Slick: A control plane for middleboxes Bilal Anwer, Theophilus Benson, Dave Levin, Nick Feamster, Jennifer Rexford Supported by DARPA through the U.S.

Slides:



Advertisements
Similar presentations
Towards Software Defined Cellular Networks
Advertisements

SDN Controller Challenges
Toward Practical Integration of SDN and Middleboxes
Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:
Frenetic: A High-Level Language for OpenFlow Networks Nate Foster, Rob Harrison, Matthew L. Meola, Michael J. Freedman, Jennifer Rexford, David Walker.
CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks or: How to Provide Security Monitoring as a Service in Clouds? Seungwon.
Composing Software Defined Networks
Nanxi Kang Princeton University
An Overview of Software-Defined Network Presenter: Xitao Wen.
SDN: Extensions Middleboxes 1 Ack: Vyas Sekar, Aaron Gember, Felipe Huici, Zafar Qazi.
OpenFlow-Based Server Load Balancing GoneWild
Scalable Network Virtualization in Software-Defined Networks
Scalable Flow-Based Networking with DIFANE 1 Minlan Yu Princeton University Joint work with Mike Freedman, Jennifer Rexford and Jia Wang.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
An Overview of Software-Defined Network
Data Plane Verification. Background: What are network policies Alice can talk to Bob Skype traffic must go through a VoIP transcoder All traffic must.
Jaehoon (Paul) Jeong, Hyoungshick Kim, and Jung-Soo Park
Chapter 9 Classification And Forwarding. Outline.
An Overview of Software-Defined Network Presenter: Xitao Wen.
SECURING NETWORKS USING SDN AND MACHINE LEARNING DRAGOS COMANECI –
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Composing Software Defined Networks Jennifer Rexford Princeton University With Joshua Reich, Chris Monsanto, Nate Foster, and.
OpenFlow-Based Server Load Balancing GoneWild Author : Richard Wang, Dana Butnariu, Jennifer Rexford Publisher : Hot-ICE'11 Proceedings of the 11th USENIX.
Networking Virtualization Using FPGAs Russell Tessier, Deepak Unnikrishnan, Dong Yin, and Lixin Gao Reconfigurable Computing Group Department of Electrical.
Information-Centric Networks10b-1 Week 13 / Paper 1 OpenFlow: enabling innovation in campus networks –Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru.
OpenFlow Tutorial Theophilus Benson. Outline Components in an OpenFlow testbed Setting up a testbed Writing a new component – C++ components version –
OpenFlow: Enabling Technology Transfer to Networking Industry Nikhil Handigol Nikhil Handigol Cisco Nerd.
Frenetic: A Programming Language for Software Defined Networks Jennifer Rexford Princeton University Joint work with Nate.
Software-Defined Networks Jennifer Rexford Princeton University.
Software Defined-Networking. Network Policies Access control: reachability – Alice can not send packets to Bob Application classification – Place video.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Sujayyendhiren RS, Kaiqi Xiong and Minseok Kwon Rochester Institute of Technology Motivation Experimental Setup in ProtoGENI Conclusions and Future Work.
CloudNaaS: A Cloud Networking Platform for Enterprise Applications Theophilus Benson*, Aditya Akella*, Anees Shaikh +, Sambit Sahu + (*University of Wisconsin,
Enforcing Network-Wide Policies in the Presence of Dynamic Middlebox Actions using FlowTags Seyed K. Fayazbakhsh *, Luis Chiang ¶, Vyas Sekar *, Minlan.
Fast NetServ Data Path: OpenFlow integration Emanuele Maccherani Visitor PhD Student DIEI - University of Perugia, Italy IRT - Columbia University, USA.
Programming Languages for Software Defined Networks Jennifer Rexford and David Walker Princeton University Joint work with the.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Aaron Gember, Theophilus Benson, Aditya Akella University of Wisconsin-Madison.
CellSDN: Software-Defined Cellular Core networks Xin Jin Princeton University Joint work with Li Erran Li, Laurent Vanbever, and Jennifer Rexford.
Improving Network Management with Software Defined Network Group 5 : z Xuling Wu z Haipeng Jiang z Sichen Wu z Aparna Sanil.
Information-Centric Networks Section # 13.2: Alternatives Instructor: George Xylomenos Department: Informatics.
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Programming Languages COS 597E: Software Defined Networking.
NetEgg: Scenario-based Programming for SDN Policies Yifei Yuan, Dong Lin, Rajeev Alur, Boon Thau Loo University of Pennsylvania 1.
Theophilus Benson*, Ashok Anand*, Aditya Akella*, Ming Zhang + *University of Wisconsin, Madison + Microsoft Research.
1 Three ways to (ab)use Multipath Congestion Control Costin Raiciu University Politehnica of Bucharest.
Software Defined Networking and OpenFlow Geddings Barrineau Ryan Izard.
Preliminaries: EE807 Software-defined Networked Computing KyoungSoo Park Department of Electrical Engineering KAIST.
THE HEBREW UNIVERSITY OF JERUSALEM OpenBox: A Software-Defined Framework for Developing, Deploying, and Managing Network Functions Yotam Harchol The Hebrew.
InterVLAN Routing 1. InterVLAN Routing 2. Multilayer Switching.
Programming SDN 1 Problems with programming with POX.
Ready-to-Deploy Service Function Chaining for Mobile Networks
SDN challenges Deployment challenges
Yotam Harchol The Hebrew University of Jerusalem
University of Maryland College Park
The DPIaaS Controller Prototype
NOX: Towards an Operating System for Networks
of Dynamic NFV-Policies
6.829 Lecture 13: Software Defined Networking
A Novel Framework for Software Defined Wireless Body Area Network
Northbound API Dan Shmidt | January 2017
CS 31006: Computer Networks – The Routers
DDoS Attack Detection under SDN Context
Enabling Innovation Inside the Network
Implementing an OpenFlow Switch on the NetFPGA platform
SDNFV: Towards a Flexible and Dynamic Smart Data Plane Motivation
Programmable Networks
Programmable Switches
Autonomous Network Alerting Systems and Programmable Networks
OpenSec:Policy-Based Security Using Software-Defined Networking
Elmo Muhammad Shahbaz Lalith Suresh, Jennifer Rexford, Nick Feamster,
Presentation transcript:

Slick: A control plane for middleboxes Bilal Anwer, Theophilus Benson, Dave Levin, Nick Feamster, Jennifer Rexford Supported by DARPA through the U.S. Navy SPAWAR under contract N C-4017

Network Policies Reachability – Alice can not send packets to Bob Application classification – Place Skype traffic in the gold queue

Limitations of SDN Data Plane : Fwd Port 1 A2:e3:f1:ba:ea:23:* Drop Match Action Limited actions and matching – Match: Ethernet, IP, TCP/UDP port numbers – Action: forward, drop, rewrite header, etc.

Extending SDN’s Data Plane Expand the OpenFlow standards – Requires hardware support Implement richer data plane in controller – Introduces additional latency to packets Add new devices (Middleboxes)

Example: Detecting Network Attacks Inspect all DNS traffic with a DPI device If suspicious lookup takes place, send to traffic scrubber Inspect all DNS traffic with a DPI device If suspicious lookup takes place, send to traffic scrubber

Example: Detecting Network Attacks Inspect all DNS traffic with a DPI device If suspicious lookup takes place, send to traffic scrubber Inspect all DNS traffic with a DPI device If suspicious lookup takes place, send to traffic scrubber

Example: Detecting Network Attacks Inspect all DNS traffic with a DPI device If suspicious lookup takes place, send to traffic scrubber Inspect all DNS traffic with a DPI device If suspicious lookup takes place, send to traffic scrubber

Example: Detecting Network Attacks Inspect all DNS traffic with a DPI device If suspicious lookup takes place, send to traffic scrubber Inspect all DNS traffic with a DPI device If suspicious lookup takes place, send to traffic scrubber

Challenges Specify network policies across middleboxes – Difficult to automatically react to middlebox events Dynamically place sophisticated middleboxes – Difficult to determine efficient placement – Difficult to adjust placement to traffic patterns Support for arbitrary middlebox functionality – Difficult to capture hardware requirements

Slick Contributions Abstraction for programming middleboxes – Simplifies the development of network policies – Separates specification of intent from implementation Dynamic placement of middlebox functionality – Online resource allocation algorithm Support for heterogeneous devices – Maintains performance profiles of middlebox

Slick Architecture Slick Controller Middlebox Element Middlebox Element Middlebox Element Middlebox Element Application Encodes network policy Provides handlers for triggers Encodes network policy Provides handlers for triggers Piece of code encapsulating middlebox functions Your network operator 3 rd party element developers Programmable device: NetFPGA, x86 server Virtual Switch Triggers from elements

Slick Architecture Slick Controller Application Runs applications Runs resource allocation algo. Places middlebox elements Steers traffic through middleboxes Configures switches Runs applications Runs resource allocation algo. Places middlebox elements Steers traffic through middleboxes Configures switches Installs/uninstalls middlebox functions Deploy Middlebox code Middlebox Element Middlebox Element Middlebox Element Middlebox Element Programmable device: NetFPGA, x86 server Virtual Switch

Slick Controller Features Resource allocation heuristic – Minimizes latency  minimize path length Dealing with heterogeneity – Algorithms for discovering hardware – Model of middlebox performance

Slick Controller Features Resource allocation Heuristic – Inputs: – Constraint: Hardware limitations of slick servers – Objective: minimize latency, maximize throughput Dealing with heterogeneity – Different hardware provides different throughput – Mapping of elements to acceptable hardware – Create models for automatically characterizing elements

Resource Allocation Heuristic Resource allocation heuristic Resource allocation heuristic Traffic Steering OpenFlow Controller OpenFlow Controller Placement Decisions Traffic matrix And topology Network policies in applications Middlebox perf profile Hardware constraints Programmable device Virtual Switch Programmable device Virtual Switch Objective: minimize latency (path lengths)

Status and Conclusion Slick: control plane for middleboxes – Presented an initial architecture – Discussed algorithmic challenge Slick is implemented in python – Slick controller as a module on NoX – Developed 2 applications and 3 middlebox elements

Current Status Slick is implemented in python – Slick controller as a module on NoX – Developed 2 applications and 3 middlebox elements

Conclusion and Open Questions Slick: control plane for middleboxes – Presented an initial architecture – Discussed algorithmic challenge Open questions – How can developers help guide placement? – What is the optimal solution for resource allocation?

Questions?

Related Work CoMB [NSDI ’12] – Calculations are off-line – Focuses on placement (paths are fixed) PLayer [Sigcomm ‘08] – Focuses solely on traffic steering Point solutions lacking the generality to allow operators to generate dynamic policies

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.