVS and a controller, we will show how different OpenFlow rules can be used for NFV management. Once resources are reserved for this topology, the tutorial should take about 45-60 minutes to complete.

http://csr.bu.edu/rina/grw-bu2016/tutorial_files/image002.gif
Figure 1: The image above depicts the network topology used in this tutorial.

Prerequisites:

  • A GENI account, if you don't have one sign up!
  • Familiarity with how to reserve GENI resources (we will be using the GENI Experimenter Portal as our tool).
  • Familiarity with logging into GENI compute resources.
  • Basic understanding of OpenFlow. An OpenFlow tutorial is here!
  • Familiarity with the Unix command line.
  • Familiarity with the Python programming language. We will use a controller (POX controller) written in Python for this tutorial.
  • You will need to be a member of a project.

http://csr.bu.edu/rina/grw-bu2016/tutorial_files/image026.gif Another version of this tutorial using the Ryu controller is also provided, and details can be found here .

Tools

Both of the tools are already installed on the machines where the resources are provided. If it happens not to be installed, take a look at the following tutorials to learn how to install these tools:
Open vSwitch
POX controller

Where to get help:

POX Wiki
Open vSwitch
GENI Wiki

Tutorial Instruction

Design/Setup
  • Part I: Design/Setup
    • Step 1: Design the experiment
    • Step 2: Establish the environment
    • Step 3: Obtain resources
Execute
  • Part II: Execute
    • Step 1: Login to VMs
    • Step 2: Configure and initialize services
    • Step 3: Execute expriment
Finish

Author: Nabeel Akhtar

Supervised by: Ibrahim Matta

Boston University

Attachments (16)

Download all attachments as: .zip