OPEN CALL – SOFTWARE DEFINED NETWORKING service is a good candidate for providing the on-demand, multi-domain connectivity incorporated in such an integrated resource management solution [1]. Isolation from the internet of the connected equipment in multiple domains, such as the DNA sequencer, the data storage and processing equipment, is a prerequisite. Common VPN technology could be used to achieve isolation, but that requires manual configuration by experts in each domain. A valuable aspect of the CoCo service the eScience researchers mentioned is the ease-of-use to create connectivity themselves. Also, the increased reusability of the SDN-based solutions for other eScience projects is mentioned as a promising improvement. Figure 2 presents an overview of a technical solution for a DNA sequencer as a Service. It shows the inter-domain architecture of CoCo. Each domain has an OpenFlow based infrastructure and runs its own CoCo-agent. The CoCo-agents are extensions of the OpenDaylight SDN controller and are responsible for topology discovery within a domain and do intra- and interdomain path calculations. The inter-domain path calculations are based on BGP path information being exchanged between neighbouring domains. The CoCo network core consists of OpenFlow switches. MPLS based forwarding is used in the core of the network.
The CoCo architecture is based on BGP/MPLS VPNs (RFC 4364 [2]). CoCo offers a L3 IP VPN service. Customer traffic is aggregated and encapsulated with an MPLS label and sent to an egress switch. The core switches forward based only on that MPLS label. IP prefix and VPN information is exchanged between domains via BGP running in the control plane.
III. FIRST COCO PROTOTYPE AT SC14
The first prototype of CoCo service was demonstrated during the Supercomputing 2014 conference [3] and the collocated INDIS workshop [4]. This prototype demonstrated that a user with minimal knowledge on communication networks can easily create, access, detach or modify a VPN that spans over several sites. This is done via a user-friendly CoCo web portal that hides the required network switch and controller configuration actions for the user. To simplify the set up process even more an overall network topology is depicted, where the links for the user’s VPN are highlighted (Fig. 3). Via the reachability matrix the user can easily verify the connectivity of the sites and check that no information can leak to nonparticipants. The OpenDaylight northbound REST API is used to send the required forwarding rules to the OpenFlow switches.
Fig. 2. CoCo Layers Architecture
Fig. 3. CoCo Web portal The communication towards the (virtual) switches is handled using the OpenFlow Protocol (southbound interface). The next release of CoCo prototype will enable operations between multiple domains, offering its users more flexibility and functionality. That will require information exchange between CoCo agents residing in different domains. At the end of the project, the code of the prototype will be released as open source.
REFERENCES
Intermediate use cases for the Community Connect (CoCo) service. September 2014, http://www.geant.net/opencall/SDN/Pages/CoCo.aspx RFC4364 BGP/MPLS IP Virtual Private Networks (VPNs). The International Conference for High Performance Computing Networking, Storage and Analysis: https://scinet.supercomputing.org/workshop/ https://scinet.supercomputing.org/workshop/?q=papers
For more information on GÉANT Open Call see www.geant.net/opencall 37