The DDS Router

community.rti.com

The DDS Router

Motivation• Many systems rely on DDS to distribute the information• Within a LAN DDS can directly address every participant on thenetwork:– Can communicate peer-to-peer for performance– Can leverage IP multicast for scalability.• However, more and more these systems are being integrated inWAN– This is a requirement for the GIG– Would be desirable to make DDS real-time publish/subscribe datadistributionbenefits available in the GIG• Can DDS be used for the GIG core infrastructure?© 2009 Real-Time Innovations, Inc.


DDS as core GIG Infrastructure:Issues• Massive scalability• Bridging between Global Data Spaces• Firewall & NAT Traversal• Lack of multicast support on the WAN© 2009 Real-Time Innovations, Inc.


DDS as core GIG InfrastructureIssues• Massive scalability:– Systems with over 1000 applications/nodesaccessing the DDS Global Data Space have alreadybeen demonstrated.– However these systems could exceed 10000 or100000 nodes which most likely exceed thecapabilities of exiting DDS implementations.• Bridging between Global Data Spaces• Firewall & NAT Traversal• Lack of multicast support on the WAN© 2009 Real-Time Innovations, Inc.


DDS as core GIG InfrastructureIssues• Massive scalability:• Bridging between Global Data Spaces:– Subsystems may want to maintain certain information containedwithin.– Different services or coalition members may maintain their ownprivate Topics and Global Data Spaces.– … All this points to the need for deploying multiple Global DataSpaces and have means for certain controlled information toflow between them.• Firewall & NAT Traversal.• Lack of multicast support on the WAN.© 2009 Real-Time Innovations, Inc.


DDS as core GIG Infrastructure:Issues• Massive scalability• Bridging between Global Data Spaces• Firewall & NAT Traversal:– Subsystems, Services, Coalitions, each may be responsible fordeploying their own part of the network infrastructure.– Networks may be partitioned and protected by Firewalls andNATs.– …Yet the need to share some information remainsnecessitating a mechanism that allows controlled data to flowbetween these network segments.• Lack of multicast support on the WAN.© 2009 Real-Time Innovations, Inc.


DDS as core GIG Infrastructure:Issues• Massive scalability• Bridging between Global Data Spaces• Firewall & NAT Traversal• Lack of multicast support on the WAN– Multicast is relied upon by DDS for discovery andscalability– WAN routers typically disable multicast© 2009 Real-Time Innovations, Inc.


Solution: The DDS Routing Service• Runs as a service (daemon)• Straddles two DDS Domains• Forwards data from one domain to the other– Can be configured to forward only certain Topics– Can Change the DDS Topic name and transform the data– Can Use different Transports and QoS on each domain– Can persist data as well (operate as persistence service)– Can operate full duplexDDSDomain 1DDSDomain 2Topic: T1Type: S1DDS RouterTopic: T2Type: S2Guard /Transform9© 2009 Real-Time Innovations, Inc.


Solution: The DDS Routing Service• Application or Library used to:– Secure and Bridge data across DDS domains and topicsTopic 1 and Topic2 can have:- Different topic names- Different registered type names- Different types schemas- Forwarding Topics can beallowed/denied- Programmable Guards canmodify/filter/guard data as it goes– Enable Secure WAN traversal in combination with TCP transport– Provide ScalabilityTCP transport can be used inasymmetric mode whereconnection are always initiatedfrom one side of the firewallConnection can be securedusing PKI and TLS/SSLDDSDDSDomainDomainDDS RouterSharedMemoryParticipantParticipantRouter can be used as adaemon server in eachmachine:-Reduce network traffic-Zero copy over shared memoryParticipant© 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 10


DDS Routing Service Use Cases• Domain Bridging• Topic Bridging• Topic Bridging With Data Transformation• Topic Bridging With Custom Data Transformation• Domain Bridging Over WAN© 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 11


Domain Bridging: DemoDomain 0DDS RouterDomain 1© 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 12


Topic Bridging: DemoDomain 0DDS RouterDomain 1© 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 13


Topic Bridging With TransformationDomain 0DDS RouterDomain 1XFORM© 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 14


Topic Bridging With Custom Transformationor Guard: DemoDomain 0DDS RouterDomain 1GUARD© 2009 Real-Time Innovations, Inc. COMPANY CONFIDENTIAL 15


DDS Routing Svc:Multi-Level Security GatewaySubsystemATop SecretDDSRouterDDSRouterSubsystemBSecretDDSRouterSubsystemCNon‐Classified© 2009 Real-Time Innovations, Inc.


DDS Routing Svc:Multi-Level Security Gateway• Implement One-way routes that only let lower classifieddata in• Prevent higher classified data from leaving high-classnetwork• Enables all non-classified data to be seen on allnetworks, and prevents non-classified network fromseeing any classified data.© 2009 Real-Time Innovations, Inc.


DDS Routing Svc:Multi-site Distributed ApplicationSite ADDSRouterDDSRouterSite CTopics:Site StatusAlarmsHealth LogsSensor DataProc Sensor DataWAN /InternetTopics:Site StatusProc Sensor DataResult DataAlarmsSite BDDSRouterDDSRouterSite DTopics:Site StatusSensor DataTopics:Site StatusResult Data© 2009 Real-Time Innovations, Inc.


DDS Routing Svc:Multi-site Distributed Application• Each Site can specify what topics it wants to send andreceive• Each Site can determine the level of filtering to occurbefore sending data out to other sites• Integrates with a TCP Transport and can facilitateFirewall port setup© 2009 Real-Time Innovations, Inc.


DDS Routing Svc:Data Fusion / NormalizationSubsystemADDSRouterDDSRouterSubsystemBType A:String NameLong ValueLong IDLong PositionNormalizedDomainType B:String NameLong ValueLong IDNormalizedType:String NameLong ValueLong IDDDSRouterType C:String NameLong ValueSubsystemC© 2009 Real-Time Innovations, Inc.


DDS Routing Svc:Data Fusion / Normalization• DDS Router can transform / normalize any data type toany data type• DDS Router can remove extraneous data fromsubsystem types to normalized types• DDS Router can add constants for data values where nofield is available from subsystem type.© 2009 Real-Time Innovations, Inc.


DDS Routing Svc:Multi-site Development IntegrationSite ADDSRouterDDSRouterSite CWAN /InternetSite BDDSRouterDDSRouterSite D© 2009 Real-Time Innovations, Inc.


DDS Routing Svc:Multi-site Development Integration• Perform testing and integration tasks without need to bephysically co-located• Run testing patterns across worst-case latency networks(WAN / Internet)• Shorten Integration time by saving on Travel time andcost.© 2009 Real-Time Innovations, Inc.


DDS Routing Service:Data Versioning SupportDDSRouterForward Topic VersioningShapes Shapes +Route previous versiontopics to new updatedversion applicationsShapes +DDSRouterBackward Topic VersioningShapesRoute new udpatedversion topics toprevious versionapplicationsShapesSpin+DDSRouterForward Topic Versioningw/ AugmentationShapes +Merge previous versiontopic with additionaltopic to provide newupdated topic interfacefor new applications© 2009 Real-Time Innovations, Inc.


DDS Routing Service: Data Versioning Support• Transform previous topic definitions to new topicdefinitions• Transform new topic definitions to previous baselinearchitectures• Augment previous topic definitions with new field datasources to provide interface with new applications.© 2009 Real-Time Innovations, Inc.


DDS Routing Service: Legacy Data BridgingSerialDigital CompassRS232DDSRouterDDSSerial Data to DDS TransformationRTI DDS SpyoutputShapesSerialDigital Compass© 2009 Real-Time Innovations, Inc.DDSRouterDDSRS232Combined previous data versionaugmented with converted RS232serial data as extra fieldinformationShapes +


DDS Routing Service for WAN• Common deployment will be for WAN bridging– Local Domains can be connected via WAN transport– Router acts as a gateway providing “static” addresses and ports– WAN Transport can use TCP and TLS (SSL) security:• Authentication• Encryption• Tamper preventionDDSParticipantDDSParticipantDDSParticipantDDSLocal Domain 1DDSParticipantDDS RouterWAN TransportDDS RouterDDSParticipantDDSParticipantDDSParticipantDDSLocal Domain 2DDSParticipant27© 2009 Real-Time Innovations, Inc.


Conclusions• DDS Routing Service can be implemented just relying on– DDS Spec.– DDS Interoperability Protocol– (*)DDS Extensible Topics (for transformations)– (**)WAN Transport (For WAN/Firewall traversal)• This service can satisfy many of the DDS deployment scenarios inthe GIG– Scalability– Isolation– Security– Data version support– Legacy Integration© 2009 Real-Time Innovations, Inc.

More magazines by this user
Similar magazines