Investigating SDN Forwarding with RuleScope

Slide Note
Embed
Share

Explore research presented in INFOCOM 2016 regarding the inspection of SDN forwarding with RuleScope. The study delves into ensuring that every flow is on the right track, detecting and troubleshooting forwarding/rule faults, and uncovering actual data-plane flow tables through feedback and probing mechanisms.

mourning_b
mourning_b Follow

Uploaded on Sep 22, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. INFOCOM 2016 Is Every Flow on The Right Track? Inspect SDN Fwding with RuleScope Kai Bu1, Xitao Wen2, Bo Yang1 Yan Chen2, Li Erran Li3, Xiaolin Chen4 1Zhejiang University,2Northwestern University 3Fudan University, 4Chuxiong Normal University

  2. Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope

  3. Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope

  4. feedback probe Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope

  5. feedback feedback probe probe Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope

  6. feedback probe Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope detection reveal forwarding/rule faults

  7. feedback probe Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope detection reveal forwarding/rule faults troubleshooting uncover actual data-plane flow tables

  8. feedback probe Is Every Flow on The Right Track? Inspect SDN Fwding Inspect SDN Fwding Is Every Flow on The Right Track? RuleScope RuleScope detection reveal forwarding/rule faults troubleshooting uncover actual data-plane flow tables

  9. Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN?

  10. Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN Software-Defined Networking

  11. Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN Software-Defined Networking

  12. Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN Software-Defined Networking

  13. Controller Controller Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN App App App Software-Defined Networking

  14. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN App Forwarding flow

  15. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod App Forwarding flow

  16. Switch Rule Controller Priority Matching Action sw1 p1 src_ip=10.20.*.* fwd(sw2) Controller sw2 P2 src_ip=10.20.*.* fwd(sw3) Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod sw3 p3 src_ip=10.20.*.* fwd(out) App Forwarding sw1 sw2 sw3 flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  17. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod rule faults irritate App Forwarding sw1 sw2 sw3 flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  18. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod rule faults irritate App Forwarding missing fault sw3 sw1 sw2 flow priority fault p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  19. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod App Forwarding missing fault rule installation failure sw3 sw1 sw2 flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  20. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod loss App Forwarding missing fault rule installation failure sw3 sw1 sw2 bug flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  21. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod loss App Forwarding missing fault rule installation failure sw3 sw1 sw2 bug flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  22. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod App Forwarding sw4 sw1 rule update scheduling sw2 sw3 flow priority fault priority-swap between overlapping rules p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p4, src_ip=10.*.*.*, fwd(sw4) p3, src_ip=10.20.*.*, fwd(out)

  23. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod App Forwarding sw4 sw1 sw2 sw3 flow priority fault priority-swap between overlapping rules p4, src_ip=10.*.*.*, fwd(sw4) p1, src_ip=10.20.*.*, fwd(sw2) p3, src_ip=10.20.*.*, fwd(out) p2, src_ip=10.20.*.*, fwd(sw3)

  24. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod rule faults irritate App Forwarding sw4 missing fault rule installation failure sw3 sw1 sw2 flow priority fault priority-swap between overlapping rules p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  25. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod rule faults troubleshoot App detect & RuleScope sw4 sw1 sw2 sw3 flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  26. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN App App Postcard Processor Injector/ Interceptor RuleScope Framework

  27. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN augmented rules App App original rules NetSight [nsdi 14] Postcard Processor Injector/ Interceptor RuleScope Framework

  28. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN augmented rules which rule App App original rules NetSight [nsdi 14] which packet is processed by Postcard Processor Injector/ Interceptor RuleScope Framework packet history

  29. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe packets App App probe packets Injector/ Interceptor Postcard Processor RuleScope Framework

  30. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe feedback App App probe feedback Injector/ Interceptor Postcard Processor RuleScope Framework

  31. Controller Rule Fault Controller if Probe.MatchedRule != Probe.ExpectedRule Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe feedback App App probe feedback Injector/ Interceptor Postcard Processor RuleScope Framework

  32. Controller Flow Table Rule Fault ? Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN RuleScope Algorithms

  33. Controller Flow Table Rule Fault ? Controller dependency graph Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r0 r1 r4 {r0, r1, r2, r3, r4, r5, r6} RuleScope Algorithms r2 r3 r5 r6 <ri, rj> if ri.matching rj.matching AND ri.priority > rj.priority

  34. Controller Flow Table Rule Fault ? Controller dependency graph Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r0 r1 r4 {r0, r1, r2, r3, r4, r5, r6} RuleScope Algorithms r2 r3 r5 r6 <ri, rj> if smaller problem scale within each component; parallelism among different components

  35. Controller Flow Table Rule Fault ? Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe generation Probe(ri, H): RuleScope Algorithms generate probe packets that match ribut not rules in set H

  36. Controller Flow Table Rule Fault ? Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 probe generation Probe(ri, H): RuleScope Algorithms Is r6missing? ri= r6 H = {r4, r5} r5 r6

  37. Controller Flow Table Rule Fault ? Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 probe generation Probe(ri, H): RuleScope Algorithms Is r6missing? ri= r6 H = {r4, r5} r5 r6 <ri, rj> if proved NP-hard by reduction from SAT; based on MiniSat, a high-performance SAT solver

  38. Controller Flow Table Rule Fault ? Controller dependency graph probe generation Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN RuleScope Algorithms

  39. Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN RuleScope Algorithms detection

  40. Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 r0 r1 RuleScope Algorithms r2 r3 r5 r6 <ri, rj> if for a weakly connected component generate probes by topo order detection

  41. Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 H = H r4; H = Probe(r4, H); RuleScope Algorithms Probe(r5, H); H = H r5; r5 Probe(r5, H); r6 <ri, rj> if for a weakly connected component generate probes by topo order detection

  42. riis detected as faulty if ri.Probe.MatchedRule != ri Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 H = H r4; H = Probe(r4, H); RuleScope Algorithms Probe(r5, H); H = H r5; r5 Probe(r6, H); r6 <ri, rj> if for a weakly connected component generate probes by topo order detection

  43. riis detected as faulty if ri.Probe.MatchedRule != ri example: r4.Probe.MatchedRule = r5 either r4is missing, or r4is priority-swap with r5 Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 H = H r4; H = Probe(r4, H); RuleScope Algorithms Probe(r5, H); H = H r5; r5 Probe(r6, H); r6 <ri, rj> if for a weakly connected component generate probes by topo order detection

  44. Controller example: r4.Probe.MatchedRule = r5 either r4is missing, or r4is priority-swap with r5 Controller ? Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 RuleScope Algorithms r5 r6 <ri, rj> if detection

  45. riis detected as faulty if ri.Probe.MatchedRule != ri example: r4.Probe.MatchedRule = r5 either r4is missing, or r4is priority-swap with r5 Controller Controller ? Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN RuleScope Algorithms troubleshooting

  46. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe & feedback Output: flow table on switch RuleScope Algorithms troubleshooting

  47. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe & feedback rule.priority on sw? Output: flow table on switch RuleScope Algorithms troubleshooting

  48. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe & feedback Output: flow table on switch [ ].DependencyGraph RuleScope Algorithms troubleshooting

  49. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN {r0, r1, r2, r3} if (r0, r1).probe.MatchedRule = r2 probe & feedback Output: flow table on switch [ ].DependencyGraph RuleScope Algorithms r2 r0 r1 troubleshooting

  50. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN {r0, r1, r2, r3} if (r0, r1).probe.MatchedRule = r2 (r0, r3).probe.MatchedRule = r0 r2 probe & feedback Output: flow table on switch [ ].DependencyGraph RuleScope Algorithms r0 r1 troubleshooting r3

Related


Virtual Labs on SDN and P4 Programmable Switches

Virtual Labs on SDN and P4 Programmable Switches

everly
Understanding NFV and SDN Controllers in Networking Architecture

Understanding NFV and SDN Controllers in Networking Architecture

mjerr
Enhancing SDN Networks with GRAMI Software: A Study by Shlomi Nissim and Anat Bremler-Bar

Enhancing SDN Networks with GRAMI Software: A Study by Shlomi Nissim and Anat Bremler-Bar

kacey
Optical SDN/NFV User Guide for Network Control & Management

Optical SDN/NFV User Guide for Network Control & Management

zacaryst
Meridian: An SDN Platform for Cloud Network Services

Meridian: An SDN Platform for Cloud Network Services

aki_enc
Exploring Source-Routed Forwarding in SDN-Based WANs

Exploring Source-Routed Forwarding in SDN-Based WANs

sha_kin
Efficient DocuSign Document Forwarding Process

Efficient DocuSign Document Forwarding Process

mckenzie
PEEK: Proactive Producer Mobility Management Scheme for ICN

PEEK: Proactive Producer Mobility Management Scheme for ICN

kamahr
Securight Sdn. Bhd. - Leading Commercial Security Company in Malaysia

Securight Sdn. Bhd. - Leading Commercial Security Company in Malaysia

rueben
Benefits of Buying Property at Auctions by Arena Auctioneers Sdn Bhd

Benefits of Buying Property at Auctions by Arena Auctioneers Sdn Bhd

talitha
Virtual Labs and Cybersecurity Overview at 2021 Winter ICT Educators Conference

Virtual Labs and Cybersecurity Overview at 2021 Winter ICT Educators Conference

ellierose
Workshop on Fine-grained Measurements App with P4 Programmable Switches

Workshop on Fine-grained Measurements App with P4 Programmable Switches

jream
Enhancing Memcached Traffic Load Balancing using SDN

Enhancing Memcached Traffic Load Balancing using SDN

raega
Detailed OpenFlow Emulation Using Mininet/OpenvSwitch

Detailed OpenFlow Emulation Using Mininet/OpenvSwitch

amilia
Simplifying Middlebox Policy Enforcement Using SDN

Simplifying Middlebox Policy Enforcement Using SDN

briceyd
Understanding IP Addressing and Routing in Networking

Understanding IP Addressing and Routing in Networking

aur_bom
A.Z.A.D Freight Forwarding & Door-to-Door Services Overview

A.Z.A.D Freight Forwarding & Door-to-Door Services Overview

canaan
Freight Forwarding Services in Belgium and West Africa

Freight Forwarding Services in Belgium and West Africa

ezrah
International Freight Forwarding Company - Andina Freight SAC

International Freight Forwarding Company - Andina Freight SAC

pimienta_r
TLS Freight Forwarding Pvt Ltd: Your Business Partner for Complete Logistics & Supply Chain Solutions

TLS Freight Forwarding Pvt Ltd: Your Business Partner for Complete Logistics & Supply Chain Solutions

rayl_9
Methods of Investigating Foreign and Native Languages

Methods of Investigating Foreign and Native Languages

zane
POSNOC & ATNEC Trials Update by Amit Goyal: Investigating Axillary Treatment in Breast Cancer

POSNOC & ATNEC Trials Update by Amit Goyal: Investigating Axillary Treatment in Breast Cancer

daan
Overview of Investigating Directorate Establishment and Functions

Overview of Investigating Directorate Establishment and Functions

doris
The Role of a Coroner in Investigating Unnatural Deaths

The Role of a Coroner in Investigating Unnatural Deaths

krishna

More Related Content

Maths Department Mystery: Investigating the Murder of Mr. Hurst
Maths Department Mystery: Investigating the Murder of Mr. Hurst
Investigating Raisin Osciilations in Soda Water
Investigating Raisin Osciilations in Soda Water
Investigating Proposed Project Title with Student Team
Investigating Proposed Project Title with Student Team
Investigating Speech-to-Text Tools for Android Devices
Investigating Speech-to-Text Tools for Android Devices
Strategies for Improving School Quality: A Case Study
Strategies for Improving School Quality: A Case Study
Exciting Details of KOMTAR Tower Run by NX113 in Penang on 10th March 2024
Exciting Details of KOMTAR Tower Run by NX113 in Penang on 10th March 2024
Understanding 5G RAN Network Slicing and Architecture
Understanding 5G RAN Network Slicing and Architecture
Evolution of Programmable Switches and Routers
Evolution of Programmable Switches and Routers
Rochester Institute of Technology
Rochester Institute of Technology
Computer Networks CMSC 417 : Spring 2022
Computer Networks CMSC 417 : Spring 2022
Understanding Consistency Protocols in Distributed Systems
Understanding Consistency Protocols in Distributed Systems
Real-Time Payments: Actors and Message Flows Overview
Real-Time Payments: Actors and Message Flows Overview
JSM Logistic Services - Redefining the Logistics Market with Passion and Innovation
JSM Logistic Services - Redefining the Logistics Market with Passion and Innovation
Comprehensive Customs Clearance and Logistics Solutions for Importers and Exporters
Comprehensive Customs Clearance and Logistics Solutions for Importers and Exporters
PKS Freight & Logistics Pvt Ltd - Your Trusted Logistics Service Provider
PKS Freight & Logistics Pvt Ltd - Your Trusted Logistics Service Provider
CMA - Your Trusted Global Logistics Partner Since 1970
CMA - Your Trusted Global Logistics Partner Since 1970
S&S Expert Solutions - Training and Development Consultants
S&S Expert Solutions - Training and Development Consultants
Making Travel, Car Hire, and Accommodation Arrangements in Office Practice
Making Travel, Car Hire, and Accommodation Arrangements in Office Practice
Trusted Logistics Service Provider Since 1980 - PKS Freight & Logistics Pvt Ltd
Trusted Logistics Service Provider Since 1980 - PKS Freight & Logistics Pvt Ltd
Understanding Pipelined Control in Processor Architecture
Understanding Pipelined Control in Processor Architecture
Understanding Router Routing Tables in Computer Networks
Understanding Router Routing Tables in Computer Networks
Understanding Networking Principles and Routing Algorithms in Distributed Systems
Understanding Networking Principles and Routing Algorithms in Distributed Systems
Understanding WAN Technologies and Routing in Large Networks
Understanding WAN Technologies and Routing in Large Networks
Understanding LAN Interconnection and Switching Technologies
Understanding LAN Interconnection and Switching Technologies