19
OpenStack Neutron Service Insertion and Chaining Icehouse Summit Nov 2013 Sumit Naiksatam, Kanzhe Jiang

OpenStack Neutron Service Chaining and Insertion

Tags:

Embed Size (px)

DESCRIPTION

This is the service insertion and chaining proposal which was presented during the OpenStack Icehouse Design Summit (Hong Kong, Nov 2013).

Citation preview

Page 1: OpenStack Neutron Service Chaining and Insertion

OpenStack Neutron Service Insertion and Chaining

Icehouse Summit Nov 2013

Sumit Naiksatam, Kanzhe Jiang

Page 2: OpenStack Neutron Service Chaining and Insertion

Resource Model

Page 3: OpenStack Neutron Service Chaining and Insertion

Service Insertion Context and different insertion modes

Page 4: OpenStack Neutron Service Chaining and Insertion

Service Insertion Context

Page 5: OpenStack Neutron Service Chaining and Insertion

L3 insertion

Page 6: OpenStack Neutron Service Chaining and Insertion

L3 Insertion

Page 7: OpenStack Neutron Service Chaining and Insertion

L3 Insertion

Page 8: OpenStack Neutron Service Chaining and Insertion

L3 Insertion

Page 9: OpenStack Neutron Service Chaining and Insertion

L2 Insertion

Page 10: OpenStack Neutron Service Chaining and Insertion

Bump in the Wire

Page 11: OpenStack Neutron Service Chaining and Insertion

Tap

Page 12: OpenStack Neutron Service Chaining and Insertion

Service Chain Resource

Page 13: OpenStack Neutron Service Chaining and Insertion

Create and insert individual service

Page 14: OpenStack Neutron Service Chaining and Insertion

Chooses Service Provider Name from list of available service providers.

$ neutron service-provider-list

-----------------------------------------------------| Service Type | Name | Default ||----------------------------------------------------| FIREWALL | IPTables | True || FIREWALL | VendorA | False || VPN | OpenSwan | True || VPN | VendorB | False |-----------------------------------------------------

Page 15: OpenStack Neutron Service Chaining and Insertion

Create service instance (firewall in this case)

$ neutron firewall-create <firewall_policy_id>

OR

$ neutron firewall-create <firewall_policy_id> \ --provider VendorA

OR

$ neutron firewall-create <firewall_policy_id> \ --provider VendorA \ --insertion-context router_id=<router_id>

Page 16: OpenStack Neutron Service Chaining and Insertion

Create a Service Chain

Page 17: OpenStack Neutron Service Chaining and Insertion

Chooses Service Provider Name from list of available service providers.

$ neutron service-provider-list-----------------------------------------------------| Service Type | Name | Default ||----------------------------------------------------| FIREWALL | IPTables | True || FIREWALL | VendorA | False || VPN | OpenSwan | True || VPN | VendorB | False |-----------------------------------------------------

$ neutron service-chain-provider-list

-----------------------------------------------| Chain Name | Services ||----------------------------------------------|Firewall-VPN-Ref-Chain| [IPTables,OpenSwan] |-----------------------------------------------

Page 18: OpenStack Neutron Service Chaining and Insertion

Create each service in the eventual chain

$ neutron firewall-create <firewall_policy_id> \ --provider IPTables \ –-in-chain True \ … … …

$ neutron vpn-service-create \ --provider OpenSwan \ –-in-chain True \ … … …

Page 19: OpenStack Neutron Service Chaining and Insertion

Create chain

$ neutron service-chain-create \ --provider Firewall-VPN-Ref-Chain \ --services <firewall_instance_id, vpn_instance_id> \ --name my_fw_vpn_chain \ --source-insertion-context --router_id=<router_id> … … …


Delivering Standard Openstack Security NFV Service ... ovn.pdf · Service Chaining at Scale with Networking-SFC and Networking ... Preventing Across the Cyber Attack* Life Cycle Unauthorized

Delivering Standard Openstack Security NFV Service ... ovn.pdf · Service Chaining at Scale with Networking-SFC and Networking ... Preventing Across the Cyber Attack* Life Cycle Unauthorized

Documents
Service Chaining for NFV and Delivery of other ...jain/talks/ftp/adn_in15p.pdfEach Cloud belongs to a different Cloud Service Provider (CSP) ... OpenStack OpenDaylight EC2 Enterprise

Service Chaining for NFV and Delivery of other ...jain/talks/ftp/adn_in15p.pdfEach Cloud belongs to a different Cloud Service Provider (CSP) ... OpenStack OpenDaylight EC2 Enterprise

Documents
OpenStack Orchestrated Service Chaining · OpenStack Orchestrated Service Chaining ... OpenStack (Compute Node) VM Service Function ... PowerPoint Presentation Author:

OpenStack Orchestrated Service Chaining · OpenStack Orchestrated Service Chaining ... OpenStack (Compute Node) VM Service Function ... PowerPoint Presentation Author:

Documents
Backward Chaining and Forward Chaining Procedures Compared in

Backward Chaining and Forward Chaining Procedures Compared in

Documents
Sg Chaining

Sg Chaining

Documents
Getting Started as an Upstream Contributor Sept. 2018 Present & Future • OpenStack networking at scale • NFV service chaining • Analytics collection/querying • REST API and

Getting Started as an Upstream Contributor Sept. 2018 Present & Future • OpenStack networking at scale • NFV service chaining • Analytics collection/querying • REST API and

Documents
Prompting chaining e_shaping

Prompting chaining e_shaping

Documents
Prompting chaining e_shaping 2

Prompting chaining e_shaping 2

Economy & Finance
Api chaining(tm)

Api chaining(tm)

Technology
Chaining Interrupts. Short contents What does chaining interrupts mean? TSR programs Chaining an interrupt example program Reentrancy problems with DOS

Chaining Interrupts. Short contents What does chaining interrupts mean? TSR programs Chaining an interrupt example program Reentrancy problems with DOS

Documents
Hash Table [Chaining]

Hash Table [Chaining]

Documents
ONOS Update...Application Stores & Primitives CORD Virtual Tenant Networks CORD Optical Line Terminator Segment Routing OpenStack Networking Service Function Chaining ACL Management

ONOS Update...Application Stores & Primitives CORD Virtual Tenant Networks CORD Optical Line Terminator Segment Routing OpenStack Networking Service Function Chaining ACL Management

Documents
Hash Table Theory and chaining. Hash table: Theory and chaining Hash Table Formalism for hashing functions Resolving collisions by chaining

Hash Table Theory and chaining. Hash table: Theory and chaining Hash Table Formalism for hashing functions Resolving collisions by chaining

Documents
Backward Chaining Hamster

Backward Chaining Hamster

Documents
Dynamic Service Chaining - Meetupfiles.meetup.com/6229612/Tail-f SDN OpenStack Meetup.pdf · 2014-01-16 · January 16, 2014 3 About the Presenter Jan Lindblad is the Principal Solutions

Dynamic Service Chaining - Meetupfiles.meetup.com/6229612/Tail-f SDN OpenStack Meetup.pdf · 2014-01-16 · January 16, 2014 3 About the Presenter Jan Lindblad is the Principal Solutions

Documents
Backward chaining

Backward chaining

Documents
Forward Chaining in HALO

Forward Chaining in HALO

Technology
Forward Chaining vs. Backward Chaining - Hinkelmannknut.hinkelmann.ch/lectures/KE2011/KE-4_FC_vs_BC.pdfProf. Dr. Knut Hinkelmann MSc BIS/ 2 Forward Chaining vs. Backward Chaining Logical

Forward Chaining vs. Backward Chaining - Hinkelmannknut.hinkelmann.ch/lectures/KE2011/KE-4_FC_vs_BC.pdfProf. Dr. Knut Hinkelmann MSc BIS/ 2 Forward Chaining vs. Backward Chaining Logical

Documents
Establishing Service Function Chaining ... - openstack.id · $ openstack sfc flow classifier create --ethertype IPv4 --source-ip-prefix 192.168.0.97/32 --destination-ip-prefix 192.168.0.101/32

Establishing Service Function Chaining ... - openstack.id · $ openstack sfc flow classifier create --ethertype IPv4 --source-ip-prefix 192.168.0.97/32 --destination-ip-prefix 192.168.0.101/32

Documents
STUDENT ACTIVITY MANUAL - agedweb.orgagedweb.org/agmech/UofA Survey Student Workbook-web.pdf · This Student Activity Manual is designed to provide ... - Chaining - Chaining CHAINING

STUDENT ACTIVITY MANUAL - agedweb.orgagedweb.org/agmech/UofA Survey Student Workbook-web.pdf · This Student Activity Manual is designed to provide ... - Chaining - Chaining CHAINING

Documents
Complex Hashing & Chaining

Complex Hashing & Chaining

Documents
BACKWARD CHAINING FORWARD CHAINING DAN …

BACKWARD CHAINING FORWARD CHAINING DAN …

Documents
Forward Chaining

Forward Chaining

Documents
Chaining Operator in Climb - blog.vjeux.com · Climb Introduction Method Chaining jQuery Method Chaining Extended Climb Image Processing Implementation Attempts Dollar macro Extensions

Chaining Operator in Climb - blog.vjeux.com · Climb Introduction Method Chaining jQuery Method Chaining Extended Climb Image Processing Implementation Attempts Dollar macro Extensions

Documents
Climb – Chaining Operators - Report

Climb – Chaining Operators - Report

Technology
Supply Chaining Presentation

Supply Chaining Presentation

Education
Backward n Forward Chaining

Backward n Forward Chaining

Documents
Demo: Service Function Chaining Across OpenStack and … · 2019-07-08 · extending and consolidating state-of-the-art tools and technologies originated from Network Function Virtualization

Demo: Service Function Chaining Across OpenStack and … · 2019-07-08 · extending and consolidating state-of-the-art tools and technologies originated from Network Function Virtualization

Documents
1 Hashing: Collision Resolution Schemes Collision Resolution Techniques Separate Chaining Separate Chaining with String Keys Separate Chaining versus Open-addressing

1 Hashing: Collision Resolution Schemes Collision Resolution Techniques Separate Chaining Separate Chaining with String Keys Separate Chaining versus Open-addressing

Documents
State of the OpenDaylight Union - · PDF file• OVSDB Neutron • SN Integration Aggregator • Service Function Chaining ... OpenStack and OpenDaylight Integration Compute Node VM

State of the OpenDaylight Union - · PDF file• OVSDB Neutron • SN Integration Aggregator • Service Function Chaining ... OpenStack and OpenDaylight Integration Compute Node VM

Documents