The Virtual Networks Research Group (VNRG of IRTF) mtg. during IETF-79 was held on Friday, 12-Nov.2010 from 9 AM to ~ 11:30 AM in the Valley Ball Room-A of Shangri-La Hotel in Beijing, China. General information about VNRG can be found at http://irtf.org/charter?gtype=rg&group=vnrg. Minute taker: Bhumip Khasnabish Jabber scribe: Al Morton Remote participation was made possible via: - audio stream (http://videolab.uoregon.edu/events/ietf/ietf796.m3u, check this for further information: http://videolab.uoregon.edu/events/ietf/) and jabber (xmpp:vnrg@jabber.ietf.org?join). Martin chaired the session and Joe was absent from the mtg. Martin announced that VNRG is a research group so one does not necessarily need to bring in any solution. There were two main presentations and discussion on acid test. Martin also briefly reviewed the status of VNRG including inputs from BoF, IAB, etc. The first presentation, entitled “Network virtualization: role of OpenFlow & acid test for network virtualization” (http://www.ietf.org/proceedings/79/slides/VNRG-0.pdf) was delivered by Didier Colle. Martin started the discussion after the presentation with explanation of TCAM (content addressable memory). A few options for access control and VN labeling, and acid test were presented. Rate limiting at the network edge was the key point and everything was virtualized. Bandwidth (BW) sliding example was mentioned including virtualized BW, and attempts were made to show that OpenFlow VN can address this. Link aggregation example, using OpenFlow was then discussed. Coarse- and fine-grained TCAM rules were not implemented in all layers. A mixer of parameters in all layers could have been used. Essentially all of the problems were pushed to the edge of the network—isolation and VN control were used. Martin mentioned about CPU isolation, especially the CPU in the FlowVisor; Cloud-based systems have more flexibility. Traffic stays in the data plane, so no problem there because switch sends overflow to the controller to avoid stressing the network. Al reported two questions for Jabber. One was by C. Li and the other was by Robert. These were for clarification of info. presented in various slides. For example, on slide-5, VN acid tests, who does the translation between virtual and physical address? Data streams are pushed to the edge of the network, so do you need any gateway or translator there? Aaron tried to clarify this, but in the process more confusion was created and noting was resolved. He tried to explain how to share switches with multiple controller in the event of hardware limitation. Isolation of the control path is not part of the acid test. Why less attention was given to the edge site? Is Stanford working on something like this? In acid tests 2 and 3, translation of virtual address to physical address was done to avoid conflicts. How the client was identified in network operations? Then discussion was focused on slide-5 again. VLAN tags or virtual MAC addresses which ones to use? Lou Berger asked about how OpenFlow relates to the IETF FORCES WG and [the Standards Track] GSMP [RFC3292]. Didi is not familiar with that. Jamal said that OpenFlow is lot less ambitious. Forces (RFC 5812?) allow opening up of boxes. API is given/allowed to work with any hardware. Software is open source. Demux/mux options are different. May be you can use OpenFlow profile of Forces (RFC 5812?). Only thing you need to do is populate with right rules. Compliment OpenFlow using Forces (RFC5812?): files, routing, network, model using XML, etc. can be used. An interop event is scheduled for February of 2011. Igor suggested using API with hardware from different suppliers. Martin discussed pros and cons of the approaches. The second presentation, entitled “FiRST@ETRI Virtualized Programmable Platform” (http://www.ietf.org/proceedings/79/slides/VNRG-1.pdf) was delivered by Sangjin Jeong. An Intel ATCA platform was used to support VR, common API for dynamic ETE (end-to-end) slice with a protoGENI-compatible control framework. Virtual programmable router (VPR) was dynamically created and virtual network topology (based on XML) was created ... similar to packet-Visor. packet-Visor supports dynamic CPU utilization. GENI compatible programmability is required to support virtualization and federation. In a federated environment, VNs are administered by different organizations. Federation and programmability are open issues. Aaron clarified that Federation means interconnection of VNs that are managed by different organizations. Martin asked for clarification of acid tests but none was given. Gong mentioned that performance evaluation has not been done, and layer adaptation may cause problems in performance assessment. Didi suggested that programmability and support of Federation should not be parts of acid tests. Gong asked whether FPGA was utilized to support programmability. Sangjin said that it is not easy to program for such implementation and that they have not made any such effort. Sangjin suggested that they may develop API to overcome such problems. Aaron mentioned that programmability and federation should not be parts of acid tests. He said that ‘partitioning’ (logical separation) and ‘isolation’ (performance-based separation) could be good acid tests. Martin asked whether federation was thought of at virtual net (VN) level or at a substrate level. He suggested that VN level federation does not make sense. A very lively discussion on Acid tests for VNs and definitions of VN then followed. The participants included Martin, Aaron, Lou, Igor, Sangjin, and Didi. Aaron suggested that performance isolation of control plane, poor virtual network may be parts of acid tests. Lou suggested that a set of properties — on which the tests are needed — be defined for acid tests. TCP/IP is not a part of acid test. Aaron explains VPN acid test. Network got virtual partitions so you don’t have to be in two VLANs. Lou said that Host can be behind VN, so what would you do to allow packet flow to and from the host. Didi said that VN should include edge of the network, and provider should provide edge functions. Policy decision is required in virtual networks. Aaron said that Edge of VN may not be the edge of physical network and that case should be also considered. Lou reminded that VPN is a part of the virtual network, so where are the edges? Aaron said that not all layering is VN thing … VN does not imply layering although all virtual nets uses layering, example may include functional partitioning, switch layering, etc. Didi said that VN are slices across network ... may be based on TCP ports, and can manipulate the layer underneath it. Martin reminded that Joe thinks that VN is done by putting something in front of a packet and that Martin disagrees with Aaron. Aaron said that besides using IP address and port number, VLAN tags and other ways to support VN exist. Lou suggested that flow based separation can happen too! Use of VLAN tag is only one option to regulate ingress to access network. You may or may not need extras to identify VNs. ITU-T G.803/5 defines link level cross connect functions via adaptation or termination for identifying edge functions. Aaron said that he does not know the details of that mechanism. Martin wanted to know whether completely separated naming and IP addressing is required or overlapping IP address can be supported. Didi said that no adapter will be required and that need further clarification of virtual machine’s interface definitions. Martin mentioned that there may be other acid tests corresponding to logical and control isolation. These may include layered virtualization of networking and virtual layers, and that these need to be fixed. Igor suggested that simple real addressing means real network and virtual addressing means virtual networks. Lou explained that sharing means virtualization, and that without sharing no virtualization can exist. Igor suggested that local or global IP address, and then physical combination of IP address and port and then virtual VPN is what virtual network would be. Aaron said that sharing is real, and that multiplexing is another way of sharing too. Lou suggested bringing sharing under acid test. If nothing is shared it is not virtual. Igor said that four VNs talking to each other can constitute another VN too. Definition and a list of acid tests will be published in an Internet draft by December 2010. Martin, Didi, and Sangjin will contribute to this draft. The last presentation, entitled “Virtual Networks: Start with something simple” (http://www.ietf.org/proceedings/79/slides/VNRG-3.pdf) is authored by Sunay Tripathi et al but none of the authors was present in the mtg. Therefore, Martin presented the main topics of the papers. No follow-up discussion was held. End of notes.