The functional requirements for virtual circuits include:
1.
Variable bandwidth circuits:
The high cost to provision dedicated long distance 10 Gb/s circuits precludes dedicating a
10 Gb/s path for every application, and typical science requirements for virtual circuits do
not require the full 10 Gb/s of bandwidth of a lambda path. Therefore, user requested
VCs on SDN are bandwidth configurable in order to cost-effectively share the 10Gb/s
paths.
2.
Support for user/application VC reservation requests given end point addresses, the
required bandwidth, start time, and duration of the VC
3.
Managing allocations of scarce, shared resources:
Guaranteed bandwidth VCs, like supercomputer cycles, will be a scarce resource that
must be allocated according to an Office of Science policy. Strong authentication and
authorization to enforce policy for VC use is needed to prevent unauthorized use of the
scarce resource. Usage data is required for accounting and feedback to a resource
allocation management system.
4.
Providing circuit setup and teardown mechanisms on both the IP and SDN cores:
Virtual circuits must traverse both networks in order to reach end points not directly
attached to the SDN.
5.
Enable the claiming of reservations:
Users must be able to easily use the VCs that they have requested.
6.
Enforce usage limits:
Admission control and ingress bandwidth policing (limiting) are needed to prevent
oversubscription of the VCs which use scarce resources (bandwidth).
7.
Cross-domain compatibility:
The science environment is inherently multi-domain, and the service must accommodate
end points that are at institutions served by ESnet, Abilene, GÉANT, and their regional
networks.
These requirements are being addressed in ESnet with the On-demand Secure Circuits and
Advance Reservation System (OSCARS) 0. OSCARS examines paths for available bandwidth
and then reserves bandwidth in the network between the VC end points. The bandwidth is
claimed, essentially transparently, by the user by virtue of identifying characteristics of the traffic
being specified in the reservation that is, either IP flow specifications or VLAN tags.
OSCARS guarantees the bandwidth of circuits by maintaining a network-wide database of all
reservable and reserved bandwidth and ensuring that neither the SDN bandwidth nor the
bandwidth limits on priority circuits in the IP network are exceeded. Policy-based routing in the
IP network is used to separate the circuit-based and IP production traffic at the ingress interface.
Circuit-based traffic to or from specified hosts is routed onto the SDN network. Sites typically
will use a separate switch or router interface for high-bandwidth VC traffic.
Cross-domain compatibility presents some complex issues. In particular, cross-domain circuit
setup requires a network-to-network management interface (NNI). However, no general NNI
standard exists at the present, and so this issue is being addressed by developing the virtual circuit
services as collaboration among a number of the R&E serving networks and organizations in
order to ensure compatibility. The collaboration involves OSCARS 0, Internet2 0, GÉANT (the
European equivalent of Internet2/Abilene) and the European regional networks (NRENs) 0,
Brookhaven National Laboratory 0, General Atomics 0, SLAC 0, DRAGON (NSF network
research testbed) 0, and Ultra Science Network (DOE research network) 0.
28