Upload
others
View
40
Download
1
Embed Size (px)
Citation preview
Administrivia• Paper assignments for reviews 2 and 3 are out
• MUD: send me your top 1—3 questions on this lecture
• Gear up for course project: Sample ideas are out• Do make friends with & team up with the others in this room• Do brainstorm your own ideas with your friends and with me• Do check with me about the “significant programming” requirement• Do make the best use of office hours starting today
Lecture 9, Computer Networks (198:552)
Software-Defined Networking:Principles
Traditional IP routers
Switchingfabric
Processor
Net interface
Net interface
Net interface
Net interface
Data plane
Control plane
BGPOSPF
Management plane
• Management plane• Network-wide views• Configure routers
• Control plane• Track topology• Compute routes• Install forwarding rules
• Data plane• Forward, filter, buffer,
drop, mark, rate-limit• Traffic statistics
Problems with traditional routers• Management decisions tied to distributed protocols• Ex: Set OSPF link weights to force traffic through desired path• Ex: Non-deterministic network state after a link failure
• Data and control plane controlled by vendors: proprietary interfaces
?X
Traditional IP network
Data plane
Data plane
Data plane
Management plane
Data plane
Control plane
Control plane
Control plane
Control plane
SDN (1/2): Centralized control plane
Data plane
Data plane
Data plane
SDN controller
Data plane
Control planes lifted from switches… into a logically centralized controller… running in a compute cluster
SDN (2/2): Open interface to data plane
Data plane
Data plane
Data plane
SDN controller
Data plane
Some immediate consequences…
(1) Simpler switches
Data plane
Data plane
Data plane
Small set of hardware instructions.
SDN controller
Data plane
Data plane primitive: Match-action rules• Match arbitrary bits in the packet header
• Match on any header, or new header• Allows any flow granularity
• Actions• Forward to port(s), drop, send to controller, count,• Overwrite header with mask, push or pop, …• Forward at specific bit-rate
• Prioritized list of rules
HeaderData Match: 1000x01xx01001x
Action: fwd(port 2)
Priority: 65500
(2) Network programming abstractions
Data plane
Data plane
Data plane
Application
SDN controller
Application ApplicationWrite modular apps and compose them
Data plane
(3) Unified network operating system
Data plane
Data plane
Data plane
ApplicationNetwork Operating System
Application Application
Separate distributed system concerns from management policy
Data planePersist app stateGraceful failoverReplication for perf
Composition of Policies
Combining many networking tasks
SDN controller
Route + Monitor + FW + LB
Monolithic application
Hard to program, test, debug, reuse, port, …
Modular controller applications
SDN controller
Each module partiallyspecifies the handling of the traffic
LBRouteMonitor FW
Network policy as a function• Located packet: headers + switch + port
• Policy: function of a located packet• To a set of located packets: multicast, drop, forward
• Function can modify packets• Headers and location
dstip == 1.2.3.4 & srcport == 80 à port = 3, dstip = 10.0.0.1
13
2
Match Action
Parallel composition (+)
SDN controller
Route on dst prefix
Monitor on source IP +
dstip == 1.2/16 à fwd(1)dstip == 3.4.5/24 à fwd(2)
srcip == 5.6.7.8 à countsrcip == 5.6.7.9 à count
srcip == 5.6.7.8, dstip == 1.2/16 à fwd(1), countsrcip == 5.6.7.8, dstip == 3.4.5/24 à fwd(2), countsrcip == 5.6.7.9, dstip == 1.2/16 à fwd(1), countsrcip == 5.6.7.9, dstip == 3.4.5/24 à fwd(2), count
Example: Server load balancer• Spread client traffic over server replicas• Public IP address for the service• Split traffic based on client IP• Rewrite the server IP address
• Then, route to the replica
clients
1.2.3.4
load balancer
server replicas
10.0.0.1
10.0.0.2
10.0.0.3
Sequential composition (>>)
SDN controller
RoutingLoad Balancer >>
dstip==10.0.0.1 à fwd(1)dstip==10.0.0.2 à fwd(2)
srcip==0*, dstip==1.2.3.4 à dstip=10.0.0.1srcip==1*, dstip==1.2.3.4 à dstip=10.0.0.2
srcip==0*, dstip==1.2.3.4 à dstip = 10.0.0.1, fwd(1)srcip==1*, dstip==1.2.3.4 à dstip = 10.0.0.2, fwd(2)
Implications & Challenges
What does SDN make possible/easy?• Expressing forwarding intent directly• Example path: sw==S1àfwd(4) + sw==S2àfwd(1) + sw==S3àfwd(7)
• Reading state: Measurement through counters• Measure exactly the traffic you care about• Can modify forwarding to make measurements more accurate!
• Deterministically and swiftly handle data plane failures• Google’s B4: Failover to pre-computed outcomes
S1 S2 S34 3 1 2 7
What does SDN make possible/easy?• Network policy verification• Correctness: Reachability, loop-freedom, SLO violations, etc.• Performance
• Better router data plane design• Decouple evolution of router instruction sets and network policy
• Apply the SDN philosophy to system design as a whole• Stateful “network functions” that reside in the core of the network• Operating systems• End host NICs• <insert your idea here!>
Technical challenges of SDN• Scalability: controller responsible for many routers• Response time: Delays between controller and routers• Reliability: surviving failures of the controller & data plane• Consistency: • Ensuring multiple controllers behave consistently• Ensuring controller policy is faithfully implemented
• Security: • Entire network may be owned if the controller is vulnerable
• Interoperability: legacy routers and neighboring domains
Routing Control Platform (RCP)Usenix NSDI ’05
Caesar et al.
Separating interdomain routing from routers• Compute interdomain routes for the routers• Input: BGP-learned routes from neighboring ASes• Output: forwarding-table entries for each router
• Backwards compatibility with legacy routers• RCP speaks to routers using iBGP protocol• Installing <destination prefix, next-hop address>
• Routers still run intradomain routing protocol• So the routers can reach the RCP • To reduce overhead on the RCP
RCP
Autonomous System
Example: DoS blackholing
• Filtering attack traffic• Measurement system detects an attack• Identify entry point and victim of attack• Drop offending traffic at the entry pointRCPnull
route
DoS attack
Example: Maintenance dry-out
• Planned maintenance on an edge router• Drain traffic off of an edge router• Before bringing it down for maintenance
d
egress 1
egress 2
RCPuse egress 2
Example: Egress selection
•Customer-controlled egress selection• Multiple ways to reach the same destination• Giving customers control over the decision
egress 1
egress 2
data center 1
data center 2
hot-potato routing
RCPuse egress 1
customersites
Example: Better BGP security
• Enhanced interdomain routing security• Anomaly detection to detect bogus routes• Prefer “familiar” routes over unfamiliar
d????egress 1
egress 2
RCPuse egress 2
d
Example: Saving router memory• Reduce memory requirements on routers• Strip BGP route attributes (except prefix and next-hop)• Combine related prefixes into a single route
RCPBGP with other ASes
12.0.0.0/16 à nh 112.1.0.0/16 à nh 1
12.0.0.0/15 à nh 1
Discussion of RCP• Centralizing control logic allows formalizing correctness properties• … even if the existing solutions don’t actually uphold them!• e.g., loop freedom, same egress router throughout path within AS
• Reliability, consistency, and performance from the start• Network partitions & RCP—network partitions• RCP replica failures• Processing high rates of route computations (e.g., IGP changes)
• Performance metrics & testing methodology• Message processing: delay, throughput, memory• Real-time convergence delays: may be less than iBGP-mesh• Other metrics?
OpenFlow: Enabling Innovation in Campus Networks
ACM CCR ‘08McKeown et al.
Program networks using simple rules• Goals: high-performance low-cost programmable switch• Be able to isolate experimental traffic on campus networks• Be consistent with vendors need for closed platforms• Restricted flexibility to keep the cost low
• Controller programs switch “flow tables” built with TCAMs• First packet of a flow allows controller to determine fwding rules• Rules can match packets against flexible field boundaries• Standardized set of actions: forward, drop, de/encapsulate• Also be able to send packet through “normal” switch processing
Discussion of OpenFlow/SDN• Is match-action sufficiently expressive?
• Can switches sustain many flow processing rules and setups?• TCAM space for matches• Control overheads to install or remove flows• Memory to install packet counters for each flow
• Why fix the set of wire protocols allowed in matches?
Backup Slides
RCP incremental deployability• Backwards compatibility• Work with existing routers and protocols
• Incentive compatibility• Offer significant benefits, even to the first adopters
AS 3AS 2AS 1
BGP
Inter-AS ProtocolRCP RCP RCP
RCP tells routers how to forward trafficUse BGP to communicate with the legacy routers
Simplify management and enable new services
Other ASes can deploy an RCP independently
ASes with RCPs can cooperate for new features
ASes can upgrade to new routing protocol
… while using BGP to control the legacy routers
RCP: Scalable implementation
• Eliminate redundancy• Store a single copy of each BGP-learned route
• Accelerate lookups• Maintain indices to identify affected routers
• Avoid recomputation• Compute routes once for group of related routers
•Handle only BGP routing• Leave intradomain routing to the routers
38 An extensible, scalable, “smart” route reflector
Runs on a single high-end PC
•Home-grown implementation on top of Linux• Experiments on 3.2 Ghz P4 with 4GB memory
•Computing routes for all AT&T routers• Grouping routers in the same point-of-presence
•Replaying all routing-protocol messages• BGP and OSPF logs, for 203,000 IP prefixes
• Experimental results• Memory footprint: 2.5 GB• Processing time: 0.1-20 msec
39
Reliability
• Simple replication• Single PC can serve as an RCP• So, just run multiple such PCs
•Run replicas independently• Separate BGP update
feeds and router sessions• Same inputs, and the
same algorithm• No need for replica
consistency protocol40
RCP
RCP
Potential consistency problem
• Need to ensure routes are consistently assigned • Even in presence of failures/partitions
• Fortunately…• Flooding-based IGP means each RCP knows what
partition(s) it connects to41
A B
C D
“Use egress C (hence use A as your next-hop)”
“Use egress D (hence use B as your next-hop)”
RCP 1 RCP 2
Single RCP under partition
• Solution: Only use state from router’s partition in assigning its routes • Ensures next hop is reachable
42
Partition 1 Partition 2
RCP 1
Multiple RCPs under partition
• Solution: RCPs receive same IGP/BGP state from each partition they can reach• IGP provides complete visibility and connectivity• RCS only acts on partition if it has complete state for it
43
àNo consistency protocol needed to guarantee consistency in steady state
Partition 1 Partition 2 Partition 3
RCP 2RCP 1