| Charles Chan | 6613eac | 2019-09-17 15:42:48 -0700 | [diff] [blame] | 1 | Specifications |
| 2 | ************** |
| 3 | |
| 4 | |
| 5 | SDN Features |
| 6 | ============ |
| 7 | - ONOS cluster of all-active N instances affording N-way redundancy and scale, where N = 3 or N = 5. |
| 8 | - Unified operations interface (GUI/REST/CLI) |
| 9 | - Centralized configuration – all configuration is done on controller instead of each individual switch |
| 10 | - Centralized role-based access control (RBAC) |
| 11 | - Automatic host (end-point) discovery – attached hosts, access-devices, appliances (PNFs), routers, etc. |
| 12 | - based on ARP, DHCP, NDP, etc. |
| 13 | - Automatic switch, link and topology discovery and maintenance (keep-alives, failure recovery) |
| 14 | |
| 15 | L2 Features |
| 16 | =========== |
| 17 | Various L2 connectivity and tunneling support |
| 18 | - VLAN-based bridging |
| 19 | |
| 20 | - Access, Trunk and Native VLAN support |
| 21 | - VLAN cross connect |
| 22 | |
| 23 | - Forward traffic based on outer VLAN id |
| 24 | - Forward traffic based on outer and inner VLAN id (QinQ) |
| 25 | - Pseudowire |
| 26 | |
| 27 | - L2 tunneling across the L3 fabric |
| 28 | - Support tunneling based on double tagged and single tagged traffic |
| 29 | |
| 30 | - Support VLAN translation of outer tag |
| 31 | |
| 32 | L3 Features |
| 33 | =========== |
| 34 | IP connectivity |
| 35 | - IPv4 and IPv6 unicast routing (internal use of MPLS Segment Routing) |
| 36 | - Subnetting configuration on all non-spine facing leaf ports; no configuration required on any spine port |
| 37 | - IPv6 router advertisement |
| 38 | - ARP, NDP, IGMP handling |
| 39 | - Number of flows in spines greatly simplified by MPLS Segment Routing |
| 40 | - Further reduction of per-leaf flows with route optimization logic |
| 41 | |
| 42 | DHCP Relay |
| 43 | ========== |
| 44 | DHCP L3 relay |
| 45 | - DHCPv4 and DHCPv6 |
| 46 | - DHCP server either directly attached to fabric leaves, or indirectly connected via upstream router |
| 47 | - DHCP client directly either attached to fabric leaves, or indirectly connected via LDRA |
| 48 | - Multiple DHCP servers for HA |
| 49 | |
| 50 | vRouter |
| 51 | ======= |
| 52 | vRouter presents the entire Trellis fabric as a single router (or dual-routers for HA), with disaggregated control/data plane |
| 53 | - Uses open-source protocol implementations like Quagga (or FRR) |
| 54 | - BGPv4 and BGPv6 |
| 55 | - Static routes |
| 56 | - Route blackholing |
| 57 | - ACLs based on port, L2, L3 and L4 headers |
| 58 | |
| 59 | Multicast |
| 60 | ========= |
| 61 | Centralized multicast tree computation, programming and management |
| 62 | - Support both IPv4 and IPv6 multicast |
| 63 | - Dual-homed multicast sinks for HA |
| 64 | - Multiple multicast sources for HA |
| 65 | |
| 66 | Troubleshooting & Diagnostics |
| 67 | ============================= |
| 68 | - Troubleshooting tool – T3: Trellis Troubleshooting Tool |
| 69 | - Diagnostics one-click collection tool `onos-diags` |
| 70 | |
| 71 | Topology |
| 72 | ======== |
| 73 | - Single leaf (ToR) or dual-ToR (dual-homing) |
| 74 | - Supports typical leaf-spine topology, 2 to 4 spines, up to 10 leaves |
| 75 | - Multi-stage leaf-spine fabric (leaf-spine-spine-leaf) |
| 76 | - Can start at the smallest scale (single leaf) and grow horizontally |
| 77 | |
| 78 | Resiliency |
| 79 | ========== |
| 80 | Provides HA in following scenarios |
| 81 | - Controller instance failure (requires 3 or 5 node ONOS cluster) |
| 82 | - Link failures |
| 83 | - Spine failure |
| 84 | Further HA support in following failure scenarios with dual-homing enabled |
| 85 | - Leaf failure |
| 86 | - Upstream router failure |
| 87 | - Host NIC failure |
| 88 | |
| 89 | Scalability |
| 90 | =========== |
| 91 | - (in production) Up to 50k routes, 110k flows, 8 Leaf, 2 Spines, with route optimization enabled |
| 92 | - (in pre-production) Up to 120k routes, 250k flows, 8 Leaf, 2 Spines, with route optimization enabled |
| 93 | |
| 94 | Security |
| 95 | ======== |
| 96 | - TLS-secured connection between controllers and switches (premium feature) |
| 97 | - AAA 802.1x authentication |
| 98 | - MACSec (L2 encapsulation) |
| 99 | |
| 100 | P4-ready |
| 101 | ======== |
| 102 | - Support for Stratum, P4Runtime and gNMI and P4 programs |
| 103 | - Innovative services enabled by programmable pipeline |
| 104 | |
| 105 | - BNG – PPPoE, anti-spoofing, accounting and more |
| 106 | - GTP encap/decap |
| 107 | |
| 108 | Overlay Support |
| 109 | =============== |
| 110 | Can be used/integrated with 3rd party overlay networks (e.g. OpenStack Neutron, Kubernetes CNI) |
| 111 | |
| 112 | Orchestrator Support |
| 113 | ==================== |
| 114 | Can be integrated with external orchestrator, logging, telemetry and alarm service via REST apis and Kafka events |
| 115 | |
| 116 | Controller Server Specs |
| 117 | ======================= |
| 118 | Recommended (per ONOS instance) |
| 119 | - CPU: 32 Cores |
| 120 | - RAM: 128GB RAM. 65GB dedicated to ONOS JVM heap (based on 50K routes) |
| 121 | |
| 122 | Whitebox Switch Hardware |
| 123 | ======================== |
| 124 | - Multi-vendor: Edgecore, QCT, Delta, Inventec |
| 125 | - Multi-chipset |
| 126 | |
| 127 | - Broadcom Tomahawk, Trident2, Qumran |
| 128 | - Barefoot Tofino |
| 129 | - 1/10G, 25G, 40G to 100G |
| Charles Chan | b6ab680 | 2019-09-20 15:44:35 -0700 | [diff] [blame] | 130 | - Refer to :doc:`Supported Hardware <supported-hardware>` for the most up-to-date hardware list |
| Charles Chan | 6613eac | 2019-09-17 15:42:48 -0700 | [diff] [blame] | 131 | |
| 132 | Whitebox Switch Software |
| 133 | ======================== |
| 134 | - Open source ONL, ONIE and Indigo OF client |
| 135 | - (in production) OF-DPA software commercial version – contact Broadcom |
| 136 | - (in labs/trials) OF-DPA software community version available from ONF (for switch models based on Trident and Tomahawk, not Qumran) |
| 137 | - (in labs/trails) Stratum available from ONF |