co conc ncer erto to cooperative network wide telemetry
play

Co Conc ncer erto to: Cooperative Network-Wide Telemetry with - PowerPoint PPT Presentation

Oct 29, 2023 •346 likes •524 views

Co Conc ncer erto to: Cooperative Network-Wide Telemetry with Controllable Error Rate Yiran Li Kevin Gao Xin Jin Wei Xu Net etwork rk Tel elem emet etry ry Provide ides s Us Usef eful ul Status tus Knowle wledge dge Query

  1. Co Conc ncer erto to: Cooperative Network-Wide Telemetry with Controllable Error Rate Yiran Li Kevin Gao Xin Jin Wei Xu

  2. Net etwork rk Tel elem emet etry ry Provide ides s Us Usef eful ul Status tus Knowle wledge dge Query Interface DDoS Det. New TCP Port Scan Expressive & High Fidelity Operators Telemetry System Core Operates Packets Switch Config Telemetry Tuples of Whole Network in Real-Time Switch 2

  3. Exe xecuti uting ng Lo Location ion: : Stream eam Proces essor sor vs. s. PISA A Swit itch ch Task Assignment DDoS Det. SP vs. PISA Switch Executing at SP: √ General Processing × Scalability Problem Executing at PISA Switch √ Real-Time Processing × Limited Stages & Memory Stage 1 Stage 2 Deparser Parser Traffic Traffic Mem. ALU Mem. ALU Protocol Independent Switch Architecture Network Telemetry System 3

  4. Di Differe rent nt Swi witche ches s Pla lay y Di Differe rent nt Role les Telemetry Systems Big Data Frameworks Driver Program Query Cluster Manager Core SP Dynamically Assign Statically Assign to vs. to Available Executor Specific Switch S 3 Worker Worker Worker S 1 Executor Executor Executor Executor Executor Executor Executor Executor Executor Executor Executor Executor S 2 Switches with Different Roles Identical Workers, Executors 4

  5. Usi sing g Swi witche ches s In Inde depe pendent dently ly Is Is In Insu suffic fficient ient Splitting Query Between SP 4 .map ((_, dip ) => (dip ,1)) & Edge Switch Dynamically 5 .scan (( dip ,_) => dip , sum ) 6 .filter (( dip , count ) => count ==T) 7 .map (( dip , count ) => dip ) 1 packetStream 2 .map (p => (p.ip.sip ,p.ip. dip )) SP Unused 3 .distinct (( sip , dip ) => (sip , dip )) 4 .map ((_, dip ) => (dip ,1)) SRC DST 5 .scan (( dip ,_) => dip , sum ) Edge 6 .filter (( dip , count ) => count ==T) SRC 7 .map (( dip , count ) => dip ) S 3 Edge DDoS Detection Query Unused S 1 1 packetStream 2 .map (p => (p.ip.sip ,p.ip. dip )) S 2 3 .distinct (( sip , dip ) => (sip , dip )) 5

  6. Usi sing g Swi witche ches s In Inde depe pendent dently ly Is Is In Insu suffic fficient ient (Cont.) t.) Static Splitting & Using 4 .map ((_, dip ) => (dip ,1)) Switches Independently 5 .scan (( dip ,_) => dip , sum ) 6 .filter (( dip , count ) => count ==T) 7 .map (( dip , count ) => dip ) Wasted 1 packetStream Duplicated 2 .map (p => (p.ip.sip ,p.ip. dip )) SP 3 .distinct (( sip , dip ) => (sip , dip )) 4 .map ((_, dip ) => (dip ,1)) SRC DST 5 .scan (( dip ,_) => dip , sum ) Edge Unused 6 .filter (( dip , count ) => count ==T) SRC 7 .map (( dip , count ) => dip ) S 3 Edge DDoS Detection Query S 1 S 2 1 packetStream 2 .map (p => (p.ip.sip ,p.ip. dip )) 3 .distinct (( sip , dip ) => (sip , dip )) 6

  7. Concert erto: o: Cooper erative ative Net etwork rk-Wide Wide Te Telem emet etry ry • Challenge • Splitting queries among switches while meeting resource & network constraints • Cooperative query execution model Q Q Q Query • Splitting query to multiple PISA switches Result 1 2 3 • Each switch processes tuples locally Stream SP Concerto Core • Various operations on different switches Processor Config • Best-effort tuple processing Intermediate Tuples Switch Config • Automatic query placement • Analyzing query restrictions from AST • Formulating query placement as MIP Switch • Result • Reduce the stream processor’s workload by up to 19 × • Achieve 10 4 × lower error rate with the same workload 7

  8. Coope perativ ative Query y Executi ution on Mo Mode del 6 .filter (( dip , count ) => count ==T) 7 .map (( dip , count ) => dip ) 1 packetStream 2 .map (p => (p.ip.sip ,p.ip. dip )) 5→7 4→7 3 .distinct (( sip , dip ) => (sip , dip )) Phase 7 Phase 4 S 3 SP 1 →3 5 .scan (( dip ,_) => dip , sum ) 6 .filter (( dip , count ) => count ==T) S 1 7 .map (( dip , count ) => dip ) S 2 3→5 4 .map ((_, dip ) => (dip ,1)) 5 .scan (( dip ,_) => dip , sum ) 8

  9. Query y Executi ution on on Swi witche hes Stage Like Bloom Filter Subquery 1: 05:scan Subquery 2: 06:filter 07:map Mem. ALU S 1 05 06 07 07 PHV PHV Pkt Pkt 04 05 05 05 05 S 2 Stage 1 Stage 2 Stage 3 Stage 4 Parser Deparser Four-Stage PISA Switch Only Based on Phase 9

  10. Concerto rto Puts s Mo More Op Operati tions ons on S Swi witche ches 1 packetStream 2333 4 - - - 5556 f 1 : S 1 → S 6 2 .map (p => (p.ip.sip ,p.ip. dip )) 3333 7 3 .distinct (( sip , dip ) => (sip , dip )) S 1 S 4 S 6 Result 4 .map ((_, dip ) => (dip ,1)) Tuples f 2 : S 2 → S 6 4 - - - 2 - - - 555 6 5 .scan (( dip ,_) => dip , sum ) S 3 Stream f 3 : S 2 → S 7 6 .filter (( dip , count ) => count ==T) Processor 7 .map (( dip , count ) => dip ) S 5 S 2 S 7 • Switch hardware # Tuples # Stages Flow t1, t2 t3, t4 t5 t6, t7 d3 d5 • 4 stages f1 442628 50034 1033 25 3 3 • 0.5 Mb of registers at each stage f2 1383594 113584 1739 36 4 3 • Results f3 307941 8874 2194 25 3 3 f1+f2 1826222 163618 2772 61 5 3 • Stateless filtering: 2.1 × 10 6 f2+f3 1691535 122458 3933 61 4 4 • Independent stateful: 1.4 × 10 6 f1+f2+f3 2134163 172492 4966 86 5 4 • Concerto: 86 10

  11. Eval aluat uatio ion n Setup up • Questions: workload reduction, error rate guarantee, scalability • Topology ATT North America Topology # Sites # Links Claranet 15 018 ATT North America 25 056 Cesnet-10 52 063 OTEGlobe 93 103 • CAIDA trace: captured at a backbone ISP link from New York to San Paulo • Compared systems • Stateless : Everflow, DREAM • EdgeAll : Sonata • AnyAggre : OpenSketch, UnivMon, Marple • Metric: # tuples to the stream processor (same as Sonata) 11

  12. Concerto Reduces SP’s Workload on Various Queries Stateless EdgeAll AnyAggre Concerto 10 8 10 6 #Tuples 10 4 10 2 Log- Better SSpreader New TCP Port Scan DDoS In. Flows SSH Brute Slowloris Scaled Single-Query Performance on Various Queries 12

  13. Concerto rto Ac Achie ieve ves s Mu Much Lowe wer Error Rate Stateless EdgeAll AnyAggre Concerto 10 8 10 7 10 7 #Tuples 10 6 10 6 10 4 10 5 10 5 10 4 10 4 10 1 10 -1 10 -3 10 1 10 0 10 -5 10 -1 Error Rate (%) Error Rate (%) One Query Four Queries Error Rate Requirement 13

  14. Concerto rto Scal ales s Well ll Stateless EdgeAll AnyAggre Concerto Similar Similar Similar Normalized #Tuples 10 4 10 4 10 3 10 2 10 2 10 0 10 0 10 0 Different Different One Query Two Queries Four Queries Normalized To Concerto Normalized Workloads on Various Topologies 14

  15. Conclusi lusion on • We propose a cooperative query execution model • Mimics network routing, each switch processes tuples locally • Independent of the underlying routing method • Applies to arbitrary topology • We provide a method to automatically compile queries to PISA switches • Analyzes the query placement requirement from AST • Formulates and optimizes query placement on switches using MIP • We show that the cooperative query execution of Concerto is effective • Reduces the stream processor’s workload by as much as 19 times • Achieves an error rate of 10 4 times lower than state-of-the-art systems 15

  16. Th Thanks! anks! Q& Q&A

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

PAS ASSP SPORT ORT PR PROPO POSED SED CHANGES NGES and CONC NCER ERNS NS Purpose of

PAS ASSP SPORT ORT PR PROPO POSED SED CHANGES NGES and CONC NCER ERNS NS Purpose of

PAS ASSP SPORT ORT PR PROPO POSED SED CHANGES NGES and CONC NCER ERNS NS Purpose of this meeting Brief history Talk about some proposed changes to the system What some of the current issues are Determine next steps Ask

528 views • 22 slides
analysis of a real online social network using semantic web frameworks Guillaume Erto,

analysis of a real online social network using semantic web frameworks Guillaume Erto,

analysis of a real online social network using semantic web frameworks Guillaume Erto, Michel Buffa, Fabien Gandon, Olivier Corby social media landscape social web amplifies social network effects overwhelming flow of social data social

322 views • 31 slides
Collecting telemetry data using P4 and RDMA Rutger Beltman Silke Knossen Supervisors: Joseph

Collecting telemetry data using P4 and RDMA Rutger Beltman Silke Knossen Supervisors: Joseph

Collecting telemetry data using P4 and RDMA Rutger Beltman Silke Knossen Supervisors: Joseph Hill M.Sc. Dr. Paola Grosso 1 Introduction: Network Telemetry (I) Monitoring network health In-band network telemetry includes

702 views • 23 slides
Marking-based Network Telemetry Alon Riesenberg * , Yonnie Kirzon * , Michael Bunin * , Elad Galili

Marking-based Network Telemetry Alon Riesenberg * , Yonnie Kirzon * , Michael Bunin * , Elad Galili

Time-Muxed Parsing in Marking-based Network Telemetry Alon Riesenberg * , Yonnie Kirzon * , Michael Bunin * , Elad Galili * , Gidi Navon , Tal Mizrahi * ACM SYSTOR, Haifa, May 2019 * Background What is network telemetry?

854 views • 29 slides
Listening to the Network: Leveraging Network Flow Telemetry for Security Applications Darren

Listening to the Network: Leveraging Network Flow Telemetry for Security Applications Darren

Listening to the Network: Leveraging Network Flow Telemetry for Security Applications Darren Anstee EMEA Solutions Architect Introduction Security has an increased focus from ALL businesses, whether they are an enterprise, ISP, IDC or

926 views • 60 slides
Applications+of+Clock+Synchronization: Network+Telemetry 1

Applications+of+Clock+Synchronization: Network+Telemetry 1

Applications+of+Clock+Synchronization: Network+Telemetry 1 Market'Data'Synchronization'and'Freshness Recall&two&scenarios: Fast&loop Traders'place'orders'based'on'market'data'feeds'from'several'exchanges

305 views • 18 slides
NETWORK TELEMETRY AND ANALYTICS IN THE AGE OF BIG DATA RUTURAJ PATHAK/Senior Product

NETWORK TELEMETRY AND ANALYTICS IN THE AGE OF BIG DATA RUTURAJ PATHAK/Senior Product

NETWORK TELEMETRY AND ANALYTICS IN THE AGE OF BIG DATA RUTURAJ PATHAK/Senior Product Manager/INVENTEC Open Computing Project (OCP) Participation OCP Accepted! D7032Q28BP and D7032Q28BX D6254QSBP and D6254QSBX Inventec is a Platinum Member !!!

168 views • 14 slides
Towards Knowledge-Defined Networking using In-band Network Telemetry Jonghwan Hyun, Nguyen Van Tu

Towards Knowledge-Defined Networking using In-band Network Telemetry Jonghwan Hyun, Nguyen Van Tu

Towards Knowledge-Defined Networking using In-band Network Telemetry Jonghwan Hyun, Nguyen Van Tu and James Won-Ki Hong Department of Computer Science and Engineering, POSTECH, Pohang, Korea Email: { noraki, tunguyen, jwkhong } @postech.ac.kr

514 views • 7 slides
Cooperative Web Caching Cooperative Web Caching Cooperative Caching Cooperative Caching

Cooperative Web Caching Cooperative Web Caching Cooperative Caching Cooperative Caching

Cooperative Web Caching Cooperative Web Caching Cooperative Caching Cooperative Caching Previous work has shown that hit rate increases with population size [Duska et al. 97, Breslau et al. 98] However, single proxy caches have practical limits

868 views • 53 slides
Detecting outages with telemetry Alessio Placitelli - @dexterp37 June 16th - Internet

Detecting outages with telemetry Alessio Placitelli - @dexterp37 June 16th - Internet

Detecting outages with telemetry Alessio Placitelli - @dexterp37 June 16th - Internet Measurement Village 2020 Italy, March 11th - 2020 Tales from a mid-pandemic network outage Public 2 ...failure on a foreign network... Source :

591 views • 29 slides
Conc u rrent v alidit y & model diagrams SU R VE Y AN D ME ASU R E ME N T D E VE L OP ME N T

Conc u rrent v alidit y & model diagrams SU R VE Y AN D ME ASU R E ME N T D E VE L OP ME N T

Conc u rrent v alidit y & model diagrams SU R VE Y AN D ME ASU R E ME N T D E VE L OP ME N T IN R George Mo u nt Data anal y tics ed u cator Conc u rrent v alidit y Conc u rrent v alidit y: Does the model correlate w ith another meas u re no

604 views • 39 slides
All Saints: Pi Top Telemetry System ALL SAINTS SOLAR CAR Usage The Telemetry system

All Saints: Pi Top Telemetry System ALL SAINTS SOLAR CAR Usage The Telemetry system

All Saints: Pi Top Telemetry System ALL SAINTS SOLAR CAR Usage The Telemetry system is used to measure the input and output of the battery systems. Using sensors to measure the current, our drivers are able to see how

226 views • 7 slides
TELEMETRY Project overview and update JULIEN DANJOU IRC: JD_ GORDON CHUNG IRC: GORDC What

TELEMETRY Project overview and update JULIEN DANJOU IRC: JD_ GORDON CHUNG IRC: GORDC What

05.11.2017 TELEMETRY Project overview and update JULIEN DANJOU IRC: JD_ GORDON CHUNG IRC: GORDC What does Telemetry do? Metering services The Telemetry project provides service for data collection, storage and alarming. 3

130 views • 10 slides
Princess Marga ret Hospital and Ontario Can Ontario Can ncer Institute ncer Institute 50th

Princess Marga ret Hospital and Ontario Can Ontario Can ncer Institute ncer Institute 50th

Princess Marga ret Hospital and Ontario Can Ontario Can ncer Institute ncer Institute 50th Annive 50th Annive ersary Event ersary Event 16 18 Oc ctober 2008 The Unexpected Consequence es of Being a Research Fellow at PMH/OCI

1.1k views • 41 slides
Arpit Gupta Princeton University Rob Harrison, Ankita Pawar, Rdiger Birkner, Marco Canini,

Arpit Gupta Princeton University Rob Harrison, Ankita Pawar, Rdiger Birkner, Marco Canini,

SONATA: Query-Driven Network Telemetry Arpit Gupta Princeton University Rob Harrison, Ankita Pawar, Rdiger Birkner, Marco Canini, Nick Feamster, Jennifer Rexford, Walter Willinger Conventional Network Telemetry Compute Store Analysis

692 views • 24 slides
High Tide Technologies, LLC Advances In Telemetry- Satellite Telemetry COMPANY INTRODUCTION

High Tide Technologies, LLC Advances In Telemetry- Satellite Telemetry COMPANY INTRODUCTION

High Tide Technologies, LLC Advances In Telemetry- Satellite Telemetry COMPANY INTRODUCTION High Tide Technologies, LLC Satellite SCADA Provider Easy to Install Hardware Web-based Software Satellite Communications 24x7

310 views • 27 slides
A globally convergent numerical method and adaptivity for an inverse problem via Carleman

A globally convergent numerical method and adaptivity for an inverse problem via Carleman

A globally convergent numerical method and adaptivity for an inverse problem via Carleman estimates Larisa Beilina , Michael V. Klibanov Chalmers University of Technology and Gothenburg University, Gothenburg, Sweden University of

883 views • 64 slides
Agenda Working with files and directories lseek stat, fstat, lstat Working with

Agenda Working with files and directories lseek stat, fstat, lstat Working with

367 views • 5 slides
Sunday Homework 3 : an Diniohlet Allocation Model Latent Generative : Generative model

Sunday Homework 3 : an Diniohlet Allocation Model Latent Generative : Generative model

Dirichet Allocation Latent Lecture ( Part 11 2) : Jordan Yuan Andrea Scribes : , , Midterm This Wednesday : Due Sunday Homework 3 : an Diniohlet Allocation Model Latent Generative : Generative model : Pu Diricwetlw

166 views • 13 slides
Kalman Filter State Space Model Review Derivation x n +1 = F n x n + G n u n Examples y n

Kalman Filter State Space Model Review Derivation x n +1 = F n x n + G n u n Examples y n

Kalman Filter State Space Model Review Derivation x n +1 = F n x n + G n u n Examples y n = H n x n + v n Time and Measurement Updates x 0 0 0 0 0 x 0 u k , = 0 Q n nk S n

664 views • 22 slides
Smart Grid Uses and Applications? TCIPG Annual Industry Workshop November 7, 2011 Trustworthy

Smart Grid Uses and Applications? TCIPG Annual Industry Workshop November 7, 2011 Trustworthy

What is the Trust Required in New Smart Grid Uses and Applications? TCIPG Annual Industry Workshop November 7, 2011 Trustworthy Defined Trustworthy: Deserving of trust or confidence; dependable; reliable Trust: Reliance on the

385 views • 10 slides
Inventive Algorithmics Bruce W. Watson Derrick Kourie Ina Schaefer (TU Braunschweig) Loek

Inventive Algorithmics Bruce W. Watson Derrick Kourie Ina Schaefer (TU Braunschweig) Loek

Inventive Algorithmics Bruce W. Watson Derrick Kourie Ina Schaefer (TU Braunschweig) Loek Cleophas (TU Eindhoven) Introduction & Motivation Inventing new algorithms is tough Depends largely on inate talent, or luck There are

667 views • 53 slides
Hairy Graphs and the Homology of Out ( F n ) Jim Conant Univ. of Tennessee joint w/ Martin

Hairy Graphs and the Homology of Out ( F n ) Jim Conant Univ. of Tennessee joint w/ Martin

Hairy Graphs and the Homology of Out ( F n ) Jim Conant Univ. of Tennessee joint w/ Martin Kassabov and Karen Vogtmann July 11, 2012 Jim Conant Univ. of Tennessee joint w/ Martin Kassabov and Karen Vogtmann Hairy Graphs and the Homology of Out

874 views • 75 slides
An improved Branch-Cut-and-Price Algorithm for Heterogeneous Vehicle Routing Problems Artur Pessoa

An improved Branch-Cut-and-Price Algorithm for Heterogeneous Vehicle Routing Problems Artur Pessoa

An improved Branch-Cut-and-Price Algorithm for Heterogeneous Vehicle Routing Problems Artur Pessoa 3 Ruslan Sadykov 1 , 2 Eduardo Uchoa 3 1 2 3 Inria Bordeaux, Universit Bordeaux, Universidade Federal France France Fluminense, Brazil

1.01k views • 41 slides

More recommend