Pamela Zave

AT&T Laboratories—Research

Florham Park, New Jersey, USA

joint work with Jennifer Rexford, Princeton University

ABSTRACTIONS

OF THE DATA PLANE

DIMACS Working Group on

Abstractions for Network

Services, Architecture, and Implementation

WHAT WE ATE FOR LUNCH

CHINESE FOOD, OF COURSE, AND LEARNED THAT . . .

“We find comfort among those who agree with us—

growth among those who don’t.”

THE PREVAILING ABSTRACTION OF THE DATA PLANE

APPLICATION LAYER

TRANSPORT LAYER

NETWORK LAYER

LINK LAYER

PHYSICAL LAYER

applications andmnemonic names

reliable (orunreliable) transport

best-effort globalpacket delivery

best-effort localpacket delivery

physical transferof bits

abstractions from “The futureof networking, and the past ofprotocols”

[Shenker 2011]

APPLICATION LAYER

TRANSPORT LAYER

NETWORK LAYER

LINK LAYER

PHYSICAL LAYER

applications andmnemonic names

reliable (or unreliable) transport

best-effort globalpacket delivery

best-effort localpacket delivery

physical transferof bits

2

1WHY SHOULD WE QUESTION THIS?

Because there are many

serious problems with the

current Internet, and we must

look at all possible solutions.

Because the purpose of the

control plane is to manage the

data plane, so a well-structured

data plane may be the key to a

well-structured control plane.

For example, “An axiomatic basisfor communication” is intendedto formalize what routers do . . .

. . . but much of the space isdevoted to a careful discussion of the behavior of the data plane. [Karsten, Keshav,

Prasad & Beg 2007]

3WHY SHOULD WE QUESTION THIS?

Because it is

not realistic.headers in a typical AT&T packet

Cloud Service

HTTP

TCP

IP

IPsec

IP

GTP (QoS, billing)

UDP

IP

MPLS

MPLS

Ethernet

15+ load balancing / routing algorithmsare involved in getting this packet to itsdestination . . .

. . . most with different goals in mind;

. . . most have been analyzed / designed in some state of isolation;

. . . all are getting more dynamic every day

from “Cloud computing and my worriesabout the network that enables it”

[Spatscheck 2010]

A BETTER ABSTRACTIONOF THE DATA PLANE? APPLICATION LAYER

TRANSPORT LAYER

LISP LAYER

MIDDLEWARE LAYER

NETWORK LAYER

LINK LAYER

MPLS LAYER

PHYSICAL LAYER

this is more realistic, . . .

. . . but consensus wouldbe difficult to achieve . . .

. . . and not long-lasting

A DIFFERENT VIEW OF THE DATA PLANE

LAYER

LAYER LAYER

LAYER

LAYER LAYER LAYER

Each layer is a distributedsystem with the sameabstract functionalityand the same abstractstate.

upper interface is aspecification of communication

services (provided)

lower interface is aspecification of communication

services (used)

includes transport,routing, and forwarding

This pattern isinstantiated manytimes in a networkarchitecture, formany purposes, atmany levels, andwith many differentscopes.

this hypothesiscomes fromPatterns inNetworkArchitecture

[Day 2008]

WE CALL THIS THE “GEOMORPHIC VIEW”OF NETWORKS . . .

. . . BECAUSE THE ARRANGEMENT OF

LAYERS RESEMBLES THE EARTH’S CRUST

it is inspired by Day’s ideas, with manychanges in terminology and (we hope)improvements

OUTLINE

Frequently-asked questions

Examples

Basic information about layers

Summary and conclusions

1234

LAYERS: MACHINES AND PROCESSES

these processes can onlycommunicate through a NETWORK,with all of the challenges we know well

the OPERATINGSYSTEM createsthese processesand enablesthem tocommunicatequickly and reliablywith each other

machine machine

we can choose to regard a virtualmachine as a machine . . .

this communicationis assumed as abuilding block

. . . and to regard communicationthrough the hypervisor and softswitchof a physical machine as networkedcommunication, and an object of study

LAYERS: MEMBERS, NAMES, AND ROUTING

a member has a name that is uniqueand permanent (although re-usable)

UNDERLAY(lower layer)

OVERLAY(higher layer)

members are connectedto each other by links

because there is usually not alink between each pair of members,routes tell members how to reacheach other

routing protocolmaintains routesas links change

B E

edb

a c

member process link

a member is a processthat represents itsmachine in that layer

each layerhas its ownname space

a link is an instance or usageof a communication service

UNDERLAY(lower layer)

OVERLAY(higher layer) B E

edb

a c

LAYERS: REGISTRATIONS

here theseregistrationsare attachments

here theseregistrationsare locations

registrations canbe created ordestroyed byeither layer

a registration maps anoverlay process to anunderlay process

both processes areon the same machine

the underlay process is aprocess in the lower layerthat represents the overlayprocess to the network

registrations

UNDERLAY(lower layer)

OVERLAY(higher layer) B E

edb

a c

LAYERS: CHANNELSa channel is an instance or usageof a communication service

a channel can be implemented as aservice by an underlay for an overlay

in the underlay,the channel iscalled a session

higher endpoint

lower endpoint

when b receives a channel requestfrom B for E, it uses locationsto find that E is located at e

in the overlay,the channel iscalled a link

underlay includes a transportprotocol that enforces theservice specification

LAYERS: SCOPE AND LEVEL

APPLICATIONLAYERS

INTERNETCORE

(IP, TCP, UDP)

LANs ANDWANs

application process

IP interface ofnetworked machine

Ethernetport interface

layers are arranged in ausage hierarchy, whichdefines levels

the scope of a layer is the set or classof processes that could be members

gateway

this is thegeomorphicview of theclassicInternetarchitecture

Webappli-cation

cloud

Internet

here there is no routing,because members are fullyconnected by communicationservices

LAYERS: VARIATIONS

client

client

host host host

server

server

securityfilter

router router

here the communicationservices offered mightinclude security,anycast, broadcast, etc.

here the communicationservices might be onlypoint-to-point

here the filter is “in the network”

here the filter isan “endpoint”

here the purpose of routingis to provide services suchas security

“CloudNaaS: A cloud networkingplatform for enterprise applications”

[Benson, Akella,Shaikh & Sahu 2011]

here the purpose of routingis reachability

“The end-to-endargumentand applica-tiondesign: Therole of trust”[Clark &Blumenthal2011]

LAYERS: SOFTWARE STATE OF A LAYER

a layer is a distributedsoftware system

overlay

underlay underlay

members: set Process

locations: set Registration

sessions: set Channel

attachments: set Registration

links: set Channel

forwarding: set Route

this is a snapshot of its distributed, dynamic state

related toservingoverlays

strictlyinternal

related tousingunderlays

depends on

OUTLINE

Frequently-asked questions

Examples

Basic information about layers

Summary and conclusions

1234

FAQ: HOW IS THE GEOMORPHIC VIEW DIFFERENT FROM OVERLAYS?

LAYER LAYER

LAYER

LAYER

LAYER LAYER LAYER

“MOSAIC: Unifieddeclarative platformfor dynamic overlaycomposition”

[Mao, Loo, Ives& Smith 2008]

layering

bridging

geomorphic viewhas no uniquereference point, sothere is nothingfor an “overlay” tobe “over”

geomorphic viewattempts to explainwhat is in eachlayer, as well ashow they compose

FAQ: IS THE GEOMORPHIC VIEW DESCRIPTIVE OR PRESCRIPTIVE?

FUNCTIONALLY, IT IS DESCRIPTIVEthere should be no major function ordesign that cannot be described

HOWEVER, THERE ARE FEWERMECHANISMS THAN ARE FOUND “IN THE WILD”

no arguing about names vs. identifiersvs. locators vs. addresses—each layerhas one name space, designed andused for the purposes of the layer

no tunneling used as an intra-layerexception to the routing system—justinter-layer interfaces

FEWER MECHANISMS COULD MEAN: GOAL IS TO CHOOSE THEMECHANISMS THAT ARE THE BESTBECAUSE THEY FACILITATE . . .each design has exactly one

correct description

designs can be compared easily

it is possible to map out structuredspaces of design trade-offs

it is possible to get implementationsby code generation and re-use

composition—of layers,mechanisms within a layer, orreasoning methods

separation of concerns, so thatdiverse goals can be met withoutinterfering with each other

. . .

. . .

OUTLINE

Frequently-asked questions

Examples

Basic information about layers

Summary and conclusions

1234

LISPlayer

IPlayer

Endpoint Identifier (EID)

RLOC (IPaddress)

edge routers are fully connectedby IP links

when E1 sends to E2, R1A orR1B needs route to E2, becauseforwarding tables are sparselypopulated

route is (routes are) the samefrom every router, so the routecan be obtained by directorylookup

WHAT DO LISP AND SEATTLE HAVE IN COMMON?

EXAMPLE: COMPARING RESEARCH RESULTS

enterprise site enterprise site

R1A R2CE1 E2

R1B

R1A

R2D

R2D

Locator/IdentifierSeparation Protocol

SEATTLElayer

edge routers are fully connectedby SEATTLE links

when E1 sends to E4, R1needs route to E4, becauseforwarding tables are sparselypopulated

route is the same from everyrouter, so the route can beobtained by directory lookup

MAC addresses

WHAT DO LISP AND SEATTLE HAVE IN COMMON?

“Floodless in SEATTLE: A scalable Ethernet architecture for large enterprises”[Kim, Caesar & Rexford 2008]

IP layer

E1 R1

R2

R1

R3

R4

R4

E2

E3

E4

EthernetLANlayer

Nicira networks also have this structure;comparison focuses attention on the difference,which is how directories are implemented

EXAMPLE: COMPOSITION OF MOBILITY MECHANISMS

AS A PROBLEM, NETWORK MOBILITYIS A CHANGE IN REGISTRATION . . .

old new

AS A SOLUTION, NETWORK MOBILITYMAINTAINS CHANNELS, DESPITE THE MOBILITYOF THE PROCESSES PARTICIPATING IN THEM

higher endpoint

lower endpoint

. . . of a process, while it is participatingin a channel

service specification

BENEFITING LAYER

LAYER IMPLEMENTINGMOBILITY

MOBILITY IMPLEMENTATION: ATTACHMENT MOBILITY

A B

b

b’

a

a1’ a2’

a becomesdisconnectedbecause attachmentto a1’ and linksimplementedthrough a1’ fail

a forms a newattachment and newlinks through a2’

1

1

12

2

2

BENEFITING LAYER

the hard work of implementingattachment mobility is re-routingso that other processes canreach a through new links

LAYERIMPLEMENTING

MOBILITY

examples:

LANs/VLANs

Mobile IP

MSM-IP (usesIP multicast)

MOBILITY IMPLEMENTATION: LOCATION MOBILITY

A B

b1 b2

b1’ b2’

a

a’

1

1

2 2

BENEFITINGLAYER

LAYERIMPLEMENTINGMOBILITY

B or b1 destroys theirregistration

B or b2 creates a newregistration, session statetransferred from b1 to b2

the hard work of implementinglocation mobility is updatinglocations and a’s session stateso that B can be found at b2

disconnection may comefrom this layer, but thereis no mobility involvingthis layer

unless this is a case ofprocess migration, b1 andb2 are on same machine

examples:

TCP Migrate

“Serval: An end-host stack for service-centric networking” [Nordstrom, Shue, Gopalan,

Kiefer, Arye, Ko, Rexford & Freedman 2012]

A B

b1 b2

b1’ b2’

a

a1’ a2’

ARE THEY REALLY DIFFERENT?

ATTACHMENTMOBILITY

LOCATIONMOBILITY

registration changeat implementing layer’slower interface

registration changeat implementing layer’s

upper interface

distributed layer state affected:

distributed layerstate affected:

attachmentslinksforwarding

locationssessions

BENEFITING LAYER

LAYERIMPLEMENTING

MOBILITY

locations

sessions

members

routes

attachments

links

affected bylocationmobility

affected byattachmentmobility

there is no dependency betweenthe two state partitions

EXAMPLE: COMPOSITION OF MOBILITY MECHANISMS

WITHIN A LAYER:

mobility at one end of a session isindependent of mobility at theother end—either one can beattachment or location mobility,even simultaneously

at one end of a session, locationmobility can take over if attachmentmobility is failing

ACROSS LAYER BOUNDARIES:

mobility mechanisms in adjacentlayers are logically independent,can co-exist and even operatesimultaneously

established by reasoning aboutactions at the layer interface

established by verification of a formalmodel of the session protocol,reasoning about the layer state

“Compositional network mobility”

[Zave & Rexford 2012]

work session

EXAMPLE: NEW DESIGNS FROM THE MOBILITY SPACE

appli-cation

THE GOAL IS TO PROVIDE MOBILITY FOR THIS LAPTOP . . .

. . . NOTING THAT SOMETIMESTHE LAPTOP IS ON A BUS acts as a

mobile router

we want to avoid, e.g., . . .

. . . solutions that require updates for every passenger when the bus moves

. . . solutions that require an update for the bus when a passenger gets on or off

work session

registrationwhen laptop ison the bus

registrationwhen laptopis elsewhere

LAN on busvarious subnets, including roadside WiFi

bus companyrouter

port onbus LAN

EXAMPLE: NEW DESIGNS FROM THE MOBILITY SPACE

appli-cation

layer implementslocation mobilityfor laptop—activewhen laptopmoves on and offbus, not when busmoves

b00 b35

b30

layer implementsattachment mobility forbus—active when busmoves, does nothingwith individualdevices on bus

OUTLINE

Frequently-asked questions

Examples

Basic information about layers

Summary and conclusions

1234

SOME PURPOSES OFABSTRACTIONS

SOME CHARACTERISTICS (OR,MORE ACCURATELY, GOALS) OFTHE GEOMORPHIC VIEW

to compare and relate researchresults

to provide applications with richercommunication services andcleaner interfaces to them

to manage complexity withseparation of concerns anduse of general-purpose theories

the same basic pattern or templateis instantiated many times, formany different purposes, atdifferent levels and scopes

basic structures such as members,channels, and routing can look verydifferent at different levels of thestack

by partitioning the control state of alayer, facilitates composition of mechanisms within a layer

each design has exactly onecorrect description

by solidifying layer interfaces, facilitates composition of layers ina network stack

to compose successful solutions todiverse problems

to map out structured spaces ofdesign trade-offs

to implement layers by means ofcode generation and code re-use

SUMMARY

A BIG TRADE-OFF

STRUCTURES YOU OFTENSEE

THE GEOMORPHIC VIEWOF THESE STRUCTURES

gateway

each mechanism is adhoc, and its interactionswith other mechanismsare unpredictable

WHAT ABOUT THEREDUNDANCYAND OVERHEAD?

each layer can achievemultiple purposes

interactions amongmechanisms can bestudied, will becomewell-known

How much?Routers alreadyhave forwardingrules frommultiple layers.

Redundancy andoverhead can beremoved byoptimization—atthe cost of lessresilience tochange.

tunnel

layer boundary

THE GEOMORPHIC VIEW IS NEW AND IMMATURE

IN PARTICULAR, THE VIEW OF LAYERSTATE (partitions, dependencies) ISVERY SIMPLISTIC . . .

. . . because the only issue we havestudied in enough detail is mobility

OTHER ISSUES TO BE INVESTIGATED

anycast, multicast, broadcast, etc.

multihoming

middleboxes

enrollment

authentication

access control

privacy

failure recovery

resource management

ON THE OTHER HAND, THESE TWOIDEAS NOW SEEM INTUITIVELYOBVIOUS:

To understand the control plane,you must first understand the dataplane.

The geomorphic view of the dataplane—consisting of “complete” layersthat can be instantiated freely withdifferent levels, scopes, andpurposes—is a better abstraction of the dataplane than the classic Internetarchitecture.