4. Clearwater on rina

DIscussion of RINA principles, research results, implementations and demos. Presented at ETSI ISG NGP meeting # 8

RINA Tutorial presented at the 3rd meeting of the ETSI ISG NGP, showing basic RINA structure and mechanisms, as well as a "toy" example of a mobile network with RINA

1) The ARCFIRE project is experimentally validating the benefits of RINA technology through large-scale experiments on the FIRE+ testbed involving over 100 nodes across multiple distributed information fields (DIFs). 2) In RINA, application names uniquely identify applications, addresses are location-dependent synonyms used for locating applications within a DIF, and other identifiers like port-ids and connection endpoint IDs are used to identify communication endpoints. 3) RINA's naming and addressing model simplifies multi-homing and mobility by assigning addresses to nodes instead of interfaces, avoiding the need for special protocols and allowing mobility to be treated as dynamic multi-homing with expected failures.

The document discusses network architecture and proposes improvements to current approaches. It suggests treating layers as units that provide interprocess communication over different scopes. Each layer would provide a single type of service and the number of layers is not fixed. It also proposes having a single unified data transfer protocol framework and layer management protocol across all layers to reduce complexity. This would help standardization bodies design complete network protocols more easily.

This document discusses the concept of "IPC VPN slices" which provide distributed inter-process communication (IPC) between applications using the Recursive Internet Network Architecture (RINA). It describes how IPC VPN slices can be implemented across single and multiple domains/operators using RINA's distributed IPC facility (DIF) as an overlay. The objective is to provide an autonomous IPC VPN overlay and separation of concerns between the VPN and underlying L2 VPN fabric, as well as service continuity as endpoints attach across different access networks. It also shows how slice orchestration in this architecture provides recursive abstraction between different administrative domains.

RINA provides a framework to securely manage connectivity and network association. It protects layers instead of individual protocols, and addresses are contained within securable Distributed Interface Functions (DIFs). DIFs can replace firewalls and enable centralized policy-based authentication, authorization, and access control. RINA separates security mechanisms from policies, uses a common layer structure across layers, and minimizes complexity to improve security. It also provides a new access control architecture and key management system to securely manage network functions even if systems are compromised.

Rumba is a Python framework that enables large-scale experimentation with the Recursive InterNetwork Architecture (RINA). It provides plugins that interface with different testbeds and prototypes. The document shows an example script that defines nodes and DIFs using the Rumba and rlite prototypes, runs the experiment on a JFed testbed, and starts a rinaperf client-server performance test between two nodes.

This document discusses interoperability between RINA and the Internet and approaches for porting existing network applications to RINA. It describes three solutions for deploying RINA together with the Internet: using RINA as an overlay network, as a substrate, or with RINA/TCP gateways. It also proposes a POSIX-like API for RINA to help port applications and demonstrates porting SSH and web servers to RINA with small code changes.

This document summarizes an approach called RINA (Recursive InterNetwork Architecture) for simplifying multi-layer network management. RINA proposes a common, repeating structure across layers with only two protocols - one for data transfer and one for layer management. This significantly reduces the complexity of management models compared to the IP protocol suite, which has unique protocols at each layer. A case study shows how RINA could simplify network management in a large-scale data center network by reducing the number of required addresses, forwarding entities, and management protocols. The consistent structure of RINA opens the door to increased network automation by making management models simpler and more standardized.

This document discusses a proof-of-concept implementation of a RINA interior router using P4. The goals are to increase RINA credibility by providing a high-performance router implementation at a reasonable cost, and to understand limitations of current network programmability approaches. The implementation targets the BMv2 P4 software switch, demonstrating basic interior router functions for EFCP packets. Future work includes implementing the design on hardware and evaluating the feasibility of a border router.

This document provides an overview of IRATI, an open source implementation of RINA for Linux/OS. It discusses the goals of being tightly integrated with the OS, supporting existing applications, and experimentation. The high-level design uses a Linux kernel with user-space daemons. Implementation status provides details on various IPCP components and policies. Experimental activities describe designing RINA networks and interoperating with legacy technologies. Open source initiatives discuss the IRATI GitHub organization and planned contributions from projects like PRISTINE and IRINA.

This document provides an overview of Rlite, an open source light implementation of the RINA networking model for Linux. Rlite includes both user-space and kernel-space components. The kernel-space implementation provides basic RINA functionality like flow allocation and data transfer. The user-space components include libraries, daemons, and tools to administer the RINA stack. Rlite aims to provide a minimal but stable baseline RINA implementation for developing future RINA products and applications.

The document describes an SDK to exploit the programmability of RINA. RINA is a networking architecture based on the theory that networking is inter-process communication. The SDK aims to provide programmable functions at each layer through consistent APIs. It discusses design decisions around using Linux, a user/kernel split, programming languages, and threading models. The goal is to separate mechanism from policy to simplify network structure and support new requirements through re-usable policies across layers.

This document proposes a unified model called WiLAN to characterize VLANs and Wi-Fi networks through the RINA model. It maps VLAN and Wi-Fi standards into aspects of the RINA model to create a unified representation. The key aspects of the WiLAN model include distinct "media DIFs" for wired and wireless networks, with one or more "common DIFs" operating over the media DIFs. This provides a simplified representation and potential improvements over current standards by reducing header overhead and improving security by removing MAC addresses from frames.

This document summarizes the results of Experiment 5 of the ARCFIRE project. The experiment demonstrated distributed mobility management (DMM) in RINA by allowing a mobile host to soft handover between different wireless access points while maintaining service continuity. It also showed application discovery across different DIFs as the mobile host moved. Finally, it demonstrated multi-access support by allowing the mobile host to connect to different physical networks and access applications hosted in different DIFs and locations as it moved. The key findings were that RINA's layered structure allows for mobility and multi-homing without specialized protocols or tunnels, and that service continuity is preserved during handovers despite some increase in packet loss and delay.

Application-Engineered Routing Application programs the Segment Routing network to deliver end-to-end per-flow policy from DC through WAN to end-user Adding value at your own pace – Leveraging the existing MPLS dataplane without any change. SW upgrade only. – Simplification, Automated 50msec FRR, per-domain and then end-to-end policies Economic gains – Improved service richness and velocity – Optimized CAPEX and OPEX thanks to the simplicity of the SR architecture Segment Routing deployments in CY15 in all the markets – WEB, SP, Entreprise Strong partnership with lead operator group Commitment to standardization and multi-vendor support 

Programmable Congestion Control allows for custom congestion controllers to be configured per Distributed Inter-networking (DIF) layer in RINA, taking advantage of RINA's flow aggregation and breaking the long end-to-end control loop into shorter loops. This programmability occurs through different DIF configurations and congestion control policies without any changes to the underlying mechanisms. A new congestion control policy called LGC is being developed based on logistic growth functions that takes advantage of RINA's flow aggregation capabilities.

In this talk, we will discuss how L4-L7 devices can integrate in various SDN architectures, discuss benefits and some of the challenges that such integration represents. We will also talk about how SDN and NFV relate, and what are the different challenges to successfully deploy L4-L7 devices as Virtual Network Functions (VNFs) or provide such services to the NFV Infrastructure (VIM). Bio Youcef Laribi is a Principal Architect in the Delivery Networks BU at Citrix. He is responsible for driving the integration projects of the NetScaler ADC product with several Cloud, SDN and Automation environments including OpenStack, CloudStack, VMware NSX and Cisco ACI. He is also the Citrix representative on the OpenDaylight Technical Steering Committee. His background is mainly in Operating Systems and Distributed Systems, and he worked on several middleware technologies from DCE and CORBA in the early days, to J2EE and .NET to SOA and micro-services today. Youcef speaks 4 languages and holds a PhD and an MSc in Computer Science from the French INPG Institute in Grenoble, France.

This document summarizes an open source networking group meetup about 5G and brownfield networks. It discusses how 5G will utilize distributed micro data centers and container networking to deploy services. It also explains how an open source central controller using projects like OpenStack and OpenDaylight can provide orchestration, service paths, and abstraction of network elements. Finally, it provides examples of how container networking and an open source SDN controller can help establish service paths and enable the deployment of 5G in hybrid brownfield environments.

- DDoS attacks are increasing in complexity by combining different attack vectors, though the peak size of volumetric attacks decreased - More service providers are adopting SDN/NFV technologies, with the proportion doubling over the previous year, though interoperability and cost remain barriers - NFV aims to deploy network services through software on generic hardware rather than proprietary appliances, improving flexibility, but challenges include integration, orchestration, availability, and licensing

This document discusses service mesh patterns for connecting microservices across multiple clusters. It describes using Envoy proxy to provide service discovery, load balancing, security and resiliency. Patterns are presented for connecting services across clusters with flat, controlled or separate networks. Managing connectivity across clusters can increase operator burden. Gloo Mesh is presented as a way to simplify management across multiple clusters with a centralized control plane.