1 UC Berkeley Engineering 2 Technology Center, Enterprise Solutions, Nortel Networks3 Department of Computer Science, University of Maryland
Tal Lavian 1 ,2 [email protected]
Rob Jaeger 2,3 [email protected]
Active Networks Workshop 1999
OutlineOutline
Bridge between research and marketplace Implementation of Commercial Grade Active
Networks node on Silicon-Based Gigabit L3 Routing Switch
Demo1 - ANTS on AccelarDemo2 - Dynamic Filtering & ConfigurationDemo3- Packets Capture Future: Active Networks Routing Protocols
Bridge between research and Bridge between research and marketplacemarketplace
Bridges the gulf between theory and practiceActive Networks - industry participationPublish the Accelar JVM and development
environmentPublish Linux simulator, tools, and docsScaling up Active Networks Routing Protocol to
commercial networksHeterogeneous Topology - AN/Non AN
AccomplishmentsAccomplishments
JVM on a silicon-based L3 Routing Switch
ORE - Oplet Run-time Environment
Java-enabled Device Architecture
Active Networks apps that dynamically control and modify Silicon-Based Forwarding
Packet Interception
Implementation of Network Forwarding API
Accelar - Industrial Strength Active Accelar - Industrial Strength Active Networks ImplementationNetworks Implementation
Up to 96 Gigabit ports (or 384 10/100Mbs + combinations)
50Gbps L3 Switching capacityScaling up to 256Gbps
Natural Migration - 10GbsWAN OC-192
Wire speed - low latencyHigh availabilityLAN/MAN/WAN
5km multi mode, 50km single mode
Centralized, Centralized, CPU-based RouterCPU-based Router
Forwarding-ProcessorsForwarding-Processors based Routerbased Router
Control + ForwardingControl + ForwardingFunctions combinedFunctions combined
Control separatedControl separatedFrom forwardingFrom forwarding
CPU
Routing SW
CPU
Control Plane
Forwarding Processor
Forwarding Processor
Forwarding Processor
Slow Wire Speed
Active Networks - Node Architecture Active Networks - Node Architecture
Device HWOperating System
JVM
Oplet
C/C++API
JavaAPI
DeviceCode
Oplet Runtime Env
DeviceDrivers
JNIJF
WD
AP
I
ORE Service
AN Packet Interception
ORE - Oplet Run-time Environment ORE - Oplet Run-time Environment
ORE - Oplet Run-time Environment ORE - Oplet Run-time Environment
Service A
JVM
ORE
Service B
Oplet 1
Service C
Oplet 2
Why ORE?
ORE ProtectionORE Protection
ORE uses JVM mechanisms to:protect itself from the Opletsprotect Oplets, one from another
Mechanisms include features of the Javatype safety, access control, ByteCode verification built-in sandbox security manager supportsigned codestrong cryptography infrastructure
ORE ProtectionORE Protection
Java facilities are buttressed by ORE control over the allocation of as many of the system resources as possible
Extra JVM support is necessary to protection against misbehavior by OpletsAccounting of memory and CPU consumptionPromising possibility for memory accounting:
the ability to partition the object heap to enforce limits on the memory usage by an Oplet
ANTS on Gigabit RouterANTS on Gigabit RouterDemo - 1Demo - 1
ANTS Demo ConfigurationANTS Demo Configuration
RoutingSwitch loads boot image from TFTP server
RoutingSwitch dynamically loads Oplets from the Class Server
Laptop 1 originates the pingRouter gets Ping code from Laptop 1.Router “evaluates” ping Ping forwarded to Laptop2Laptop 2 requests codeLaptop 2 perform ping reply
ORE Services
1. Class Server 2. TFTP Server
Laptop 1
Laptop 2 Java-enabled
Routing Switch
Laptop 1
AN Ping
Laptop 2
AN Ping
ORE Services
Java-enabled Routing Switch
AN Ping
Demo 1
ANTS DemoANTS Demo
AN_PingApplication
ANTS EE
AN_PingApplication
PingCapsule
ANTS EEService
DLBootstrap Capsule
DLRequest Capsule
DLResponse Capsule
JVMOREJVM
WIN-95 Routing Switch
ANTS DemoANTS Demo
Java application running on the routerORE facilitate downloading servicesInteroperable with ANTS DistributionMinimum changes to make it conform to ORE service
specification
Dynamic Filtering & Configuring Dynamic Filtering & Configuring Demo - 2Demo - 2
Dynamic Configuration of Forwarding Dynamic Configuration of Forwarding Rules Rules
CPU
ForwardingProcessor
ForwardingProcessor
ForwardingProcessor
ForwardingProcessor
ForwardingRules
SW
HW
ForwardingRules
ForwardingRules
ForwardingRules
AN Apps
Real-time forwarding Stats and Monitors Real-time forwarding Stats and Monitors
CPU
SW
HW
AN Apps
ForwardingProcessor
ForwardingRules
Statistics &Monitors
ForwardingProcessor
ForwardingRules
Statistics &Monitors
ForwardingProcessor
ForwardingRules
Statistics &Monitors
Dynamic - On the Fly ConfigurationDynamic - On the Fly Configuration
ForwardingProcessor
ForwardingProcessor
Pac
ket
Policy
Filters
AN Apps
Packet
Pack
et Filte
r
Demo 2
Dynamic - On the Fly ConfigurationDynamic - On the Fly Configuration
From downloadable Java application, we can dynamically modify the behavior of the Forwarding Processors (ASICs)
Active Networks Packets InterceptionActive Networks Packets InterceptionDemo 3 - Demo 3 -
Active Networks Packet Active Networks Packet CaptureCapture
CPU
ForwardingProcessor
ForwardingProcessor
ForwardingProcessor
ForwardingProcessor
AN Apps
JFWD to Divert or Copy
Wire Speed
Pac
ket
Demo 3
Packet DivertPacket Divert
Active Network topology is unknown
ANEP packets NOT addressed to this node are delivered to the control plane for processing
ANEP daemon receives packets and delivers them to the appropriate EE based on TypeID
ASICFilter
ANEP
Execution Environment
Execution Environment
ANEP packet
AN Routing Protocol
Application
Active Networks Packet CaptureActive Networks Packet Capture
Be able to get the packets from the forwarding plane to the control plane
Process Active Networks packets in the control planeEnabler for Active Network routing protocols
Scaling up Active Networks Routing Scaling up Active Networks Routing Protocol to commercial networks Protocol to commercial networks
Scaling up Active Networks Routing Scaling up Active Networks Routing Protocol to commercial networks Protocol to commercial networks
Overcome the need to predefine the next hopOvercome the need to predefine the next hopNo need to know AN topology a head of timeDivert/CarbonCopy specific packets to control plane
(e.g. packets on ANEP port )Wire speed of all other packetsEnd to end forwardingFuture: Active Networks Routing Protocols
Mixed Topology of AN systemMixed Topology of AN system
- AN Node - Non AN Node
NO need to know the AN topology ahead of time
Virtual Topology of AN systemVirtual Topology of AN system
- AN Node - Non AN Node
NO need to know the AN topology ahead of time
SummarySummary
Bridge between research and marketplace Implementation of commercial grade Active Networks
node on Silicon-Based Gigabit L3 Routing SwitchORE - Oplet Run-time Environment Demo 1 - ANTS on AccelarDemo 2 - Dynamic Filtering & Configuration Demo 3 - Packets Capture to control planeFuture : Enables Active Networks Routing Protocols