Index: script.txt ================================================================== --- script.txt +++ script.txt @@ -90,17 +90,15 @@ - Network and node managed by CN members. - Node admins must adhere to testbed terms and conditions. - This decouples testbed management from infrastructure ownership and mgmt. - Testbed management traffic uses a tinc mesh VPN: - Avoids problems with firewalls and private networks in nodes. - - Mgmt network uses IPv6 to avoid address scarcity and incompatibility - between CNs. - - Short-lived mgmt connections make components mostly autonomous and - tolerant to link instability. + - IPv6 is used to avoid address scarcity and incompatibility between CNs. + - Link instability is tolerated by using short-lived mgmt connections. - Gateways allow a testbed to span multiple CNs. - - Bridging the mgmt net over external means (e.g. FEDERICA, the Internet). - - Gateways can route the management network to the Internet. + - Connecting the mgmt net over external means (e.g. FEDERICA, the Internet). + - Gateways can make the management network available to the Internet. - A researcher runs the experiments of a slice in slivers each running in a different node. ** Nodes, slices and slivers # Diagram: Slices and slivers, two or three nodes with a few slivers on them, @@ -117,20 +115,17 @@ - Completely normal CN device, so existing ones can be used. - Routes traffic between the CN and the node's wired local network (which runs no routing protocol). - The research device - Usually more powerful than CD, since experiments run here. - - Separating CD/RD makes integration with any CN simple and safe: - - Little CONFINE-specific tampering with CN infrastructure.?! - - Little CN-specific configuration for RDs.?! - - Misbehaving experiments can't crash CN infrastructure. + - A separated RD minimizes tampering with CN infrastructure. + - Also experiments can't crash the CD. - Runs OpenWrt firmware customized by CONFINE. - - Slivers are implemented as Linux containers. - - Lightweight virtualization supported mainstream. - - Provides a familiar and flexible env for researchers. - - Direct interfaces allow experiments to bypass the CD when interacting with - the CN. + - Slivers are implemented as lightweight Linux containers. + - Provide a familiar and flexible env for researchers. + - Direct interfaces allow low-level interaction of experiments with the CN + bypassing the CD. - Control software - Uses LXC tools on containers to enforce resource limitation, resource isolation and node stability. - Uses traffic control, filtering and anonymization to ensure network stability, isolation and privacy (partialy implemented).