Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intelligent Network Services through Active Flow Manipulation

Published byIngeborg Trine Knudsen Modified over 5 years ago

Similar presentations

Presentation on theme: "Intelligent Network Services through Active Flow Manipulation"— Presentation transcript:

1 Intelligent Network Services through Active Flow Manipulation
T. Lavian, P. Wang, F. Travostino, S. Subramanian, D. Hoang, V. Sethaput Nortel Networks, UC Berkeley, Harvard U Intelligent Network Services through Active Flow Manipulation T. Lavian, P. Wang, F. Travostino, S. Subramanian, D. Hoang, V. Sethaput NORTEL Networks ABSTRACT A significant challenge in today's Internet is the ability to efficiently introduce intelligent network services into commercial high performance network devices. This paper tackles the challenge by intro-ducing the Active Flow Manipulation (AFM) mechanism, a key enabling technology of the programmable networking platform Openet. AFM enhances the control functionality of network devices through programmability. With AFM, customer network services can exercise intelligent network control by identifying specific flows and applying particular actions thereby altering their behavior in real-time. These services are dynamically deployed in the CPU-based control plane and are closely cou-pled with the silicon-based forwarding plane of the network node, without negatively impacting forwarding performance. The effectiveness of our approach is demonstrated by several experimental applications on a commercial network node.

2 Outline Introduction Network Element – Control Plane/Forwarding Plane
Active Flow Manipulation (AFM) abstractions OPENET Examples Conclusion

3 Programmability A significant challenge in today’s Internet is the ability to efficiently incorporate customizable network intelligence in commercial high performance network devices. Framework for introducing services API for programming network devices

4 Network Element Limited control of the forwarding plane
Routers are not reprogrammable (except by vendors) Users can only see IP/ICPM packets, but have no direct control over the internal handling of their data. Software: routing protocols, Network management, etc. ASIC: packet forwarding

5 Programmable Network Element
Routing Signaling Controllers Router Control Interface Local Resource Manager Classifier Scheduler Software: routing protocols, Network management, etc. ASIC: packet forwarding

6 Active Flow Manipulation Abstractions
Aggregate data into traffic flows Flows whose characteristics can be identified in real-time E.g., “all UDP packets to a particular service”, “all TCP packets from a particular machine”. Actions to be performed in the traffic flows Actions that can be performed in real-time E.g., “Change the priority of all traffic destined to a particular service on a particular machine”, “Stop all traffic out of a particular link of a router”.

7 Identifiable Elements of Primitive Flows
Destination Address (DA) Range of Destination Address (RDA) Source Address (SA) Range of Source Address (RSA) Exact TCP protocol match (TCP) Exact UDP protocol match (UDP) Exact ICMP protocol match (ICMP) Source Port number, for both TCP and UDP (SP) Destination Port number for both TCP and UDP (DP) TCP connection request (TCPReg) ICMP request (ICMPReg) DS field of a datagram (DS) IP Frame fragment (FrameFrag)

8 Primitive Permissible actions
Drop Forward Mirror Stop on Match (SOM) Detect Out of Profile behaviour (Out) Change DSCP value (DSCP) Prevent TCP Connect Request Modify IEEE 802.1p bit

9 Destination Address (DA)
A subset of flows Destination Address (DA) All traffic to a particular destination machine Range of DA All traffic to a range of destination machines Source Address (SA) All traffic between 2 particular machines Range of SAs All traffic from many source machines to a particular destination TCP All TCP flows to a particular destination machine UDP All data gram packets to a particular destination machine ICMP All ICMP messages to a particular destination machine ICMP Request All ICMP requests to a particular destination machine TCP ACK All TCP acknowledgements to a particular destination machine TCP RST All TCP connection with the RST bit set DP (TCP) All TCP flows to a particular service in a particular server machine DP (UDP) All UDP datagram to a particular service in a particular machine SA-SP (TCP) All TCP flows from particular client of a source to a destination SA-SP (UDP) All UDP datagram from a client of a source to a destination IP Fragments All IP fragments to a particular destination machine DS Field All traffic of a particular QoS class to a particular destination VLAN All traffic from a particular VLAN to a particular destination Switch-Port All traffic on a particular switch port to a particular destination

10 New Capabilities Allow introducing services and control on demands dynamically Services can be any general network applications Control on demands to manipulate flows and flow aggregates Allowing dynamic and mobile agents Respond quickly to changes in traffic conditions. Cope with unforeseen requirements Extending router functionality (optimization) Multiple control elements are installed at routers or hosts and they collaborate to achieve some overall objective.

11 Openet Architecture

12 Openet: Passport Implementation

13 Active Flow Priority Change in Real-time

14 AIACE Number of flows (log) Number of flows (log) 7 3 2 1 8 6 5 6 5 4 7 4 3 8 2 1 Bytes carried in 30 secs. In this example, a network-node organizes about 2 million PDU traces into 30,000 IP flows. It classifies the resulting flows based on the bytes transferred on each flow. It then ranks flows (from 1 to 8). The higher the rank number, the higher the chance that the flow will not be transferred to the accounting server in case of data overload. The node now structures the same accounting data into QoS-flavored flows (same X and Y axis as in a). After applying a QoS-specific weighting algorithm to the flows, the node ranks flows with different results than a). The weighting algorithm can be arbitrarily complex and take into account other considerations besides bytes transferred (e.g., hosts, number of packets, duration).

15 Regatta: Dynamic flow bypass

16 Regatta: Reactivity times
Flow Path Reactivity Time (s) Static route Infinite Routed 152 Regatta 10/1 10 Regatta 10/5 47 Regatta 5/5 24 Regatta M/HB M*HB

17 Conclusions AFM enables dynamic introduction of services
AFM enables rapid network response to changing conditions AFM in a powerful control plane can lead to sophisticated control over forward plane AFM allows practical implementation of programmability in a real world network device

Download ppt "Intelligent Network Services through Active Flow Manipulation"

Similar presentations

CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
NETWORK LAYER (1) T.Najah AlSubaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System NET331.

NETWORK LAYER (1) T.Najah AlSubaie Kingdom of Saudi Arabia Prince Norah bint Abdul Rahman University College of Computer Since and Information System NET331.
Introduction to Management Information Systems Chapter 5 Data Communications and Internet Technology HTM 304 Fall 07.

Introduction to Management Information Systems Chapter 5 Data Communications and Internet Technology HTM 304 Fall 07.
Data Communications Architecture Models. What is a Protocol? For two entities to communicate successfully, they must “speak the same language”. What is.

Data Communications Architecture Models. What is a Protocol? For two entities to communicate successfully, they must “speak the same language”. What is.
William Stallings Data and Computer Communications 7 th Edition Chapter 2 Protocols and Architecture.

William Stallings Data and Computer Communications 7 th Edition Chapter 2 Protocols and Architecture.
CS335 Networking & Network Administration Tuesday, April 20, 2010.

CS335 Networking & Network Administration Tuesday, April 20, 2010.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,

Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,
Chapter 9 Classification And Forwarding. Outline.

Chapter 9 Classification And Forwarding. Outline.
Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,

Network Layer4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side,
COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.

COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.
Computer Networks with Internet Technology William Stallings

Computer Networks with Internet Technology William Stallings
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
Integrated Services (RFC 1633) r Architecture for providing QoS guarantees to individual application sessions r Call setup: a session requiring QoS guarantees.

Integrated Services (RFC 1633) r Architecture for providing QoS guarantees to individual application sessions r Call setup: a session requiring QoS guarantees.
Chapter 6: Packet Filtering

Chapter 6: Packet Filtering
Protocols and the TCP/IP Suite

Protocols and the TCP/IP Suite

Similar presentations

Ads by Google