ACIS - University of Florida

Managed virtual networks in Grids - the ViNe approach

Principal researchers: Mauricio Tsugawa and Jose Fortes

The advantage of managed (or manageable) networks is clearly described in the features of network equipments with management capabilities. One important feature is the support for Virtual Local-Area Networks (VLANs). VLANs allow the co-existence of multiple independent and isolated networks, and they are deployed in any network with reasonable number of hosts. Managed network infrastructures are designed for one administrative domain, where a team of administrators have full control on all equipments. This approach does not work in Grid environments where multiple independent organizations share resources. Many techniques used in corporate networks management cannot be applied in Grid environments, especially because of many connectivity limitations imposed in the Internet routing infrastructure. Broadly speaking, connectivity limitations have two sources: network policies defined in organizations and network policies imposed by Internet Service Providers (ISPs). The first obstacle can be addressed by reconfiguring network equipments. In practice, this is a very difficult task due to a large number of organizations and independent administrators involved. ISP imposed limitations are difficult, and in some cases impossible, to overcome using existing technologies.

The goal of this ongoing work is to design a virtual network architecture that allows virtual networks (VNs) to be deployed across multiple administrative domains and offer full connectivity among hosts independently of connectivity limitations in the physical infrastructure. In addition, the architecture allows full management of VNs offering a set of services that process requests from administrators and grid middleware. The proposed architecture, called ViNe, is divided into two sub-systems: connectivity and routing infrastructure and management infrastructure.

The connectivity and routing infrastructure is described in [1]. The key concept is the virtualization of routers. By having resources dedicated for VN routing, it is possible to offer full performance within LANs, and when crossing LAN boundaries, keep low virtualization overhead. Multiple VNs are supported by defining and maintaining routing tables in virtual routers (VRs). Physical network infrastructure imposed limitations are handled by full co-operation among VRs in the routing process: VRs without limitations relay messages for connectivity limited VRs. A prototype of the ViNe routing infrastructure has been developed, and VRs showed full firewall traversal capability with low performance penalty.

ViNe Management, currently in design stage, will control ViNe routing infrastructure. ViNe Management is expected to enable self-management capabilities in VNs, such as adapting virtual paths to use the best physical path available by on-line monitoring the Internet performance or allowing merges and splits of deployed VNs. In addition, offered services will support the development of autonomic grid middleware: new VNs can be defined and deployed on-demand on a per virtual organization basis and facilitate resource allocation by clustering nodes with good network connectivity into one VN.

References:
[1] Tsugawa, M. and J. A. B. Fortes, "A Virtual Network (ViNe) Architecture for Grid Computing," 20th Intl Parallel and Distributed Processing Symposium (IPDPS-2006) doi:10.1109/IPDPS.2006.1639380, 04/06.
[2] Tsugawa, M. and Fortes, J. A. B. "Characterizing User-level Network Virtualization: Performance, Overheads, and Limits," 4th IEEE International Conference on e-Science, p.206-213, 07-12 December, 2008. DOI: 10.1109/eScience.2008.61, 12/08.
[3] Keahey, K.; Tsugawa, M.; Matsunaga, A. and Fortes, J. A. B.; "Sky Computing," Internet Computing, IEEE, vol.13, no.5, pp.43-51, Sept.-Oct. 2009. DOI: 10.1109/MIC.2009.94, 09/09.

ViNe software is available by request.