Control Plane Compression Ryan Becke* Aar- Gupta Ratul Mahajan - - PowerPoint PPT Presentation

control plane compression
SMART_READER_LITE
LIVE PREVIEW

Control Plane Compression Ryan Becke* Aar- Gupta Ratul Mahajan - - PowerPoint PPT Presentation

Oct 13, 2023 9 likes •395 views

1 Control Plane Compression Ryan Becke* Aar- Gupta Ratul Mahajan David Walker 3 Good news! Some Solu/ons 5 Data Plane Verification Anteater [Mai 2011] HSA [Kazemian 2012] [Kurshid 2013] Veriflow NoD [Lopes 2015] Symmetries

slide-1
SLIDE 1

1

Ryan Becke* Aar- Gupta Ratul Mahajan David Walker

Control Plane Compression

slide-2
SLIDE 2

3

slide-3
SLIDE 3

5

Good news! Some Solu/ons

Data Plane Verification Veriflow [Kurshid 2013] HSA [Kazemian 2012] NoD [Lopes 2015] … Anteater [Mai 2011] Symmetries [Plotkin 2016]

slide-4
SLIDE 4

6

Good news! Some Solutions

Control Plane Simulation Control Plane Verification [Gember-Jacobsen 2016] [Beckett 2017] MineSweeper ARC Batfish [Fogel 2015] C-BGP [Quotin 2005] Bagpipe [Weitz 2016] … [Fayaz 2017] ERA … Data Plane Verification Veriflow [Kurshid 2013] HSA [Kazemian 2012] NoD [Lopes 2015] Anteater [Mai 2011] … Symmetries [Plotkin 2016]

slide-5
SLIDE 5

reachability no black holes = router or subnet equivalence no loops no transit

Proper&es

slide-6
SLIDE 6

A Problem of Scale

1000 5000

Other technologies, such as simulation, suffer similar, though less severe trends.

industrial data centers # of devices MineSweeper Verification Time 500

slide-7
SLIDE 7

10

Our Contribution: Reduce the Scale

Bonsai Batfish <your tool here> MineSweeper big network small network

Empirical analysis: real networks reduced by 5-7x (# nodes); by 7-100x (# edges) Theoretical analysis: we prove our algorithm generates behaviorally bisimilar networks

slide-8
SLIDE 8

The Network Model

slide-9
SLIDE 9

!

A Generic Routing Protocol

destination [Formal model builds on past work on stable paths [Griffin et al, 2002] or routing algebras [Sobrinho 2005] and work here at here at SIGCOMM 2018 by Daggitt et al.]

slide-10
SLIDE 10

!

A Generic Routing Protocol

route announcements

slide-11
SLIDE 11

!

A Generic Rou,ng Protocol

chosen route

slide-12
SLIDE 12

!

A Generic Rou,ng Protocol

a solution (L – a labelling of nodes)

slide-13
SLIDE 13

!

A Generic Routing Protocol

visual representation / flow of traffic:

slide-14
SLIDE 14

Valid Abstrac-ons

slide-15
SLIDE 15

27

Network Abstractions

! !

Goal: Compute a small network with a “similar” solution to the big one Constraint: We can’t actually compute the solutions and compare them! We need a quick test that suffices to guarantee similarity.

slide-16
SLIDE 16

28

! ! " " #$ #% #

A pair of functions: (f, h)

abstracts topology abstracts route announcements

Network Abstractions

slide-17
SLIDE 17

29

! ! " " #$ #% #

&

A pair of functions: (f, h)

Network Abstractions

slide-18
SLIDE 18

30

! ! " " #$ #% #

a, b%, d a, b, d

A pair of functions: (f, h)

Network Abstractions

slide-19
SLIDE 19

31

Abstrac*on Requirements

!" !# $ %" %# $ ! %

(1) Forall-exists requirement eg: Because the abstract green node has an edge to the abstract red node, all concrete green nodes must have an edge to some concrete red node concrete nodes must have similar connections as their abstract representatives

slide-20
SLIDE 20

32

Abstraction Requirements

!" !# $" $# % ! $ % &"

Wrong. c1 has no edge to a red node so it can’t be green (1) Forall-exists requirement All green nodes have an edge to some red node

slide-21
SLIDE 21

33

Abstrac)on Requirements

!" !# $" $# ! $

Each green node has an edge to “some” red node (1) Forall-exists requirement

% &" % &

slide-22
SLIDE 22

34

Abstraction Requirements

!" !# $ %" %# $ ! %

(2) Transfer-equivalence requirement

&1

h h

&2 !1 !2

“concrete announcements are processed the same way as abstract announcements (modulo the abstraction function h)”

slide-23
SLIDE 23

35

Theorem: If an abstraction satisfies the forall-exists requirement and the transfer equivalence requirement then it will compute similar global solutions as its related concrete network.

!" !# $ %" %# $ ! %

similar (modulo h) best routes

slide-24
SLIDE 24

36

!" !# $ %" %# $ ! %

(1) Reachability (2) Routing Loops (3) Hop Count (4) Multipath Consistency (5) Waypointing Valid abstractions preserve:

Corollary

slide-25
SLIDE 25

The algorithm: How to find a valid abstraction

slide-26
SLIDE 26

38

Checking for Transfer Equivalence

!" !# $ %" %#

1

Binary Decision Diagrams (BDDs)

Represents route-maps and ACLs Once BDDs have been built, we can test for transfer equivalence in constant time.

slide-27
SLIDE 27

39

Greedy Abstraction Refinement Algorithm

Start with 2 abstract nodes Repeatedly split until a valid abstraction is found.

Finding an Abstraction: The Algorithm

slide-28
SLIDE 28

40

Greedy Abstraction Refinement Algorithm

Start with 2 abstract nodes Repeatedly split until a valid abstraction is found.

!" #" $% !% #% &

Finding an Abstraction: The Algorithm

topological forall-exists condition is violated: b1 has an edge to orange node, but a1 does not.

slide-29
SLIDE 29

41

!" #" $% !% #% &

Finding an Abstraction: The Algorithm

Greedy Abstraction Refinement Algorithm

Start with 2 abstract nodes Repeatedly split until a valid abstraction is found. topological forall-exists condition is violated: b1 has an edge to a blue node, but c1 does not

slide-30
SLIDE 30

42

!" #" $% !% #% &

Finding an Abstraction: The Algorithm

Greedy Abstraction Refinement Algorithm

Start with 2 abstract nodes Repeatedly split until a valid abstraction is found.

slide-31
SLIDE 31

43

!

Finding an Abstraction: The Algorithm

"# $# %& "& $& ! $ % "

slide-32
SLIDE 32

44

An Aside: BGP Behaving Badly

You might think that if 2 BGP nodes have syntactically identical configurations then they process all routes the same way (ie, transfer equivalence holds) Fun fact: We prove a node can have up to k+1 different behaviors, where k is the # of different local preferences used. Spoiler: They might not! BGP loop detection discards routes differently. See the paper (and Ryan’s thesis) for proofs and a revised algorithm for BGP. Comment: If transfer equivalence doesn’t hold, the algorithm fails to compress

slide-33
SLIDE 33

Evaluation

slide-34
SLIDE 34

46

Synthetic Benchmarks

[MineSweeper verifying all-pairs reachability with shortest paths policy]

Fattree

slide-35
SLIDE 35

47

Synthetic Benchmarks

[MineSweeper verifying all-pairs reachability with shortest paths policy]

Fattree Ring

slide-36
SLIDE 36

48

Case Studies

Roughly 600,000 lines of configuration for 197 devices

Datacenter

Only 26 unique “roles” Compression takes ~15.5 seconds per destination class (DC) for 1269 DCs Number of nodes compressed on average by 6.6x and edges by 112x Roughly 600,000 lines of configuration for 1086 devices

WAN

Only 137 unique “roles” Compression takes ~1.8 seconds per DC for 845 DCs Number of nodes compressed by 5.2x and edges by 7.2x Note: MineSweeper still doesn’t scale due to the protocols used; Batfish does

slide-37
SLIDE 37

49

Bonsai Limitations

Not guaranteed to find the optimal abstraction (though often good) Whether or not Bonsai preserves divergence is an open question Properties can not depend on the number of edges/neighbors/paths

  • Fault tolerance properties are not preserved
slide-38
SLIDE 38

52

Summary: Control Plane Compression

The Bonsai algorithm finds compresses real networks by a factor of 5-7 in the number of nodes and 5-100 in the number of edges. It preserves many path properties, such as reachability, but not fault tolerance.

Bonsai

We have proven it correct with respect to a generic routing protocol.