Results 1 - 10
of
37
SoftCell: Scalable and Flexible Cellular Core Network Architecture
"... Existing cellular networks suffer from inflexible and expensive equipment, and complex control-plane protocols. To address these challenges, we present SoftCell, a scalable architecture that supports fine-grained policies for mobile devices in cellular core networks, using commodity switches and ser ..."
Abstract
-
Cited by 24 (2 self)
- Add to MetaCart
(Show Context)
Existing cellular networks suffer from inflexible and expensive equipment, and complex control-plane protocols. To address these challenges, we present SoftCell, a scalable architecture that supports fine-grained policies for mobile devices in cellular core networks, using commodity switches and servers. A controller realizes high-level service polices that direct traffic through sequences of middleboxes based on subscriber attributes and applications. To enable small forwarding tables in core switches, SoftCell aggregates traffic along multiple dimensions—the service policy, the base station, and the mobile device—at different switches in the network. Since most traffic originates from mobile devices, SoftCell performs fine-grain packet classification at the access switches at the base stations, where software switches can easily handle the state and bandwidth requirements. Soft-Cell guarantees that packets in the same connection traverse the same sequence of middleboxes in both directions, even in the presence of mobility, without requiring expensive packet classification at the high-bandwidth gateway edge switches. We demonstrate that SoftCell improves the scalability and flexibility of cellular core networks through analysis of LTE workloads, micro-benchmarks on our prototype controller, and large-scale simulations. 1.
OpenNF: Enabling Innovation in Network Function Control
"... Network functions virtualization (NFV) together with software-defined networking (SDN) has the potential to help operators sat-isfy tight service level agreements, accurately monitor and manipu-late network traffic, and minimize operating expenses. However, in scenarios that require packet processin ..."
Abstract
-
Cited by 15 (3 self)
- Add to MetaCart
(Show Context)
Network functions virtualization (NFV) together with software-defined networking (SDN) has the potential to help operators sat-isfy tight service level agreements, accurately monitor and manipu-late network traffic, and minimize operating expenses. However, in scenarios that require packet processing to be redistributed across a collection of network function (NF) instances, simultaneously achieving all three goals requires a framework that provides effi-cient, coordinated control of both internal NF state and network forwarding state. To this end, we design a control plane called OpenNF. We use carefully designed APIs and a clever combina-tion of events and forwarding updates to address race conditions, bound overhead, and accommodate a variety of NFs. Our evalua-tion shows that OpenNF offers efficient state control without com-promising flexibility, and requires modest additions to NFs.
Duet: Cloud scale load balancing with hardware and software.
- In SIGCOMM,
, 2014
"... ABSTRACT Load balancing is a foundational function of datacenter infrastructures and is critical to the performance of online services hosted in datacenters. As the demand for cloud services grows, expensive and hard-to-scale dedicated hardware load balancers are being replaced with software load b ..."
Abstract
-
Cited by 9 (2 self)
- Add to MetaCart
(Show Context)
ABSTRACT Load balancing is a foundational function of datacenter infrastructures and is critical to the performance of online services hosted in datacenters. As the demand for cloud services grows, expensive and hard-to-scale dedicated hardware load balancers are being replaced with software load balancers that scale using a distributed data plane that runs on commodity servers. Software load balancers offer low cost, high availability and high flexibility, but suffer high latency and low capacity per load balancer, making them less than ideal for applications that demand either high throughput, or low latency or both. In this paper, we present DUET, which offers all the benefits of software load balancer, along with low latency and high availability -at next to no cost. We do this by exploiting a hitherto overlooked resource in the data center networks -the switches themselves. We show how to embed the load balancing functionality into existing hardware switches, thereby achieving organic scalability at no extra cost. For flexibility and high availability, DUET seamlessly integrates the switch-based load balancer with a small deployment of software load balancer. We enumerate and solve several architectural and algorithmic challenges involved in building such a hybrid load balancer. We evaluate DUET using a prototype implementation, as well as extensive simulations driven by traces from our production data centers. Our evaluation shows that DUET provides 10x more capacity than a software load balancer, at a fraction of a cost, while reducing latency by a factor of 10 or more, and is able to quickly adapt to network dynamics including failures.
Virtual Network Diagnosis as a Service
"... Today’s cloud network platforms allow tenants to construct sophisticated virtual network topologies among their VMs on a shared physical network infrastructure. However, these platforms provide little support for tenants to diagnose problems in their virtual networks. Network virtualization hides th ..."
Abstract
-
Cited by 4 (0 self)
- Add to MetaCart
(Show Context)
Today’s cloud network platforms allow tenants to construct sophisticated virtual network topologies among their VMs on a shared physical network infrastructure. However, these platforms provide little support for tenants to diagnose problems in their virtual networks. Network virtualization hides the underlying infrastructure from tenants as well as prevents deploying existing network diagnosis tools. This paper makes a case for providing virtual network diagnosis as a service in the cloud. We identify a set of technical challenges in providing such a service and propose a Virtual Network configuration and query interfaces for cloud tenants to troubleshoot their virtual networks. It controls software switches to collect flow traces, distributes traces storage, and executes distributed queries for different tenants for network diagnosis. It reduces the data collection and processing overhead by performing local flow capture and on-demand query execution. Our experiments validate VND’s functionality and shows its feasibility in terms of quick service response and acceptable overhead; our simulation proves the VND architecture scales to the size of a real data center network. 1
Testing stateful and dynamic data planes with flowtest
- In HotSDN
, 2014
"... Many recent efforts have leveraged Software-Defined Networking (SDN) capabilities to enable new and more efficient ways of test-ing the correctness of a network’s forwarding behaviors. However, realistic network settings induce two additional sources of com-plexity that fall outside the scope of exi ..."
Abstract
-
Cited by 3 (1 self)
- Add to MetaCart
(Show Context)
Many recent efforts have leveraged Software-Defined Networking (SDN) capabilities to enable new and more efficient ways of test-ing the correctness of a network’s forwarding behaviors. However, realistic network settings induce two additional sources of com-plexity that fall outside the scope of existing SDN testing frame-works: (1) complex nature of real-world data planes (e.g., stateful firewalls, dynamic behaviors of proxy caches), and (2) complexity of intended network policies (e.g., service chaining). In this paper, we outline FlowTest, a high-level vision for testing such stateful and dynamic network policies. FlowTest systematically explores the state space of the network data plane to verify its behavior w.r.t. policy goals. We show the early promise of our approach and dis-cuss open challenges in realizing this vision in practice.
Verifiable Network Function Outsourcing: Requirements, Challenges, and Roadmap
"... Network function outsourcing (NFO) enables enterprises and small businesses to achieve the performance and security benefits offered by middleboxes (e.g., firewall, IDS) without incurring high equipment or operating costs that such functions entail. In order for this vision to fully take root, howev ..."
Abstract
-
Cited by 3 (0 self)
- Add to MetaCart
(Show Context)
Network function outsourcing (NFO) enables enterprises and small businesses to achieve the performance and security benefits offered by middleboxes (e.g., firewall, IDS) without incurring high equipment or operating costs that such functions entail. In order for this vision to fully take root, however, we argue that NFO customers must be able to verify that the service is operating as intended w.r.t.: (1) functionality (e.g., did the packets traverse the desired sequence of middlebox modules?); (2) performance (e.g., is the latency comparable to an “in-house ” service?); and (3) accounting (e.g., are the CPU/memory consumption being accounted for correctly?). In this position paper, we formalize these requirements and present a high-level roadmap to address the challenges involved.
PGA: Using Graphs to Express and Automatically Reconcile Network Policies
"... Software Defined Networking (SDN) and cloud automation enable a large number of diverse parties (network operators, application admins, tenants/end-users) and control programs (SDN Apps, network services) to generate network policies independently and dynamically. Yet existing policy abstrac-tions a ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
Software Defined Networking (SDN) and cloud automation enable a large number of diverse parties (network operators, application admins, tenants/end-users) and control programs (SDN Apps, network services) to generate network policies independently and dynamically. Yet existing policy abstrac-tions and frameworks do not support natural expression and automatic composition of high-level policies from diverse sources. We tackle the open problem of automatic, cor-rect and fast composition of multiple independently spec-ified network policies. We first develop a high-level Pol-icy Graph Abstraction (PGA) that allows network policies to be expressed simply and independently, and leverage the graph structure to detect and resolve policy conflicts effi-ciently. Besides supporting ACL policies, PGA also models and composes service chaining policies, i.e., the sequence of middleboxes to be traversed, by merging multiple ser-vice chain requirements into conflict-free composed chains. Our system validation using a large enterprise network pol-icy dataset demonstrates practical composition times even for very large inputs, with only sub-millisecond runtime la-tencies. CCS Concepts •Networks → Programming interfaces; Network man-agement; Middle boxes / network appliances; Network do-
Enabling layer 2 pathlet tracing through context encoding in software-defined networking
- In Proc. Hot Topics in Software Defined Networks
, 2014
"... Troubleshooting Software-Defined Networks requires a struc-tured approach to detect mistranslations between high-level intent (policy) and low-level forwarding behavior, and a flex-ible on-demand packet tracing tool is highly desirable on the data plane. In this paper, we introduce a Layer 2 path tr ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
Troubleshooting Software-Defined Networks requires a struc-tured approach to detect mistranslations between high-level intent (policy) and low-level forwarding behavior, and a flex-ible on-demand packet tracing tool is highly desirable on the data plane. In this paper, we introduce a Layer 2 path tracing utility named PathletTracer. PathletTracer offers an interface for users to specify multiple Layer 2 paths to in-spect. Based on the Layer 2 paths of interests, PathletTracer then accounts paths with identifiable IDs, and installs a set of flow table entries into switches to imprint path IDs on the packets going through. PathletTracer re-uses some fields in packet headers such as the ToS octet for recording path IDs. To efficiently carry imprints using limited bits, PathletTracer uses an encoding algorithm motivated by the calling context encoding scheme in the software engineering domain. With k bits for encoding, PathletTracer is able to trace more than 2k paths simultaneously.
Flow-level state transition as a new switch primitive for sdn
- In Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN’14
, 2014
"... In software-defined networking, the controller installs flow-based rules at switches either proactively or reactively. The reactive ap-proach allows controller applications to make dynamic decisions about incoming traffic, but performs worse than the proactive one due to the controller involvement. ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
(Show Context)
In software-defined networking, the controller installs flow-based rules at switches either proactively or reactively. The reactive ap-proach allows controller applications to make dynamic decisions about incoming traffic, but performs worse than the proactive one due to the controller involvement. To support dynamic applications with better performance, we propose FAST (Flow-level State Tran-sitions) as a new switch primitive for software-defined networks. With FAST, the controller simply preinstalls a state machine and switches can automatically record flow state transitions by match-ing incoming packets to installed filters. FAST can support a vari-ety of dynamic applications, and can be readily implemented with today’s commodity switch components and software switches.
P.: Network Service Embedding Across Multiple Providers with Nestor
- In: Proc. IFIP Networkin
, 2015
"... Abstract-The migration of network functions (NFs) into virtualized network infrastructures brings significant benefits to enterprise networks, while creating opportunities for new cloud service models (i.e., NF-as-a-Service). Network service embedding (NSE) entails serious challenges, stemming from ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
(Show Context)
Abstract-The migration of network functions (NFs) into virtualized network infrastructures brings significant benefits to enterprise networks, while creating opportunities for new cloud service models (i.e., NF-as-a-Service). Network service embedding (NSE) entails serious challenges, stemming from middlebox policies prescribed by network operators and the implications of NFs on network traffic (i.e., bandwidth conservation or traffic amplification) that complicate the estimation of bandwidth demands. The NSE problem is further exacerbated by the location dependencies of certain NFs, which, in conjunction with the limited geographic footprint of NF providers, raise the need for network service mapping across multiple providers. In this paper, we present a holistic approach to multi-provider NSE. We introduce a new service model that simplifies the specification of network service requests and the estimation of bandwidth demands. We further define topology abstractions tailored to NSE that are exposed to a network service composition layer (NSCL), interposed between the clients and the NF providers. Based on this service model and topology abstractions, we propose Nestor, a system that generates efficient network service embeddings via network graph rendering, request partitioning among datacenters (DCs), and request segment mappings onto DC networks.
