VyOS-based VNF

Abstract: Network Function Virtualization (NFV) is a new concept that is shifting network functions from dedicated hardware appliances to software running on commodity hardware. By levering NFV, A communications service provider or CSP can provide a virtual customer Premises Equipment (vCPE) solution which is a method to deliver network services to enterprises by using software rather than dedicated hardware appliances. However, the minimum types of VNF are currently supported in the existing open-source NFV vCPE projects. Therefore, we propose a customized VyOS image that can be deployed as the VNF in NFV vCPE system with multi-function supported. The experiment is conducted in a Tacker-based vCPE system to show the feasibility of the provided VyOS image.

Demo: https://anda.ssu.ac.kr/~vyos/

Reference: Tri-Hai Nguyen, Myungsik Yoo, “A Comprehensive NFV vCPE System with VyOS-based VNF”,  2018 KICS Summer Joint Conference, 20-22 June 2018, Jeju-do, ROK. [Link]

Developing the Python Libs in DevStack

In Devstack, the Python packages/libs, e.g., python-tackerclient [1], tacker-horizon [2], are not easy to develop because normally they will be installed under python’s site-packages. Therefore, to easy for developing, we can install from the local environment and work on it:

1. Clone the repo of the project:

cd /opt/stack/
git clone git://git.openstack.org/openstack/python-tackerclient -b <branch>

2. Install:

cd python-tackerclient
sudo pip install -U -e .

3. Make changes.

Note: You need restart Apache server to work with tacker-horizon

sudo systemctl restart apache2

Customize the OpenWRT 15.05.1 for OpenStack Tacker

The OpenWRT is modified based on KVM OpenWRT 15.05.1 to be suitable for OpenStack Tacker.
The procedure is following as below:

cd ~
wget https://archive.openwrt.org/chaos_calmer/15.05.1/x86/kvm_guest/openwrt-15.05.1-x86-kvm_guest-combined-ext4.img.gz \
-O openwrt-x86-kvm_guest-combined-ext4.img.gz
gunzip openwrt-x86-kvm_guest-combined-ext4.img.gz

mkdir -p imgroot

sudo kpartx -av openwrt-x86-kvm_guest-combined-ext4.img

# Replace the loopXp2 with the result of above command, e.g., loop0p2
sudo mount -o loop /dev/mapper/loopXp2 imgroot
sudo chroot imgroot /bin/ash

# Set password of this image to blank, type follow command and then enter two times
passwd

# Set DHCP for the network of OpenWRT so that the VNF can be ping
uci set network.lan.proto=dhcp; uci commit
exit

sudo umount imgroot
sudo kpartx -dv openwrt-x86-kvm_guest-combined-ext4.img

A customized OpenWRT 15.05.1 that can be deployed as VNFs including Firewall, Router, NAT, DHCP, DNS, or QoS VNFs in OpenStack Tacker.

Download: https://anda.ssu.ac.kr/~openwrt/

NFV Management and Orchestration with Tacker

This post shows a brief look at the NFV MANO framework developed by ETSI and creation of a simple vIDS network service using Tacker.

NFV MANO for Telco

Traditionally those network functions were a collection of vertically-integrated bare metal appliances that took a long time to commission and had to be over-provisioned to cope with the peak-hour demand. Visualizing them would have made it possible to achieve quicker time-to-market, elasticity to cope with a changing network demand and hardware/software disaggregation.

Read More

How to upgrade a few OpenStack projects installed by Devstack

If you want to update a few OpenStack projects in Devstack, you can try the following steps:

1. cd to your local OpenStack source directory eg:

$ cd /opt/stack/

2. find the project folder you want to update, eg:

$ cd horizon/

3. run git pull to update

4. modify your local.conf and set the RECLONE=False and OFFLINE=True

5. rerun the unstack.sh and stack.sh

As a result, you will get the updated the Horizon in Devstack.

IP Blacklist-based Firewall in Floodlight Controller

The Floodlight Open SDN Controller is an enterprise-class, Apache-licensed, Java-based OpenFlow Controller. It is supported by a community of developers including a number of engineers from Big Switch Networks.

OpenFlow is a open standard managed by Open Networking Foundation.  It specifies a protocol through switch a remote controller can modify the behavior of networking devices through a well-defined “forwarding instruction set”.  Floodlight is designed to work with the growing number of switches, routers, virtual switches, and access points that support the OpenFlow standard.

Read More

Network Functions Virtualization (NFV)

Network Functions Virtualization (NFV) has drawn significant attention both industry and academia as an important shift in telecommunication service provisioning. By separating network functions/services from the physical devices on which they run, NFV has potential to lead to significant reductions in operating expenses (OPEX) and capital expenses (CAPEX) and facilitate the deployment of new services with increased agility and faster time-to-value.

Read More