Download An intro to Software Defined Networking

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
Document related concepts

Computer network wikipedia , lookup

IEEE 1355 wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Distributed operating system wikipedia , lookup

Network tap wikipedia , lookup

Airborne Networking wikipedia , lookup

Routing wikipedia , lookup

Routing in delay-tolerant networking wikipedia , lookup

Distributed firewall wikipedia , lookup

Transcript 
Distributed SDN controllers
Marco Canini
Network Policy Specification
Routing
Load
Balancing
Monitoring
Access
Control
Waypoint
Centralized Network Policy
Controller Platform
10 Feb 2015
2
Network Policy Specification
Routing
forward from X to Y
Load
Balancing
Monitoring
Access
Control
Waypoint
Centralized Network Policy
Controller Platform
X
1.<Match, Action>
2.<Match, Action>
3.<Match, Action>
4.<Match, Action>
5.<Match, Action>
6.…
7.…
10 Feb 2015
Y
3
Network Policy Specification
Routing
Load
Balancing
Monitoring
Access
Control
Waypoint
Centralized Network Policy
Composition
Controller Platform
X
Y
Policy composition assembles data plane
updates as a semantically sound set of rules
10 Feb 2015
4
Policy Composition Review
Foster ‘11, Monsanto ‘13: Modular,
parallel and sequential composition
Srv Load
Balancing
>>
Routing
U Monitoring
Ferguson ‘12, ‘13: Policy trees
for multi-authorship
Composition
Routing
Waypoint
Reitblatt ‘12: Consistent
network updates
10 Feb 2015
5
Composing Policies
dst = H  fwd(H)
Routing
Monitoring
dport = 80  count
Composition
dst = H ∧ dport = 80  count; fwd(H)
dst = H  fwd(H)
dport = 80  count
H
What to do with packet dst = H and dport = 80?
Can Routing and Monitoring compose?
10 Feb 2015
6
Ordering Policies
dst = H  fwd(H)
Routing
Waypoint
src = S  fwd(IDS)
Precedence
src = S  fwd(IDS)
src != S ∧ dst = H  fwd(H)
H
What to do with packet dst = H and src = S?
Does Waypoint have precedence over Routing?
10 Feb 2015
7
Conflicting Policies
dst = H  fwd(X)
Routing
Load
Balancing
dst = H  fwd(Y)
Conflict X != Y
In the general case, policies might conflict
Examples:
• Overlapping domains and same precedence
• Scarce flowtable resources
Must avoid conflicting policies
Pick one and reject the other?
10 Feb 2015
8
Centralized Network Control?
Routing
Load
Balancing
Monitoring
Access
Control
Waypoint
Centralized Network Policy
Controller Platform
Fully centralized  Inadequate availability,
scalability and responsiveness
10 Feb 2015
9
Distributed Network Control
Routing
Load
Balancing
Monitoring
Access
Control
Waypoint
Centralized Network Policy
Controller Platform
Composition?
Consistency and
concurrency
10 Feb 2015
Faults and
asynchronous
communication
10
Now, consider policy composition
in the distributed control plane...
Routing
Monitoring
Policy
Waypoint
Controller Platform
Routing
Monitoring
Policy
Waypoint
Controller Platform
Control Logic
Factorization
Switch Reader-Writer
Model
10 Feb 2015
State Distribution Model
11
Why should the programmer care?
• We believe she should not!
• Enter Software Transactional Networking
– Let a dedicated component implement a general
solution to all hard-to-solve, low-level
concurrency and fault tolerance issues
apply(π)
ack / nack(reason)
Transactional Interface
10 Feb 2015
12
Consistency: Linearizability of updates
p1
apply(π1)
ack
p1
apply(π2)
apply(π1)
ack
apply(π2) ack
ack
p2
p2
apply(π3)
nack
p3
p3
sw1
sw1
sw2
sw2
sw3
sw3
Manipulate the network
as
though
there
is
no
We don’t
Original history
Sequential equivalent
control traffic!
concurrency
10 Feb 2015
13
Can we realize a general distributed
policy composition interface that is
agnostic to control logic, state
distribution and reader-writer model?
10 Feb 2015
14
Studied Two Underlying Problems
1. Consistent and Concurrent Policy Composition
– Exploit optimistic concurrency [HotSDN’13]
2. Consistent and Robust Policy Composition
– In face of controller failures [INFOCOM’15]
10 Feb 2015
15
Software Transactional Networking v1
HotSDN’13
Routing
apply(π1)
ack
Monitoring
Waypoint
apply(π2)
nack(reason)
STN Interface
1. All-or-nothing semantics
2. Optimistic concurrency for policy composition
3. Non conflicting policies eventually installed
4. Per-packet consistent updates
10 Feb 2015
16
Conceptualizing STN
Routing
apply(π)
Waypoint
STN
STN
ack
STN
Policy π
unique tag τ
Monitoring
1. Internal ports
match on tag τ
2. Ingress ports
apply tag τ
10 Feb 2015
17
STN v1 Details
• Explore design with no explicit communication
between STN nodes
– Avoid concurrency issues via an atomic readmodify-write primitive at switch ports
• Problems with our simple algo:
– # tags grows exponentially with # (conc.) policies
• Requires a cleaner to garbage collect unused rules
– No fault tolerance
10 Feb 2015
18
Software Transactional Networking v2:
Consistent Policy Composition
INFOCOM’15
Routing
apply(π1)
ack
Monitoring
Waypoint
apply(π2)
CPC Interface
nack(reason)
Require
robustness but
not efficiency
1. All-or-nothing semantics
2. Tolerate up to f controller crash failures
3. Non conflicting policies eventually installed and
at least one policy commits (among conflicting ones)
4. Ensure updates affect traffic as a sequential
Per-packet
consistency
composition of their policies
10 Feb 2015
19
Conceptualizing CPC
Routing
Monitoring
CPC
Reliable but
asynchronous
channel
Every controller
receives and
installs every
policy
10 Feb 2015
CPC
Atomic ReadModifyWrite
Lock
Lock
Lock
Lock
Lock
Waypoint
Lock
Lock
20
CPC implementation: model v1
• Controllers access switch ports with read and write
operations
• Controllers can communicate via asynchronous
message-passing
• Controllers may fail by crashing
• No synchrony assumptions
• Restrict policies to forwarding
– Compose if domains are disjoint or related by precedence
– Reject otherwise
10 Feb 2015
21
Asynchronous read-write CPC
Theorem: 1-resilient read-write CPC is impossible
Proof sketch:
• Two ingress ports 1 and 2 initially forward all
to the internal ports (π0)
• π1 installed by p1 and π2 installed by p2, π2
refines π1 (higher precedence, same domain)
• π1 and π2 propose different paths
1
• p1 changes port 1 and is just about to change
2 (with a composition of π0 and π1), p2 takes
π0 π1
no steps
• p2 wakes up and installs of π0 π1 π2, p1 takes
p1
no steps
• p1 changes port 2 with π0 π1: π2 is forgotten!
10 Feb 2015
2
?
π0 π1 π2
p2
22
CPC implementation: model v2
• Controllers access ports with
atomic read-modify-write
ops RMW(f,g,v):
– read the state v’
– write f(v,v’)
– return g(v,v’)
Controller
RMW(f,g,v)
g(v,v’)
• Intuition: do not update if
conflicts with currently
installed policy
10 Feb 2015
23
Upper bound: FixTag algorithm
Operation:
1.
2.
3.
4.
Unique tag per path
Broadcast policy π to all other controllers
Update ingress ports in predefined order
… add rule to tag all packets matching dom(π) with the
tag corresponding to the path π(i) for ingress port i
Upsides: wait-free (tolerates all failure patterns)
– Controllers only synchronize through the data plane
Downsides: overhead can be huge
– Super-exponential in the size of the network
10 Feb 2015
24
Can we do better?

No, if we get no feedback from the network


Suppose, we can correctly evaluate the set of active tags


Correct (but asynchronous) oracle
Single-controller scenario: one bit is enough!


Tag t cannot be reused if a packet tagged with t is still “in flight”
Upon policy update πi wait until (i mod 2)-traffic is over, and use
tag i mod 2
Two or more controllers: inherent price of concurrency?


Between constant and super-exponential?
Yes, if controllers coordinate use of tags
10 Feb 2015
25
ReuseTag: linear complexity
• Proportional to the level of resilience:
– Up to f failures: f+2 tags needed (proved optimal)
• Controllers use consensus instances (eventual
synchrony or « eventual leader »)
– Replicated state machine that imposes a global order
on the policy updates and ensure coordinated use and
reuse of tags
• All requests are serialized
– Even non-conflicting ones
– Can we do better?
10 Feb 2015
26
Summary
• Framework for concurrent and consistent
policy composition in distributed SDN
• Transactional interface to manipulate the
network as though there is no concurrency
– Policies compose or conflict (and abort)
10 Feb 2015
27
Acknowledgements
Petr Kuznetsov
Dan Levin
Stefan Schmid
Supported by ARC grant 13/18-054 from Communauté française de Belgique, and
European Union’s Horizon 2020 ENDEAVOUR project (grant agreement 644960)
10 Feb 2015
28
References
Software Transactional Networking: Concurrent and Consistent
Policy Composition
HotSDN’13
STN: A Robust and Distributed SDN Control Plane
ONS’14
A Distributed and Robust SDN Control Plane for Transactional
Network Updates
INFOCOM’15
10 Feb 2015
29
NetPL’15 – Call for Participation
• Workshop co-located with ECOOP’15
– Organizers: Robert Soulé & Marco Canini
• Prague, July 5th or 6th 2015
• “to bring together researchers and practitioners
from the fields of programming languages, formal
methods, and networking”
• Program: speakers from academia and industry
– Shriram Krishnamurthi, Hitesh Ballani, Colin Dixson,
Roger Wattenhofer, Fonta Dimitropoulos, Antonio
Capone, Anil Madhavapeddy, Xia Yinben, ...
10 Feb 2015
30
Related documents
Spelling Words - Effingham County Schools
Spelling Words - Effingham County Schools
Science Fair
Science Fair
Geometry Section: 7.3 Angle Angle Similarity Algebra Problem of the
Geometry Section: 7.3 Angle Angle Similarity Algebra Problem of the
eric karl reinholt - DB and Associates
eric karl reinholt - DB and Associates
8 thgrade sw ag - Benjamin Logan Local School
8 thgrade sw ag - Benjamin Logan Local School
Winchester Hospital B2 Infection Prevention Team
Winchester Hospital B2 Infection Prevention Team
Stem Cells
Stem Cells
ECON 2020-400 Principles of Macroeconomics
ECON 2020-400 Principles of Macroeconomics
name date ______ period
name date ______ period
Day-3
Day-3