COMS 6998-8, Fall 2013

enginestagΔίκτυα και Επικοινωνίες

26 Οκτ 2013 (πριν από 3 χρόνια και 7 μήνες)

98 εμφανίσεις

Software Defined Networking

COMS 6998
-
8
, Fall 2013

Instructor: Li
Erran

Li
(
lierranli@cs.columbia.edu
)

http://www.cs.columbia.edu/
~lierranli/coms
6998
-
8SDNFall2013/

10/1/2013: SDN Programming language and
Verification

Outline


SDN programming language


Maple: generic programming language syntax such as
Java,
Python (previous lecture)


Frenetic
NetCore
/
NetKAT
:
domain specific
programming
language (previous lecture)


Pyretic by Josh Reich


SDN Verification


Verification of controller correctness (previous
lecture)


Verification of network properties

10/1/13

Software Defined Networking (COMS 6998
-
8)

2

Review of Previous Lecture

What is algorithmic policies


Function
in a
general purpose language
that describes
how a packet should be routed,
not

how flow tables are
configured.


Conceptually invoked on every packet entering the
network
; may also access network environment state;
hence it has the form:



Written in a familiar language such as Java, Python, or
Haskell

10/1/13

Software Defined Networking (COMS 6998
-
8)

3

Source:
Andreas
Voellmy
, Yale

Example Algorithmic Policy in Java

Route

f(
Packet

p,
Env

e) {


if

(
p.tcpDstIs
(
22
))


return

null
();


else

{


Location

sloc

=
e.
location
(
p.
ethSrc
());


Location

dloc

=
e.
location
(
p.
ethDst
());


Path

path =
shortestPath
(
e.
links
()
,
sloc
,dloc
);


return

unicast
(
sloc,dloc,path
);


}

}

Does not specify flow
table configutation

10/1/13

Software Defined Networking (COMS 6998
-
8)

4

Source:
Andreas
Voellmy
, Yale

Review of Previous Lecture (Cont’d)

NetKAT

Flow tables

OpenFlow messages

Compiler

Run
-
time system

Optimizer


Each level of abstraction
formalized in Coq


Machine
-
checked proofs
that the transformations
between levels preserve
semantics


Code extracted to OCaml
and deployed with real
switch hardware

Certified
NetKAT

Controller

10/1/13

Software Defined Networking (COMS 6998
-
8)

5

Source: Nate Foster, Cornell

Review of Previous Lecture (Cont’d)

Verification of Network Properties

10/1/13

Software Defined Networking (COMS 6998
-
8)

6

Source
:
P.
Kazemian
, Stanford


Motivations


NetPlumber
: Real time policy checking tool


How it works


How to check policy


How to parallelize


Evaluation on Google WAN


Conclusions


N
etwork debugging is hard!


Forwarding state
is hard to analyze!


7



.

.

.

Rule

Rule

Rule



.

.

.

Rule

Rule



.

.

.

Rule

Rule

Rule

Rule

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Network debugging is hard
!


Forwarding state is hard to analyze
!

1.
Distributed across multiple tables and boxes

2.
Written to network by multiple independent
writers (different protocols, network admins)

3.
Presented in different formats by vendors

4.
Not directly observable or controllable


Not constructed in a way that lend itself well
to checking and verification

8

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Header Space Analysis: Snapshot
-
based Checking

T
A

T
B

T
D

T
C

a

b

Can host a talk to host b?

Is there any forwarding loop in the network?

10/1/13

Software Defined Networking (COMS 6998
-
8)

9

Source
:
P.
Kazemian
, Stanford

Real
-
Time Incremental Checking

+

-

+

-

Time

10/1/13

Software Defined Networking (COMS 6998
-
8)

10

Source
:
P.
Kazemian
, Stanford

Real
-
Time Incremental Checking

+

-

+

-

?

Set of Policies/Invariants

Yes/No

Time

Prevent errors before they hit
network

Report a violation as soon as it
happens

10/1/13

Software Defined Networking (COMS 6998
-
8)

11

Source
:
P.
Kazemian
, Stanford

Verification of Network Properties


Motivations


NetPlumber
: Real time policy checking tool


How it works


How to check policy


How to parallelize


Evaluation on Google WAN


Conclusions


12

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

NetPlumber

13

Controller

App

App

App

App

NetPlumber


The System for real time policy checking is
called
NetPlumber

Logically centralized location

to observe the state changes

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

NetPlumber


The System we build for real time policy
checking is called
NetPlumber


Creates a dependency graph of all forwarding
rules in the network and uses it to verify policy


Nodes: forwarding rules in the network


Directed Edges: next hop dependency of rules


14

R1

R
2

Switch 1

Switch 2

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

NetPlumber



Nodes and Edges

15

S

S

0

1

X

X

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

1 0 0 1

1 0 X
X


NetPlumber



Intra table dependency

16

S

S

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Probe

Node

NetPlumber



Computing Reachability

17

S

S

A

B

?

Source

Node

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

NetPlumber



Computing Reachability
with Updates

18

S

S

A

B

?

Source

Node

1)
Create directed edges

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

NetPlumber



Computing Reachability

with Updates

19

S

S

A

B

?

Source

Node

-

1)
Create directed
e
dges

2)
Route flows

3)
Update intra
-
table
dependency

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

NetPlumber



Checking Policy

20

S

S

A

B

?

Source

Node

Policy
:



packets go through
RED

box.


10/1/13

Software Defined Networking (COMS 6998
-
8)

1)
Back
-
tracing to check if 0010 packets go
through RED box

NetPlumber



Checking Policy

21

S

S

A

B

?

Source

Node

Policy
:



packets go through
RED

box.


10/1/13

Software Defined Networking (COMS 6998
-
8)

1)
Back
-
tracing to check if 0010 packets go
through RED box

2)
Update policy checking with rule
deletion


Checking Policy with
NetPlumber

22

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

Policy: Guests can not access Server S.

S

?

G
1

G
2

10/1/13

Software Defined Networking (COMS 6998
-
8)

Checking Policy with
NetPlumber

23

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

Policy: http
traffic
from
client C to server S doesn’t go through more than 4 hops.

C

?

S

HTTP

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Checking Policy with
NetPlumber

24

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

Policy:
traffic from client C to server S should go through middle box M.

C

?

S

M

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Why the dependency graph helps


Incremental update


Only have to trace through dependency sub
-
graph
affected by an update


Flexible policy expression


Probe and source nodes are flexible to place and
configure


Parallelization


Can partition dependency graph into clusters to
minimize inter
-
cluster dependences

25

10/1/13

Software Defined Networking (COMS 6998
-
8)

Distributed
NetPlumber

26

S

?

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Dependency Graph Clustering

27

S

?

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

?

28

?

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Verification of Network Properties


Motivations


NetPlumber
:
Real time policy checking
tool


How it
works


How to check
policy


How to
parallelize


Evaluation on Google WAN


Conclusions


10/1/13

Software Defined Networking (COMS 6998
-
8)

29

Source
:
P.
Kazemian
, Stanford

Experiment On Google WAN


Google Inter
-
datacenter WAN.


Largest deployed SDN, running
OpenFlow


~143,000 OF rules

30

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Experiment On Google WAN


Policy check: all 52 edge
switches can talk to each
other


More than 2500
pairwise
reachability
check


Used two snapshots taken 6
weeks apart


Used the first snapshot to
create initial
NetPlumber

state and

u
sed the diff as a
sequential update

31

?

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Experiment On Google WAN

32

Default/Aggregate Rules

Not much more benefit!

Run time with Hassel > 100s

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Benchmarking Experiment

33


For a single pairwise reachability check.

10/1/13

Software Defined Networking (COMS 6998
-
8)

Source
:
P.
Kazemian
, Stanford

Conclusions


Designed a protocol
-
independent system for
real time network policy checking


Key component: dependency graph of
forwarding rule, capturing all flow paths


Incremental update


Flexible policy expressions


Parallelization by clustering


10/1/13

Software Defined Networking (COMS 6998
-
8)

34

Questions?

10/1/13

Software Defined Networking (COMS 6998
-
8)

35