checking in on network functions
play

Checking-in on Network Functions by Zeeshan Lakhani and Heather - PowerPoint PPT Presentation

Dec 14, 2023 •369 likes •846 views

Checking-in on Network Functions by Zeeshan Lakhani and Heather Miller @ The rise of network functions? Lakhani/Miller Checking-in on Network Functions 2 The rise of network functions? LB Firewall IDS Lakhani/Miller Checking-in on

  1. Checking-in on Network Functions by Zeeshan Lakhani and Heather Miller @

  2. The rise of network functions? Lakhani/Miller Checking-in on Network Functions 2

  3. The rise of network functions? LB Firewall IDS ∨ Lakhani/Miller Checking-in on Network Functions 2

  4. The rise of network functions? LB Firewall IDS ∨ Lakhani/Miller Checking-in on Network Functions 2

  5. The rise of network functions? LB Firewall IDS ∨ Lakhani/Miller Checking-in on Network Functions 2

  6. writing and modeling ∧ The rise of network functions? Pyretic Slick NetKat Lakhani/Miller Checking-in on Network Functions 2

  7. writing and modeling ∧ The rise of network functions? Writing network functions is not “composed of nothing more than algorithms and small programs” [1] complex routing and load balancing policies tra ff ic monitoring experimental/new specifications, protocols, and headers computation and aggregation (e.g. In-Network Computation is a Dumb Idea Whose Time Has Come) [1] Cultures of programming: Understanding the history of programming through controversies and technical artifacts by Tomas Petricek, University of Kent, UK, 2019 Lakhani/Miller Checking-in on Network Functions 3

  8. Motivation Lakhani/Miller Checking-in on Network Functions 4

  9. Motivation If I program in React, can I program a network function? Lakhani/Miller Checking-in on Network Functions 4

  10. Motivation If I program in React, can I program a network function? How do we know what we’re doing is right? Lakhani/Miller Checking-in on Network Functions 4

  11. Motivation If I program in React, can I program a network function? How do we know what we’re doing is right? How can we iterate? Lakhani/Miller Checking-in on Network Functions 4

  12. Motivation Limits of Correctness e.g. reliance on OpenFlow protocol Lakhani/Miller Checking-in on Network Functions 4

  13. Motivation Limits of Correctness e.g. reliance on OpenFlow protocol Arbitrary (ad-hoc) Logic & Variable-length Data, e.g. Ipv6 Extensions, ndp options packet length failure and reconfiguration Lakhani/Miller Checking-in on Network Functions 4

  14. Motivation [2] [2] The Click Modular Router by Eddie Kohler, et. al., Laboratory for Computer Science, MIT, 1999 Lakhani/Miller Checking-in on Network Functions 5

  15. Two examples MTU: Send Too Big Ipv6 Extension Headers: SRH swap ethernet addresses swap src/dst change protocol set mtu info calculate checksum Lakhani/Miller Checking-in on Network Functions 6

  16. Two examples MTU: Send Too Big Ipv6 Extension Headers: SRH swap ethernet addresses swap src/dst change protocol set mtu info calculate checksum Lakhani/Miller Checking-in on Network Functions 6

  17. Kinds of Contracts Lakhani/Miller Checking-in on Network Functions 7

  18. Kinds of Contracts focused on how runtime contracts can be turned on for monitoring and testing situations so that developers can Design by Contract “sit back, and just watch their contracts be violated” erased on release binaries Lakhani/Miller Checking-in on Network Functions 7

  19. Kinds of Contracts focused on how runtime contracts can be turned on for monitoring and testing situations so that developers can Design by Contract “sit back, and just watch their contracts be violated” erased on release binaries compile-time assertions for consts, statics Static Assertions remain in release binaries Lakhani/Miller Checking-in on Network Functions 7

  20. Kinds of Contracts focused on how runtime contracts can be turned on for monitoring and testing situations so that developers can Design by Contract “sit back, and just watch their contracts be violated” erased on release binaries compile-time assertions for consts, statics Static Assertions remain in release binaries Static Order- Preserving Headers Lakhani/Miller Checking-in on Network Functions 7

  21. Kinds of Contracts: Design by Contract Lakhani/Miller Checking-in on Network Functions 8

  22. Kinds of Contracts: Design by Contract Lakhani/Miller Checking-in on Network Functions 8

  23. Kinds of Contracts: Design by Contract Lakhani/Miller Checking-in on Network Functions 8

  24. Kinds of Contracts: Static Assertions Lakhani/Miller Checking-in on Network Functions 9

  25. Kinds of Contracts: Static Assertions Lakhani/Miller Checking-in on Network Functions 9

  26. Kinds of Contracts: Static Assertions Lakhani/Miller Checking-in on Network Functions 9

  27. Kinds of Contracts: Static Order-Persevering Headers Lakhani/Miller Checking-in on Network Functions 10

  28. Kinds of Contracts: Static Order-Persevering Headers Lakhani/Miller Checking-in on Network Functions 10

  29. Implementation Lakhani/Miller Checking-in on Network Functions 11

  30. Implementation prototyped as a gradual extension to NetBricks (i.e. NetBricks: Taking the V out of NFV, OSDI 2016) Lakhani/Miller Checking-in on Network Functions 11

  31. Implementation Focused on Zero-Copy So fu Isolation prototyped as a gradual extension to NetBricks (i.e. NetBricks: Taking the V out of NFV, OSDI 2016) Lakhani/Miller Checking-in on Network Functions 11

  32. Implementation Focused on Zero-Copy So fu Isolation prototyped as a gradual extension to NetBricks (i.e. NetBricks: Taking the V out of NFV, OSDI 2016) implemented as a small rust library to easily write specifications, which generates code for validations and assertions at compile-time Lakhani/Miller Checking-in on Network Functions 11

  33. Implementation Focused on Zero-Copy So fu Isolation prototyped as a gradual extension to NetBricks (i.e. NetBricks: Taking the V out of NFV, OSDI 2016) implemented as a small rust library to easily write specifications, which generates code for validations and assertions at compile-time macros turn checks into static and dynamic contracts Lakhani/Miller Checking-in on Network Functions 11

  34. Implementation Lakhani/Miller Checking-in on Network Functions 12

  35. In Action Lakhani/Miller Checking-in on Network Functions 13

  36. In Action order is checked statically via a trace of packet contents Lakhani/Miller Checking-in on Network Functions 13

  37. In Action order is checked statically via a trace of packet contents pre-checks validate incoming contents and store contents @ runtime Lakhani/Miller Checking-in on Network Functions 13

  38. In Action order is checked statically via a trace of packet contents pre-checks validate incoming contents and store contents @ runtime post-checks validate transformed contents against pre-check contents Lakhani/Miller Checking-in on Network Functions 13

  39. Evaluation Lakhani/Miller Checking-in on Network Functions 14

  40. Evaluation Design Phase Lakhani/Miller Checking-in on Network Functions 14

  41. Evaluation: Syntax Added Lakhani/Miller Checking-in on Network Functions 15

  42. Evaluation: Compilation Time Lakhani/Miller Checking-in on Network Functions 16

  43. Evaluation: Runtime Cost Due to: mirroring and tracing packet contents runtime checks storage overhead Lakhani/Miller Checking-in on Network Functions 17

  44. Evaluation: Runtime Cost Due to: mirroring and tracing packet contents Design Phase runtime checks storage overhead Lakhani/Miller Checking-in on Network Functions 17

  45. Future Work deployment models / running contracts in simulation / CI e.g. via Mininet / Containernet (further) leverage static analysis of input programs interactive feedback (many examples in UI tooling and langs like Elm and Rust) program slicing refinement via domain-specific heuristics and constraint solving Lakhani/Miller Checking-in on Network Functions 18

  46. In Practice Scoped Side E ff ects Typed Packets Envelope : T < T : IpPacket > Header : TCP cascade λ → λ packet length checksum etc… Lakhani/Miller Checking-in on Network Functions 19

  47. Takeaways we need be tu er approaches to VERIFY and INTERACT with network functions and packet processing program properties here, we provide a HYBRID-APPROACH and implementation for GRADUALLY checking and validating the arbitrary logic and side e ff ects by COMBINING design by contract, static assertions and type-checking, and code generation via macros all without PENALIZING programmers at development time Lakhani/Miller Checking-in on Network Functions 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Implementation of Error Checking and Optional Parameter Negotiation for BGP-4 in a Network

The Implementation of Error Checking and Optional Parameter Negotiation for BGP-4 in a Network

The Implementation of Error Checking and Optional Parameter Negotiation for BGP-4 in a Network Simulator Naomi Ko 95301-1394 Communication Networks Laboratory Simon Fraser University 2004 Sep 01 Presentation Overview Acknowledgements

653 views • 34 slides
Redundant Logic Elimination in Network Functions Bangwen Deng 1 , Wenfei Wu 1 , Linhai Song 2 1:

Redundant Logic Elimination in Network Functions Bangwen Deng 1 , Wenfei Wu 1 , Linhai Song 2 1:

Redundant Logic Elimination in Network Functions Bangwen Deng 1 , Wenfei Wu 1 , Linhai Song 2 1: Tsinghua University 2: The Pennsylvania State University Network Functions: Critical components in network Growing impact: Various network

697 views • 46 slides
Evaluating Viability of Network Functions on Lambda Architecture By Arjun Singhvi, Anshul

Evaluating Viability of Network Functions on Lambda Architecture By Arjun Singhvi, Anshul

Evaluating Viability of Network Functions on Lambda Architecture By Arjun Singhvi, Anshul Purohit and Shruthi Racha Network Functions (NFs) Examine and modify packets and flows in sophisticated ways Ensure security, improve

1.09k views • 68 slides
Agenda Telco and 5G Network Functions Virtualization OPNFV and Software Defined

Agenda Telco and 5G Network Functions Virtualization OPNFV and Software Defined

Agenda Telco and 5G Network Functions Virtualization OPNFV and Software Defined Everything with SUSE Realizing NFVI requirements Performance Demo Telco and 5G LTE Network Architecture Telco functions The infrastructure

748 views • 39 slides
3. Satisfiability Checking 3.1 SAT-Checking Procedures Verification Technology

3. Satisfiability Checking 3.1 SAT-Checking Procedures Verification Technology

Fachgebiet RechnerSysteme Technische Universitt Verification Technology Darmstadt 3. Satisfiability Checking Computer Systems Lab 1 3. Satisfiability Checking 3 3. Satisfiability Checking 3.1 SAT-Checking Procedures Verification

278 views • 11 slides
Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree

Hoare Logic and Model Checking Model Checking Lecture 11: Model checking for Computation Tree Logic Dominic Mulligan Based on previous slides by Alan Mycroft and Mike Gordon Programming, Logic, and Semantics Group University of Cambridge

402 views • 25 slides
Checking &amp; Spot-Checking the Correctness of Priority Queues Matthew Chu &amp; Sampath Kannan

Checking &amp; Spot-Checking the Correctness of Priority Queues Matthew Chu &amp; Sampath Kannan

Checking &amp; Spot-Checking the Correctness of Priority Queues Matthew Chu &amp; Sampath Kannan (UPenn) Andrew McGregor (UCSD) Memory Checking Memory Checking Your resources: A lot of cheap unreliable memory and a little expensive reliable

1.11k views • 70 slides
Network Layer: The Data Plane Network Layer Overview Router Architecture Network

Network Layer: The Data Plane Network Layer Overview Router Architecture Network

Network Layer: The Data Plane Network Layer Overview Router Architecture Network Layer Functions and Service Models Network Layer Functions IP Addressing Network Service Models: Virtual Circuit vs. Datagram

1.18k views • 63 slides
Self Checking Network Protocols: A Monitor Based Approach Gunjan Khanna, Padma Varadharajan,

Self Checking Network Protocols: A Monitor Based Approach Gunjan Khanna, Padma Varadharajan,

Self Checking Network Protocols: A Monitor Based Approach Gunjan Khanna, Padma Varadharajan, Saurabh Bagchi Dependable Computing Systems Lab School of Electrical and Computer Engineering Purdue University http://shay.ecn.purdue.edu/~dcsl

420 views • 18 slides
NETWORK LAYER (Functions of Layer, IPV4 Addressing, IP Packet Headers, IP Address

NETWORK LAYER (Functions of Layer, IPV4 Addressing, IP Packet Headers, IP Address

NETWORK LAYER (Functions of Layer, IPV4 Addressing, IP Packet Headers, IP Address Assignment-Functions of IANA, AFRINIC, KENIC and ISPs) ECE 422-Data Communication &amp; Computer Networks Wednesday, 19 February 2020 WHERE ARE WE IN THE

519 views • 25 slides
Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking

Statistical Statistical Statistical Model Statistical Model Model Checking Model Checking Checking Checking for Timed Automata Timed Automata Coll C l C ll b llabora orators: t ors: Peter Bulychev, Alexandre David Axel Legay, Marius

725 views • 59 slides
More on Functions Thomas Schwarz, SJ Marquette University Functions of Functions Functions

More on Functions Thomas Schwarz, SJ Marquette University Functions of Functions Functions

More on Functions Thomas Schwarz, SJ Marquette University Functions of Functions Functions are full-fledged objects in Python This means you can pass functions as parameters Example: Calculate the average of the values of a function at

332 views • 12 slides
Orchestration for Cloud-Native Network Functions 1 Content Conte ntext t &amp; mo motiva

Orchestration for Cloud-Native Network Functions 1 Content Conte ntext t &amp; mo motiva

Ilhem FAJJARI Orange Labs Network Towards a Telco-grade Orchestration for Cloud-Native Network Functions 1 Content Conte ntext t &amp; mo motiva ivations tions Scope ope &amp; ambitions bitions Achie hieve veme ments

570 views • 19 slides
Network Layer (The Data Plane): Recap Network Layer Overview Router Architecture

Network Layer (The Data Plane): Recap Network Layer Overview Router Architecture

Network Layer (The Data Plane): Recap Network Layer Overview Router Architecture Network Layer Functions and Service Models Network Layer Functions IP Addressing DHCP Network Service Models: Virtual Circuit

745 views • 56 slides
The algebra of functions Given two functions, say f ( x ) = x 2 and g ( x ) = x + 1 , we can, in

The algebra of functions Given two functions, say f ( x ) = x 2 and g ( x ) = x + 1 , we can, in

The algebra of functions Given two functions, say f ( x ) = x 2 and g ( x ) = x + 1 , we can, in obvious ways, add, subtract, multiply and divide these functions. For example, the function f + g is defined simply by Elementary Functions ( f + g )(

404 views • 5 slides
CSE 154 Review/Exam Tips Exam Kane 110 5:15-6:15 We will be checking IDs Please be there by

CSE 154 Review/Exam Tips Exam Kane 110 5:15-6:15 We will be checking IDs Please be there by

CSE 154 Review/Exam Tips Exam Kane 110 5:15-6:15 We will be checking IDs Please be there by 5:05 Dont worry about use strict General Exam Only shorthand functions are $ and qsa. tips We are not grading on

198 views • 15 slides
A Tale of Two Checksums draft-ietf-fairhurst-udp-options-cco-00 Gorry Fairhurst, Tom Jones, Ra ff

A Tale of Two Checksums draft-ietf-fairhurst-udp-options-cco-00 Gorry Fairhurst, Tom Jones, Ra ff

A Tale of Two Checksums draft-ietf-fairhurst-udp-options-cco-00 Gorry Fairhurst, Tom Jones, Ra ff aele Zullo tom@erg.abdn.ac.uk IETF 103 - Bangkok 1 UDP Option Area IP transport payload

516 views • 23 slides
High Performance pgBackRest David Steele Crunchy Data PGConf.EU 2018 October 24, 2018 Agenda

High Performance pgBackRest David Steele Crunchy Data PGConf.EU 2018 October 24, 2018 Agenda

High Performance pgBackRest David Steele Crunchy Data PGConf.EU 2018 October 24, 2018 Agenda 1 Introduction 2 Core Commands 3 Archive Push 4 Backup Archive Get 5 Restore 6 Other Considerations 7 8 Questions? 2 / 16 About the

513 views • 16 slides
Introduction to the Transport Layer CSC 249 Feb 13, 2018 1 Transport Layer Overview q Tasks

Introduction to the Transport Layer CSC 249 Feb 13, 2018 1 Transport Layer Overview q Tasks

Introduction to the Transport Layer CSC 249 Feb 13, 2018 1 Transport Layer Overview q Tasks performed by the transport layer v Services provided to the application layer v Services expected from the network layer q Multiplexing and

437 views • 8 slides
ChainSoft: Collaborative Software Development using Smart Contracts Micha Krl

ChainSoft: Collaborative Software Development using Smart Contracts Micha Krl

ChainSoft: Collaborative Software Development using Smart Contracts Micha Krl &lt;m.krol@ucl.ac.uk&gt; , Sergi Re &lt;s.ren@ucl.ac.uk&gt; , Onur Ascigil &lt;o.ascigil@ucl.ac.uk&gt; , Ioannis Psaras &lt;i.psaras@ucl.ac.uk&gt;

331 views • 19 slides
CLOC, SILC and OTR Kazuhiko Minematsu (NEC Corporation) Recent Advances in Authenticated

CLOC, SILC and OTR Kazuhiko Minematsu (NEC Corporation) Recent Advances in Authenticated

CLOC, SILC and OTR Kazuhiko Minematsu (NEC Corporation) Recent Advances in Authenticated Encryption 2016 Kolkata, India 1 Outline Describe AE schemes, CLOC, SILC and OTR Merged as CLOC and SILC for CAESAR Both are CAESAR

1.18k views • 66 slides
Library of Congress Classification: Module 3.1 1 Library of Congress Classification: Module 3.1

Library of Congress Classification: Module 3.1 1 Library of Congress Classification: Module 3.1

Library of Congress Classification: Module 3.1 1 Library of Congress Classification: Module 3.1 Over the next two modules, we will demonstrate how to use the functionality built into Classification Web to find classification numbers for

682 views • 55 slides
PCE Hierarchical SDNs draft-chen-pce-h-sdns-00 Huaimo Chen (huaimo.chen@huawei.com) Mehmet Toy

PCE Hierarchical SDNs draft-chen-pce-h-sdns-00 Huaimo Chen (huaimo.chen@huawei.com) Mehmet Toy

PCE Hierarchical SDNs draft-chen-pce-h-sdns-00 Huaimo Chen (huaimo.chen@huawei.com) Mehmet Toy (mehmet_toy@cable.comcast.com) Lei Liu (lliu@us.fujitsu.com) Vic Liu (liuzhiheng@chinamobile.com) Introduction Hierarchical PCE: RFC 6805 as

300 views • 8 slides
Completing your Needs Assessment Deliverable Packet Family Health Outcomes Project, UCSF March

Completing your Needs Assessment Deliverable Packet Family Health Outcomes Project, UCSF March

Completing your Needs Assessment Deliverable Packet Family Health Outcomes Project, UCSF March 27, 2019 Jennifer Rienks, PhD, and Adrienne Shatara, MPH Presentation Outline &amp; Objectives Demonstrate where to locate the Deliverables

305 views • 12 slides

More recommend