Re: [Ibnemo] Policies and Intent-Based Networking

["Susan Hares" <shares@ndzh.com>]

Pedro: 

 

I agree that:

 

a)      We can expresse the policy-based routing (l3 forwarding). 

b)      IB-nemo provides a lot of consistency checking for the routes. 

 

Does this make easier for the network administrator to configure the routes?  How can Intent make that work easier? 

 

Sue 

 

From: Ibnemo [mailto:ibnemo-bounces@ietf.org] On Behalf Of PEDRO ANDRES ARANDA GUTIERREZ
Sent: Monday, October 05, 2015 10:49 AM
To: Susan Hares; ibnemo@ietf.org
Subject: Re: [Ibnemo] Policies and Intent-Based Networking

 

Hi Sue,

 

Thanks for clarifying… this is a good food for thought. Answers inline…

 

/PA

 

De: Sue Hares
Fecha: lunes, 5 de octubre de 2015, 14:49
Para: "ibnemo@ietf.org"
CC: 'Zhoutianran', "'Bert Wijnen (IETF)'", paag
Asunto: Policies and Intent-Based Networking 

 

Hi all: 

 

Can all policies be expressed an Intent?

 

OK, then we end up with something we didn’t quite like/agree upon in Prague: there are different players with different interests and background. Therefore, there will be different intents (scoped by the actor’s view of the world) and maybe different ways of expressing intent, depending on the user’s background.

 

I’m trying to determine what policies can or cannot be expressed.  Any example would be helpful.

 

Here’s three policies I’d like to discuss: 

 

1)      Traffic flow policies   

2)      BGP policies for route flow 

3)      Policy filters controlling routes, 

 

I’m working on the I2RS extensions for Filter-Based RIB and BGP (normal and flow filters).    The I2RS Filter-based RIB allow for policies for routing (forwarding a layer 3) to be associated with a set of interfaces.   For example, 

 

Forwarding filter 1:  128.2/16 nexthop 128.2.1.1     

Forwarding filters 2:   128.5.1/24 nexthop 128.2.1.2  

 

And the rest get forwarded to the default RIB which 

                  128/8  nexthop 128.2.1.3 

 

The intent  is that customer 1 has 128.2/16, and customer 2 has 128.5.1/24.   This node links to these VPNs via 128.2.1.1 (customer1), and 128.2.1.2 (customer 3).  All other traffic goes to the Internet.

How do I link this to the normal example of Intent?   Can we render intent down to this level or should I be using a higher level?

 

 

Let me try a hands-on in NEMO ;-) 

 

So we have two LinkModels:

 

LinkModel VPN Property IPPrefix:nextHop, IPPrefix:destinationPrefix;

LinkModel Internet Property IPPrefix:nextHop;

 

And three Links

 

Link VPN1 Type VPN Property nextHop:”128.2.1.1/32”, destinationPrefix:”128.2/16” ;

Link VPN2 Type VPN Property nextHop:”128.2.1.2/32”, destinationPrefix:”128.5.1/24” ;

Link Default Type Internet Property nextHop:”128.2.1.3/32” ;

 

Then we would need 2 NodeModels:

 

NodeModel VPNTermination Property IPPrefix:ID, list(IPPrefix): subnets ;

NodeModel InternetNode Property IPPrefix:ID;

 

And then the nodes:

 

Node VPNTermination1 Type VPNTermination Property ID:”128.2.1.1/32”, subnets:”128.2/16” ;

Node VPNTermination2 Type VPNTermination Property ID:”128.2.1.2/32”, subnets:”128.5.1/24” ;

Node InternetAccess Type InternetNode Property ID:”128.2.1.3/32” ;

 

And finally the connections between the nodes:

 

Link VPN1 Type VPN EndNodes thisNode,VPNTermination1 ;

Link VPN2 Type VPN EndNodes thisNode,VPNTermination2 ;

Link Default Type Internet EndNodes thisNode,InternetAccess ;

 

So 

 

Conclusion no. 1: Yes we can… 

Conclusion no.2: Maybe a bit redundant, right? But this can also be positive, because it would allow for a lot of consistency checking …

 

Dunno what others think…

 

My .02 cents,

 

---

Dr. Pedro A. Aranda Gutiérrez

 

Technology Exploration -

Network Innovation & Virtualisation

email: pedroa d0t aranda At telefonica d0t com

Telefónica, Investigación y Desarrollo

C/ Zurbarán,12

28010 Madrid, Spain

 

Fragen sind nicht da, um beantwortet zu werden.

Fragen sind da, um gestellt zu werden.

Georg Kreisler

 

 

  _____  


Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.

The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.

Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição