Transactional Support for SDN Control Planes "

Similar documents
A Distributed and Robust SDN Control Plane for Transactional Network Updates

Distributed Software-Defined Networking: The ACM PODC 2014 Workshop DSDN

Bounded Cost Algorithms for Multivalued Consensus Using Binary Consensus Instances

Cloud Networking Disruption with Software Defined Network Virtualization. Ali Khayam

Software Defined Networking What is it, how does it work, and what is it good for?

Frenetic: A Programming Language for OpenFlow Networks

OpenFlow and Onix. OpenFlow: Enabling Innovation in Campus Networks. The Problem. We also want. How to run experiments in campus networks?

Formal Specification and Programming for SDN

Concepts and Mechanisms for Consistent Route Transitions in Software-defined Networks

Software Defined Networking (SDN) - Open Flow

Dr Markus Hagenbuchner CSCI319. Distributed Systems

Geo-Replication in Large-Scale Cloud Computing Applications

Database Replication with Oracle 11g and MS SQL Server 2008

Software Defined Networking What is it, how does it work, and what is it good for?

Overview Motivating Examples Interleaving Model Semantics of Correctness Testing, Debugging, and Verification

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Software Defined Networks

CSCI-1680 So ware-defined Networking

How To Understand The Power Of The Internet

From Active & Programmable Networks to.. OpenFlow & Software Defined Networks. Prof. C. Tschudin, M. Sifalakis, T. Meyer, M. Monti, S.

Comparisons of SDN OpenFlow Controllers over EstiNet: Ryu vs. NOX

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Software Defined Networking & Openflow

B4: Experience with a Globally-Deployed Software Defined WAN TO APPEAR IN SIGCOMM 13

The Internet: A Remarkable Story. Inside the Net: A Different Story. Networks are Hard to Manage. Software Defined Networking Concepts

Outline. Institute of Computer and Communication Network Engineering. Institute of Computer and Communication Network Engineering

SDN. What's Software Defined Networking? Angelo Capossele

Scalable High Resolution Network Monitoring

COSC 6374 Parallel Computation. Parallel I/O (I) I/O basics. Concept of a clusters

Can Software Defined Networks (SDN) manage the dependability of the service provided to selected customers?

基 於 SDN 與 可 程 式 化 硬 體 架 構 之 雲 端 網 路 系 統 交 換 器

SDN Programming Languages. Programming SDNs!

Brewer s Conjecture and the Feasibility of Consistent, Available, Partition-Tolerant Web Services

Verifying Semantic of System Composition for an Aspect-Oriented Approach

Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures Sungmin Hong, Lei Xu, Haopei Wang, Guofei Gu

Data Management in the Cloud

IxNetwork OpenFlow Solution

Conditions for Strong Synchronization In Concurrent Data Types

Computer Network. Interconnected collection of autonomous computers that are able to exchange information

(Pessimistic) Timestamp Ordering. Rules for read and write Operations. Pessimistic Timestamp Ordering. Write Operations and Timestamps

Network Virtualization: Delivering on the Promises of SDN. Bruce Davie, Principal Engineer

Network Security through Software Defined Networking: a Survey

Extending the Internet of Things to IPv6 with Software Defined Networking

Signature-Free Asynchronous Binary Byzantine Consensus with t < n/3, O(n 2 ) Messages, and O(1) Expected Time

Middleware and Distributed Systems. System Models. Dr. Martin v. Löwis. Freitag, 14. Oktober 11

ON THE IMPLEMENTATION OF ADAPTIVE FLOW MEASUREMENT IN THE SDN-ENABLED NETWORK: A PROTOTYPE

Distributed Data Management

Failover Mechanisms for Distributed SDN Controllers

Panopticon: Incremental SDN Deployment in Enterprise Networks

Resource Utilization of Middleware Components in Embedded Systems

DESIGN AND ANALYSIS OF TECHNIQUES FOR MAPPING VIRTUAL NETWORKS TO SOFTWARE- DEFINED NETWORK SUBSTRATES

FlowGuard: Building Robust Firewalls for Software-Defined Networks. Hongxin Hu, Wonkyu Han, Gail-Joon Ahn and Ziming Zhao

ViSION Status Update. Dan Savu Stefan Stancu. D. Savu - CERN openlab

Principles and characteristics of distributed systems and environments

Modular Communication Infrastructure Design with Quality of Service

OpenFlow 1.4. (Changes compared to 1.3 OpenDaylight Perspec>ve) - Abhijit Kumbhare

Distributed Databases

SEER PROBABILISTIC SCHEDULING FOR COMMODITY HARDWARE TRANSACTIONAL MEMORY. 27 th Symposium on Parallel Architectures and Algorithms

find model parameters, to validate models, and to develop inputs for models. c 1994 Raj Jain 7.1

Scaling Networking Applications to Multiple Cores

An Intelligent Framework for Vehicular Ad-hoc Networks using SDN Architecture

A Fuzzy Logic-Based Information Security Management for Software-Defined Networks

Static Program Transformations for Efficient Software Model Checking

Project 3 and Software-Defined Networking (SDN)

Chapter 3. Internet Applications and Network Programming

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Distributed File System. MCSN N. Tonellotto Complements of Distributed Enabling Platforms

Lecture 7: Concurrency control. Rasmus Pagh

ONOS [Open Source SDN Network Operating System for Service Provider networks]

Name: 1. CS372H: Spring 2009 Final Exam

A Framework for Highly Available Services Based on Group Communication

Empowering Software Defined Network Controller with Packet-Level Information

Performance Evaluation of OpenFlow Devices

Chapter Outline. Chapter 2 Distributed Information Systems Architecture. Middleware for Heterogeneous and Distributed Information Systems

Dynamic Security Traversal in OpenFlow Networks with QoS Guarantee

The libfluid OpenFlow Driver Implementation

SOFT 437. Software Performance Analysis. Ch 5:Web Applications and Other Distributed Systems

On Scalability of Software-Defined Networking

Time-based Updates in OpenFlow: A Proposed Extension to the OpenFlow Protocol

Chapter 10: Distributed DBMS Reliability

Software Defined Active Queue Management

MIDDLEWARE 1. Figure 1: Middleware Layer in Context

CS6204 Advanced Topics in Networking

Open Source Network: Software-Defined Networking (SDN) and OpenFlow

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

Security Challenges & Opportunities in Software Defined Networks (SDN)

Transcription:

Transactional Support for SDN Control Planes Petr Kuznetsov Telecom ParisTech WTTM, 2015

Software Defined Networking An emerging paradigm in computer network management Separate forwarding hardware (data plane) from network managing software (control plane) Simplify network management Facilitate innovation Improve QoS

Software-Defined Networking in one slide A small number of «SDN servers»! Forwarding Monitoring Load balancing SDN controller! Security Standard API (OpenFlow)! Rules (match-action): Match mask -> forward to port A, add tag, drop, update counters Sets of rules (flow tables) spacify a policy A lot of! SDN-enabled switches! forward http from x to y! 3

SDN challenges [CACM Oct 2014] Network-wide abstractions: consistent snapshot of what is going on: topology, traffic load (e.g., encoded in a NIB) Distributed updates: modifying rules at multiple switches while preserving consistency under transition Modularity: multiple composition levels, programming interface allowing for composition Virtualization: enabling the virtual network abstraction Verification: tools for checking the network program correctness 4

Consistent Network Information Base? Forwarding Monitoring Load balancing Control plane! Security Data plane! 5

Atomic network snapshot Benefits: calculations based on global view of the network state ü Computing shortest paths ü Load balancing ü Traffic engineering Difficulties: physically impossible to get the state atomically ü The outcome of the calculation may be imprecise ü Double-collect technique? ü Read transactions? Abort if consistency cannot be achieved 6

Distributed updates Central controller no need for distributed protocols? ü Atomic update impossible ü But can be emulated ü Sometimes ü Hard to do with coexisting data-plane traffic Сoncurrent updates? ü Necessary for scalability and robustness? Challenges ü Maintain some consistency during the transition period (perpacket/flow consistency, loop-freedom, blackhole-freedom) ü Compose concurrent updates, reject if not composable 7

Two-phase update (single controller) [Reitblatt et al., 2012] Choose a unique tag t for the new policy Phase 1: update all internal ports with policy rules for the chosen tag t Phase 2: update all ingress port to tag incoming packets with t Per-packet consistency: every packet is processed by the old policy or by the new one 8

Centralized network control? Forwarding Monitoring Load balancing SDN controller! Security Does not scale! Single point of failure 9

Distributed Network Control? SDN controller! SDN controller! SDN controller! Forwarding Load balancing Monitoring Security Forwarding Security Faults and Consistency of asynchronous concurrent policy communication? updates? 10

Composing (composable) policies SDN controller forward http to y! SDN controller SDN controller count all from x! Composed rule:! forward http not from x to y;! count not http from x;! count http from x and forward to y Centralized setting: Frenetic, Foster et al., ICFP 2011 What to do with an http packet from x?! 11

Rejecting conflicting policies SDN controller SDN controller SDN controller forward all from x to z! forward http to y! What to do with a packet from x to y? A policy must be completely installed or completely rejected! Transactional memory? 12

Software Transactional Memory in one slide Mark sequences of instructions as an atomic transaction: atomic { } if (tail-head == MAX){ return full; }!items[tail%max]=item;!tail++; A transaction can be either committed or aborted ü Committed transactions are serializable ü Let the transactional memory (STM) care about the conflicts ü Ease of programming and efficient (?) use of concurrency 13!

STN: creating the illusion of atomicity Each network operation appears as executed atomically ü Snapshot (read-only)/update (write) ü If not possible: abort (as it never happened) ü Even if traffic overlaps with operation intervals Sequential composability: for each real history (observable trace), there exists a history S: ü Sequential: every control operation or traffic trace/flow sequential in S ü Legal: committed updates compose, snapshots are consistent with the committed past, traffic is processed by the latest committed policy ü Equivalent: no system component sees the difference from S Like serializability for transactions 14

STN: Interface 1. A controller executes an operation π by invoking exec(π) that returns ack or nack res π is executed (committed) with result res! nack π is rejected (aborted) 2. The environment injects traffic via ingress ports: inject(pk,j): packet pk enters ingress port j 3. A packet traverses the network according to the current policy: forward(pk,i,pk,j): packet pk arrived at port j and forwarded to port j (possibly modified) SDN controller SDN controller SDN controller 15

STN: correctness Every history H of satisfies: Sequential composability: a completion of H (aborted policies ignored) is indistinguishable from a legal sequential history S Progress: only conflicting policies are aborted (exactly one is committed) Liveness: an operation request by a correct control unit eventually returns 16

Application: Consistent Policy Composition (CPC) [Infocom 2015] Controllers independently apply policy update requests: Conflict-freedom: no two conflicting policies installed Progress: non-conflicting policy eventually installed; and: at least one policy commits Per-packet consistency: every packet witnesses exactly one policy applied (during its network traversal) (Traffic is not under our control!) 17

CPC: Example 3 switches, 3 controllers 18

CPC: Example apply(π 1 ) ack apply(π 1 ) ack p 1 p 1 apply(π 2 ) ack apply(π 2 ) ack p 2 apply(π 2 ) nack p 2 p 3 p 3 sw 1 sw 1 sw 2 sw 2 sw 3 sw 3 Original history Sequential equivalent 19

CPC: TM analog Two kinds of transactions: Policy updates invoked by the controllers Located paths injected by the environment Semantics: (Committed) transactions appear sequential Policy updates abort when conflict Located paths never abort, witness exactly one policy ü packet arrival and link delays are out of our control MV-permissiveness (read-only txns never abort) ü Paths are not really read-only 20

CPC implementation: model v1 Controllers access ports with read and write ops Controllers can communicate via asynchronous messagepassing Controllers may fail by crashing No synchrony assumptions Restrict policies to forwarding ü Compose if domains are disjoint or related by containment ü Reject otherwise 21

Asynchronous read-write CPC Theorem: 1-resilient read-write CPC is impossible. Proof sketch:! Two ingress ports 1 and 2 initially forward all to the internal ports (π 0 ) π 1 installed by p 1 and π 2 installed by p 2, π 2 refines π 1 (higher priority, same domain) π 1 and π 2 propose different paths p 1 changes port 1 and is just about to change 2 (with a composition of π 0 and π 1 ), p 2 takes no steps p 1 p 2 π 0 π 1 π 0 π 1 π 2 1! 2!?! p 2 wakes up and installs of π 0 π 1 π 2, p 1 takes no steps p 1 changes port 2 with π 0 π 1 : π 2 is forgotten! 22

CPC implementation: model v2 Controllers access ports with atomic read-modify-write ops RMW(f,g,v): ü read the state v! ü write f(v,v ) ü return g(v,v )! Intuition: do not update if conflicts with currently installed policy RMW(f,g,v) g(v,v ) 23

RMW in Openflow 1.4 Bundling: multiple control messages organized in mini transactions: ü All messages in a bundle carry the same bundle id! ü If a single message is rejected, the whole bundle is rejected OFPFF_CHECK_OVERLAP flag: detect conflicts on-the-fly ü A conflicting rule is rejected ü A control message is sent if conflict detected Cookies: controller-specific modifications of individual flow entries

Upper bound: FixTag algorithm Operation: 1. Unique tag per policy 2. Install at internal ports first (compose if necessary) 3. Once installed at internal ports 4. add the tag to all packets at ingress ports! Upsides: wait-free (tolerates all failure patterns) Downsides: overhead can be huge Super-exponential in the size of the network Internal ports are ready when needed A packet is processed by exactly one (composed) policy internal ports ingress port add Tag 1 Tag 1 Tag 1 Tag 1 Tag 2 Tag 1 Tag 1 Tag 2 25

Can we do better? No, if we get no feedback from the network ü Tag t cannot be reused if it is still in flight Suppose, we can correctly evaluate the set of active tags ü Correct (but asynchronous) oracle Single-controller scenario: one bit is enough! ü Upon policy update π i wait until (i mod 2)-traffic is over, and use tag i mod 2! Two or more controllers: inherent price of concurrency? Between constant and super-exponential? Yes, if controllers are synchronized 26

CPC protocol: ReuseTag Mark incoming packets with policy tags Proportional to the level of resilience: ü Up to f failures: f+2 tags needed (proved optimal) Controllers use consensus instances (Paxos based on eventual synchrony or «eventual leader») ü Replicated state machine for request-tag ordering Two-phase update per ordered (composable) request ü Atomic read-modify-write (RMW) to avoid overwriting

ReuseTag properties All requests are serialized ü Even non-conflicting ones ü Allowing for more concurrency of updates? RMW port operations ü Check a condition on the switch state update the state if satisfied: OpenFlow?

Summary: software transactional networking Control middleware: manipulate the network as though there is no concurrency ü Conflicts result in aborts or composition Run sequential code (in the form of txns) Committed transactions and traffic paths appear sequential Aborted transactions do not appear 29

STN for SDN Network-wide abstractions and distributed updates: modifying rules at multiple switches while preserving consistency under transition Modularity and virtualization: transactions are compositional Verification: easier to verify (semantically sequential) transactional programs 30

New? Interesting? New: distributed network control ü Network races ü Notions of conflict and consistency Interesting: new kinds of concurrency ü Traffic as an independent thread ü Not all is about consensus 31

References M. Canini, P. Kuznetsov, D. Levin, and S. Schmid. Software transactional networking: Concurrent and consistent policy composition. ACM HotSDN, August 2013 M. Canini, P. Kuznetsov, D. Levin, and S. Schmid. A Distributed SDN Control Plane for Consistent Policy Updates. INFOCOM 2015 (check arxiv) Liron Schiff, Stefan Schmid, Petr Kuznetsov. In-Band Synchronization for Distributed SDN Control Planes. In submission. 32!

Communities? [Kreutzh et al., Software-Defined Networking: A Comprehensive Survey, 2014]: «distributed» appears 73 times in 407 references starting roughly in 2010: ü 61 SIGCOMM ü 34 HotSDN ü 50 HotNets ü 20 CCR ü 25 NSDI/OSDI/ATC ü 1 PODC ü 0 DISC

Eskerrik asko! Questions? 34

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information