Can Software Defined Networks (SDN) manage the dependability of the service provided to selected customers? Gianfranco Nencioni Dipartimento di Ingegneria dell Informazione Università di Pisa Mini-seminar on QoE and QoS Dept. of Telematics, NTNU Trondheim, 9th Dec 2014
Summary 1 Introduction SDN Dependability 2 Dependability in SDN Position paper Dependability papers Dependability application 3 Conclusions
Summary 1 Introduction SDN Dependability 2 Dependability in SDN Position paper Dependability papers Dependability application 3 Conclusions
Software-Defined Network (SDN) Definition Separate control plane and data plane. Control plane = brain Data Plane = arm
Software-Defined Network (SDN) Comparison with conventional networks Conventional network Control plane Control plane Data plane Device Data plane Device Control plane Data plane Complexity Producer dependence Ossification Vendor specific interface Device
Software-Defined Network (SDN) Comparison with conventional networks SDN Control application Control application Control application Control plane Data plane Device OpenFlow Simplicity Programmability Innovation Data plane Device Data plane Device
Dependability Attributes Availability Reliability Maintainability Threats Fault Error Failure Means Prevention Removal Forecasting Tolerance
Summary 1 Introduction SDN Dependability 2 Dependability in SDN Position paper Dependability papers Dependability application 3 Conclusions
Position paper 1 Main considerations Open Issue Security and dependability of the SDN itself Target Building secure and dependable SDNs by design Pros are also cons Network programmability and control logic centralization introduce new fault and attack planes 1 Diego Kreutz, Fernando M.V. Ramos, and Paulo Verissimo. Towards Secure and Dependable Software-defined Networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. HotSDN 13. 2013, pp. 55 60.
Position paper Treat vectors 1 Forged or faked traffic flows 2 Attacks on vulnerabilities in switches 3 Attacks on control plane communications 4 Attack on and vulnerabilities in controllers 5 Lack of mechanisms to ensure trust between the controller and the management applications 6 Attacks on and vulnerabilities in administrative stations 7 Lack of trusted resources for forensics and remediation
Position paper SDN specific vs non-specific threats
Position paper Solutions to threat vector
Dependability papers Software aging 2 Addressed issue The SDN controller is vulnerable to degradation due to a well-known phenomenon called Software Aging Effects SA may cause a higher probability of failure, for instance, reducing the availability of the SDN controller Solutions Application of rejuvenation software techniques aiming to improve efficient consumption of resources by the controllers and hence mitigating software aging effects 2 F. Alencar et al. How Software Aging affects SDN: A view on the controllers. In: Global Information Infrastructure and Networking Symposium (GIIS), 2014. 2014, pp. 1 6.
Dependability papers Resilience management 3 Addressed issue Implementation of network-wide resilience need an orchestrator for driving the cooperation of a collection of SDN-enabled services Network resilience Ability of a network to maintain acceptable levels of service in the face of challenges to its normal operation Network resilience requirements Detection mechanisms support the identification and categorisation of challenges to the network Remediation mechanisms may be used for containing the effects of a challenge. 3 P. Smith et al. Management patterns: SDN-enabled network resilience management. In: Network Operations and Management Symposium (NOMS), 2014 IEEE. 2014, pp. 1 9.
Dependability papers Southbound reliability 4 Addressed Issue In order to achieve at least the five nine reliability in the southbound interface between controllers and nodes how many controllers need to be instantiated where they must be deployed what network nodes are under control of each of them Proposed solution Fault Tolerant Controller Placement 4 Francisco Javier Ros and Pedro Miguel Ruiz. Five Nines of Southbound Reliability in Software-defined Networks. In: Proceedings of the Third Workshop on Hot Topics in Software Defined Networking. HotSDN 14. 2014, pp. 31 36.
Dependability papers Available SDNs 5 Observation Existing SDNs rely on a collection of intricate, mutually- dependent mechanisms to implement a logically centralized control plane Related issue These cyclical dependencies and lack of clean separation of concerns can impact the availability of SDNs Proposed solution Architecting SDNs for robustness to faults from the ground up by carefully synthesizing various key distributed systems ideas in particular, reliable flooding, global snapshots, and replicated controllers. 5 Aditya Akella and Arvind Krishnamurthy. A Highly Available Software Defined Fabric. In: Proceedings of the 13th ACM Workshop on Hot Topics in Networks. HotNets-XIII. 2014, 21:1 21:7.
Dependability papers Synergistic IP+Optical eesiliency 6 Observation In real operational scenarios, however, there may inevitably exist different operators in different network layers/domains Proposed solution Enhanced control plane architecture with hierarchically fabricated controllers by specifying the interworking relationships between different controllers on both IP and optical layers 6 Dongxu Zhang et al. Software Defined Synergistic IP+Optical Resilient Transport Networks. In: J. Opt. Commun. Netw. 7.2 (2015), A209 A217.
Dependability application Four traffic classes Restoration (reactive) Bronze Dependable service Silver Protection (proactive) Gold Platinum
Traffic Recovery Application Logic Structure Control Application Flows database Topology database Hosts database Topology discoverer Statistics handler Path Computation and Traffic Recovery Element Hosts tracker Control plane Data plane
Summary 1 Introduction SDN Dependability 2 Dependability in SDN Position paper Dependability papers Dependability application 3 Conclusions
Conclusions Can Software Defined Networks (SDN) manage the dependability of the service provided to selected customers? Yes, but it needs... to be done (Application Layer) to be supported (Infrastructure Layer) to be dependable (Control Layer)