With this thesis work we are going to provide initially an overview about Software Defined- Wide are network technology, relying on vendors products and the MEF standard. Next we will implement a new Open Source SD-WAN solution, exploiting the new concepts of Network Slicing and Overlays. In our SD-WAN the different types of service are segmented through virtual independent Overlay networks, that abstract the underlying network. In so doing we want to facilitate the use of multiple WAN connections and the assignment of different QoS and security for different services. We start form an SDN solution that was extended to an SD-WAN which implements multiple Overlays to create End-to-End Slices among multiple sites. The work has focused on design the high-level open source SD-WAN architecture, design and implement the vCPE (Edge router) able to support ZTP (Zero Touch Provisioning), design and implement the SD-WAN Controller/Orchestrator that is able to control and program the vCPEs and deploy services. The services are based on L3 tunnels that interconnects multiple customer sites transporting traffic of a specific applications. The Controller was developed based on SDN and NFV principles and made it capable to automate and orchestrate e2e services giving to the users to control their sites. The SD-WAN solution is based completely on Linux platform and in the implementation we assume that there is an IaaS that provides the computing workloads. The final part of the work consists in implement an emulated geographical network (in Mininet) in which deploy and test the solution and related network service.

Leseprobe

Chapter 1: Introduction

1.1 Thesis structure

Chapter 2: SD-WAN

2.1 General SD-WAN Architecture and Components

2.1.1 SD-WAN Edge

2.1.2 SD-WAN Controller

2.1.3 Service Orchestrator

2.2 Benefits of using SD-WAN

2.2.1 Overlay Networks

2.2.2 Hybrid WAN

2.2.3 Dynamic Path Selection and Increased Bandwidth

2.2.4 Zero Touch Provisioning

2.2.5 Easy access to the Cloud

2.2.6 Security

2.2.7 Per Application Routing

2.3 SD-WAN Architecture Types

2.3.1 On-Prem-Only

2.3.2 Cloud-Enabled

2.3.3 Cloud-Enabled plus Backbone

2.4 SD-WAN Deployment Models

Chapter 3: Used Technologies

3.1 gRPC

3.2 VxLAN

3.3 VRF-lite

3.4 STUN

3.5 Etherws

Chapter 4: EveryWAN

4.1 EveryWAN Architecture

4.2 EveryWAN Services

4.3 EveryEdge

4.4 EveryController

4.5 EveryGUI

4.6 Authentication and Registration Procedure

4.7 Tenant Management

4.8 EveryEdge Management

4.9 Overlay Management

Chapter 5: Southbound

5.1 VxLAN Implementation in Linux

5.2 VRF Implementation in Linux

5.3 Southbound API

5.3.1 Device API

5.3.2 Configuration API

5.4 NAT traversal with VxLAN

5.5 Management Tunnels

Chapter 6: Northbound

6.1 Northbound API

6.1.1 Edge API

6.1.2 Overlay API

6.1.3 Tenant API

6.2 Create Overlay Algorithm

6.3 Remove Overlay Algorithm

6.4 Generic Resource Manager

Chapter 7: Persistence with MongoDB

7.1 Tenants

7.2 Devices

7.3 Overlays

7.4 Configuration

Chapter 8: Emulation Environment and Demo

8.1 Emulation Environment

8.1.1 Open and NATed Access

8.2 Emulated Network Topology

8.3 Demo

Chapter 9: Conclusion and Future Work

9.1 Future Improvements

Research Objectives and Core Topics

The primary goal of this thesis is to design and implement a high-level, open-source SD-WAN solution called "EveryWAN," which utilizes concepts of network slicing and overlays to provide end-to-end connectivity and service management for enterprises, addressing the limitations of traditional, monolithic networking hardware.

Design of an open-source SD-WAN architecture based on SDN and NFV principles.
Implementation of the "EveryEdge" vCPE and "EveryController" for automated orchestration and Zero Touch Provisioning (ZTP).
Utilization of VxLAN and VRF-lite for traffic isolation and overlay networking.
Development of Southbound and Northbound APIs using gRPC for robust communication and control.
Persistence of network configurations via a MongoDB database.
Validation of the system through a Mininet-based emulated network environment.

Excerpt from the Book

Chapter 2: SD-WAN

The Software-Defined Wide Area Network (SD-WAN) is a specific application of the Software-Defined Networking (SDN) technology applied to the WAN networks such as MPLS, fixed line broadband XDSL/Fiber, mobile broadband 4G/5G and satellite link [3].

The SD-WAN technology helps organizations connect branch office and central office sites spread over vast geographic areas with remote data centers, and multiple cloud environments. By decoupling the hardware from the software using cloud-based technologies and specialized software to create an abstraction layer. In this way organizations have greater flexibility and control over how data transfers take place. In addition, SD-WANs help businesses boost agility, availability, and performance, while potentially lowering costs by optimizing the use of resources in a multisite configuration. This technology is becoming so interesting due to its ability to incorporate the best networking technology available for a specific location thus transforming the access networks in intelligent and dynamic platforms.

Summary of Chapters

Chapter 1: Introduction: Outlines the limitations of traditional WAN models and introduces the development of the open-source SD-WAN solution, EveryWAN.

Chapter 2: SD-WAN: Describes the general SD-WAN architecture, key components, benefits such as overlay networks and hybrid WAN, and various deployment models.

Chapter 3: Used Technologies: Provides an overview of open-source technologies utilized in the project, including gRPC, VxLAN, VRF-lite, STUN, and Etherws.

Chapter 4: EveryWAN: Details the EveryWAN architecture, the roles of EveryEdge and EveryController, and processes for authentication, registration, and management.

Chapter 5: Southbound: Explains the technical implementation of VxLAN and VRF in Linux and the Southbound API for device-level configuration and NAT traversal.

Chapter 6: Northbound: Describes the Northbound API exposed to applications, overlay creation/removal algorithms, and the resource manager.

Chapter 7: Persistence with MongoDB: Discusses how network configuration and status data are stored in MongoDB collections.

Chapter 8: Emulation Environment and Demo: Details the Mininet emulated topology used to test and demonstrate the EveryWAN solution functionalities.

Chapter 9: Conclusion and Future Work: Summarizes the thesis findings and suggests future improvements, such as adding IPsec support and intelligent hybrid WAN features.

Keywords

SD-WAN, EveryWAN, EveryEdge, EveryController, SDN, NFV, VxLAN, VRF-lite, gRPC, Overlay Networks, Zero Touch Provisioning, Network Slicing, Mininet, MongoDB, Southbound API, Northbound API

Frequently Asked Questions

What is the core focus of this research?

The research focuses on the design and implementation of an open-source Software-Defined Wide Area Network (SD-WAN) solution, named EveryWAN, intended to simplify network management and reduce capital and operational expenses for enterprises.

What are the primary components of the EveryWAN architecture?

The architecture consists of the EveryEdge (a vCPE border router), the EveryController (the SDN controller and orchestrator), the EveryGUI (for user management), a MongoDB database for persistence, and a STUN server for NAT/firewall discovery.

What is the main goal or research question?

The primary goal is to provide a complete, open-source SD-WAN platform that exploits Network Slicing and Overlay concepts, allowing companies to interconnect branch sites over multiple underlying network types while ensuring service isolation.

Which technologies are used for implementation?

The solution relies on the Linux platform, using VxLAN for tunnels, VRF-lite for routing table isolation, gRPC for API communication, Python for scripting, and Mininet for network emulation.

What does the main body of the work cover?

The main body covers the architectural design, the technical implementation of the Southbound and Northbound APIs, the algorithms for overlay management, and the specifics of the data persistence layer using MongoDB.

Which keywords characterize this work?

The work is characterized by terms such as SD-WAN, EveryWAN, SDN/NFV, VxLAN, gRPC, Zero Touch Provisioning (ZTP), and network orchestration.

How does EveryWAN handle NAT traversal?

EveryWAN uses STUN to detect NAT types and employs port-forwarding with VxLAN tunnels to ensure connectivity for management and data planes, even when devices are located behind restrictive NAT/firewalls.

Why are VRF-lite and VxLAN essential to this solution?

VxLAN provides the ability to create dynamic overlay networks on existing infrastructure, while VRF-lite enables traffic isolation at Layer 3, allowing different services to share the same physical connectivity without compromising security.

Ende der Leseprobe aus 82 Seiten - nach oben

Details

Titel: Software Definded - Wide Area Network (SD-WAN) Services and their Implementation on an Open Source Linux Based Platform
Hochschule: Università degli Studi di Roma "Tor Vergata"
Note: 110 cum laude
Autor: Bogdan Iatco (Autor:in)
Erscheinungsjahr: 2020
Seiten: 82
Katalognummer: V595705
ISBN (eBook): 9783346218360
Sprache: Englisch
Schlagworte: SD-WAN Linux Open Source SDN NFV Slices Overlay Edge vCPE Orchestrator Controller
Produktsicherheit: GRIN Publishing GmbH

Arbeit zitieren: Bogdan Iatco (Autor:in), 2020, Software Definded - Wide Area Network (SD-WAN) Services and their Implementation on an Open Source Linux Based Platform, München, GRIN Verlag, https://www.grin.com/document/595705

Software Definded - Wide Area Network (SD-WAN) Services and their Implementation on an Open Source Linux Based Platform