network function control
play

Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, - PowerPoint PPT Presentation

Nov 11, 2023 •274 likes •1.16k views

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1 Network functions (NFs) Perform sophisticated stateful actions

  1. OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1

  2. Network functions (NFs) • Perform sophisticated stateful actions on packets/flows WAN optimizer Caching proxy Intrusion detection system (IDS) 2

  3. NF trends • Network Functions Virtualization (NFV) WAN optimizer Caching proxy Intrusion detection system (IDS) 3

  4. NF trends • Network Functions Virtualization (NFV) → dynamically allocate NF instances Hypervisor 3

  5. NF trends • Network Functions Virtualization (NFV) → dynamically allocate NF instances • Software-defined Networking → dynamically reroute flows Hypervisor 3

  6. NF trends • Network Functions Virtualization (NFV) → dynamically allocate NF instances • Software-defined Networking → dynamically reroute flows Dynamic reallocation Hypervisor of packet processing 3

  7. Example: elastic NF scaling 1. Satisfy performance SLAs 4

  8. Example: elastic NF scaling 1. Satisfy performance SLAs CPU Packet loss 4

  9. Example: elastic NF scaling 1. Satisfy performance SLAs CPU Packet loss 4

  10. Example: elastic NF scaling 1. Satisfy performance SLAs CPU Packet loss 4

  11. Example: elastic NF scaling 1. Satisfy performance SLAs 2. Minimize operating costs CPU Packet loss 4

  12. Example: elastic NF scaling 1. Satisfy performance SLAs 2. Minimize operating costs CPU Packet loss 4

  13. Example: elastic NF scaling 1. Satisfy performance SLAs 2. Minimize operating costs 3. Accurately monitor traffic CPU Packet loss 4

  14. Problem: NFV+SDN is insufficient To simultaneously … 1. Satisfy performance SLAs 2. Minimize operating costs 3. Accurately monitor traffic 5

  15. Why NFV + SDN falls short Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  16. Why NFV + SDN falls short Packet loss SLA: <1% 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  17. Why NFV + SDN falls short ? Packet loss SLA: <1% 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  18. Why NFV + SDN falls short ? Packet loss SLA: <1% 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  19. Why NFV + SDN falls short ? Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  20. Why NFV + SDN falls short ? Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  21. Why NFV + SDN falls short ? Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  22. Why NFV + SDN falls short ? Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  23. SLAs + cost + accuracy: What do we need? • Quickly move, copy, or share internal NF state alongside updates to network forwarding state • Guarantees: loss-free, order- preserving, …    … 1 2 3 … Also applies to other scenarios 7

  24. Outline • Motivation and requirements • Challenges • OpenNF architecture – State export/import – State operations – Guarantees • Evaluation 8

  25. Challenges 1. Supporting many NFs with minimal changes 2. Dealing with race conditions 3. Bounding overhead 9

  26. Existing approaches • Virtual machine replication – Cannot combine → limited rebalancing • Split/Merge [NSDI’13] – State allocations and accesses occur via library – Addresses a specific problem → limited suitability – Packets may be dropped or re-ordered → wrong NF behavior 10

  27. OpenNF overview Control Application move/copy/share state OpenNF NF State Manager Flow Manager Controller export/import State 11

  28. NF state taxonomy State created or updated by an NF applies to either a single flow or a collection of flows Multi-flow state Per-flow state TcpAnalyzer Connection HttpAnalyzer ConnCount Connection TcpAnalyzer All-flows state HttpAnalyzer Statistics 12

  29. NF API: export/import state • Functions: get , put , delete put Per Scope Multi All Filter get NF No need to expose/change internal state organization! 13

  30. Control operations: move Control Application Flow Manager NF State Manager Bro 1 Bro 2 14

  31. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager Bro 1 Bro 2 14

  32. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager get(per, port=80) Bro 1 Bro 2 14

  33. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager get(per, port=80) [Chunk1] [Chunk2] Bro 1 Bro 2 14

  34. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager get(per, port=80) [Chunk1] del(per, port=80) [Chunk2] Bro 1 Bro 2 14

  35. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager get(per, port=80) put (per, Chunk1) [Chunk1] del(per, port=80) put (per, Chunk2) [Chunk2] Bro 1 Bro 2 14

  36. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) forward(port=80, Bro 2 ) NF State Manager get(per, port=80) put (per, Chunk1) [Chunk1] del(per, port=80) put (per, Chunk2) [Chunk2] Bro 1 Bro 2 14

  37. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) forward(port=80, Bro 2 ) NF State Manager get(per, port=80) put (per, Chunk1) [Chunk1] del(per, port=80) put (per, Chunk2) [Chunk2] Bro 1 Bro 2 Also provide copy and share 14

  38. Challenges 1. Supporting many NFs with minimal changes 2. Dealing with race conditions 3. Bounding overhead 15

  39. Lost updates during move detect- MHR Bro 1 Bro 2 16

  40. Lost updates during move detect- MHR R1 B1 Bro 1 Bro 2 16

  41. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR R1 B1 Bro 1 Bro 2 16

  42. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR R1 B1 Bro 1 Bro 2 16

  43. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing R1 state B1 R2 Bro 1 Bro 2 16

  44. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing R2 R1 state B1 Bro 1 Bro 2 16

  45. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing R2 R1 state B1 Bro 1 Bro 2 16

  46. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing Missing R2 R1 state updates B1 R3 Bro 1 Bro 2 16

  47. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing Missing R2 R1 state updates B1 R3 Bro 1 Bro 2 16

  48. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing Missing R2 R1 state updates B1 R3 Bro 1 Bro 2 Loss-free: All state updates should be reflected in the transferred state, and all packets should be processed • Split/Merge [NSDI ‘13] : pause traffic, buffer packets – Packets in-transit when buffering starts are dropped 16

  49. NF API: observe/prevent updates using events NF R1 Only need to change an NF’s receive packet function! 17

  50. Use events for loss-free move R1 Bro 1 Bro 2 18

  51. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 R1 Drop Bro 1 Bro 2 18

  52. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 Drop Bro 1 Bro 2 R1 18

  53. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 Drop R2 Bro 1 Bro 2 R1 18

  54. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller Drop Bro 1 Bro 2 R1 R2 18

  55. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller 4. put on Bro 2 R1 Drop Bro 1 Bro 2 R2 18

  56. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller 4. put on Bro 2 5. Flush packets in events to Bro 2 R1,R2 R1 Drop Bro 1 Bro 2 18

  57. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller 4. put on Bro 2 5. Flush packets in events to Bro 2 R1,R2 R1 Drop 6. Update Bro 1 Bro 2 forwarding 18

  58. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller 4. put on Bro 2 5. Flush packets in events to Bro 2 R1,R2,R3 R1,R2 R1 Drop 6. Update Bro 1 Bro 2 forwarding 18

  59. Re-ordering of packets • False positives from Bro’s weird script Switch Bro 2 Bro 1 Controller 19

  60. Re-ordering of packets • False positives from Bro’s weird script Switch Bro 2 Bro 1 Controller 5. Flush buffer R2 R2 R2 19

  61. Re-ordering of packets • False positives from Bro’s weird script Switch Bro 2 Bro 1 Controller 5. Flush buffer R2 6. Request R2 forwarding update R2 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash,

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash,

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1 Network functions (NFs) Perform sophisticated stateful actions

770 views • 76 slides
OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash,

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash,

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1 Network functions (NFs) Perform sophisticated stateful actions

361 views • 32 slides
Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert

Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1 Network functions (NFs) Perform sophisticated stateful actions

925 views • 44 slides
Network Function Insertion for Reliable and Secure Control Messaging Over Commodity Transport

Network Function Insertion for Reliable and Secure Control Messaging Over Commodity Transport

Network Function Insertion for Reliable and Secure Control Messaging Over Commodity Transport Deniz Gurkan, Nicholas Bastin, Stuart Baxley University of Houston Funded by the U.S. Department of Energy and the U.S. Department of Homeland

541 views • 15 slides
Value function and optimal trajectories for a control problem with supremum cost function and

Value function and optimal trajectories for a control problem with supremum cost function and

Value function and optimal trajectories for a control problem with supremum cost function and state constraints Hasnaa Zidani ENSTA ParisTech, University of Paris-Saclay joint work with: A. Assellaou, &amp; O. Bokanowski, &amp; A. Desilles

448 views • 41 slides
1 b. Implement the function using a minimal network of 4:1 multiplexers. The truth table using a ,

1 b. Implement the function using a minimal network of 4:1 multiplexers. The truth table using a ,

CSE140 Exercise Solutions m (0 , 2 , 4 , 6 , 7) + d (1). I. Given a three-input Boolean function f ( a, b, c ) = a. Implement the function using a minimal network of 2:4 decoders and OR gates. Standard solution : Use a as the enable signal,

407 views • 12 slides
SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose

SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose

SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose Purpose To tie SLAC control points to existing coordinate system &amp; datum. (ie. NAD 83 CA State Plane Zone 3, UTM Zone 10, WGS84) Network

372 views • 14 slides
Diffusing Your Mobile Apps: Extending In-Network Function Virtualisation to Mobile Function

Diffusing Your Mobile Apps: Extending In-Network Function Virtualisation to Mobile Function

Diffusing Your Mobile Apps: Extending In-Network Function Virtualisation to Mobile Function Offloading Mario Almeida, Liang Wang*, Jeremy Blackburn, Konstantina Papagiannaki, Jon Crowcroft* Telefonica Research, ES University of

903 views • 26 slides
Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane traditional (intra-domain) routing algorithms SDN controllers and their instantiation, implementation in the Internet: OSPF, RIP, OpenFlow, ODL

1.31k views • 75 slides
Maria Bulatova, Daria Kolistratova Background Network Function (NF) a component of a network

Maria Bulatova, Daria Kolistratova Background Network Function (NF) a component of a network

Maria Bulatova, Daria Kolistratova Background Network Function (NF) a component of a network infrastructure with well defined interfaces and behavior ( routing, network address translation (NAT), firewall, etc.). Traditional NFs:

224 views • 19 slides
Eliminating Adverse Control Plane Interactions in Independent Network Systems Matthew K.

Eliminating Adverse Control Plane Interactions in Independent Network Systems Matthew K.

Eliminating Adverse Control Plane Interactions in Independent Network Systems Matthew K. Mukerjee Computer Science PhD Thesis Defense May 1st, 2018 Network Control CDN server selection Routing Congestion Control VM migration Network

1.71k views • 131 slides
CONTROL YOUR CARGO. CONTROL YOUR NETWORK. CONTROL YOUR BRAND. APRIL 2019

CONTROL YOUR CARGO. CONTROL YOUR NETWORK. CONTROL YOUR BRAND. APRIL 2019

CONTROL YOUR CARGO. CONTROL YOUR NETWORK. CONTROL YOUR BRAND. APRIL 2019 annika@sensortransport.com THE PROBLEM Status of Cargo Status of Shipment $100 BILL LOST ANNUALLY FROM DAMAGE Manual Delivery AND THEFT THE SOLUTION A

2.74k views • 9 slides
Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control

Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control

Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control Systems Research Philipp Mieden &amp; Rutger Beltman, 2020 Supervisor: Bartosz Czaszynski, Deloitte Industrial Network VS Corporate Network 2

379 views • 35 slides
Function Approximation for (on policy) Prediction and Control Lecture 8, CMU 10-403 Katerina

Function Approximation for (on policy) Prediction and Control Lecture 8, CMU 10-403 Katerina

Carnegie Mellon School of Computer Science Deep Reinforcement Learning and Control Function Approximation for (on policy) Prediction and Control Lecture 8, CMU 10-403 Katerina Fragkiadaki Used Materials Disclaimer : Much of the material

642 views • 41 slides
The Gas Network Control Problem and How to Approach It Felix Hennings Combinatorial Optimization

The Gas Network Control Problem and How to Approach It Felix Hennings Combinatorial Optimization

The Gas Network Control Problem and How to Approach It Felix Hennings Combinatorial Optimization @ Work 2020 The Gas Network Control Problem General description Optimization of short-term transient gas network control of large real-world

917 views • 39 slides
Unemployment Duration and Re-employment Wages: A Control Function Approach Marta C. Lopes 1 1

Unemployment Duration and Re-employment Wages: A Control Function Approach Marta C. Lopes 1 1

Unemployment Duration and Re-employment Wages: A Control Function Approach Marta C. Lopes 1 1 NovaSBE, Universidade Nova de Lisboa 23 rd London Stata User Group Meeting September 7, 2017 Marta C. Lopes (NovaSBE) A Control Function Approach

669 views • 38 slides
The State of NeXus . Tobias Richter Diamond Light Source and NeXus International Advisory

The State of NeXus . Tobias Richter Diamond Light Source and NeXus International Advisory

. The State of NeXus . Tobias Richter Diamond Light Source and NeXus International Advisory Committee NOBUGS 2014 Tobias Richter (DLS &amp; NIAC) The State of NeXus NOBUGS 2014 1 / 17 What this talk is not about There is no report from:

743 views • 17 slides
Con$nuous Accelera$on Accelera$ng Innova$on with So6ware Supply Chain Management Ilkka Turunen

Con$nuous Accelera$on Accelera$ng Innova$on with So6ware Supply Chain Management Ilkka Turunen

Con$nuous Accelera$on Accelera$ng Innova$on with So6ware Supply Chain Management Ilkka Turunen SOLUTIONS ARCHITECT EMEA / APJ Spoiler: We can learn from this Automa$on Integra$on Ecosystems A driving force: Suppor$ng millions of

770 views • 28 slides
Allowable and Unallowable Costs Audio is only available by conference call Please call:

Allowable and Unallowable Costs Audio is only available by conference call Please call:

Allowable and Unallowable Costs Audio is only available by conference call Please call: 877-692-8953 Participant Access Code: 1514610 to join the conference call portion of the webinar OFFICE OF HOUSING COUNSE July 28, 2020 LING Webinar

879 views • 42 slides
EdgeBalance: Model-Based Load Balancing for Network Edge Data Planes Wei Zhang , Abhigyan

EdgeBalance: Model-Based Load Balancing for Network Edge Data Planes Wei Zhang , Abhigyan

EdgeBalance: Model-Based Load Balancing for Network Edge Data Planes Wei Zhang , Abhigyan Sharma * , Timothy Wood George Washington University * AT&amp;T Labs Research 1 Outline Background and Motivation EdgeBalance Design

790 views • 25 slides
VigNAT: A Formally Verified NAT Arseniy Zaostrovnykh, Solal Pirelli, Luis Pedrosa, Katerina

VigNAT: A Formally Verified NAT Arseniy Zaostrovnykh, Solal Pirelli, Luis Pedrosa, Katerina

VigNAT: A Formally Verified NAT Arseniy Zaostrovnykh, Solal Pirelli, Luis Pedrosa, Katerina Argyraki, George Candea Formally verify a stateful NF with competitive performance and reasonable human effort 2 Formally verify a stateful NF with

836 views • 81 slides
(Asymptotic) Safety in QFT Francesco Sannino Plan Meaning of fundamental From complete

(Asymptotic) Safety in QFT Francesco Sannino Plan Meaning of fundamental From complete

(Asymptotic) Safety in QFT Francesco Sannino Plan Meaning of fundamental From complete freedom to complete safety Controllable asymp. safe theory in 4D a-theorem for asymptotic safety Asymptotically safe thermodynamics and

727 views • 61 slides
CS 61A Discussion 10 Streams (and Interpreters) Albert Xu Kaavya Shah Slides:

CS 61A Discussion 10 Streams (and Interpreters) Albert Xu Kaavya Shah Slides:

CS 61A Discussion 10 Streams (and Interpreters) Albert Xu Kaavya Shah Slides: albertxu.xyz/teaching/cs61a/ *part of these slides sourced from Jemmy and Is Final Review Fall 18 Streams Streams are lazy linked lists - the first element

334 views • 21 slides
Application of Information or How I learnt to stop Theory to Fault worrying and love the

Application of Information or How I learnt to stop Theory to Fault worrying and love the

p ( x ) log 2 p ( x ) x X X ) = CREST Open Workshop #41 Application of Information or How I learnt to stop Theory to Fault worrying and love the bomb entropy Localisation by Shin Yoo This talk is Not a theoretical

599 views • 22 slides

More recommend