software-defined networking , survey of hotsdn 2012

SDN Concepts and Applications

Survey of SIGCOMM HotSDN 2012

1

Presenter: Jason, Tsung-Cheng, HOUAdvisor: Wanjiun Liao

Sep. 20th, 2012

Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions

2

Background• SDN: Software-Defined Networking

– Refactoring networks by offering control platforms– A unified system-layered abstractions– Programmability, flexibility, and extensibility

• Network OS / Controller:– Handling important but tedious functions

Configuring net devices, channeling states– Presenting net abstractions, states and graphs– Inter-network-applications control, providing API

c.f. inter-process control

3

Network Stack / Protocol

4http://www.conniq.com/Networking_Components7.htm

http://www.conniq.com/Networking_Components7.htm

SDN Abstraction / Application

5http://onrc.stanford.edu/research_unified_control_architecture.html

http://onrc.stanford.edu/research_unified_control_architecture.html

http://onrc.stanford.edu/research_unified_control_architecture.html

SDN Research?• How do we scope research in SDN?• SIGCOMM HotSDN 2012

– First Workshop in SDN– Acceptance: 22 of 71 submissions, 31%– 5 Stanford/Berkeley, 2 UIUC, 1 Princeton/Cornell– 1 Nicira, 2 IBM, 2 HP, 1 Microsoft

• Mostly, implementations of newly proposed systems, frameworks, or applications

• Very few modeling or theoretical work• Better understanding of SDN

6


7

8

Concept of Virtualization• Decoupling HW/SW by abstraction & layering• Using, demanding,

but not owning or configuring• Resource pool: flexible to slice, resize,

combine, and distribute• A degree of automation by software

VMs

Hypervisor:Turns 1 server into many “virtual machines” (instances or VMs)(VMWare ESX, Citrix XEN Server, KVM, Etc.)

HOST 1 HOST 2 HOST 3 HOST 4,

Tenant View vs Provider View

Network Controller / OS• DCN relies on controller for many functions:

– Address mapping / mgmt / registration / reuse– Traffic load scheduling / balancing– Route computation, switch entries configuration– Logical network view ↔ physical construction

• An example: Onix– Distributed system– Maintain, exchange &

distribute net states• Hard static: SQL DB• Soft dynamic: DHT

– Asynchronous buteventually consistent 10

11

Onix Functions

Network OS

Logical Forwarding Plane / Network Graph

Control Plane / Applications

Network Hypervisor

Real States

Logical States Abstractions

Mapping

Control Commands

Distributes, Configures

Network Info Base

API

Distributed System

Abstraction

Provides

Provides

OpenFlow

Abstraction Layer

12

Net Control Applications

Network Programming APILanguage-Policy Interpreter

Network Info Base Object DB

MapReduce / GFS Master

Cluster / TenantMaster

Policy-Rule CompilerConfiguration Manager

Verification-DebuggerBacktrace Collector

Network Graph


13

Hierarchical Policies• Useful in many contexts in which resources

are shared among multiple entities.• Express delegation of authority and the

resolution of conflicts• Hierarchical Flow Tables (HFT): a framework

for specifying hierarchical policies in SDN• Also proposed a compiler and runtime system

to realize policy trees

14AD Ferguson et. al., “Hierarchical policies for software defined networks”, HotSDN 2012

Hierarchical Policies

15

Types of Hierarchy:• Policy Priority, ex: Access Control > Routing• IP Prefix, Longest Matching, Subnets• Flow / Traffic Type, ex: Control PKT > Data

A Policy Tree

Hierarchical Flow Table

16

Declare policies↓

Construct HFT↓

Linearize & Compile HFTTurn into flow entries on devices

A rigorous definition attempting to formalize network policies.

←Observe the symbols used by authors here !

Matches a pkt with a policy, node internal conflict resolution

Matches a pkt with a policy tree, using cmb recursively to children, parent-child or inter-sibling conflict resolution

Runtime HFT

17

Turn policy trees into priority-indexed linear and high-level flow tables ↓

Turn high-level flow tables into device entries →

Abstraction Layer

18








Network Graph


19

Logically Centralized• Logically centralized: multiple physical

machines hosting distributed controllers• Net states are distributed among controllers

– What are the impact of inconsistent network view?

– How does distributed SDN states impact performance of a logically centralized control application?

• Depict state exchange points and trade-offs• Provide a customized flow level simulator

20

D Levin et. al., “Logically centralized?: state distribution trade-offs in software defined networks”, HotSDN 2012

State Exchange Points

21

State exchange points:• App.state mgmt layer (Net. OS/Hypervisor)• State mgmt layernetwork devices

Trade-Offs• Strongly consistent

– Imposes overhead and delay, and limits responsiveness, can lead to suboptimal

• Eventually consistent: – Presents a temporarily inconsistent view, may

cause incorrect behavior• Trade-off:

– performance (optimality), vs state distribution overhead (staleness)

– Application complexity, vs robustness to inconsistency in states

22

Results• Simulation on very simple topo and workload• Only discuss impacts on load-balancing app• View staleness significantly impacts

optimality • Application robustness to inconsistency

increases when the application logic is aware of distribution

• Not a very complete discussion, scenarios are relatively simple

23

Abstraction Layer

24








Network Graph


25

Offloading Control ?• Frequent and resource-exhaustive events:

– Such as flow arrivals and network state collection– Stress the control plane and limit scalability– As discussed in DevoFlow

• Current solutions: View as intrinsic, or try to address by modifying switches

• How can we move control functionalities toward datapaths, without introducing new datapath mechanisms to switches?

26

S Hassas Yeganeh et. al., “Kandoo: a framework for efficient and scalable offloading of control applications”, HotSDN 2012

Local Controllers

27

DevoFlow: Devolve tasks to switchesHere, perhaps switches are equipped with local controllersOr, more local, light controllers installed near datapathsWhat’s the difference? Programmability and delay

Examples

28

• Does not need global network states• Proxies of root controller• Scale with network size• Hierarchy of controllers

• Shield from root controller• Local controllers do not propagate an

event, unless root controller subscribes• Consume less bandwidth


29

Why Online Verifying?• SDN eases development of network

applications, but bugs are still problematic– Complexity of software will increase.– SDN allows multiple applications or even multiple

users to program the same physical network, potential conflicting rules

• Rule verification latency in seconds is not enough to ensure real-time response– Require network-wide states– Processing churn introduce scaling challenges.

30

A Khurshid et. al., “VeriFlow: verifying network-wide invariants in real time”, HotSDN 2012

VeriFlow Framework

31

• Prototype: Only (forwarding rule, reachability) verification

• Equivalent classes: rules or policies affect same type of packets or flows, verify per class not per rule

• Rules in equivalent class are stored as trie or prefix tree

• Generate forwarding graphs for each class

• Processing reachability verification by traversing forwarding graph

• Incremental, only check latest changes, fast enough


32

Why Debugging ?• When debugging a program:

– Pause execution at a breakpoint– Shows the history of function calls leading to

breakpoint, a backtrace• What bugs in SDN?

– Race condition: policy on-the-way, behind flows– Controller logic error– Switch implementation or policy insertion

33

N Handigol et. al., “Where is the debugger for my Software-Defined Network?”, HotSDN 2012

Breakpoint and Backtrace

34

Architecture

35

Mechanisms• Proxy: modify flow entry modification msg to cmd

switches producing postcards• Flow Table State Recorder (FTSR): stores flow table

versions w.r.t. flow entry modifications• Breackpoint: user-specified filtering rules• Postcard: a truncated copy of the packet’s header,

augmented with the matching flow entry, switch, and output port (links back to FTSR)

• Keep sending postcards to controller, all along the way a packet traverses

• Reconstruct backtrace when a packet or a postcard matches a filter breakpoint

36

Setting Breakpoint

37

Collecting Postcard

38

Reconstructing Backtrace

39

Abstraction Layer

40








Network Graph

VeriFlow vs Debugger: Policy verification vs errant event tracing


41

Network Sensitive Applications• Tightly integrate applications with the network

to improve performance and utilization• To support cross-layer network control, the

SDN controller is interfaced to the master node for each individual application, such as the Hadoop scheduler or HBase master

• For big data applications, the SDN controller provides an interface that accepts traffic demand matrices from application controllers

42

G Wang et. al., “Programming your network at run-time for big data applications”, HotSDN 2012

MapReduce Distributed Execution

UserProgram

Worker

Worker

Master

Worker

Worker

Worker

fork fork fork

assignmap assign

reduce

readlocalwrite

remoteread,sort

OutputFile 0

OutputFile 1

writeSplit 0Split 1Split 2

Input Data

Master also deals with:• Worker status updates• Fault-tolerance• I/O Scheduling• Automatic distribution• Automatic parallelization

↑ ↑ ↑ ↑ ↑Shuffle & Sort

Job Tracker Functions

44

SDN Controller Functions

45

Masters Work Together

46

How to coordinate configuration requests among different kinds of applications?


47

Programmable WLAN• In WiFi settings, clients choose what APs to

associate, broadcast, hard to track devices• Interactions among APs and clients are

decentralized, hard to add functionalities• Build a virtual AP abstraction to simplify client

management, without any client modificatoins• Virtual AP: enables seamless mobility and

load balancing

48

L Suresh et. al., “Towards programmable enterprise WLANS with Odin”, HotSDN 2012

Light VirtualAccess Point

49

Reference• Teemu Koponen et al., “Onix: A distributed control platform for large-scale production

networks”, OSDI, Oct, 2010• AD Ferguson et. al., “Hierarchical policies for software defined networks”, HotSDN 2012• D Levin et. al., “Logically centralized?: state distribution trade-offs in software defined

networks”, HotSDN 2012• S Hassas Yeganeh et. al., “Kandoo: a framework for efficient and scalable offloading of

control applications”, HotSDN 2012• A Khurshid et. al., “VeriFlow: verifying network-wide invariants in real time”, HotSDN 2012• N Handigol et. al., “Where is the debugger for my Software-Defined Network?”, HotSDN

2012• G Wang et. al., “Programming your network at run-time for big data applications”, HotSDN

2012• L Suresh et. al., “Towards programmable enterprise WLANS with Odin”, HotSDN 2012

51

software-defined networking , survey of hotsdn 2012

Technology