Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
IEEE 802.1aq wikipedia , lookup
Distributed firewall wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Computer network wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Network tap wikipedia , lookup
UniPro protocol stack wikipedia , lookup
Airborne Networking wikipedia , lookup
Problems and Solutions in Enterprise Network Control: Motivations for a 4D Architecture David A. Maltz Microsoft Research Joint work with Albert Greenberg, Gisli Hjalmtysson Andy Myers, Jennifer Rexford, Geoffrey Xie, Hong Yan, Jibin Zhan, Hui Zhang 1 Isolation, VLANs, and the Spaghetti that Results • Network designers want to deal in groups – Collect users/host into group – Measure, restrict/permit, QoS, a group’s traffic • Routing designs to do this are horribly complicated – VLANs – Clever IP address assignment – Packet filters everywhere Let the designers configure policy in terms of groups • Shouldn’t have to worry about L2/L3 etc. 2 Device Configuration is a Nightmare interface Ethernet0 ip address 6.2.5.14 255.255.255.128 interface Serial1/0.5 point-to-point ip address 6.2.2.85 255.255.255.252 ip access-group 143 in frame-relay interface-dlci 28 access-list 143 deny 1.1.0.0/16 access-list 143 permit any route-map 8aTzlvBrbaW deny 10 match ip address 4 route-map 8aTzlvBrbaW permit 20 match ip address 7 ip route 10.2.2.1/16 10.2.1.7 router ospf 64 redistribute connected subnets redistribute bgp 64780 metric 1 subnets network 66.251.75.128 0.0.0.127 area 0 router bgp 64780 redistribute ospf 64 match route-map 8aTzlvBrbaW neighbor 66.253.160.68 remote-as 12762 neighbor 66.253.160.68 distribute-list 4 in 3 Device Configuration is a Nightmare • Thousands of lines of configuration • Make a configuration mistake, router becomes unreachable over the network Want zero device-specific configuration 4 Network Designers Want “Simple” Things (But Achieving Them is Incredibly Hard) Data Center Infrastructure Servers 5 Network Designers Want “Simple” Things (But Achieving Them is Incredibly Hard) Support customized responses • Enable designers to express desired behaviors 6 Embrace Heterogeneity or Die! • No two router versions have the same capabilities – That’s why they have different version #s • Device vendors add features to differentiate their products – No one wants to be made a commodity Management/control systems that treat devices as generic are doomed to be stillborn • Must make use of new features that vendors innovate • Common format for configuration state - okay • One-size-fits all logic computing that state – not okay 7 Good Abstractions Reduce Complexity Management Plane Control Plane Data Plane Configs FIBs, ACLs Decision Plane FIBs, ACLs Dissemination Data Plane All decision making logic lifted out of control plane • Routers no longer run routing protocols • Dissemination plane provides robust communication to/from data plane switches 8 A Clean-Slate Approach: The 4D Architecture Generating table entries Decision Plane Dissemination Plane Routing Table Access Control Table NAT Table Tunnel Table Install table entries Discovery Plane Data Plane Modeled as a set of tables 9 Using the 4D Architecture • Install a security key on each device • Connect them together • Connect Decision Elements Example network with 49 switches and 5 DEs 10 Does it work? Yes. • 4D designed so performance can be predicted • Recovers from single link failure in < 120 ms – < 1 s response considered “excellent” – Faster forwarding reconvergence possible • Survives failure of master Decision Element – New DE takes control within 170 ms – No disruption unless second fault occurs • Gracefully handles complete network partitions – Less than 170 ms of outage – At no point did two DEs attempt to master the same switch 11 4D Enables Customized Decision Logic • Example also illustrates the 4D controlling both L2 and L3 (Ethernet and IP) 12 Tying the Hosts and Users Back Into the Network • 4D gets us back to every Ethernet jack on the wall is the same – Now how to differentiate them based on what user/hosts connects? Extend 4D into the hosts (a little bit) • 4D creates paths between newly connected hosts and authentication server (DHCP/DC/BRAS) • Hosts bootstrap, users login • Discovery Plane finds the new host • Routes pushed to switches • DNS/printer/IPSEC policies/etc pushed to host 13 4D as the Framework for Network Control (?) • Decision Plane must be modular/extensible – Isolation: each group specifies the decision logic used to control traffic among the group – Device heterogeneity: vendor ships decision logic that leverages their cool new feature along with the router Grand Vision: 4D must arbitrate access to resources • Different decision logics may output conflicting state • The operating system for the network Step 1: 4D is the easiest framework in which to implement cool routing/control ideas • What Click did for routers, 4D should do for the network 14 Backup Slides 15 16 17 Simple Questions • Should switches/routers be in the same address space as end hosts? – End hosts hack into routers? • Communication channel for control and management – Operational when data channel fails? 18 Routers Serve Different Functions 19