Intelligent Network Services through Active Flow Manipulation

Slides:



Advertisements
Similar presentations
CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
Advertisements

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
NETWORK LAYER (1) T.Najah AlSubaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System NET331.
Introduction to Management Information Systems Chapter 5 Data Communications and Internet Technology HTM 304 Fall 07.
Data Communications Architecture Models. What is a Protocol? For two entities to communicate successfully, they must “speak the same language”. What is.
William Stallings Data and Computer Communications 7 th Edition Chapter 2 Protocols and Architecture.
CS335 Networking & Network Administration Tuesday, April 20, 2010.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,
Chapter 9 Classification And Forwarding. Outline.
Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,
COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.
Computer Networks with Internet Technology William Stallings
Gursharan Singh Tatla Transport Layer 16-May
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
Integrated Services (RFC 1633) r Architecture for providing QoS guarantees to individual application sessions r Call setup: a session requiring QoS guarantees.
Chapter 6: Packet Filtering
Protocols and the TCP/IP Suite
William Stallings Data and Computer Communications 7 th Edition Data Communications and Networks Overview Protocols and Architecture.
1/28/2010 Network Plus Network Device Review. Physical Layer Devices Repeater –Repeats all signals or bits from one port to the other –Can be used extend.
IP Forwarding.
May 28-29, DANCE Exposition Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines Tal Lavian - Nortel Networks.
NICTA-SEACS Seminar D. B. Hoang Advanced Research in Networking IICT – Faculty of IT University of Technology, Sydney A Programmable Platform for Internet.
1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.
Othman Othman M.M., Koji Okamura Kyushu University 1.
Module 10: How Middleboxes Impact Performance
4/19/20021 TCPSplitter: A Reconfigurable Hardware Based TCP Flow Monitor David V. Schuehler.
High-Speed Policy-Based Packet Forwarding Using Efficient Multi-dimensional Range Matching Lakshman and Stiliadis ACM SIGCOMM 98.
1 IEX8175 RF Electronics Avo Ots telekommunikatsiooni õppetool, TTÜ raadio- ja sidetehnika inst.
1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.
Software Defined Networking and OpenFlow Geddings Barrineau Ryan Izard.
1 COMP 431 Internet Services & Protocols The IP Internet Protocol Jasleen Kaur April 21, 2016.
Process-to-Process Delivery:
TUNALIData Communications1 Chapter 2 Protocols and Architecture.
1 Dynamic Classification in a Silicon-Based Forwarding Engine Technology Center, Nortel Networks & The University of Maryland Rob Jaeger
Computer Networks with Internet Technology William Stallings Chapter 2 Protocols and the TCP/IP Protocol Suite.
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
Lecture (2).
Distributed Mobility Management for Future 5G Networks : Overview and Analysis of Existing Approaches IEEE Wireless Communications January 2015 F. Giust,
A quick intro to networking
Computer Networks.
Networking Devices.
Tal Lavian Nortel Network, Advanced Technology Lab
Computer Networks with Internet Technology William Stallings
What the OSI Protocol Layers Do
OSI Protocol Stack Given the post man exemple.
NET323 D: Network Protocols
Data and Computer Communications by William Stallings Eighth Edition
TCP - Part I Relates to Lab 5. First module on TCP which covers packet format, data transfer, and connection management.
DDoS Attack Detection under SDN Context
Network Core and QoS.
ECEN “Internet Protocols and Modeling”
NET323 D: Network Protocols
A tool for locating QoS failures on an Internet path
Network Architecture for Cyberspace
SNMP (Simple Network Management Protocol) based Network Management
Chapter 11. Frame Relay Background Frame Relay Protocol Architecture
CIS679: Two Planes and Int-Serv Model
Network Fundamentals – Chapter 5
Request for Comments(RFC) 3489
16EC Computer networks unit II Mr.M.Jagadesh
Computer Networks Protocols
Integrating Active Networking and Commercial-Grade Routing Platforms
Review of Internet Protocols Network Layer
Transport Layer 9/22/2019.
Network Basics and Architectures Neil Tang 09/05/2008
Network Core and QoS.
Chapter 4: outline 4.1 Overview of Network layer data plane
Presentation transcript:

Intelligent Network Services through Active Flow Manipulation T. Lavian, P. Wang, F. Travostino, S. Subramanian, D. Hoang, V. Sethaput Nortel Networks, UC Berkeley, Harvard U Intelligent Network Services through Active Flow Manipulation T. Lavian, P. Wang, F. Travostino, S. Subramanian, D. Hoang, V. Sethaput NORTEL Networks ABSTRACT A significant challenge in today's Internet is the ability to efficiently introduce intelligent network services into commercial high performance network devices. This paper tackles the challenge by intro-ducing the Active Flow Manipulation (AFM) mechanism, a key enabling technology of the programmable networking platform Openet. AFM enhances the control functionality of network devices through programmability. With AFM, customer network services can exercise intelligent network control by identifying specific flows and applying particular actions thereby altering their behavior in real-time. These services are dynamically deployed in the CPU-based control plane and are closely cou-pled with the silicon-based forwarding plane of the network node, without negatively impacting forwarding performance. The effectiveness of our approach is demonstrated by several experimental applications on a commercial network node.

Outline Introduction Network Element – Control Plane/Forwarding Plane Active Flow Manipulation (AFM) abstractions OPENET Examples Conclusion

Programmability A significant challenge in today’s Internet is the ability to efficiently incorporate customizable network intelligence in commercial high performance network devices. Framework for introducing services API for programming network devices

Network Element Limited control of the forwarding plane Routers are not reprogrammable (except by vendors) Users can only see IP/ICPM packets, but have no direct control over the internal handling of their data. Software: routing protocols, Network management, etc. ASIC: packet forwarding

Programmable Network Element Routing Signaling Controllers Router Control Interface Local Resource Manager Classifier Scheduler Software: routing protocols, Network management, etc. ASIC: packet forwarding

Active Flow Manipulation Abstractions Aggregate data into traffic flows Flows whose characteristics can be identified in real-time E.g., “all UDP packets to a particular service”, “all TCP packets from a particular machine”. Actions to be performed in the traffic flows Actions that can be performed in real-time E.g., “Change the priority of all traffic destined to a particular service on a particular machine”, “Stop all traffic out of a particular link of a router”.

Identifiable Elements of Primitive Flows Destination Address (DA) Range of Destination Address (RDA) Source Address (SA) Range of Source Address (RSA) Exact TCP protocol match (TCP) Exact UDP protocol match (UDP) Exact ICMP protocol match (ICMP) Source Port number, for both TCP and UDP (SP) Destination Port number for both TCP and UDP (DP) TCP connection request (TCPReg) ICMP request (ICMPReg) DS field of a datagram (DS) IP Frame fragment (FrameFrag)

Primitive Permissible actions Drop Forward Mirror Stop on Match (SOM) Detect Out of Profile behaviour (Out) Change DSCP value (DSCP) Prevent TCP Connect Request Modify IEEE 802.1p bit  

Destination Address (DA) A subset of flows   Destination Address (DA) All traffic to a particular destination machine Range of DA All traffic to a range of destination machines Source Address (SA) All traffic between 2 particular machines Range of SAs All traffic from many source machines to a particular destination TCP All TCP flows to a particular destination machine UDP All data gram packets to a particular destination machine ICMP All ICMP messages to a particular destination machine ICMP Request All ICMP requests to a particular destination machine TCP ACK All TCP acknowledgements to a particular destination machine TCP RST All TCP connection with the RST bit set DP (TCP) All TCP flows to a particular service in a particular server machine DP (UDP) All UDP datagram to a particular service in a particular machine SA-SP (TCP) All TCP flows from particular client of a source to a destination SA-SP (UDP) All UDP datagram from a client of a source to a destination IP Fragments All IP fragments to a particular destination machine DS Field All traffic of a particular QoS class to a particular destination VLAN All traffic from a particular VLAN to a particular destination Switch-Port All traffic on a particular switch port to a particular destination

New Capabilities Allow introducing services and control on demands dynamically Services can be any general network applications Control on demands to manipulate flows and flow aggregates Allowing dynamic and mobile agents Respond quickly to changes in traffic conditions. Cope with unforeseen requirements Extending router functionality (optimization) Multiple control elements are installed at routers or hosts and they collaborate to achieve some overall objective.

Openet Architecture

Openet: Passport Implementation

Active Flow Priority Change in Real-time

AIACE Number of flows (log) Number of flows (log) 7 3 2 1 8 6 5 6 5 4 7 4 3 8 2 1 Bytes carried in 30 secs. In this example, a network-node organizes about 2 million PDU traces into 30,000 IP flows. It classifies the resulting flows based on the bytes transferred on each flow. It then ranks flows (from 1 to 8). The higher the rank number, the higher the chance that the flow will not be transferred to the accounting server in case of data overload. The node now structures the same accounting data into QoS-flavored flows (same X and Y axis as in a). After applying a QoS-specific weighting algorithm to the flows, the node ranks flows with different results than a). The weighting algorithm can be arbitrarily complex and take into account other considerations besides bytes transferred (e.g., hosts, number of packets, duration).

Regatta: Dynamic flow bypass

Regatta: Reactivity times Flow Path Reactivity Time (s) Static route Infinite Routed 152 Regatta 10/1 10 Regatta 10/5 47 Regatta 5/5 24 Regatta M/HB M*HB

Conclusions AFM enables dynamic introduction of services AFM enables rapid network response to changing conditions AFM in a powerful control plane can lead to sophisticated control over forward plane AFM allows practical implementation of programmability in a real world network device

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.