Extending OpenFlow for Managing Service Insertion and Payload Inspection

Transcription

1 Extending OpenFlow for Managing Service Insertion and Payload Inspection Robinson Udechukwu Dr. Rudra Dutta Dept. of, North Carolina State University

2 Outline Big Picture What is OpenFlow Contribution: External Processing Box Design Experiment Results

3 Big Picture Software Defined Networking - a new paradigm for agile network policy evolution l Separation of policy and mechanism l OpenFlow: an open API between the two l Allows software realization of definitive network components: architectural, mgmt and control l Forwarding has to be wirespeed: need hardware l Anything on policy box may be software: agile traffic engineering

4 Big Picture Problem: limited reach of traffic engineering application definition l OpenFlow limits flow definition to L2, L3, L4 l Cannot expand broadly (say, L7) without sacrificing performance of forwarding engine l Cannot outsource to policy box without sacrificing scalability of separation

5 Big Picture Our contribution l Propose, design, and demonstrate "helper box" idea l Specific extensions to flow definition in a separate box that can be optionally attached to mechanism box l Optionally traversed by data packets on need basis l Seamlessly controlled by the policy box with a natural extension of OpenFlow

6 OUR PROPOSED SOLUTION: EXTERNAL PROCESSING BOX

7 Proposed Solution Allows the forwarding engine to outsource traffic examination for L7 information This External Processing box, provides a middle ware platform for Deep Packet Inspection (DPI) programs

8 Proposed Solution Assess this system by evaluating the perceived video quality on subjective and objective video assessment tools

9 EXTERNAL PROCESSING BOX - DESIGN

10 Inside the External Processing Box 3 k Datapath Control data? 6 Yes External Processing OpenFlow Dissector Policy Interface Legend Faux Packet with OFP Encapsulated Data Data DPI Rules Writes a DPI Rule 4 7 No DPI Engine Restarts DPI Engine 4 Traffic Shaper Sends OFP formatted payload DPI defined Alert Packet k: packet is RTSP, send to 3 packet is RTP, send to 2 Packet is RTCP, send to either 2 or 3 based on its source port Else drop the packet Data Plane Data with a assigned VLAN ID attached

11 EPB Components description OpenFlow Dissector Parses EPB Policy Message from the UDP packet and transmits it to the Policy Interface Policy Interface Transforms received EPB Policy Messages into DPI Rules semantics. DPI Rules Maintains a set of rules which the DPI Engine will allow access to the Traffic Shaper DPI Engine Packet sniffer application that categorizes the packet for shaping by the Traffic Shaper Traffic Shaper Shapes traffic using VLAN tags based on DPI Engine categorization of the packet

12 Bits on the wire: OFP Experimenter Action Offset Octet Octet Bits Type Length 4 32 Control Port Data Port Library ID Library OpDons 8 64 Library OpDons Library OpDons External Processing Search Field Type Search Field Length External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value Built using OpenFlow s Action Experimenter Property

13 Bits on the wire: EPB Policy Message Offset Octet Octet Bits Version Type Length 4 32 TransacDon 8 64 Experimenter ID Experimenter Type Library OpDons Library OpDons Library OpDons In Port Policy Packet Traffic Type Padding External Processing Search Field Type Search Field Length External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value External Processing Search Field Value Policy Packet IPv4 Source Address Policy Packet IPv4 DesDnaDon Address Policy Packet Source Port Address Policy Packet DesDnaDon Port Address Built using OpenFlow s Experimenter Message

14 Video-on-Demand Library Options - Examples Offset Octet Octet Bits P OperaDon Type Video- on- Demand Server Port Address 3 24 Expedited Port Regular Port Unused 6 48 Unused RTSP Offset Octet Octet Bits P OperaDon Type Client RTP Port Address 3 24 Client RTCP Port Address Server RTCP Port Address 6 48 Server RTCP Port Address Server RTCP Port Address RTP/RTCP

15 EXTERNAL PROCESSING BOX - EXPERIMENT

16 Department of Computer Science Experiment Logical Topology Legend Best-effort Route Expedited Route PC 1 Multimedia Server

17 Department of Computer Science Experiment Physical Topology Control Plane Ryu Controller OpenFlow LINC Datapath Traffic Controller 1 EPB Traffic Controller 2 Data Plane PC 1 Legend Best-effort Route Expedited Route Multimedia Server

18 Experiment Flow Controller Control Plane OpenFlow 1 Install the following experimenter action: External Processing Action Experimenter Action OFPExternalProcessingAction Experimenter Actions and attached OpenFlow Match Send to EPB, packets needing additional processing Provide EPB with the EPB s outgoing port (VLAN ID) 2 Datapath 5 Multimedia Server Provide a Library ID and Library options for EPB Policy Instruction message PC 1 3 k 4 k: packet is RTSP and contains specified URL, send with VLAN 5 packet is RTCP and contains specified body, send with VLAN 6 packet is RTP, send with VLAN 7 Data Plane External Processing Box (EPB)

19 Experiment Flow Controller OpenFlow Control Plane Experimenter Action OFPExternalProcessingAction Experimenter Actions and attached OpenFlow Match Send to EPB, packets needing additional processing Provide EPB with the EPB s outgoing port (VLAN ID) 4 Datapath 1 Multimedia Server Provide a Library ID and Library options for EPB Policy Instruction message PC 1 2 k 3 k: packet is RTSP and contains specified URL, send with VLAN 5 packet is RTCP and contains specified body, send with VLAN 6 packet is RTP, send with VLAN 7 Data Plane External Processing Box (EPB)

20 Points to Note No special or proprietary hardware No endpoint signaling / action necessary Open, reusable extension in OFrecommended manner General approach to OF-compatible service insertion

21 Department of Computer Science Video Demonstration Control Plane Ryu Controller OpenFlow LINC Datapath Traffic Controller 1 EPB Traffic Controller 2 Data Plane PC 1 Legend Best-effort Route Expedited Route Multimedia Server

22 Department of Computer Science Video Demonstration

23 Evaluation and Testing We used Video-Tester to perform objective video quality assessment and QoS measurements Video-Tester comes equipped with a RTSP server and client, thus must be deployed on both client and the media server

24 Take Away Demonstrates a seamless generalpurpose in-network service insertion mechanism integrated with OpenFlow Allows value added network services to be dynamically included on the fly l Improve jitter rendered video in real-time l Context-sensitive services: Public Service Information

25 EXTRA SLIDES

26 EXTERNAL PROCESSING BOX - RESULTS

27 Test Suite Identifier A B C D E F G Description Baseline, no Traffic Controller or EPB involved EPB with Traffic Controller 1 activated EPB with both Traffic Controllers activated Only Traffic Controller 1 activated Both Traffic Controllers activated EPB with Traffic Controller 1 and Expedited Routes activated EPB with both Traffic Controllers and Expedited Routes activated

28 Jitter Experienced by the three videos

29 Jitter

30 Jitter

31 PSNR-MOS Score

32 PSNR-MOS Score

33 SSIM

34 SSIM

35 EXTRA SLIDES

36 Experiment Actual Setup Switch PC 2 PC 1 Ryu Controller Media Server EPB TC 1 LINC (datapath) TC 2

37 Experiment Logical Mapping Control Plane Ryu PC 1 Controller OpenFlow OpenFlow Match and Experimental Action 6 9 For UDP packet from port 2 or 3, forward to DPI port 5, for processing For TCP packet with a port 8554, forward to DPI port 5, for processing Datapath k: if packet is for Video Stream 1 RTP, send to 2 RTCP or RTSP, send to either 2 or 3 based on its destination Any other Video Stream RTP, send to 6 RTCP or RTSP, send to either 6 or 7 based on its destination Legend Operation step Port number # # Multimedia Server 5 3 k EPB Data Plane

38 Legend for Animation Slide RTSP Data Best-Effort RTP/RTCP Data Expedited RTP/RTCP Data

39 Department of Computer Science Experiment Traffic Flow: Best-Effort Model Control Plane Controller RTSP traffic faces delay as it goes through Traffic Controller 1 Traffic Controller 2 does NOT introduce any delay OpenFlow Datapath Traffic Controller 1 Traffic Controller 2 EPB Data Plane PC 1 Checks EPB intercepts whetherclient this packet ports to allow access belongs to anfor expedited future traffic patterns ifand stream, so tells savesthe thedatapath URL associated to expediteto otherwise this flow.tells it Legend use best-effort Best-effort Route Expedited Route Sending PC 1 video after replying to this message Multimedia Server

40 Department of Computer Science Experiment Traffic Flow: Expedited Model Control Plane Controller RTSP traffic faces delay as it goes through Traffic Controller 1 Traffic Controller 2 does NOT introduce any delay OpenFlow Datapath Traffic Controller 1 Traffic Controller 2 EPB Data Plane PC 1 Checks EPB intercepts whetherclient this packet ports to allow access belongs to anfor expedited future traffic patterns ifand stream, so tells savesthe thedatapath URL associated to expediteto otherwise this flow.tells it Legend use best-effort Best-effort Route Expedited Route Sending PC 1 video after replying to this message Multimedia Server