AaaS: ACL as a Service TEAM 2

Presentation on theme: "AaaS: ACL as a Service TEAM 2"— Presentation transcript:

1 AaaS: ACL as a Service TEAM 2
Peng Zhang (CTBRI)，Frank Zhou (FNII)，Wenyao Huang (SZU) Jan.23th,2016

2 Contens 点击添加文本 Why AaaS Our solution 点击添加文本 Detail of our solutions
summary 点击添加文本 点击添加文本

3 Why AaaS ACL is useful But... Our opinion Our potential customers:
Provide a basic level of security for the network Offer flow control for network traffic But... Configuration is painful Lots of network devices Error-prone Our opinion Provide ACL as a Service Offer Restful API One API, everyting set Our potential customers: Network operator Internet Company ODL Bootcamp

4 Our solution(Tech) Design of architecture Web UI DEMO app layer 点击添加文本
API API 点击添加文本 AaaS Service YANG model abs layer 点击添加文本 MD-SAL NETCONF BGP-LS 点击添加文本 Physical network phy layer

5 Our Work flow Demo GUI Netconf Plugin routers routers routers routers
Get BGP-LS Topo Set ACL BGP Plugin AaaS Service BGP Peer Set datastore with java Netconf Plugin routers routers routers routers

6 Detail of solution Our defined YANG 点击添加文本 点击添加文本 点击添加文本 点击添加文本

7 Detail of solution REST API Design Operation How to invoke Query
GET Delete DELETE Modify PUT Create POST 点击添加文本 Operation How to invoke Query Delete Modify Add 点击添加文本 点击添加文本 点击添加文本 For more detail,go to attachment

8 Detail of solution Web UI Design(Get topology Dynamically) 点击添加文本

9 Detail of solution Web UI Design(Query & Create) 点击添加文本 点击添加文本 点击添加文本

10 Our solution What tech in ODL we use External app: 1 Web: JSP /Servlet
2 Restconf: Apache HttpClient 3 Topo UI: cisco NeXt framework 4 Json parse: jackson 点击添加文本 点击添加文本 Internal app: 1 YANG model 2 Maven 3 MD-SAL 点击添加文本 点击添加文本

11 Summary we embody an internal app based on ODL, which tries to facilitate the configuration and management of ACL,with what we learned in the ODL bootcamp.Also We Use Cisco's cisco next ui framwork to operate the network and show our works. 点击添加文本 点击添加文本 For the internal app, it realizes ACL configuration on all the router we needed and provide APIs for advanced users. Besides, we use Cisco Next UI to show how to configure the ACL 点击添加文本 We provide 1 api docs and 1 introduction slide. 点击添加文本

12 Behind of solution Our original ideas:
Limit traffic flood to specific destination. For example, on the Alibaba’s shopping day of 11th Nov, a flood of traffic would break down servers and waste precious bandwidth. To solve this, our first idea is using randomly drop some packets or limit rate. We think these mothods can low down the server's load and Clients will still have a chance to connect to server and get service. Problems: Firstly, QoS yang and Flow Spec are not supported by XRV right now. Secoundly, It is hard to generate packerts flood in dcloud. Decision : ACL yang is support but not fit to our idea. So why not open ACL setting as a Service? 点击添加文本 点击添加文本 点击添加文本 点击添加文本

13 Future work AaaS is just the beginning. We will continue to open our network, let our customers can use network to solve their problems more efficiently. QaaS: QoS as a Service RaaS: Route as a Service EaaS: Everything as a Service 点击添加文本 点击添加文本 Advanced ACL Customers' main clients region Our customer server QOS 点击添加文本 点击添加文本

14 Q&A 点击添加文本 Thank you 点击添加文本 点击添加文本 点击添加文本