Community-Lab introduction

Differences From Artifact [0c2f6f03b8]:

• File script.txt — part of check-in [6f21a57258] at 2012-09-18 22:37:26 on branch trunk — More compact versions of testbed and node architecture and connectivity. (user: ivan, size: 12527) [annotate] [blame] [check-ins using]

To Artifact [a5a6ffd88e]:

• File script.txt — part of check-in [7451c9cd6d] at 2012-09-19 10:12:55 on branch trunk — Note what's not implemented yet. (user: ivan, size: 12620) [annotate] [blame] [check-ins using]

   125    125       - Provides a familiar and flexible env for researchers.
   126    126     - Direct interfaces allow experiments to bypass the CD when interacting with
   127    127       the CN.
   128    128     - Control software
   129    129       - Uses LXC tools on containers to enforce resource limitation, resource
   130    130         isolation and node stability.
   131    131       - Uses traffic control, filtering and anonymization to ensure network
   132         -      stability, isolation and privacy.
          132  +      stability, isolation and privacy (partialy implemented).
   133    133   - The recovery device can force a hardware reboot of the RD from several
   134         -  triggers and help with upgrade and recovery.
          134  +  triggers and help with upgrade and recovery (not implemented yet).
   135    135   
   136    136   ** Node and sliver connectivity
   137    137   # Node simplified diagram, hover to interesting parts.
   138    138   Slivers can be configured with different types of network interfaces depending
   139    139   on what connectivity researchers need for experiments:
   140    140   - Home computer behind a NAT router: a private interface with traffic
   141    141     forwarded using NAT to the CN and filtered to ensure network stability.
   142    142   - Publicly open service: a public interface (with a public CN address) with
   143    143     traffic routed directly to the CN and filtered to ensure network stability.
   144         -- Traffic capture: a passive interface using a direct interface for capture.
   145         -  Incoming traffic is filtered and anonymized to ensure network privacy.
          144  +- Traffic capture (not implemented yet): a passive interface using a direct
          145  +  interface for capture.  Incoming traffic is filtered and anonymized to
          146  +  ensure network privacy.
   146    147   - Routing: an isolated interface using a VLAN on top of a direct interface.
   147    148     It only can reach other slivers of the same slice with isolated interfaces
   148    149     on the same link.  All traffic is allowed.
   149         -- Low-level testing: the sliver is given raw access to the interface.  For
   150         -  privacy, isolation and stability reasons this should only be allowed in
   151         -  exceptional occasions.
          150  +- Low-level testing (not implemented yet).: the sliver is given raw access to
          151  +  the interface.  For privacy, isolation and stability reasons this should
          152  +  only be allowed in exceptional occasions.
   152    153   
   153    154   * How the testbed works
   154    155   # Event diagram, hover over components explained.
   155    156   An example experiment: two slivers, one of them (source sliver) pings the
   156    157   other one (target sliver).
   157    158   
   158    159   1. The researcher first contacts the server and creates a slice description