ngnlab.eu – A virtualized laboratory infrastructure 2

equableunalaskaSecurity

Dec 9, 2013 (3 years and 9 months ago)

103 views

Hochschule für Telekommunikation Leipzig

Science Days

3. November 2010

Leipzig, Germany

Facts


Next generation communication infrastructure on STU Bratislava


(shared deployment of faculties for electronics and informatics)


Playground to implement results of research in the area of IP
based services

Vision


Open and transparent server and service infrastructure


Cost
-
efficient investment that offers high
-
end open
communication environment

An Example


Presenting of how far we went already in the world of standard
compliant and free software


Showing that the use of open
-
source software in education can
be tremendously supportive


Shocking operators in what some pieces of hardware can do
2


Virtual laboratory, just with a wider distribution
of the used infrastructure in the community


More partners massively increase the efficiency
of all ngnlab.eu members


Re
-
use the existing deployment and know
-
how


Distribute core components to simulate real multi
-
operator infrastructures (security, network parameter)


Integrate and cross
-
test new applications


1
st

step proofs feasibility: Long term successful
STU+ST cooperation in ngnlab.eu project


Complete SIP based communication
infrastructure


Basic SIP services (registrar, proxy)


NAT traversal, media relay


Integrated voice mail system, conferencing engine


Media gateway through VoIP trunk


Presence service



We can in fact become a small VoIP operator.

4


Complete IMS service infrastructure


IMS core (P/I/S/E
-
CSCF), HSS


Integrated presence management


XDMS (ft. authorization, resource lists)


SIP application server



IMS integrated IPTV


Three channels


Network based video recorder (
nPVR
)


IPTV messaging


Broadcasts

5

Hardware


A rack each site


A couple of servers


Some basic switches


UPS

6

Courtesy of
ScriS

(
www.flickr.com
)

Software


0


7


Everything running on STU servers is OSS


Operating system


Virtualization software


SIP server, media server


IMS core


Application server


IPTV solution

8


"the act of
virtualizing
"



… to run a program in virtual storage


… to simulate some effect or condition on a
computer



Virtual: defined in philosophy as "that which
is
not real
"

Courtesy of
Wiktionary

(
www.wiktionary.com
)


“Virtual laboratory”


Deployment of physical infrastructure on two sites
at the university in Bratislava and one site at Slovak
Telekom,
a.s
.


“Virtual servers”


Each physical server hosts several virtual machines


“Virtual networking”


Virtual LANs to separate network traffic for security
and research (monitoring)


Not restricted to physical connections

Date

Author / Presentation title

10


FEI lab


5 physical servers (all running GNU/Linux)


1 management switch, 1 traffic switch (L3)


FIIT lab


4 physical server (all running GNU/Linux)


Connected to university switch


Routing, management etc. through Linux router


ST lab


2 physical server (
VMWare

ESX, Solaris)


Shared NAS server


Several virtualization techniques are used


Full virtualization


ST:
VMWare

ESX Server 3.0.1


STU:
Xen

3.2 (hardware
-
assisted virtualization, HVM)


Paravirtualization


STU lab:
Xen

3.2


OS
-
level virtualization


ST: Solaris 10 Containers


Oracle
VirtualBox

and
VMWare

server used on
notebooks to emulate several client instances


Distributed labs interconnected with
OpenVPN


Linux routers on STU and a dedicated virtual
machine on ST run the software


IPTables

used to solve NAT problem


Within each lab configured
VLANs

to separate
traffic and enforce security policies


Native
VMWare

ESX and Solaris 10 feature


Xen

servers use user mode enhancements for kernel


Traffic separation according


Connection type


Network traffic


Management of physical and virtual machines


Service


Each service has own
VLANs

(VoIP, IMS, IPTV)


Protocol


Signaling: SIP, XMPP, Diameter


Media: RTP, RTMP


Easy enforcement of security policies and
network traffic monitoring

Sig

Med

apt

Monitoring

Sig

DB

DB

Router



Sebastian Schumann

schumann@ktl.elf.stuba.sk

16

All registered trademarks are property of their respective owners.