Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Computer network wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Distributed operating system wikipedia , lookup
Network tap wikipedia , lookup
Airborne Networking wikipedia , lookup
Distributed SDN controllers Marco Canini Network Policy Specification Routing Load Balancing Monitoring Access Control Waypoint Centralized Network Policy Controller Platform 10 Feb 2015 2 Network Policy Specification Routing forward from X to Y Load Balancing Monitoring Access Control Waypoint Centralized Network Policy Controller Platform X 1.<Match, Action> 2.<Match, Action> 3.<Match, Action> 4.<Match, Action> 5.<Match, Action> 6.… 7.… 10 Feb 2015 Y 3 Network Policy Specification Routing Load Balancing Monitoring Access Control Waypoint Centralized Network Policy Composition Controller Platform X Y Policy composition assembles data plane updates as a semantically sound set of rules 10 Feb 2015 4 Policy Composition Review Foster ‘11, Monsanto ‘13: Modular, parallel and sequential composition Srv Load Balancing >> Routing U Monitoring Ferguson ‘12, ‘13: Policy trees for multi-authorship Composition Routing Waypoint Reitblatt ‘12: Consistent network updates 10 Feb 2015 5 Composing Policies dst = H fwd(H) Routing Monitoring dport = 80 count Composition dst = H ∧ dport = 80 count; fwd(H) dst = H fwd(H) dport = 80 count H What to do with packet dst = H and dport = 80? Can Routing and Monitoring compose? 10 Feb 2015 6 Ordering Policies dst = H fwd(H) Routing Waypoint src = S fwd(IDS) Precedence src = S fwd(IDS) src != S ∧ dst = H fwd(H) H What to do with packet dst = H and src = S? Does Waypoint have precedence over Routing? 10 Feb 2015 7 Conflicting Policies dst = H fwd(X) Routing Load Balancing dst = H fwd(Y) Conflict X != Y In the general case, policies might conflict Examples: • Overlapping domains and same precedence • Scarce flowtable resources Must avoid conflicting policies Pick one and reject the other? 10 Feb 2015 8 Centralized Network Control? Routing Load Balancing Monitoring Access Control Waypoint Centralized Network Policy Controller Platform Fully centralized Inadequate availability, scalability and responsiveness 10 Feb 2015 9 Distributed Network Control Routing Load Balancing Monitoring Access Control Waypoint Centralized Network Policy Controller Platform Composition? Consistency and concurrency 10 Feb 2015 Faults and asynchronous communication 10 Now, consider policy composition in the distributed control plane... Routing Monitoring Policy Waypoint Controller Platform Routing Monitoring Policy Waypoint Controller Platform Control Logic Factorization Switch Reader-Writer Model 10 Feb 2015 State Distribution Model 11 Why should the programmer care? • We believe she should not! • Enter Software Transactional Networking – Let a dedicated component implement a general solution to all hard-to-solve, low-level concurrency and fault tolerance issues apply(π) ack / nack(reason) Transactional Interface 10 Feb 2015 12 Consistency: Linearizability of updates p1 apply(π1) ack p1 apply(π2) apply(π1) ack apply(π2) ack ack p2 p2 apply(π3) nack p3 p3 sw1 sw1 sw2 sw2 sw3 sw3 Manipulate the network as though there is no We don’t Original history Sequential equivalent control traffic! concurrency 10 Feb 2015 13 Can we realize a general distributed policy composition interface that is agnostic to control logic, state distribution and reader-writer model? 10 Feb 2015 14 Studied Two Underlying Problems 1. Consistent and Concurrent Policy Composition – Exploit optimistic concurrency [HotSDN’13] 2. Consistent and Robust Policy Composition – In face of controller failures [INFOCOM’15] 10 Feb 2015 15 Software Transactional Networking v1 HotSDN’13 Routing apply(π1) ack Monitoring Waypoint apply(π2) nack(reason) STN Interface 1. All-or-nothing semantics 2. Optimistic concurrency for policy composition 3. Non conflicting policies eventually installed 4. Per-packet consistent updates 10 Feb 2015 16 Conceptualizing STN Routing apply(π) Waypoint STN STN ack STN Policy π unique tag τ Monitoring 1. Internal ports match on tag τ 2. Ingress ports apply tag τ 10 Feb 2015 17 STN v1 Details • Explore design with no explicit communication between STN nodes – Avoid concurrency issues via an atomic readmodify-write primitive at switch ports • Problems with our simple algo: – # tags grows exponentially with # (conc.) policies • Requires a cleaner to garbage collect unused rules – No fault tolerance 10 Feb 2015 18 Software Transactional Networking v2: Consistent Policy Composition INFOCOM’15 Routing apply(π1) ack Monitoring Waypoint apply(π2) CPC Interface nack(reason) Require robustness but not efficiency 1. All-or-nothing semantics 2. Tolerate up to f controller crash failures 3. Non conflicting policies eventually installed and at least one policy commits (among conflicting ones) 4. Ensure updates affect traffic as a sequential Per-packet consistency composition of their policies 10 Feb 2015 19 Conceptualizing CPC Routing Monitoring CPC Reliable but asynchronous channel Every controller receives and installs every policy 10 Feb 2015 CPC Atomic ReadModifyWrite Lock Lock Lock Lock Lock Waypoint Lock Lock 20 CPC implementation: model v1 • Controllers access switch ports with read and write operations • Controllers can communicate via asynchronous message-passing • Controllers may fail by crashing • No synchrony assumptions • Restrict policies to forwarding – Compose if domains are disjoint or related by precedence – Reject otherwise 10 Feb 2015 21 Asynchronous read-write CPC Theorem: 1-resilient read-write CPC is impossible Proof sketch: • Two ingress ports 1 and 2 initially forward all to the internal ports (π0) • π1 installed by p1 and π2 installed by p2, π2 refines π1 (higher precedence, same domain) • π1 and π2 propose different paths 1 • p1 changes port 1 and is just about to change 2 (with a composition of π0 and π1), p2 takes π0 π1 no steps • p2 wakes up and installs of π0 π1 π2, p1 takes p1 no steps • p1 changes port 2 with π0 π1: π2 is forgotten! 10 Feb 2015 2 ? π0 π1 π2 p2 22 CPC implementation: model v2 • Controllers access ports with atomic read-modify-write ops RMW(f,g,v): – read the state v’ – write f(v,v’) – return g(v,v’) Controller RMW(f,g,v) g(v,v’) • Intuition: do not update if conflicts with currently installed policy 10 Feb 2015 23 Upper bound: FixTag algorithm Operation: 1. 2. 3. 4. Unique tag per path Broadcast policy π to all other controllers Update ingress ports in predefined order … add rule to tag all packets matching dom(π) with the tag corresponding to the path π(i) for ingress port i Upsides: wait-free (tolerates all failure patterns) – Controllers only synchronize through the data plane Downsides: overhead can be huge – Super-exponential in the size of the network 10 Feb 2015 24 Can we do better? No, if we get no feedback from the network Suppose, we can correctly evaluate the set of active tags Correct (but asynchronous) oracle Single-controller scenario: one bit is enough! Tag t cannot be reused if a packet tagged with t is still “in flight” Upon policy update πi wait until (i mod 2)-traffic is over, and use tag i mod 2 Two or more controllers: inherent price of concurrency? Between constant and super-exponential? Yes, if controllers coordinate use of tags 10 Feb 2015 25 ReuseTag: linear complexity • Proportional to the level of resilience: – Up to f failures: f+2 tags needed (proved optimal) • Controllers use consensus instances (eventual synchrony or « eventual leader ») – Replicated state machine that imposes a global order on the policy updates and ensure coordinated use and reuse of tags • All requests are serialized – Even non-conflicting ones – Can we do better? 10 Feb 2015 26 Summary • Framework for concurrent and consistent policy composition in distributed SDN • Transactional interface to manipulate the network as though there is no concurrency – Policies compose or conflict (and abort) 10 Feb 2015 27 Acknowledgements Petr Kuznetsov Dan Levin Stefan Schmid Supported by ARC grant 13/18-054 from Communauté française de Belgique, and European Union’s Horizon 2020 ENDEAVOUR project (grant agreement 644960) 10 Feb 2015 28 References Software Transactional Networking: Concurrent and Consistent Policy Composition HotSDN’13 STN: A Robust and Distributed SDN Control Plane ONS’14 A Distributed and Robust SDN Control Plane for Transactional Network Updates INFOCOM’15 10 Feb 2015 29 NetPL’15 – Call for Participation • Workshop co-located with ECOOP’15 – Organizers: Robert Soulé & Marco Canini • Prague, July 5th or 6th 2015 • “to bring together researchers and practitioners from the fields of programming languages, formal methods, and networking” • Program: speakers from academia and industry – Shriram Krishnamurthi, Hitesh Ballani, Colin Dixson, Roger Wattenhofer, Fonta Dimitropoulos, Antonio Capone, Anil Madhavapeddy, Xia Yinben, ... 10 Feb 2015 30