1.
● System/network engineer/
administrator (2003)
● Master and PhD Studies (2011)
● ONOS Contributor (2017)
● Network Development/ Researcher
at ITB (2018)
● ONF & ONOS Ambassador (2018)
https://ambassadors.opennetworking.org/directory/aris-cahyadi-risdianto/

2.
#ONOSProject
Content
● ONOS Introduction
● SDN-IP Application
● SDN-IP Deployment Guideline
● Use case for SDX
● BGP Route Origin Validation in SDX
● Demo (Video / Live)

3.
#ONOSProject
Open Networking Foundation
The Open Networking Foundation (ONF) is a non-profit operator led consortium driving
transformation of network infrastructure and carrier business models.
We are an open, collaborative, community of communities. The ONF serves as the umbrella for a
number of projects building solutions by leveraging network disaggregation, white box economics,
open source software and software defined standards to revolutionize the carrier industry.

4.
#ONOSProject 5
Mobile
ROADM
(Core)
Radio
Units
PON
OLTs
PON
OLTs
ResidentialEnterprise
Shared Cloud Infrastructure
ONF’s Projects and Platforms

5.
#ONOSProject 6
Mobile
ROADM
(Core)
Radio
Units
PON
OLTs
PON
OLTs
ResidentialEnterprise
Shared Cloud Infrastructure
ONF’s Projects and Platforms

6.
#ONOSProject
Open Networking Operating System
(ONOS)

7.
#ONOSProject
What is ONOS?
Open Network Operating System (ONOS) is an open
source SDN network operating system. Our mission is to
enable Service Providers to build real SDN/NFV Solutions.
https://onosproject.org

8.
#ONOSProject
ONOS Ecosystem
ON.LAB COLLABORATORS COMMUNITY

9.
#ONOSProject
Architectural Tenets
● High-availability, scalability and performance
○ Required to sustain demands of service provider & enterprise networks
● Strong abstractions and simplicity
○ Required for development of apps and solutions
● Protocol and device behaviour independence
○ Avoid contouring and deformation due to protocol specifics
● Separation of concerns and modularity
○ Allow tailoring and customization without speciating the code-base

10.
#ONOSProject
OSGI / Apache Karaf
ONOS distributed applications platform
ONOS networking core
ONOS applications
GUI REST API
CommandLine
ONOS Architecture

11.
#ONOSProject
ONOS Distributed Architecture
NB Core API
Distributed Core
(state management, notifications, high-availability & scale-out)
SB Core API
Protocols
Providers
Protocols
Providers
Protocols
Providers
Protocols
Providers
AppsApps

12.
#ONOSProject
ONOS Distributed Architecture
NB Core API
Distributed Core
(state management, notifications, high-availability & scale-out)
SB Core API
Protocols
Providers
Protocols
Providers
Protocols
Providers
Protocols
Providers
AppsApps

13.
#ONOSProject
ONOS Core Subsystems
Device Link Host
Topology
Flow Rule
Path
Packet
StatisticsIntent
Application
Leadership
Messaging
Storage Region
Mastership
Driver
Group
Security
Flow Objective
Event
OpenFlow NetConf OVSDB
Core Cluster
. . .
Proxy ARPMobility L2 Forwarding
REST API GUI CLI
Network Cfg.
SDN IP / BGP Packet / Optical
Tunnel
. . .
OSGi / Apache Karaf
Network Virt.Device Cfg.
Config
UI Extension
External Apps
Graph
Discovery Tenant . . .

14.
#ONOSProject
ONOS Core Subsystems
Device Link Host
Topology
Flow Rule
Path
Packet
StatisticsIntent
Application
Leadership
Messaging
Storage Region
Mastership
Driver
Group
Security
Flow Objective
Event
OpenFlow NetConf OVSDB
Core Cluster
. . .
Proxy ARPMobility L2 Forwarding
REST API GUI CLI
Network Cfg.
SDN IP / BGP Packet / Optical
Tunnel
. . .
OSGi / Apache Karaf
Network Virt.Device Cfg.
Config
UI Extension
External Apps
Graph
Discovery Tenant . . .

15.
#ONOSProject
Seamless SDN & IP Network
(SDN-IP)

16.
#ONOSProject
ONOS SDN
ONOS
ONOS used to be confined in his wonderful world,but wasn’t able to
communicate with the outside
S D N

17.
“Clusters” started also to speak “peering” together to be more efficient
and scalable using BGP
ONOS
ONOSONOSONOSONOS BGP
ONOS and BGP

18.
#ONOSProject
SDN-IP

19.
SDN-IP Architecture

20.
SDN-IP Architecture

21.
SDN-IP Architecture

22.
SDN-IP Architecture

23.
SDN-IP Use Cases
SDN-IP for external
networks (~ SDX)
SDN-IP to connect between
ONOS Clusters

24.
#ONOSProject
SDN-IP Components
The gray box - represents
the SDN-IP module
The green boxes - represent
the external ONOS services
that SDN-IP depends on
The yellow boxes -
represent the SDN-IP
interfaces exposed to the
external modules
The red boxes - the Java
classes that implement a
specific interface

25.
#ONOSProject
SDN-IP Configuration

26.
#ONOSProject
SDN-IP Development
Get the “resolved” route prefix
Generate MP2SP Intent for that
specific prefix
Submit MP2SP Intent to Intent
Framework in order to be applied
into OpenFlow rules and SDN
switches

27.
#ONOSProject
SDN-IP Deployment Guidelines

28.
#ONOSProject
Physical setup

29.
#ONOSProject
OpenFlow Control Plane Connectivity

30.
#ONOSProject
Basic Workflow 1/3 (pre-existing iBGP Session)
10

31.
#ONOSProject
Basic Workflow 2/3 (eBGP Session Establishment)
0 2
3
1

32.
#ONOSProject
Basic Workflow 3/3 (Propagation of Routes)
0
1
2
3
4
5

33.
#ONOSProject
ONOS SDN Deployment (incl. SDN-IP)
https://wiki.onosproject.org/display/ONOS/Global+SDN+Deployment+Powered+by+ONOS

34.
#ONOSProject
SDN-IP Use Case for SDX

35.
#ONOSProject
What is SDX / SD-IXP ?

36.
#ONOSProject
What is SDX / SD-IXP ?
IX / IXP

37.
#ONOSProject
What is SDX / SD-IXP ?
IX / IXP
Route Server

38.
#ONOSProject
What is SDX / SD-IXP ?
IX / IXP
Route Server
SDN

39.
#ONOSProject
What is SDX / SD-IXP ?
IX / IXP + Route Server + SDN = SDX
IX / IXP
Route Server
SDN

40.
ONOS L3-SDX Application
https://wiki.onosproject.org/display/ONOS/SDX-L3+application

41.
Other SDX Example (Pacific Wave)
https://pacificwave.net

42.
Other SDX Example (Google Espresso)
https://www.blog.google/products/google-cloud/making-google-cloud-faster-more-available-and-cost-effective-extending-sdn-public-internet-espresso/

43.
SDX / SD-IXP : Enabling Innovation in IXP
https://noise-lab.net/projects/software-d
efined-networking/sdx/

44.
SDX / SD-IXP : Enabling Innovation in IXP
- BGP Security Implementation
- E.g., BGP Route Validation with RPKI
https://noise-lab.net/projects/software-d
efined-networking/sdx/

45.
BGP Route Validation with RPKI in SDX
BGP ROA with
RPKI Server
1
2
3
4
5

46.
BGP Route Validation with RPKI in SDX
1. BGP Speaker will receive routes from all external BGP Routers through eBGP
peerings
2. ONOS SDN-IP will get all the best routes from BGP Speaker and install the
intents based on given routes & configurations
3. Other application on the top of ONOS controller will check the installed
intents/routes against BGP ROA database from RPKI server
4. If the routes/prefixes are not in the list, so the application will suspend (drop)
related intent to block traffic pass through the SDX
5. The associated intent will spread the policy into SDN switches to execute the
traffic blocking

47.
Why “BGP Route Validation with RPKI in SDX”?
1. No changes in the router
○ No SW upgrade or configuration changes
○ Less process in the router (low specification router)
2. Faster roll-back for any failures because it is application-based
which can be enable/disable instantly
3. Avoid misconfiguration in the router due to a centralized policy
control by SDN controller in the SDN switches
○ Changes only in FIB but not in RIB

48.
#ONOSProject
How it can be implemented?
● Get the AS Path
● Get the originating AS
● Validate ROA for given AS and
prefix
● If ‘not valid’ or ‘unknown’
return null intent

49.
https://wiki.onosproject.org/display/ONOS/SDN-IP+Tutorial

50.
Environment (Topology)

51.
(1) Running ONOS Controller

52.
(2) Activating Southbound provider
openflow-base
openflow-base
Activate OpenFlow southbound provider as ONOS application

53.
(3) Starting Mininet Topology
Start the mininet topology for SDN-IP
sdnip.json

54.
(4) Activating SDN-IP application
Activate ONOS SDN-IP application
Activate the dependent applications for SDN-IP

55.
(5) Route / Intent / Connection Verification
Check the intent status in ONOS
Check the route advertisement in ONOS
Check the connection between h1 and h2

56.
(6) Advertising new Route
Access the R4 from the mininet terminal
Advertise the new route behind R4
Access the quagga terminal

57.
(6) Advertising new Route
Check the intent status in ONOS
Check the route advertisement in ONOS
Check the connection between h1 and h4

58.
#ONOSProject
Interested?

59.
#ONOSProject
● The ONOS Project
● A Beginner's Guide to Contribution
● Issue Tracking and Submission with JIRA
● Finding, Claiming, and Working On Issues
● Submitting a new feature proposal
● Using Jira to create an issue: bugs, feature requests, documentation
● Contributing to the ONOS Codebase
● Code Style Guidelines
● Unit Test Guidelines
● Sample Gerrit Workflow
● Module Owners
● Contributing to ONOS Documentation
● Getting Started with Wiki Contents
● Sample Document Template
● Wiki Formatting Conventions
● Continuous Integration
● How to Contribute to System Test
● Documentation Section Owners
● Project Maintainer
● Contributing from China
How to Contribute?

60.
#ONOSProject
Thank you!
aris@onos-ambassadors.org

61.
Join the journey @ onosproject.org
Software Defined Transformation of Service Provider Networks