Changes between Version 7 and Version 8 of GeniAggregate/NLROpenFlow/ExpansionPlan

Timestamp:

12/04/13 11:31:39 (10 years ago)

Author:

Josh Smift

Comment:

--

GeniAggregate/NLROpenFlow/ExpansionPlan

@@ -3 +3 @@
 = NLR Expansion Plan =
 
-NLR is adding three Pica8 switches to their GENI OpenFlow backbone deployment; this page describes the plan for this expansion.
+NLR is adding three Pica8 switches to their GENI !OpenFlow backbone deployment; this page describes the plan for this expansion.
 
 = Hardware =
@@ -15 +15 @@
 There are two firmware options for the Pica8: L2/L3 and OVS.
 
-L2/L3 Mode -  "Standard" Layer2/Layer3 software that supports traditional switching/routing, as well as Openflow version 1.0 - 1.3.  In this mode, the each port supports both layer2/layer3 and Openflow forwarding at the same time (Hybrid mode), and Pica8 calls this functionality "cross-flow."  This mode has support for the protocols needed by the current NLR operational support model (SNMP and TACACS+).  In addition, the CLI used to configure the device is akin to the standard Cisco IOS-XR CLI (commit changes to apply, editable configuration sub-sections, configuration history).  Openflow support is basic and lacks some of the additional Openflow mechanisms like generating flows locally from the device.
+L2/L3 Mode -  "Standard" Layer2/Layer3 software that supports traditional switching/routing, as well as !OpenFlow version 1.0 - 1.3.  In this mode, the each port supports both layer2/layer3 and !OpenFlow forwarding at the same time (Hybrid mode), and Pica8 calls this functionality "cross-flow."  This mode has support for the protocols needed by the current NLR operational support model (SNMP and TACACS+).  In addition, the CLI used to configure the device is akin to the standard Cisco IOS-XR CLI (commit changes to apply, editable configuration sub-sections, configuration history).  !OpenFlow support is basic and lacks some of the additional !OpenFlow mechanisms like generating flows locally from the device.
 
-OVS - PicOS Open vSwitch software mode that only supports Openflow forwarding.  This mode supports the same versions of Openflow as L2/L3 Mode.  The CLI and functionality of the device is more akin to a Linux server than a traditional router/switch.  In this mode, you use two programs, ovs-vsctl and ovs-ofctl, to configure the switch and Openflow functionality on the switch.  This mode lacks SNMP support, and therefore will not work for basic NLR operational monitoring and graphing tools.  Openflow support in this mode is much more advanced and includes the feature to generate IPv4 flows from the switch locally.
+OVS - PicOS Open vSwitch software mode that only supports !OpenFlow forwarding.  This mode supports the same versions of !OpenFlow as L2/L3 Mode.  The CLI and functionality of the device is more akin to a Linux server than a traditional router/switch.  In this mode, you use two programs, ovs-vsctl and ovs-ofctl, to configure the switch and !OpenFlow functionality on the switch.  This mode lacks SNMP support, and therefore will not work for basic NLR operational monitoring and graphing tools.  !OpenFlow support in this mode is much more advanced and includes the feature to generate IPv4 flows from the switch locally.
+
+The OVS mode seems superior from an !OpenFlow point of view, but problematic from a management perspective, to a show-stopper extent, so the initial deployment will use the L2/L3 mode.
+
+Barnstormer Softworks (BSSW) has expressed some interest in creating an OVS firmware with SNMP support, which would be very much worth considering.
 
 = Topology =
@@ -31 +35 @@
 == Phase 1 testing ==
 
+This phase tests the basic operation of the switch, and is complete.
+
  * Boot in L2/L3 Mode (Complete)
  * Basic configuration template (Complete)
@@ -40 +46 @@
    * SSH Enabled / Telnet Disabled
    * Syslogging
- * Basic Openflow configuration testing (Complete)
-   * Enable Openflow globally
-   * Connect to Flowvisor
+ * Basic !OpenFlow configuration testing (Complete)
+   * Enable !OpenFlow globally
+   * Connect to !FlowVisor
    * Verify resource advertisement remotely
 
 == Phase 2 testing ==
+
+This phase tests the Phase 1 deployment configuration, with static flows in the switch. Target completion date: 2013-12-06
 
  * Layer1Transport testing
@@ -56 +64 @@
 == Phase 3 testing ==
 
+This phase would test a future BSSW firmware release.
+
  * BSSW to develop "newer" version of OVS software
    * SNMP/TACACS enabled
@@ -63 +73 @@
 = Deployment =
 
-The switches will be deployed into the field in two phases (which don't correspond at all to the testing phases below).
+The switches will be deployed into the field in two phases (which don't correspond at all to the testing phases above).
 
 == Phase 1 deployment ==
@@ -69 +79 @@
 In the Phase 1 deployment, the switches will be put into the field and connected to each other, but only two ports will be enabled on each, and the layer1transport controller will be used to pass traffic between the two ports, with no experimenter control yet.
 
+Deployment schedule:
+
+ * By 2013-12-13: Finish writing MOPs
+ * By 2013-12-20: Ship hardware
+ * By 2014-01-03: Hardware mounted and connected to control/management networks
+ * Week of 2014-01-06: Mainteance windows for GENI dataplane cutover
+
+All three switches will be deployed in parallel.
+
 === NLR HOUS deployment ===
 
  * Mount/Power
  * Connect to NLR Out-of-Band
- * Connect to NLR FrameNet for In-Band Management / Control-Plane Traffic
+ * Connect to NLR !FrameNet for In-Band Management / Control-Plane Traffic
  * Verify basic IP Connectivity
  * Establish connection to Layer1Transport on NLR FOAM
@@ -86 +105 @@
  * Mount/Power
  * Connect to NLR Out-of-Band
- * Connect to NLR FrameNet for In-Band Management / Control-Plane Traffic
+ * Connect to NLR !FrameNet for In-Band Management / Control-Plane Traffic
  * Verify basic IP Connectivity
  * Establish connection to Layer1Transport on NLR FOAM
@@ -99 +118 @@
  * Mount/Power
  * Connect to NLR Out-of-Band
- * Connect to NLR FrameNet for In-Band Management / Control-Plane Traffic
+ * Connect to NLR !FrameNet for In-Band Management / Control-Plane Traffic
  * Verify basic IP Connectivity
  * Establish connection to Layer1Transport on NLR FOAM
@@ -116 +135 @@
 In the Phase 2 deployment, the switches will be reconfigured to be controlled by the NLR !FlowVisor, and the third port on each will be activated, allowing experimenter control and more interesting experimenter topologies.
 
-FIXME: What happens with VLAN 3715 and 3716 in this phase?
+On the new switches, VLANs 3715 and 3716 won't cross-connect with VLAN 1750, and we simply won't have campuses connect in to the new switches directly. (Enabling this would be a third phase, which we can plan and carry out if it turns out to be necessary.)
 
-FIXME: What happens with auto-approval in this phase, now that NLR FOAM has a mix of VLAN-hybrid and non-hybrid switches?
+The NLR rspecs will be a bit more complicated after Phase 2 is complete: They'll need a new openflow:group for the new switches, and a separate match for them that includes the relevant dl_vlan match.
+
+FIXME: What happens with auto-approval in this phase, now that NLR FOAM has a mix of VLAN-hybrid and non-hybrid switches? We don't know for sure, but are confident that this isn't a show-stopper issue.
 
 === Final topology/configuration ===