troubleshooting for intent based networking
play

Troubleshooting for Intent-based Networking Joon-Myung Kang and - PowerPoint PPT Presentation

Sep 25, 2022 •241 likes •613 views

Open Networking Summit 2017 Troubleshooting for Intent-based Networking Joon-Myung Kang and Mario A. Snchez Hewlett Packard Labs Intent-based Networking Policy Graph Abstraction and Demo Troubleshooting and Demo QnA 2 Software-Defined

  1. Open Networking Summit 2017 Troubleshooting for Intent-based Networking Joon-Myung Kang and Mario A. Sánchez Hewlett Packard Labs

  2. Intent-based Networking Policy Graph Abstraction and Demo Troubleshooting and Demo QnA 2

  3. Software-Defined Networking Application Plane (SDN Apps) Open APIs SDN Northbound Interfaces Program Languages Control Plane (OpenDaylight, ONOS, etc.) Abstraction Vendor specific Infrastructure Control Interfaces Low-level specifics Manual operations Infrastructure (Data) Plane (Cloud/IT/SDN/NFV) … 3

  4. Software-Defined Networking Application Plane (SDN Apps) Open APIs SDN Northbound Interfaces Program Languages Control Plane (OpenDaylight, ONOS, etc.) Abstraction Vendor specific Infrastructure Control Interfaces Low-level specifics Manual operations Infrastructure (Data) Plane (Cloud/IT/SDN/NFV) … 4

  5. Intent-based Networking Application Plane − Application Plane says “What” (doesn’t care how) (SDN Apps) − Control Plane reasons “How” (doesn’t care why) INTENT North Bound Interface Intent − “what”, not “how” (non-prescriptive) Control Plane − Is portable (OpenDaylight, ONOS, etc.) − Is universal − Is compose-able Infrastructure Control Interfaces − Is invariant − Is scale-able Intent Infrastructure (Data) Plane Prescription (Cloud/IT/SDN/NFV) “I want my headache “Give me two to stop” aspirins” Source: Dave Lenrow, “Intent As The Common Interface to Network Resources,” Intent Based Network Summit 2015 ONF Boulder: Intent NBI 5

  6. Intent-based Networking Examples WEB/Gold/Working Hour No connect/Wireless Configure new guest WiFi 6

  7. Intent-based Networking Examples WEB/Gold/Working Hour INVISIBLE No connect/Wireless Configure new guest WiFi 7

  8. Intent-based Networking Open Source Efforts – ONF Open Source SDN Boulder – Define Intent North Bound Interface (NBI) – http://opensourcesdn.org/projects/project-boulder-intent-northbound-interface-nbi/ – https://community.opensourcesdn.org/wg/IntentNBI/dashboard ONF Intent NBI – Definition and Principles, Draft Version 6, Sep. 2016 – OpenDaylight NIC – Network Intent Composition – Manage and direct network services and network resources based on the given “Intent” – https://wiki.opendaylight.org/view/Network_Intent_Composition:Main https://wiki.opendaylight.org/view/Network_Intent_Composition:Graph – ONOS Intent Framework – Allows applications to specify their network control desires in form of policy rather than mechanism (Intent) – https://wiki.onosproject.org/display/ONOS/Intent+Framework 8

  9. Policy Graph Abstraction (PGA) PGA overview Troubleshooting for Intent-based Networking 9

  10. PGA is Real Public resources Research Paper and Demo Running System and Open Source Contributions ACM SIGCOMM 2015 OpenStack Summit London, UK 2015, 2016 OpenDaylight Summit 2015, 2016 10

  11. Policy Management in Practice 11

  12. Policy Graph Abstraction (PGA) Policy sources Graph abstraction Unified, conflict-free policy graph Deploy DNS DPI DPI DNS DNS HTTP Mktg&Cmp-B Engg&Cmp-A FW LB BC graph &Normal &Normal BC Ping,SSH composition sync, SQL, monitor monitor HTTP Web& DB& FW LB BC BC Cloud Cloud Remedy Engg&Cmp-A * BC Quarantined &Qn monitor Service monitor Remedy BC Service Mktg&Cam-B * &Qn 12

  13. PGA Example − Label namespace across cloud services and network, capturing overlap vs. disjoint relations between labels CPU Utilization > 90% <= 90% 13

  14. PGA Example − Label namespace across cloud services and network, capturing overlap vs. disjoint relations between labels − 4 individual input policies (a) Enterprise IT admin (b) Application admin (a) Departments admin sync HTTP SQL Ping,SSH Mktg Empl LB Engg. Web DB (c) SDN app: HPE Net Protector (d) Cloud operator BC * DNS * BC Normal DPI FW Cloud DNS Campus monitor * Remedy Quarantined Cloud Service Label Namespace Tenant Label Mappings Location Status Empl App Engg: Campus-A Cloud Campus Web DB Net Mktg: Campus-B Protector Application: Cloud disjoint Cmp-B Engg Mktg Cmp-A Empl: Net protector Normal Qn 14

  15. PGA Example − 4 individual input policies − Label namespace across cloud services and network, capturing overlap vs. disjoint relations between labels − Proactive, automatic composition − Scalable algorithm: 13 mins to compose 20K ACL + service chain policies compose (a) Enterprise IT admin (b) Application admin (a) Departments admin sync HTTP SQL Ping,SSH Mktg Empl LB Engg. Web DB DNS (c) SDN app: HPE Net Protector (d) Cloud operator DPI DPI BC * DNS * DNS DNS BC Normal DPI FW Cloud DNS Campus HTTP Mktg&Cmp-B Engg&Cmp-A FW LB BC monitor &Normal &Normal BC * Remedy Ping,SSH Quarantined Cloud Service sync, monitor SQL, monitor HTTP Web& FW LB BC DB& BC Label Namespace Cloud Cloud Tenant Label Mappings Location Status Empl App Engg&Cmp-A * BC &Qn monitor Engg: Campus-A Cloud Campus Web DB monitor Remedy Net Mktg: Campus-B BC Protector Service Application: Cloud disjoint Cmp-B Engg Mktg Cmp-A Mktg&Cam-B Empl: Net protector * &Qn Normal Qn 15

  16. PGA Current status PGA implementation and impact − PGA model, composition, deployment, and tool to convert ACL policy configuration to PGA intent specification − PGA prototype for OpenStack (Juno ~ Newton) − PGA Intent APIs and graph compiler contributed to ODL/NIC Beryllium release − Troubleshooting for intent based policy management − Conflict detection − Composition correctness verification − Intent addition/modification/deletion 16

  17. Live Demo PGA Basic Operations 17

  18. PGA Demo 18

  19. Troubleshooting With Intent-based Networking

  20. Network debugging/troubleshooting a difficult task NO CONNECT WEB Policy tcpdump ping traceroute Network SNMP sflow Picture sources: http://simplearchitectures.blogspot.com/2013/08/addressing-data-center-complexity.html Picture source: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/ServerFarmSec_2- 1/ServSecDC/8_NIDS.html http://www.ntstn.com/category/troubleshooting/network- troubleshooting

  21. Systematic troubleshooting –Know intent of the operator Difficult to achieve in legacy networks –Check network behavior against operator intent Intent-based networking Opportunity to –Policy is a first-class citizen rethink network debugging –Intent explicitly expressed at policy layer –Forwarding semantics explicitly defined –Code compiles policy description into lower-level configuration

  22. Intent-based Networking – Control Apps Application Plane – Specify routing/access control policies (SDN Apps) – Logical view – Simplified/abstract representation of network INTENT North Bound Interface – Physical view – One-to-one correspondence with the physical network Controller Plane – Controller’s job to configure the network devices (OpenDaylight, ONOS, etc.) (OpenFlow) Infrastructure Control Interfaces Infrastructure (Data) Plane (Cloud/IT/SDN/NFV)

  23. Intent-based Networking – Control Apps Application Plane – Specify routing/access control policies (SDN Apps) – Logical view – Simplified/abstract representation of network INTENT North Bound Interface • Each layer performs one piece of translation process – Physical view – One-to-one correspondence with the physical network • Every layer should correctly map to every other layer Controller Plane – Controller’s job to configure the network devices (OpenDaylight, ONOS, etc.) (OpenFlow) • Most errors in SDN are mistranslations between layers Infrastructure Control Interfaces Infrastructure (Data) Plane (Cloud/IT/SDN/NFV)

  24. Checking network behavior against intent –Early debugging tools for OpenFlow-enabled networks –Ndb, OFRewind, NetSight, netwatch, netshark, nprof… –Easier to discover the source of network problems [ Faulty device firmware, inconsistent flow rules, faulty routing…] – Testing and verification complement network troubleshooting and debugging [Loop freedom, black holes, performance of OpenFlow switches…] Too low level!

  25. Knowing the operator’s intent Does the Actual Network Behavior Match the Policy? – If NO… Match the symptoms to responsible system component – If YES… The policy itself is the problem, a human must resolve the discrepancy –If unwanted behavior persists & all state layers are equivalent : –The configured policy must not match the operator’s intent

  26. Troubleshooting System User/App 1 User/App 2 User/Appn Query Examples User Intents Query – Reachability/Connectivity checking GUI – Can A talk to B? – Security vulnerability or Risk Input graphs Results assessment Troubleshooting Metadata – Addition/removal/edition correctness PGA System Composed graph Infrastructure Controllers

  27. Troubleshooting Examples Reachability – Can A talk to B? –What EPG do nodes belong to? –Is there an edge connecting both EPGs? –What security groups should be checked? –What middleboxes should be checked?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Using Machine Learning for Intent-based Provisioning in High-Speed Science Network Hocine

Using Machine Learning for Intent-based Provisioning in High-Speed Science Network Hocine

Using Machine Learning for Intent-based Provisioning in High-Speed Science Network Hocine Mahtout, Mariam Kiran, Anu Mercian, Bashir Mohammad Lawrence Berkeley National Lab HPE SNTA 2020 1 Problem Statement Intent-based networking research

1.27k views • 26 slides
Intents and Intent Filters Intent Intent is an messaging object. There are three fundamental

Intents and Intent Filters Intent Intent is an messaging object. There are three fundamental

Intents and Intent Filters Intent Intent is an messaging object. There are three fundamental use cases: Starting an activity: Intent intent = new Intent(this, SecondActivity.class); startActivity(intent); Starting a service:

293 views • 11 slides
FOUNDATIONS OF INTENT- BASED NETWORKING Loris DAntoni Aditya Akella Aaron Gember Jacobson

FOUNDATIONS OF INTENT- BASED NETWORKING Loris DAntoni Aditya Akella Aaron Gember Jacobson

FOUNDATIONS OF INTENT- BASED NETWORKING Loris DAntoni Aditya Akella Aaron Gember Jacobson Cloud Network Enterprise Network Network Policies Enterprise Network 2 3 Tenant Network Policies Enterprise Network B A Reachability : A

635 views • 30 slides
Web-Based SIS Troubleshooting Simplifying State Reporting Cycles Agenda Resources

Web-Based SIS Troubleshooting Simplifying State Reporting Cycles Agenda Resources

Web-Based SIS Troubleshooting Simplifying State Reporting Cycles Agenda Resources Preventative Actions Troubleshooting Errors Report Verification RESOUR RESOURCES CES Resources www.apscn.org &gt; SIS

1.06k views • 76 slides
SDN controller: Intent-based Northbound Interface realization for extended applications

SDN controller: Intent-based Northbound Interface realization for extended applications

SDN controller: Intent-based Northbound Interface realization for extended applications Introduction 1. SDN Controller 2. Intent-based Northbound Interface (NBI) 3. The Intent framework in ONOS controller 4. The proposed architecture for

440 views • 18 slides
Troubleshooting &amp; Q&amp;A 1 1 SeisComP3 Troubleshooting scrttv Real Time Trace Viewer

Troubleshooting &amp; Q&amp;A 1 1 SeisComP3 Troubleshooting scrttv Real Time Trace Viewer

Troubleshooting &amp; Q&amp;A 1 1 SeisComP3 Troubleshooting scrttv Real Time Trace Viewer scqcv Quality Control GUI slinktool to check the status of the seedlink server slinktool -Q : SOME log files are in hidden .seiscomp3

192 views • 7 slides
TROUBLESHOOTING Performing basic Acronis Backup and Acronis Backup Cloud troubleshooting Acronis

TROUBLESHOOTING Performing basic Acronis Backup and Acronis Backup Cloud troubleshooting Acronis

ACRONIS BACKUP TROUBLESHOOTING Performing basic Acronis Backup and Acronis Backup Cloud troubleshooting Acronis Training and Certification Authorized Use Only 1 Module Outline 1. Acronis Backup Troubleshooting Steps 2. Acronis Support

1.13k views • 53 slides
Notice of Intent (NOI) The Notice of Intent (NOI) is not a requirement for submitting a

Notice of Intent (NOI) The Notice of Intent (NOI) is not a requirement for submitting a

7/22/2016 A New York State My Brothers Keeper Initiative RFPGC16-012 Full proposals must be postmarked by 8/22/16 Notice of Intent (NOI) The Notice of Intent (NOI) is not a requirement for submitting a complete application by the

507 views • 15 slides
Gyrus: A Framework for User-Intent Monitoring of Text-Based

Gyrus: A Framework for User-Intent Monitoring of Text-Based

Gyrus: A Framework for User-Intent Monitoring of Text-Based Networked ApplicaAons Yeongjin Jang* , Simon P. Chung*, Bryan D. Payne, and Wenke

598 views • 31 slides
Business Model-based (Intent-based) Accounting May 2012 Katherine Schipper Duke University 1

Business Model-based (Intent-based) Accounting May 2012 Katherine Schipper Duke University 1

Business Model-based (Intent-based) Accounting May 2012 Katherine Schipper Duke University 1 Overview Starting point: ICAEW (2010) paper on business models in accounting suggests it is impossible to devise a sensible approach to

689 views • 21 slides
What are the right abstractions for capturing programming and intent Discussion section Thursday

What are the right abstractions for capturing programming and intent Discussion section Thursday

What are the right abstractions for capturing programming and intent Discussion section Thursday Feb 12, 11:25-12:15 Capturing Intent Aaron Gember: Infer intent. Can you simply look at configurations or dataplane to extract intent. What

310 views • 8 slides
Automatically Generating Predicates and Solutions for Configuration Troubleshooting * Ya-Yunn Su

Automatically Generating Predicates and Solutions for Configuration Troubleshooting * Ya-Yunn Su

Automatically Generating Predicates and Solutions for Configuration Troubleshooting * Ya-Yunn Su Jason Flinn NEC Laboratories University of America Michigan Troubleshooting misconfigurations is hard! Users may have to Edit

354 views • 31 slides
Intent, Implementation, Impact Emsi Insight Event 8.30 - 9.15 Registration &amp; Breakfast

Intent, Implementation, Impact Emsi Insight Event 8.30 - 9.15 Registration &amp; Breakfast

Intent, Implementation, Impact Emsi Insight Event 8.30 - 9.15 Registration &amp; Breakfast Networking 9.15 9.30 Welcome John Gray, Director of FE, Emsi UK 9.30 10.45 Automation, Brexit and Skills Demand: trends, risks and

624 views • 48 slides
Emsi Insight Event 8.30 - 9.15 Registration &amp; Breakfast Networking 9.15 9.30 Welcome

Emsi Insight Event 8.30 - 9.15 Registration &amp; Breakfast Networking 9.15 9.30 Welcome

In Intent, Impl Impleme mentation, Impa Impact Emsi Insight Event 8.30 - 9.15 Registration &amp; Breakfast Networking 9.15 9.30 Welcome John Gray, Director of FE, Emsi UK 9.30 10.45 Automation, Brexit and Skills Demand: trends,

503 views • 49 slides
Bot-based IT Troubleshooting Benjamin Braun advised by Jonas Jelten, Simon Bauer Friday 11 th

Bot-based IT Troubleshooting Benjamin Braun advised by Jonas Jelten, Simon Bauer Friday 11 th

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Bot-based IT Troubleshooting Benjamin Braun advised by Jonas Jelten, Simon Bauer Friday 11 th January, 2019 Chair of Network Architectures and

616 views • 27 slides
(NEMO) Intent Language Bert Wijnen bwietf@bwijnen.net NEMO Language IETF95 1

(NEMO) Intent Language Bert Wijnen bwietf@bwijnen.net NEMO Language IETF95 1

(NEMO) Intent Language Bert Wijnen bwietf@bwijnen.net NEMO Language IETF95 1 What is Intent networking? Dont tell me what to do, tell me what you want. 2 (NEMO) Intent Language - IETF95 NEMO Language

425 views • 7 slides
Challenges in managing implicit and abstract provenance data: experiences with ProvManager

Challenges in managing implicit and abstract provenance data: experiences with ProvManager

Workshop on the Theory and Practice of Provenance 2011 Challenges in managing implicit and abstract provenance data: experiences with ProvManager Anderson Marinho, Marta Mattoso, Cludia Werner, Vanessa Braganholo, Leonardo Murta

785 views • 12 slides
PGA: Using Graphs to Express and Automatically Reconcile Network Policies Chaithan Prakash

PGA: Using Graphs to Express and Automatically Reconcile Network Policies Chaithan Prakash

PGA: Using Graphs to Express and Automatically Reconcile Network Policies Chaithan Prakash Jeongkeun Lee Yoshio Turner Joon-Myung Kang Aditya Akella Sujata Banerjee Charles Clark Yadi Ma Puneet Sharma Ying

615 views • 39 slides
Techniques de preuve formelle en science : le dfi. Victor Magron 1 Bonjour, je suis Victor

Techniques de preuve formelle en science : le dfi. Victor Magron 1 Bonjour, je suis Victor

Techniques de preuve formelle en science : le dfi. Victor Magron 1 Bonjour, je suis Victor Magron. Jai fini ma thse de doctorat il y a un an et depuis, je suis chercheur Postdoc en mathmatiques et en informatique. Un de mes thmes de

275 views • 3 slides
5 Intgration continue 625-1.1 Industrialisation du logiciel Bachelor en informatique de

5 Intgration continue 625-1.1 Industrialisation du logiciel Bachelor en informatique de

5 Intgration continue 625-1.1 Industrialisation du logiciel Bachelor en informatique de gestion 3IGPT/4IGTP ulysse.rosselet@he-arc.ch Analyse Conception Production Dploiement Build tools, rcapitulation Jusquici

748 views • 21 slides
Projective Geometric Algebra: A Swiss army knife for doing Cayley-Klein geometry Charles Gunn

Projective Geometric Algebra: A Swiss army knife for doing Cayley-Klein geometry Charles Gunn

Projective Geometric Algebra: A Swiss army knife for doing Cayley-Klein geometry Charles Gunn Sept. 18, 2019 at ICERM, Providence Full-featured slides available at: https://slides.com/skydog23/icerm2019. Check for updates incorporating new

1.47k views • 94 slides
DC power supplies and distribution modules for your subsystem and control protocol 11 We

DC power supplies and distribution modules for your subsystem and control protocol 11 We

Subject: Re: 2x2@MINOS electronics integeration Date: Mon, 11 Nov 2019 18:10:34 +0300 From: Nikolay Anfimov &lt;anphimov@gmail.com&gt; Dear Ting, I guessed that you discussed most of these topics with Igor who presented light readout at the

214 views • 3 slides
Celebrating 55 years of Golf in Puerto Rico Celebrating 55 years of Golf in Puerto

Celebrating 55 years of Golf in Puerto Rico Celebrating 55 years of Golf in Puerto

Celebrating 55 years of Golf in Puerto Rico Celebrating 55 years of Golf in Puerto Rico Players Tour - El Conquistador Date: February 1, 2009 Site: El Conquistador Resort 47 total participants Categories Best Rounds:

2.24k views • 77 slides
+ SKARAB A G I L E 4 0 G B E N E T W O R K E D F P G A C O M P U T E / I N S T R U M E N T P

+ SKARAB A G I L E 4 0 G B E N E T W O R K E D F P G A C O M P U T E / I N S T R U M E N T P

+ SKARAB A G I L E 4 0 G B E N E T W O R K E D F P G A C O M P U T E / I N S T R U M E N T P L A T F O R M Designed and Manufactured by Peralex Electronics Distributed worldwide by Cyntony + SKARAB IS READY FOR YOUR RESEARCH TODAY n

395 views • 27 slides

More recommend