Archived-ONE
ONE Facts |
Project Lead: Florin Coras Repository: git clone https://gerrit.fd.io/r/one |
Description
Overlay Network Engine (ONE) is a VPP project that enables programmable dynamic Software Defined overlays. ONE uses an extended LISP-based map-assisted control plane to dynamically lookup overlay-to-underlay address mappings, as well as forwarding policies, on demand and as packets arrive. This includes policies such as connectivity, encryption, traffic engineering and virtual topologies, access control, and service chaining. The looked up mappings and forwarding policies are cached locally for a TTL period until they time out. The mapping and forwarding policy information is then used to encapsulate overlay packets towards their associated destinations or next hops.
ONE can use and operate a variety of encapsulation formats for the overlay including GRE, VXLAN-GPE (Generic Protocol Extension) [1], which is effectively merging VXLAN and LISP [2] encapsulations in a single format that supports multi-protocol payloads, etc. The control plane can be used to fetch the encapsulation capabilities of a destination as part of its mapping and forwarding policies.
An external open SDN controller will be used as the mapping system to store and provide the mapping and forwarding policies.
Get Involved
Scope
Project scope includes implementation of nodes that enable dynamic encapsulation and de-capsulation of data packets using different encapsulation formats, the map cache, and the LISP control plane for retrieval and update of the mapping and forwarding policies. The scope also includes integration with other components within VPP such as IPSec for encryption and NSH.
In more detail the scope will include:
- Implementation of plugins/graph nodes to allow dynamic lookup and retrieval of mappings of network traffic to encapsulations for next hops (various encaps are supported and mapping system can determine the encap to use.) Various network traffic can be mapped, including L2, L3, NSH,...
- Implementation of plugins/graph nodes to store/cache the retrieved mappings locally
- Implementation of plugins/graph nodes to carry out/apply the mappings for existing flows (match and encap)
- Implementation of plugins/graph nodes to allow integration with other components including IPSec for encryption and NSH for service chaining
- Exporting APIs over NETCONF - using Honeycomb or other means defined by fd.io
- Supporting tools, testing
Documentation
Tutorial
Video tutorial: arch walkthrough and demo