UCLPv2 UpdateUCLPv2 Update

Sergi Figuerola Fundació i2CAT

Sergi.figuerola@i2cat.net

16 th GGF Athens, Fabruary 2006

Private Sector

Administration

Universities

TechnologyTransfer

Research

Innovation

DisseminationInternet

UCLPv2: CANARIE’s Directed Research Program

• UQAM/Uottawa• Solana Networks• CRC/UofO/Inocybe Tech. /i2CAT

i2CAT Foundation• i2CAT Foundation : private non-profit Foundation created by the local government

and the UPC (Universitat Politècnica de catalunya)

• Funding : Department of Research and Universities of the local Government, private sector and pre-competitive projects

• Goals : boost of Research & Innovation on the Internet second generation environment– Promote advanced networks research, innovation and broadband applications – Create new cooperation platforms

• Model : based on the collaboration between the public, private sectors and the universities

Driver for User Controlled Networks• Increasingly more and more organizations are acquiring

their own fiber networks– Universities, schools, hospitals, businesses

• Acquiring fiber in the long haul is very expensive to light and obtain– Alternative is to use “dim fiber” – point to point wavelengths– But want flexibility to do configuration and change

management as with dark fiber

• Increasingly science needs dedicated networks for specific applications and disciplines for high data volume grids– Want to be able to manipulate the network in the same way

they can manipulate the application

• SOA and networks− SOA has the potential to provide the same user control over

networks as with applications

CAnet 4 design principles (UCLP)

• Occam’s rule of networking: – “The simplest network is the best network”

• Provide users with tools to do their own traffic engineering including changing topology and bandwidth– “Articulated Private Networks”

• Allow users to create IP networks for their own community of interest– Most importantly allow extension of network into campus to specific

servers and bypass campus firewall

• Use Service Oriented Architecture (web services and workflow) to allow users to do their own provisioning and configuration of the network– Also allows easy integration of application

- Bill St. Arnaud -

What is UCLP?• User Controlled LightPaths – a configuration and provisioning

tool built around grid technology using Web Services

• Allow third parties concatenate cross connects together from various links, routers and switches to produce a wide area network that is under their control– Articulated Private Network (APN)– Next generation VPN

• Uses Service Oriented Architecture (SOA) and so network can be integrated with other Web Service applications

• To extend the network into the application

• End of the project, March/April 2006

Is UCLP an Automated management system?NO it is a toolbox used to create customized services.

UCLP Concept

Substrate Router

InstrumentWS

SubstrateSwitch

ParentLightpathWS

TimesliceWS

Child Lightpath WS(may run over IPEthernet, MPLS, etc

GMPLSDaemon WS

APN

VirtualRouterWS

Wireless SensorNetwork

Université d’OttawaUniversity of Ottawa

UCLPv2: High Level “Architecture”

Resource Management Layer

Service Orchestration Layer (BPEL)

User Access Layer

Eclipse Main PanelEclipse Main Panel

SCSWS

ons-ott01ons-tor01ons-mon01ons-nyc01

LPWS

Ott-Hal LP

Endpoints

gigE - ons-tor01gigE - ons-mon01

My Canada APN #1

Model View

Problems Status

Ressource Explorer

BPEL EngineCanarie Engine

Deployed ServicesOtt-Mon LPMon-Hal LP

CRC EngineDeployed Services

Ott-Hal LP

Import Ressources

My Canada APN #1

BPEL SourcePhysical View

LP-WS ITF-WS

XC-WS 802.1q-WS GMPLS-WS VR-WS INS-WS

APN-WS

Université d’OttawaUniversity of Ottawa

NE-WS (I) - RML

• NE-WS (Network Element Web Service)– A family of network element WSs– Axis Web Service – Different types of NE-WSs exist depending on the network element

it is controlling– Deployed on carrier’s side

• INS-WS (INStrument Web Service)– Web Service that controls a third party device (sensors,

instruments, etc.)– Deployed on the APN side

Université d’OttawaUniversity of Ottawa

NE-WS (II) - RML

XC-WS

XC PortType

GUINode PortType

GMPLS-WS

GMPLS PortType

GUINode PortType

802.1q-WSGUINode PortType

MPLS-WS

GUINode PortType

Router-WS

GUINode PortType

802.1q PortType

MPLS PortType

Router PortType

• XC-WS (Cross Connect Web Service)– SONET, SDH, Fibre, Lambda Cross

Connects

• GMPLS-WS– GMPLS Cloud

• 802.1q-WS – VLAN enabled Ethernet switch

• MPLS-WS– MPLS Cloud

• Router-WS– Layer 3 router

Université d’OttawaUniversity of Ottawa

NE-WS (III) - RMLInterface Binding

XC Port Type . . .. . .

XMLCore

Transport(TCP, UDP, SSL, etc.)

Res.Manager

PartitionTable

ONS 15454

XML

OPTera 5200

XML

…

Memory Hash

Interface Binding GUI Port Type

Université d’OttawaUniversity of Ottawa

LP-WS (I) - SOL

• LP-WS (Light Path Web Service)– An abstraction that represents a link between one or

more interconnected resources – A web service composition– The end points of the LP can be anything that is network

enabled

• ITF-WS (InTerFace Web Service)– A web service composition that represents a single

resource on a network element

• APN-WS (Articulated Private Network Web Service)– A BPEL workflow script that links together a number of

WSs from an APN resource list and other sources

Université d’OttawaUniversity of Ottawa

APN-WS (II) - SOL

• A workflow script that links together a number of lightpath, interface and instrument Web Services obtained from one or more providers

• An APN is a single network configuration

• Once an APN is deployed, the topology and bandwidth are fixed– If the configuration of the network elements wants to be

changed, the APN must be stopped, and a new APN must be created

• A single researcher can have multiple network configurations defined (APNs), and set/undo each configuration when different topologies are needed

Université d’OttawaUniversity of Ottawa

Web Services: LP-WS (III)

Satellite Antenna

OC-192

STM-64

Sensor

T1/E1

Access Point

GbE

802.1q

IEEE 802.11b/g

Server

Fiber Channel

GMPLS Cloud

LP-WS

“A lightpath represents a link between a pair of network enabled endpoints”

Université d’OttawaUniversity of Ottawa

User Roles• Physical Network (PN) Admin

– Responsible for provisioning the network and creating network resources (lightpath and interface Web Services) for APNs to use

• APN Admin– Receives APN Resource Lists from PN or APN Admins– Responsible for creating the APN network configurations

for the users• Can partition/bond network resources

– Can give or sublease its resources to other APNs

• Users– Can use APN configurations that were created by the APN

Admin– Cannot modify network topologies

Université d’OttawaUniversity of Ottawa

Security: Implementation Architecture

NE-WS (Axis)

APN-WS (BPEL)

GUI (Java)

(User to Business)

(Business to Business)

Certificate Authority

(UCLP.CA)

CRC UCLP Access Policies

SOAP Messages

SOAP Messages

X.509

DN: CRC-user-A

X.509

DN: CANARIE

UAA

Certificates involved

X.509

DN: CRC UAA

User CRC-user-A

CRC UAA

CANARIE UAA

X.509

DN: CRC UAA

Axis HandlerBPEL customized Handler

LP-WS (BPEL)

Provider Service Container

User Service Container

UCLP Interoperability Issues

• We must be able to import and export Lightpaths and Interface web services between UCLP systems– Agree on a common PortType for a proxy web service for that will be used

when calling imported resources• This common PortType is called the Common Data Model (CDM)• Need 2 proxy webservices; 1for lightpaths, 1 for Interfaces

– The proxy will be used to translate from the CDM to our own implementations

– Must also agree on security conventions for accessing the resources

• As a minimum, we need to be able to import resources from other UCLP implementations and use them to make APNs, LPOs, etc.– Partitioning and bonding imported resources from other UCLP systems is not

required at this point but will be implemented at later time

• In our opinion, semantic techniques and the tools are not fully mature so it was decided not to use them for UCLP interoperability. It would also take too much time for each UCLP team to overcome the learning curve involved– Implementing a Proxy web service with the CDM is the quickest and easiest

way to support interoperability

• Can this Work be done within the GHPN– Like any other W3C community : Math, BIO, Finance

• Consensus WS- Network Service?• …..

Contact InformationContact Information:

Fundació i2CATNexus II Buildingc/ Jordi Girona 2908034 Barcelona

Tel. +34.93.413.75.80Fax: +34.93.413.75.81

www.i2cat.netfundacio@i2cat.net

Sergi.figuerola@i2cat.net

www.uclp.ca

http://grid2.canarie.ca/wiki/index.php/UCLPv2

UCLPv2 info:UCLPv2 info: