Investigating SDN Forwarding with RuleScope

Slide Note
Embed
Share

Explore research presented in INFOCOM 2016 regarding the inspection of SDN forwarding with RuleScope. The study delves into ensuring that every flow is on the right track, detecting and troubleshooting forwarding/rule faults, and uncovering actual data-plane flow tables through feedback and probing mechanisms.

mourning_b
mourning_b Follow

Uploaded on Sep 22, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. INFOCOM 2016 Is Every Flow on The Right Track? Inspect SDN Fwding with RuleScope Kai Bu1, Xitao Wen2, Bo Yang1 Yan Chen2, Li Erran Li3, Xiaolin Chen4 1Zhejiang University,2Northwestern University 3Fudan University, 4Chuxiong Normal University

  2. Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope

  3. Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope

  4. feedback probe Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope

  5. feedback feedback probe probe Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope

  6. feedback probe Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope detection reveal forwarding/rule faults

  7. feedback probe Is Every Flow on The Right Track? Inspect SDN Fwding RuleScope detection reveal forwarding/rule faults troubleshooting uncover actual data-plane flow tables

  8. feedback probe Is Every Flow on The Right Track? Inspect SDN Fwding Inspect SDN Fwding Is Every Flow on The Right Track? RuleScope RuleScope detection reveal forwarding/rule faults troubleshooting uncover actual data-plane flow tables

  9. Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN?

  10. Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN Software-Defined Networking

  11. Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN Software-Defined Networking

  12. Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN Software-Defined Networking

  13. Controller Controller Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN App App App Software-Defined Networking

  14. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN App Forwarding flow

  15. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod App Forwarding flow

  16. Switch Rule Controller Priority Matching Action sw1 p1 src_ip=10.20.*.* fwd(sw2) Controller sw2 P2 src_ip=10.20.*.* fwd(sw3) Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod sw3 p3 src_ip=10.20.*.* fwd(out) App Forwarding sw1 sw2 sw3 flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  17. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod rule faults irritate App Forwarding sw1 sw2 sw3 flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  18. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod rule faults irritate App Forwarding missing fault sw3 sw1 sw2 flow priority fault p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  19. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod App Forwarding missing fault rule installation failure sw3 sw1 sw2 flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  20. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod loss App Forwarding missing fault rule installation failure sw3 sw1 sw2 bug flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  21. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod loss App Forwarding missing fault rule installation failure sw3 sw1 sw2 bug flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  22. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod App Forwarding sw4 sw1 rule update scheduling sw2 sw3 flow priority fault priority-swap between overlapping rules p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p4, src_ip=10.*.*.*, fwd(sw4) p3, src_ip=10.20.*.*, fwd(out)

  23. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod App Forwarding sw4 sw1 sw2 sw3 flow priority fault priority-swap between overlapping rules p4, src_ip=10.*.*.*, fwd(sw4) p1, src_ip=10.20.*.*, fwd(sw2) p3, src_ip=10.20.*.*, fwd(out) p2, src_ip=10.20.*.*, fwd(sw3)

  24. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod rule faults irritate App Forwarding sw4 missing fault rule installation failure sw3 sw1 sw2 flow priority fault priority-swap between overlapping rules p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  25. Controller Controller Routing Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN FlowMod rule faults troubleshoot App detect & RuleScope sw4 sw1 sw2 sw3 flow p1, src_ip=10.20.*.*, fwd(sw2) p2, src_ip=10.20.*.*, fwd(sw3) p3, src_ip=10.20.*.*, fwd(out)

  26. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN App App Postcard Processor Injector/ Interceptor RuleScope Framework

  27. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN augmented rules App App original rules NetSight [nsdi 14] Postcard Processor Injector/ Interceptor RuleScope Framework

  28. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN augmented rules which rule App App original rules NetSight [nsdi 14] which packet is processed by Postcard Processor Injector/ Interceptor RuleScope Framework packet history

  29. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe packets App App probe packets Injector/ Interceptor Postcard Processor RuleScope Framework

  30. Controller Controller Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe feedback App App probe feedback Injector/ Interceptor Postcard Processor RuleScope Framework

  31. Controller Rule Fault Controller if Probe.MatchedRule != Probe.ExpectedRule Routing Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe feedback App App probe feedback Injector/ Interceptor Postcard Processor RuleScope Framework

  32. Controller Flow Table Rule Fault ? Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN RuleScope Algorithms

  33. Controller Flow Table Rule Fault ? Controller dependency graph Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r0 r1 r4 {r0, r1, r2, r3, r4, r5, r6} RuleScope Algorithms r2 r3 r5 r6 <ri, rj> if ri.matching rj.matching AND ri.priority > rj.priority

  34. Controller Flow Table Rule Fault ? Controller dependency graph Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r0 r1 r4 {r0, r1, r2, r3, r4, r5, r6} RuleScope Algorithms r2 r3 r5 r6 <ri, rj> if smaller problem scale within each component; parallelism among different components

  35. Controller Flow Table Rule Fault ? Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe generation Probe(ri, H): RuleScope Algorithms generate probe packets that match ribut not rules in set H

  36. Controller Flow Table Rule Fault ? Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 probe generation Probe(ri, H): RuleScope Algorithms Is r6missing? ri= r6 H = {r4, r5} r5 r6

  37. Controller Flow Table Rule Fault ? Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 probe generation Probe(ri, H): RuleScope Algorithms Is r6missing? ri= r6 H = {r4, r5} r5 r6 <ri, rj> if proved NP-hard by reduction from SAT; based on MiniSat, a high-performance SAT solver

  38. Controller Flow Table Rule Fault ? Controller dependency graph probe generation Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN RuleScope Algorithms

  39. Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN RuleScope Algorithms detection

  40. Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 r0 r1 RuleScope Algorithms r2 r3 r5 r6 <ri, rj> if for a weakly connected component generate probes by topo order detection

  41. Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 H = H r4; H = Probe(r4, H); RuleScope Algorithms Probe(r5, H); H = H r5; r5 Probe(r5, H); r6 <ri, rj> if for a weakly connected component generate probes by topo order detection

  42. riis detected as faulty if ri.Probe.MatchedRule != ri Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 H = H r4; H = Probe(r4, H); RuleScope Algorithms Probe(r5, H); H = H r5; r5 Probe(r6, H); r6 <ri, rj> if for a weakly connected component generate probes by topo order detection

  43. riis detected as faulty if ri.Probe.MatchedRule != ri example: r4.Probe.MatchedRule = r5 either r4is missing, or r4is priority-swap with r5 Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 H = H r4; H = Probe(r4, H); RuleScope Algorithms Probe(r5, H); H = H r5; r5 Probe(r6, H); r6 <ri, rj> if for a weakly connected component generate probes by topo order detection

  44. Controller example: r4.Probe.MatchedRule = r5 either r4is missing, or r4is priority-swap with r5 Controller ? Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN r4 RuleScope Algorithms r5 r6 <ri, rj> if detection

  45. riis detected as faulty if ri.Probe.MatchedRule != ri example: r4.Probe.MatchedRule = r5 either r4is missing, or r4is priority-swap with r5 Controller Controller ? Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN RuleScope Algorithms troubleshooting

  46. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe & feedback Output: flow table on switch RuleScope Algorithms troubleshooting

  47. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe & feedback rule.priority on sw? Output: flow table on switch RuleScope Algorithms troubleshooting

  48. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN probe & feedback Output: flow table on switch [ ].DependencyGraph RuleScope Algorithms troubleshooting

  49. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN {r0, r1, r2, r3} if (r0, r1).probe.MatchedRule = r2 probe & feedback Output: flow table on switch [ ].DependencyGraph RuleScope Algorithms r2 r0 r1 troubleshooting

  50. riis detected as faulty if ri.Probe.MatchedRule != ri Input: flow table on controller Controller Controller Monitor Gotta Tell You Switches Only Once Toward Bandwidth-Efficient Flow Setup for SDN {r0, r1, r2, r3} if (r0, r1).probe.MatchedRule = r2 (r0, r3).probe.MatchedRule = r0 r2 probe & feedback Output: flow table on switch [ ].DependencyGraph RuleScope Algorithms r0 r1 troubleshooting r3

Related


Understanding Software-Defined Networking (SDN) and OpenFlow

Understanding Software-Defined Networking (SDN) and OpenFlow

pile_per
Virtual Labs on SDN and P4 Programmable Switches

Virtual Labs on SDN and P4 Programmable Switches

everly
Understanding NFV and SDN Controllers in Networking Architecture

Understanding NFV and SDN Controllers in Networking Architecture

mjerr
Enhancing SDN Networks with GRAMI Software: A Study by Shlomi Nissim and Anat Bremler-Bar

Enhancing SDN Networks with GRAMI Software: A Study by Shlomi Nissim and Anat Bremler-Bar

kacey
Optical SDN/NFV User Guide for Network Control & Management

Optical SDN/NFV User Guide for Network Control & Management

zacaryst
Meridian: An SDN Platform for Cloud Network Services

Meridian: An SDN Platform for Cloud Network Services

aki_enc
Understanding Software-Defined Networking (SDN) Threats and Countermeasures

Understanding Software-Defined Networking (SDN) Threats and Countermeasures

saez948
Evolution of Networking: Embracing Software-Defined Networks

Evolution of Networking: Embracing Software-Defined Networks

stalling_r
Comprehensive Overview of Software Defined Networking Programming in OpenDaylight

Comprehensive Overview of Software Defined Networking Programming in OpenDaylight

syoa
Understanding SDN Switch Code Tracing Process

Understanding SDN Switch Code Tracing Process

loy_sl
Understanding SDN and OpenStack in Cloud Computing

Understanding SDN and OpenStack in Cloud Computing

joh_wi
Exploring Source-Routed Forwarding in SDN-Based WANs

Exploring Source-Routed Forwarding in SDN-Based WANs

sha_kin
Efficient DocuSign Document Forwarding Process

Efficient DocuSign Document Forwarding Process

mckenzie
PEEK: Proactive Producer Mobility Management Scheme for ICN

PEEK: Proactive Producer Mobility Management Scheme for ICN

kamahr
Securight Sdn. Bhd. - Leading Commercial Security Company in Malaysia

Securight Sdn. Bhd. - Leading Commercial Security Company in Malaysia

rueben
Benefits of Buying Property at Auctions by Arena Auctioneers Sdn Bhd

Benefits of Buying Property at Auctions by Arena Auctioneers Sdn Bhd

talitha
Virtual Labs and Cybersecurity Overview at 2021 Winter ICT Educators Conference

Virtual Labs and Cybersecurity Overview at 2021 Winter ICT Educators Conference

ellierose
Workshop on Fine-grained Measurements App with P4 Programmable Switches

Workshop on Fine-grained Measurements App with P4 Programmable Switches

jream
Enhancing Memcached Traffic Load Balancing using SDN

Enhancing Memcached Traffic Load Balancing using SDN

raega
Detailed OpenFlow Emulation Using Mininet/OpenvSwitch

Detailed OpenFlow Emulation Using Mininet/OpenvSwitch

amilia
Simplifying Middlebox Policy Enforcement Using SDN

Simplifying Middlebox Policy Enforcement Using SDN

briceyd
Adaptive Resilient Routing via Preorders in SDN

Adaptive Resilient Routing via Preorders in SDN

ryad
PhD in Telematics Engineering: Traffic Prediction with Big Data Technologies

PhD in Telematics Engineering: Traffic Prediction with Big Data Technologies

gunn_l
Proof Coring Works for Micropiles: A Technical Briefing by SS Liew Foundtest Drilling Sdn Bhd

Proof Coring Works for Micropiles: A Technical Briefing by SS Liew Foundtest Drilling Sdn Bhd

ofarrell_j

More Related Content