Page1    Page27                                                                        Page29  Page177

The functional requirements for virtual circuits include:

1.

Variable bandwidth circuits:

The high cost to provision dedicated long distance 10 Gb/s circuits precludes dedicating a

10 Gb/s path for every application, and typical science requirements for virtual circuits do

not require the full 10 Gb/s of bandwidth of a lambda path. Therefore, user requested

VCs on SDN are bandwidth configurable in order to cost-effectively share the 10Gb/s

paths.

2.

Support for user/application VC reservation requests given end point addresses, the

required bandwidth, start time, and duration of the VC

3.

Managing allocations of scarce, shared resources:

Guaranteed bandwidth VCs, like supercomputer cycles, will be a scarce resource that

must be allocated according to an Office of Science policy. Strong authentication and

authorization to enforce policy for VC use is needed to prevent unauthorized use of the

scarce resource. Usage data is required for accounting and feedback to a resource

allocation management system.

4.

Providing circuit setup and teardown mechanisms on both the IP and SDN cores:

Virtual circuits must traverse both networks in order to reach end points not directly

attached to the SDN.

5.

Enable the claiming of reservations:

Users must be able to easily use the VCs that they have requested.

6.

Enforce usage limits:

Admission control and ingress bandwidth policing (limiting) are needed to prevent

oversubscription of the VCs which use scarce resources (bandwidth).

7.

Cross-domain compatibility:

The science environment is inherently multi-domain, and the service must accommodate

end points that are at institutions served by ESnet, Abilene, GÉANT, and their regional

networks.

These requirements are being addressed in ESnet with the On-demand Secure Circuits and

Advance Reservation System (OSCARS) 0. OSCARS examines paths for available bandwidth

and then reserves bandwidth in the network between the VC end points. The bandwidth is

claimed, essentially transparently, by the user by virtue of identifying characteristics of the traffic

being specified in the reservation ­ that is, either IP flow specifications or VLAN tags.

OSCARS guarantees the bandwidth of circuits by maintaining a network-wide database of all

reservable and reserved bandwidth and ensuring that neither the SDN bandwidth nor the

bandwidth limits on priority circuits in the IP network are exceeded. Policy-based routing in the

IP network is used to separate the circuit-based and IP production traffic at the ingress interface.

Circuit-based traffic to or from specified hosts is routed onto the SDN network. Sites typically

will use a separate switch or router interface for high-bandwidth VC traffic.

Cross-domain compatibility presents some complex issues. In particular, cross-domain circuit

setup requires a network-to-network management interface (NNI). However, no general NNI

standard exists at the present, and so this issue is being addressed by developing the virtual circuit

services as collaboration among a number of the R&E serving networks and organizations in

order to ensure compatibility. The collaboration involves OSCARS 0, Internet2 0, GÉANT (the

European equivalent of Internet2/Abilene) and the European regional networks (NRENs) 0,

Brookhaven National Laboratory 0, General Atomics 0, SLAC 0, DRAGON (NSF network

research testbed) 0, and Ultra Science Network (DOE research network) 0.

28