Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Stanford Clean Slate Program Nick McKeown Professor of Computer Science & Electrical Engineering.

Published byCharlotte Paget Modified over 10 years ago

Similar presentations

Presentation on theme: "The Stanford Clean Slate Program Nick McKeown Professor of Computer Science & Electrical Engineering."— Presentation transcript:

1 http://cleanslate.stanford.edu The Stanford Clean Slate Program Nick McKeown Professor of Computer Science & Electrical Engineering

2 The Stanford Clean Slate Program http://cleanslate.stanford.edu It doesn't need fixing. It just needs a few upgrades. IPV6 would be a nice place to start These guys are completely on crack …You do not want to have intelligence inside the network, ever… The [network] should be application- unaware, stupid, unreliable, and as simple as possible. Which is the Internet we have today, and it works great, thank you very much. Its just a bunch of tubes, right?

3 The Stanford Clean Slate Program http://cleanslate.stanford.edu Clean Slate Research is… A way of thinking … that is common elsewhere … but difficult when there is legacy

4 The Stanford Clean Slate Program http://cleanslate.stanford.edu Car Engine Policy Car Body Materials Fuel Control SafetyEmissions Fueling Stations Manufacture Rethinking the car Installed base 1900 8,000 1968 170M 2007 700M 1 gallon of gas 22lbs of CO 2

5 The Stanford Clean Slate Program http://cleanslate.stanford.edu Anything to rethink? How come it takes an hour to set up a session? Why can I join someone elses call? Will the quality always be this poor? Can I put a camera on my car and drive around?

6 The Stanford Clean Slate Program http://cleanslate.stanford.edu Economically sustainable Trustworthy: Secure, robust, manageable Mobility by default. Users and data Unthought of links Unthought of applications Performance to blow our socks off

7 The Stanford Clean Slate Program http://cleanslate.stanford.edu Early stakes in the ground Organic growth lead to structure: Lets exploit it Optics is here to stay: Lets exploit it too Flows: They are our friends

8 The Stanford Clean Slate Program http://cleanslate.stanford.edu In parallel 2005: A sea-change in the networking research community –Prompted by NSF –ITRs (including 100x100 Clean Slate Program) –NSF FIND: Funding for architectural ideas –NSF GENI: Creating a platform for experimenting with new architectures, services and technologies 2006-2007: A large community-wide effort –GENI planning process –Programs starting in Europe and Asia 2007 - : GENI Project Office

9 The Stanford Clean Slate Program http://cleanslate.stanford.edu Architectural Blueprint? Bottom-up first, Top-down later Now…Innovation in the small Coverage of areas Four funded so far, adding more

10 The Stanford Clean Slate Program http://cleanslate.stanford.edu Architectural Blueprint? Flagship projects Larger collaborative projects Start to tie research together

11 The Stanford Clean Slate Program http://cleanslate.stanford.edu Architectural Blueprint? Programmable Nationwide Backbone (Lightflow) Local Wireless Platform Flow Theory Security (Ethane) Wireless (Spectrum) Backbone (VLB) Congestion Control (RCP) Top-down blueprint? Too early to decide

12 The Stanford Clean Slate Program http://cleanslate.stanford.edu The Stanford Clean Slate Program Create a breeding ground for new collaborative projects across boundaries Projects that will have significant impact in 10-15 years Exploit Stanfords breadth and depth Work closely with a focused group of committed industrial partners

13 The Stanford Clean Slate Program http://cleanslate.stanford.edu Stanford Clean Slate Program Faculty Directors Nick McKeown Bernd Girod Executive Director Guru Parulkar Affiliate Members Cisco Deutsche Telekom NEC NTT DoCoMo Xilinx + 3 in the works

14 The Stanford Clean Slate Program http://cleanslate.stanford.edu Stanfords Breadth and Depth World-class expertise in: Networking, optical communications, wireless, access networks, theory, economics, security, applications, multimedia, operating systems, hardware and VLSI, system architecture, … Participants from across EE, CS, MS&E, GSB Dan Boneh, David Cheriton, Bill Dally, Abbas El Gamal, Bernd Girod, Ashish Goel, Andrea Goldsmith, Mark Horowitz, Ramesh Johari, Joseph Kahn, Sunil Kumar, David Mazières, Nick McKeown, David Miller, Phil Levis, Balaji Prabhakar, Mendel Rosenblum, Tim Roughgarden.

15 The Stanford Clean Slate Program http://cleanslate.stanford.edu Programmable Nationwide Backbone (Lightflow) Local Wireless Platform Flow Theory Security (Ethane) Wireless (Spectrum) Backbone (VLB) Congestion Control (RCP) Projects Optical technology promises enormous capacity & low-power Professors Leonid Kazovsky & Nick McKeown Goal is to propose new networks to exploit optical switching

16 The Stanford Clean Slate Program http://cleanslate.stanford.edu Programmable Nationwide Backbone (Lightflow) Local Wireless Platform Flow Theory Security (Ethane) Wireless (Spectrum) Backbone (VLB) Congestion Control (RCP) Projects Existing theory lacks details of flow-dynamics and end-to-end semantics Professors Balaji Prabhakar & Amin Saberi Goal is to develop flow-level theoretical models

17 The Stanford Clean Slate Program http://cleanslate.stanford.edu Programmable Nationwide Backbone (Lightflow) Local Wireless Platform Flow Theory Security (Ethane) Wireless (Spectrum) Backbone (VLB) Congestion Control (RCP) Projects Spectrum scarcity is a result of tight, inefficient government control Professors Andrea Goldsmith & Ramesh Johari Goal is to propose new approach to spectrum allocation & protocols

18 The Stanford Clean Slate Program http://cleanslate.stanford.edu Programmable Nationwide Backbone (Lightflow) Local Wireless Platform Flow Theory Security (Ethane) Wireless (Spectrum) Backbone (VLB) Congestion Control (RCP) Projects Professors Boneh, Mazieres, Rosenblum, McKeown Goal is to propose clean slate architectures for secure networks

19 The Stanford Clean Slate Program http://cleanslate.stanford.edu What wed like Principle 1: Manage network using policy over real names Nancy can access Payroll Laptops cant accept incoming connections VoIP phones mustnt move Principle 1: Manage network using policy over real names Nancy can access Payroll Laptops cant accept incoming connections VoIP phones mustnt move Nancy Payroll Principle 2: Policy should dictate the path packets follow CEO traffic should not pass through engineering Guest flows must pass through http proxy Laptop flows must pass through IDS Principle 2: Policy should dictate the path packets follow CEO traffic should not pass through engineering Guest flows must pass through http proxy Laptop flows must pass through IDS Principle 3: The origin of packets should be known Principle 4: Network should log all connectivity For diagnostics and auditing Principle 4: Network should log all connectivity For diagnostics and auditing

20 The Stanford Clean Slate Program http://cleanslate.stanford.edu dhcp Today Principle 1: Manage network using policy over real names Nancy can access Payroll Laptops cant accept incoming connections VoIP phones mustnt move Principle 1: Manage network using policy over real names Nancy can access Payroll Laptops cant accept incoming connections VoIP phones mustnt move Nancy Payroll Host: b IP: j MAC: n Host: a IP: i MAC: m dns learning spanning tree ospf Everyone who is not Nancy cannot access payroll Q: How to identify them? Q: Where do their packets flow? Today ACL: Jims IP, payroll ACL: Jens IP, payroll Jen

21 The Stanford Clean Slate Program http://cleanslate.stanford.edu Problems Bindings between users, hosts and addresses keep changing, are not authenticated and are chosen elsewhere. Route is picked elsewhere and is unknown to the manager. And changes. New entities require many more filters. Change of entity locations requires updating of filters. Easy to circumvent, hard to diagnose. Nancy Host: b IP: j MAC: n dns dhcp Dynamic bindings Allocated elsewhere Not authenticated Easily spoofed

22 The Stanford Clean Slate Program http://cleanslate.stanford.edu Ethane: Design choices Centralized management Policy language governs network All communication requires permission Secure and track all bindings

23 The Stanford Clean Slate Program http://cleanslate.stanford.edu dhcp Ethane: Taking Control Nancy Payroll Host: b IP: j MAC: n Host: a IP: i MAC: m dns Nancy can access Payroll Laptops cant accept incoming connections VoIP phones mustnt move CEO traffic should not pass through engineering Guest flows must pass through http proxy Laptop flows must pass through IDS Nancy can access Payroll Laptops cant accept incoming connections VoIP phones mustnt move CEO traffic should not pass through engineering Guest flows must pass through http proxy Laptop flows must pass through IDS learning spanning tree ospf controller

24 The Stanford Clean Slate Program http://cleanslate.stanford.edu Waypoints Payroll Nancy can access Payroll Laptops cant accept incoming connections VoIP phones mustnt move CEO traffic should not pass through engineering Guest flows must pass through http proxy Flows to Payroll must pass through IDS Nancy can access Payroll Laptops cant accept incoming connections VoIP phones mustnt move CEO traffic should not pass through engineering Guest flows must pass through http proxy Flows to Payroll must pass through IDS controller Nancy

25 The Stanford Clean Slate Program http://cleanslate.stanford.edu Ethane: Manageability Fine-grain control of each flow Can isolate users, groups, hosts Can specify waypoints Can require different forms of authentication for different access points (e.g. stronger for wireless than wired)

26 The Stanford Clean Slate Program http://cleanslate.stanford.edu Ethane: Many questions Central controller –Performance & Scalability –Robustness How to make it easy to use for manager… …and transparent to user.

27 The Stanford Clean Slate Program http://cleanslate.stanford.edu Our deployment 300+ hosts at Stanford: Servers, laptops, desktops, phones. 19 switches –Hardware, software, wireless Policy: 132 rules to replicate policy

28 The Stanford Clean Slate Program http://cleanslate.stanford.edu Lessons so far… Controller handles >10,000 flows/second Maybe enough for whole of campus Multiple ways to handle redundancy –Cold-standby, hot-standby, stateless, stateful Transparent to users (even remotely at home!) Diagnostics –Control who can perform diagnostics and see traffic –Journal all bindings: Can tell who sent a packet when.

29 Flagship Projects #1: Build our own small private programmable backbone

30 The Stanford Clean Slate Program http://cleanslate.stanford.edu Routing Control & Mgmt Routing Control & Mgmt Hardware Datapath Hardware Datapath Open Source Router Kit Software: Linux/XORP (ICSI) Hardware: NetFPGA (Stanford) Program in Verilog Industry-standard design flow Contains embedded CPUs NetFPGA is a PCI card NetFPGA is a Programmable 4 x 1GE switch or any packet processor ~$500 for kit Available June 2007 For classroom & research Used in CS344/EE384D Build an Internet Router and EE109

31 The Stanford Clean Slate Program http://cleanslate.stanford.edu Architectural Blueprint? Programmable Nationwide Backbone (Lightflow) Local Wireless Platform Flow Theory Security (Ethane) Wireless (Spectrum) Backbone (VLB) Congestion Control (RCP) How would you like to take part?

32 The Stanford Clean Slate Program http://cleanslate.stanford.edu Agenda 09:00 - 09:45 Nick McKeown Introduction Nick McKeown Introduction 09:45 - 10:30 Jonathan Turner, WUSTL An Architecture for a Diversified Internet Jonathan Turner, WUSTL An Architecture for a Diversified Internet 10:30 - 11:00 Break 11:00 - 11:30 Bernd Girod Clean Slate Design for Internet Video Delivery Bernd Girod Clean Slate Design for Internet Video Delivery 11:30 - 12:00 Balaji Prabhakar 21st Century Queuing Theory, and Internet Address Allocation Balaji Prabhakar 21st Century Queuing Theory, and Internet Address Allocation 12:00 – 13:30 Lunch with Poster Session 13:30 - 14:00 William B. Norton, Equinix Video Internet: The Next Wave of Massive Disruption to the U.S. Peering Ecosystem William B. Norton, Equinix Video Internet: The Next Wave of Massive Disruption to the U.S. Peering Ecosystem 14:00 - 14:30 Dan Boneh A Clean Slate Approach to Web Technology Dan Boneh A Clean Slate Approach to Web Technology 14:30 - 15:00 John Mitchell Security Analysis of Network Protocols John Mitchell Security Analysis of Network Protocols 15:00 - 16:00 PANEL (Moderated by Balaji Prabhakar) It's Not Just About the Plumbing It's Not Just About the Plumbing

Download ppt "The Stanford Clean Slate Program Nick McKeown Professor of Computer Science & Electrical Engineering."

Similar presentations

1 © 2001, Cisco Systems, Inc. Updated_03-09-01 Mobile IP Lessons Learned The early years.

1 © 2001, Cisco Systems, Inc. Updated_ Mobile IP Lessons Learned The early years.
Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.

Polycom Unified Collaboration for IBM Lotus Sametime and IBM Lotus Notes January 2010.
EE384y: Packet Switch Architectures

EE384y: Packet Switch Architectures
Computer Networks TCP/IP Protocol Suite.

Computer Networks TCP/IP Protocol Suite.
www.dynamicsoft.com Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP for IP Communications Jonathan Rosenberg Chief Scientist.
INDIANAUNIVERSITYINDIANAUNIVERSITY GENI Global Environment for Network Innovation James Williams Director – International Networking Director – Operational.

INDIANAUNIVERSITYINDIANAUNIVERSITY GENI Global Environment for Network Innovation James Williams Director – International Networking Director – Operational.
June 2007NSF Find Forensics and Attribution in Ethane Martin Casado Stanford University With: Michael Freedman, Justin Pettit, Jianying Luo, Natasha Gude,

June 2007NSF Find Forensics and Attribution in Ethane Martin Casado Stanford University With: Michael Freedman, Justin Pettit, Jianying Luo, Natasha Gude,
1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.

1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.
1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.
Multihoming and Multi-path Routing

Multihoming and Multi-path Routing
NORDUnet: 30.09.2000Hannu H. Kari/HUT/CS/TMLPage 1/22 Mobility in the Wireless and Wired World Hannu H. KARI Helsinki University of Technology (HUT) professor/TML-laboratory/CS/HUT.

NORDUnet: Hannu H. Kari/HUT/CS/TMLPage 1/22 Mobility in the Wireless and Wired World Hannu H. KARI Helsinki University of Technology (HUT) professor/TML-laboratory/CS/HUT.
1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.

1 Resonance: Dynamic Access Control in Enterprise Networks Ankur Nayak, Alex Reimers, Nick Feamster, Russ Clark School of Computer Science Georgia Institute.
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Welcome to CCY2. Communicating the Vision Engage key educational audiences School board Business manager/administration Staff Community - Parents Students.

Welcome to CCY2. Communicating the Vision Engage key educational audiences School board Business manager/administration Staff Community - Parents Students.
NETWORK TRANSFORMATION THROUGH VIRTUALIZATION

NETWORK TRANSFORMATION THROUGH VIRTUALIZATION
| Copyright © 2009 Juniper Networks, Inc. | www.juniper.net 1 WX Client Rajoo Nagar PLM, WABU.

| Copyright © 2009 Juniper Networks, Inc. | 1 WX Client Rajoo Nagar PLM, WABU.
Jennifer Rexford Princeton University MW 11:00am-12:20pm Logically-Centralized Control COS 597E: Software Defined Networking.

Jennifer Rexford Princeton University MW 11:00am-12:20pm Logically-Centralized Control COS 597E: Software Defined Networking.
Network Systems Sales LLC

Network Systems Sales LLC
Chapter 1: Introduction to Scaling Networks

Chapter 1: Introduction to Scaling Networks
Christophe Jelger – CS221 Network and Security - Universität Basel - 20051 Christophe Jelger Post-doctoral researcher IP Multicasting.

Christophe Jelger – CS221 Network and Security - Universität Basel Christophe Jelger Post-doctoral researcher IP Multicasting.

Similar presentations

Ads by Google