The OpenFlow Enabled Facility deployed at the University of the Basque Country (EHU-OEF) by the I2T research group is the first campus-wide experience with OpenFlow at this university. The main idea behind this project is to broaden the experimentation in networking, while assuring the transport of production traffic.
The EHU-OEF consists of 7 NEC switches, 2 NetFPGA-based switches and 3 OpenFlow-ready Wireless LAN Access Points (WAPs), all deployed in the operational network of the University's campus. This is done with full support of the University's IT services and constitutes to the best of our knowledge a primer in Europe.
It has recently been upgraded to support the deployment of services through the use of Service Graphs and with Universal Nodes to support and hybrid SDN based Network Function Virtualization mechanism. The facility provides to each experimenter's slice the possibility to deploy their own OpenFlow controller. The facility is particularly well suited to experiment with networking applications that require full control over the frame format, or in which VLAN or other Layer 2 headers.
The infrastructure has recently (March 2016) been listed by NetWorld2020 European Technology Platform as a 5G Experimental Facility in their Whitepaper on “5G Experimental Facilities in Europe” (download).
OpenFlow is an open standard that enables researchers to run experimental protocols in the campus networks we use every day. OpenFlow is added as a feature to commercial Ethernet switches, routers and wireless access points - and provides a standardized hook to allow researchers to run experiments, without requiring vendors to expose the internal workings of their network devices. OpenFlow is currently being implemented by major vendors, with OpenFlow-enabled switches now commercially available.
In a classical router or switch, the fast packet forwarding (data path) and the high level routing decisions (control path) occur on the same device. An OpenFlow Switch separates these two functions. The data path portion still resides on the switch, while high-level routing decisions are moved to a separate controller, typically a standard server. The OpenFlow Switch and Controller communicate via the OpenFlow protocol, which defines messages, such as packet-received, send-packet-out, modify-forwarding-table, and get-stats.
OpenFlow allows you to easily deploy innovative routing and switching protocols in your network. It is used for applications such as virtual machine mobility, high-security networks and next generation ip based mobile networks.
Both professor offices and practice labs are connected by the OpenFlow infrastructure to the I2T research lab. At this first stage, only one node of each type is involved, but the aim is to have more in the future. The I2T research lab is well connected to the UPV/EHU production network and directly to the Spanish NREN (RedIRIS) and the Basque NREN (i2basque). It's important to note that this effectively gives the possibility to connect natively at layer 2 with i2CAT's Ofelia Island. Due to the fact that the NEC swich has only two 10 Gbps interfaces, 1 Gbps links have been used to connect the rest of the nodes. The users (professors, researchers and students) are also connected at 1 Gbps.
At EHU-OEF both production and experimental traffic share the same physical infrastructure. Afterwards, each of these traffic flows are identified and forwarded to the appropiate output.
In order to control the EHU-OEF two kinds of OpenFlow controllers have been chosen: FlowVisor and NOX. FlowVisor is a special purpose OpenFlow controller that acts as a transparent proxy between OpenFlow switches and multiple OpenFlow controllers. It creates rich slices of network resources and delegates control of each slice to a different controller, enforcing isolation between each slice, i.e., one slice cannot affect another's traffic. NOX is an open-source OpenFlow controller which is easy extensible through C++ and Python modules. New Python modules have been developed for NOX to get the desired behaviour. The controller is located at the I2T research laboratoy, directly connected to one of the NEC switches. The OpenFlow control traffic has been configured as inband , which means that the same physical links used for transmitting data are used to transport the OpenFlow protocol packets from NOX to the switches.
EHU-OEF actually gives service to the research and practice labs and lecturers' offices. Actually a REST-based configuration profile is sent in JSON format on result of a successful 802.1X authentication procedure, which enrolls the user in the correspondent slice which is in turn created with Flowvisor. Several solutions over OpenFlow which deal with access network virtualization, neutral network a AAA in multiservice - multiprovider have been tried over the facility. The integration with Ofelia Control Framework is scheduled to be done before June 2012.
The I2T research lab itself has full native IPv4 and IPv6 support (mail, www and ntp servers). There is also measurement and analysis equipment (Smartbit GPS synced and DAG capture boards) that will be available for testing the results.
Magazine Papers that have been produced using this infrastructure:
Conferences Communications in which some EHU-OEF has been used:
Finally, it has also been used in live demos like:
This project has been partially funded by the Spanish MICINN project A3RAM-NG (TIN2010-21719-C02-01)
Parte de esta infraestructura ha sido financiada por el Ministerio de Ciencia e Innovación, a través del Subprograma Proyectos de infraestructura científico-tecnológica cofinanciadas con el Fondo Europeo de Desarrollo Regional (FEDER) para el proyecto "Infraestructura de comunicaciones de alta velocidad para el análisis y evaluación de tráfico de datos" (UNPV08-4E-007)