Internet DRAFT - draft-liu-nvo3-naas-requirement
draft-liu-nvo3-naas-requirement
Network working group Vic Liu
Internet Draft China Mobile
Intended status: Stand Track Chen Li
China Mobile
Expires: August 12, 2014 February 14, 2014
NaaS (Network as a service) requirement
draft-liu-nvo3-naas-requirement-00.txt
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with
the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on May 14, 2014.
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
Liu & Li Expires August 14, 2014 [Page 1]
Internet-Draft NaaS (Network as a service) requirement February 2014
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document.
Abstract
Naas one of the use case based on Network Virtualization Overlay
(NVO3).This draft describes some specific requirement of NaaS in
cloud datacenter.
Table of Contents
1. Introduction ................................................ 2
2. Requirement ................................................. 3
2.1. Isolation of different tenants ......................... 3
2.2. Tenant's logical network in GUI ........................ 3
2.3. Bandwidth guarantee..................................... 3
2.4. Network management...................................... 3
2.5. Reliability ............................................ 4
2.6. Service function requirement............................ 4
2.7. Performance requirements................................ 5
2.7.1. Million-level tenants support...................... 5
2.7.2. Millisecond level service response................. 5
2.7.3. Tenants line speed bandwidth ...................... 5
3. Security Considerations...................................... 5
4. IANA Considerations ......................................... 5
5. References .................................................. 5
5.1. Normative References.................................... 5
5.2. Informative References.................................. 6
1. Introduction
CDC (Cloud Data Center) network has the fastest innovation of the
network standards and the most proposed technology. Especially in
the public clouds. From our perspective, there are several network
capacity can be sold by public clouds' operator: IP address, VLAN,
bandwidth, load balance, firewall and some other network resources.
The target of NaaS (network as a service) is to provide end to end
virtual network with above capacity for tenants in cloud datacenter.
Liu & Li Expires August 14, 2014 [Page 2]
Internet-Draft NaaS (Network as a service) requirement February 2014
However, many traditional technology become the bottleneck of public
cloud service, such as the number of VLAN. It becomes unable to
meet the constantly updated needs of providing users with the hosted
networks for the data segregation.
In this draft, we focus on proposing network requirement of NaaS in
datacenter.
2. Requirement
NaaS is supposed to provide a virtual CDC network for a tenant. We
propose several specific network features of NaaS as follows.
2.1. Isolation of different tenants
Different tenants are isolated by VPN, No matter layer 2 or layer 3,
no matter by VLAN tag or MPLS tag or some others. Meanwhile, the
network service devices, such as load balance and firewall, also
need to be isolated. Tenants have a logical isolated network, which
can be implement any IP and VLAN by themselves (different tenants
should reused IP/VLAN).
2.2. Tenant's logical network in GUI
Tenant's logical network GUI should be simple and intuitive. For
example it only display a L2 switch, a L3 gateway, a broader router,
a load balance, a firewall and some other security devices. All the
link is logical. VMs or servers connect to these logical network
devices.
2.3. Bandwidth guarantee
Each logical network should allocate the specific end to end
bandwidth, including server uplink switch port rate, switch to
gateway link rate, gateway to LB/FW link rate and broader router
link rate. In addition, as tenants in CNC need to establish VPN
connection with its own research, it need to guarantee the VPN
bandwidth as well to realize end-to-end QoS. All the logical
bandwidth allocation should map in physical network devices.
2.4. Network management
Each tenant should be able to manage and configure their own logical
network. For example tenant can maintain its own logical firewall
policy. Tenant's control policy should be isolated from underlay
network architecture and can the transformation from policy to rule
by a middle-box controller. Meantime In order to improve the
Liu & Li Expires August 14, 2014 [Page 3]
Internet-Draft NaaS (Network as a service) requirement February 2014
ability of rapid deployment and decrease the difficulty of tenant
management as well, it also need to provide automatic extension,
automatic configuration function.
2.5. Reliability
It is important for NaaS reliability. By distributed VDC, disaster
tolerance, resource pool HA, smart TE and other measure is required
to provide higher reliability.
2.6. Service function requirement
NaaS can provide two kinds of services for tenants, public cloud
service and private cloud service. The public cloud service means
tenants use CDC resources to provide services for internet users;
the private cloud service provide tenants CDC resources to host
services for themselves. The public cloud services include public
IP, bandwidth, firewall, load balance, CDN, etc. The private
services include DHCP, DNS, subnet gateway, VPN, etc.
Public IP services: provide IP address for the computing resources
in CDC access by internet users.
Bandwidth services: provide a guaranteed public network bandwidth
for tenants' internet services.
Firewall services: provide the tenant with self-defined security
policies.
Load balance: provide tenants with CDC's computing resources which
have parallel service abilities.
CDN: provide cache services for tenants across different geographic
area, the goal of a CDN are to serve content to end-users with high
availability and high performance.
DHCP services: allocate IP addresses dynamically to the computing
resources applied in CDC for tenants.
DNS services: resolute domain name which user will access, include
the internet domain and the IT domain of local tenants.
Subnet gateway services: allowing tenants to define the range of
subnet which the CDC's computing resources belong to, it can also
provide reciprocal visits between different computing resources,
access external internet and routing function of VPN.
Liu & Li Expires August 14, 2014 [Page 4]
Internet-Draft NaaS (Network as a service) requirement February 2014
VPN services: used in the connection between tenants' CDC resources
and tenants' other resources (such as branches); sometimes in order
to improve the quality of service, it will use a dedicated line to
realize the VPN. So tenants will send and receive data across shared
or public networks as if it were directly connected to the private
network, while benefiting from the functionality, security and
management policies of the private network.
2.7. Performance requirements
NaaS need to support million level tenants, so it has some specific
requirements.
2.7.1. Million-level tenants support
By using the overlay network (eg NVO3), it will expand the number
of tenants support by the network and enhance network resource
multiplexing capabilities.
2.7.2. Millisecond level service response
Multi-tenant lead to high concurrency of NaaS, so the service
response determine the quality of service. Service response need to
be Millisecond level.
2.7.3. Tenants line speed bandwidth
Tenant's bandwidth can reaches NIC's line speed. After using NaaS,
the proportion of CDC's internal flow will increase. NaaS have to
ensure tenants' internal data bandwidth.
3. Security Considerations
TBD
4. IANA Considerations
The draft does not require any IANA action.
5. References
5.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
Liu & Li Expires August 14, 2014 [Page 5]
Internet-Draft NaaS (Network as a service) requirement February 2014
5.2. Informative References
[NVO3FRWK] LASSERRE, M., Motin, T., et al, "Framework for DC Network
Virtualization", draft-ietf-nvo3-framework-05, work in progress.
[NVGRE] Sridharan, M., et al, "NVGRE: Network Virtualization using
Generic Routing Encapsulation", draft-sridharan-virtualization-
nvgre-03, work in progress
[VXLAN] Mahalingam, M., Dutt, D., etc, "VXLAN: A Framework for
Overlaying Virtualized Layer 2 Networks over Layer 3 Networks",
draft-mahalingam-dutt-dcops-vxlan-05.txt, work in progress
[Y.1731] ITU-T, "ITU-T Recommendation Y.1731 (02/08) - OAM
functions and mechanisms for Ethernet based networks", February
2008.
[ICMP] Postel, J., "Internet Control Message Protocol", STD 5, RFC
792, September 1981.
[traceroute] Malkin, G., "Traceroute Using an IP Option", RFC 1393,
Xylogics, Inc., January 1993.
[RFC4378] Allan, D. and T. Nadeau, "A Framework for Multi-Protocol
Label Switching (MPLS) Operations and Management (OAM)", RFC 4378,
February 2006.
Liu & Li Expires August 14, 2014 [Page 6]
Internet-Draft NaaS (Network as a service) requirement February 2014
Authors' Addresses
Vic Liu
China Mobile
32 Xuanwumen West Ave, Beijing, China
Email: liuzhiheng@chinamobile.com
Chen Li
China Mobile
32 Xuanwumen West Ave, Beijing, China
Email: lichenyj@chinamobile.com
Liu & Li Expires August 14, 2014 [Page 7]