SDN Concepts and Applications
Survey of SIGCOMM HotSDN 2012
1
Presenter: Jason, Tsung-Cheng, HOUAdvisor: Wanjiun Liao
Sep. 20th, 2012
Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions
2
Background• SDN: Software-Defined Networking
– Refactoring networks by offering control platforms– A unified system-layered abstractions– Programmability, flexibility, and extensibility
• Network OS / Controller:– Handling important but tedious functions
Configuring net devices, channeling states– Presenting net abstractions, states and graphs– Inter-network-applications control, providing API
c.f. inter-process control
3
Network Stack / Protocol
4http://www.conniq.com/Networking_Components7.htm
SDN Abstraction / Application
5http://onrc.stanford.edu/research_unified_control_architecture.html
SDN Research?• How do we scope research in SDN?• SIGCOMM HotSDN 2012
– First Workshop in SDN– Acceptance: 22 of 71 submissions, 31%– 5 Stanford/Berkeley, 2 UIUC, 1 Princeton/Cornell– 1 Nicira, 2 IBM, 2 HP, 1 Microsoft
• Mostly, implementations of newly proposed systems, frameworks, or applications
• Very few modeling or theoretical work• Better understanding of SDN
6
Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions
7
8
Concept of Virtualization• Decoupling HW/SW by abstraction & layering• Using, demanding,
but not owning or configuring• Resource pool: flexible to slice, resize,
combine, and distribute• A degree of automation by software
VMs
Hypervisor:Turns 1 server into many “virtual machines” (instances or VMs)(VMWare ESX, Citrix XEN Server, KVM, Etc.)
HOST 1 HOST 2 HOST 3 HOST 4,
Tenant View vs Provider View
Network Controller / OS• DCN relies on controller for many functions:
– Address mapping / mgmt / registration / reuse– Traffic load scheduling / balancing– Route computation, switch entries configuration– Logical network view ↔ physical construction
• An example: Onix– Distributed system– Maintain, exchange &
distribute net states• Hard static: SQL DB• Soft dynamic: DHT
– Asynchronous buteventually consistent 10
11
Onix Functions
Network OS
Logical Forwarding Plane / Network Graph
Control Plane / Applications
Network Hypervisor
Real States
Logical States Abstractions
Mapping
Control Commands
Distributes, Configures
Network Info Base
API
Distributed System
Abstraction
Provides
Provides
OpenFlow
Abstraction Layer
12
Net Control Applications
Network Programming APILanguage-Policy Interpreter
Network Info Base Object DB
MapReduce / GFS Master
Cluster / TenantMaster
Policy-Rule CompilerConfiguration Manager
Verification-DebuggerBacktrace Collector
Network Graph
Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions
13
Hierarchical Policies• Useful in many contexts in which resources
are shared among multiple entities.• Express delegation of authority and the
resolution of conflicts• Hierarchical Flow Tables (HFT): a framework
for specifying hierarchical policies in SDN• Also proposed a compiler and runtime system
to realize policy trees
14AD Ferguson et. al., “Hierarchical policies for software defined networks”, HotSDN 2012
Hierarchical Policies
15
Types of Hierarchy:• Policy Priority, ex: Access Control > Routing• IP Prefix, Longest Matching, Subnets• Flow / Traffic Type, ex: Control PKT > Data
A Policy Tree
Hierarchical Flow Table
16
Declare policies↓
Construct HFT↓
Linearize & Compile HFTTurn into flow entries on devices
A rigorous definition attempting to formalize network policies.
←Observe the symbols used by authors here !
Matches a pkt with a policy, node internal conflict resolution
Matches a pkt with a policy tree, using cmb recursively to children, parent-child or inter-sibling conflict resolution
Runtime HFT
17
Turn policy trees into priority-indexed linear and high-level flow tables ↓
Turn high-level flow tables into device entries →
Abstraction Layer
18
Net Control Applications
Network Programming APILanguage-Policy Interpreter
Network Info Base Object DB
MapReduce / GFS Master
Cluster / TenantMaster
Policy-Rule CompilerConfiguration Manager
Verification-DebuggerBacktrace Collector
Network Graph
Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions
19
Logically Centralized• Logically centralized: multiple physical
machines hosting distributed controllers• Net states are distributed among controllers
– What are the impact of inconsistent network view?
– How does distributed SDN states impact performance of a logically centralized control application?
• Depict state exchange points and trade-offs• Provide a customized flow level simulator
20
D Levin et. al., “Logically centralized?: state distribution trade-offs in software defined networks”, HotSDN 2012
State Exchange Points
21
State exchange points:• App.state mgmt layer (Net. OS/Hypervisor)• State mgmt layernetwork devices
Trade-Offs• Strongly consistent
– Imposes overhead and delay, and limits responsiveness, can lead to suboptimal
• Eventually consistent: – Presents a temporarily inconsistent view, may
cause incorrect behavior• Trade-off:
– performance (optimality), vs state distribution overhead (staleness)
– Application complexity, vs robustness to inconsistency in states
22
Results• Simulation on very simple topo and workload• Only discuss impacts on load-balancing app• View staleness significantly impacts
optimality • Application robustness to inconsistency
increases when the application logic is aware of distribution
• Not a very complete discussion, scenarios are relatively simple
23
Abstraction Layer
24
Net Control Applications
Network Programming APILanguage-Policy Interpreter
Network Info Base Object DB
MapReduce / GFS Master
Cluster / TenantMaster
Policy-Rule CompilerConfiguration Manager
Verification-DebuggerBacktrace Collector
Network Graph
Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions
25
Offloading Control ?• Frequent and resource-exhaustive events:
– Such as flow arrivals and network state collection– Stress the control plane and limit scalability– As discussed in DevoFlow
• Current solutions: View as intrinsic, or try to address by modifying switches
• How can we move control functionalities toward datapaths, without introducing new datapath mechanisms to switches?
26
S Hassas Yeganeh et. al., “Kandoo: a framework for efficient and scalable offloading of control applications”, HotSDN 2012
Local Controllers
27
DevoFlow: Devolve tasks to switchesHere, perhaps switches are equipped with local controllersOr, more local, light controllers installed near datapathsWhat’s the difference? Programmability and delay
Examples
28
• Does not need global network states• Proxies of root controller• Scale with network size• Hierarchy of controllers
• Shield from root controller• Local controllers do not propagate an
event, unless root controller subscribes• Consume less bandwidth
Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions
29
Why Online Verifying?• SDN eases development of network
applications, but bugs are still problematic– Complexity of software will increase.– SDN allows multiple applications or even multiple
users to program the same physical network, potential conflicting rules
• Rule verification latency in seconds is not enough to ensure real-time response– Require network-wide states– Processing churn introduce scaling challenges.
30
A Khurshid et. al., “VeriFlow: verifying network-wide invariants in real time”, HotSDN 2012
VeriFlow Framework
31
• Prototype: Only (forwarding rule, reachability) verification
• Equivalent classes: rules or policies affect same type of packets or flows, verify per class not per rule
• Rules in equivalent class are stored as trie or prefix tree
• Generate forwarding graphs for each class
• Processing reachability verification by traversing forwarding graph
• Incremental, only check latest changes, fast enough
Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions
32
Why Debugging ?• When debugging a program:
– Pause execution at a breakpoint– Shows the history of function calls leading to
breakpoint, a backtrace• What bugs in SDN?
– Race condition: policy on-the-way, behind flows– Controller logic error– Switch implementation or policy insertion
33
N Handigol et. al., “Where is the debugger for my Software-Defined Network?”, HotSDN 2012
Breakpoint and Backtrace
34
Architecture
35
Mechanisms• Proxy: modify flow entry modification msg to cmd
switches producing postcards• Flow Table State Recorder (FTSR): stores flow table
versions w.r.t. flow entry modifications• Breackpoint: user-specified filtering rules• Postcard: a truncated copy of the packet’s header,
augmented with the matching flow entry, switch, and output port (links back to FTSR)
• Keep sending postcards to controller, all along the way a packet traverses
• Reconstruct backtrace when a packet or a postcard matches a filter breakpoint
36
Setting Breakpoint
37
Collecting Postcard
38
Reconstructing Backtrace
39
Abstraction Layer
40
Net Control Applications
Network Programming APILanguage-Policy Interpreter
Network Info Base Object DB
MapReduce / GFS Master
Cluster / TenantMaster
Policy-Rule CompilerConfiguration Manager
Verification-DebuggerBacktrace Collector
Network Graph
VeriFlow vs Debugger: Policy verification vs errant event tracing
Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions
41
Network Sensitive Applications• Tightly integrate applications with the network
to improve performance and utilization• To support cross-layer network control, the
SDN controller is interfaced to the master node for each individual application, such as the Hadoop scheduler or HBase master
• For big data applications, the SDN controller provides an interface that accepts traffic demand matrices from application controllers
42
G Wang et. al., “Programming your network at run-time for big data applications”, HotSDN 2012
MapReduce Distributed Execution
UserProgram
Worker
Worker
Master
Worker
Worker
Worker
fork fork fork
assignmap assign
reduce
readlocalwrite
remoteread,sort
OutputFile 0
OutputFile 1
writeSplit 0Split 1Split 2
Input Data
Master also deals with:• Worker status updates• Fault-tolerance• I/O Scheduling• Automatic distribution• Automatic parallelization
↑ ↑ ↑ ↑ ↑Shuffle & Sort
Job Tracker Functions
44
SDN Controller Functions
45
Masters Work Together
46
How to coordinate configuration requests among different kinds of applications?
Agenda• Background• Review of Onix, Net OS / Controller• Hierarchical Policies for SDN• State Distribution Tradeoffs• Offloading Control Applications• Verifying Network-wide Invariants• Debugger and Network Backtrace• Programming Network for Online Applications• Programmable Enterprise WLANs• Research Directions
47
Programmable WLAN• In WiFi settings, clients choose what APs to
associate, broadcast, hard to track devices• Interactions among APs and clients are
decentralized, hard to add functionalities• Build a virtual AP abstraction to simplify client
management, without any client modificatoins• Virtual AP: enables seamless mobility and
load balancing
48
L Suresh et. al., “Towards programmable enterprise WLANS with Odin”, HotSDN 2012
Light VirtualAccess Point
49
50
Reference• Teemu Koponen et al., “Onix: A distributed control platform for large-scale production
networks”, OSDI, Oct, 2010• AD Ferguson et. al., “Hierarchical policies for software defined networks”, HotSDN 2012• D Levin et. al., “Logically centralized?: state distribution trade-offs in software defined
networks”, HotSDN 2012• S Hassas Yeganeh et. al., “Kandoo: a framework for efficient and scalable offloading of
control applications”, HotSDN 2012• A Khurshid et. al., “VeriFlow: verifying network-wide invariants in real time”, HotSDN 2012• N Handigol et. al., “Where is the debugger for my Software-Defined Network?”, HotSDN
2012• G Wang et. al., “Programming your network at run-time for big data applications”, HotSDN
2012• L Suresh et. al., “Towards programmable enterprise WLANS with Odin”, HotSDN 2012
51
Top Related