Ranges & Cross-Entrance Consistency with OpenFlow Liron Schiff (TAU) Joint work with Yehuda Afek (TAU) Anat Bremler-Barr (IDC) Israel Networking Day 2014.

Slides:



Advertisements
Similar presentations
Liron Schiff * (TAU) Joint work with Yehuda Afek, Anat Bremler-Barr (TAU) (IDC) Recursive Design of Hardware Priority Queues Supported by European Research.
Advertisements

SDN Applications Jennifer Rexford Princeton University.
VCRIB: Virtual Cloud Rule Information Base Masoud Moshref, Minlan Yu, Abhishek Sharma, Ramesh Govindan HotCloud 2012.
Composing Software Defined Networks
OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.
Cisco S3 C5 Routing Protocols. Network Design Characteristics Reliable – provides mechanisms for error detection and correction Connectivity – incorporate.
Incremental Consistent Updates Naga Praveen Katta Jennifer Rexford, David Walker Princeton University.
OpenFlow : Enabling Innovation in Campus Networks SIGCOMM 2008 Nick McKeown, Tom Anderson, et el. Stanford University California, USA Presented.
OpenFlow-Based Server Load Balancing GoneWild
Flowspace revisited OpenFlow Basics Flow Table Entries Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
Page: 1 Director 1.0 TECHNION Department of Computer Science The Computer Communication Lab (236340) Summer 2002 Submitted by: David Schwartz Idan Zak.
Design and Implementation of a Server Director Project for the LCCN Lab at the Technion.
Jaehoon (Paul) Jeong, Hyoungshick Kim, and Jung-Soo Park
Languages for Software-Defined Networks Nate Foster, Arjun Guha, Mark Reitblatt, and Alec Story, Cornell University Michael J. Freedman, Naga Praveen Katta,
OpenFlow Switch Limitations. Background: Current Applications Traffic Engineering application (performance) – Fine grained rules and short time scales.
ECCP A Formally-Verified Migration Protocol For Mobile, Multi-Homed Hosts Matvey Arye Joint work with: Erik Nordström, Robert Kiefer Jennifer Rexford, Michael.
Networking Components
Workshop on Software Defined Networks Spring 2014.
Composing Software Defined Networks Jennifer Rexford Princeton University With Joshua Reich, Chris Monsanto, Nate Foster, and.
OpenFlow-Based Server Load Balancing GoneWild Author : Richard Wang, Dana Butnariu, Jennifer Rexford Publisher : Hot-ICE'11 Proceedings of the 11th USENIX.
OpenFlow: Enabling Technology Transfer to Networking Industry Nikhil Handigol Nikhil Handigol Cisco Nerd.
Frenetic: A Programming Language for Software Defined Networks Jennifer Rexford Princeton University Joint work with Nate.
Software-Defined Networks Jennifer Rexford Princeton University.
NECP: the Network Element Control Protocol IETF WREC Working Group November 11, 1999.
PA3: Router Junxian (Jim) Huang EECS 489 W11 /
Common Devices Used In Computer Networks
Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.
Formal Modeling of an Openflow Switch using Alloy Natali Ruchansky and Davide Proserpio.
OpenFlow: Enabling Innovation in Campus Networks
Access Control List ACL. Access Control List ACL.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Sungkyunkwan University (SKKU) Security Lab. A Framework for Security Services based on Software-Defined Networking Jaehoon (Paul) Jeong 1, Jihyeok Seo.
Othman Othman M.M., Koji Okamura Kyushu University 1.
INTERNATIONAL NETWORKS At Indiana University Hans Addleman TransPAC Engineer, International Networks University Information Technology Services Indiana.
Access Control List (ACL)
ORange: Multi Field OpenFlow based Range Classifier Liron Schiff Tel Aviv University Yehuda Afek Tel Aviv University Anat Bremler-Barr Inter Disciplinary.
Copyright 2013 Open Networking User Group. All Rights Reserved Confidential Not For Distribution Programming Abstractions for Software-Defined Networks.
Wire Speed Packet Classification Without TCAMs ACM SIGMETRICS 2007 Qunfeng Dong (University of Wisconsin-Madison) Suman Banerjee (University of Wisconsin-Madison)
NETWORK COMPONENTS Assignment #3. Hub A hub is used in a wired network to connect Ethernet cables from a number of devices together. The hub allows each.
OpenFlow:Enabling Innovation in Campus Network
Extending SDN to Handle Dynamic Middlebox Actions via FlowTags (Full version to appear in NSDI’14) Seyed K. Fayazbakhsh, Luis Chiang, Vyas Sekar, Minlan.
Othman Othman M.M., Koji Okamura Kyushu University 1.
Jennifer Rexford Princeton University MW 11:00am-12:20pm Measurement COS 597E: Software Defined Networking.
Programming Languages for Software Defined Networks Jennifer Rexford and David Walker Princeton University Joint work with the.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Connecting Devices CORPORATE INSTITUTE OF SCIENCE & TECHNOLOGY, BHOPAL Department of Electronics and.
High-Level Abstractions for Programming Software Defined Networks Joint with Nate Foster, David Walker, Arjun Guha, Rob Harrison, Chris Monsanto, Joshua.
CellSDN: Software-Defined Cellular Core networks Xin Jin Princeton University Joint work with Li Erran Li, Laurent Vanbever, and Jennifer Rexford.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 VLAN Trunking Protocol Cisco Networking Academy.
SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS April 23, 2012 © Brocade Communications Systems, Inc.
1 © NOKIA FILENAMs.PPT/ DATE / NN Requirements for Firewall Configuration Protocol March 10 th, 2005 Gabor Bajko Franck Le Michael Paddon Trevor Plestid.
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Programming Languages COS 597E: Software Defined Networking.
SPEAKER: MUHAMMAD REZA ZULMAN DATE: NOVEMBER 17, 2014 OPENFLOW SPECIFICATION.
POSITION PAPER Reactive Logic in Software-Defined Networking: Accounting for the Limitations of the Switches Roberto Bifulco, Maurizio Dusi
IEEE ICC ‘16 Dynamic M2M Device Attachment and Redirection in Virtual Home Gateway Environments Apostolos Papageorgiou, NEC Labs Europe Roberto Bifulco,
Gijeong Kim ,Junho Kim ,Sungwon Lee Kyunghee University
The DPIaaS Controller Prototype
Network Anti-Spoofing with SDN Data plane Authors:Yehuda Afek et al.
Load Balancing Memcached Traffic Using SDN
SDN Overview for UCAR IT meeting 19-March-2014
Be Fast, Cheap and in Control
Software Defined Networking
Enabling Innovation Inside the Network
ClosedFlow: OpenFlow-like Control over Proprietary Devices
Languages for Software-Defined Networks
Programmable Networks
Chapter 5 Network Layer: The Control Plane
Intrusion Detection Systems
Chapter 4: outline 4.1 Overview of Network layer data plane
Presentation transcript:

Ranges & Cross-Entrance Consistency with OpenFlow Liron Schiff (TAU) Joint work with Yehuda Afek (TAU) Anat Bremler-Barr (IDC) Israel Networking Day 2014

Issue 1: Ranges ActionEndStart Server r Server r Server r Drop ……………….. Source IP Address replicas Internet … Firewalls Load Balancers DDoS mitigation Forwarding …….

Issue 2: Cross-Entrance Consistency replicas … client’s IPs Internet SDN Network

Contributions Ranges: Efficient implementation w/ OpenFlow – 2 entries per range; total, 2n vs. Previously n∙w table entries (n number of intervals, w field size, usually 16 or 32) Consistent & Atomic ranges update – Per packet, and per flow consistency Cross entrance consistency (with ranges)

Ranges Current Solution: Expansion ActionEndStart Server A Server B ActionPattern Server A [00111***] Server A [*1******] Server A [10******] Server A 125. [ ].*.* Server A 125. [000111**].*.* Server A 125. [001000**].*.* Server A 125.[ ].*.* Server A 125.[ ] Server B 125.[ ]. 255.* Server A 125.[ ]. *.* Server B 125.[001*****].*.* Server B *.* Server B [00******].* Server B [010*****].* Server B [011000**].* Server B [0010****] Server B [ ] Server B [ ] 2w – 4 entries per range

Current Solution: Range Update Change affects several entries Need atomicity (while traffic passes thru) Packet buffering, or duplicating and switching tables ActionPattern Server A [00111***] Server A [*1******] Server A [10******] Server A 125. [ ].*.* Server A 125. [000111**].*.* Server A 125. [001000**].*.* Server A 125.[ ].*.* Server A 125.[ ] Server B 125.[ ]. 255.* Server A 125.[ ]. *.* Server B 125. [001*****].*.* Server B *.* Server B [00******].* Server B [010*****].* Server B [011000**].* Server B [0010****] Server B [ ] Server B [ ] ActionEndStart Server A Server B Flow table ActionPattern Server A 125.[ ] Server B 125.[ ]. 255.* Server A 125.[ ]. *.*

Our Ranges Implementation 2 entries per range Atomic (create, delete, split, merge) with O(1) control message complexity. merge split

[Panigrahy&Sharma2003] TCAM range implementation TCAM Query Compare

Adapting [PS2003] to OpenFlow Even Comparisons are Flow-Table based! Flow Table Query Flow Table Query Compare Flow Table based comparisons

OpenFlow based Comparison patterns 0*******1******* 0******* *0*******1****** *0****** ******** Result m>q m<q m>q m<q m=q qm Packet header

Issue 2: Cross Entrance Consistency

Per-Flow Consistency [Reitblatt, Foster, Rexford, Schlesinger, Walker 2012] Internet replicas client’s IPs …

Internet replicas client’s IPs Change in weights  Change in ranges … ActionEndStart Server Server But existing flow shouldn’t change Per-Flow Consistency [Wang, Butnariu, Rexford, 2011]

Per-Flow Consistency solution [Wang et.al.] Internet replicas client’s IPs … Controller ActionEndStart Server Server Send flows in affected sub range to controller

Internet replicas client’s IPs … Controller ActionEndStart Server Server Server Add specific rules for existing flows Per-Flow Consistency solution [Wang et.al.]

Internet replicas client’s IPs … Richer OpenFlow interface (e.g. DevoFlow) can solve this locally in the switch and save control communication. Richer OpenFlow interface (e.g. DevoFlow) can solve this locally in the switch and save control communication. Controller DevoFlow Per-Flow Consistency solution [Wang et.al.]

DevoFlow Src IPDst IPAction *.*.*Forward port 3 Src IPDst IPAction Devo Rules Standard Rules Src IPDst IP Packet Forward port 3 [Mogul, Tourrilhes, Yalagandula, Sharma, Curtis, Banerjee 2010]

DevoFlow Src IPDst IPAction *.*.*Forward port 5 Src IPDst IPAction Forward port 3 Devo Rules Standard Rules Src IPDst IP Packet Forward port 5

Internet replicas client’s IPs … Richer OpenFlow interface (e.g. DevoFlow) can solve this locally in the switch and save control communication. Richer OpenFlow interface (e.g. DevoFlow) can solve this locally in the switch and save control communication. Controller DevoFlow Per-Flow Consistency solution [Wang et.al.]

Cross-Entrance Consistency replicas … client’s IPs Internet X Controller SDN Network Local solution is not possible We must sync between entrances Local solution is not possible We must sync between entrances

Implementing Cross-Entrance Consistency replicas … client’s IPs Internet Controller DevoFlow + SYN match DevoFlow + SYN match Richer OpenFlow interface (e.g. DevoFlow and SYN matching) can reduce control communication. DevoFlow + SYN match DevoFlow + SYN match

Consistency Costs Consistency model Special features Control trafficFlow delay and buffering Per flow NoHigh Devoflow None Cross entrance NoHigh Devoflow Low: O(flows*entrances) Low (only SYNs)

summary Efficient Ranges implementation Multi-entrance consistency

Questions ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.