The ICCLab T-Nova members are back from the 3rd and final project review meeting that was held on March 16th in Athens, Greece. Couple of days before that, we were enrolled in the preparation and setup of the final demos at N.C.S.R. Demokritos premises.

Several demonstrations were shown to the reviewers during the demo session in order to point out the achievements in the last year of the project. Moreover a poster session was held in parallel to stress the contributions in terms of conference and journal papers published within the project’s scope, Figure 1.

Figure 1: Irena describing the chain management through Netfloc

The involvement of the ZHAW team in the final year’s progress was related to the billing and charging model in the T-Nova Marketplace, and the Service Function Chaining support for the end-to-end multi-PoP scenario by using Netfloc – the T-Nova SDK4SDN.

Figure 2 shows the Demo3 scenario and its related components. Shortly, the demo idea is the following: A customer buys a Network Service (NS) composed by several VNFs, which has been created by the Service Provider through a Network Service Descriptor (NSD) at the T-NOVA Marketplace; Tenor, the T-Nova orchestrator, takes over resource provisioning and service deployment; Netfloc‘s Create Chain API is invoked by Tenor and Netfloc establishes the SFC VNFFGD in the network; WICM (the T-Nova Connectivity Manager) handles the redirection of customer’s traffic to the NFVI-PoPs transparently, as well as the inter-PoP traffic connection.

Figure 2: Diagram of the multi-PoP SFC demonstration

Some of the achievements shown include the top-down integration Marketplace-Tenor-Netfloc that was demonstrated in two phases: the first part involved the interaction of the Customer with the Marketplace including: service purchase, billing model selection, VNFs composition and finally – PoP election for the service deployment – in this case, Athens and Aveiro datacenters. This part is shown with the video footage on Figure 3.

Figure 3: NSD setup from the Marketplace and service deployment via Tenor

Once the configuration is done, Tenor takes care of: (1) deploying the related resources (networks, ports, VNFs etc.) in the two OpenStack clouds and (2) calling the Netfloc API in order to trigger the chain creation and to establish the multi-point virtual links between the VNFs.
For this year’s demo the following VNFs were selected: virtual traffic classifier (vTC) and virtual proxy as a service (vPXaaS), both running in the Athen’s PoP and virtual security appliance (vSA) running in Aveiro’s PoP. The service consisted of two chains:

Chain1: steering All traffic except Web traffic in the following order: Client – vTC – vSA – Server
Chain2: steering traffic destined to the Web server in the following order: Client – vTC – vPXaaS – vSA – Web server

The idea of the first chain is to filter the traffic that is not destined to the Web server, i.e. letting ICMP, UDP and any other client’s traffic go via the vTC, vSA and end-up in a Server machine on Aveiro’s premises. The vTC is the VNF responsible for the traffic classification, mapping the traffic to the corresponding chain output. The ICMP traffic is steered directly out of the Athens PoP via the vSA in Aveiro, towards the Server and back via the same route to the Client in Athens.

The second chain bypasses the web page request from the Client machine in Athens to the Web server residing in Aveiro, through the VNFs deployed in both PoPs.
The vPXaaS is based on the Squid library to set different traffic filtering criteria. For the second chain service, it is configured to allow traffic with the Web server destination on port 80. However the scope of this VNF is wider and the capabilities for traffic filtering are broader. Finally the vSA uses the pfSense library to provide firewall functionality to the chain. All the traffic out of the PoPs is tagged with VLAN IDs for multi-pop redirection service supported by the WICM. Netfloc is in charge of the OpenStack virtual and the datacenter’s physical network infrastructure of the two PoPs, including the chains configuration. The second phase of the demo that includes the showcase of the two service chains and their outcomes, are shown in Figure 4.

Figure 4: Visualization of chain services and outcomes.

Netfloc, WICM and the the vTC VNF components have been already used in the Y2 demo, within different types of intra-PoP scenario. For this year’s demonstration we enhanced each of the components to support the described scenario, complementing it with additional set of T-Nova VNFs. At Demokritos we worked hard until the very last minute, Figure 5, to ensure working demo for the next day.

Figure 5: Late night effort to finalize the demo 😉 (image courtesy of George)

As a reminder, following is a very brief description of the components in the demo:

Netfloc is an open source SDK for SDN developed as a Karaf archetype based on OpenDaylight. It provides a set of libraries aimed to facilitate datacenter network management, and to support the development of network applications in the cloud. The SFC scenario described in the demo is leveraged by the traffic steering library in Netfloc. The automatic deployment is enabled via Heat plugin support in Netfloc, compatible with the NSD descriptor in Tenor.

WICM (WAN Infrastructure Connectivity Manager) developed over OpenDaylight SDN Controller, enables the integration of WAN connectivity services with the NFVI-PoPs that host the VNFs (located in Athens and Aveiro), allowing the provisioning of end-to-end services. The WICM offers seamless and transparent traffic management to/from both customer’s and provider’s edge routers, while having minimum impact on the network topology.

TeNOR is a NFV Orchestrator platform responsible for managing the entire NFV lifecycle service. TeNOR covers the orchestration and lifecycle management of software resources that support the infrastructure virtualisation, and the lifecycle management of Virtual Network Functions (VNF). TeNOR is totally integrated and follows the NFV ETSI standards.

As a summary, the review process was constructive with a positive recognition on all the activities in the project including the final demonstrations, which eventually resulted in an “excellent” evaluation score for the project itself. Since the end of the project came, with the great Demokritos tech team (Akis, Chris, Chris, Dimitris) we wanted to remark our gratitude to the dear technical coordinator, through the following video, Figure 6 (made by Tasos and hosted on the Avieiro server to be served in the chain). As you can see, it reflects the positive vibes of George as a big motivation for all the projects’ activities.

Figure 6: T-Nova epilogue

A big thanks to T-Nova for allowing us to gain some great experiences over the entire project span and to all the partners (João, Josep, Javier, Alexandros, Majid, etc.) who contributed to the realization of this demo. The cooperation will go on in future. Signed: The ZHAW’s ICCLab team.