Languages for Software-Defined Networks 2017.11.24 Speaker:Chao-Yu Wang Advisor:Ke, Kai-Wei
Outline SDN introduction Frenetic project Introduction Querying Network State Composing Network Policies Consistent Updates
SDN introduction SDN suggests to centralize network intelligence in one network component by disassociating the forwarding process of network packets (Data Plane) from the routing process (Control plane).
SDN introduction (Cont’d)
Frenetic project Introduction Querying Network State Composing Network Policies Consistent Updates
Introduction Programming is still difficult on controller Modularize the network function is difficult Frenetic decide to raise the level of abstraction for programming SDN
Querying Network State Properties of Frenetic Queries Example Frenetic Queries
Properties of Frenetic Queries To tally all web server traffic excluding the host with IP source address “1.2.3.4” We need to use two rules: A high-priority rule matching packets from 1.2.3.4 with TCP source port 80 A lower-priority matching remaining traffic with TCP source port 80 Predicate like “srcip!= 1.2.3.4 & srcport=80” Frenetic query syntax: Select(), Limit(), Every(), etc.
Example Frenetic Queries
Composing Network Policies Creating Modular Programs Efficient Runtime System
Creating Modular Programs
Creating Modular Programs (Cont’d) def repeater_monitor(switch): pat1 = {in_port:1} pat2web = {in_port:2, tp_src:80} pat2 = {in_port:2} install(switch, pat1, DEFAULT, None, [output(2)] ) install(switch, pat2web, HIGH, None, [output(1)] ) install(switch, pat2, DEFAULT, None, [output(2)] ) query_stats(s, pat2web)
Creating Modular Programs(Cont’d)
Efficient Runtime System
Efficient Runtime System (Cont’d) Several situation it cannot proactively generate all the rules it needs to implement a policy For example, decide to match all destination IP 90.*.70.60 address Most of OpenFlow switches don’t support arbitrary wildcards Solved by overapproximation
Consistent Updates Per-Packet Consistent Updates Per-Flow Consistency
Consistent Updates Programs often need to transition from one policy to another E.g., topology changes, application behavior, unexpected failures To avoid anomalies, every transition must be implemented gracefully Per-packet consistent updates, Per-flow consistency
Per-Packet Consistent Updates Guarantees that every packet flowing through the network is processed with exactly one forwarding policy Two-phase update Stamp packets at the ingress and test for the next version number elsewhere Install the rules for internal ports, leaving the rule for the old configuration in place (packets will be processed depending on the version number) The controller starts updating the rules for ports at network ingress, and stamp incoming packets with the new version number
Per-Flow Consistency Ensures that streams of related packets are processed with the same policy Combining versioning with rule timeouts Per-install the new configuration on internal switches Leaving the old version in place The controller sets soft timeouts on the rules for the old configuration and installs the new configuration at lower priority
Reference Nate Foster, Michael J. Freedman, Arjun Guha, Rob Harrison, Naga Praveen Katta, Christopher Monsanto, Joshua Reich, Mark Reitblatt, Jennifer Rexford, Cole Schlesinger, Alec Story, and David Walker. Languages for software-defined networks. IEEE Communications Magazine, 51(2):128--134, 2013. Nate Foster, Rob Harrison, Michael J. Freedman, Christopher Monsanto, Jennifer Rexford, Alec Story, and David Walker.Frenetic: A Network Programming Language. In ACM SIGPLAN International Conference on Functional Programming (ICFP), Tokyo, Japan, September 2011.