SlideShare ist ein Scribd-Unternehmen logo

Distributed Virtual Transaction Directory Server

•
•
LDAPCon
LDAPCon
Technologie
1 von 24
Downloaden Sie, um offline zu lesen
DVTDS Christian Hollstein, TeraCortex www.teracortex.com
Presentation of DVTDS Distributed Virtual Transaction Directory Server By TeraCortex ● Background ● Architecture ● Virtualization ● Performance
Background: LDAP in Mobile Networks 4G network IMS domain HSS MME IMSAS LDAP CSCF LDAP 3Com CoreBuilder 5000TM Switching Hub LDAP Transactions mgt fb fb fb fb tpl6 tpl6 fb Media Server fb fb fb 5302m SDM Directory LDAP Provisioning System 3G HLR network GGSN MSC SGSN
LDAP based Subscriber Data Management ● 3GPP standard rules LDAP as central repository ● Several hundred mobile operators / deployments worldwide ● Major vendors: Ericsson, Huawei, NSN, ZTE, Alcatel ● NSN alone serves 3.2 billion subscriber records ● Several dozen entries per subscriber record ● Probably largest directories worldwide
Consequences for Directory Products ● Millions of subscriber records → billions of entries ● Data federation / distribution ● High availability → geo -redundant deployment / replication ● Consistent provisioning → transaction safeness ● Update signaling to applications → triggers ● Multi application environments → data model virtualization ● High volume traffic → near real time behavior
New Solution Coming Up: DVTDS
DVTDS Distributed Architecture Client Client Client LDAP Possible session path DVTDS 1000 million keys on 64 GB (mirrored) machine ... Client … > 1000 • LDAP protocol for chaining • Multi level hierarchy • Leaves may be any LDAP server • Sessions span over several servers • Servers may be replicated • Distributed transactions LDAP Chaining DVTDS ... (chained) (chained, mirrord) ... LDAP Chaining
Client Session path Data Replication • Symmetrical Multi Master Replication • No single point of failure LDAP connection to • Logical DSA concept • Compatible with LDAP chaining any of the • Priority based conflict resolving, real time mirrors • LDAP protocol • Up to eight servers per DSA, fully meshed • Transaction safe (Mirror 1) (Mirror 0) LDAP Mirror (Mirror 2) (Mirror 3) Logical DSA
Replication and Conflict Resolving • Conflicts recognized and handled in real time • Based on request, user and server priority • Keeps to ACID paradigm • Data consistent across sites under attack • Winner gets “Success”. Looser gets “Busy” User Prio 7 LDAP Delete Prio 0 Session path User Prio 4 LDAP Modify Prio 1 Session path Object Object Resolver Resolver Object Object Resolver Resolver DVTDS Site A Prio 2 LDAP Mirror DVTDS Site B Prio 5
System Integration and External Interfaces Applications / Provisioning LDAP Client Port ... SOAP/ HTTP LDIF Binary ASN.1 Capture Port ... Trigger Log File ... ... LDAP CSV Backup / Data Migration LDIF Admin Port ... CSV LDIF CSV Reports ... Restore / Data Migration ... Data Federation LDAP ... Data ... Replication LDAP LDAP CSV LDIF OAM System
Internal Architecture Client Ports Session ... Capture Ports Session, queue control ... DVTDS Protocol Stack Protocol Stack Protocol Stack Object Resolver Object Resolver Object Resolver Execution Unit Execution Unit Execution Unit Interlocking sub system Directory Information Tree Central Data Area Hard disk sub system Configuration Schema Backup/Restore Traffic control Tuning DNS Licenses Logging/Audits ... Interfaces: Trigger Backup Restore Migration Reports Admin Log files Chaining Replication
Architectural Features ● Free configurable client ports ● Each client port serves a number of sessions ● Each session lives inside its own worker thread ● Object level locking system ● Direct data allocation on memory mapped hard disk volumes ● Volumes maybe cooked or raw file space
LDAP Data Model Virtualization Data access via application views HSS HLR MMS Physical data access (No views) AAA IMS Application Data M2M View Layer PCRF Core Data MNP FixedNet Provisioning System Social Networks
Supported LDAP View Mechanisms ● Transparent aliases ● Rule based bidirectional DN conversion ● Virtual objects ● Virtual and real attributes can be mixed in any object ● Soon: Rule based bidirectional attribute/value conversion ● Integrated in the DVTDS kernel → little overhead ● Online configurable → no service interruption
Data Aggregation by Virtualization: Physical Telco Model dc=Enterprise dc=IMSI oc: dcObject dc=EMAIL dc=IMSI oc: dcObject dc=MSISDN dc=IMSI oc: dcObject o=<BusinessUnit> dc=IMSI dc=ACCOUNT dc=IMSI oc: organization oc: dcObject oc: dcObject ou=subscriberData mail=me@teracortex.com IMSI=777888000000001 oc: imsiUidAlias mailAlias IMSI=777888000000001 MSISDN=4916096220958 oc: imsiUidAlias msisdnAlias IMSI=262011100000001 IMSI=777888000000001 oc: imsiUidAlias imsiAlias account=1234abcd IMSI=777888000000001 oc: imsiUidAlias accountlAlias oc: organizationalUnitt UID=777888000000001 oc: inetOrgPerson Access Path ... dc=configurableViews dc=IMSI oc: dcObject ou=MOBILE ou=EMAIL ou=FiXED ou=IDENTITY dc=IDENTITY Mobile Data Email Data Fixed net data Subscriber Identities dc=FIXED dc=EMAIL dc=MOBILE oc: mobileData param0: real value param1: real value ... Mobile: reference oc: eMailData param2: real value param3: real value ... Email: reference oc: fixedNetData param4: real value param5: real value ... Fixed Net: reference oc: identityData param6: real value param7: real value ... Identy: reference
View Mechanism Properties ● Each subscriber has individual data below uid=... ● Accessed via transparent aliases ● Application view data outside of subscriber data ● Found by two stage resolving algorithm ● Different applications can share physical data
Example: Server – Side DN Conversion DN as sent by the client: ou=mobile,impi=sip:262000000000000@ims.telekom.de,dc=IMPI Server Side Conversion Rule: clientDn: *,impi=(sip):([0-9]+)@(ims.telekom.de),dc=IMPI serverDn: imsi=#3(2),dc=IMSI DN as used by the server: ou=mobile,imsi=262000000000000,dc=IMSI
1000000 Throughput in absolute numbers 900000 DVTDS Intel I7 4960X 6 Cores @4.6 GHz 32 GB RAM 7 x SATA 7200 RPM 28 Million entries Operations / s 800000 700000 600000 Oracle OID Sparc T5-2 32 cores @3.6 GHz 512 GB RAM Flash disk array 50 million entries 500000 400000 300000 200000 100000 Entry load LDAP Add LDAP Search LDAP Modify LDAP Compare
Throughput per GHz CPU speed 27000 DVTDS Intel I7 4960X 6 Cores @4.6 GHz = 27.6 GHz Operations / s 24000 21000 18000 Oracle OID Sparc T5-2 32 cores @3.6 GHz = 115.2 GHz 15000 12000 9000 6000 3000 Entry load LDAP Add LDAP Search LDAP Modify LDAP Compare
Throughput Scaling
Notes on 3D Server Throughput Diagram ● 2 Variables: queue length and number of clients ● Throughput increases with bigger queue length ● Throughput scales by number of cores and clients ● Saturation on 6 core machine at 6 clients ● Degradation when operated beyond saturation ● Linear scaling if not bottle - necked by memory bandwidth
Scaling the Data 540 Million entries inetOrgPerson 22 Attributes LDIF size: 532 bytes ine L rs a c ing al • 540 million entries in less than 2 hours • Naming attribute was indexed • Indexing time included, no setup time • Multi threaded object loader • LDAP protocol / BER object format • 30 GB RAM, 366 GB data base size 114 Minutes load time
Roadmap 2014 ● Automatic replica reconciliation after mirror network faults ● Free configurable indices ● User level documentation ● Free demo version download
Thank you for your attention! www.teracortex.com

Empfohlen

A Backend to tie them all?
A Backend to tie them all?A Backend to tie them all?
A Backend to tie them all?LDAPCon
 
Do The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clientsDo The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clientsLDAPCon
 
Build your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory ManagerBuild your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory ManagerLDAPCon
 
Building Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPABuilding Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPALDAPCon
 
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...LDAPCon
 
Fortress Open Source IAM on LDAPv3
Fortress Open Source IAM on LDAPv3Fortress Open Source IAM on LDAPv3
Fortress Open Source IAM on LDAPv3LDAPCon
 
How AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloudHow AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloudLDAPCon
 
Beyond the Basics 4: How to secure your MongoDB database
Beyond the Basics 4: How to secure your MongoDB databaseBeyond the Basics 4: How to secure your MongoDB database
Beyond the Basics 4: How to secure your MongoDB databaseMongoDB
 

Empfohlen

A Backend to tie them all?
A Backend to tie them all?A Backend to tie them all?
A Backend to tie them all?LDAPCon
 
Do The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clientsDo The Right Thing! How LDAP servers should help LDAP clients
Do The Right Thing! How LDAP servers should help LDAP clientsLDAPCon
 
Build your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory ManagerBuild your LDAP Web Interface with LinID Directory Manager
Build your LDAP Web Interface with LinID Directory ManagerLDAPCon
 
Building Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPABuilding Open Source Identity Management with FreeIPA
Building Open Source Identity Management with FreeIPALDAPCon
 
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...Bridging the gap: Adding missing client (security) features using OpenLDAP pr...
Bridging the gap: Adding missing client (security) features using OpenLDAP pr...LDAPCon
 
Fortress Open Source IAM on LDAPv3
Fortress Open Source IAM on LDAPv3Fortress Open Source IAM on LDAPv3
Fortress Open Source IAM on LDAPv3LDAPCon
 
How AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloudHow AD has been re-engineered to extend to the cloud
How AD has been re-engineered to extend to the cloudLDAPCon
 
Beyond the Basics 4: How to secure your MongoDB database
Beyond the Basics 4: How to secure your MongoDB databaseBeyond the Basics 4: How to secure your MongoDB database
Beyond the Basics 4: How to secure your MongoDB databaseMongoDB
 
aclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundDirkjanMollema
 
Using OpenLDAP
Using OpenLDAPUsing OpenLDAP
Using OpenLDAPWildan Maulana
 
Silicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your databaseSilicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your databaseSpeedment, Inc.
 
Kerberos, Token and Hadoop
Kerberos, Token and HadoopKerberos, Token and Hadoop
Kerberos, Token and HadoopKai Zheng
 
Open LDAP vs. Active Directory
Open LDAP vs. Active DirectoryOpen LDAP vs. Active Directory
Open LDAP vs. Active DirectoryAhmad Haghighi
 
Securing Your MongoDB Implementation
Securing Your MongoDB ImplementationSecuring Your MongoDB Implementation
Securing Your MongoDB ImplementationMongoDB
 
Practical-LDAP-and-Linux
Practical-LDAP-and-LinuxPractical-LDAP-and-Linux
Practical-LDAP-and-LinuxBalaji Ravi
 
NoSQL - No Security? - The BSides Edition
NoSQL - No Security? - The BSides EditionNoSQL - No Security? - The BSides Edition
NoSQL - No Security? - The BSides EditionGavin Holt
 
LDAP
LDAPLDAP
LDAPKhemnath Chauhan
 
JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]
JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]
JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]Malin Weiss
 
Synchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSCSynchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSCLDAPCon
 
Webinar: MongoDB 2.6 New Security Features
Webinar: MongoDB 2.6 New Security FeaturesWebinar: MongoDB 2.6 New Security Features
Webinar: MongoDB 2.6 New Security FeaturesMongoDB
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Developing Distributed Web Applications, Where does REST fit in?
Developing Distributed Web Applications, Where does REST fit in?Developing Distributed Web Applications, Where does REST fit in?
Developing Distributed Web Applications, Where does REST fit in?Srinath Perera
 
Mdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgrMdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgrDaniel M. Farrell
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
DerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedDerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedWill Schroeder
 
LDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolLDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolS. Hasnain Raza
 
OpenLDAP - Installation and Configuration
OpenLDAP - Installation and ConfigurationOpenLDAP - Installation and Configuration
OpenLDAP - Installation and ConfigurationWildan Maulana
 
powershell-is-dead-epic-learnings-london
powershell-is-dead-epic-learnings-londonpowershell-is-dead-epic-learnings-london
powershell-is-dead-epic-learnings-londonnettitude_labs
 
MYSQL
MYSQLMYSQL
MYSQLgilashikwa
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveMadhu Venugopal
 

Weitere ähnliche Inhalte

Was ist angesagt?

aclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundDirkjanMollema
 
Silicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your databaseSilicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your databaseSpeedment, Inc.
 
Kerberos, Token and Hadoop
Kerberos, Token and HadoopKerberos, Token and Hadoop
Kerberos, Token and HadoopKai Zheng
 
Open LDAP vs. Active Directory
Open LDAP vs. Active DirectoryOpen LDAP vs. Active Directory
Open LDAP vs. Active DirectoryAhmad Haghighi
 
Securing Your MongoDB Implementation
Securing Your MongoDB ImplementationSecuring Your MongoDB Implementation
Securing Your MongoDB ImplementationMongoDB
 
Practical-LDAP-and-Linux
Practical-LDAP-and-LinuxPractical-LDAP-and-Linux
Practical-LDAP-and-LinuxBalaji Ravi
 
NoSQL - No Security? - The BSides Edition
NoSQL - No Security? - The BSides EditionNoSQL - No Security? - The BSides Edition
NoSQL - No Security? - The BSides EditionGavin Holt
 
JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]
JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]
JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]Malin Weiss
 
Synchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSCSynchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSCLDAPCon
 
Webinar: MongoDB 2.6 New Security Features
Webinar: MongoDB 2.6 New Security FeaturesWebinar: MongoDB 2.6 New Security Features
Webinar: MongoDB 2.6 New Security FeaturesMongoDB
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
Developing Distributed Web Applications, Where does REST fit in?
Developing Distributed Web Applications, Where does REST fit in?Developing Distributed Web Applications, Where does REST fit in?
Developing Distributed Web Applications, Where does REST fit in?Srinath Perera
 
Mdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgrMdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgrDaniel M. Farrell
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB DeploymentMongoDB
 
DerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedDerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedWill Schroeder
 
LDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolLDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolS. Hasnain Raza
 
OpenLDAP - Installation and Configuration
OpenLDAP - Installation and ConfigurationOpenLDAP - Installation and Configuration
OpenLDAP - Installation and ConfigurationWildan Maulana
 
powershell-is-dead-epic-learnings-london
powershell-is-dead-epic-learnings-londonpowershell-is-dead-epic-learnings-london
powershell-is-dead-epic-learnings-londonnettitude_labs
 

Was ist angesagt? (20)

aclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHoundaclpwn - Active Directory ACL exploitation with BloodHound
aclpwn - Active Directory ACL exploitation with BloodHound
 
Using OpenLDAP
Using OpenLDAPUsing OpenLDAP
Using OpenLDAP
 
Silicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your databaseSilicon Valley JUG - How to generate customized java 8 code from your database
Silicon Valley JUG - How to generate customized java 8 code from your database
 
Kerberos, Token and Hadoop
Kerberos, Token and HadoopKerberos, Token and Hadoop
Kerberos, Token and Hadoop
 
Open LDAP vs. Active Directory
Open LDAP vs. Active DirectoryOpen LDAP vs. Active Directory
Open LDAP vs. Active Directory
 
Securing Your MongoDB Implementation
Securing Your MongoDB ImplementationSecuring Your MongoDB Implementation
Securing Your MongoDB Implementation
 
Practical-LDAP-and-Linux
Practical-LDAP-and-LinuxPractical-LDAP-and-Linux
Practical-LDAP-and-Linux
 
NoSQL - No Security? - The BSides Edition
NoSQL - No Security? - The BSides EditionNoSQL - No Security? - The BSides Edition
NoSQL - No Security? - The BSides Edition
 
LDAP
LDAPLDAP
LDAP
 
JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]
JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]
JavaOne2016 - Microservices: Terabytes in Microseconds [CON4516]
 
Synchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSCSynchronize AD and OpenLDAP with LSC
Synchronize AD and OpenLDAP with LSC
 
Webinar: MongoDB 2.6 New Security Features
Webinar: MongoDB 2.6 New Security FeaturesWebinar: MongoDB 2.6 New Security Features
Webinar: MongoDB 2.6 New Security Features
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB Deployment
 
Developing Distributed Web Applications, Where does REST fit in?
Developing Distributed Web Applications, Where does REST fit in?Developing Distributed Web Applications, Where does REST fit in?
Developing Distributed Web Applications, Where does REST fit in?
 
Mdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgrMdb dn 2016_11_ops_mgr
Mdb dn 2016_11_ops_mgr
 
Securing Your MongoDB Deployment
Securing Your MongoDB DeploymentSecuring Your MongoDB Deployment
Securing Your MongoDB Deployment
 
DerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting RevisitedDerbyCon 2019 - Kerberoasting Revisited
DerbyCon 2019 - Kerberoasting Revisited
 
LDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access ProtocolLDAP - Lightweight Directory Access Protocol
LDAP - Lightweight Directory Access Protocol
 
OpenLDAP - Installation and Configuration
OpenLDAP - Installation and ConfigurationOpenLDAP - Installation and Configuration
OpenLDAP - Installation and Configuration
 
powershell-is-dead-epic-learnings-london
powershell-is-dead-epic-learnings-londonpowershell-is-dead-epic-learnings-london
powershell-is-dead-epic-learnings-london
 

Ähnlich wie Distributed Virtual Transaction Directory Server

DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveMadhu Venugopal
 
Protocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDNProtocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDNGerardo Pardo-Castellote
 
Kentik Detect Engine - Network Field Day 2017
Kentik Detect Engine - Network Field Day 2017Kentik Detect Engine - Network Field Day 2017
Kentik Detect Engine - Network Field Day 2017gvillain
 
BIND DNS IPWorks Introduction To Advanced
BIND DNS IPWorks Introduction To AdvancedBIND DNS IPWorks Introduction To Advanced
BIND DNS IPWorks Introduction To AdvancedMustafa Golam
 
Micro XRCE-DDS: Bringing DDS into microcontrollers
Micro XRCE-DDS: Bringing DDS into microcontrollersMicro XRCE-DDS: Bringing DDS into microcontrollers
Micro XRCE-DDS: Bringing DDS into microcontrollerseProsima
 
AquaQ Analytics Kx Event - Data Direct Networks Presentation
AquaQ Analytics Kx Event - Data Direct Networks PresentationAquaQ Analytics Kx Event - Data Direct Networks Presentation
AquaQ Analytics Kx Event - Data Direct Networks PresentationAquaQ Analytics
 
Fiware: Connecting to robots
Fiware: Connecting to robotsFiware: Connecting to robots
Fiware: Connecting to robotsJaime Martin Losa
 
Disaster Recovery Experience at CACIB: Hardening Hadoop for Critical Financia...
Disaster Recovery Experience at CACIB: Hardening Hadoop for Critical Financia...Disaster Recovery Experience at CACIB: Hardening Hadoop for Critical Financia...
Disaster Recovery Experience at CACIB: Hardening Hadoop for Critical Financia...DataWorks Summit
 
lec3_10.ppt
lec3_10.pptlec3_10.ppt
lec3_10.pptImXaib
 
Production deployment
Production deploymentProduction deployment
Production deploymentMongoDB
 
Webinar: Deploying MongoDB to Production in Data Centers and the Cloud
Webinar: Deploying MongoDB to Production in Data Centers and the CloudWebinar: Deploying MongoDB to Production in Data Centers and the Cloud
Webinar: Deploying MongoDB to Production in Data Centers and the CloudMongoDB
 
Gntc 2017 cord platform
Gntc 2017 cord platformGntc 2017 cord platform
Gntc 2017 cord platformChun Ming Ou
 
Tim Hall [InfluxData] | InfluxDB Roadmap | InfluxDays Virtual Experience Lond...
Tim Hall [InfluxData] | InfluxDB Roadmap | InfluxDays Virtual Experience Lond...Tim Hall [InfluxData] | InfluxDB Roadmap | InfluxDays Virtual Experience Lond...
Tim Hall [InfluxData] | InfluxDB Roadmap | InfluxDays Virtual Experience Lond...InfluxData
 
Survey on Client Tools, Server and Communication types
Survey on Client Tools, Server and Communication typesSurvey on Client Tools, Server and Communication types
Survey on Client Tools, Server and Communication typesManjuShanmugam1593
 
High Performance Communication for Oracle using InfiniBand
High Performance Communication for Oracle using InfiniBandHigh Performance Communication for Oracle using InfiniBand
High Performance Communication for Oracle using InfiniBandwebhostingguy
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureKarim Vaes
 
Server interview[1]
Server interview[1]Server interview[1]
Server interview[1]sourav nanda
 

Ähnlich wie Distributed Virtual Transaction Directory Server (20)

MYSQL
MYSQLMYSQL
MYSQL
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep dive
 
Protocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDNProtocol and Integration Challenges for SDN
Protocol and Integration Challenges for SDN
 
Kentik Detect Engine - Network Field Day 2017
Kentik Detect Engine - Network Field Day 2017Kentik Detect Engine - Network Field Day 2017
Kentik Detect Engine - Network Field Day 2017
 
BIND DNS IPWorks Introduction To Advanced
BIND DNS IPWorks Introduction To AdvancedBIND DNS IPWorks Introduction To Advanced
BIND DNS IPWorks Introduction To Advanced
 
Software Defined Networking: Primer
Software Defined Networking: Primer Software Defined Networking: Primer
Software Defined Networking: Primer
 
Micro XRCE-DDS: Bringing DDS into microcontrollers
Micro XRCE-DDS: Bringing DDS into microcontrollersMicro XRCE-DDS: Bringing DDS into microcontrollers
Micro XRCE-DDS: Bringing DDS into microcontrollers
 
AquaQ Analytics Kx Event - Data Direct Networks Presentation
AquaQ Analytics Kx Event - Data Direct Networks PresentationAquaQ Analytics Kx Event - Data Direct Networks Presentation
AquaQ Analytics Kx Event - Data Direct Networks Presentation
 
Fiware: Connecting to robots
Fiware: Connecting to robotsFiware: Connecting to robots
Fiware: Connecting to robots
 
Disaster Recovery Experience at CACIB: Hardening Hadoop for Critical Financia...
Disaster Recovery Experience at CACIB: Hardening Hadoop for Critical Financia...Disaster Recovery Experience at CACIB: Hardening Hadoop for Critical Financia...
Disaster Recovery Experience at CACIB: Hardening Hadoop for Critical Financia...
 
lec3_10.ppt
lec3_10.pptlec3_10.ppt
lec3_10.ppt
 
Production deployment
Production deploymentProduction deployment
Production deployment
 
Webinar: Deploying MongoDB to Production in Data Centers and the Cloud
Webinar: Deploying MongoDB to Production in Data Centers and the CloudWebinar: Deploying MongoDB to Production in Data Centers and the Cloud
Webinar: Deploying MongoDB to Production in Data Centers and the Cloud
 
Citrix Day 2015 Net Scaler Release 10.5 Update v10
Citrix Day 2015 Net Scaler Release 10.5 Update v10Citrix Day 2015 Net Scaler Release 10.5 Update v10
Citrix Day 2015 Net Scaler Release 10.5 Update v10
 
Gntc 2017 cord platform
Gntc 2017 cord platformGntc 2017 cord platform
Gntc 2017 cord platform
 
Tim Hall [InfluxData] | InfluxDB Roadmap | InfluxDays Virtual Experience Lond...
Tim Hall [InfluxData] | InfluxDB Roadmap | InfluxDays Virtual Experience Lond...Tim Hall [InfluxData] | InfluxDB Roadmap | InfluxDays Virtual Experience Lond...
Tim Hall [InfluxData] | InfluxDB Roadmap | InfluxDays Virtual Experience Lond...
 
Survey on Client Tools, Server and Communication types
Survey on Client Tools, Server and Communication typesSurvey on Client Tools, Server and Communication types
Survey on Client Tools, Server and Communication types
 
High Performance Communication for Oracle using InfiniBand
High Performance Communication for Oracle using InfiniBandHigh Performance Communication for Oracle using InfiniBand
High Performance Communication for Oracle using InfiniBand
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
 
Server interview[1]
Server interview[1]Server interview[1]
Server interview[1]
 

Mehr von LDAPCon

Fusiondirectory: your infrastructure manager based on ldap
Fusiondirectory: your infrastructure manager based on ldapFusiondirectory: your infrastructure manager based on ldap
Fusiondirectory: your infrastructure manager based on ldapLDAPCon
 
Benchmarks on LDAP directories
Benchmarks on LDAP directoriesBenchmarks on LDAP directories
Benchmarks on LDAP directoriesLDAPCon
 
Update on the OpenDJ project
Update on the OpenDJ projectUpdate on the OpenDJ project
Update on the OpenDJ projectLDAPCon
 
LDAP Development Using Spring LDAP
LDAP Development Using Spring LDAPLDAP Development Using Spring LDAP
LDAP Development Using Spring LDAPLDAPCon
 
What's New in OpenLDAP
What's New in OpenLDAPWhat's New in OpenLDAP
What's New in OpenLDAPLDAPCon
 
What makes a LDAP server running fast ? An bit of insight about the various b...
What makes a LDAP server running fast ? An bit of insight about the various b...What makes a LDAP server running fast ? An bit of insight about the various b...
What makes a LDAP server running fast ? An bit of insight about the various b...LDAPCon
 
Manage password policy in OpenLDAP
Manage password policy in OpenLDAPManage password policy in OpenLDAP
Manage password policy in OpenLDAPLDAPCon
 
OpenLDAP configuration brought to Apache Directory Studio
OpenLDAP configuration brought to Apache Directory StudioOpenLDAP configuration brought to Apache Directory Studio
OpenLDAP configuration brought to Apache Directory StudioLDAPCon
 
Making Research "Social" using LDAP
Making Research "Social" using LDAPMaking Research "Social" using LDAP
Making Research "Social" using LDAPLDAPCon
 
eSCIMo - User Provisioning over Web
eSCIMo - User Provisioning over WebeSCIMo - User Provisioning over Web
eSCIMo - User Provisioning over WebLDAPCon
 
Give a REST to your LDAP directory services
Give a REST to your LDAP directory servicesGive a REST to your LDAP directory services
Give a REST to your LDAP directory servicesLDAPCon
 
IAM to IRM: The Shift to Identity Relationship Management
IAM to IRM: The Shift to Identity Relationship ManagementIAM to IRM: The Shift to Identity Relationship Management
IAM to IRM: The Shift to Identity Relationship ManagementLDAPCon
 

Mehr von LDAPCon (12)

Fusiondirectory: your infrastructure manager based on ldap
Fusiondirectory: your infrastructure manager based on ldapFusiondirectory: your infrastructure manager based on ldap
Fusiondirectory: your infrastructure manager based on ldap
 
Benchmarks on LDAP directories
Benchmarks on LDAP directoriesBenchmarks on LDAP directories
Benchmarks on LDAP directories
 
Update on the OpenDJ project
Update on the OpenDJ projectUpdate on the OpenDJ project
Update on the OpenDJ project
 
LDAP Development Using Spring LDAP
LDAP Development Using Spring LDAPLDAP Development Using Spring LDAP
LDAP Development Using Spring LDAP
 
What's New in OpenLDAP
What's New in OpenLDAPWhat's New in OpenLDAP
What's New in OpenLDAP
 
What makes a LDAP server running fast ? An bit of insight about the various b...
What makes a LDAP server running fast ? An bit of insight about the various b...What makes a LDAP server running fast ? An bit of insight about the various b...
What makes a LDAP server running fast ? An bit of insight about the various b...
 
Manage password policy in OpenLDAP
Manage password policy in OpenLDAPManage password policy in OpenLDAP
Manage password policy in OpenLDAP
 
OpenLDAP configuration brought to Apache Directory Studio
OpenLDAP configuration brought to Apache Directory StudioOpenLDAP configuration brought to Apache Directory Studio
OpenLDAP configuration brought to Apache Directory Studio
 
Making Research "Social" using LDAP
Making Research "Social" using LDAPMaking Research "Social" using LDAP
Making Research "Social" using LDAP
 
eSCIMo - User Provisioning over Web
eSCIMo - User Provisioning over WebeSCIMo - User Provisioning over Web
eSCIMo - User Provisioning over Web
 
Give a REST to your LDAP directory services
Give a REST to your LDAP directory servicesGive a REST to your LDAP directory services
Give a REST to your LDAP directory services
 
IAM to IRM: The Shift to Identity Relationship Management
IAM to IRM: The Shift to Identity Relationship ManagementIAM to IRM: The Shift to Identity Relationship Management
IAM to IRM: The Shift to Identity Relationship Management
 

KĂźrzlich hochgeladen

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

KĂźrzlich hochgeladen (20)

Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Distributed Virtual Transaction Directory Server

  • 2. Presentation of DVTDS Distributed Virtual Transaction Directory Server By TeraCortex ● Background ● Architecture ● Virtualization ● Performance
  • 3. Background: LDAP in Mobile Networks 4G network IMS domain HSS MME IMSAS LDAP CSCF LDAP 3Com CoreBuilder 5000TM Switching Hub LDAP Transactions mgt fb fb fb fb tpl6 tpl6 fb Media Server fb fb fb 5302m SDM Directory LDAP Provisioning System 3G HLR network GGSN MSC SGSN
  • 4. LDAP based Subscriber Data Management ● 3GPP standard rules LDAP as central repository ● Several hundred mobile operators / deployments worldwide ● Major vendors: Ericsson, Huawei, NSN, ZTE, Alcatel ● NSN alone serves 3.2 billion subscriber records ● Several dozen entries per subscriber record ● Probably largest directories worldwide
  • 5. Consequences for Directory Products ● Millions of subscriber records → billions of entries ● Data federation / distribution ● High availability → geo -redundant deployment / replication ● Consistent provisioning → transaction safeness ● Update signaling to applications → triggers ● Multi application environments → data model virtualization ● High volume traffic → near real time behavior
  • 7. DVTDS Distributed Architecture Client Client Client LDAP Possible session path DVTDS 1000 million keys on 64 GB (mirrored) machine ... Client … > 1000 • LDAP protocol for chaining • Multi level hierarchy • Leaves may be any LDAP server • Sessions span over several servers • Servers may be replicated • Distributed transactions LDAP Chaining DVTDS ... (chained) (chained, mirrord) ... LDAP Chaining
  • 8. Client Session path Data Replication • Symmetrical Multi Master Replication • No single point of failure LDAP connection to • Logical DSA concept • Compatible with LDAP chaining any of the • Priority based conflict resolving, real time mirrors • LDAP protocol • Up to eight servers per DSA, fully meshed • Transaction safe (Mirror 1) (Mirror 0) LDAP Mirror (Mirror 2) (Mirror 3) Logical DSA
  • 9. Replication and Conflict Resolving • Conflicts recognized and handled in real time • Based on request, user and server priority • Keeps to ACID paradigm • Data consistent across sites under attack • Winner gets “Success”. Looser gets “Busy” User Prio 7 LDAP Delete Prio 0 Session path User Prio 4 LDAP Modify Prio 1 Session path Object Object Resolver Resolver Object Object Resolver Resolver DVTDS Site A Prio 2 LDAP Mirror DVTDS Site B Prio 5
  • 10. System Integration and External Interfaces Applications / Provisioning LDAP Client Port ... SOAP/ HTTP LDIF Binary ASN.1 Capture Port ... Trigger Log File ... ... LDAP CSV Backup / Data Migration LDIF Admin Port ... CSV LDIF CSV Reports ... Restore / Data Migration ... Data Federation LDAP ... Data ... Replication LDAP LDAP CSV LDIF OAM System
  • 11. Internal Architecture Client Ports Session ... Capture Ports Session, queue control ... DVTDS Protocol Stack Protocol Stack Protocol Stack Object Resolver Object Resolver Object Resolver Execution Unit Execution Unit Execution Unit Interlocking sub system Directory Information Tree Central Data Area Hard disk sub system Configuration Schema Backup/Restore Traffic control Tuning DNS Licenses Logging/Audits ... Interfaces: Trigger Backup Restore Migration Reports Admin Log files Chaining Replication
  • 12. Architectural Features ● Free configurable client ports ● Each client port serves a number of sessions ● Each session lives inside its own worker thread ● Object level locking system ● Direct data allocation on memory mapped hard disk volumes ● Volumes maybe cooked or raw file space
  • 13. LDAP Data Model Virtualization Data access via application views HSS HLR MMS Physical data access (No views) AAA IMS Application Data M2M View Layer PCRF Core Data MNP FixedNet Provisioning System Social Networks
  • 14. Supported LDAP View Mechanisms ● Transparent aliases ● Rule based bidirectional DN conversion ● Virtual objects ● Virtual and real attributes can be mixed in any object ● Soon: Rule based bidirectional attribute/value conversion ● Integrated in the DVTDS kernel → little overhead ● Online configurable → no service interruption
  • 15. Data Aggregation by Virtualization: Physical Telco Model dc=Enterprise dc=IMSI oc: dcObject dc=EMAIL dc=IMSI oc: dcObject dc=MSISDN dc=IMSI oc: dcObject o=<BusinessUnit> dc=IMSI dc=ACCOUNT dc=IMSI oc: organization oc: dcObject oc: dcObject ou=subscriberData mail=me@teracortex.com IMSI=777888000000001 oc: imsiUidAlias mailAlias IMSI=777888000000001 MSISDN=4916096220958 oc: imsiUidAlias msisdnAlias IMSI=262011100000001 IMSI=777888000000001 oc: imsiUidAlias imsiAlias account=1234abcd IMSI=777888000000001 oc: imsiUidAlias accountlAlias oc: organizationalUnitt UID=777888000000001 oc: inetOrgPerson Access Path ... dc=configurableViews dc=IMSI oc: dcObject ou=MOBILE ou=EMAIL ou=FiXED ou=IDENTITY dc=IDENTITY Mobile Data Email Data Fixed net data Subscriber Identities dc=FIXED dc=EMAIL dc=MOBILE oc: mobileData param0: real value param1: real value ... Mobile: reference oc: eMailData param2: real value param3: real value ... Email: reference oc: fixedNetData param4: real value param5: real value ... Fixed Net: reference oc: identityData param6: real value param7: real value ... Identy: reference
  • 16. View Mechanism Properties ● Each subscriber has individual data below uid=... ● Accessed via transparent aliases ● Application view data outside of subscriber data ● Found by two stage resolving algorithm ● Different applications can share physical data
  • 17. Example: Server – Side DN Conversion DN as sent by the client: ou=mobile,impi=sip:262000000000000@ims.telekom.de,dc=IMPI Server Side Conversion Rule: clientDn: *,impi=(sip):([0-9]+)@(ims.telekom.de),dc=IMPI serverDn: imsi=#3(2),dc=IMSI DN as used by the server: ou=mobile,imsi=262000000000000,dc=IMSI
  • 18. 1000000 Throughput in absolute numbers 900000 DVTDS Intel I7 4960X 6 Cores @4.6 GHz 32 GB RAM 7 x SATA 7200 RPM 28 Million entries Operations / s 800000 700000 600000 Oracle OID Sparc T5-2 32 cores @3.6 GHz 512 GB RAM Flash disk array 50 million entries 500000 400000 300000 200000 100000 Entry load LDAP Add LDAP Search LDAP Modify LDAP Compare
  • 19. Throughput per GHz CPU speed 27000 DVTDS Intel I7 4960X 6 Cores @4.6 GHz = 27.6 GHz Operations / s 24000 21000 18000 Oracle OID Sparc T5-2 32 cores @3.6 GHz = 115.2 GHz 15000 12000 9000 6000 3000 Entry load LDAP Add LDAP Search LDAP Modify LDAP Compare
  • 21. Notes on 3D Server Throughput Diagram ● 2 Variables: queue length and number of clients ● Throughput increases with bigger queue length ● Throughput scales by number of cores and clients ● Saturation on 6 core machine at 6 clients ● Degradation when operated beyond saturation ● Linear scaling if not bottle - necked by memory bandwidth
  • 22. Scaling the Data 540 Million entries inetOrgPerson 22 Attributes LDIF size: 532 bytes ine L rs a c ing al • 540 million entries in less than 2 hours • Naming attribute was indexed • Indexing time included, no setup time • Multi threaded object loader • LDAP protocol / BER object format • 30 GB RAM, 366 GB data base size 114 Minutes load time
  • 23. Roadmap 2014 ● Automatic replica reconciliation after mirror network faults ● Free configurable indices ● User level documentation ● Free demo version download
  • 24. Thank you for your attention! www.teracortex.com