VINI: A Virtual

equableunalaskaSecurity

Dec 9, 2013 (3 years and 6 months ago)

122 views

VINI: A Virtual
Network Infrastructure

Andy Bavier

Princeton University

Internet In A Slice


Software toolkit for network experimentation


Observe routing protocols “in the wild”


Evaluate new protocols and proposed changes


Carry real traffic on behalf of real clients


Hands
-
on teaching aid


Leverage research, open source:


Click modular software router


XORP routing protocol suite


OpenVPN, User
-
Mode Linux





UML




UML




UML

IIAS Overview

Click

Click

Click

Client

Server

UDP

tunnels

XORP

XORP

XORP

Open

VPN

NAT

OSPF

updates

STTL

SNVA

LOSA

DNVR

HSTN

ATLA

WASH

NYCM

IPLS

KSCY

CHIN

Demo: IIAS on Abilene

IIAS on PlanetLab


Problem:
overlay latency


DC


Seattle RTT on Abilene


Network: constant 74ms


Six
-
hop IIAS overlay: 76ms


135ms


50% > 82ms, 10% > 87ms


Reason: CPU scheduling delay on heavily
-
loaded PlanetLab nodes


VINI: A Virtual Network Infrastructure


Balance reproducibility and reality


Dedicated resources for large
-
scale networking
experiments like IIAS


Expose L2 circuits to slices


OS support for high speed packet forwarding


Federate with public PlanetLab


Moving away from PlanetLab’s
best effort

model


Experiment with new policies, kernels


Approach federation problem from both sides

A Small Step: PL
-
VINI


What can we do
right now

for IIAS?


Use existing PlanetLab facilities


CPU reservations (new 3.2 CPU scheduler)


Boost priority of Click forwarder (Proper)



Problem: not
mechanism
, but
policy

RTT on Network, Overlay

Overlay + PL
-
VINI: 98% of RTTs within 3ms of network

Timeline

PlanetLab



PCs



tunnels



kernel

PL
-
VINI



PCs



tunnels



kernel’



policies

VINI



PCs



Layer 2


(Abilene, NLR)



kernel’’



policies

VINI v2



PCs



FPGAs



Layer 2 (other GREN)



Dynamic Layer 2



kernel’’’



policies

2002
-
present

Feb 2006

Jun 2006

2007
-
08