Results 1 - 10
of
164
Devoflow: Scaling flow management for high-performance networks
- In ACM SIGCOMM
, 2011
"... OpenFlow is a great concept, but its original design imposes excessive overheads. It can simplify network and traffic management in enterprise and data center environments, because it enables flow-level control over Ethernet switching and provides global visibility of the flows in the network. Howev ..."
Abstract
-
Cited by 134 (1 self)
- Add to MetaCart
(Show Context)
OpenFlow is a great concept, but its original design imposes excessive overheads. It can simplify network and traffic management in enterprise and data center environments, because it enables flow-level control over Ethernet switching and provides global visibility of the flows in the network. However, such fine-grained control and visibility comes with costs: the switch-implementation costs of involving the switch’s control-plane too often and the distributed-system costs of involving the OpenFlow controller too frequently, both on flow setups and especially for statistics-gathering. In this paper, we analyze these overheads, and show that OpenFlow’s current design cannot meet the needs of highperformance networks. We design and evaluate DevoFlow, a modification of the OpenFlow model which gently breaks the coupling between control and global visibility, in a way that maintains a useful amount of visibility without imposing unnecessary costs. We evaluate DevoFlow through simulations, and find that it can load-balance data center traffic as well as fine-grained solutions, without as much overhead: DevoFlow uses 10–53 times fewer flow table entries at an average switch, and uses 10–42 times fewer control messages.
Frenetic: A Network Programming Language
"... Modern networks provide a variety of interrelated services including routing, traffic monitoring, load balancing, and access control. Unfortunately, the languages used to program today’s networks lack modern features—they are usually defined at the low level of abstraction supplied by the underlying ..."
Abstract
-
Cited by 128 (23 self)
- Add to MetaCart
(Show Context)
Modern networks provide a variety of interrelated services including routing, traffic monitoring, load balancing, and access control. Unfortunately, the languages used to program today’s networks lack modern features—they are usually defined at the low level of abstraction supplied by the underlying hardware and they fail to provide even rudimentary support for modular programming. As a result, network programs tend to be complicated, error-prone, and difficult to maintain. This paper presents Frenetic, a high-level language for programming distributed collections of network switches. Frenetic provides a declarative query language for classifying and aggregating network traffic as well as a functional reactive combinator library for describing high-level packet-forwarding policies. Unlike prior work in this domain, these constructs are—by design—fully compositional, which facilitates modular reasoning and enables code reuse. This important property is enabled by Frenetic’s novel runtime system which manages all of the details related to installing, uninstalling, and querying low-level packet-processing rules on physical switches. Overall, this paper makes three main contributions: (1) We analyze the state-of-the art in languages for programming networks and identify the key limitations; (2) We present a language design that addresses these limitations, using a series of examples to motivate and validate our choices; (3) We describe an implementation of the language and evaluate its performance on several benchmarks.
A Network in a Laptop: Rapid Prototyping for Software-Defined Networks
- In ACM SIGCOMM HotNets Workshop
, 2010
"... Mininet is a system for rapidly prototyping large networks on the constrained resources of a single laptop. The lightweight approach of using OS-level virtualization features, including processes and network namespaces, allows it to scale to hundreds of nodes. Experiences with our initial implementa ..."
Abstract
-
Cited by 126 (6 self)
- Add to MetaCart
(Show Context)
Mininet is a system for rapidly prototyping large networks on the constrained resources of a single laptop. The lightweight approach of using OS-level virtualization features, including processes and network namespaces, allows it to scale to hundreds of nodes. Experiences with our initial implementation suggest that the ability to run, poke, and debug in real time represents a qualitative change in workflow. We share supporting case studies culled from over 100 users, at 18 institutions, who have developed Software-Defined Networks (SDN). Ultimately, we think the greatest value of Mininet will be supporting collaborative network research, by enabling self-contained SDN prototypes which anyone with a PC can download, run, evaluate, explore, tweak, and build upon.
B4: Experience with a Globally-Deployed Software Defined WAN
"... We present the design, implementation, and evaluation of B4, a private WAN connecting Google’s data centers across the planet. B4 has a number of unique characteristics: i) massive bandwidth requirements deployed to a modest number of sites, ii) elastic traffic demand that seeks to maximize average ..."
Abstract
-
Cited by 111 (1 self)
- Add to MetaCart
(Show Context)
We present the design, implementation, and evaluation of B4, a private WAN connecting Google’s data centers across the planet. B4 has a number of unique characteristics: i) massive bandwidth requirements deployed to a modest number of sites, ii) elastic traffic demand that seeks to maximize average bandwidth, and iii) full control over the edge servers and network, which enables rate limiting and demand measurement at the edge. These characteristics led to a Software Defined Networking architecture using OpenFlow to control relatively simple switches built from merchant silicon. B4’s centralized traffic engineering service drives links to near 100 % utilization, while splitting application flows among multiple paths to balance capacity against application priority/demands. We describe experience with three years of B4 production deployment, lessons learned, and areas for future work.
A compiler and run-time system for network programming languages
- In Principles of Programming Languages (POPL
, 2012
"... Software-defined networks (SDNs) are a new implementation architecture in which a controller machine manages a distributed collection of switches, by instructing them to install or uninstall packet-forwarding rules and report traffic statistics. The recently formed Open Networking Consortium, whose ..."
Abstract
-
Cited by 59 (18 self)
- Add to MetaCart
Software-defined networks (SDNs) are a new implementation architecture in which a controller machine manages a distributed collection of switches, by instructing them to install or uninstall packet-forwarding rules and report traffic statistics. The recently formed Open Networking Consortium, whose members include Google, Facebook, Microsoft, Verizon, and others, hopes to use this architecture to transform the way enterprise and data center networks are implemented. But to do this, they need novel programming languages to help them craft network-wide algorithms for routing, energy-efficient network management, dynamic access control, traffic monitoring, and other applications. In this paper, we define a high-level language, called NCore, for expressing packet-forwarding policies and traffic-statistics queries. The language is designed to be simple, expressive, and compositional. We define a formal semantics for NCore and show how to compile it to a distributed switch-controller architecture. To ensure that a majority of packets are processed efficiently on switches, we develop a new compilation technique called reactive specialization that generalizes, improves on, and automates the simple (but inefficient) manual techniques commonly used to program SDNs. Reactive specialization and the other compilation techniques we develop are highly generic, assuming only that the packet-matching capabilities available on switches satisfy some basic algebraic laws. This generality makes our technology applicable to all current switches we are aware of, including switches that implement the popular OpenFlow protocol. Overall, this paper delivers a design for a high-level network programming language; a novel, general-purpose compilation algorithm based on reactive specialization; a run-time system based on a SDN architecture; the first formal semantics and proofs of correctness in this domain; and an implementation and evaluation that demonstrates the benefits over the current state-of-the-art. 1.
Composing Software-Defined Networks
"... Managing a network requires support for multiple concurrent tasks, from routing and traffic monitoring, to access control and server load balancing. Software-Defined Networking (SDN) allows applications to realize these tasks directly, by installing packet-processing rules on switches. However, toda ..."
Abstract
-
Cited by 58 (14 self)
- Add to MetaCart
(Show Context)
Managing a network requires support for multiple concurrent tasks, from routing and traffic monitoring, to access control and server load balancing. Software-Defined Networking (SDN) allows applications to realize these tasks directly, by installing packet-processing rules on switches. However, today’s SDN platforms provide limited support for creating modular applications. This paper introduces new abstractions for building applications out of multiple, independent modules that jointly manage network traffic. First, we define composition operators and a library of policies for forwarding and querying traffic. Our parallel composition operator allows multiple policies to operate on the same set of packets, while a novel sequential composition operator allows one policy to process packets after another. Second, we enable each policy to operate on an abstract topology that implicitly constrains what the module can see and do. Finally, we define a new abstract packet model that allows programmers to extend packets with virtual fields that may be used to associate packets with high-level meta-data. We realize these abstractions in Pyretic, an imperative, domain-specific language embedded in Python. 1
Virtualizing the Network Forwarding Plane
- In Proc. PRESTO
, 2010
"... Modern system design often employs virtualization to decouple the system service model from its physical realization. Two common examples are the virtualization of computing resources through the use of virtual machines and the ..."
Abstract
-
Cited by 44 (8 self)
- Add to MetaCart
(Show Context)
Modern system design often employs virtualization to decouple the system service model from its physical realization. Two common examples are the virtualization of computing resources through the use of virtual machines and the
Participatory Networking: An API for Application Control of SDNs
, 2013
"... We present the design, implementation, and evaluation of an API for applications to control a software-defined network (SDN). Our API is implemented by an OpenFlow controller that delegates read and write authority from the network’s administrators to end users, or applications and devices acting on ..."
Abstract
-
Cited by 43 (5 self)
- Add to MetaCart
(Show Context)
We present the design, implementation, and evaluation of an API for applications to control a software-defined network (SDN). Our API is implemented by an OpenFlow controller that delegates read and write authority from the network’s administrators to end users, or applications and devices acting on their behalf. Users can then work with the network, rather than around it, to achieve better per-formance, security, or predictable behavior. Our API serves well as the next layer atop current SDN stacks. Our design addresses the two key challenges: how to safely decompose control and visibil-ity of the network, and how to resolve conflicts between untrusted users and across requests, while maintaining baseline levels of fair-ness and security. Using a real OpenFlow testbed, we demonstrate our API’s feasibility through microbenchmarks, and its usefulness by experiments with four real applications modified to take advan-tage of it.
Composing software defined networks
- in NSDI
, 2013
"... In Software Defined Networking (SDN), an application comprising many disparate tasks must be converted to a single set of packet-processing rules on the switches. Unfortunately, today’s SDN platforms do not support expressing these tasks as separate modules, and composing them to create an applicati ..."
Abstract
-
Cited by 40 (7 self)
- Add to MetaCart
(Show Context)
In Software Defined Networking (SDN), an application comprising many disparate tasks must be converted to a single set of packet-processing rules on the switches. Unfortunately, today’s SDN platforms do not support expressing these tasks as separate modules, and composing them to create an application. This leads to monolithic programs that are neither portable, nor reusable. In this paper, we present the FV system that presents each module with an abstract view of the network topology customized to the application logic, where one module may implement the “switching fabric ” for another. For example, a firewall module may run on “one big switch ” that is implemented by a routing module. The programmer can specify network views, as well as the relationship between (virtual) switches in different views. For example, conceptually the firewall functionality runs before the routing functionality. Using sequential composition, the FV compiler can synthesize a single set of rules and queries for each physical switch. FV includes a core language for defining policies as mathematical functions in an imperative style familiar to Python programmers, as well as a module language that supports abstraction (i.e., network views) and protection (i.e., specifying what traffic a module can measure and control). FV enables the creation of sophisticated SDN applications, as illustrated by example programs running on our FV prototype. 1
Kandoo: A Framework for Efficient and Scalable Offloading of Control Applications
"... Limiting the overhead of frequent events on the control plane is essential for realizing a scalable Software-Defined Network. One way of limiting this overhead is to process frequent events in the data plane. This requires modifying switches and comes at the cost of visibility in the control plane. ..."
Abstract
-
Cited by 39 (0 self)
- Add to MetaCart
(Show Context)
Limiting the overhead of frequent events on the control plane is essential for realizing a scalable Software-Defined Network. One way of limiting this overhead is to process frequent events in the data plane. This requires modifying switches and comes at the cost of visibility in the control plane. Taking an alternative route, we propose Kandoo, a framework for preserving scalability without changing switches. Kandoo has two layers of controllers: (i) the bottom layer is a group of controllers with no interconnection, and no knowledge of the network-wide state, and (ii) the top layer is a logically centralized controller that maintains the network-wide state. Controllers at the bottom layer run only local control applications (i.e., applications that can function using the state of a single switch) near datapaths. These controllers handle most of the frequent events and effectively shield the top layer. Kandoo’s design enables network operators to replicate local controllers on demand and relieve the load on the top layer, which is the only potential bottleneck in terms of scalability. Our evaluations show that a network controlled by Kandoo has an order of magnitude lower control channel consumption compared to normal OpenFlow networks.
