数据中心和云计算测试Agenda}云计算趋势}云基础架构测试•Fabric protocolsLISP/SPB/TRILL/OpenFlow/XMPP•Server Access protocolsFCoE/802.1Qbh/802.1Qbg/802.1x/1588/Green}虚拟化和云安全测试•虚拟化测试•存储测试•云安全测试云计算趋势-ICT…Changing Customer demands: In 2–5 years 40 % ofbusiness customers will buy ICT from the cloud.“20% of companies will no longer run ICT equipmentin-house 3 years from now.”“Major global telcos…leveraging formidable existing centralizedcomputing and network management assets.”Source: Cisco Aug 2010云计算趋势:Government wide cloud platform}~20 vendors offering thru apps portal already云计算概述Network stack in the cloud}Server/Hypervisor –物理LAN & SAN 连接(L1-2)}基础架构Infrastructure –虚拟LAN & SAN 连接(L2-3)•IaaS: 安装Linux 或Windows 的Virtual server}平台Platform –application transactions (L4-6)•PaaS: 虚拟主机Web hosting, 数据库服务器database server}软件Software –user content (L7)•SaaS:网页邮件收发webmail, 效力应用软件productivity appsServer/HypervisorIaaSPaaSSaaSSaaSPaaSSaaSSaaSUUU U UUU UIaaSIaaSPaaS PaaS思博伦云计算测试解决方案端到端性能测试应用安全& 云服务数据中心& 云架构云计算数据中心架构变化分离的LAN/SAN 多层网络手工配置Source: CiscoLAN/SAN融合-FCoE高密度平面以太网架构自动化、虚拟机位置感知SecurityServicesApplicationOptimization Core LAN& SAN FabricVirtual Server LAN & SAN Access全方位的云测试方案-PASSAVAILABILITYSECURITY SCALE PERFORMANCE云基础架构测试数据中心组成}Servers}Storage}NetworkPower!市场趋势总揽总揽 Trend 1: 10G 快速取代1G 用于服务器连接 Trend 2: 数据中心控制和数据平面协议持续演进Trend 1: 10G 快速取代1G 用于服务器连接 Trend 2: 数据中心控制和数据平面协议持续演进每天超过十亿连接多种多样10/40/100G Ethernet 及WAN链路10,000+ 10G Ethernet接入端口5000 servers –每台16-24 核480,000 虚拟机数百万运行的应用程序测试LAN & SAN 基础架构•What is the FCoE throughput of aggregated inter-switch links? (LAG)•How much latency do TRILL/SPB multi-pathing add end to end?•Does the fabric allow non 802.1x authenticated MAC addresses?•Can new L3 routing (LISP) scale to 100K+ VM IPs and run line-rate?erformancevailabilityecuritycalability 100K VMs仿真测试所有数据中心协议}Fabric protocols•LISP -Locator/ID Separation Protocol•SPB -Shortest Path Bridging•L2MP/TRILL –Layer 2 Multipath/Transparant Interconnection Losts of Links•OpenFlow•XMPP}Server Access protocols:•FCoE, FIP and DCBX –Fibre Channel over Ethernet•802.1Qbh -VNTag& VIC -Bridge Port Extension•802.1Qbg –VEPA –Edge Virtual Bridging•802.1x –authentication•1588 Master & Slave clock emulationLISP-名址分离网络协议Location-ID Separation Protocol}Started at Prague IETF, Mar 07; Deployed Pilot Network, July 07}原有的网络IP地址被分成EID（end-identifier）和RLOC（routing locator）。

}EID用于标志主机，不具备全局路由功能；RLOC用于全网路由。

}引入名与址的映射，即LISP中EID-to-RLOC的映射}解决路由容量、multi-homing和流量工程,移动性,IPv6过渡问题LISP (BPK-1181A)}Spirent TestCenter仿真ITR 和ETR routersIEEE 802.1aq/SPB-Shortest Path Bridging}802.1ah PBB（Provider Backbone Bridging）IEEE2008, MACinMAC, STP环路避免和转发控制}802.1Qay PBB-TE（Provider Backbone Bridge Traffic Engineering）, IEEE2009,手工方式配置指定路径取代STP的自动收敛}802.1aq SPB（Shortest Path Bridging）•解决STP阻塞链路浪费带宽的问题,采用L2 ISIS拓扑学习计算，•MACinMAC封装,在SPB区域内部进行报文传输•分为SPBV（VLAN QinQ）和SPBM（MACinMAC）两个部分July 18IEEE Plenary San Francisco 3802.1aq (SPBm) 互通测试}基于IETF draft-05，IANA 编码点分配和IEEE D4.0 –June 2011.}关注SPBM 模式}5个厂商}10 real switches }1 high end tester }1 passive network viewer (via NNI)} 1 LINUX/Quagga emulator.}构建IS-IS SPB 网络，187个节点nodes 和412条链路links.802.1aq (SPBm) 互通测试Spirent TestCenter}仿真3个SPBM Adjacencies.}仿真不同网络拓扑，包括ISIDs info. }发送PBB封装报文}用作ISID用户测试点}测试SPB数据中心网络的性能和扩展性}验证基于SPB传输的服务(IP, EOAM, MPLS, 组播…)}纳秒级线速流量S p i r e n t S P BIEEE 802.1aq/SPB(BPK-1182A)}P3.90版本开始支持，不需要另外购买IS-IS license.}独立L2层协议}支持大容量测试配置向导}控制平面配置向导}数据平面配置向导TRILL –Transparent Interconnection of Lots of Links }TRILL –Transparent Interconnection of Lots of Links•2010年3月RFC 5556规范，只描述了TRILL要解决的问题以及应用范围•定义在大型Ethernet网络中解决多路径问题的方案}控制平面TRILL引入了L2 ISIS做为寻址协议•RB（Routing Bridge），支持Trill的设备•部署于一个可自定义的独立协议VLAN内}数据平面引入了TRILL报头，使用NickName作为转发标识}提供最优点到点转发，最小配置}支持单播/多播多经multi-pathing转发}支持快速故障恢复rapid failover}替代STP（防环路），去除根桥概念/wg/trillTRILL on STC即将发布}Donald Eastlake from Huawei for specification details RFCs6325, 6326, and 6327 issued on Friday 22 July•DRB selection, Adjacencies establish•Designated vlan negotiation•broadcast and p2p network type•Nickname negotiation and nickname sub TLVLoad balance testingNeighbor numberTopology emulationMulticast forwarding tree testingConvergence time testLink MTU auto negotiation andModified by manualVLAN-X forwarderA node support multi Nickname…Spirent@ Open Networking Foundation }Spirent–ONF创始成员之一}积极参与测试与互操作工作组}Spirent TestCenter2012年3月第一个ONF互操作测试OpenFLow-数据转发和路由控制分离}控制器Controller 使用安全通道通过事先规定好的接口操作管理OpenFlow 交换机}OpenFlow 交换机组成•安全通道•流表Flow table -packet lookup/forwarding•Openflow 协议Switch PortMAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Rule Action Stats1.Forward packet to port(s)2.Encapsulate and forward to controller 3.Drop packet 4.Send to normal processing pipeline Packet + byte counters流表组成：头域（10元组）+操作+计数器OpenFlow controller & switch测试}Test OpenFlow SUT fail-over with high resolution sampling}Test OpenFlow SUT load balancing abilities}Test switch actions to push and pop VLAN and MPLS tags}Test switch VLAN remarking capabilities with RX analyzer filters}比较Spirent TestCenter计数器•With OpenFlow switch and controller•frames and packets at line-rate•Thousands of streams for QoS•1G 10G, 40G and 100G EthernetThe Extensible Messaging and Presence Protocol }用于服务类实时通讯、表示和需求}以Jabber 协议为基础•Jabber 是即时通讯中常用的开放式协议}RFC 3920, 分为两部分•核心的XML流传输协议•基于XML FreeEIM流传输的即时通讯扩展应用}XMPP中定义了三个角色:客户端，服务器，网关}即时通信系统包括SMS（短信），MSN，ICQ等}单客户端通过TCP/IP连接到单服务器，然后在之上传输XML}XMPP系统特点•(1)客户机/服务器通信模式；(2)分布式网络；(3)简单的客户端；(4)XML的数据格式The Extensible Messaging and Presence Protocol}STC支持XMPP仿真•XMPP Address(JID)/Capability File•XMPPvJ client pofile/Load profile•Rigester•Client/port resultSTC完备的FCoE实现•FIP –FCoE Initialization Protocol emulation (FLOGI/FLOGO)•Automatic traffic binding of FCID/assigned MAC and FC Checksum •ENodes discovery of VF_Port capable FCF-MACs•Multiple ENode and VN_Port emulation to FCF switch•NPIV VN_Port emulation to FCF, NPV and FIP snooping bridge switches•N-Port Virtualization (NPV) VNP_Port emulation to FCF switch•VF_Port emulation to NPV and FIP Snooping bridge switches•Detailed FCoE feature results with 15+ metrics including FIP counters, assigned FCID and granted MAC address}继续更新FCoE新标准•Working on Untagged VLAN support and new VN2VN specSTC DCBX仿真}Link Layer Discovery Protocol (LLDP) 仿真•20+ LLDP and DCBX TLVs with default or configurable parameters •Customizable TLVs•802.1Qau Congestion Notification TLV and results}支持Cisco, Brocade 和Juniper DCBX 版本}支持802.1Qbb优先级流控制Priority Flow Control (PFC) 自协商和802.1Qaz增强型传输选择Enhanced Transmission Selection (ETS)}详细的DCBX特性与统计：25+ metrics including PFC, FCoE Priority and Bandwidth allocation}自动开始/停止FCoE仿真}支持最新DCBX版本FCoE/FC一致性测试}CTS FIP –TPK-1053 for 10G FCoE and Fibre Channel module•FC-BB-5 specification –involves complete VN Enode and VF FCF emulation}CTS FCSW -TPK-1068 for 10G FCoE and Fibre Channel module •VE/E port emulation –signaling (ELP messaging, fabric assignment) & Routing –FSPF per FC-SW-5 specification}CTS FCLS -TPK-1066 for 10G FCoE and Fibre Channel module •FC-LS-2 specification (Extended Link Services)}CTS DCBX –TPK-1052 for 10G FCoE modules}CTS FIP Snooping for 10G FCoE and Fibre Channel modules•FC-BB-5 addendum testing Auto configuration of ACLs}CTS FC Generic Services for FCoE and FC modules•FC-GS-6 specification directory (name), management (zone) and event services数据中心桥接基准测试}RFC 2544 Network, RFC 2889 Switch, RFC 3918 Multicast，RFC 5180 IPv6Network benchmarking•1000s of Virtual Machine MACs per port}New draft enhancing RFC 2544 for data center bridging •Benchmark performance of 802.1Qbb (PFC) and 802.1Qaz (ETS) }下载最新测试白皮书：/cloud•Queueput•Maximum Forwarding Rate•Step/Back-off•Back to Back•Congestion ControlFCoE拓扑配置向导-VN/VF ports数据中心桥接基准测试套件IETF Draft Data Center Bridging BenchmarkingDCB基准测试自动化套件PFC自动化测试套802.1Qbh –Bridge Port Extension (Cisco VNtag/VN-Link)}802.1Qbh定义VM与接入层交换机之间的数据平面转发结构• A centralized Controlling Bridge（CB）•Distributed Port Extenders （PE）}来自每个VM的帧封装私有的VN-Tag头标记，交换机虚接口VIF映射到每VN-Tag}每个PE只能上行连接到一个逻辑的PE/CB，不存在环路，不需要STP}所有的VM之间通信流量都要上送到CB进行查表转发，PE不提供本地交换功能。