Internet Research Task Force (IRTF)                         M. Behringer
Request for Comments: 7575                                   M. Pritikin
Category: Informational                                     S. Bjarnason
ISSN: 2070-1721                                                 A. Clemm
                                                           Cisco Systems
                                                            B. Carpenter
                                                       Univ. of Auckland
                                                                S. Jiang
                                            Huawei Technologies Co., Ltd
                                                            L. Ciavaglia
                                                          Alcatel Lucent
                                                               June 2015
        
Internet Research Task Force (IRTF)                         M. Behringer
Request for Comments: 7575                                   M. Pritikin
Category: Informational                                     S. Bjarnason
ISSN: 2070-1721                                                 A. Clemm
                                                           Cisco Systems
                                                            B. Carpenter
                                                       Univ. of Auckland
                                                                S. Jiang
                                            Huawei Technologies Co., Ltd
                                                            L. Ciavaglia
                                                          Alcatel Lucent
                                                               June 2015
        

Autonomic Networking: Definitions and Design Goals

自主网络:定义和设计目标

Abstract

摘要

Autonomic systems were first described in 2001. The fundamental goal is self-management, including self-configuration, self-optimization, self-healing, and self-protection. This is achieved by an autonomic function having minimal dependencies on human administrators or centralized management systems. It usually implies distribution across network elements.

2001年首次描述了自主系统。基本目标是自我管理,包括自我配置、自我优化、自我修复和自我保护。这是通过对人工管理员或集中管理系统的依赖性最小的自主功能实现的。它通常意味着跨网络元素的分布。

This document defines common language and outlines design goals (and what are not design goals) for autonomic functions. A high-level reference model illustrates how functional elements in an Autonomic Network interact. This document is a product of the IRTF's Network Management Research Group.

本文档定义了自主功能的通用语言,并概述了自主功能的设计目标(以及哪些不是设计目标)。高级参考模型说明了自治网络中的功能元素如何交互。本文件是IRTF网络管理研究小组的产品。

Status of This Memo

关于下段备忘

This document is not an Internet Standards Track specification; it is published for informational purposes.

本文件不是互联网标准跟踪规范;它是为了提供信息而发布的。

This document is a product of the Internet Research Task Force (IRTF). The IRTF publishes the results of Internet-related research and development activities. These results might not be suitable for deployment. This RFC represents the consensus of the Network Management Research Group of the Internet Research Task Force (IRTF). Documents approved for publication by the IRSG are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741.

本文件是互联网研究工作组(IRTF)的产品。IRTF发布互联网相关研究和开发活动的结果。这些结果可能不适合部署。本RFC代表了互联网研究任务组(IRTF)网络管理研究小组的共识。IRSG批准发布的文件不适用于任何级别的互联网标准;见RFC 5741第2节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7575.

有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7575.

Copyright Notice

版权公告

Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有(c)2015 IETF信托基金和确定为文件作者的人员。版权所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.

本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。

Table of Contents

目录

   1.  Introduction to Autonomic Networking  . . . . . . . . . . . .   3
   2.  Definitions . . . . . . . . . . . . . . . . . . . . . . . . .   4
   3.  Design Goals  . . . . . . . . . . . . . . . . . . . . . . . .   5
     3.1.  Self-Management . . . . . . . . . . . . . . . . . . . . .   5
     3.2.  Coexistence with Traditional Management . . . . . . . . .   6
     3.3.  Secure by Default . . . . . . . . . . . . . . . . . . . .   7
     3.4.  Decentralization and Distribution . . . . . . . . . . . .   8
     3.5.  Simplification of Autonomic Node Northbound Interfaces  .   8
     3.6.  Abstraction . . . . . . . . . . . . . . . . . . . . . . .   8
     3.7.  Autonomic Reporting . . . . . . . . . . . . . . . . . . .   9
     3.8.  Common Autonomic Networking Infrastructure  . . . . . . .   9
     3.9.  Independence of Function and Layer  . . . . . . . . . . .  10
     3.10. Full Life-Cycle Support . . . . . . . . . . . . . . . . .  10
   4.  Not among the Design Goals  . . . . . . . . . . . . . . . . .  11
     4.1.  Eliminate Human Operators . . . . . . . . . . . . . . . .  11
     4.2.  Eliminate Emergency Fixes . . . . . . . . . . . . . . . .  11
     4.3.  Eliminate Central Control . . . . . . . . . . . . . . . .  11
   5.  An Autonomic Reference Model  . . . . . . . . . . . . . . . .  12
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  13
   7.  Informative References  . . . . . . . . . . . . . . . . . . .  13
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  15
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  15
        
   1.  Introduction to Autonomic Networking  . . . . . . . . . . . .   3
   2.  Definitions . . . . . . . . . . . . . . . . . . . . . . . . .   4
   3.  Design Goals  . . . . . . . . . . . . . . . . . . . . . . . .   5
     3.1.  Self-Management . . . . . . . . . . . . . . . . . . . . .   5
     3.2.  Coexistence with Traditional Management . . . . . . . . .   6
     3.3.  Secure by Default . . . . . . . . . . . . . . . . . . . .   7
     3.4.  Decentralization and Distribution . . . . . . . . . . . .   8
     3.5.  Simplification of Autonomic Node Northbound Interfaces  .   8
     3.6.  Abstraction . . . . . . . . . . . . . . . . . . . . . . .   8
     3.7.  Autonomic Reporting . . . . . . . . . . . . . . . . . . .   9
     3.8.  Common Autonomic Networking Infrastructure  . . . . . . .   9
     3.9.  Independence of Function and Layer  . . . . . . . . . . .  10
     3.10. Full Life-Cycle Support . . . . . . . . . . . . . . . . .  10
   4.  Not among the Design Goals  . . . . . . . . . . . . . . . . .  11
     4.1.  Eliminate Human Operators . . . . . . . . . . . . . . . .  11
     4.2.  Eliminate Emergency Fixes . . . . . . . . . . . . . . . .  11
     4.3.  Eliminate Central Control . . . . . . . . . . . . . . . .  11
   5.  An Autonomic Reference Model  . . . . . . . . . . . . . . . .  12
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .  13
   7.  Informative References  . . . . . . . . . . . . . . . . . . .  13
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  15
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  15
        
1. Introduction to Autonomic Networking
1. 自主网络简介

Autonomic systems were first described in a manifesto by IBM in 2001 [Kephart]. The fundamental concept involves eliminating external systems from a system's control loops and closing of control loops within the autonomic system itself, with the goal of providing the system with self-management capabilities, including self-configuration, self-optimization, self-healing, and self-protection.

IBM在2001年的一份宣言中首次描述了自主系统[Kephart]。基本概念包括从系统控制回路中消除外部系统,并关闭自主系统内部的控制回路,目的是为系统提供自我管理能力,包括自我配置、自我优化、自我修复和自我保护。

IP networking was initially designed with similar properties in mind. An IP network should be distributed and redundant to withstand outages in any part of the network. Routing protocols such as OSPF and IS-IS exhibit properties of self-management and can thus be considered autonomic in the definition of this document.

IP网络最初设计时考虑到了类似的特性。IP网络应该是分布式和冗余的,以承受网络任何部分的中断。OSPF和IS-IS等路由协议具有自我管理的特性,因此在本文档的定义中可以认为是自主的。

However, as IP networking evolved, the ever-increasing intelligence of network elements was often not put into protocols to follow this paradigm, but was put into external configuration systems. This configuration made network elements dependent on some process that manages them, either a human or a network management system.

然而,随着IP网络的发展,不断增长的网络元素智能通常不会被放入遵循这种模式的协议中,而是被放入外部配置系统中。这种配置使得网元依赖于管理它们的某个进程,即人工或网络管理系统。

Autonomic functions can be defined in two ways:

自主功能可以通过两种方式定义:

o On a node level: Nodes interact with each other to form feedback loops.

o 在节点级别:节点相互交互以形成反馈循环。

o On a system level: Feedback loops include central elements as well.

o 在系统层面上:反馈回路也包括中心元素。

System-level autonomy is implicitly or explicitly the subject in many IETF working groups, where interactions with controllers or network management systems are discussed.

在许多IETF工作组中,系统级自治隐式或显式地成为主题,其中讨论了与控制器或网络管理系统的交互。

This work specifically focuses on node-level autonomic functions. It focuses on intelligence of algorithms at the node level, to minimize dependency on human administrators and central management systems.

这项工作特别关注节点级自主功能。它侧重于节点级算法的智能化,以尽量减少对人力管理员和中央管理系统的依赖。

Some network deployments benefit from a fully autonomic approach, for example, networks with a large number of relatively simple devices. Most currently deployed networks, however, will require a mixed approach, where some functions are autonomic and others are centrally managed. Central management of networking functions clearly has advantages and will be chosen for many networking functions. This document does not discuss which functions should be centralized or follow an autonomic approach. Instead, it should help make the decision which is the best approach for a given situation.

一些网络部署受益于完全自主的方法,例如,具有大量相对简单设备的网络。然而,大多数当前部署的网络将需要一种混合方法,其中一些功能是自主的,而另一些则是集中管理的。网络功能的集中管理显然具有优势,许多网络功能都会选择集中管理。本文档不讨论哪些功能应该集中或遵循自主方法。相反,它应该有助于做出决定,这是针对特定情况的最佳方法。

Autonomic function cannot always discover all required information; for example, policy-related information requires human input, because policy is by its nature derived and specified by humans. Where input from some central intelligence is required, it is provided in a highly abstract, network-wide form.

自主功能不能总是发现所有需要的信息;例如,与策略相关的信息需要人工输入,因为策略本质上是由人类派生和指定的。如果需要中央情报部门的输入,则以高度抽象的网络形式提供。

Autonomic Computing in general and Autonomic Networking in particular have been the subject of academic study for many years. There is much literature, including several useful overview papers (e.g., [Samaan], [Movahedi], and [Dobson]). In the present document, we focus on concepts and definitions that seem sufficiently mature to become the basis for interoperable specifications in the near future. In particular, such specifications will need to coexist with traditional methods of network configuration and management, rather than realizing an exclusively autonomic system with all the properties that it would require.

多年来,自主计算特别是自主网络一直是学术研究的主题。有很多文献,包括几篇有用的综述论文(例如,[Samaan]、[Movahedi]和[Dobson])。在本文档中,我们关注的概念和定义似乎足够成熟,可以在不久的将来成为互操作规范的基础。特别是,此类规范将需要与传统的网络配置和管理方法共存,而不是实现一个具有所需所有属性的排他性自主系统。

There is an important difference between "automatic" and "autonomic". "Automatic" refers to a predefined process, such as a script. "Autonomic" is used in the context of self-management. It includes feedback loops between elements as well as northbound to central elements. See also the definitions in the next section. Generally, an automatic process works in a given environment but has to be adapted if the environment changes. An autonomic process can adapt to changing environments.

“自动”和“自主”之间有一个重要区别。“自动”是指预定义的过程,如脚本。“自主”用于自我管理。它包括元素之间的反馈回路以及北行到中心元素的反馈回路。另请参见下一节中的定义。通常,自动流程在给定的环境中工作,但如果环境发生变化,则必须进行调整。自主进程可以适应不断变化的环境。

This document provides the definitions and design goals for Autonomic Networking in the IETF and IRTF. It represents the consensus of the IRTF's Network Management Research Group (NMRG).

本文件提供了IETF和IRTF中自主网络的定义和设计目标。它代表了IRTF网络管理研究小组(NMRG)的共识。

2. Definitions
2. 定义

We make the following definitions.

我们做出以下定义。

Autonomic: Self-managing (self-configuring, self-protecting, self-healing, self-optimizing); however, allowing high-level guidance by a central entity, through Intent (see below). An autonomic function adapts on its own to a changing environment.

自主:自我管理(自我配置、自我保护、自我修复、自我优化);但是,允许中央实体通过意图(见下文)提供高级指导。自主功能可以自行适应不断变化的环境。

Automatic: A process that occurs without human intervention, with step-by-step execution of rules. However, it relies on humans defining the sequence of rules, so is not Autonomic in the full sense. For example, a start-up script is automatic but not autonomic. An automatic function may need manual adjustments if the environment changes.

自动:无需人工干预,逐步执行规则的过程。然而,它依赖于人类定义规则的顺序,因此不是完全意义上的自主性。例如,启动脚本是自动的,但不是自主的。如果环境发生变化,自动功能可能需要手动调整。

Intent: An abstract, high-level policy used to operate the network. Its scope is an autonomic domain, such as an enterprise network. It does not contain configuration or information for a specific node (see Section 3.2 on how Intent coexists with alternative management paradigms). It may contain information pertaining to a node with a specific role (for example, an edge switch) or a node running a specific function. Intent is typically defined and provided by a central entity.

意图:用于操作网络的抽象、高级策略。其范围是一个自治域,如企业网络。它不包含特定节点的配置或信息(请参阅第3.2节“意图如何与替代管理范例共存”)。它可能包含与具有特定角色的节点(例如,边缘交换机)或运行特定功能的节点相关的信息。意图通常由中心实体定义和提供。

Autonomic Domain: A collection of autonomic nodes that instantiate the same Intent.

自治域:实例化相同意图的自治节点的集合。

Autonomic Function: A feature or function that requires no configuration and can derive all required information through self-knowledge, discovery, or Intent.

自主功能:一种不需要配置的特性或功能,可以通过自知、发现或意图获得所有必需的信息。

Autonomic Service Agent: An agent implemented on an autonomic node that implements an autonomic function, either in part (in the case of a distributed function) or whole.

自主服务代理:在自主节点上实现的代理,可部分(在分布式功能的情况下)或全部实现自主功能。

Autonomic Node: A node that employs exclusively autonomic functions. It requires (!) no configuration. (Note that configuration can be used to override an autonomic function. See Section 3.2 for more details.) An Autonomic Node may operate on any layer of the networking stack. Examples are routers, switches, personal computers, call managers, etc.

自主节点:专门使用自主功能的节点。它不需要(!)配置。(请注意,配置可用于覆盖自主功能。有关更多详细信息,请参阅第3.2节。)自主节点可在网络堆栈的任何层上运行。例如路由器、交换机、个人电脑、呼叫管理器等。

Autonomic Network: A network containing exclusively autonomic nodes. It may contain one or several autonomic domains.

自主网络:包含专有自主节点的网络。它可能包含一个或多个自治域。

3. Design Goals
3. 设计目标

This section explains the high-level goals of Autonomic Networking, independent of any specific solutions.

本节解释自主网络的高级目标,独立于任何特定的解决方案。

3.1. Self-Management
3.1. 自我管理

The original design goals of autonomic systems as described in [Kephart] also apply to Autonomic Networks. The overarching goal is self-management, which is comprised of several "self" properties. The most commonly cited are:

[Kephart]中描述的自主系统的原始设计目标也适用于自主网络。总体目标是自我管理,它由几个“自我”属性组成。最常被引用的是:

o Self-configuration: Functions do not require configuration, by either an administrator or a management system. They configure themselves, based on self-knowledge, discovery, and Intent. Discovery is the default way for an autonomic function to receive the information it needs to operate.

o 自我配置:功能不需要管理员或管理系统进行配置。他们根据自我认识、发现和意图来配置自己。发现是自主功能接收操作所需信息的默认方式。

o Self-healing: Autonomic functions adapt on their own to changes in the environment and heal problems automatically.

o 自我修复:自主功能自行适应环境的变化,并自动修复问题。

o Self-optimizing: Autonomic functions automatically determine ways to optimize their behavior against a set of well-defined goals.

o 自我优化:自主功能自动确定针对一组定义明确的目标优化其行为的方法。

o Self-protection: Autonomic functions automatically secure themselves against potential attacks.

o 自我保护:自主功能自动保护自己免受潜在攻击。

Almost any network can be described as "self-managing", as long as the definition of "self" is large enough. For example, a well-defined Software-Defined Networking (SDN) system, including the controller elements, can be described overall as "autonomic", if the controller provides an interface to the administrator that has the same properties as mentioned above (high level, network-wide, etc.).

只要“自我”的定义足够大,几乎任何网络都可以被描述为“自我管理”。例如,定义良好的软件定义网络(SDN)系统,包括控制器元件,如果控制器向管理员提供具有上述相同属性(高级、网络范围等)的接口,则可以总体上描述为“自主”。

For the work in the IETF and IRTF, we define the "self" properties on the node level. It is the design goal to make functions on network nodes self-managing, in other words, minimally dependent on management systems or controllers, as well as human operators. Self-managing functions on a node might need to exchange information with other nodes in order to achieve this design goal.

对于IETF和IRTF中的工作,我们在节点级别定义“self”属性。设计目标是使网络节点上的功能能够自我管理,换句话说,最小程度地依赖于管理系统或控制器以及操作员。节点上的自我管理功能可能需要与其他节点交换信息,以实现此设计目标。

As mentioned in the introduction, closed-loop control is an important aspect of self-managing systems. This implies peer-to-peer dialogues between the parties that make up the closed loop. Such dialogues require two-way "discussion" or "negotiation" between each pair or groups of peers involved in the loop, so they cannot readily use typical top-down command-response protocols. Also, a discovery phase is unavoidable before such closed-loop control can take place. Multiparty protocols are also possible but can be significantly more complex.

正如引言中提到的,闭环控制是自我管理系统的一个重要方面。这意味着构成闭环的各方之间的点对点对话。这种对话需要在循环中涉及的每对或每组对等方之间进行双向“讨论”或“协商”,因此它们不能轻易使用典型的自上而下的命令响应协议。此外,在这种闭环控制发生之前,发现阶段是不可避免的。多方协议也是可能的,但可能要复杂得多。

3.2. Coexistence with Traditional Management
3.2. 与传统管理共存

For the foreseeable future, autonomic nodes and networks will be the exception; autonomic behavior will initially be defined function by function. Therefore, coexistence with other network management paradigms has to be considered. Examples are management by command line, SNMP, SDN (with related APIs), the Network Configuration Protocol (NETCONF), etc.

在可预见的未来,自主节点和网络将是例外;自主行为最初将由一个函数一个函数定义。因此,必须考虑与其他网络管理模式共存。例如,通过命令行、SNMP、SDN(带有相关API)、网络配置协议(NETCONF)等进行管理。

Conflict resolution between a) autonomic default behavior and Intent and b) other methods is therefore required. This is achieved through prioritization. Generally, autonomic mechanisms define a network-wide behavior, whereas the alternative methods are typically on a node-by-node basis. Node-based management concepts take a higher priority over autonomic methods. This is in line with current

因此,需要解决a)自主默认行为和意图与b)其他方法之间的冲突。这是通过优先顺序来实现的。通常,自主机制定义网络范围内的行为,而替代方法通常是逐节点的。基于节点的管理概念比自主方法具有更高的优先级。这与目前的情况一致

examples of autonomic functions; for example, with routing, a (statically configured) route has priority over the routing algorithm. In short:

自主功能的例子;例如,对于路由,一条(静态配置的)路由比路由算法具有优先级。简言之:

o lowest priority: autonomic default behavior

o 最低优先级:自主默认行为

o medium priority: autonomic Intent

o 中等优先级:自主意图

o highest priority: node-specific network management concepts, such as command line, SNMP, SDN, NETCONF, etc. How these concepts are prioritized is outside the scope of this document.

o 最高优先级:特定于节点的网络管理概念,如命令行、SNMP、SDN、NETCONF等。这些概念的优先级划分方式超出了本文档的范围。

The above prioritization essentially results in the actions of the human administrator always being able to overrule autonomic behavior. This is generally the expectation of network operators today and therefore remains a design principle here. In critical systems, such as atomic power plants, sometimes the opposite philosophy is used: The expectation is that a well-defined algorithm is more reliable than a human operator, especially in rare exception cases. Networking generally does not follow this philosophy yet. However, warnings should be issued if node-specific overrides may conflict with autonomic behavior.

上述优先顺序本质上导致人类管理员的行为总是能够否决自主行为。这通常是网络运营商今天的期望,因此仍然是这里的设计原则。在关键系统中,如原子能发电厂,有时使用相反的原理:期望定义良好的算法比人工操作更可靠,特别是在罕见的异常情况下。网络通常还没有遵循这一理念。但是,如果特定于节点的覆盖可能与自主行为冲突,则应发出警告。

In other fields, autonomic mechanisms disengage automatically if certain conditions occur: The autopilot in a plane switches off if the plane is outside a predefined envelope of flight parameters. The assumption is that the algorithms only work correctly if the input values are in expected ranges. However, some opinions suggest that exactly in exceptional conditions is the worst moment to switch off autonomic behavior, since the pilots have no full understanding of the situation at this point and may be under high levels of stress. For this reason, we suggest here to NOT generally disable autonomic functions if they encounter unexpected conditions, because it is expected that this adds another level of unpredictability in networks, when the situation may already be hard to understand.

在其他领域,如果出现某些情况,自主机制会自动脱离:如果飞机在预定义的飞行参数范围之外,飞机上的自动驾驶仪将关闭。假设只有当输入值在预期范围内时,算法才能正常工作。然而,一些观点认为,正是在异常情况下,是关闭自主行为的最糟糕时刻,因为飞行员此时对情况没有充分了解,可能处于高度压力之下。因此,我们在此建议,如果遇到意外情况,一般不要禁用自主功能,因为这会增加网络中的另一个不可预测性级别,而这种情况可能已经很难理解。

3.3. Secure by Default
3.3. 默认安全

All autonomic interactions should be secure by default. This requires that any member of an autonomic domain can assert its membership using a domain identity, for example, a certificate issued by a domain certification authority. This domain identity is used for nodes to learn about their neighboring nodes, to determine the boundaries of the domain, and to cryptographically secure interactions within the domain. Nodes from different domains can also mutually verify their identity and secure interactions as long as they have a mutually respected trust anchor.

默认情况下,所有自主交互都应该是安全的。这要求自治域的任何成员都可以使用域标识(例如,由域证书颁发机构颁发的证书)声明其成员身份。此域标识用于节点了解其相邻节点,确定域边界,并以加密方式保护域内的交互。来自不同域的节点还可以相互验证其身份并确保交互安全,只要它们具有相互尊重的信任锚。

A strong, cryptographically verifiable domain identity is a fundamental cornerstone in Autonomic Networking. It can be leveraged to secure all communications and thus allows automatic security without traditional configuration, for example, preshared keys. See also the document "Making The Internet Secure By Default" [Behringer] for more information.

强大的、可加密验证的域标识是自主网络的基本基石。可以利用它来保护所有通信,因此无需传统配置(例如预共享密钥)即可实现自动安全。有关更多信息,请参见文档“使Internet默认安全”[Behringer]。

Autonomic functions must be able to adapt their behavior depending on the domain of the node they are interacting with.

自主功能必须能够根据与之交互的节点的域调整其行为。

3.4. Decentralization and Distribution
3.4. 权力下放和分配

The goal of Autonomic Networking is to minimize dependencies on central elements; therefore, decentralization and distribution are fundamental to the concept. If a problem can be solved in a distributed manner, it should not be centralized.

自主网络的目标是最小化对中心元素的依赖;因此,权力下放和分配是这一概念的基础。如果一个问题可以以分布式方式解决,那么它就不应该是集中式的。

In certain cases, it is today operationally preferable to keep a central repository of information, for example, a user database on an Authentication, Authorization, and Accounting (AAA) server. An Autonomic Network should be able to use such central systems, in order to be deployable. It is possible to distribute such databases as well, and such efforts should be at least considered. Depending on the case, distribution may not be simple replication but may involve more complex interactions and organization.

在某些情况下,今天在操作上最好在身份验证、授权和记帐(AAA)服务器上保留一个信息的中央存储库,例如用户数据库。一个自主网络应该能够使用这样的中央系统,以便于部署。也可以分发这样的数据库,至少应该考虑这样的努力。根据具体情况,分发可能不是简单的复制,而是涉及更复杂的交互和组织。

3.5. Simplification of Autonomic Node Northbound Interfaces
3.5. 自治节点北向接口的简化

Even in a decentralized solution, certain information flows with central entities are required. Examples are high-level service definitions, as well as network status requests, audit information, logging, and aggregated reporting.

即使在分散的解决方案中,也需要与中心实体的某些信息流。例如,高级服务定义、网络状态请求、审核信息、日志记录和聚合报告。

Therefore, nodes in an Autonomic Network require a northbound interface. However, the design goal is to maintain this interface as simple and high level as possible.

因此,自治网络中的节点需要北向接口。然而,设计目标是尽可能地保持该接口的简单和高级别。

3.6. Abstraction
3.6. 抽象

An administrator or autonomic management system interacts with an Autonomic Network on a high level of abstraction. Intent is defined at a level of abstraction that is much higher than that of typical configuration parameters, for example, "optimize my network for energy efficiency". Intent must not be used to convey low-level commands or concepts, since those are on a different abstraction level.

管理员或自主管理系统在高抽象级别上与自主网络交互。意图是在比典型配置参数高得多的抽象级别上定义的,例如,“优化我的网络以提高能效”。意图不能用于传达低级命令或概念,因为它们位于不同的抽象级别。

For example, the administrator should not be exposed to the version of the IP protocol running in the network.

例如,管理员不应暴露于网络中运行的IP协议版本。

Also on the reporting and feedback side, an Autonomic Network abstracts information and provides high-level messages such as "the link between node x and y is down" (possibly with an identifier for the specific link, in case of multiple links).

同样在报告和反馈方面,自主网络提取信息并提供高级消息,例如“节点x和y之间的链路断开”(在多个链路的情况下,可能带有特定链路的标识符)。

3.7. Autonomic Reporting
3.7. 自主报告

An Autonomic Network, while minimizing the need for user intervention, still needs to provide users with visibility like in traditional networks. However, in an Autonomic Network, reporting should happen on a network-wide basis. Information about the network should be collected and aggregated by the network itself and presented in a consolidated fashion to the administrator.

自主网络在最小化用户干预需求的同时,仍然需要像传统网络一样为用户提供可视性。但是,在自主网络中,报告应在网络范围内进行。有关网络的信息应由网络本身收集和汇总,并以合并方式呈现给管理员。

The layers of abstraction that are provided via Intent need to be supported for reporting functions as well, in order to give users an indication about the effectiveness of their Intent. For example, in order to assess how effective the network performs with regards to the Intent "optimize my network for energy efficiency", the network should provide aggregate information about the number of ports that were able to be shut down, and the corresponding energy savings, while validating current service levels are, on aggregate, still met.

通过意图提供的抽象层也需要为报告功能提供支持,以便向用户指示其意图的有效性。例如,为了评估网络在“优化我的网络以提高能效”方面的效果,网络应提供关于能够关闭的端口数量的聚合信息,以及相应的节能,同时验证当前的服务级别,还是见面。

Autonomic network events should concern the Autonomic Network as a whole, not individual systems in isolation. For example, the same failure symptom should not be reported from every system that observes it, but only once for the Autonomic Network as a whole. Ultimately, the Autonomic Network should support exception-based management, in which only events that truly require user attention actually cause the user to be notified. This requires capabilities that allow systems within the network to compare information and apply specific algorithms to determine what should be reported.

自主网络事件应该关注整个自主网络,而不是孤立的单个系统。例如,同一故障症状不应在每个观察到它的系统中报告,而应在整个自主网络中仅报告一次。最终,自主网络应该支持基于异常的管理,在这种管理中,只有真正需要用户注意的事件才真正导致用户收到通知。这需要允许网络中的系统比较信息并应用特定算法来确定应报告的内容的能力。

3.8. Common Autonomic Networking Infrastructure
3.8. 通用自主网络基础设施

[RFC7576] points out that there are already a number of autonomic functions available today. However, they are largely independent, and each has its own methods and protocols to communicate, discover, define, and distribute policy, etc.

[RFC7576]指出,目前已经有许多自主功能可用。但是,它们在很大程度上是独立的,并且每个都有自己的方法和协议来通信、发现、定义和分发策略等。

The goal of the work on Autonomic Networking in the IETF is therefore not just to create autonomic functions but to define a common infrastructure that autonomic functions can use. This Autonomic Networking Infrastructure may contain common control and management

因此,IETF中自主网络工作的目标不仅是创建自主功能,而且是定义自主功能可以使用的公共基础设施。这种自主网络基础设施可能包含公共控制和管理

functions such as messaging, service discovery, negotiation, Intent distribution, self-monitoring, and diagnostics, etc. A common approach to define and manage Intent is also required.

功能,如消息传递、服务发现、协商、意图分发、自我监控和诊断等。还需要一种定义和管理意图的通用方法。

Refer to the reference model below: All the components around the "Autonomic Service Agents" should be common components, such that the Autonomic Service Agents do not have to replicate common tasks individually.

参考下面的参考模型:“自主服务代理”周围的所有组件都应该是公共组件,这样自主服务代理就不必单独复制公共任务。

3.9. Independence of Function and Layer
3.9. 功能和层次的独立性

Autonomic functions may reside on any layer in the networking stack. For example, Layer 2 switching today is already relatively autonomic in many environments, since most switches can be plugged together in many ways and will automatically build a simple Layer 2 topology. Routing functions run on a higher layer and can be autonomic on Layer 3. Even application-layer functionality such as unified communications can be autonomic.

自主功能可以驻留在网络堆栈的任何层上。例如,如今的第2层交换机在许多环境中已经相对自主,因为大多数交换机可以以多种方式连接在一起,并将自动构建简单的第2层拓扑。路由功能在更高的层上运行,可以在第3层上自主运行。甚至像统一通信这样的应用层功能也可以是自主的。

"Autonomic" in the context of this framework is a property of a function that is implemented on a node. Autonomic functions can be implemented on any node type, for example, a switch, router, server, or call manager.

本框架上下文中的“自治”是在节点上实现的函数的属性。自主功能可以在任何节点类型上实现,例如交换机、路由器、服务器或呼叫管理器。

An Autonomic Network requires an overall control plane for autonomic nodes to communicate. As in general IP networking, IP is the spanning layer that binds all those elements together; autonomic functions in the context of this framework should therefore operate at the IP layer. This concerns neighbor discovery protocols and other functions in the Autonomic Control Plane.

自主网络需要一个整体控制平面,以便自主节点进行通信。与一般的IP网络一样,IP是将所有这些元素绑定在一起的跨层;因此,此框架上下文中的自主功能应该在IP层上运行。这涉及到邻居发现协议和自主控制平面中的其他功能。

3.10. Full Life-Cycle Support
3.10. 全生命周期支持

An autonomic function does not depend on external input to operate; it needs to understand its current situation and surroundings and operate according to its current state. Therefore, an autonomic function must understand the full life cycle of the device it runs on, from manufacturing and initial testing through deployment, testing, troubleshooting, and decommissioning.

自主功能不依赖外部输入进行操作;它需要了解其现状和周围环境,并根据其当前状态进行操作。因此,自主功能必须了解其运行的设备的整个生命周期,从制造和初始测试到部署、测试、故障排除和退役。

The state of the life cycle of an autonomic node is reflected in a state model. The behavior of an autonomic function may be different for different deployment states.

自治节点的生命周期状态反映在状态模型中。对于不同的部署状态,自主功能的行为可能不同。

4. Not among the Design Goals
4. 不在设计目标之列

This section identifies various items that are explicitly not design goals in the IETF and IRTF for Autonomic Networks; they are mentioned to avoid misunderstandings of the general intention. They address some commonly expressed concerns from network administrators and architects.

本节确定了IETF和IRTF中明确非自主网络设计目标的各种项目;提到它们是为了避免对总体意图的误解。它们解决了网络管理员和架构师通常表示的一些问题。

4.1. Eliminate Human Operators
4.1. 消除人工操作

Section 3.1 states that "It is the design goal to make functions [...] minimally dependent on [...] human operators". However, it is not a design goal to completely eliminate them. The problem targeted by Autonomic Networking is the error-prone and hard-to-scale model of individual configuration of network elements, traditionally by manual commands but today mainly by scripting and/or configuration management databases. This does not, however, imply the elimination of skilled human operators, who will still be needed for oversight, policy management, diagnosis, reaction to help-desk tickets, etc. The main impact on administrators should be less tedious detailed work and more high-level work. (They should become more like doctors than hospital orderlies.)

第3.1节规定,“设计目标是使功能[…]最小程度地依赖[…]人工操作员”。然而,完全消除它们并不是设计目标。自主网络的目标问题是网络元素的单个配置模型容易出错且难以扩展,传统上是通过手动命令,但今天主要是通过脚本和/或配置管理数据库。然而,这并不意味着取消熟练的人工操作人员,他们仍然需要进行监督、政策管理、诊断、对服务台通知单的反应等。对管理员的主要影响应该是减少繁琐的详细工作和更高层次的工作。(他们应该更像医生,而不是医院勤务员。)

4.2. Eliminate Emergency Fixes
4.2. 消除紧急修复

However good the autonomous mechanisms, sometimes there will be fault conditions, etc., that they cannot deal with correctly. At that point, skilled operator interventions will be needed to correct or work around the problem. Hopefully, this can be done by high-level mechanisms (adapting the policy database in some way), but, in some cases, direct intervention at the device level may be unavoidable. This is obviously the case for hardware failures, even if the Autonomic Network has bypassed the fault for the time being. "Truck rolls" will not be eliminated when faulty equipment needs to be replaced. However, this may be less urgent if the autonomic system automatically reconfigures to minimize the operational impact.

无论自治机制有多好,有时会出现无法正确处理的故障条件等。此时,需要熟练的操作员干预来纠正或解决问题。希望这可以通过高级机制(以某种方式调整策略数据库)实现,但在某些情况下,设备级的直接干预可能是不可避免的。这显然是硬件故障的情况,即使自主网络暂时绕过了故障。当需要更换故障设备时,“卡车辊”不会消除。但是,如果自主系统自动重新配置以最小化操作影响,则这可能不那么紧迫。

4.3. Eliminate Central Control
4.3. 取消中央控制

While it is a goal to simplify northbound interfaces (Section 3.5), it is not a goal to eliminate central control, but to allow it on a higher abstraction level. Senior management might fear loss of control of an Autonomic Network. In fact, this is no more likely than with a traditional network; the emphasis on automatically applying general policy and security rules might even provide more central control.

虽然简化北向接口是一个目标(第3.5节),但目标不是消除中央控制,而是允许在更高的抽象级别上进行控制。高级管理层可能担心失去对自主网络的控制。事实上,与传统网络相比,这种可能性不大;强调自动应用一般策略和安全规则甚至可以提供更集中的控制。

5. An Autonomic Reference Model
5. 自主参考模型

An Autonomic Network consists of Autonomic Nodes. Those nodes communicate with each other through an Autonomic Control Plane that provides a robust and secure communications overlay. The Autonomic Control Plane is self-organizing and autonomic itself.

自主网络由自主节点组成。这些节点通过一个自主控制平面相互通信,该控制平面提供了一个健壮和安全的通信覆盖。自主控制平面是自组织和自主的。

An Autonomic Node contains various elements, such as autonomic service agents that implement autonomic functions. Figure 1 shows a reference model of an autonomic node. The elements and their interaction are:

自治节点包含各种元素,例如实现自治功能的自治服务代理。图1显示了自治节点的参考模型。这些要素及其相互作用是:

o Autonomic Service Agents: They implement the autonomic behavior of a specific service or function.

o 自主服务代理:它们实现特定服务或功能的自主行为。

o Self-knowledge: An autonomic node knows its own properties and capabilities

o 自我了解:自主节点知道自己的属性和功能

o Network Knowledge (Discovery): An Autonomic Service Agent may require various discovery functions in the network, such as service discovery.

o 网络知识(发现):自主服务代理可能需要网络中的各种发现功能,例如服务发现。

o Feedback Loops: Control elements outside the node may interact with autonomic nodes through feedback loops.

o 反馈回路:节点外部的控制元素可以通过反馈回路与自主节点交互。

o An Autonomic User Agent, providing a front-end to external users (administrators and management applications) through which they can receive reports and monitor the Autonomic Network.

o 一种自主用户代理,为外部用户(管理员和管理应用程序)提供前端,通过该前端用户可以接收报告并监控自主网络。

o Autonomic Control Plane: Allows the node to communicate with other autonomic nodes. Autonomic functions such as Intent distribution, feedback loops, discovery mechanisms, etc., use the Autonomic Control Plane. The Autonomic Control Plane can run in-band, over a configured VPN, over a self-managing overlay network as described in [ACP], or over a traditional out-of-band network. Security is a requirement for the Autonomic Control Plane, which can be bootstrapped by a mechanism as described in [BOOTSTRAP].

o 自主控制平面:允许节点与其他自主节点通信。自治功能(如意图分布、反馈循环、发现机制等)使用自治控制平面。自主控制平面可以在带内、配置的VPN上、在[ACP]中所述的自我管理覆盖网络上或在传统的带外网络上运行。安全性是自主控制平面的一项要求,可通过[引导]中所述的机制引导。

   +------------------------------------------------------------+
   |                      +------------+                        |
   |                      | Feedback   |                        |
   |                      |    Loops   |                        |
   |                      +------------+                        |
   |                            ^                               |
   |                    Autonomic User Agent                    |
   |                            V                               |
   | +-----------+        +------------+        +------------+  |
   | | Self-     |        | Autonomic  |        | Network    |  |
   | | knowledge |<------>| Service    |<------>| Knowledge  |  |
   | |           |        | Agents     |        | (Discovery)|  |
   | +-----------+        +------------+        +------------+  |
   |                            ^                     ^         |
   |                            |                     |         |
   |                            V                     V         |
   |------------------------------------------------------------|
   |                 Autonomic Control Plane                    |
   |------------------------------------------------------------|
   |           Standard Operating System Functions              |
   +------------------------------------------------------------+
        
   +------------------------------------------------------------+
   |                      +------------+                        |
   |                      | Feedback   |                        |
   |                      |    Loops   |                        |
   |                      +------------+                        |
   |                            ^                               |
   |                    Autonomic User Agent                    |
   |                            V                               |
   | +-----------+        +------------+        +------------+  |
   | | Self-     |        | Autonomic  |        | Network    |  |
   | | knowledge |<------>| Service    |<------>| Knowledge  |  |
   | |           |        | Agents     |        | (Discovery)|  |
   | +-----------+        +------------+        +------------+  |
   |                            ^                     ^         |
   |                            |                     |         |
   |                            V                     V         |
   |------------------------------------------------------------|
   |                 Autonomic Control Plane                    |
   |------------------------------------------------------------|
   |           Standard Operating System Functions              |
   +------------------------------------------------------------+
        

Figure 1: Reference Model for an Autonomic Node

图1:自治节点的参考模型

At the time of finalizing this document, this reference model is being worked out in more detail. See [Reference-Model] for more details.

在本文件定稿时,正在更详细地制定该参考模型。有关更多详细信息,请参见[参考模型]。

6. Security Considerations
6. 安全考虑

This document provides definitions and design goals for Autonomic Networking. A full threat analysis will be required as part of the development of solutions, taking account of potential attacks from within the network as well as from outside.

本文档提供了自主网络的定义和设计目标。作为解决方案开发的一部分,需要进行全面的威胁分析,同时考虑来自网络内部和外部的潜在攻击。

7. Informative References
7. 资料性引用

[ACP] Behringer, M., Bjarnason, S., BL, B., and T. Eckert, "An Autonomic Control Plane", Work in Progress, draft-behringer-anima-autonomic-control-plane-02, March 2015.

[ACP]Behringer,M.,Bjarnason,S.,BL,B.,和T.Eckert,“自主控制平面”,正在进行的工作,草稿-Behringer-anima-Autonomic-Control-Plane-022015年3月。

[Behringer] Behringer, M., Pritikin, M., and S. Bjarnason, "Making The Internet Secure By Default", Work in Progress, draft-behringer-default-secure-00, January 2014.

[Behringer]Behringer,M.,Pritikin,M.,和S.Bjarnason,“默认情况下确保互联网安全”,正在进行的工作,草稿-Behringer-Default-Secure-00,2014年1月。

[BOOTSTRAP] Pritikin, M., Behringer, M., and S. Bjarnason, "Bootstrapping Key Infrastructures", Work in Progress, draft-pritikin-anima-bootstrapping-keyinfra-01, February 2015.

[引导]Pritikin,M.,Behringer,M.,和S.Bjarnason,“引导关键基础设施”,正在进行的工作,草稿-Pritikin-anima-Bootstrapping-keyinfra-012015年2月。

[Dobson] Dobson, S., Denazis, S., Fernandez, A., Gaiti, D., Gelenbe, E., Massacci, F., Nixon, P., Saffre, F., Schmidt, N., and F. Zambonelli, "A survey of autonomic communications", ACM Transactions on Autonomous and Adaptive Systems (TAAS), Volume 1, Issue 2, Pages 223-259, DOI 10.1145/1186778.1186782, December 2006.

[Dobson]Dobson,S.,Denazis,S.,Fernandez,A.,Gaiti,D.,Gelenbe,E.,Massacci,F.,Nixon,P.,Saffre,F.,Schmidt,N.,和F.Zambonelli,“自主通信的调查”,ACM关于自主和自适应系统(TAAS)的交易,第1卷,第2期,第223-259页,DOI 10.1145/1186778.1186782,2006年12月。

[GANA] ETSI, "Autonomic network engineering for the self-managing Future Internet (AFI); Generic Autonomic Network Architecture (An Architectural Reference Model for Autonomic Networking, Cognitive Networking and Self-Management)", ETSI GS AFI 002, April 2013, <http://www.etsi.org/deliver/etsi_gs/ AFI/001_099/002/01.01.01_60/gs_afi002v010101p.pdf>.

[GANA]ETSI,“自主管理未来互联网(AFI)的自主网络工程;通用自主网络架构(自主网络、认知网络和自我管理的架构参考模型)”,ETSI GS AFI 002,2013年4月, <http://www.etsi.org/deliver/etsi_gs/ AFI/001_099/002/01.01.01_60/gs_AFI002V00101P.pdf>。

[Kephart] Kephart, J. and D. Chess, "The Vision of Autonomic Computing", IEEE Computer, vol. 36, no. 1, pp. 41-50, DOI 10.1109/MC.2003.1160055, January 2003.

[Kephart]Kephart,J.和D.Chess,“自主计算的愿景”,IEEE计算机,第36卷,第1期,第41-50页,DOI 10.1109/MC.2003.1160055,2003年1月。

[Movahedi] Movahedi, Z., Ayari, M., Langar, R., and G. Pujolle, "A Survey of Autonomic Network Architectures and Evaluation Criteria", IEEE Communications Surveys & Tutorials, Volume 14, Issue 2, Pages 464-490, DOI 10.1109/SURV.2011.042711.00078, 2012.

[Movahedi]Movahedi,Z.,Ayari,M.,Langar,R.,和G.Pujolle,“自主网络架构和评估标准的调查”,IEEE通信调查与教程,第14卷,第2期,第464-490页,DOI 10.1109/SURV.2011.042711.00078,2012年。

[Reference-Model] Behringer, M., Ed., Carpenter, B., Eckert, T., Ciavaglia, L., and B. Liu, "A Reference Model for Autonomic Networking", Work in Progress, draft-behringer-anima-reference-model-02, June 2015.

[参考模型]Behringer,M.,Ed.,Carpenter,B.,Eckert,T.,Ciavaglia,L.,和B.Liu,“自主网络参考模型”,在建工程,草稿-Behringer-anima-Reference-Model-022015年6月。

[RFC7576] Jiang, S., Carpenter, B., and M. Behringer, "General Gap Analysis for Autonomic Networking", RFC 7576, DOI 10.17487/RFC7576, June 2015, <http://www.rfc-editor.org/info/rfc7576>.

[RFC7576]Jiang,S.,Carpenter,B.,和M.Behringer,“自主网络的一般差距分析”,RFC 7576,DOI 10.17487/RFC7576,2015年6月<http://www.rfc-editor.org/info/rfc7576>.

[Samaan] Samaan, N. and A. Karmouch, "Towards Autonomic Network Management: an Analysis of Current and Future Research Directions", IEEE Communications Surveys and Tutorials, Volume 11, Issue 3, Page(s) 22-36, DOI 10.1109/SURV.2009.090303, 2009.

[Samaan]Samaan,N.和A.Karmouch,“走向自主网络管理:当前和未来研究方向的分析”,IEEE通信调查和教程,第11卷,第3期,第22-36页,DOI 10.1109/SURV.2009.090303,2009年。

Acknowledgements

致谢

Many parts of this work on Autonomic Networking are the result of a large team project at Cisco Systems. In alphabetical order: Ignas Bagdonas, Parag Bhide, Balaji BL, Toerless Eckert, Yves Hertoghs, Bruno Klauser.

这项关于自主网络的工作的许多部分是思科系统公司一个大型团队项目的结果。按字母顺序排列:伊格纳斯·巴格多纳斯、帕拉格·比德、巴拉吉·比勒、无趾埃克特、伊夫·赫托格斯、布鲁诺·克劳泽。

We thank the following people for their input to this document: Dimitri Papadimitriou, Rene Struik, Kostas Pentikousis, Dave Oran, and Diego Lopez Garcia.

我们感谢以下人员对本文件的投入:迪米特里·帕帕迪米特里欧、雷内·斯特鲁克、科斯塔斯·彭蒂库西斯、戴夫·奥兰和迭戈·洛佩兹·加西亚。

The ETSI working group AFI <http://portal.etsi.org/afi> defines a similar framework for Autonomic Networking in the "General Autonomic Network Architecture" [GANA]. Many concepts explained in this document can be mapped to the GANA framework. The mapping is outside the scope of this document. Special thanks to Ranganai Chaparadza for his comments and help on this document.

ETSI工作组AFI<http://portal.etsi.org/afi>在“通用自主网络体系结构”[GANA]中定义了一个类似的自主网络框架。本文中解释的许多概念都可以映射到GANA框架。映射超出了本文档的范围。特别感谢Ranganai Chaparadza对本文件的评论和帮助。

Authors' Addresses

作者地址

Michael H. Behringer Cisco Systems Building D, 45 Allee des Ormes Mougins 06250 France

Michael H.Behringer思科系统D栋,45 Allee des Ormes Mougins,法国06250

   EMail: mbehring@cisco.com
        
   EMail: mbehring@cisco.com
        

Max Pritikin Cisco Systems 5330 Airport Blvd Boulder, CO 80301 United States

美国科罗拉多州博尔德机场大道5330号Max Pritikin Cisco Systems 80301

   EMail: pritikin@cisco.com
        
   EMail: pritikin@cisco.com
        

Steinthor Bjarnason Cisco Systems Mail Stop LYS01/5 Philip Pedersens vei 1 LYSAKER, AKERSHUS 1366 Norway

斯坦瑟·比亚纳森思科系统邮件站LYS01/5菲利普·彼得森1号LYSAKER,阿克斯胡斯1366挪威

   EMail: sbjarnas@cisco.com
        
   EMail: sbjarnas@cisco.com
        

Alexander Clemm Cisco Systems 170 West Tasman Drive San Jose, CA 95134-1706 United States

Alexander Clemm Cisco Systems 170美国加利福尼亚州圣何塞西塔斯曼大道95134-1706号

   EMail: alex@cisco.com
        
   EMail: alex@cisco.com
        

Brian Carpenter Department of Computer Science University of Auckland PB 92019 Auckland 1142 New Zealand

Brian Carpenter奥克兰大学计算机系,奥克兰92019,新西兰1142

   EMail: brian.e.carpenter@gmail.com
        
   EMail: brian.e.carpenter@gmail.com
        

Sheng Jiang Huawei Technologies Co., Ltd Q14, Huawei Campus No.156 Beiqing Road Hai-Dian District, Beijing 100095 China

中国北京海淀区北青路156号华为校园盛江华为技术有限公司Q14,邮编100095

   EMail: jiangsheng@huawei.com
        
   EMail: jiangsheng@huawei.com
        

Laurent Ciavaglia Alcatel Lucent Route de Villejust Nozay 91620 France

劳伦特·查瓦利亚·阿尔卡特·朗讯法国维勒朱斯特-诺扎伊公路91620号

   EMail: laurent.ciavaglia@alcatel-lucent.com
        
   EMail: laurent.ciavaglia@alcatel-lucent.com