Reconciling Zero-conf with Efficiency in Enterprises Changhoon Kim and Jennifer Rexford Princeton University 1. State of the Art and Motivation Enterprise networks comprised of Ethernet-based IP subnets interconnected by routers Recent challenges Very large and highly populated Ethernet segments (e.g., campus-wide WLAN) Wide deployment of light bridges (e.g., wireless APs) Sometimes incapable of bridging, STP, VLAN, etc. Increasing demand of mobility Increasing complexity and inefficiency of IP address management (even with DHCP) Need for MAC-based access control Neither IP routing nor Ethernet bridging suffices Mechanisms Features Ethernet Bridging IP Routing Ease of Configuration Good Poor Mobility Addressing Optimality Path Optimality Load Distribution Tolerance to Loop Convergence Speed IEEE 802.1D Ethernet Bridging - Flat addressing - Self-learning - Flooding - STP C A IP Routing - Hierarchical addressing - Shortest path routing - Subnet configuration - Host configuration E B D Can’t we just take best parts of each? 2. Solution: SEIZE (Scalable and Efficient Zero-config Enterprise) Addressing and packet format: IEEE 802 Ethernet Mobility and minimal configuration via flat addressing Backward compatibility (including VLAN support) IP address provides external connectivity and application compatibility Core connectivity dissemination: Link-state protocol Efficient resource utilization via pair-wise shortest paths and load distribution Scalability Fast convergence End-host information dissemination: Consistent hash Scalability and stability via on-demand binding of host address and location Resistant to high churn rate O (1) look-up via link-state core 2.5 Delivery to x 3.2 Optimized tunneling directly from E to A y x C 1.1 Host discovery or active registration 2.1 Traffic to x A 2.4 Tunneling to egress node, A 1.2 Hashing (H(x) = B) 2.3 Hash-based routing to the relay node, B 2.2 Hashing (H(x) = B) E Link-state core Entire enterprise - A large single IP subnet (e.g., 10.1.0.0/16) 3.1 Notifying <x, A> to E B Network Node (MAC addr. = A) 1.3 Storing <x, A> at B D A 10.1.1.62 End-host (MAC addr. = x) x q p Control flow 10.1.2.17 Unique and location-independent IP addresses that do NOT belong to a specific subnet Data flow 10.1.3.45 3. Design Options 5. Prototyping and Evaluation Packet delivery mode Relayed or Direct Packet delivery mechanics Tunneling or Label swapping Label swapping borrows src MAC field to contain dst MAC End-host discovery “Discover-from-data” or Active registration ARP and DHCP Broadcasting or CHash-based proxy resolution Overloading DHCP for host discovery Intelligent broadcasting A sequence of unicasts along spanning tree Native Prototype Control plane XORP OSPF daemon Data plane Click EtherSwitch elements with some SEIZE extensions Overlay Prototype Wide-area virtual enterprises SIAS (SEIZE-In-A-Slice) Another VINI instance Data plane IP-encapsulated Ethernet frames Click EtherSwitch and IPRouter elements with SEIZE extensions Evaluation Modeling and analyzing host information caching behavior Simulation with ns-click Emulation on Emulab or PlanetLab Intra-enterprise/campus traffic dumps (just headers) are welcome! Click XORP IS-IS/OSPF SEIZE Switch CHash Rings HostInfo Store LS msgs Host info. query and registration msgs Data frames 4. Further Applications Load sensitive routing E.g., Selective application of VLB (Valiant Load Balancing) Service mobility Relay node masks hand off Src MAC-based reachability control Path obfuscation or anonymization Topology does not reveal actual data paths