OpenFlow Campus Trials at Indiana University GEC11 Report
Christopher Small – Principal Investigator
Matthew Davy – Co-Principal Investigator
Dave Jent – Co-Principal Investigator
Summary
- Documentation and procedures for Operational support
- "Plastic Slices" demonstration of initial integration with AM and other campuses
- Deployment of production VM "stack" for Expedient/OIM/Flowvisor/Measurement
- Development and Deployment of workshop/rapid development VM environment
- Deployment to new buildings/Preparation for IU UITS building moves
- Measurement Manager packaging and development
- FlowScale - hardware testing and sample deployment
Major Accomplishments
Milestones
Complete documentation and procedures for operational support: We have implemented procedures and provided contacts to support GENI resources as outlined in the GENI Aggregate Providers agreement. There is a 24/7 point of contact (the IU GlobalNOC) for any problem related to the Campus deployment. This also includes escalation procedures to contact the necessary engineering resources to troubleshoot issues. We agree to the GENI Aggregate Provider agreement.
Deleverables
Description of Work Performed
"Plastic Slices" demonstration of initial integration with AM and other campuses: Along with all the other OpenFlow campus deployments deployed the simulated "Plastic Slices" experiments. To facilitate these efforts we placed an additional MyPLC Planetlab nodes (for a total of 4) at the IUPUI campus in Indianapolis. We also deployed monitoring software on the PL nodes, MyPLC node and the Flowvisor server to facilitate. We also have used our existing testpoint in Indianapolis to deploy multiple interfaces on all the vlans used to provide a reference point to troubleshoot connectivity. The configuration is the "standard" cmpus configuration with vlans 3715 and 3716 bridged to vlan 1715 and the Planetlab nodes on vlan 1715.
GENI VM "stack" for Expedient/OIM/Flowvisor/Measurement: In order to support OpenFlow in campus in a more supportable way we have moved Expedient/OIM and Flowvisor to a production server located in the Bloomington Data Center Enterprise Machine Room instead of it's formner location in the testlab. Production 24/7 monitoring is in place to detect any problems with the server and alert the IU GlobalNOC Service Desk of any issue. The design and layout is based on the Internet2 and National Lambda Rail OpenFlow VM servers. The concept is to provide some seperation of the tools as there are still some issues with library and OS distribution support and conflicts. It also provides some ability to migrate and create new test VMs to minimise downtime in case a major restructuring or upgrade/change of OpenFlow tools.
Workshop/Rapid development VM environment: We have created a new framework for rapid development and testing of OpenFlow hardware and Software. This consists of a stock of VM images that can be rapidly deployed in the IU testlab for testing OpenFlow features. For example we have a VM images based on the Stanford OpenFlow Tutorial image that contains most of the OpenFlow tools (mininet, nox, flowvisor, openflow reference code, wireshark w/ OF plugin, etc..) to begin most experimentation with OpenFlow.The goal of this framework is to provide very easy tools for experimenters and testers to have the tools available and pre-built to conduct research and functional testing of hardware and software.
We also plan on using this as a basis to build a infrastructure to conduct hands-on OpenFlow workshops where each attendee can get a remote VM built for each workshop attendee. Once the workshop is over the VM instances can be deleted.
We plan in the future on building more VMs such as a Layer 3 specific one that would have software such as Quagga and RouteFlow.
Production controller deployment: We have deployed a Big Switch controller for controlling non-GENI OpenFlow work. This controller is connected to vlans directly and does not go through Flowvisor (though other vlans on the switches could/are connected to Flowvisor) This replaces some of our early experiments with using SNAC for production users.
Deployment to new buildings/Preparation for IU UITS building moves: We are continuing deployments to new switches and new buildings. Adding two IU-purchased HP switches to the E2 and Informatics buildings. We are also planning on a major move of users this August and September as most IU IT staff will be moving into a new building or to space freed up by other moves. We are planning to make sure current OF users remain connected and are looking for opportunities to enable more users to be added to OpenFlow networks.
Testlab deployments: We are working with 3-4 new vendor switches in our testlab (not purchased using grant funds). We are running preexisting (oftest) and newly developed test code against the switches to verify their ability to function for projects like FlowScale and for general deployment where we want the flexibility to handle as many types of applications and experiments as possible.
Activities and Findings
Measurement Manager packaging and development: We have released the Measurement Manager code. This mostly involved better documentation of the features and packaging the software demonstrated at GEC 9 and 10 in one downloadable package. The Measurement Manager release 1.0 is available at:
http://gmoc-db.grnoc.iu.edu/sources/meas_manager/meas_manager-0.0.3.tar
FlowScale (Load Balancer Application): We have completed the initial coding of a load balancer application that utilizes OpenFlow switches. The initial deployment will allow Indiana University to distribute traffic to multiple Intrusion Detection System devices. The initial design for a custom OpenFlow app that divides the traffic and provides a simple Web interface to control traffic. The prototype is in the test lab with a number of IDS sensors with 1 Gig interfaces. We are testing the prototype with a number of vendor's switches to make a determination of what hardware will be selected for final purchase.
The final deployment of the FlowScale IDS will be scaled up to additional 10G sensors and capable of processing all traffic transmitted across the Bloomington and Indianapolis campus networks.
Full deployment will be done when final approvals of the additional sensors and switches by the IU Security Office. It is expected that the deployment will happen early in the fall semester.
We are also looking at possible applications beyond the Intrusion Detection use which will require a much larger production deployment of OpenFlow devices.
Interop Las Vegas: Provided assistance in the deployment of the OpenFlow lab at the Interop Las Vegas conference http://www.interop.com/lasvegas/it-expo/interopnet/openflow-lab/
Project Participants
During this time, key participants in the OpenFlow campus trial included:
- Chris Small, PI
- Matt Davy, Co-PI
- John Meylor
- Ali Khalfan
- Ed Furia
- Jason Muller
- Ron Milford
- Camilo Viecco
Collaborations
- Clemson (loadBalancer)
- Stanford (monitoring)
- CpQD (L3 router)
- Internet2 (monitoring)
- NLR (monitoring)
- OpNET (Interop)
Publications & Documents
Small, C, Measurement Manager Poster GENI Engineering Conference, San Juan Nov 2-4 http://groups.geni.net/geni/attachment/wiki/OFIU-GEC10-status/IU_OF_GEC10_poster.pdf
Davy, M., "IU OpenFlow and NDDI Developments" http://groups.geni.net/geni/attachment/wiki/GEC11OpenFlowDeployment/2011-07-26.GEC11-Updates.pdf
GENI Documents
None