This presentation discusses Segment Routing over IPv6 (SRv6) and the Network Programming Model. It provides an overview of what SRv6 is, how it works, and how the Network Programming Model can be used for applications like VPNs, SD-WANs, and service function chaining. The presentation also covers SRv6 standardization efforts, open source implementations, and areas of ongoing research.
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
hpsr-2020-srv6-tutorial
1. This presentation is partly based on slide decks that have been kindly provided by Cisco Systems
Segment Routing over IPv6 (SRV6)
and the Network Programming Model
Stefano Salsano – University of Rome Tor Vergata / CNIT
stefano.salsano@uniroma2.it
IEEE HPSR – May 11th 2020
2. Tutorial highlights - part 1
• What is Segment Routing ?
• What is SRv6 ?
(Segment Routing over IPv6) • Why is SRv6 so cool?
Hint: SDN and scalability !
• How does it work ?
few protocol details…
• SRv6 for typical applications:
Fast Rerouting, VPNs,
Traffic Engineering
2
3. Tutorial highlights - part 2
• What is the Network Programming Model?
from “waypoints” to “instructions”
• How can we use the Network Programming
Model for VPNs/SD-WANs and for SFC?
3
4. Tutorial highlights - part 3
• SRv6 standardization and deployments
• SRv6 open source implementations and tools
• The ROSE ecosystem (Linux)
• Scientific activities on SRv6
4
5. Tutorial highlights - part 4
• Hands-on using the rose-srv6 Virtual Machine
• Advanced topics and research issues
• Conclusions
5
9. The ROSE team Pier Luigi Ventre
Ahmed AbdelSalam
Bogdan Iatco
Mahdi Tajiki
Lorenzo Bracciale
Pierpaolo Loreti
Angelo Tulumello
Marco Bonola
Luca Chiaraviglio
Fabio D'Andreagiovanni
Marco Ferrari
Daniele Zaccariello
Emanuele Altomare
9
Andrea Mayer
Paolo Lungaroni
Francesco Lombardo
Carmine Scarpitta
Giulio Sidoretti
Stefano Salsano
The team involved in the setup of the tutorial VM and experiments
10. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
20. SR Policy and SR domain
S1
S2
S3Headend
Node
P=<S1,S2,S3> SR domain
SR Policy
20
Ingress node
(edge node)
Egress node
(edge node)
Datacenter
Server
21. SR path and SR segments
S1
S2
S3Headend
Node
P=<S1,S2,S3> SR domain
SR Policy
21
Ingress node Egress node
Datacenter
Server
S1 S2 S3
The path is split in three segments
22. SR operations : PUSH / NEXT / CONTINUE
S1
S2
S3Headend
Node
P=<S1,S2,S3> SR domain
SR Policy
22
Ingress node Egress node
Datacenter
Server
S1 S2 S3
PUSH
NEXT CONTINUE
23. SRv6: extending the SR domain (1/2)
S1
S2
S3Headend
Node
P=<S1,S2,S3> SR domain
SR Policy
23
Ingress node
Datacenter
Server
Edge node
24. SRv6: extending the SR domain (2/2)
S1
S2
S3
Headend
Node
P=<S1,S2,S3> SR domain
SR Policy
24
Edge node
Datacenter
Server
Edge node
29. Scalability and SDN: traditional approach
State information (match/action)
per flow in all nodes!
29
example: “traditional” MPLS label
lookup tables with per-flow state
31. Scalability and SDN: SR approach
State information (match/action)
per flow only in the headend node
31
32. Scalability and SDN: SR approach
SDN controller only talks with
edge nodes (per flow)
32
33. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
43. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
56. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
68. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
98. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
106. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
113. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
115. SRv6 standardization
• Main WG docs
– draft-ietf-spring-srv6-network-programming
defines the SRv6 Network Programming model
– draft-ietf-spring-segment-routing-policy
– draft-ietf-spring-sr-service-programming
covers SFC aspects
•IETF docs can be classified in several categories:
Architecture, Use-Cases and Requirements, Deployments and Interoperability, Fast Reroute
(FRR), OAM, Performance Measurements, Multicast/Replication, Protocol Extensions
115
116. SRv6 deployments
• Large-scale commercial deployments
– Softbank, Iliad, China Telecom, LINE corporation, China Unicom, CERNET2, China Bank
and Uganda MTN.
•Hardware linerate implementations
– Cisco Systems, Huawei
– Broadcom, Barefoot, Intel, Marvell, Mellanox
– Multiple Interop Reports
•Open-source platforms/ Applications
– Linux kernel, FD.io VPP, P4, Wireshark, tcpdump, iptables, nftables, snort, ExaBGP,
Contiv-VPP
116
117. SRv6 Open Source Platforms / Applications
• SRv6 Data path
– Linux kernel
– FD.io VPP (https://wiki.fd.io/view/VPP)
– P4 SRv6 (http://bit.ly/onos-p4-srv6)
• Applications and tools
– Wireshark, Tcpdump
– scapy
– iptables, nftables
– Snort NIDS (https://github.com/SRouting/SR-Snort)
• Control plane
– ExaBGP (https://www.segment-routing.net/open-software/exabgp/)
– Contiv-VPP
117
118. ROSE - Research on Open SRv6 Ecosystem
• SRv6 uSID (micro segment) implementation in Linux
• SRv6 uSID (micro segment) implementation on P4
• SRv6-PM (SRv6 Performance monitoring)
• rose-srv6 VM
118
• SREXT - Segment Routing Extension Linux kernel module
• SRNK – SR proxy Native Kernel
• pyroute2 extensions to support SRv6
• SRv6-SDN – An SDN ecosystem for SRv6 on Linux
• SRPerf - a Performance Evaluation Framework for
SRv6 implementations
https://netgroup.github.io/rose/
The ROSE ecosystem includes several sub-projects:
The hands-on part of this tutorial is based on the ROSE ecosystem, in particular on the rose-srv6 VM
119. Segment Routing scientific work
• More than 90 papers
– http://www.segment-routing.net/scientific-papers/ (lists 60 papers)
– See this survey on arxiv (http://arxiv.org/abs/1904.03471)
“Segment Routing: a Comprehensive Survey of Research Activities,
Standardization Efforts and Implementation Results”
119
120. Segment Routing scientific work
• In our survey we have identified the following categories:
– Monitoring (8)
– Traffic Engineering (22)
– Failure Recovery / Resiliency (9)
– Centrally Controlled Architectures (16 )
– Path Encoding (8)
– Network programming (8)
– Performance Evaluation (4)
– Miscellaneous (9)
120
121. Our contributions…
• SDN Architecture and Southbound APIs for IPv6 Segment Routing Enabled Wide Area Networks
P. L. Ventre, M. M. Tajiki, S. Salsano, C. Filsfils,
IEEE Transactions on Network and Service Management (TNSM), December 2018.
• The Network as a Computer with IPv6 Segment Routing: a Novel Distributed Processing Model for the Internet of Things
A. Mayer, E. Altomare, S. Salsano, F. Lo Presti, C. Filsfils,
NGOSCPS workshop at the CPS-IoT Week 2019, April 15 2019, Montreal, Canada (pdf)
• SR-Snort: IPv6 Segment Routing Aware IDS/IPS
A. Abdelsalam, S. Salsano, F. Clad, P. Camarillo, C. Filsfils,
IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), Verona, Italy, November 2018.
• Performance of IPv6 Segment Routing in Linux Kernel
A. Abdelsalam, P. L. Ventre, A. Mayer, S. Salsano, P. Camarillo, F. Clad, C. Filsfils,
CNSM Workshop on Segment Routing and Service Function Chaining (SR+SFC), Rome, Italy, 2018.
• SERA: SEgment Routing Aware Firewall for Service Function Chaining scenarios
A. Abdelsalam, S. Salsano, F. Clad, P. Camarillo, C. Filsfils, IFIP Networking, Zurich, Switzerland, May 2018.
• Implementation of Virtual Network Function Chaining through Segment Routing in a Linux-based NFV Infrastructure
A. AbdelSalam, F. Clad, C. Filsfils, S. Salsano, G. Siracusano and L. Veltri
IEEE Conference on Network Softwarization (NetSoft), Bologna, Italy, 2017.
• An Efficient Linux Kernel Implementation of Service Function Chaining for legacy VNFs based on IPv6 Segment Routing,
A. Mayer, S. Salsano, P. L. Ventre, A. Abdelsalam, L. Chiaraviglio, C. Filsfils,
5th IEEE International Conference on Network Softwarization (NetSoft 2019), 24-28 June 2019, Paris, France
121
122. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
123. Hands-on session
• We run our experiments on the rose-srv6 Virtual Machine, if you want to
replicate them, see https://netgroup.github.io/rose/rose-vm.html
• The experiments performed are reported in this technical report:
“ROSE-SRv6 Tutorial on Linux – Part 1. Manual creation of SRv6 tunnels in the data plane”
https://netgroup.github.io/rose/rose-vm.html#rose-srv6-tutorial-on-linux---part-1
• This technical reports describes further experiments with the SDN controller:
“ROSE-SRv6 tutorial on Linux - Part 2. ROSE Control Plane : setting up SRv6 tunnels from the
controller”
https://netgroup.github.io/rose/rose-vm.html#rose-srv6-tutorial-on-linux---part-2
123
124. Agenda
SR and SRv6 introduction
SR-MPLS Dataplane (short mention)
SRv6 Dataplane
Traffic Engineering, Fault Protection (TI-LFA)
SRv6 Network Programming Model
Security
SD-WAN / Service Function Chaining
Standards, deployments, open source, scientific activities
Advanced topics & further research
Hands-on part
125. Compressing the SR Header
• An SRv6 segment list is a sequence of IPv6 addresses. The SRH always
introduces 8 bytes. Each IPv6 address is 16 bytes long.
Example for 5 segments => 8 + 5 * 16 = 88 bytes of overhead.
Example for 10 segments => 8 + 10 * 16 = 168 bytes of overhead.
• In most cases the number of segments is limited (e.g. up to 3-4 segments), but
what happens if many segments are needed for a particular service or service
scenario ?
• A more compact representation of the Segment List is needed !
125
126. SRv6 uSID (micro-SID)
• A new extension of the SRv6 Network Programming model
– https://datatracker.ietf.org/doc/draft-filsfils-spring-net-pgm-extension-srv6-usid/
• It allows expressing SRv6 segments with a very compact and efficient representation.
– For example, using two bytes for uSID instead of using a normal IPv6 address (16
bytes) for a regular SRv6 segment.
• Leverages the SRv6 control and data planes without any change
• Provides better scaling and minimum MTU overhead
126
128. Other proposals in IETF for SRH compression
• Segment Routing Mapped To IPv6 (SRm6)
– draft-bonica-spring-sr-mapped-six-01
– draft-bonica-6man-comp-rtg-hdr-22
•Compressed SRv6 Network Programming
– draft-li-spring-compressed-srv6-np-02
128
129. The network as a computer with SRv6 (SR-IoT)
• The Network as a Computer with IPv6 Segment Routing: a Novel Distributed Processing Model for the Internet of Things
A. Mayer, E. Altomare, S. Salsano, F. Lo Presti, C. Filsfils,
NGOSCPS workshop at the CPS-IoT Week 2019, April 15 2019, Montreal, Canada (pdf)
A position (or visionary…) paper. Assuming that it is possible to exploit
distributed processing in the “things/gateways”, the application logic and the
computation state is transferred “on the fly” with IP packets (using SRv6!) : “SR-
IoT”
129
130. The network as a computer with SRv6 (SR-IoT)
In SR-IoT, the Segment List can be seen as a “Network program”, where the next
segment is the Instruction Pointer and a network node is a CPU that executes
the instruction
130
131. The network as a computer with SRv6 (SR-IoT)
In SR-IoT, we extend the SRv6 network programming model, considering the
Functions as “operation codes” of a processor ISA (Instruction Set Architecture)
The whole IoT infrastructure is seen as a logical machine with I/O ports
(corresponding to the ports of IoT devices), that can be programmed through an
Instruction Set Architecture
131
132. The network as a computer with SRv6 (SR-IoT)
In SR-IoT, we extend the SRv6 network programming model, considering the
Functions as “operation codes” of a processor ISA (Instruction Set Architecture)
The whole IoT infrastructure is seen as a logical machine with I/O ports
(corresponding to the ports of IoT devices), that can be programmed through an
Instruction Set Architecture
132
133. The network as a computer with SRv6 (SR-IoT)
We designed a prototype of SR-IoT, considering the Instruction Set Architecture
(ISA) of Atmel AVR microcontroller (Arduino) and using the the SimAVR emulator
on Linux to emulate the AVR microcontroller.
An SR-IoT packet corresponds to a process. It includes the program in the SRv6
segment list, and the serialization of registers, stack and RAM. All need to fit in
less than 1500 bytes ! For TinyAVR microcontrollers, RAM used can be as low as
128 or 256 bytes.
We designed an efficient solution to encode operations in the IPv6 segment list.
For example, 100 instructions over 10 different nodes can be represented with
320 bytes, leaving 1000 bytes for RAM, stack and CPU registers…
133
134. Segment Routing hottest open issues
• In our survey http://arxiv.org/abs/1904.03471 we have identified the following
research directions:
– Service Function Chaining support
– SRv6 end-host implementation aspects / SmartNICs and SRv6
– Cloud Orchestration
– Integration with Applications
– 5G and SRv6
– Internet of Things and SRv6
134
135. Conclusions
• Segment Routing architecture seeks the right balance between distributed
intelligence and centralized optimization
• Segment Routing over IPv6 (SRv6) brings in the
Network Programming model
• SRv6 provides underlay and overlay services in a unified way, possibly across
access, metro, core and data center networking domains
• Lots of issues are still open, very good for researchers ☺
135
137. References and acknowledgements
Research on Open SRv6 Ecosystem
https://netgroup.github.io/rose/
5G European Validation Platform for Extensive Trials
https://www.5g-eve.eu/
The 5G EVE project has received funding from the European Horizon 2020 Programme for research,
technological development and demonstration under grant agreement n° 815074