MD-IDN: Multi-Domain Intent-Driven Networking in Software-Defined Infrastructures Saeed Arezoumand, Kristina Dzeparoska, Hadi Bannazadeh, and Alberto Leon-Garcia Department of Electrical and Computer Engineering University of Toronto, Toronto, ON, M5S 3G4, Canada Email: {s.arezoumand, kristina.dzeparoska}@mail.utoronto.ca, {hadi.bannazadeh, alberto.leongarcia}@utoronto.ca Abstract—Intent-Driven Networking is recently gaining inter- est, with all major SDN control platforms now providing an intent Northbound Interface (NBI) as a high-level abstraction for network management. With these frameworks network operators can conveniently define “what needs to be done”, rather than “how it should be done”. Current IDN frameworks pose two main limitations that affect deployment in production grade and multi-domain networks. They are mainly concerned with a single network domain, and thus enabling end-to-end network intents over a multi-domain and large-scale setup is still a challenge. Furthermore, these frameworks do not consider any differentiation between user intents and provider intents, and a limited set of intent classes are available for both. In this paper we present MD-IDN, which provides an intent framework for the users of multi-domain cloud infrastructures. We first propose a graph-based abstraction model for user-defined intents and a generic intent compilation process. Then, we propose compilation algorithms to achieve scalability in multi-domain networks: First, user-defined intents get processed over an abstracted multi-graph of network domains and their interconnections, and a set of local intents will be generated for each of the involved domains. Afterwards, the local intents will be compiled and installed in local regions in parallel. MD-IDN is deployed as a public service in the SAVI Testbed over more than ten data centers spanning across Canada. In multi-domain environments, our experiments show that MD-IDN outperforms current practices that compile intents over a flat network topology. I. I NTRODUCTION With the introduction of Software-Defined Infrastructures (SDI) [1], many projects have been trying to realize SDI by combining cloud controllers (e.g. OpenStack [2]) with SDN controllers to enable network programmability for cloud users [3], [4]. During five years of continuous development and operation of the SAVI Testbed [5], a nation-wide deployment of our proposed SDI architecture, we determined that it is practically inconvenient and error-prone for most users to program their networks using low-level interfaces such as the OpenFlow protocol. Our experience confirms that realizing the capabilities of programmable networks [6] is not achievable, unless higher-level abstractions are provided for end-users. Intent-Driven Networking (IDN) promises to fill this gap by providing a simple, yet expressive high-level abstraction over the network controller [7]. This abstraction hides the unnecessary details of the underlying infrastructure from users and allows them to customize network configuration using human readable intents. Current intent NBIs [8]–[10] compile intents over a flat non-abstracted topology, which is not scalable and feasible in multi-domain scenarios. However, a proper IDN framework for multi-domain SDIs must address certain requirements that pertain in particular to multi-tenant geo-distributed cloud environments: Multi-domain Scale: The existing intent frameworks are not designed for multi-domain geographically-distributed SDN deployments (e.g. SAVI Testbed or Google B4 [11]). In these environments each domain has an autonomous local controller to meet the control plane response time requirements in the local network. An intent framework for these environments must install and maintain end-to-end network intents over multiple domains and hence over multiple control platforms. Data-path Performance: Due to data-path performance requirements, these configurations cannot be applied using encapsulated overlay tunnels over IP. For example, the SAVI Testbed is comprised of data-path elements with up to 10 or even 100 Gbps of bandwidth. Data-path performance of encapsulated overlay tunnels falls far below this requirement. Tenant Isolation: Isolation across tenants is a crucial requirement in multi-tenant environments. Therefore, the in- tent framework must avoid cross-contamination of intents requested by different tenants. In this paper, we introduce MD-IDN, a framework for end-to-end Multi-Domain Intent-Driven Networking in SDI deployments. MD-IDN introduces the following particular contributions: • A generic and extensible graph representation for user- defined network policies and intents. This intent graph abstracts away details of the network topology from users’ perspective. • We introduce and evaluate a set of algorithms to automat- ically distribute and scale the compilation and installation of intents in the form of an intent graph over heteroge- neous and multi-domain networks. • Our proposal for MD-IDN goes beyond a paper design. It is deployed and available as a public service for SAVI Testbed users, and has been under continuous improvement and development over the past year. The rest of this paper is organized as follows: Section II provides an overview of the intra-domain network intent model and its characteristics. Next, section III presents the end-to-end network intent concept and its realization with the proposed 978-3-901882-98-2 © 2017 Crown