Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reasoning about Software Defined Networks Mooly Sagiv 03-640-7606 Tel Aviv University Thursday 16-18 (Physics 105) Monday 14-16 Schrieber.

Published byHugh Casey Modified over 8 years ago

Similar presentations

Presentation on theme: "Reasoning about Software Defined Networks Mooly Sagiv 03-640-7606 Tel Aviv University Thursday 16-18 (Physics 105) Monday 14-16 Schrieber."— Presentation transcript:

1 Reasoning about Software Defined Networks Mooly Sagiv msagiv@acm.org 03-640-7606 Tel Aviv University Thursday 16-18 (Physics 105) Monday 14-16 Schrieber 317 Adviser: Michael Shapira Hebrew University http://www.cs.tau.ac.il/~msagiv/courses/rsdn.html

2 Content Challenges in SDNs Programming Language Abstractions Programming Language Principles Program Language Tools Other useful tools Beyond SDNs

3 Challenges in SDN Programming complexity Modularity Composing operations Handling Updates Reliability Performance Testing Productivity Non-expert programmers

4 How hard is it to program networks Routers with 20+ million lines of code Cascading failures, vulnerabilities, etc Low level programming No abstractions – Virtual memory – Operating Systems – Resource Allocations – Libraries – Types

5 Modularity: Simple Repeater def repeater(switch): # Repeat Port 1 to Port 2 pat1 = {in_port:1} act1 = [forward(2)] install(switch, pat1, DEFAULT, act1) # Repeat Port 2 to Port 1 pat2 = {in_port:2} act2 = [forward(1)] install(switch, pat2, DEFAULT, act2) def repeater(switch): # Repeat Port 1 to Port 2 pat1 = {in_port:1} act1 = [forward(2)] install(switch, pat1, DEFAULT, act1) # Repeat Port 2 to Port 1 pat2 = {in_port:2} act2 = [forward(1)] install(switch, pat2, DEFAULT, act2) Simple Repeater 12 Controller When a switch joins the network, install two forwarding rules.

6 Composition: Web Traffic Monitor def web_monitor(switch)): # Web traffic from Internet pat = {inport:2,tp_src:80} install(switch, pat, DEFAULT, []) query_stats(switch, pat) def stats_in(switch, pat, bytes, …) print bytes sleep(30) query_stats(switch, pat) def web_monitor(switch)): # Web traffic from Internet pat = {inport:2,tp_src:80} install(switch, pat, DEFAULT, []) query_stats(switch, pat) def stats_in(switch, pat, bytes, …) print bytes sleep(30) query_stats(switch, pat) Monitor Web (“port 80”) traffic 12 Web traffic When a switch joins the network, install one monitoring rule.

7 Composition: Repeater + Monitor def switch_join(switch): pat1 = {inport:1} pat2 = {inport:2} pat2web = {in_port:2, tp_src:80} install(switch, pat1, DEFAULT, None, [forward(2)]) install(switch, pat2web, HIGH, None, [forward(1)]) install(switch, pat2, DEFAULT, None, [forward(1)]) query_stats(switch, pat2web) def stats_in(switch, xid, pattern, packets, bytes): print bytes sleep(30) query_stats(switch, pattern) def switch_join(switch): pat1 = {inport:1} pat2 = {inport:2} pat2web = {in_port:2, tp_src:80} install(switch, pat1, DEFAULT, None, [forward(2)]) install(switch, pat2web, HIGH, None, [forward(1)]) install(switch, pat2, DEFAULT, None, [forward(1)]) query_stats(switch, pat2web) def stats_in(switch, xid, pattern, packets, bytes): print bytes sleep(30) query_stats(switch, pattern) Repeater + Monitor Must think about both tasks at the same time.

8 Concurrency: Switch-Controller Delays Common programming idiom – First packet goes to the controller – Controller installs rules 8 packets

9 Concurrency: Switch-Controller Delays More packets arrive before rules installed? – Multiple packets reach the controller packets

10 Concurrency: Switch-Controller Delays Rules along a path installed out of order? – Packets reach a switch before the rules do Must think about all possible packet and event orderings. packets

11 Debugging is hard[Kazemian’NSDI’13] Distributed switch tables Varied delays Cascading effects on switch tables Multiple protocols Human interaction …

12 SDN Performance Given an SDN controller code Estimate the cost of routing per packet – Length of the path – Weight of the path – Number of controller interventions

13 Programming Language Abstractions Hide the implementation Interpreter/Compiler guarantees performance Benefits – Portability – Ease of use – Reliability – Compositionality – Productivity

14 Language Abstractions Procedures Abstract data types Objects Resources – Memory management – Garbage collection Control abstractions – Exceptions – Iterators – Tree Pattern Matching – Higher order functions – Continuation – Lazy evaluation – Monads Libraries Domain specific languages Declarative programming

15 Programming Language Principles Rigorously define the meaning of programs Supports abstraction Prove compiler correctness Prove that two SDN programs are observationally equivalent – The same packet transmissions

16 A Simple Example Numeric Expressions – ::= + | * | number The semantic of expressions is a number E  :  int Inductively defined – E  n  = n – E  e 1 + e 2  = E  e 1  + E  e 2  – E  e 1 * e 2  = E  e 1  * E  e 2  Compositional Fully abstract e 1  e 2 iff E  e 1  = E  e 2  5 + 6  7 + 3 + 1

17 A Simple Example + Var Numeric Expressions – ::= + | * | number | id Need to introduce states Var  Int Examples – [x  2, y  3] x = – [x  2, y  3] z = 2 – [x  2, y  3][z  5] = [x  2, y  3,z  5] – [x  2, y  3][x  5] = [x  5, y  3] – [x  2, y  3][x  5]x = 5 – [x  2, y  3][x  5]y = 2

18 A Simple Example + Var Numeric Expressions – ::= + | * | number | id The semantic of expressions is a function from states to numbers E  : exp  (Var  Int)  Int Inductively defined – E  n   = n – E  e 1 + e 2   = E  e 1   + E  e 2   – E  e 1 * e 2   = E  e 1   * E  e 2   – E  id   =  id – E  x+2  [x  5] = E  x  [x  5] + E  2  [x  5] = [x  5]x + 2 = 5 + 2 =7 – x + x  2 * x

19 Benefits of formal semantics Can be done for arbitrary languages Automatically generate interpreters Rational language design Formal proofs of language properties – Observational equivalence – Type safety Correctness of tools – Interpreter – Compiler – Static Analyzer – Model Checker

20 A Simple Controller Language No packet changes No priorities No statistics Simple updates – Per-flow installation

21 A Simple Controller Language ::= * ::= rel ( *) // auxiliary relations ::= packetIn (sid, pid, )  * ::= port(int) ::= send( ) | install (sid, pid,, ) // update flow table | id.insert( *) // update auxiliary relations | if rid( *) then * else * | if rid( *) then * | ; ::= |none // drop the package ::= id | id (exp) |

22 Learning Switch with 3 ports rel connected (Sw, Pr, Ho) PacketIn(s, p, port(1)) -> connected.insert (s, port(1), p.src) if connected(s, port(2), p.dst) then { send (s, p, port(2)) install(s, p, port(1), port(2)) } else if connected(s, port(3), p.dst) then { send (port(3)) install(s, p, port(1), port(3)) } else { // flood send (port(2)) send (port(3)) } PacketIn(s, p, port(2)) -> … PacketIn(s, p, port(3)) -> …

23 The semantics of the controller What is the meaning of package sent by a given host? – A set of paths Example: Learning Switch a   1 2 3 

24 The semantics of the controller What is the meaning of package sent by a given host? – A set of paths Dynamically changed – Even for fixed topology Unbounded length But can it be defined?

25 The State of a switch The switch table is a relation on ports FT = Sw  P(Pk  Pr  Pr  {none}) Updated by the controller Actual nodes depend on the topology graph input portoutput port

26 The Semantics of Expressions ::= id | id (exp) | Val = Int  Pr  {P(T  t 1   … T  t k  | t 1, …, t k are valid types} Controller State  such that  : Var  Val E  id   =  id E  id (e)   = F  id  (E  e   ) E  port(n)   = n

27 The Meaning of Commands ::= send( ) | install (, ) | id.insert( *) | if RID( *) then * else * | if RID( *) then * | ; ::= |none C  :  (Sw  Pk  Pr)  (   FT)  (   FT  P(Pr  {none}) event input-stateoutput

28 Atomic Commands C  send(pr)   sw, pk, ip  , ft  = , ft, {E  pr  }  C  install(s, p, pr in,pr out )   sw, pk, ip  , ft  =  , ft  {  pk, E  pr in , E  pr out   },   C  r.insert(e)   sw, pk, ip  , ft  =   [ r   r  {  E  e   } ], ft,  

29 Conditional Commands C  if r(e) then c 1 else c 2  ev , ft  = C  c 1  ev , ft  C  c 2  ev , ft  If  E  e     r If  E  e     r

30 Sequential Composition C  c 1 ; c 2  ev , ft  = let  ’, ft’, prs 1  = C  c 1  ev , ft   ”, ft”, prs 2  = C  c 2  ev  ’, ft’  in  ”, ft”, prs 1  prs 2 

31 Semantics of Events G  :  (Sw  Pk  Pr)  P((   FT)  (   FT  P(Pr  {none})) G  packetIn(s, p, i)  c   sw, pk, ip  = R where , ft  R  ’, ft’, ports  iff ip = E  i   (  op : Pr.  pk, ip, op   ft)  C  c   sw, pk, ip   [s  sw, p  pk], ft  =  ’, ft’, sp 

32 System State Comprises of: – Single state of the controller – Flow-table for each switch FTS = Sw  FT

33 Packet Histories Packets can influence the routing of other packets Histories can be seen as sequences of packet transmissions HST= ( SW  PR  PK  (PR  {none}) ) *

34 Small-step semantics (Controller)  ctrl : (   FTS  HST)  (   FTS  HST) , fts, h   ctrl  ’, fts’, h’  iff  sw : Sw, pk : Pk, ip : Pr, sp : P(Pr), ft’ : FT. , fts sw  ( G  evnt   sw, pk, ip  )  ’, ft’, sp   fts’ = fts[sw  ft’]  h’ = h   sw, ip, pk, j  j  sp or (sp =  and j=none)

35 Small-step Semantics (Switch)  sw : (   FTS  HST)  (   FTS  HST) , fts, h   sw  ’, fts’, h’  iff  =  ’  fts=fts’   sw : Sw, pk : Pk, ip : Pr, op : Pr  {none}.  pk, ip, op   fts sw  h’ = h   sw, ip, pk, op 

36 Executions Combined step semantics: –  =  ctrl   sw A sequence of event processing steps has the from – a 1  a 2  …  a n

37 Feasible Histories Given a topology graph G over V = Ho  (Sw  Pr) A history h is feasible iff for any packet pk  Pk, any two consecutive entries for p in h: –  sw 1, ip 1, pk, op 1  and  sw 2, ip 2, pk, op 2  – there exists an edge between  sw 1, op 1  and  sw 2, ip 2 

38 InPktOut Example a   1 2 3 Port inPacketPort out PortHost connected =

39 InPktOut Example a   1 2 3  Port inPacketPort out 21 23  PortHost 2  connected =

40 InPktOut 3  2 Example a   1 2 3  Port inPacketPort out 21 23 32   PortHost 2  3  connected =

41 InPktOut 3  2 Example a   1 2 3  Port inPacketPort out 21 23 32 32   PortHost 2  3  connected =

42 Useful Programming Language Tools Interpreter Compiler Parser Type Checker Static Program Analysis Verification Tool Dynamic Program Analysis – Model checker

43 Interesting Network Properties PropertyMeaning ConnectivityEvery packet eventually reaches its destination No forwarding loops No black holes No dropping Access controlNo paths between certain hosts of certain packets

Download ppt "Reasoning about Software Defined Networks Mooly Sagiv 03-640-7606 Tel Aviv University Thursday 16-18 (Physics 105) Monday 14-16 Schrieber."

Similar presentations

SDN Applications Jennifer Rexford Princeton University.

SDN Applications Jennifer Rexford Princeton University.
Frenetic: A High-Level Language for OpenFlow Networks Nate Foster, Rob Harrison, Matthew L. Meola, Michael J. Freedman, Jennifer Rexford, David Walker.

Frenetic: A High-Level Language for OpenFlow Networks Nate Foster, Rob Harrison, Matthew L. Meola, Michael J. Freedman, Jennifer Rexford, David Walker.
1 Chapter 22 Network layer Delivery, Forwarding and Routing.

1 Chapter 22 Network layer Delivery, Forwarding and Routing.
Composing Software-Defined Networks Princeton*Cornell^ Chris Monsanto*, Joshua Reich* Nate Foster^, Jen Rexford*, David Walker* www.frenetic-lang.org/pyretic.

Composing Software-Defined Networks Princeton*Cornell^ Chris Monsanto*, Joshua Reich* Nate Foster^, Jen Rexford*, David Walker*
Connecting LANs: Section 15.1. 15.2 Figure 15.1 Five categories of connecting devices.

Connecting LANs: Section Figure 15.1 Five categories of connecting devices.
1 Semester 2 Module 4 Learning about Other Devices Yuda college of business James Chen

1 Semester 2 Module 4 Learning about Other Devices Yuda college of business James Chen
VeriCon: Towards Verifying Controller Programs in SDNs (PLDI 2014) Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly.

VeriCon: Towards Verifying Controller Programs in SDNs (PLDI 2014) Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly.
Towards a Logic for Wide-Area Internet Routing Nick Feamster and Hari Balakrishnan M.I.T. Computer Science and Artificial Intelligence Laboratory Kunal.

Towards a Logic for Wide-Area Internet Routing Nick Feamster and Hari Balakrishnan M.I.T. Computer Science and Artificial Intelligence Laboratory Kunal.
Internetworking Different networks –Different bit rates –Frame lengths –Protocols.

Internetworking Different networks –Different bit rates –Frame lengths –Protocols.
1 Operational Semantics Mooly Sagiv Tel Aviv University 640-6706 Textbook: Semantics with Applications.

1 Operational Semantics Mooly Sagiv Tel Aviv University Textbook: Semantics with Applications.
David Walker Princeton University Joint work with Nate Foster, Michael J. Freedman, Rob Harrison, Christopher Monsanto, Mark Reitblatt, Jennifer Rexford,

David Walker Princeton University Joint work with Nate Foster, Michael J. Freedman, Rob Harrison, Christopher Monsanto, Mark Reitblatt, Jennifer Rexford,
Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space 03-640-760603-640-5358 html://www.cs.tau.ac.il/~msagiv/courses/sem03.html.

Programming Language Semantics Mooly SagivEran Yahav Schrirber 317Open space html://
RD-CSY2001-08/09 Distance Vector Routing Protocols.

RD-CSY /09 Distance Vector Routing Protocols.
Semantics with Applications Mooly Sagiv Schrirber 317 03-640-7606 html://www.cs.tau.ac.il/~msagiv/courses/sem08.html Textbooks:Winskel The.

Semantics with Applications Mooly Sagiv Schrirber html:// Textbooks:Winskel The.
Routing and Routing Protocols

Routing and Routing Protocols
Delivery, Forwarding, and Routing

Delivery, Forwarding, and Routing
MULTICASTING Network Security.

MULTICASTING Network Security.
CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 21 Introduction to Computer Networks.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 21 Introduction to Computer Networks.
Chapter 9 Classification And Forwarding. Outline.

Chapter 9 Classification And Forwarding. Outline.
Languages for Software-Defined Networks Nate Foster, Arjun Guha, Mark Reitblatt, and Alec Story, Cornell University Michael J. Freedman, Naga Praveen Katta,

Languages for Software-Defined Networks Nate Foster, Arjun Guha, Mark Reitblatt, and Alec Story, Cornell University Michael J. Freedman, Naga Praveen Katta,

Similar presentations

Ads by Google