Re: [vnrg] FW: Fwd: I-DAction:draft-jeong-vnrg-virtual-networks-ps-00.txt

Vishwas Manral <vishwas.ietf@gmail.com> Sun, 06 February 2011 05:19 UTC

Return-Path: <vishwas.ietf@gmail.com>
X-Original-To: vnrg@core3.amsl.com
Delivered-To: vnrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 92EEE3A6A29 for <vnrg@core3.amsl.com>; Sat, 5 Feb 2011 21:19:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.999
X-Spam-Level:
X-Spam-Status: No, score=-0.999 tagged_above=-999 required=5 tests=[BAYES_50=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2gnlolgv6dA1 for <vnrg@core3.amsl.com>; Sat, 5 Feb 2011 21:19:27 -0800 (PST)
Received: from mail-wy0-f182.google.com (mail-wy0-f182.google.com [74.125.82.182]) by core3.amsl.com (Postfix) with ESMTP id DAD8C3A6AB6 for <vnrg@irtf.org>; Sat, 5 Feb 2011 21:19:23 -0800 (PST)
Received: by wyf19 with SMTP id 19so3677690wyf.13 for <vnrg@irtf.org>; Sat, 05 Feb 2011 21:19:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=7+faRrY0eI9POr0PGEar5K6e91eqInt4c56GGulJky0=; b=DQ27JOd84NTQCDurP3UdFRqV4u5RorGd3+oXkoeOJiGRcOrq3Yhjx7u+CBtRvvgsa+ hkb3Gj1UplZlfovHgdshowrctCBFExQWqpH9IW2330pTeh2RTHOivO14cPXSlCwYPgbE s2zl1S/d2EOeJe+0uu+aBnPHgjj3c82aj0zeA=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=oMXj7FxEIqLJ7qpzIcBP+aPGaEMr4+4/m+5XGLIrW3r595WjPnGHFEW3dMoTo0AhGj 3cG1jKC9MGmUvlGah+qB1WKmGbeT1wOf4ImN50hsuJbDfW1C2L/WZj/o2UhhXnrR9KMo tSt2T7RdeuYbGh8wyyzV6jqU97KL7DjWRjbnQ=
MIME-Version: 1.0
Received: by 10.216.7.8 with SMTP id 8mr1087258weo.30.1296969563694; Sat, 05 Feb 2011 21:19:23 -0800 (PST)
Received: by 10.216.151.100 with HTTP; Sat, 5 Feb 2011 21:19:23 -0800 (PST)
In-Reply-To: <E2E24889ECE548489A70960C2DB9E698@etri.info>
References: <Acuttx67zfUc1JvzQfO3Ssc+4oV0eA==> <E2E24889ECE548489A70960C2DB9E698@etri.info>
Date: Sat, 5 Feb 2011 21:19:23 -0800
Message-ID: <AANLkTi=vJ2kOBhkWiv3Uy+m8+-PY73aqsSP-3Lj5r4sW@mail.gmail.com>
From: Vishwas Manral <vishwas.ietf@gmail.com>
To: Sangjin Jeong <sjjeong@etri.re.kr>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Cc: vnrg@irtf.org
Subject: Re: [vnrg] FW: Fwd: I-DAction:draft-jeong-vnrg-virtual-networks-ps-00.txt
X-BeenThere: vnrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Virtual Networks Research Group \(VNRG\) discussion list" <vnrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/vnrg>, <mailto:vnrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/vnrg>
List-Post: <mailto:vnrg@irtf.org>
List-Help: <mailto:vnrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/vnrg>, <mailto:vnrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 Feb 2011 05:19:28 -0000

Hi Sanjing,

I found this NIST document and it seems to have a lot of relevent
points for your draft.

http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf

Thanks,
Vishwas

On Thu, Jan 6, 2011 at 7:33 AM, Sangjin Jeong <sjjeong@etri.re.kr> wrote:
> Hello Vishwas,
>
> Thanks for your comments and editorial suggestion.
> I generally agree with you.
> Please see inline.
>
>> Hi,
>>
>> I had a brief look at the document. I had a few comments on the same:
>>
>> 1. Introduction - We have talked about advantages of virtualization.
>> One of the big benefits of virtualization are the economy of scale. As
>> the CPU/ Memory is costs are decreasing, so using a system with higher
>> CPU and Memory is better then using 10 systems with 1/10 the memory.
>>
>> 1.1 Another advantage WRT physical infrastructure, I can see is that
>> we can partition resources into chunks that was not possible earlier.
>> So we can have links which are like 1.7 Mbps, which allows a higher
>> level of compartmentalization.
>>
>> 2. Introduction - From the way you are talking about network
>> virtualization, there is an overhead of resources required for the
>> physical topology connectivity, over which the virtual topology
>> resides.
>>
>> 2.2 A disadvantage I can see is that physical topology change will
>> cause effect to the virtual links, though the effects may not be
>> visible to the virtual topology itself.
>
> One of the ways to support virtualization is to adopt additional layer
> such as virtualization layer in resources. But, this approach can cause
> performance degradation due to the additional layer, as you pointed out.
> Also, the virtual networks will be affected by the change of physical
> network infrastructure, so how to provide dynamic reconfiguration of
> virtual networks without interruption of the operation is an important
> challenge.
>
>>
>> 3. A lot of routers have virtual router functionality, which allows
>> for sharing of resources, between various different instances, in a
>> non-interfering fashion, over the same OS instance though. We cannot
>> impose any virtual topology on the physical topology, but can be a
>> subset of the same. Another example of the same is Multitopology
>> extensions. You can talk about these things in the Motivation section
>> you mention.
>>
>> 4. I think one important aspect of isolation is to allow for
>> paritioning of resources so that one misbehaving resource does not
>> affect the other.
>
> Agree. Misbehavior of resource or virtual network such as security problem,
> overconsumption of physical resource, etc. should not be spread over other
> resources or networks.
>
>>
>> 5. From the management perspective, we need different layers of
>> management. One which partitions the physical resource to a virtual
>> resource, then each virtual resource needs an isolated manager.
>
> Managers (or management functions) for creating and managing the virtual
> networks are one of key components for supporting virtual networks. This
> management function can be included in virtualization layer or separate
> layer.
>
>>
>> 6. I think one of the important security issue is physical security
>> will no longer work. By adding a new layer virtualization increases
>> overload, as well as a new vector for security.
>
> Right. Introducing additional layer or management function can cause
> new security problems, for example, compromised management function may
> affect all the virtual resources over the physical resource.
>
> Also, I will incorporate editorial suggestions into the next version of
> the document.
>
> Regards,
> Sangjin
>
>>
>> Typo:
>>
>> 1. Abstract -  This document presents the definition and effectiveness
>> of virtual networks and discusses the key components and challenges of
>> supporting virtual networks on "physical network infrastructure".
>>
>> Added the words in "...".
>>
>> 2.
>>    s/ The virtual networks over physical infrastructure are completely
>> isolated each other, /  The virtual networks over physical
>> infrastructure are completely isolated from each other, /
>>
>> 3. s/ Virtualization resource is typically realized by adopting
>> virtualization layer in the physical resources,/ Virtualization of a
>> resource is typically realized by adopting virtualization layer in the
>> physical resources,/
>>
>> 4. s/efficient control of the virtual resources../ efficient control
>> of the virtual resources./
>>
>> Thanks,
>> Vishwas
>>
>> =============================================
>> Dear VNRG folks,
>>
>> As a follow-up of last Beijing meeting, we have developed a document that
>> investigates the definition, key components and challenges, and acid tests
>> for
>> virtual networks.
>>
>> Please find the document from link below.
>> Any comments are appreciated.
>>
>> Regards,
>> Sangjin
>>
>> ---------- Forwarded message ----------
>> From: <Internet-Drafts at ietf.org>
>> Date: Fri, Dec 24, 2010 at 5:00 PM
>> Subject: I-D Action:draft-jeong-vnrg-virtual-networks-ps-00.txt
>> To: i-d-announce at ietf.org
>>
>>
>> A New Internet-Draft is available from the on-line Internet-Drafts
>> directories.
>>
>> Title : Virtual Networks Problem Statement
>> Author(s) : S. Jeong, D. Colle
>> Filename : draft-jeong-vnrg-virtual-networks-ps-00.txt
>> Pages : 9
>> Date : 2010-12-23
>>
>> This document presents the definition and effectiveness of virtual
>> networks and discusses the key components and challenges of
>> supporting virtual networks in the networks. ?It also describes acid
>> tests for virtual networks.
>>
>> A URL for this Internet-Draft is:
>> http://www.ietf.org/internet-drafts/draft-jeong-vnrg-virtual-networks-ps-00.tx
>> t
>>
>> Internet-Drafts are also available by anonymous FTP at:
>> ftp://ftp.ietf.org/internet-drafts/
>
>