Presentation is loading. Please wait.

Presentation is loading. Please wait.

Programmable Software Switches

Published byRidwan Irawan Modified over 5 years ago

Similar presentations

Presentation on theme: "Programmable Software Switches"— Presentation transcript:

1 Programmable Software Switches
Lecture 11, Computer Networks (198:552)

2 Software-Defined Network (SDN)
Centralized control plane Data plane Data plane Data plane Data plane

3 Why software switching?
Early roots in networking: first switches were fully in software … until high link speeds forced everyone to make ASICs A tool for experimentation Virtualization: need flexible switching policies inside endpoint! Why switching? Where is all the policy coming from?

4 What do software switches need to do?
Forward packets based on specified rules Allow changing the forwarding rules frequently Provide high performance High throughput and low latency Be robust Different traffic patterns (e.g., port scans) Can we make performance deterministic?

5 A conventional packet data path
L2 matching (exact match on 48-bit MAC address) L3 matching (Longest-prefix-match on 32-bit IP address) Access Control List (ACL) (flexible fields + priorities) pkt

6 A packet data path in a virtualized cluster
Multiple logical data paths with frequent rule changes Tenant policies Provider policies Topology traversal

7 High performance is challenging
Lots of lookups Compute hashes and maintain other data structures Large tables: numerous highly-specific keys User-kernel crossings Programmable toolchain much easier to build in user space Rules and policies change a lot New tenants, new endpoints, VM migrations, … Need to understand computer systems deeply Costs of memory accesses and hash computations Core/thread-level parallelism, NIC-queue-to-core mapping, etc.

8 A few other quirks to accommodate
Metadata carried between table stages Ex: Late-bind forwarding decisions Ex: Accumulate partial field modifications before one-shot write Statistics per flow Counters Timeouts Stateful processing Connection tracking for firewalls: e.g., TCP establishment state NAT, DNS tunnel detection, load balancing, … <insert your idea here!>

9 Papers for today: Click and OpenVSwitch
Each highly influential in its own right Click spurred a lot of work in flexible router design OVS spurred work on programmable networks Useful software tools: Course project and beyond! Useful tools layered on top Mininet, network functions, ... Active research area: packet processing performance + flexibility Kernel bypass Hardware offloads Kernel network stack optimizations

10 The Design and Implementation of OpenVSwitch
Usenix NSDI ‘15 Ben Pfaff et al.

11 Deployment setting: Virtualized clusters

12 Implications for forwarding performance
Complex policies: Can’t do 100+ lookups per packet!

13 Idea 1: Microflow cache Microflow: complete set of packet headers and metadata Example: srcIP, dstIP, IP TTL, srcMAC, dstMAC Just one lookup per packet! Hit Microflow cache in the kernel Use a large hash table Miss Openflow table in user space

14 Problems with micro-flows
Too many micro-flows: e.g., each TCP port Many micro-flows may be short lived! Poor cache-hit rate Can we cache the outcome of rule lookup directly? Naive approach: Cross-product explosion! Example: Table 1 on source IP, table 2 on destination IP

15 Idea 2: Mega-flow cache Build the cache of rules lazily using fields accessed in OF table Ex: contain just src/dst IP combinations that appeared in packets Hit Megaflow cache in the kernel Use tuple space search Miss Openflow table in user space

16 Improvements to mega-flow caching
You have an OF table. What happens if you populate the mega- flow blindly by concatenating the fields accessed on lookup? Hint 1: consider flow tables that match on highly variable fields Hint 2: consider priorities of rules with overlapping matches Hint 3: consider the number of lookups vs. microflow cache OVS introduced a series of algorithmic improvements Priority sorting of mega-flow tables Staged lookups starting with more static sets of fields Prefix trie to detect non-overlapping longest-prefix matches Combine with micro-flow cache!

17 Click Modular Router Symposium on Operating Systems Principles (SOSP) ‘99 Robert Morris, Eddie Kohler, John Jannotti, and Frans Kaashoek

18 Motivation for Click Flexibility: Add new features and enable experimentation Openness: Allow users/researchers to build and extend … In contrast to most commercial routers Modularity Simplify the composition of existing features Simplify the addition of new features Speed/efficiency Operation (optionally) in the operating system ... without the user needing to grapple with OS internals

19 Router as a graph of elements
Large number of small elements Each performing a simple packet function E.g., IP look-up, TTL decrement, buffering Connected together in a graph Elements inputs/outputs snapped together Beyond elements in series to a graph E.g., packet duplication or classification Packet flow as main organizational primitive Consistent with data-plane operations on a router (Larger elements needed for, say, control planes)

20 Click elements: Push vs. pull
Packet hand-off between elements Directly inspired by properties of routers Annotations on packets to carry temporary state Push processing Initiated by the source end E.g., when an unsolicited packet arrives (e.g., from a device) Pull processing Initiated by the destination end E.g., to control timing of packet processing (e.g., based on a timer or packet scheduler)

21 Click language Declarations Connections Compound elements
Create elements Connections Connect elements Compound elements Combine multiple smaller elements, and treat as single, new element to use as a primitive class Language extensions through element classes Use configuration strings, rather than syntactic extensions

22 Example: Stochastic Fair Queueing

23

24 Backup Slides

25 Handlers and Control Socket
Access points for user interaction Appear like files in a file system Can have both read and write handlers Examples Installing/removing forwarding-table entries Reporting measurement statistics Changing a maximum queue length Control socket Allows other programs to call read/write handlers Command sent as single line of text to the server

26 Example: EtherSwitch Element
Ethernet switch Expects and produces Ethernet frames Each input/output pair of ports is a LAN Learning and forwarding switch among these LANs Element properties Ports: any # of inputs, and same # of outputs Processing: push Element handlers Table (read-only): returns port association table Timeout (read/write): returns/sets TIMEOUT

Download ppt "Programmable Software Switches"

Similar presentations

IP Router Architectures. Outline Basic IP Router Functionalities IP Router Architectures.

IP Router Architectures. Outline Basic IP Router Functionalities IP Router Architectures.
Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:

Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:
Slick: A control plane for middleboxes Bilal Anwer, Theophilus Benson, Dave Levin, Nick Feamster, Jennifer Rexford Supported by DARPA through the U.S.

Slick: A control plane for middleboxes Bilal Anwer, Theophilus Benson, Dave Levin, Nick Feamster, Jennifer Rexford Supported by DARPA through the U.S.
An Overview of Software-Defined Network Presenter: Xitao Wen.

An Overview of Software-Defined Network Presenter: Xitao Wen.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.

Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
Router Architecture : Building high-performance routers Ian Pratt

Router Architecture : Building high-performance routers Ian Pratt
Software-Defined Networking

Software-Defined Networking
Data Plane Verification. Background: What are network policies Alice can talk to Bob Skype traffic must go through a VoIP transcoder All traffic must.

Data Plane Verification. Background: What are network policies Alice can talk to Bob Skype traffic must go through a VoIP transcoder All traffic must.
Chapter 9 Classification And Forwarding. Outline.

Chapter 9 Classification And Forwarding. Outline.
An Overview of Software-Defined Network Presenter: Xitao Wen.

An Overview of Software-Defined Network Presenter: Xitao Wen.
Connecting LANs, Backbone Networks, and Virtual LANs

Connecting LANs, Backbone Networks, and Virtual LANs
Jennifer Rexford Princeton University MW 11:00am-12:20pm Programmable Data Planes COS 597E: Software Defined Networking.

Jennifer Rexford Princeton University MW 11:00am-12:20pm Programmable Data Planes COS 597E: Software Defined Networking.
ECE 526 – Network Processing Systems Design Network Processor Architecture and Scalability Chapter 13,14: D. E. Comer.

ECE 526 – Network Processing Systems Design Network Processor Architecture and Scalability Chapter 13,14: D. E. Comer.
Software-Defined Networks Jennifer Rexford Princeton University.

Software-Defined Networks Jennifer Rexford Princeton University.
1 IP Forwarding Relates to Lab 3. Covers the principles of end-to-end datagram delivery in IP networks.

1 IP Forwarding Relates to Lab 3. Covers the principles of end-to-end datagram delivery in IP networks.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks Data.

Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks Data.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 ECSE-6600: Internet Protocols Informal Quiz #14 Shivkumar Kalyanaraman: GOOGLE: “Shiv RPI”

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 ECSE-6600: Internet Protocols Informal Quiz #14 Shivkumar Kalyanaraman: GOOGLE: “Shiv RPI”
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Connecting Devices CORPORATE INSTITUTE OF SCIENCE & TECHNOLOGY, BHOPAL Department of Electronics and.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Connecting Devices CORPORATE INSTITUTE OF SCIENCE & TECHNOLOGY, BHOPAL Department of Electronics and.
High-Speed Policy-Based Packet Forwarding Using Efficient Multi-dimensional Range Matching Lakshman and Stiliadis ACM SIGCOMM 98.

High-Speed Policy-Based Packet Forwarding Using Efficient Multi-dimensional Range Matching Lakshman and Stiliadis ACM SIGCOMM 98.
Extending OVN Forwarding Pipeline Topology-based Service Injection

Extending OVN Forwarding Pipeline Topology-based Service Injection

Similar presentations

Ads by Google