Programmable Network Node: Applications

24
1 Java-enable Network Devices Programmable Network Node: Applications 1 Technology Center, Enterprise Solutions, Nortel Networks 2 Department of Computer Science, University of Maryland Tal Lavian 1 [email protected] Rob Jaeger 1,2 [email protected] [email protected]

description

MIB API Monitor device Management Information Base variables MIB RMON and RMON-II DiffServ Network API (JFWD) Interface to Filters set packet drop filters intercept packets carbon copy packets while forwarding at line-speed

Transcript of Programmable Network Node: Applications

Page 1: Programmable Network Node: Applications

1Java-enable Network Devices

Programmable Network Node: Applications

1 Technology Center, Enterprise Solutions, Nortel Networks2 Department of Computer Science, University of Maryland

Tal Lavian1 [email protected]

Rob Jaeger1,2 [email protected] [email protected]

Page 2: Programmable Network Node: Applications

2Java-enable Network Devices

Accomplishments

• JVM on a sil icon-based L3 Routing Switch

• ORE - Oplet Run-t ime Environment

• Java-enabled Device Architecture

• SNMP MIB API

• Network Forwarding API

• Active Networks applications:

— dynamic control and modification of ASIC forwarding

Page 3: Programmable Network Node: Applications

3Java-enable Network Devices

Nortel Java-Enabled Device Nortel Java-Enabled Device ArchitectureArchitecture

Device HWOperating System

JVM

Oplet

C/C++API

JavaAPI

DeviceCode

Oplet Runtime Env

DeviceDrivers

JNIJF

WD

AP

I

ORE Service

AN Packet Interception

Page 4: Programmable Network Node: Applications

4Java-enable Network Devices

Tools

• MIB API— Monitor device Management Information Base variables

– MIB– RMON and RMON-II– DiffServ

• Network API (JFWD) — Interface to Filters

– set packet drop filters– intercept packets– carbon copy packets while forwarding at line-speed

Page 5: Programmable Network Node: Applications

5Java-enable Network Devices

MIB API

JavaVirtualMachine

SNMP PDU Layer

Instrumentation& AnnotationLayer

Real Time Operating System

Processor and other Hardware

Native Variable Interface

MIB Map

Abstract Variable Interface

Client API

Client Bean

•API uses a MIB Map to dispatch requests to variable access routines•Different parts of the MIB tree can be serviced by different mechanisms•Two main schemes:•An ad hoc interface to the SNMP instrumentation layer•A generic SNMP loopback

Page 6: Programmable Network Node: Applications

6Java-enable Network Devices

Network API: Dynamic Configuration Network API: Dynamic Configuration of Forwarding Rules of Forwarding Rules

CPU

ForwardingProcessor

ForwardingProcessor

ForwardingProcessor

ForwardingProcessor

ForwardingRules

SW

HW

ForwardingRules

ForwardingRules

ForwardingRules

JavaServices

Page 7: Programmable Network Node: Applications

7Java-enable Network Devices

Network API: Control-vs-Forwarding Plane

Centralized, Centralized, CPU-based RouterCPU-based Router

Forwarding-ProcessorsForwarding-Processors based Routerbased Router

Control + ForwardingControl + ForwardingFunctions combinedFunctions combined

Control separatedControl separatedFrom forwardingFrom forwarding

CPU

Routing SW

CPU

Control Plane

Forwarding Processor

Forwarding Processor

Forwarding Processor

Slow Wire Speed

Page 8: Programmable Network Node: Applications

8Java-enable Network Devices

Network API: Packet Capture Network API: Packet Capture

CPU

ForwardingProcessor

ForwardingProcessor

ForwardingProcessor

ForwardingProcessor

AN Apps

JFWD to Divert or Copy

Wire Speed

Pac

ket

Page 9: Programmable Network Node: Applications

9Java-enable Network Devices

Applications

• Active Network Management — Proactive Network Management — Diagnostic Agents

• Dynamic DiffServ Classif ier

• Active Intrusion Detection

• Multicast Caching

• IP Accounting

• Application-Layer Router-Server Collaboration

• Pseudo Default Drop Capabil ity

Page 10: Programmable Network Node: Applications

10Java-enable Network Devices

Active Network Management

• Download Oplet Service to the device.

• Monitor MIB variables • Might be complex conditions• Trend analysis• DiffServ, RMON-II, etc… MIBs

• Report “events” to NMS — drop rate, packets/second

• Allow Service to take action

• Download application

• Adjust parameters based on direction from NMS

Monitor

AppropriateApplication

Download

Download

Complex Condition Exceeded

NMS

No more polling

router

Extensive access to internal resources

Page 11: Programmable Network Node: Applications

11Java-enable Network Devices

Proactive Network Management

• Device-based Intell igence is Dynamic—Static Management

– SNMP set/get mechanisms – Telnet, User Interfaces (cli, web, etc…)

—Dynamic Closed-loop Management at Network Node– capable of dealing with new and difficult situations – autonomous and rational properties. – dynamically system monitoring & modification – report status and trends

—Monitor MIB to identify poor performance and notify NMS prior to failures

—Downloaded service can instantiate new services

Page 12: Programmable Network Node: Applications

12Java-enable Network Devices

Diagnostic Agents

• Automatic traceroute from edge router where problem exists.—Each node reached generates a report to NMS—Traceroute code “moves” to next node in path—Mobile agents identify router health—Create logs for NMS

Page 13: Programmable Network Node: Applications

13Java-enable Network Devices

Dynamic DiffServ Classif ier

• Set router f i l ters to sample packets from edge device host ports

• Identify real-t ime traff ic (RTP flows)

• Set f i l ter on port to adjust DS-byte value based on policy

• Keep track of f i l ters set

• Remove f i l ters no longer in use

Page 14: Programmable Network Node: Applications

14Java-enable Network Devices

Dynamic DiffServ Classif icationDynamic DiffServ Classif ication

ForwardingProcessor

ForwardingProcessor

Policy

Filters

ORE Service

Packet

Packet Filter

• Sample packets, set f i l ters to modify DS-byte for Per-Hop-Behavior modif ication

Packet

Control

Plane

Page 15: Programmable Network Node: Applications

15Java-enable Network Devices

Active Intrusion Detection

• Intruder is identif ied by Intrusion Detection software

• Intruder signature is identif ied

• Mobile agent is dispatched in direction of intruder (based on physical port of entry)

• Mobile agent “chases” intruder and terminates him (shuts down link, reboot host, notify NMS)

Page 16: Programmable Network Node: Applications

16Java-enable Network Devices

Multicast Caching

• Reliable Mult icasting

• Distr ibute error control throughout mult icast tree

• Retransmission a local node keeps control close to lossy l inks

• Balances processor load away from mult icast source

Page 17: Programmable Network Node: Applications

17Java-enable Network Devices

IP Accounting

• Project ABCD (Active Bean Counter in Device)

• Perform usage accounting at edge node

• PreCorrelate/aggregate/reduce accounting record on-site

• $1 rule for bil l ing

• Real-t ime bil l ing can be realized

• Customize bil lable resources

Page 18: Programmable Network Node: Applications

18Java-enable Network Devices

Application Layer Collaboration Among Routers and Servers

• Server farm load balancing— server state monitored; rerouting based on congestion/load

• Auctioning Applications

• Bandwidth Broker

Page 19: Programmable Network Node: Applications

19Java-enable Network Devices

Server Collaboration

• Supports distr ibuted computing applications in which network devices part icipate— router to router— server to router

• Supports Intel l igent Agents

• Supports Mobile AgentsJava-basedApplication

Java-basedApplication

Java-basedApplication

Page 20: Programmable Network Node: Applications

20Java-enable Network Devices

Bandwidth Broker Collaboration

• Routers Monitor RMON and DIFFSERV MIB

• Report Per-IPAddress, Per Protocol stat ist ic to resource broker

• Adjust DS-byte and Per Hop Behavior based on Bandwidth Broker directions

Page 21: Programmable Network Node: Applications

21Java-enable Network Devices

Real-time forwarding Stats and Monitors Real-time forwarding Stats and Monitors

CPU

SW

HW

AN Apps

ForwardingProcessor

ForwardingRules

Statistics &Monitors

ForwardingProcessor

ForwardingRules

Statistics &Monitors

ForwardingProcessor

ForwardingRules

Statistics &Monitors

Page 22: Programmable Network Node: Applications

22Java-enable Network Devices

Dynamic - On the Fly ConfigurationDynamic - On the Fly Configuration

• From downloadable Java application, we can modify the behavior of the ASICs

Page 23: Programmable Network Node: Applications

23Java-enable Network Devices

Mixed Topology of AN systemMixed Topology of AN system

- AN Node - None AN Node

NO need to know the AN topology ahead of time

Page 24: Programmable Network Node: Applications

24Java-enable Network Devices

Active Node Topology DiscoveryActive Node Topology Discovery

- AN Node - Non AN Node

NO need to know the AN topology ahead of time