AmLight network was configured in the past using tradicional network protocols, with some natural limitations and restrictions. Despite of the fact provisioning activities were all performed manually, network researchers connected to AmLight had no visibility or possibility of creating their own flows. AmLight SDN was deployed to overcome these two limitation: now all AmLight’s network devices support Openflow and a centralized network controller has access to all of them and full topology visibility. With the centralized network controller, all provisioning activities are performed by this network controller, using a User Web Interface, freeing AmLight network engineers to focus in more interesting issues. Also, with SDN and Openflow, a new network layer was added to AmLight: the virtualization layer. With network virtualization, researchers can have their own virtualized networks and provision their virtual networks accordingly to their needs.

AmLight SDN Engineers have successfully deployed on August 30th 2014.

With network virtualization, a new service is available: Network Programmability. AmLight sees that Network Programmability is a feature that will become very popular and useful for big data researches and applications. Big data applications could benefit of having directly access to the network infrastructure to provision services accordingly to their requisites: circuits with lower delay, reacting to packet loss, to create a multi-path topology, etc.

AmLight SDN supports network programmability through two different approaches:

Low Level Configuration using Openflow: AmLight SDN deployed a SDN substrate that allows researchers’ SDN/Openflow controllers to send Openflow rules directly to AmLight network devices. This SDN substrate virtualizes interfaces and VLAN ranges, and filters Openflow rules based on these two criteria. All flows sent by researchers’ SDN/Openflow controllers are validaded, and in case of being approved, installed in the proper switches, accordingly to the users’ request. As the user has to know all network details, we consider this approach a low level approach.
High Level Configuration using NSI: Using the Network Service Interface version 2 – a standard protocol defined by Open Grid Forum (OGF) – researchers can request multi-domain layer 2 circuits across AmLight. As the amount of academic networks using NSI increases every day, researchers that decide not to go low level could use NSI abstraction to request network inter-domain provisioning.

Right now, we are using Openflow 1.0. We have plans to migrate to Openflow 1.3 later this year.

AmLight SDN has deployed four softwares:

  • Internet2 Flow Space Firewall: a Openflow firewall/proxy that controls what kind of flows can be sent to Openflow network devices. It creates the network virtualization layer.
  • Internet2 OESS: a SDN Orchestrator used to create Layer 2 circuits within AmLight SDN.
  • EsNet OSCARS: a multi-domain network orchestrator that allows OESS to create layer 2 circuits beyond its own devices.
  • OpenNSA: a NSI agent, connected to the GLIF AutoGOLE topology to offer Layer 2 inter-domain services.

Send an email to describing your research, how AmLight could help your research, information about your controller, etc, and we will reach you to discuss next steps.

SDN has showed itself as a very interesting and time saver solution for AmLight . OPEX has lowered in the day after the deployment. But, due to some vendors’ limitations in their Openflow support, the CAPEX has increased a little bit to accommodate some workarounds, for example, lack of support for Link-Aggregation ports. You can find more details in our paper, on page Documents.

Take a look in the page Documents.AmLight SDN Engineers have made available some useful documentation, as a paper talking about the project, slides and soon, all configurations in place.

We are an academic network, always trying to improve our services and help academic communities, specially from South America. If you have any question, comment, complain or suggestion, please, send to


See also Q&A | Documentation | Operation | Intranet