This document describes the results and major contributions to the Network Management System for RINA networks that the PRISTINE project has been researching and developing. RIB design, NMS System Proof of Concept implementation and validation, configuration management, performance management and security management have been the major areas of work.
RIB design :The work performed in D5.4 enables the specification and validation of RIB objects using a formal language. RIB object model compilers and code generation tools enable developers to seamlessly incorporate the RIB model into their RINA management applications.
RIB: Language. Previous WP5 deliverables (D5.1 and D5.2) provided an informal, descriptive specification of a language to describe the objects used to model the state of the systems in a RINA network (represented in a logical schema called the RIB, Resource Information Base). D5.4 has completed this work by producing a specification of a formal language to model the RIB objects: GDRO (Guidelines for the Definition of RIB Objects). Section 2 introduces the language constructs and Annex 1 provides the full specification. With GDRO in place, it is possible to define a RIB object model whose correctness can be formally verified.
RIB: Verification tools. PRISTINE has provided a reference compiler to assist in the production of GDRO models. This allows any produced GDRO models to be validated against the language constraints enforced by GDRO. Java code generation tools are also part of the toolchain, freeing developers involved in the implementation of Managers or Management Agents managing RINA networks from coding classes to represent the RIB objects. Last but not least, the RIB toolchain also supports automatic documentation generation from the GDRO source files.
RIB: Object model specification. GDRO and its associated toolchain has been leveraged by WP5 partners to complete the formal specification of the RIB objects required to manage a RINA network, one of the key deliverables of PRISTINE WP5. The RIB object model is now consistent and fully validated – as compared to previous deliverables.
Status of implementation and validation: Implementation and validation activities have been ongoing through the period covered by this deliverable.
Status of the implementation. Since D5.3 we have continued to improve the implementation of the Manager and the Management Agent with new features and stability improvements. The current software release provides enough functionality to enable centralized configuration management of RINA networks via the PRISTINE Manager. The implementation will continue to be improved as part of WP6, since the Manager and Management Agent will be used in WP6 experiments and demonstrators (not only to showcase and measure Management function per se, but as a way to facilitate the configuration of experiments).
Validation. A public demo showcasing the RINA Network Management System developed by PRISTINE was held in the TNC 2016 conference. The demo validated all the steps required for configuring a RINA network of 12 nodes: i) systems bootstrapping, Management Agents enrolling to the NMS DAF; ii) Manager discovering and keeping track of all managed systems; iii) Manager instantiating and configuring DIFs in various systems, which involves: creation of IPC Processes, registration to N-1 DIFs, configuring them with the DIF policies and discovering neighbour IPC Processes. In addition to its validation purpose, the demo was useful in providing a real example of the RINA benefits when it comes to Network Management.
Configuration Management :Supporting reusable templates, and a management case study has been undertaken.
DIF templates. One of the unique features of the RINA architecture is that every layer has the same two protocols with different concrete syntaxes and different policies. Therefore, it is possible to design a common DIF template that captures specification of any DIF, as well as its configuration. This extremely simplifies network configuration management compared to current approaches, which require different configurations for different layers depending on the protocols that are used. D5.4 reports on the initial attempt to design a DIF specification template as well as its associated tool-chain.
Large DC Network configuration management case study: current tech vs. RINA. This section performs a comparative analysis in the complexity of managing an IP-based and a RINA-based large-scale multi-tenant data centre networks. Configuration management is the main target of the analysis although some hints on performance and security management are also provided. The analysis shows that the commonality built into the RINA architecture and the single type of recursive layer with a uniform API greatly reduces the complexity of the models the Network Management System (NMS) uses to understand the state of the managed network.
Performance Management:Adding inference on events, providing a centralised resource reservation, and supporting VNF configuration.
Event Inference. Performance management concerns itself with the identification of sub-optimal configurations and behaviour within the RINA network. The goal is to optimise the system based on a set of high-level strategy goals. This allows performance tuning, where the allocated resources are optimised to the aggregate needs, increasing available resources to over-loaded DIF’s and reducing resources to under-utilised ones. This section develops an approach to let the NMS autonomously tune the performance of a DIF as a reaction to notifications from Management Agents indicating some issues. Once received, the Notifications can be correlated to a DIF and analysed using some advanced machine learning techniques. Automated policy responses can be included in the declarative configuration specification, allowing the NMS to activate them on certain trigger events. Here, strategies are employed to inspect, prioritise and ultimately decide if corrective actions are desirable.
Centralised resource reservation strategy for RINA. This section presents a different approach to the multipath routing algorithms described in previous deliverables, taking a step forward the strategy of the forwarding decisions. By leveraging the central Manager in the RINA network and the RIB information objects, it has been possible to develop a centralised reservation strategy to determine the best endto-end path in a multipath environment, taking into account the QoS requirements of the flows and the bandwidth capacity of the DIFs. This decision strategy is complemented with a reroute algorithm that allows the manager to move and optimise the distribution of the flows between the available paths once they have been allocated. Experimental results presented at the end show the benefits of using this strategy over previously developed multipath algorithms in RINA to minimize the amount of rejected flow requests.
Virtual Network Function Forwarding Graph (VNF-FG) Configuration. This section describes of to configure a VNF-FW using the NFV Over RINA (NORI) tool-kit. The forwarding graph describe the logical sequence of VNF(s) a certain portion of the traffic must traverse as well as their order. The section shows how using RINA it is possible to specify custom packet processing operations by combining different VNFs. As opposed to legacy TCP/IP (even the ones based on recent SDN solution such as OpenFlow), RINA allows to chain different VNFs and to specify precise QoS policies on such virtual link, providing NFV administrators with an unprecedented level of control of their network services.
Security Management: This section outlines the main goals of managing the security of RINA networks, and discusses in more detail a specific use case: security management in networks supporting MLS (Multi-Level Security).