IETF Logo Mail Archive

Re: [Ibnemo] Policies and Intent-Based Networking

PEDRO ANDRES ARANDA GUTIERREZ <pedroa.aranda@telefonica.com> Mon, 05 October 2015 14:49 UTC

Return-Path: <pedroa.aranda@telefonica.com>
X-Original-To: ibnemo@ietfa.amsl.com
Delivered-To: ibnemo@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 35B051ACE9F for <ibnemo@ietfa.amsl.com>; Mon, 5 Oct 2015 07:49:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.69
X-Spam-Level:
X-Spam-Status: No, score=0.69 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HTML_MESSAGE=0.001, J_CHICKENPOX_82=0.6, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DJ57o3rb44Dy for <ibnemo@ietfa.amsl.com>; Mon, 5 Oct 2015 07:49:31 -0700 (PDT)
Received: from smtpjc.telefonica.com (smtpjc.telefonica.com [81.47.204.76]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1E18D1ACE90 for <ibnemo@ietf.org>; Mon, 5 Oct 2015 07:49:29 -0700 (PDT)
Received: from smtpjc.telefonica.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C3D89E014B; Mon, 5 Oct 2015 16:49:26 +0200 (CEST)
Received: from ESTGVMSP103.EUROPE.telefonica.corp (unknown [10.92.4.9]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by smtpjc.telefonica.com (Postfix) with ESMTPS id A2A02E01CD; Mon, 5 Oct 2015 16:49:26 +0200 (CEST)
Received: from emea01-db3-obe.outbound.protection.outlook.com (10.92.5.139) by tls.telefonica.com (10.92.6.50) with Microsoft SMTP Server (TLS) id 14.3.235.1; Mon, 5 Oct 2015 16:49:25 +0200
Received: from DB4PR06MB0639.eurprd06.prod.outlook.com (10.161.13.145) by DB4PR06MB0638.eurprd06.prod.outlook.com (10.161.13.144) with Microsoft SMTP Server (TLS) id 15.1.280.20; Mon, 5 Oct 2015 14:49:23 +0000
Received: from DB4PR06MB0639.eurprd06.prod.outlook.com ([10.161.13.145]) by DB4PR06MB0639.eurprd06.prod.outlook.com ([10.161.13.145]) with mapi id 15.01.0280.017; Mon, 5 Oct 2015 14:49:23 +0000
From: PEDRO ANDRES ARANDA GUTIERREZ <pedroa.aranda@telefonica.com>
To: Susan Hares <shares@ndzh.com>, "ibnemo@ietf.org" <ibnemo@ietf.org>
Thread-Topic: Policies and Intent-Based Networking
Thread-Index: AQHQ/30GUp7sg4w4RXmPgeaWSWaBvA==
Date: Mon, 05 Oct 2015 14:49:23 +0000
Message-ID: <CF22CCE7-5154-4C9F-8E93-9C1A908DAD77@telefonica.com>
Accept-Language: es-ES, en-US
Content-Language: es-ES
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/0.0.0.150923
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pedroa.aranda@telefonica.com;
x-ms-exchange-messagesentrepresentingtype: 1
x-originating-ip: [195.235.92.36]
x-microsoft-exchange-diagnostics: 1; DB4PR06MB0638; 5:YnHXxzj3IwY81FzCDnNMIQwlHwOAlaMokUt/bx5lb6SM1+mG7o4Yy6aLJEkKSCmZMjdbtsrkyB92HNHC18IXsZ37vqP5ryKRAFZPPkRn6Y8PVKcKcOwO+NT8VIkaG5gDanxdMj1NzeqvJflBf8mcRw==; 24:DNoZ2rzeg6vmHYuwTU6w0CwIrkHABTZ8H6PJJSUq81VnHx3OBrj+Wlv2BrA8XpdLbj9+4jmRR3b8tIt5GyeE4bkYag0BKFVFYWI2vEuMS20=; 20:fokhf0eD0/OS86yf4RTGw71+X+kEpQg8AtYAIinlD0gCTddix8CoUxT5tshJjUStlqkA5y03sv/0AJr9hJ8EUw==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:DB4PR06MB0638;
x-microsoft-antispam-prvs: <DB4PR06MB0638023BFC0F12E9721FBC119B480@DB4PR06MB0638.eurprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(108003899814671);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(520078)(8121501046)(5005006)(3002001); SRVR:DB4PR06MB0638; BCL:0; PCL:0; RULEID:; SRVR:DB4PR06MB0638;
x-forefront-prvs: 07200C0526
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(53754006)(189002)(52604005)(199003)(122556002)(64706001)(36756003)(4001350100001)(5004730100002)(16236675004)(40100003)(2900100001)(50986999)(19580405001)(15187005004)(2501003)(54356999)(68736005)(101416001)(105586002)(77156002)(33656002)(11100500001)(19580395003)(15975445007)(5008740100001)(5002640100001)(10400500002)(189998001)(19300405004)(5001830100001)(575784001)(62966003)(19625215002)(5007970100001)(86362001)(77096005)(5001770100001)(97736004)(5001960100002)(81156007)(66066001)(92566002)(5001860100001)(4001540100001)(106116001)(46102003)(102836002)(82746002)(87936001)(106356001)(83506001)(83716003)(104396002); DIR:OUT; SFP:1102; SCL:1; SRVR:DB4PR06MB0638; H:DB4PR06MB0639.eurprd06.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: telefonica.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_CF22CCE751544C9F8E939C1A908DAD77telefonicacom_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Oct 2015 14:49:23.3924 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9744600e-3e04-492e-baa1-25ec245c6f10
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB4PR06MB0638
X-OriginatorOrg: telefonica.com
X-TM-AS-MML: No
Archived-At: <http://mailarchive.ietf.org/arch/msg/ibnemo/lf9_gG5h1026SDaOfcHMHP5AOM8>
Subject: Re: [Ibnemo] Policies and Intent-Based Networking
X-BeenThere: ibnemo@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion of Nemo, an intent-based North Bound \(NB\) interface consisting of an application protocol running over HTTP \(RESTful interfaces\) to exchange intent-based primitives between applications and meta-controllers controlling virtual network resources \(networks, storage, CPU\)." <ibnemo.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ibnemo>, <mailto:ibnemo-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ibnemo/>
List-Help: <mailto:ibnemo-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ibnemo>, <mailto:ibnemo-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2015 14:49:35 -0000

Hi Sue,

Thanks for clarifying… this is a good food for thought. Answers inline…

/PA

De: Sue Hares
Fecha: lunes, 5 de octubre de 2015, 14:49
Para: "ibnemo@ietf.org<mailto:ibnemo@ietf.org>"
CC: 'Zhoutianran', "'Bert Wijnen (IETF)'", paag
Asunto: Policies and Intent-Based Networking

Hi all:

Can all policies be expressed an Intent?

OK, then we end up with something we didn’t quite like/agree upon in Prague: there are different players with different interests and background. Therefore, there will be different intents (scoped by the actor’s view of the world) and maybe different ways of expressing intent, depending on the user’s background.

I’m trying to determine what policies can or cannot be expressed.  Any example would be helpful.

Here’s three policies I’d like to discuss:


1)      Traffic flow policies

2)      BGP policies for route flow

3)      Policy filters controlling routes,

I’m working on the I2RS extensions for Filter-Based RIB and BGP (normal and flow filters).    The I2RS Filter-based RIB allow for policies for routing (forwarding a layer 3) to be associated with a set of interfaces.   For example,

Forwarding filter 1:  128.2/16 nexthop 128.2.1.1
Forwarding filters 2:   128.5.1/24 nexthop 128.2.1.2

And the rest get forwarded to the default RIB which
                  128/8  nexthop 128.2.1.3

The intent  is that customer 1 has 128.2/16, and customer 2 has 128.5.1/24.   This node links to these VPNs via 128.2.1.1 (customer1), and 128.2.1.2 (customer 3).  All other traffic goes to the Internet.
How do I link this to the normal example of Intent?   Can we render intent down to this level or should I be using a higher level?


Let me try a hands-on in NEMO ;-)

So we have two LinkModels:

LinkModel VPN Property IPPrefix:nextHop, IPPrefix:destinationPrefix;
LinkModel Internet Property IPPrefix:nextHop;

And three Links

Link VPN1 Type VPN Property nextHop:”128.2.1.1/32”, destinationPrefix:”128.2/16” ;
Link VPN2 Type VPN Property nextHop:”128.2.1.2/32”, destinationPrefix:”128.5.1/24” ;
Link Default Type Internet Property nextHop:”128.2.1.3/32” ;

Then we would need 2 NodeModels:

NodeModel VPNTermination Property IPPrefix:ID, list(IPPrefix): subnets ;
NodeModel InternetNode Property IPPrefix:ID;

And then the nodes:

Node VPNTermination1 Type VPNTermination Property ID:”128.2.1.1/32”, subnets:”128.2/16” ;
Node VPNTermination2 Type VPNTermination Property ID:”128.2.1.2/32”, subnets:”128.5.1/24” ;
Node InternetAccess Type InternetNode Property ID:”128.2.1.3/32” ;

And finally the connections between the nodes:

Link VPN1 Type VPN EndNodes thisNode,VPNTermination1 ;
Link VPN2 Type VPN EndNodes thisNode,VPNTermination2 ;
Link Default Type Internet EndNodes thisNode,InternetAccess ;

So

Conclusion no. 1: Yes we can…
Conclusion no.2: Maybe a bit redundant, right? But this can also be positive, because it would allow for a lot of consistency checking …

Dunno what others think…

My .02 cents,

---
Dr. Pedro A. Aranda Gutiérrez

Technology Exploration -
Network Innovation & Virtualisation
email: pedroa d0t aranda At telefonica d0t com
Telefónica, Investigación y Desarrollo
C/ Zurbarán,12
28010 Madrid, Spain

Fragen sind nicht da, um beantwortet zu werden.
Fragen sind da, um gestellt zu werden.
Georg Kreisler


________________________________

Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição

v2.23.0 | Report a Bug | By Email