Transcript VPNs in GÉANT2

Connect. Communicate. Collaborate
VPNs in GÉANT2
Otto Kreiter, DANTE
UKERNA Networkshop 34
4th - 6th April 2006
Agenda
Connect. Communicate. Collaborate
1. Brief presentation of GÉANT2
2. IP/MPLS VPN services inherited from GÉANT
3. Optical VPNs in GÉANT2
What is GÉANT2?
Connect. Communicate. Collaborate
A European R&E Networking Model:
• 7th generation of pan-European research network
infrastructure – continuation of a success story
• Project partners include 30 of Europe’s national research
and education networks (NRENs), DANTE and TERENA
• Will connect 34 European countries and serve over 3500
research and education establishments across Europe
• Provides international connectivity to other world regions
• Funded jointly by NRENs and European Commission
• Project timescale September 2004 - August 2008
Connect. Communicate. Collaborate
GÉANT2
Topology
GÉANT2 Objectives
Connect. Communicate. Collaborate
•
Provide a gigabit-speed infrastructure to support European research and
education
•
Deploy an international hybrid network: routed IP traffic combined with
switched point-to-point circuits
•
Implement end-to-end QoS provision
•
Provide a research infrastructure for network technology developments
•
Develop a wider range of network services
– Performance monitoring
– Security
– Bandwidth on demand
– Testbed facility
– Mobility and roaming
Services inherited from
GÉANT
IP Services using Juniper routers.
–
–
–
–
–
Native Best Effort IPv4
Native Best Effort IPv6
Native Multicast v4
Native Multicast v6
QoS Services
• Premium IP - PIP
• Less than Best Effort IP - LBE
Connect. Communicate. Collaborate
Services inherited from
GÉANT
Connect. Communicate. Collaborate
MPLS services
– L2-VPNs
• Started with Juniper CCC, “migrated” to LDP
signalled L2-circuits
• Multi-domain and multi-vendor L2-circuits in place.
– Traffic engineered paths
• To enforce QoS
• Part of multi-domain L2-VPNs
– Stitching
– Contiguous LSPs
Multi-domain LSPs - I
LSP Stitching
Connect. Communicate. Collaborate
Manual stitching point
A
B
Needs to know internal
structure of transit domain
Pro: We are in control of the “transit” LSP
Cons: Done manually at the GÉANT/GÉANT2 border
– Not flexible
– Error prone
Multi-domain LSPs - II
Connect. Communicate. Collaborate
Contiguous LSP
A
B
Needs to know internal
structure of transit domain
Traceroute
A B
Pro: Easy to configure it
Cons: Hard to enforce any policy
– TE across transit domain
– Bandwidth reservation across transit domain
– Possible solution nesting.
Multi-domain LSPs - III
LSP nesting
Connect. Communicate. Collaborate
Bandwidth
constraints
A
B
C
Needs to know IN/OUT
of transit domains
Pro: We are in control of the “transit” LSPs
Cons: Not known yet !
IP/MPLS services
Connect. Communicate. Collaborate
• GÉANT2 will continue to provide the same IP/MPLS and
L2-VPN services.
• Subsequently will look into possibilities to improve it
• LSP nesting.
• Looking forward to deploy “new” services if they are
required by the R&E community.
• L3-VPNs
• VPLS
• Point-to-Multipoint LSPs
Optical VPNs in GÉANT2
Requirements of BoD services:
•
•
•
•
•
Deterministic bandwidth
Deterministic delay
Ethernet
Automated provisioning
Advanced reservation (?)
 Solution “Optical” VPNs.
Connect. Communicate. Collaborate
Technological domains
Connect. Communicate. Collaborate
Europe
Ethernet
IP/MPLS
SDH/EoSDH
GÉANT2 technological
domains
Connect. Communicate. Collaborate
SDH
10GE
1GE
GÉANT2 technological
domains
VC-4 hand-over
point
Connect. Communicate. Collaborate
GFP-F
VCAT
VLANs
?
?
Domain A
Domain B
GFP-F
VCAT
SDH
10GE
1GE
GMPLS the solution for
Optical-VPNs ?
Connect. Communicate. Collaborate
GMPLS
GMPLS
GMPLS
Domain A
Domain B
e2e path
Ethernet LSP
SDH LSP
GMPLS in GÉANT2
Connect. Communicate. Collaborate
GÉANT2 OXC
Alcatel 1678MCC
GMPLS Interface Switching Capabilities:
– TDM
– Ethernet L2SC
GMPLS control plane available for the TDM region
What is missing…
Connect. Communicate. Collaborate
GMPLS controlled Ethernet Label Switching
A single GMPLS control plane instance for multiple regions
(TDM and Ethernet) Multi Region Network
– Would be nice to have "triggered signalling" for lower
layers.
Where the GÉANT2 IP/MPLS
network fits in this picture ?
NREN
Connect. Communicate. Collaborate
NREN
They will form two separate service layers at the beginning
They may form a global TDM and packet (Ethernet/IP) traffic
engineering database in the future.
Conclusion
Connect. Communicate. Collaborate
GÉANT2 will continue to provide L2-VPN services in
the IP/MPLS network.
New emerging inter-domain MPLS techniques to
improve L2-VPN deployments.
GMPLS seems to be an answer for Optical-VPNs in
GÉANT2 in support of BOD activities.