IETF Bits-n-Bites events highlight products and services that showcase IETF protocols in action. Held in conjunction with IETF meetings, Bits-n-Bites events take place in social settings designed to encourage in-depth discussions. With complimentary hor d’oeuvres, wine and craft beers, this dynamic two-hour event is eagerly anticipated by the entire IETF community.
In this demonstration, we are showcasing a multi provider NFV orchestration system with a special focus on network services over mixed IP/MPLS and OpenFlow SDN networks. The system allows providers to offer end-to-end network services with VNFs operated by different service providers in heterogeneous technology and resource environments. We propose a new hierarchical orchestration architecture that, on one hand, builds on existing state of the art components from industry and standardization, and on the other hand, innovative in lifecycle integration and operational policy handling. The orchestration system is designed with special focus to enable a coopetitive 5G service ecosystem where VNFs and their operational components may be developed by or operationally belong to 3rd parties. These VNF as a Service (VNFaaS) components are also available for partner providers to accelerate their NFV Infrastructure offerings. We emphasize the growing importance of multi provider orchestration (federation) to exploit the potential of edge/distributed cloud for Industry 4.0. Our network service orchestration is fully automated and takes into account latency and redundancy requirements when selecting the deployment locations for the service components.
The current research prototype demonstrates a situational orchestration hierarchy with different primary providers for different customers, interworking of IP VPN and OpenFlow SDN based service components and the ability to reuse shared network functions depending on provider policies and 3rd party’s service policies. For the IP VPN part, we use the vPE concept implemented in OpenStack through the BGP VPN API and the BagPipe driver. Then this IP VPN is carried in the IP/MPLS backbone through dedicated RSVP-TE tunnel instantiate through OpenDayLight SDN controller by mean of PCEP protocol.
The work is part of the 5G Exchange European Union collaboration project (http://www.5gex.eu) and the shown components are developed within Ericsson Research (Cloud and SW Technology), Orange Labs and the Budapest University of Technology and Economics.
As bad actors continue to leverage compromised IOT devices to launch ever-growing DDoS attacks, features such as scalability, performance and capacity become the cornerstones of a viable DDoS solution. Stop by the A10 booth to see how an A10 DDoS ecosystem can help you monitor, detect, mitigate and report on DDoS attacks to your protected environment. Unknown to you a similar solution from A10 may be protecting you when you're accessing various cloud-based services or playing your favorite games on the couch.
Do you know a router which isn't only connecting you to the Internet, but can do much more thanks to powerful hardware and open source software? It is already running 24/7, isn’t it? Do you like "Tetris" or have you ever heard about BigClown? Visit us at our Bits-N-Bites booth (labeled as "Turris Omnia") and we will show you what this unique router can do!
Generic Identity Service: Proof of Concept
Identity-Enabled Networks aim to improve privacy and security for communicating endpoints, to provide users with greater control over their networking data, and to simplify management for operators through common mapping infrastructure. Generic Identity Services provide service infrastructure that supports identifier/locator and (in the future) identity/identifier mappings. It can work with existing ID/LOC protocols and be extended to provide additional identity based services.
In the PoC, the following use cases are shown:
• Identity-based access control policies and metadata
• Interworking with ID/LOC protocols: LISP and HIP
This demo shows a live demonstration of accurate loss and delay measurement using the 'alternate marking' approach, with an overhead of just a single bit per data packet. Alternate marking is an emerging approach that is being developed in the IPPM working group. The demo makes use of TimeFlips; time-based TCAM ranges that run on Marvell's switch silicons.