enabling innovation inside the network joint with nate foster, david walker, rob harrison, chris...
TRANSCRIPT
![Page 1: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/1.jpg)
Enabling Innovation Inside the Network
Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt, Joshua Reich
Jennifer RexfordPrinceton University
http://www.cs.princeton.edu/~jrex
![Page 2: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/2.jpg)
2
What is Networking?
end-hosts need to communicate
![Page 3: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/3.jpg)
3
What is Networking?
Ethernet switches connect them
![Page 4: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/4.jpg)
4
What is Networking?
which decide how packets should be forwarded
Control Plane
![Page 5: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/5.jpg)
5
What is Networking?
and actually forward them
Data Plane
![Page 6: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/6.jpg)
6
What is Networking?
![Page 7: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/7.jpg)
7
What is Networking?
servers
![Page 8: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/8.jpg)
8
What is Networking?
connected by routers
![Page 9: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/9.jpg)
9
w/ similar data planes
What is Networking?
connected by routers
![Page 10: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/10.jpg)
10
What is Networking?
connected by routers
but completely different control planes
plug-and-play
structured and optimized
![Page 11: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/11.jpg)
11
What is Networking?
![Page 12: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/12.jpg)
12
What is Networking?
we need gateway to bridge them
![Page 13: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/13.jpg)
13
What is Networking?
and load balancing for servers
![Page 14: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/14.jpg)
14
What is Networking?
there are other ISPs
![Page 15: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/15.jpg)
15
What is Networking?
requiring inter-domain routers
![Page 16: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/16.jpg)
16
What is Networking?
and a firewall to handle malicious
traffic
![Page 17: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/17.jpg)
17
What is Networking?
and mobile endpoints
![Page 18: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/18.jpg)
18
What is Networking?
requiring wireless basestations
![Page 19: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/19.jpg)
19
What is Networking?
and more middleboxes for
billing, lawful intercept, DPI
![Page 20: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/20.jpg)
20
What is Networking?
Ad absurdum
![Page 21: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/21.jpg)
21
This is a Control Plane Issueeach color represents a different set of control-
plane protocols and algorithms
![Page 22: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/22.jpg)
22
This is a Control Plane Issuewhose implementation
may vary by vendor and model
![Page 23: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/23.jpg)
23
Software Defined Networks
![Page 24: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/24.jpg)
24
decouple control and data planes
Software Defined Networks
![Page 25: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/25.jpg)
25
decouple control and data planesby providing open standard API
Software Defined Networks
![Page 26: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/26.jpg)
26
(Logically) Centralized Controller
Controller Platform
![Page 27: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/27.jpg)
27
Protocols Applications
Controller PlatformController Application
![Page 28: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/28.jpg)
28
Payoff
• Cheaper equipment• Faster innovation• Easier management
![Page 29: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/29.jpg)
29
Entire backbone
runs OpenFlow
A Major Trend in Networking
Bought for $1.2 x 109
(mostly cash)
![Page 30: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/30.jpg)
30
But How Should We Program SDNs?
Controller Platform
Controller ApplicationNetwork-wide visibility and control
Direct control via open interface
Today’s controller APIs are tied to the underlying hardware
![Page 31: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/31.jpg)
OpenFlow Networks
31
![Page 32: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/32.jpg)
Data Plane: Packet Handling
• Simple packet-handling rules– Pattern: match packet header bits– Actions: drop, forward, modify, send to controller – Priority: disambiguate overlapping patterns– Counters: #bytes and #packets
32
1. src=1.2.*.*, dest=3.4.5.* drop 2. src = *.*.*.*, dest=3.4.*.* forward(2)3. src=10.1.2.3, dest=*.*.*.* send to controller
![Page 33: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/33.jpg)
Control Plane: Programmability
33
Events from switchesTopology changes,Traffic statistics,Arriving packets
Commands to switches(Un)install rules,Query statistics,Send packets
Controller Platform
Controller Application
![Page 34: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/34.jpg)
E.g.: Server Load Balancing• Pre-install load-balancing policy• Split traffic based on source IP
src=0*
src=1*
![Page 35: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/35.jpg)
Seamless Mobility/Migration• See host sending traffic at new location• Modify rules to reroute the traffic
35
![Page 36: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/36.jpg)
Programming Abstractions for Software Defined Networks
36
![Page 37: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/37.jpg)
Network Control Loop
37
Readstate
OpenFlowSwitches
Writepolicy
Compute Policy
![Page 38: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/38.jpg)
38
Reading State
SQL-Like Query Language
![Page 39: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/39.jpg)
Reading State: Multiple Rules
• Traffic counters– Each rule counts bytes and packets– Controller can poll the counters
• Multiple rules– E.g., Web server traffic except for source 1.2.3.4
• Solution: predicates– E.g., (srcip != 1.2.3.4) && (srcport == 80)– Run-time system translates into switch patterns
39
1. srcip = 1.2.3.4, srcport = 802. srcport = 80
![Page 40: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/40.jpg)
Reading State: Unfolding Rules
• Limited number of rules– Switches have limited space for rules– Cannot install all possible patterns
• Must add new rules as traffic arrives– E.g., histogram of traffic by IP address– … packet arrives from source 5.6.7.8
• Solution: dynamic unfolding– Programmer specifies GroupBy(srcip)– Run-time system dynamically adds rules
40
1. srcip = 1.2.3.41. srcip = 1.2.3.42. srcip = 5.6.7.8
![Page 41: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/41.jpg)
Reading: Extra Unexpected Events
• Common programming idiom– First packet goes to the controller– Controller application installs rules
41
packets
![Page 42: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/42.jpg)
Reading: Extra Unexpected Events
• More packets arrive before rules installed?– Multiple packets reach the controller
42
packets
![Page 43: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/43.jpg)
Reading: Extra Unexpected Events
• Solution: suppress extra events– Programmer specifies “Limit(1)”– Run-time system hides the extra events
43
packets
not seen byapplication
![Page 44: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/44.jpg)
Frenetic SQL-Like Query Language
• Get what you ask for– Nothing more, nothing less
• SQL-like query language– Familiar abstraction– Returns a stream– Intuitive cost model
• Minimize controller overhead– Filter using high-level patterns– Limit the # of values returned – Aggregate by #/size of packets
44
Select(bytes) *Where(in:2 & srcport:80) *GroupBy([dstmac]) *Every(60)
Select(packets) *GroupBy([srcmac]) *
SplitWhen([inport]) *Limit(1)
Learning Host Location
Traffic Monitoring
![Page 45: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/45.jpg)
45
Computing Policy
Parallel and Sequential Composition
Abstract Topology Views
![Page 46: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/46.jpg)
46
Combining Many Networking Tasks
Controller Platform
Monitor + Route + FW + LB
Monolithic application
Hard to program, test, debug, reuse, port, …
![Page 47: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/47.jpg)
47
Modular Controller Applications
Controller Platform
LBRout
eMonit
orFW
Easier to program, test, and debugGreater reusability and portability
A module for each task
![Page 48: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/48.jpg)
48
Modules Affect the Same Traffic
Controller Platform
LBRout
eMonit
orFW
How to combine modules into a complete application?
Each module partially specifies the handling of the traffic
![Page 49: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/49.jpg)
49
Parallel Composition [ICFP’11, POPL’12]
Controller Platform
Route on dest
prefix
Monitor on source
IP+
dstip = 1.2/16 fwd(1)dstip = 3.4.5/24 fwd(2)
srcip = 5.6.7.8 countsrcip = 5.6.7.9 count
srcip = 5.6.7.8, dstip = 1.2/16 fwd(1), countsrcip = 5.6.7.8, dstip = 3.4.5/24 fwd(2), countsrcip = 5.6.7.9, dstip = 1.2/16 fwd(1), countsrcip = 5.6.7.9, dstip = 3.4.5/24 fwd(2), count
![Page 50: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/50.jpg)
• Spread client traffic over server replicas– Public IP address for the service– Split traffic based on client IP– Rewrite the server IP address
• Then, route to the replica
Example: Server Load Balancer
clients
1.2.3.4
load balancer
server replicas
10.0.0.1
10.0.0.2
10.0.0.3
![Page 51: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/51.jpg)
51
Sequential Composition [NSDI’13]
Controller Platform
RoutingLoad Balancer >>
dstip = 10.0.0.1 fwd(1)dstip = 10.0.0.2 fwd(2)
srcip = 0*, dstip=1.2.3.4 dstip=10.0.0.1srcip = 1*, dstip=1.2.3.4 dstip=10.0.0.2
srcip = 0*, dstip = 1.2.3.4 dstip = 10.0.0.1, fwd(1)srcip = 1*, dstip = 1.2.3.4 dstip = 10.0.0.2, fwd(2)
![Page 52: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/52.jpg)
52
Dividing the Traffic Over Modules
• Predicates– Specify which traffic traverses which
modules– Based on input port and packet-header
fields
Routing
Load Balancer
Monitor
Routing
dstport != 80
dstport = 80 >>
+
![Page 53: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/53.jpg)
53
High-Level Architecture
Controller Platform
M1 M2 M3Composition
Spec
![Page 54: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/54.jpg)
54
Partially Specifying Functionality
• A module should not specify everything– Leave some flexibility to other modules– Avoid tying the module to a specific
setting
• Example: load balancer plus routing– Load balancer spreads traffic over
replicas– … without regard to the network paths
Load Balancer
Routing>>
Avoid custom interfaces between the modules
![Page 55: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/55.jpg)
55
Abstract Topology Views [NSDI’13]
• Present abstract topology to the module– Implicitly encodes the constraints – Looks just like a normal network– Prevents the module from overstepping
55Real network Abstract view
![Page 56: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/56.jpg)
56
Separation of Concerns
• Hide irrelevant details– Load balancer doesn’t see the internal
topology or any routing changes
Routing view Load-balancer view
![Page 57: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/57.jpg)
57
High-Level Architecture
Controller Platform
View Definitions
M1 M2 M3Composition
Spec
![Page 58: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/58.jpg)
58
Supporting Topology Views
• Virtual ports– (V, 1): [(P1,2)]– (V, 2): [(P2, 5)]
• Simple firewall policy– in=1 out=2
• Virtual headers– Push virtual ports– Route on these ports– From (P1,2) to (P2,5)
V1 2
firewall
routing
P1 P2
1 122
3 3
4
4
5
![Page 59: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/59.jpg)
59
Writing State
Consistent Updates
![Page 60: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/60.jpg)
Writing Policy: Avoiding Disruption
Invariants• No forwarding loops• No black holes• Access control• Traffic waypointing
![Page 61: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/61.jpg)
Writing Policy: Path for New Flow
• Rules along a path installed out of order?– Packets reach a switch before the rules do
61Must think about all possible packet and event orderings.
packets
![Page 62: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/62.jpg)
Writing Policy: Update Semantics
• Per-packet consistency– Every packet is processed by– … policy P1 or policy P2 – E.g., access control, no loops
or blackholes
• Per-flow consistency– Sets of related packets are processed by– … policy P1 or policy P2,– E.g., server load balancer, in-order delivery,
…
P1
P2
![Page 63: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/63.jpg)
Writing Policy: Policy Update
• Simple abstraction– Update entire configuration at once
• Cheap verification– If P1 and P2 satisfy an invariant– Then the invariant always holds
• Run-time system handles the rest– Constructing schedule of low-level updates– Using only OpenFlow commands!
63
P1
P2
![Page 64: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/64.jpg)
Writing Policy: Two-Phase Update
• Version numbers– Stamp packet with a version number (e.g., VLAN tag)
• Unobservable updates– Add rules for P2 in the interior– … matching on version # P2
• One-touch updates– Add rules to stamp packets
with version # P2 at the edge
• Remove old rules– Wait for some time, then
remove all version # P1 rules
64
![Page 65: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/65.jpg)
Writing Policy: Optimizations
• Avoid two-phase update– Naïve version touches every switch– Doubles rule space requirements
• Limit scope – Portion of the traffic– Portion of the topology
• Simple policy changes– Strictly adds paths– Strictly removes paths 65
![Page 66: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/66.jpg)
Frenetic Abstractions
66
SQL-likequeries
OpenFlowSwitches
ConsistentUpdates
Policy Composition
![Page 67: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/67.jpg)
Related Work
• Programming languages– FRP: Yampa, FrTime, Flask, Nettle– Streaming: StreamIt, CQL, Esterel, Brooklet, GigaScope– Network protocols: NDLog
• OpenFlow– Language: FML, SNAC, Resonance– Controllers: ONIX, POX, Floodlight, Nettle, FlowVisor– Testing: NICE, FlowChecker, OF-Rewind, OFLOPS
• OpenFlow standardization– http://www.openflow.org/– https://www.opennetworking.org/
67
![Page 68: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/68.jpg)
Conclusion
• SDN is exciting– Enables innovation– Simplifies management– Rethinks networking
• SDN is happening– Practice: useful APIs and good industry traction– Principles: start of higher-level abstractions
• Great research opportunity– Practical impact on future networks– Placing networking on a strong foundation
68
![Page 69: Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,](https://reader036.vdocuments.mx/reader036/viewer/2022062500/5697bfe01a28abf838cb36d9/html5/thumbnails/69.jpg)
Frenetic Project
http://frenetic-lang.org
• Programming languages meets networking– Cornell: Nate Foster, Gun Sirer, Arjun Guha, Robert Soule,
Shrutarshi Basu, Mark Reitblatt, Alec Story
– Princeton: Dave Walker, Jen Rexford, Josh Reich, Rob Harrison, Chris Monsanto, Cole Schlesinger, Praveen Katta, Nayden Nedev
Short overview at http://www.cs.princeton.edu/~jrex/papers/frenetic12.pdf