| | 1 | |
|---|
| | 2 | |
|---|
| | 3 | Home page: [http://www.vini-veritas.net/ http://www.vini-veritas.net/] |
|---|
| | 4 | |
|---|
| | 5 | Mike notes: |
|---|
| | 6 | |
|---|
| | 7 | === Points about the architecture. === |
|---|
| | 8 | |
|---|
| | 9 | * Links between virtual router nodes in VINI are intended to mirror the |
|---|
| | 10 | physical links they run over; i.e., they are '''not''' intended to be |
|---|
| | 11 | transparent, robust links between nodes. |
|---|
| | 12 | |
|---|
| | 13 | * Existing implementations use IP-encapsulated ethernet protocols. |
|---|
| | 14 | |
|---|
| | 15 | * Has mechanisms for routing "real" traffic through the VINI network |
|---|
| | 16 | (i.e., to direct traffic into and out of the network). |
|---|
| | 17 | |
|---|
| | 18 | * Able to inject network events such as link failures. However, there |
|---|
| | 19 | are no specific tools mentioned in either paper for doing this. |
|---|
| | 20 | |
|---|
| | 21 | === [http://www.cs.princeton.edu/nsg/papers/vini_sigcomm_06/ PL-VINI] or VINI version 1. === |
|---|
| | 22 | |
|---|
| | 23 | Runs on largely unmodified PlanetLab kernel and nodes (possibly changes to |
|---|
| | 24 | support tun/tap device?) |
|---|
| | 25 | |
|---|
| | 26 | Each sliver in a PL-VINI slice has two components at user level: |
|---|
| | 27 | |
|---|
| | 28 | * the data plane: a click router instance consisting of UDP tunnels |
|---|
| | 29 | (home brew implementation?) to other slivers, a local tap interface |
|---|
| | 30 | to inject packets from the local node, a forwarding (routing) table |
|---|
| | 31 | and a switch interface to UML |
|---|
| | 32 | * the control plane: a UML (User-mode Linux) instance presenting |
|---|
| | 33 | multiple virtual ethernet interfaces to XORP running within. |
|---|
| | 34 | |
|---|
| | 35 | In theory, can support forwarding of arbitrary packets (not just IP) depending |
|---|
| | 36 | on the implementation of the forwarding table in Click and the routing protocol |
|---|
| | 37 | in XORP. In practice, the use has been as an "Internet in a Slice" which is |
|---|
| | 38 | IPV4 with node mirroring Internet2 backbone routers. |
|---|
| | 39 | |
|---|
| | 40 | Packets enter and leave PL-VINI via OpenVPN and NAT. |
|---|
| | 41 | |
|---|
| | 42 | Clients that "opt in" to PL-VINI use OpenVPN. A client running on an arbitrary |
|---|
| | 43 | internet machine opens a VPN tunnel to an ingress/egress point for PL-VINI |
|---|
| | 44 | (nodes running an OpenVPN server in addition to UML and Click). The server |
|---|
| | 45 | feeds packets into PL-VINI via the local tap interface. |
|---|
| | 46 | |
|---|
| | 47 | For talking to hosts that have not "opted in", PL-VINI runs NAT within the |
|---|
| | 48 | Click instance at certain egress points. These points serve as proxies that |
|---|
| | 49 | not only allow traffic to get to outside servers, but allow the return traffic |
|---|
| | 50 | to get back in. |
|---|
| | 51 | |
|---|
| | 52 | === Trellis or VINI version 2. === |
|---|
| | 53 | |
|---|
| | 54 | Replaces user-level components of PL-VINI with Linux kernel features. |
|---|
| | 55 | The function of Click as per-instance-forwarding-table-provider is replaced |
|---|
| | 56 | by NetNS in the Linux kernel. |
|---|
| | 57 | |
|---|
| | 58 | It uses ethernet over [http://www.faqs.org/rfcs/rfc2784.html GRE] for |
|---|
| | 59 | inter-node tunnels which are terminated in the kernel. These endpoints are |
|---|
| | 60 | connected through tc traffic shaping to a bridge device (either the standard |
|---|
| | 61 | Linux bridge or the custom 2-way bridge "shortbridge") and then to virtual |
|---|
| | 62 | ethernet devices which appear inside the vservers. |
|---|
| | 63 | |
|---|
| | 64 | This optimized implementation can only do IP routing but, they claim, can |
|---|
| | 65 | fall back on a PL-VINI style implementation to get non-IP routing. |
|---|
| | 66 | |
|---|
| | 67 | Can forward minimum-sized packets at about 67% of raw Linux Gb Ethernet speed. |
|---|
| | 68 | |
|---|
| | 69 | -- Main.MikeHibler - 14 Nov 2007 |
|---|
