programming the network data plane
play

Programming The Network Data Plane Changhoon Kim Beautiful ideas: - PowerPoint PPT Presentation

Oct 14, 2023 •15 likes •455 views

Programming The Network Data Plane Changhoon Kim Beautiful ideas: What if you could Realize a small, but super-fast DNS cache Perform TCP SYN authentication for billions of SYNs per sec Build a replicated key-value store ensuring

  1. Programming The Network Data Plane Changhoon Kim

  2. Beautiful ideas: What if you could … • Realize a small, but super-fast DNS cache • Perform TCP SYN authentication for billions of SYNs per sec • Build a replicated key-value store ensuring RW ops in a few usecs • Improve your consensus service performance by ~100x • Boost your Memcached cluster’s throughput by ~10x • Speed up your DNN training dramatically by realizing parameter servers … using switches in your network? 2

  3. You couldn’t do any of those so far because … • No DIY – must work with vendors at feature level • Excruciatingly complicated and involved process to build consensus and pressure for features • Painfully long and unpredictable lead time • To use new features, you must get new switches • What you finally get != what you asked for 3

  4. This is very unnatural to developers • Because you all know how to realize your own ideas by “programming” CPUs – Programs used in every phase (implement, test, and deploy) – Extremely fast iteration and differentiation – You own your own ideas – A sustainable ecosystem where all participants benefit Can we replicate this healthy, sustainable ecosystem for networking? 4

  5. Reality: Packet forwarding speeds 6.4Tb/s 100000 10000 Switch Chip 1000 CPU 100 Gb/s (per chip) 10 1 0.1 1990 1995 2000 2005 2010 2015 2020 5

  6. Reality: Packet forwarding speeds 6.4Tb/s 100000 10000 Switch Chip 80x 1000 CPU 100 Gb/s (per chip) 10 1 0.1 1990 1995 2000 2005 2010 2015 2020 6

  7. What does a typical switch look like? A switch is just a Linux box with a high-speed switching chip Switch OS Protocol Daemons Other Mgmt ( Linux variant ) Just S/W -- You can … (BGP, OSPF, etc.) Apps freely change this Control plane Run-time API PCIe Chip Driver Fixed-function H/W -- There’s nothing Data plane you can change here … L2 L3 ACL Forwarding Routing Table Table Table packets packets 7

  8. Networking systems have been built “bottoms-up” Switch OS in English API “This is roughly how I process packets …” Fixed-function switch

  9. Turning the tables “top-down” Switch OS in P4 API “This is precisely how you must process packets” Programmable Switch

  10. “ Programmable switches are 10 -100x slower than fixed-function switches. They cost more and consume more power. ” Conventional wisdom in networking

  11. Evidence: Tofino 6.5Tb/s switch (arrived Dec 2016) The world’s fastest and most programmable switch. No power, cost, or power penalty compared to fixed-function switches. An incarnation of PISA (Protocol Independent Switch Architecture)

  12. Domain-specific processors Machine Signal Computers Graphics Networking Learning Processing Java OpenCL Matlab Language TensorFlow >>> Compiler Compiler Compiler Compiler Compiler ? ? TPU CPU GPU DSP

  13. Domain-specific processors Machine Signal Computers Graphics Networking Learning Processing P4 Java OpenCL Matlab TensorFlow >>> Compiler Compiler Compiler Compiler Compiler ? PISA TPU CPU GPU DSP

  14. PISA: An architecture for high-speed programmable packet forwarding 14

  15. PISA: Protocol Independent Switch Architecture Match Action Memory ALU Programmable Parser 15

  16. PISA: Protocol Independent Switch Architecture Ingress Buffer Egress Programmable Parser 16

  17. PISA: Protocol Independent Switch Architecture Match Logic Action Logic (Mix of SRAM and TCAM for lookup tables, (ALUs for standard boolean and arithmetic operations, Programmable counters, meters, generic hash tables) header modification operations, hashing operations, etc.) Packet Generator Buffer Programmable M A M A Parser … … Ingress match-action stages (pre-switching) Egress match-action stages (post-switching) Recirculation CPU (Control plane) Generalization of RMT [sigcomm’13] 17

  18. Why we call it protocol-independent packet processing 18

  19. Device does not understand any protocols until it gets programmed IPv4 L2 ACL IPv6 Logical Data-plane View (your P4 program) Switch Pipeline packet packet packet packet Programmable Action ALUs Action ALUs Action ALUs Action ALUs Match Table Match Table Match Table Match Table Queues Fixed Action Parser CLK 19

  20. (your P4 program) Logical Data-plane View Switch Pipeline Programmable Parser Mapping logical data-plane design to Match Table L2 Table L2 L2 Action ALUs L2 Action Macro physical resources Match Table IPv4 Table Action ALUs v4 Action Macro IPv4 IPv4 IPv6 IPv6 Match Table IPv6 Table Action ALUs v6 Action Macro ACL ACL Match Table ACL Table Action ALUs ACL Action Macro CLK Queues 20

  21. Switch Pipeline (your P4 program) Logical Data-plane View Programmable Parser L2 Table L2 L2 Action Macro Re-program in the field MyEncap MyEncap My IPv4 IPv4 Table Encap v4 Action Macro Action Action IPv6 IPv6 Table IPv4 IPv6 IPv4 IPv6 Action Action v6 Action Macro ACL Table ACL Action Macro CLK ACL Queues 21

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Network Data Plane Network Data Plane Network Data Plane (S. S. Lam) 3/23/2017 1 Network layer

Network Data Plane Network Data Plane Network Data Plane (S. S. Lam) 3/23/2017 1 Network layer

Network Data Plane Network Data Plane Network Data Plane (S. S. Lam) 3/23/2017 1 Network layer d li delivers segments from s s ts f sending to receiving host application transport network sender encapsulates segments p g

912 views • 44 slides
Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control

Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control

Network Attacks I Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control Plane To support data delivery (efficiently, reliably, and etc.) Routing information exchange In some sense, every protocol except data

751 views • 51 slides
SCION: Data Plane Overview Adrian Perrig Network Security Group, ETH Zrich SCION Data Plane

SCION: Data Plane Overview Adrian Perrig Network Security Group, ETH Zrich SCION Data Plane

SCION: Data Plane Overview Adrian Perrig Network Security Group, ETH Zrich SCION Data Plane Overview Data plane: How to send packets [Chapter 2.2, Chapter 8] Path lookup Path combination Path encoding in packet 2 Path

387 views • 18 slides
Building a Fast, Virtualized Building a Fast, Virtualized Data Plane with Data Plane with

Building a Fast, Virtualized Building a Fast, Virtualized Data Plane with Data Plane with

Building a Fast, Virtualized Building a Fast, Virtualized Data Plane with Data Plane with Programmable Hardware Programmable Hardware Bilal Anwer Nick Feamster 1 Network Virtualization Network Virtualization Network virtualization enables

299 views • 27 slides
Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane traditional (intra-domain) routing algorithms SDN controllers and their instantiation, implementation in the Internet: OSPF, RIP, OpenFlow, ODL

1.31k views • 75 slides
Network Layer Part A (IPv6) Network Layer 4-1 Chapter 4: outline 4.1 Overview of Network

Network Layer Part A (IPv6) Network Layer 4-1 Chapter 4: outline 4.1 Overview of Network

Network Layer Part A (IPv6) Network Layer 4-1 Chapter 4: outline 4.1 Overview of Network 4.4 Generalized Forward and layer SDN data plane match control plane action 4.2 What s inside a router OpenFlow examples of

941 views • 55 slides
Network Layer: The Data Plane Network Layer Overview Router Architecture Network

Network Layer: The Data Plane Network Layer Overview Router Architecture Network

Network Layer: The Data Plane Network Layer Overview Router Architecture Network Layer Functions and Service Models Network Layer Functions IP Addressing Network Service Models: Virtual Circuit vs. Datagram

1.18k views • 63 slides
Network Programming Network Programming as Programming across Machine Boundaries The

Network Programming Network Programming as Programming across Machine Boundaries The

CPSC-313: Introduction to Computer Systems Networking Programming Network Programming Network Programming as Programming across Machine Boundaries The Sockets API Reliable Communication Channels: TCP Dangerous at any Speed;

552 views • 14 slides
PdP: Parallelizing Data Plane in Virtual Network Substrate Yong Liao, Dong Yin, Lixin Gao

PdP: Parallelizing Data Plane in Virtual Network Substrate Yong Liao, Dong Yin, Lixin Gao

PdP: Parallelizing Data Plane in Virtual Network Substrate Yong Liao, Dong Yin, Lixin Gao University of Massachusetts at Amherst Network Virtualization Platform Multiple heterogeneous concurrent virtual networks Flexibility

669 views • 13 slides
Fast Testing Network Data Plane with RuleChecker Peng Zhang, Cheng Zhang, and Chengchen Hu

Fast Testing Network Data Plane with RuleChecker Peng Zhang, Cheng Zhang, and Chengchen Hu

Fast Testing Network Data Plane with RuleChecker Peng Zhang, Cheng Zhang, and Chengchen Hu Department of Computer Science and Technology MOE Key Lab for Intelligent Networks and Network Security Xian Jiaotong University Monocle and RuleScope

388 views • 10 slides
ABSTRACTIONS OF THE DATA PLANE DIMACS Working Group on Abstractions for Network Services,

ABSTRACTIONS OF THE DATA PLANE DIMACS Working Group on Abstractions for Network Services,

ABSTRACTIONS OF THE DATA PLANE DIMACS Working Group on Abstractions for Network Services, Architecture, and Implementation Pamela Zave AT&T LaboratoriesResearch Florham Park, New Jersey, USA joint work with Jennifer Rexford, Princeton

347 views • 33 slides
Network Layer (The Data Plane): Recap Network Layer Overview Router Architecture

Network Layer (The Data Plane): Recap Network Layer Overview Router Architecture

Network Layer (The Data Plane): Recap Network Layer Overview Router Architecture Network Layer Functions and Service Models Network Layer Functions IP Addressing DHCP Network Service Models: Virtual Circuit

745 views • 56 slides
1 Background | Problems | Challenges | Design | Evaluation | Summary Control Plane Applications

1 Background | Problems | Challenges | Design | Evaluation | Summary Control Plane Applications

SPEED Resource-Ef+icient and High-Performance Deployment for Data Plane Programs Xiang Chen , Hongyan Liu, Qun Huang, Peiqiao Wang, Dong Zhang, Haifeng Zhou, Chunming Wu Control Plane Applications Monitor Security Routing Data Plane

826 views • 45 slides
Towards Nirvana Stack: OpenDaylight Network Control Solution with FD.io Data plane Srikanth

Towards Nirvana Stack: OpenDaylight Network Control Solution with FD.io Data plane Srikanth

Towards Nirvana Stack: OpenDaylight Network Control Solution with FD.io Data plane Srikanth Vavilapalli, Ericsson; Andre Fredette, Redhat OpenStack Summit 2017- Boston Nirvana SDN Stack Applicable Projects Neutron (+Gluon Innovations)

696 views • 16 slides
Internet Control Plane Security Yongdae Kim KAIST Two Planes Data Plane: Actual data

Internet Control Plane Security Yongdae Kim KAIST Two Planes Data Plane: Actual data

Internet Control Plane Security Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control Plane To support data delivery (efficiently, reliably, and etc.) Routing information exchange In some sense, every protocol

396 views • 39 slides
States on a (Data) Plane Jennifer Rexford Traditional data planes are stateless 1 Software

States on a (Data) Plane Jennifer Rexford Traditional data planes are stateless 1 Software

States on a (Data) Plane Jennifer Rexford Traditional data planes are stateless 1 Software Defined Networks (SDN) Program your network from a logically central point! 2 OpenFlow Rule Tables action match Prio 1 dstip = 10.0.0.1 outport

665 views • 35 slides
New Networking Features in FreeBSD 6.0 Andr Oppermann <andre@FreeBSD.org> EuroBSDCon 05

New Networking Features in FreeBSD 6.0 Andr Oppermann <andre@FreeBSD.org> EuroBSDCon 05

New Networking Features in FreeBSD 6.0 Andr Oppermann <andre@FreeBSD.org> EuroBSDCon 05 Basel, 27. November 2005 New Networking Features in FreeBSD 6.0 - EuroBSDCon 05 - 27. November 2005 - <andre@FreeBSD.org> Page 1 of 23

455 views • 23 slides
Software Defined Security Reloaded Open Infrastructure Summit, Shanghai Nov 4, 2019 Ash

Software Defined Security Reloaded Open Infrastructure Summit, Shanghai Nov 4, 2019 Ash

Software Defined Security Reloaded Open Infrastructure Summit, Shanghai Nov 4, 2019 Ash Bhalgat (Sr. Director, Cloud Marketing, Mellanox Technologies) Yossef Efraim (Director, Software Development, Mellanox Technologies) Zhike Wang (JD

487 views • 38 slides
Network Traffic Analysis and Intrusion Detection using Packet Sniffer Guanqun Wang Supervisor:

Network Traffic Analysis and Intrusion Detection using Packet Sniffer Guanqun Wang Supervisor:

Network Traffic Analysis and Intrusion Detection using Packet Sniffer Guanqun Wang Supervisor: Prof. Nirmalya Roy Introduction The paper is from 2010 Second International Conference on Communication Software and Networks; Basic

517 views • 15 slides
1 Vulnerability in WPA2 Hole196 Hole196 Vulnerability in WPA2 Presenters: Anthony Paladino,

1 Vulnerability in WPA2 Hole196 Hole196 Vulnerability in WPA2 Presenters: Anthony Paladino,

1 Vulnerability in WPA2 Hole196 Hole196 Vulnerability in WPA2 Presenters: Anthony Paladino, Managing Director, Systems Engineering Dr. Kaustubh Phanse, Principal Wireless Architect Md. Sohail Ahmad, Senior Security Researcher Moderator: Della

314 views • 29 slides
Deeply Programmable Network (DPN) and Advanced Network Virtualization Aki Nakao The University

Deeply Programmable Network (DPN) and Advanced Network Virtualization Aki Nakao The University

Deeply Programmable Network (DPN) and Advanced Network Virtualization Aki Nakao The University of Tokyo 2012/11/27 1 OpenFlow SDN OpenFlow Controller Fixed Data Plane Fixed Control Plane (OpenFlow API) Flow Pattern Match

626 views • 23 slides
Evaluation of SDN Controller and Its Impact on Information-Centric Networking (ICN) Overview, Use

Evaluation of SDN Controller and Its Impact on Information-Centric Networking (ICN) Overview, Use

Evaluation of SDN Controller and Its Impact on Information-Centric Networking (ICN) Overview, Use Cases and Performance Evaluation Karim Md Monjurul 27-12-2018 School of Computer Science, Beijing Institute of Technology Table of contents 1.

560 views • 45 slides
Applying F(I)MEA Technique for SDN/OpenFlow Security Analysis Green Kim greenkim@konkuk.ac.kr

Applying F(I)MEA Technique for SDN/OpenFlow Security Analysis Green Kim greenkim@konkuk.ac.kr

Applying F(I)MEA Technique for SDN/OpenFlow Security Analysis Green Kim greenkim@konkuk.ac.kr Contents 1. Introduction 1.1 Motivation 1.2 Related Works Analysis 1.2.1 OpenFlow: A Security Analysis 1.2.2 OpenFlow Vulnerability Assessment

345 views • 30 slides
Secure Kubernetes Container Workloads with Production-Grade Networking Cynthia Thomas Irena

Secure Kubernetes Container Workloads with Production-Grade Networking Cynthia Thomas Irena

Secure Kubernetes Container Workloads with Production-Grade Networking Cynthia Thomas Irena Berezovsky Tim Hockin CIA IT operations have top secret apps for their agents, most of which require isolation Antoni is in Ops and wants to help CIA

458 views • 31 slides

More recommend