State Machine Abstraction for Dynamic Network Actions in SDN

Slide Note
Embed
Share

State machines are proposed as a new switch primitive in Software-Defined Networking (SDN) to facilitate dynamic actions at switches. This approach eliminates the need for a priori knowledge, reduces delays, and enables local state-based policies such as stateful firewall, FTP monitoring, and large source IP detection. The Flow-level State Transition as a New Switch Primitive (HotSDN'14) called FAST (Flow-level State Transitions) abstracts control and data planes to efficiently program state transitions and actions at switches. Evaluation in Open vSwitch demonstrates significant performance improvements with minimal overhead.

gvai
gvai Follow

Uploaded on Oct 08, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. Flow-level State Transition as a New Switch Primitive for SDN (HotSDN 14) Masoud Moshref, Apoorv Bhargava, Adhip Gupta, Minlan Yu, Ramesh Govindan

  2. Motivation 2 Current practice Proactive needs a priori knowledge Reactive has high delay Opportunity: Local state is enough for many policies (stateful firewall, FTP monitoring, large source IP detection) Key idea: State machine is a general but efficient abstraction to allow dynamic actions at switches

  3. FAST (Flow-level State Transitions) Abstraction 3 Controller proactively programs state transitions and actions at switches Switches run state machines and actions of a state Examples: Stateful firewall: TCP state machine with actions that drop uninitiated flows FTP Monitoring: Track the states of control channel & allow data channel traffic Large source IP detection: Keep a counter per IP and compare it against a threshold

  4. FAST Control Plane 4 Controller translates state machines to switch API Close 1 SYN ACK FINACK None Init2 Close 2 Init1 Est FIN SYNACK controller FAST compiler FAST Switch agent Switch agent Network

  5. FAST Data Plane 5 FAST data plane is implementable in hardware switch components Packet State table State machine filter Index State Packet, H(p) Match State machine index Packet 0 Est Close1 Pick fields and hash 1100** 0 (UDP) 1 Init2 100*** 1 (TCP) 2 Est Update state Packet, Est Action table State transition table Match State Match State Action Next state 20.1/16 None Drop Fin Est Close1 Packet, Close1 10.1/16 * Port1 * Est Est Packet

  6. FAST Data Plane Evaluation in Open vSwitch 6 Delay of going through all TCP states for FAST is small 1 packet, 1 flow : FAST: 28x faster (3ms) > 64 concurrent flows: 6ms FAST state lookup has small overhead: Iperf throughput (Gbps): <5% overhead

Related


Understanding Software-Defined Networking (SDN) and OpenFlow

Understanding Software-Defined Networking (SDN) and OpenFlow

pile_per
Meridian: An SDN Platform for Cloud Network Services

Meridian: An SDN Platform for Cloud Network Services

aki_enc
Optical SDN/NFV User Guide for Network Control & Management

Optical SDN/NFV User Guide for Network Control & Management

zacaryst
Understanding Software-Defined Networking (SDN) Threats and Countermeasures

Understanding Software-Defined Networking (SDN) Threats and Countermeasures

saez948
Evolution of Networking: Embracing Software-Defined Networks

Evolution of Networking: Embracing Software-Defined Networks

stalling_r
Enhancing SDN Networks with GRAMI Software: A Study by Shlomi Nissim and Anat Bremler-Bar

Enhancing SDN Networks with GRAMI Software: A Study by Shlomi Nissim and Anat Bremler-Bar

kacey
PhD in Telematics Engineering: Traffic Prediction with Big Data Technologies

PhD in Telematics Engineering: Traffic Prediction with Big Data Technologies

gunn_l
Virtual Labs on SDN and P4 Programmable Switches

Virtual Labs on SDN and P4 Programmable Switches

everly
Comprehensive Overview of Software Defined Networking Programming in OpenDaylight

Comprehensive Overview of Software Defined Networking Programming in OpenDaylight

syoa
Understanding SDN Switch Code Tracing Process

Understanding SDN Switch Code Tracing Process

loy_sl
Understanding Virtualization: Hardware Abstraction and Hypervisor Concepts

Understanding Virtualization: Hardware Abstraction and Hypervisor Concepts

myon
Adaptive Resilient Routing via Preorders in SDN

Adaptive Resilient Routing via Preorders in SDN

ryad
Understanding Algorithms and Programming Fundamentals

Understanding Algorithms and Programming Fundamentals

dorothy
Introduction to Object-Oriented Programming and Data Abstraction

Introduction to Object-Oriented Programming and Data Abstraction

nico
Formal Verification and Automata Abstraction in Esterel

Formal Verification and Automata Abstraction in Esterel

edelweiss
Exploring Abstraction in Mathematics: Insights from MAA MathFest 2022

Exploring Abstraction in Mathematics: Insights from MAA MathFest 2022

maes815
Virtual Labs and Cybersecurity Overview at 2021 Winter ICT Educators Conference

Virtual Labs and Cybersecurity Overview at 2021 Winter ICT Educators Conference

ellierose
Exploring Source-Routed Forwarding in SDN-Based WANs

Exploring Source-Routed Forwarding in SDN-Based WANs

sha_kin
Understanding NFV and SDN Controllers in Networking Architecture

Understanding NFV and SDN Controllers in Networking Architecture

mjerr
Detailed OpenFlow Emulation Using Mininet/OpenvSwitch

Detailed OpenFlow Emulation Using Mininet/OpenvSwitch

amilia
Simplifying Middlebox Policy Enforcement Using SDN

Simplifying Middlebox Policy Enforcement Using SDN

briceyd
Revolutionizing Networking with Software-Defined Innovations

Revolutionizing Networking with Software-Defined Innovations

cing549
Network Function Abstraction A delicate question of (CPU) affinity?

Network Function Abstraction A delicate question of (CPU) affinity?

neoma
Efficient Flow Setup for Software-Defined Networking: A Comprehensive Analysis

Efficient Flow Setup for Software-Defined Networking: A Comprehensive Analysis

lovelleg

More Related Content

Understanding 5G RAN Network Slicing and Architecture
Understanding 5G RAN Network Slicing and Architecture
Securight Sdn. Bhd. - Leading Commercial Security Company in Malaysia
Securight Sdn. Bhd. - Leading Commercial Security Company in Malaysia
Benefits of Buying Property at Auctions by Arena Auctioneers Sdn Bhd
Benefits of Buying Property at Auctions by Arena Auctioneers Sdn Bhd
Workshop on Fine-grained Measurements App with P4 Programmable Switches
Workshop on Fine-grained Measurements App with P4 Programmable Switches
Enhancing Memcached Traffic Load Balancing using SDN
Enhancing Memcached Traffic Load Balancing using SDN
Investigating SDN Forwarding with RuleScope
Investigating SDN Forwarding with RuleScope
Proof Coring Works for Micropiles: A Technical Briefing by SS Liew Foundtest Drilling Sdn Bhd
Proof Coring Works for Micropiles: A Technical Briefing by SS Liew Foundtest Drilling Sdn Bhd
FlowTags: Enforcing Network-Wide Policies with Dynamic Middlebox Actions
FlowTags: Enforcing Network-Wide Policies with Dynamic Middlebox Actions
Understanding Processor Cycles and Machine Cycles in 8085 Microprocessor
Understanding Processor Cycles and Machine Cycles in 8085 Microprocessor
Program Verification Using Templates Over Predicate Abstraction
Program Verification Using Templates Over Predicate Abstraction
Being a Dynamic Social Citizen: Start with Hello Week 2019-2020
Being a Dynamic Social Citizen: Start with Hello Week 2019-2020
Machine Learning Practices in Network Traffic Across Data Centers
Machine Learning Practices in Network Traffic Across Data Centers
Machine Learning Technique for Dynamic Aperture Computation in Circular Accelerators
Machine Learning Technique for Dynamic Aperture Computation in Circular Accelerators
Seminar on Machine Learning with IoT Explained
Seminar on Machine Learning with IoT Explained
Scientific Machine Learning Benchmarks: Evaluating ML Ecosystems
Scientific Machine Learning Benchmarks: Evaluating ML Ecosystems
Dynamic Oracle Training in Constituency Parsing
Dynamic Oracle Training in Constituency Parsing
Network Slicing with OAI 5G CN Workshop Overview
Network Slicing with OAI 5G CN Workshop Overview
Understanding Algorithms and Abstraction Concepts in Programming
Understanding Algorithms and Abstraction Concepts in Programming
Understanding Computer Abstraction and Performance Metrics
Understanding Computer Abstraction and Performance Metrics
Computational Thinking, Algorithms & Programming Overview
Computational Thinking, Algorithms & Programming Overview
Understanding Modularization and Abstraction in Object-Oriented Programming
Understanding Modularization and Abstraction in Object-Oriented Programming
Understanding Algorithms and Programming: A Visual Introduction
Understanding Algorithms and Programming: A Visual Introduction
Satisfiability Modulo Abstraction for Separation Logic with Linked Lists
Satisfiability Modulo Abstraction for Separation Logic with Linked Lists
Analysis of Data Manager Survey Results in VQI Abstraction
Analysis of Data Manager Survey Results in VQI Abstraction