The UPV/EHU OpenFlow Enabled Facility (EHU-OEF)
The OpenFlow Enabled Facility deployed at the University of the Basque Country (EHU-OEF) by the I2T research group is the first campus-wide experience with OpenFlow at this university. The main idea behind this project is to broaden the experimentation in networking, while assuring the transport of production traffic.
The EHU-OEF consists of 7 NEC switches, 2 NetFPGA-based switches and 3 OpenFlow-ready Wireless LAN Access Points (WAPs), all deployed in the operational network of the University's campus. This is done with full support of the University's IT services and constitutes to the best of our knowledge a primer in Europe.It has recently been upgraded to support the deployment of services through the use of Service Graphs and with Universal Nodes to support and hybrid SDN based Network Function Virtualization mechanism. The facility provides to each experimenter's slice the possibility to deploy their own OpenFlow controller. The facility is particularly well suited to experiment with networking applications that require full control over the frame format, or in which VLAN or other Layer 2 headers.
The infrastructure has recently (March 2016) been listed by NetWorld2020 European Technology Platform as a 5G Experimental Facility in their Whitepaper on “5G Experimental Facilities in Europe” (download).
What is OpenFlow?
OpenFlow is an open standard that enables researchers to run experimental protocols in the campus networks we use every day. OpenFlow is added as a feature to commercial Ethernet switches, routers and wireless access points - and provides a standardized hook to allow researchers to run experiments, without requiring vendors to expose the internal workings of their network devices. OpenFlow is currently being implemented by major vendors, with OpenFlow-enabled switches now commercially available.
In a classical router or switch, the fast packet forwarding (data path) and the high level routing decisions (control path) occur on the same device. An OpenFlow Switch separates these two functions. The data path portion still resides on the switch, while high-level routing decisions are moved to a separate controller, typically a standard server. The OpenFlow Switch and Controller communicate via the OpenFlow protocol, which defines messages, such as packet-received, send-packet-out, modify-forwarding-table, and get-stats.
OpenFlow allows you to easily deploy innovative routing and switching protocols in your network. It is used for applications such as virtual machine mobility, high-security networks and next generation ip based mobile networks.
- 7 NEC switches IP8800/S3640 OpenFlow enabled
- 2 NetFPGA 1G cards
- 4 OpenWrt WiFi routers with the OpenFlow enabled firmware "Pantou"
How EHU-OEF works
Both professor offices and practice labs are connected by the OpenFlow infrastructure to the I2T research lab. At this first stage, only one node of each type is involved, but the aim is to have more in the future. The I2T research lab is well connected to the UPV/EHU production network and directly to the Spanish NREN (RedIRIS) and the Basque NREN (i2basque). It's important to note that this effectively gives the possibility to connect natively at layer 2 with i2CAT's Ofelia Island. Due to the fact that the NEC swich has only two 10 Gbps interfaces, 1 Gbps links have been used to connect the rest of the nodes. The users (professors, researchers and students) are also connected at 1 Gbps.
At EHU-OEF both production and experimental traffic share the same physical infrastructure. Afterwards, each of these traffic flows are identified and forwarded to the appropiate output.
In order to control the EHU-OEF two kinds of OpenFlow controllers have been chosen: FlowVisor and NOX. FlowVisor is a special purpose OpenFlow controller that acts as a transparent proxy between OpenFlow switches and multiple OpenFlow controllers. It creates rich slices of network resources and delegates control of each slice to a different controller, enforcing isolation between each slice, i.e., one slice cannot affect another's traffic. NOX is an open-source OpenFlow controller which is easy extensible through C++ and Python modules. New Python modules have been developed for NOX to get the desired behaviour. The controller is located at the I2T research laboratoy, directly connected to one of the NEC switches. The OpenFlow control traffic has been configured as inband , which means that the same physical links used for transmitting data are used to transport the OpenFlow protocol packets from NOX to the switches.
EHU-OEF actually gives service to the research and practice labs and lecturers' offices. Actually a REST-based configuration profile is sent in JSON format on result of a successful 802.1X authentication procedure, which enrolls the user in the correspondent slice which is in turn created with Flowvisor. Several solutions over OpenFlow which deal with access network virtualization, neutral network a AAA in multiservice - multiprovider have been tried over the facility. The integration with Ofelia Control Framework is scheduled to be done before June 2012.
The I2T research lab itself has full native IPv4 and IPv6 support (mail, www and ntp servers). There is also measurement and analysis equipment (Smartbit GPS synced and DAG capture boards) that will be available for testing the results.
Magazine Papers that have been produced using this infrastructure:
- "Service description in the NFV revolution: trends, challenges and a way forward", Jokin Garay, Jon Matias, Juanjo Unzilla, Eduardo Jacob, IEEE Communications Magazine (ISSN: 0163-6804) http://dx.doi.org/10.1109/MCOM.2016.7432174
- "An architecture for dynamic QoS management at Layer 2 for DOCSIS access networks using OpenFlow", Alaitz Mendiola, Victor Fuentes, Jon Matias, Jasone Astorga, Nerea Toledo, Eduardo Jacob, Maider Huarte, Computer Networks, (ISSN:1389-1286) https://dx.doi.org/10.1016/j.comnet.2015.11.017
- "Toward an SDN-enabled NFV architecture", Jon Matias, Jokin Garay, Nerea Toledo, Juanjo Unzilla, Eduardo Jacob, IEEE Communications Magazine (ISSN: 0163-6804) http://dx.doi.org/10.1109/MCOM.2015.7081093
- "The EHU-OEF: An OpenFlow based Layer 2 Experimental Facility", Jon Matias; Alaitz Mendiola; Nerea Toledo; Borja Tornero; Eduardo Jacob, Computer Networks, Special Issue: Future Internet Testbeds (ISSN: 1389-1286) http://dx.doi.org/10.1016/j.bjp.2013.11.013
Conferences Communications in which some EHU-OEF has been used:
- "Multi-domain Software Defined Network: exploring possibilities". Łukasz Podleski, Radek Krzywania, Miłosz Przywecki, Eduardo Jacob, Alaitz Mendiola, José Ignacio Aznar-Baranda, Albert Vico-Oton, Xavier Jeannin, Kurt Baumann, Christos Argyropoulos, Selected papers of Terena Networking Conference 2014 (ISBN: 978-90-77559-24-6) http://www.terena.org/publications/tnc2014-proceedings/
- "Deploying a Virtual Network Function over a SDN infrastructure". Eduardo Jacob, Jon Matias, Alaitz Mendiola, Victor Fuentes, Jokin Garay, Christian Pinedo, Selected papers of Terena Networking Conference 2014 (ISBN: 978-90-77559-24-6) http://www.terena.org/publications/tnc2014-proceedings/
- "Hardware Abstraction Layer for non-OpenFlow capable devices". Łukasz Ogrodowczyk, Bartosz Belter, Artur Binczewski, Krzysztof Dombek, Artur Juszczyk, Iwo Olszewski, Damian Parniewicz, Roberto Doriguzzi Corin, Matteo Gerola, Elio Salvadori, Kostas Pentikousis, Hagen Woesner, Mehdi Rashidi Fard, Eduardo Jacob, Jon Matias, Selected papers of Terena Networking Conference 2014 (ISBN: 978-90-77559-24-6)http://www.terena.org/publications/tnc2014-proceedings/
- "DynPaC: A Path Computation Framework for SDN", Alaitz Mendiola, Jasone Astorga, Eduardo Jacob, Marivi Higuero, Aitor Urtasun, Victor Fuentes, IV European Workshop on Software Defined Networks (EWSDN 2015) http://dx.doi.org/10.1109/EWSDN.2015.77
Finally, it has also been used in live demos like:
- "QoS enriched Service Graph deployment over Optical access networks"Jon Matias, Jokin Garay, Victor Fuentes, Eduardo Jacob,Technical Partner Demo: IV European Workshop on Software Defined Networks (EWSDN 2015)
- "Exploring the Service/Orchestrator interaction: Secure and dynamic deployment of services based on identity", Eduardo Jacob, Jokin Garay , Jon Matias , Hagen Woesner , Marc Suñé, Tobias Jungel, Open Networking Summit 2015 - SDN Solutions Showcase (S3)
- "Self-deploying Service Graphs over ELwUD (EHU-OEF Lightweight UNIFY Domain)" Jokin Garay, Jon Matias, Alaitz Mendiola, Jasone Astorga, Eduardo Jacob, 1st IEEE Conference on Network Softwarization (NetSoft), 2015 ISBN:978-1-4799-7898 http://dx.doi.org/10.1109/NETSOFT.2015.7116168
- “Enriched slices in EHU-OEF empowered by NFV: the Access Control VNF use case", Jon Matias, Jokin Garay, Alaitz Mendiola, Victor Fuentes, Christian Pinedo, Eduardo Jacob, Demonstrationin “Academic/Research Demo track", Open Networking Summit 2014, Santa Clara (USA), 2-5 March 2013
- “Access Control NFV enforcement at the EHU-OpenFlow Enabled Facility". Jon Matias, Eduardo Jacob, Christian Pinedo, Alaitz Mendiola, Demonstration in the “Network Functions Virtualization (NFV) Demo track" IEEE Globecom'13 Industrial Forum & Exhibits, Atlanta (USA), 9-13 December 2013
This project has been partially funded by the Spanish MICINN project A3RAM-NG (TIN2010-21719-C02-01)
Parte de esta infraestructura ha sido financiada por el Ministerio de Ciencia e Innovación, a través del Subprograma Proyectos de infraestructura científico-tecnológica cofinanciadas con el Fondo Europeo de Desarrollo Regional (FEDER) para el proyecto "Infraestructura de comunicaciones de alta velocidad para el análisis y evaluación de tráfico de datos" (UNPV08-4E-007)
- University of the Basque Country (UPV/EHU) http://www.ehu.es
- OpenFlow http://www.openflow.org
- NetFPGA http://www.netfpga.org
- Pantou OpenWRT Openflow-enabled firmware http://www.openflow.org/wk/index.php/Pantou_:_OpenFlow_1.0_for_OpenWRT
- FlowVisor OpenFlow controller http://www.openflow.org/wk/index.php/FlowVisor
- NOX OpenFlow controller http://noxrepo.org
- OFELIA Project http://www.fp7-ofelia.eu