Evolution and Revolution in Software Defined Networks with RINA
1. #ict-pristine
Evolution and Revolution in the Internet Software Defined Networks
and new network architectures
Eduard Grasa, FP7 PRISTINE
Pisa, October 2015
RINA essentials
3. The TCP/IP model is fundamentally flawed (I)
• Architectural flaws
– Layers in networks aren’t just modules
– Lost the Internet layer, the Internet has a network arch.
– Security not built into the architecture
• Naming and addressing flaws
– An IP address names the interface rather than the node
– Failure to create a complete addressing architecture
• Protocol design flaws
– TCP split from IP, failure to incorporate Watson’s results
– An approach to congestion avoidance that causes congestion, is
predatory and thwarts attempts to QoS
3
1
2
3
4
#ict-pristine
5
6
1
2
3
5. RINA higlights
• Network architecture resulting from a fundamental theory of computer
networking
• Networking is InterProcess Communication (IPC) and only IPC. Unifies
networking and distributed computing: the network is a distributed
application that provides IPC
• There is a single type of layer with programmable functions, that repeats
as many times as needed by the network designers
• All layers provide the same service: instances or communication (flows)
to two or more application instances, with certain characteristics (delay,
loss, in-order-delivery, etc)
• There are only 3 types of systems: hosts, interior and border routers. No
middleboxes (firewalls, NATs, etc) are needed
• Deploy it over, under and next to current networking technologies
5
1
2
3
4
#ict-pristine
5
6
6. From here …
Multiple types of layers, different functions and APIs
6
Host
Enterprise router
IEEE 802.3 (Ethernet)
Enterprise router
TCP/UDP
Host
App
A
App
B
Application
A
Sockets API
OS Sockets
Layer
1. Bind/Listen to interface and port
2. Accept incoming connections
3. Connect to a remote address/port
4. Send datagram
5. Write data (bytes) to socket
6. Read data (bytes) from socket
7. Destroy socket
IP
IEEE 802.11 (WiFi)
Carrier Ethernet
Switch
IEEE 802.1q (VLAN)
IEEE 802.1ah (PBB)
Each tech has a different
API, and all are different
from the application API
Carrier Ethernet
Switch
#ict-pristine
7. To here!
Single type of layer, consistent API, programmable policies
7
Host
Border router Interior Router
DIF
DIF DIF
Border router
DIF
DIF
DIF
Host
App
A
App
B
Consistent
API through
layers
App A
Layer (DIF) API
IPC
Process
1. Register/Unregister App
2. Allocate/Deallocate flows
3. Write data (SDUs) to flows
4. Read data (SDUs) from flows
5. Get layer information
#ict-pristine
9. To here!
Two protocols and a set of programmable functions
9#ict-pristine
Host
Border router Interior Router
DIF
DIF DIF
Border router
DIF
DIF
DIF
Host
App
A
App
B
IPC API
Data Transfer Data Transfer Control Layer Management
SDU Delimiting
Data Transfer
Relaying and
Multiplexing
SDU Protection
Retransmission
Control
Flow Control
RIB
Daemon
RIB
CDAP
Parser/Generator
CACEP
Enrollment
Flow Allocation
Resource Allocation
Routing
Authentication
StateVector
StateVectorStateVector
Data TransferData Transfer
Retransmission
Control
Retransmission
Control
Flow Control
Flow Control
Increasing timescale (functions performed less often) and complexity
Namespace
Management
Security
Management
11. How does it work?
Routing (table sizes can be arbitrarily bounded)
11
• There will be Natural Subnets within a layer around the Central Hole.
• Each can be a routing domain; Each Subnet is one hop across the Hole.
– The hole is crossed in the layer below.
• A Topological Space is imposed on the Address Space of Each Layer
Backbone
Regionals
Metros
(N)-
Routing
Domains
(N-1)-Routing
Domains
12. How does it work?
Internetworking
12
• But there does not need to be ONE e-mall.
– You mean!
• Yes, it is really an INTERnet!
Public Internet
ISP 1 ISP 2 ISP 3
Internet Rodeo Drive
Utility SCADAMy NetFacebook Boutique
Internet Mall of America
e-common DIFs
Provider Network
Local Customer
Network
Peering DIF
A Customer Network has a
border router that makes
several e-malls available. A
choice can be made whether
the entire local network joins,
a single host or a single
application.
13. How does it work?
Security
13
• Benefits of having an architecture instead of a protocol suite: the
architecture tells you where security related functions are placed.
– Instead of thinking protocol security, think security of the architecture: no more
‘each protocol has its own security’, ‘add another protocol for security’ or ‘add
another box that does security’
Operating on the
IPCP’s RIB
Access control
Sending/receiving PDUs
through N-1 DIF
Confidentiality, integrity
N DIF
N-1 DIF
IPC
Process
IPC
Process
IPC
Process
IPC
Process Joining a DIF
authentication, access
control
Sending/receiving PDUs
through N-1 DIF
Confidentiality, integrity
Operating on the
IPCP’s RIB
Access control
IPC
Process
Appl.
Process
Access control
(DIF members)
Confidentiality, integrity
Authentication
Access control
Operations on RIB
DIF Operation
Logging
DIF Operation
Logging
14. How does it work?
Adoption, no migration
14
• Adopt. Don’t transition.
– If the old stuff is okay in the Internet e-mall, leave it there.
– Do the new capabilities in RINA
• Operate RINA over, under, around and through the Internet.
– The Internet can’t be fixed, but it will run better over RINA.
– New applications and new e-malls will be better without the legacy and
run better along side or over the Internet.
Public Internet
Rina Provider
RINA Network
RINA ApplicationsRINA supported Applications
16. RINA R&D activities
16
Maintain specs, facilitate
coordination amongst projects
Major research
efforts
2013-2014 2014-2016
Open source
Implementations
C/C++, Linux/OS
Kernel and user-space
C++, simulation
Framework for OMNeT++
International
Cooperation
2008-x2013-2015
ProtoRINA, JAva
17. Want to join us? It will be fun!
17
• RESEARCHERS: Explore how RINA can be applied to
built more simple, performing and secure Internets!
• DEVELOPERS: Help us build the network infrastructure
of tomorrow!
• Want to take the
red pill and see
networking totally
different?
• Beware..
There is no
way back!
18. Further information can be found here.
Twitter @ictpristine
www www.ict-pristine.eu
<Thank you!>