Software-Defined Networking

Slides:



Advertisements
Similar presentations
Incremental Update for a Compositional SDN Hypervisor Xin Jin Jennifer Rexford, David Walker.
Advertisements

Compiling Path Queries in Software-Defined Networks Srinivas Narayana Jennifer Rexford and David Walker Princeton University.
Dynamic Scheduling of Network Updates Xin Jin Hongqiang Harry Liu, Rohan Gandhi, Srikanth Kandula, Ratul Mahajan, Ming Zhang, Jennifer Rexford, Roger Wattenhofer.
SDN Applications Jennifer Rexford Princeton University.
Programming Protocol-Independent Packet Processors
Composing Software Defined Networks
Composing Software-Defined Networks Princeton*Cornell^ Chris Monsanto*, Joshua Reich* Nate Foster^, Jen Rexford*, David Walker*
Nanxi Kang Princeton University
Jennifer Rexford Princeton University
Modular SDN Programming w/ Pyretic
Slick: A control plane for middleboxes Bilal Anwer, Theophilus Benson, Dave Levin, Nick Feamster, Jennifer Rexford Supported by DARPA through the U.S.
Practical and Incremental Convergence between SDN and Middleboxes 1 Zafar Qazi Cheng-Chun Tu Luis Chiang Vyas Sekar Rui Miao Minlan Yu.
Incremental Consistent Updates Naga Praveen Katta Jennifer Rexford, David Walker Princeton University.
Performance Evaluation of Open Virtual Routers M.Siraj Rathore
Programming Abstractions for Software-Defined Networks Jennifer Rexford Princeton University.
Scalable Flow-Based Networking with DIFANE 1 Minlan Yu Princeton University Joint work with Mike Freedman, Jennifer Rexford and Jia Wang.
Data Plane Verification. Background: What are network policies Alice can talk to Bob Skype traffic must go through a VoIP transcoder All traffic must.
Software Defined Networking By: Widhi Yahya. Introduction.
Languages for Software-Defined Networks Nate Foster, Arjun Guha, Mark Reitblatt, and Alec Story, Cornell University Michael J. Freedman, Naga Praveen Katta,
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.
Software Defined Networking
Cellular Core Network Architecture
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Composing Software Defined Networks Jennifer Rexford Princeton University With Joshua Reich, Chris Monsanto, Nate Foster, and.
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
OpenFlow: Enabling Technology Transfer to Networking Industry Nikhil Handigol Nikhil Handigol Cisco Nerd.
Frenetic: A Programming Language for Software Defined Networks Jennifer Rexford Princeton University Joint work with Nate.
Software-Defined Networks Jennifer Rexford Princeton University.
Higher-Level Abstractions for Software-Defined Networks Jennifer Rexford Princeton University.
Languages for Software-Defined Networks Nate Foster, Michael J. Freedman, Arjun Guha, Rob Harrison, Naga Praveen Katta, Christopher Monsanto, Joshua Reich,
Professor Yashar Ganjali Department of Computer Science University of Toronto Some slides courtesy.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks TCP.
Copyright 2013 Open Networking User Group. All Rights Reserved Confidential Not For Distribution Programming Abstractions for Software-Defined Networks.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Jennifer Rexford Princeton University MW 11:00am-12:20pm Measurement COS 597E: Software Defined Networking.
Programming Languages for Software Defined Networks Jennifer Rexford and David Walker Princeton University Joint work with the.
High-Level Abstractions for Programming Software Defined Networks Joint with Nate Foster, David Walker, Arjun Guha, Rob Harrison, Chris Monsanto, Joshua.
Programming Abstractions for Software-Defined Networks Jennifer Rexford Princeton University.
Enabling Innovation Inside the Network Joint with Nate Foster, David Walker, Rob Harrison, Chris Monsanto, Cole Schlesinger, Mike Freedman, Mark Reitblatt,
CellSDN: Software-Defined Cellular Core networks Xin Jin Princeton University Joint work with Li Erran Li, Laurent Vanbever, and Jennifer Rexford.
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Programming Languages COS 597E: Software Defined Networking.
OpenFlow MPLS and the Open Source Label Switched Router Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan,
Enabling Innovation Inside the Network Jennifer Rexford Princeton University
Measurement Query Languages for Software-Defined Networks Jennifer Rexford Princeton University Joint work with Srinivas.
Introduction to Mininet, Open vSwitch, and POX
Jennifer Rexford Princeton University MW 11:00am-12:20pm Data-Plane Verification COS 597E: Software Defined Networking.
NetEgg: Scenario-based Programming for SDN Policies Yifei Yuan, Dong Lin, Rajeev Alur, Boon Thau Loo University of Pennsylvania 1.
Presenter : Weerawardhana J.L.M.N. Department of Computer Engineering, University of Peradeniya.
Jennifer Rexford Princeton University MW 11:00am-12:20pm Testing and Debugging COS 597E: Software Defined Networking.
Atrium Router Project Proposal Subhas Mondal, Manoj Nair, Subhash Singh.
Traditional network Coupled data plane (switch hardware) and control plane (switch software) Closed, proprietary interface Hard to change and innovate.
RuleTris: Minimizing Rule Update Latency for TCAM-based SDN Switches Xitao Wen*, Bo Yang #, Yan Chen*, Li Erran Li $, Kai Bu #, Peng Zheng &, Yang Yang*,
Programming SDN 1 Problems with programming with POX.
Konstantin agouros Omkar deshpande
SDN challenges Deployment challenges
SDN Network Updates Minimum updates within a single switch
Programming SDN Newer proposals Frenetic (ICFP’11) Maple (SIGCOMM’13)
Multi-layer software defined networking in GÉANT
6.829 Lecture 13: Software Defined Networking
Programming the Networks of the Future
Programmable Networks
Composing Software-Defined Networks
Enabling Innovation Inside the Network
Languages for Software-Defined Networks
Programmable Networks
Programmable Software Switches
Elmo Muhammad Shahbaz Lalith Suresh, Jennifer Rexford, Nick Feamster,
Control-Data Plane Separation
Presentation transcript:

CoVisor: A Compositional Hypervisor for Software-Defined Networks Xin Jin Jennifer Gossels, Jennifer Rexford, David Walker

Software-Defined Networking Centralized control with open APIs Application Controller OpenFlow Network

Multiple Management Tasks Hard to develop and maintain a monolithic application MAC Learner + Firewall + Gateway + Monitor + IP Router Controller OpenFlow Network

Modular SDN Applications Frenetic: composition operators to combine multiple applications Limitation: need to adopt Frenetic language and runtime system MAC Learner Firewall Gateway Monitor IP Router Frenetic Controller OpenFlow Network

Frenetic is Not Enough “Best of breed” applications are developed by different parties Use different programming languages Run on different controllers Want to mix-and-match third-party controllers MAC Learner Firewall Gateway Monitor IP Router POX Ryu Floodlight ONOS ODL Network

Slicing is Not Enough FlowVisor/Open VirteX: each controller works on a disjoint slice of traffic Firewall Ryu Router ODL OR Packet But, we want multiple controllers to collaboratively work on the same traffic Firewall Ryu Router ODL Packet

CoVisor: A Compositional Hypervisor for SDN Provide a clean interface to compose multiple controllers on the same network Composition of multiple controllers Composition operators to compose multiple controllers Constraints on individual controllers Visibility: virtual topology to each controller Capability: fine-grained access control to each controller

Composition of Multiple Controllers Parallel operator (+): two controllers process packets in parallel Sequential operator (>>): two controllers process packets one after another Override operator ( ): one controller chooses to act or defer the process to another controller Use multiple operators Monitor Router Firewall Router Elephant Flow Router Default Router Firewall Monitor Router

Constraints on Topology Visibility Create virtual topology with two primitives Benefits: information hiding, controller reuse, composition Many-to-One One-to-Many Firewall MAC Learner Gateway IP Router E G I Virtual Physical Ethernet Island S IP Core

Constraints on Packet Handling Capability Protect against buggy or malicious third-party controllers Constrains on pattern: header field, match type E.g., MAC learner: srcMAC(Exact), dstMAC(Exact), inport(Exact) Constraints on action: actions on matched packets E.g., MAC learner: fwd, drop

CoVisor: A Compositional Hypervisor for SDN MAC Learner POX Firewall Ryu Gateway Floodlight Monitor ONOS IP Router ODL OpenFlow E G I Compose/ACL Devirtualize G E I CoVisor OpenFlow Ethernet Island S IP Core

Compiling Policy Composition Policy: a list of rules Compile policies from controllers to a single policy 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 0. *  drop Router Priority Match Action

Compiling Policy Composition Policy: a list of rules Compile policies from controllers to a single policy 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 0. *  drop Router ?. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1)

Policy Compilation Policy: a list of rules Compile policies from controllers to a single policy 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 0. *  drop Router ?. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) ?. srcip=1.0.0.0/24  count ?. dstip=2.0.0.0/30  fwd(1) ?. *  drop

Key challenge: Efficient data plane update Controllers continuously update their policies Hypervisor recompiles them and update switches 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 3. dstip=2.0.0.0/26  fwd(2) 0. *  drop Router ?. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) ?. srcip=1.0.0.0/24  count ?. dstip=2.0.0.0/30  fwd(1) ?. *  drop

Key challenge: Efficient data plane update Computation overhead The computation to recompile the new policy Rule-update overhead The rule-updates to update switches to the new policy 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 3. dstip=2.0.0.0/26  fwd(2) 0. *  drop Router ?. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) ?. srcip=1.0.0.0/24  count ?. dstip=2.0.0.0/30  fwd(1) ?. *  drop

Naïve Solution Assign priorities from top to bottom by decrement of 1 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 0. *  drop Router 3. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) 2. srcip=1.0.0.0/24  count 1. dstip=2.0.0.0/30  fwd(1) 0. *  drop

Naïve Solution Assign priorities from top to bottom by decrement of 1 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 3. dstip=2.0.0.0/26  fwd(2) 0. *  drop Router 5. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) 4. srcip=1.0.0.0/24, dstip=2.0.0.0/26  count, fwd(2) 3. srcip=1.0.0.0/24  count 2. dstip=2.0.0.0/30  fwd(1) 1. dstip=2.0.0.0/26  fwd(2) 0. *  drop

Naïve Solution Assign priorities from top to bottom by decrement of 1 3. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) 2. srcip=1.0.0.0/24  count 1. dstip=2.0.0.0/30  fwd(1) 0. *  drop Computation overhead Recompute the entire switch table and assign priorities Rule-update overhead Only 2 new rules, but 3 more rules change priority Update 5. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) 4. srcip=1.0.0.0/24, dstip=2.0.0.0/26  count, fwd(2) 3. srcip=1.0.0.0/24  count 2. dstip=2.0.0.0/30  fwd(1) 1. dstip=2.0.0.0/26  fwd(2) 0. *  drop

Incremental Update Add priorities for parallel composition 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 0. *  drop Router 9+7 = 16. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1)

Incremental Update Add priorities for parallel composition Monitor 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 0. *  drop Router 9+7=16. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) 9+0=9. srcip=1.0.0.0/24  count 0+7=7. dstip=2.0.0.0/30  fwd(1) 0+0=0. *  drop

Incremental Update Add priorities for parallel composition Monitor 9. srcip=1.0.0.0/24  count 0. *  drop Monitor 7. dstip=2.0.0.0/30  fwd(1) 3. dstip=2.0.0.0/26  fwd(2) 0. *  drop Router 9+7=16. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) 9+3=12. srcip=1.0.0.0/24, dstip=2.0.0.0/26  count, fwd(1) 9+0=9. srcip=1.0.0.0/24  count 0+7=7. dstip=2.0.0.0/30  fwd(1) 0+3=3. dstip=2.0.0.0/26  fwd(1) 0+0=0. *  drop

Incremental Update Add priorities for parallel composition 16. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) 9. srcip=1.0.0.0/24  count 7. dstip=2.0.0.0/30  fwd(1) 0. *  drop Computation overhead Only compose the new rule with rules in monitor Rule-update overhead Add 2 new rules Update 16. srcip=1.0.0.0/24, dstip=2.0.0.0/30  count, fwd(1) 12. srcip=1.0.0.0/24, dstip=2.0.0.0/26  count, fwd(2) 9. srcip=1.0.0.0/24  count 7. dstip=2.0.0.0/30  fwd(1) 3. dstip=2.0.0.0/26  fwd(2) 0. *  drop

Incremental Update Add priorities for parallel composition Concatenate priorities for sequential composition Load Balancer Router 3. srcip=0.0.0.0/2, dstip=3.0.0.0  dstip=2.0.0.1 1. dstip=3.0.0.0  dstip=2.0.0.2 0. *  drop 1. dstip=2.0.0.1  fwd(1) 1. dstip=2.0.0.2  fwd(2) 0. *  drop . srcip=0.0.0.0/2, dstip=3.0.0.0  dstip=2.0.0.1, fwd(1) 3 >> 1 = 25, 011 001 High Bits Low

Incremental Update Add priorities for parallel composition Concatenate priorities for sequential composition Load Balancer Router 3. srcip=0.0.0.0/2, dstip=3.0.0.0  dstip=2.0.0.1 1. dstip=3.0.0.0  dstip=2.0.0.2 0. *  drop 1. dstip=2.0.0.1  fwd(1) 1. dstip=2.0.0.2  fwd(2) 0. *  drop 25. srcip=0.0.0.0/2, dstip=3.0.0.0  dstip=2.0.0.1, fwd(1) 9. dstip=3.0.0.0  dstip=2.0.0.2, fwd(2) 0. *  drop

Incremental Update Add priorities for parallel composition Concatenate priorities for sequential composition Stack priorities for override composition Elephant Flow Router Default Router (Max priority = 8) 1. srcip=1.0.0.0, dstip=3.0.0.0  fwd(3) 1. dstip=2.0.0.1  fwd(1) 1. dstip=2.0.0.2  fwd(2) 0. *  drop 1 + 8 = 9. srcip=1.0.0.0, dstip=3.0.0.0  fwd(3) 1. dstip=2.0.0.1  fwd(1) 1. dstip=2.0.0.2  fwd(2) 0. *  drop

CoVisor: A Compositional Hypervisor for SDN MAC Learner POX Firewall Ryu Gateway Floodlight Monitor ONOS IP Router ODL OpenFlow E G I Compose/ACL Devirtualize G E I CoVisor OpenFlow Ethernet Island S IP Core

Compiling One-to-Many Virtualization * E1 E2 G1 G2 I1 I2 E G I Virtual Physical Symbolic path generation Sequential composition E1 E2 G1 G2 I2 I1 S

Compiling One-to-Many Virtualization * E1 E2 G1 G2 I1 I2 E G I Virtual Physical Symbolic path generation Sequential composition Priority augmentation S1 S2 S3 S

Implementation and Evaluation Project website: http://covisor.cs.princeton.edu Code, tutorial, etc. Evaluation Parallel composition: L2 Monitor + L2 Router Sequential composition: L3-L4 Firewall >> L3 Router Topology virtualization: gateway between an Ethernet island and an IP core

Parallel Composition: L2Monitor + L2 Router Compilation time of inserting one rule to L2 Monitor Policy

Parallel Composition: L2Monitor + L2 Router Rule-update overhead of inserting one rule to L2 Monitor Policy

Conclusion CoVisor is a compositional hypervisor for software-defined networks Provide a clean interface to compose multiple controllers on the same network For more, visit http://covisor.cs.princeton.edu Ongoing work: integrate into ONOS with ON.LAB

Thanks!

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.