connect • communicate • collaborate
MD-VPN,
a new bundle of network services
Xavier Jeannin, RENATER
Tomasz Szewczyk / PSNC
TF-MSP Management of Service
Portfolios
14-15-16 Sept 2014
Budapest, Hungary
2
connect • communicate • collaborate
GÉANT VPN services
• GÉANT IP
• GÉANT L3VPN
• GÉANT Plus
• GÉANT Lambda
• GÉANT Open
• GÉANT MD-VPN
• GÉANT Bandwidth-on-Demand
NREN MD-VPN End-Users
3
connect • communicate • collaborate
• A joint service provided by the GÉANT
network and NRENs
• A seamless transport infrastructure for
point-to-point or multipoint transmission:
– Multi-domain networking
– Layer3 or Layer2 VPNs
spanning several
domains
MD-VPN provides a seamless, scalable
transport infrastructure
L3VPN
MP L2VPN P2P L2VPN
IPv4 IPv6
4
connect • communicate • collaborate
Configure only
at the edge
VPN multiplexing
Configure only once
An end-to-end
extensible
and
flexible service
High scalability
Lead-time
reduced
Reduced opex
MD-VPN service highly scalable, seamless
transport infrastructure
5
connect • communicate • collaborate
http://www.scottcochrane.com
MD-VPN assets
• MD-VPN is based on well known and proven technology
– available right now in almost all boxes
– MPLS and BGP protocols
– No material investment required - no capex investment
• High scalability
– Hierarchical architecture
– VPNs are multiplexed in the core
– Service is provisioned only on the edge routers
– OPEX reduction for GEANT and NREN
– Service lead time dramatically reduced
6
connect • communicate • collaborate
Added-value service for end-users
• Dedicated virtual network
• Safe infrastructure
– Security opex saved on site
(No firewall needed)
Contribute to scientist project
collaboration development
Site B Site A
Site C
MD-VPN connection
7
connect • communicate • collaborate
MD-VPN offers a new way of cooperating
• Collaboration organization:
– Manageability
– End user data security, Extensibility
Acceptable User Policy
– Service Quality
– VPN Provisioning, Monitoring, Troubleshooting
Operational Level Agreement
8
connect • communicate • collaborate
Deployment Status
• Setting-up pilot phase
– Setting-up GÉANT pilot, during 2014
– Feature-proofed on production infrastructure
– 16 NRENs connected
– 3 NRENs committed to connect
• Pilot generalization phase
– Service reliability long-term assessment
– Operation implementation
– Roll-out the 22/07/2014
– Service validation period 01/08/2014 – 31/10/2014
• MD-VPN service in the GÉANT portfolio Q4 Year 1
9
connect • communicate • collaborate
Reliability
Fir
st r
elia
bil
ity f
igure
, August
2014
10
connect • communicate • collaborate
Deployment status
A first scientist project XiFi XIFI is a project of the European
Public-Private-Partnership on
Future Internet (FI-PPP)
programme
http://infographic.lab.fi-ware.org/status
GÉANT
NORDUnet
SUnet DeiC FUnet
Litnet
HEAnet
FCCN
RENATER
RedIRIS
GARR DFN
AMRES
PSNC
CESNET
XiFi
TSSG
XiFi
Sevilla
XiFi
Malaga XiFi
Lannion XiFi
Trento XiFi
Berlin
NREN currently
connected NREN nearly connected
Active XiFi L3 VPN
Future XiFi L3 VPN
XiFi
Com4Innov
GRNET Uni
Thessaly
BELnet
XiFi
Iminds
XiFi
XiFi
XiFi
UPRC
HUNGARnet
XiFi
11
connect • communicate • collaborate
• All scientific projects based on international
collaboration
– LHCONE is an example of successful L3VPN multi-domain
service
– ITER, CONFINE
• Quick P2P connection
– Conference demonstration
– P2P data transport between to sites
• Distributed infrastructure over multi-domain
– Cloud provider
– Grid – HPC center
– Scientific infrastructure: Telescope, sensor network
• …
MD-VPN use cases A wide scope for MD-VPN use
12
connect • communicate • collaborate
MD-VPN use cases A wide scope for MD-VPN use
Optical transport
MD-VPN
Innovation
Users
User Network Interface
• MD-VPN transparent data transport layer for high level
network services like SDN, BoD, … and in general by future
internet project
• Education
– Remote lecture
– E-learning