目錄
FD.io is a networking technology that can used to build a galaxy of Network Functions. Today it is being used by a several major communication network providers and equipment manufactures to build world-class network functions.
Routers/Universal CPE etc.
FD.io VPP supports entry hardware options from number of hardware vendors
for building Customer Premise Equipment devices. FD.io based commercial options are available from vendors such as Netgate with TNSR, Cisco with the ASR 9000 and Carrier Grade Services Engine and many more.
Commercial implementations integrate Strong Swan for IKE.
The implementations are accelerated with DPDK Cryptodev for whole platform crypto.
Featuring:
| Data Plane | Control Plane |
|---|---|
| L2 Switch | Netconf/Yang |
| VLAN/ Q-inQ | BGP |
| L3 Router | |
| NAT | IKEv2 |
| ACL (mac, ip, port) | |
| IPSEC |
Broadband Network Gateway
FD.io VPP has a growing list of network traffic management and security features to support gateway uses cases such as Broadband Network Gateway.
Featuring:
| Data Plane | Control Plane |
|---|---|
| L2 Switch | Netconf/Yang |
| L3 Router | BGP |
| Classification | |
| hQoS | |
| ACL | |
| TM (Policing, Metering) |
Cloud Load Balancer
FD.io VPP has a rich set of plugin’s to enhance its capabilities. Cloud load-balancing is just one of number of feature enhancing plugins available to the end user.
For example: Google Maglev Implementation, Consistent Hashing, Stateful and stateless load balancing, Kube-proxy integration.
Featuring:
| Data Plane | Control Plane |
|---|---|
| Bonding | |
| VLAN / Q-in-Q | |
| NAT | K8s Kube-Proxy |
| ACL (blacklist) | |
| TM (policing, metering) | |
| L4 Load Balancer |
Intrusion Prevention System
FD.io VPP has four different Access Control List technologies; ranging from the simple IP-address whitelisting (called COP) to the sophisticated FD.io VPP Classifiers.
Featuring:
| Data Plane | Control Plane |
|---|---|
| L2 Switch | Netconf/Yang |
| L3 Router | BGP |
| Classification | |
| NAT (mac, ip, port) | |
| ACL (mac, ip, port) |
Deployment Models
FD.io is being used in Discrete Appliances, Virtual Network Functions (VNFs) and for Cloud Native Functions (CNFs) for example:
Discrete Appliances
Netconf & Yang support is provided with Sweetcomb.
Virtual Network Functions
Openstack support is provided with Networking VPP or Open Daylight as your OpenStack Neutron ML2 Driver.
Cloud Network Functions
Kubernetes and Container support is provided with Ligato and Contiv/VPP as your Kubernetes CNI providers.
譯文
FD.io用例
FD.io是一種聯網技術,可以用來建立一個網絡功能星系。如今,一些主要的通信網絡提供商和設備製造商正在使用它來構建世界一流的網絡功能。
路由器/通用CPE等
FD.io VPP支持許多硬件供應商的入門硬件選件,
用於構建客戶前提設備設備。基於FD.io的商業選項可從供應商處獲得,例如帶有TNSR的Netgate,帶有ASR 9000和電信級服務引擎的Cisco等。
商業實施爲IKE集成了Strong Swan。
使用DPDK Cryptodev 加速了整個平臺加密的實現。
特色:
| 數據平面 | 控制平面 |
|---|---|
| L2開關 | Netconf /楊 |
| VLAN / Q-inQ | BGP協議 |
| L3路由器 | |
| NAT | IKEv2 |
| ACL(mac,ip,端口) | |
| IPSEC |
寬帶網絡網關
FD.io VPP具有越來越多的網絡流量管理和安全功能,以支持諸如寬帶網絡網關之類的網關使用案例。
特色:
| 數據平面 | 控制平面 |
|---|---|
| L2開關 | Netconf /楊 |
| L3路由器 | BGP協議 |
| 分類 | |
| 服務質量 | |
| 訪問控制列表 | |
| TM(警務,計量) |
雲負載均衡器
FD.io VPP具有豐富的插件集以增強其功能。雲負載平衡只是最終用戶可以使用的衆多功能增強插件之一。
例如:Google Maglev實現,一致性哈希,有狀態和無狀態負載平衡,Kube-proxy集成。
特色:
| 數據平面 | 控制平面 |
|---|---|
| 粘接 | |
| VLAN / Q-in-Q | |
| NAT | K8s Kube代理 |
| ACL(黑名單) | |
| TM(管制,計量) | |
| L4負載均衡器 |
入侵防禦系統
FD.io VPP具有四種不同的訪問控制列表技術。從簡單的IP地址白名單(稱爲COP)到複雜的FD.io VPP分類器。
特色:
| 數據平面 | 控制平面 |
|---|---|
| L2開關 | Netconf /楊 |
| L3路由器 | BGP協議 |
| 分類 | |
| NAT(mac,ip,端口) | |
| ACL(mac,ip,端口) |
部署模型
FD.io已用於離散設備,虛擬網絡功能(VNF)和雲本機功能(CNF)中,例如:
離散電器
Sweetcomb提供了Netconf&Yang支持。
虛擬網絡功能
Networking VPP或Open Daylight提供了Openstack支持,作爲您的OpenStack Neutron ML2驅動程序。
雲網絡功能
Kubernetes和容器支持具備Ligato和Contiv / VPP爲您Kubernetes CNI提供商。