COCO N: CORRECT-BY-CONSTRUCTION NETWORKS USING STEPWISE REFINEMENT
|
|
- Stanley Dennis
- 6 years ago
- Views:
Transcription
1 COCO N: CORRECT-BY-CONSTRUCTION NETWORKS USING STEPWISE REFINEMENT Leonid Ryzhyk Nikolaj Bjorner Marco Canini Jean-Baptiste Jeannin Cole Schlesinger Douglas Terry George Varghese
2 RUNNING EXAMPLE: CAMPUS NETWORK 2 ACL subnet 1 zone 1 zone 3 core zone 2 subnet 2
3 RUNNING EXAMPLE: CAMPUS NETWORK 3 zone 1 zone 3 core zone 2 subnet 1 subnet 1 gateway router subnet 2 subnet 2 gateway router switch router (not assigned to a subnet)
4 NETWORK VERIFICATION: CURRENT PRACTICES 4 OpenFlow SDN app Option 1: Dataplane verification (NetPlumber, HSA, Veriflow) Fixing bugs in a deployed network takes time; may not avoid the downtime Option 2: Controller verification (Vericon, FlowLog) Limited scalability Check for: Loop freedom Black holes Reachability Isolation Common to both approaches: Property-based verification does not guarantee correctness
5 NETWORK VERIFICATION IN A NUTSHELL 5 ~ Option 1: Dataplane verification (NetKAT) Limited scalability Big switch abstraction
6 REQUIREMENTS 6 Ideally, network verification should be: 1. Scalable 2. Static 3. Exhaustive (works at DC scale) (verifies all possible configurations) (misses no bugs) State of the art: pick 1 out of 3
7 OBSERVATIONS 7 Top-level spec Simple top-level description: the what, not the how Design by hierarchical decomposition ACL subnet 1 zone 1 Refinement 1 zone 3 core zone 2 Refinement 3 subnet 2 Refinement 2
8 DECOMPOSING A WAN 8 switch WAN router local link WAN link Data center 1 Local fabric Data center 2 Core layer Local fabric ToR layer 3 2 Global fabric Internet 1 DC3
9 MORE EXAMPLES 9 Virtual network is decomposed into Physical fabric Virtual fabric Cellular network is decomposed into Edge (base stations) Core Internet gateway Exposing this structure enables efficient compositional verification
10 COCO N: COrrect by COnstruction Networking 10 We propose Cocoon: SDN design method Programming language Verifier Cocoon achieves scalable, static, exhaustive verification (3 out of 3!) via a network design process that focuses on correctness. refine spec refine refine implementation SDN controller Correct by construction
11 EXAMPLE COCOON SPECIFICATIONS 11 role HostOut[IP4 addr] chost(addr) = filter ip2subnet(pkt.srcip)==ip2subnet(pkt.dstip) or acl(pkt); filter chost(pkt.dstip); send HostIn[pkt.dstIP] subnet 1 Runtime-Defined Functions (RDFs) function function function function Must return valid subnet ID chost(ip4 addr): bool csubnet(vid_t vid): bool acl(packet p): bool ip2subnet(ip4 ip): vid_t Assumption: ACL subnet 2 chost(addr) chost(addr) == addr=={ } addr=={ } addr=={ } addr=={ } ip2subnet(ip) ip2subnet(ip) == *.* *.* subnet1 subnet *.* *.* subnet2 subnet assume(ip4 addr) chost(addr)=>csubnet(ip2subnet(addr))
12 REFINEMENT EXAMPLE 12 role HostOut[IP4 addr] chost(addr) = filter ip2subnet(pkt.srcip)==ip2subnet(pkt.dstip) or acl(pkt); filter chost(pkt.dstip); send HostIn[pkt.dstIP] subnet 1 refine HostOut { role HostOut[IP4 addr] chost(addr) =... send RouterZoneIn[zone(addr)] role RouterZoneIn[zid_t] = } ACL subnet 2 zone 1 zone 3 core zone 2
13 2-PHASE VERIFICATION 13 Refinements + assumptions specify static network design Verified statically RDFs encapsulate runtime configuration Checked at runtime against assumptions
14 COCOON ARCHITECTURE 14 Cocoon spec verifier external apps RDF definitions Cocoon runtime assumption checker compiler OpenFlow/P4 SDN controller
15 IMPLEMENTING VERIFICATION 15 Role semantics: Role refinement: We convert this program to Boogie and use the Corral model checker Enforce static bound on the number of network hops to achieve completeness Assumptions are converted to SMT and checked using Z3
16 CASE STUDIES B4-style WAN [Jain et al. B4: Experience with a Globally-Deployed Software Defined WAN] NSX-style network virtualization framework [Koponen et al. Network Virtualization in Multi-tenant Datacenters] Enterprise network [Sung et al. Towards Systematic Design of Enterprise Networks] F10 [Liu et al. F10: A Fault-Tolerant Engineered Network] Stag [Lopes et al. Automatically verifying reachability and wellformedness in P4 Networks] isdx [Gupta et al. An Industrial-Scale Software Defined Internet Exchange Point] 16
17 PERFORMANCE (static verification) 17 Compositional: Monolithic:
18 PERFORMANCE (runtime verification) 18
19 COCOON VS TRADITIONAL NETWORK VERIFICATION 19 zone 1 zone 3 core security policy zone 2 subnet 1 subnet 2 subnet 1 subnet 1 gateway router subnet 2 subnet 2 gateway router switch router (not assigned to a subnet) HSA/ Veriflow/... Correctness spec
20 PERFORMANCE (Cocoon + HSA) 20
21 CONCLUSION 21 Design-by-refinement works well for networks: Allow concise high-level specifications Well-defined module boundaries Verification is feasible for a single refinement: no pointers, concurrency, dynamic memory allocation, etc. Source code, case studies:
Correct by Construction Networks using Stepwise Refinement
Correct by Construction Networks using Stepwise Refinement Submission #198 Abstract Building software-defined network controllers is an exercise in software development and, as such, likely to introduce
More informationScalable Verification of Stateful Networks. Aurojit Panda, Ori Lahav, Katerina Argyraki, Mooly Sagiv, Scott Shenker UC Berkeley, TAU, ICSI
Scalable Verification of Stateful Networks Aurojit Panda, Ori Lahav, Katerina Argyraki, Mooly Sagiv, Scott Shenker UC Berkeley, TAU, ICSI Roadmap Why consider stateful networks? The current state of stateful
More informationNETWORK VERIFICATION: WHEN CLARKE MEETS CERF
TOOLS FOR PUBLIC CLOUDS, PRIVATE CLOUDS, ENTERPRISE NETWORKS, ISPs,... NETWORK VERIFICATION: WHEN CLARKE MEETS CERF George Varghese UCLA (with collaborators from CMU, MSR, Stanford, UCLA) 1 Model and Terminology
More informationVeriCon: Towards Verifying Controller Programs in SDNs
VeriCon: Towards Verifying Controller Programs in SDNs Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly Sagiv, Michael Schapira, Asaf Valadarsky 1 Guaranteeing network
More informationNetwork Programming Languages. Nate Foster
Network Programming Languages Nate Foster We are at the start of a revolution! Network architectures are being opened up giving programmers the freedom to tailor their behavior to suit applications!
More informationAutomatically verifying reachability and well-formedness in P4 Networks
Automatically verifying reachability and well-formedness in P4 Networks Nuno P. Lopes Microsoft Research Nikolaj Bjørner Microsoft Research Nick McKeown Stanford University Andrey Rybalchenko Microsoft
More informationQuantum, network services for Openstack. Salvatore Orlando Openstack Quantum core developer
Quantum, network services for Openstack Salvatore Orlando sorlando@nicira.com Openstack Quantum core developer Twitter- @taturiello Caveats Quantum is in its teenage years: there are lots of things that
More informationNetwork Verification Solvers, Symmetries, Surgeries. Nikolaj Bjørner
Network Verification Solvers, Symmetries, Surgeries Nikolaj Bjørner NetPL, August, 2016 Networking needs: Configuration Sanity/Synthesis, Programming, Provisioning Network Design Automation Z3 Z3 advances:
More informationOpen Network Operating System
Open Network Operating System Michele Santuari msantuari@fbk.eu FBK CREATE-NET - Future Networks research unit April 28, 2017 Agenda Short introduction to SDN and network programmability Introduction to
More informationLecture 10.1 A real SDN implementation: the Google B4 case. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 10.1 A real SDN implementation: the Google B4 case Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it WAN WAN = Wide Area Network WAN features: Very expensive (specialized high-end
More informationPassTorrent. Pass your actual test with our latest and valid practice torrent at once
PassTorrent http://www.passtorrent.com Pass your actual test with our latest and valid practice torrent at once Exam : 352-011 Title : Cisco Certified Design Expert Practical Exam Vendor : Cisco Version
More informationOn the Complexity of Verifying Stateful Networks. A. Panda S. Shenker Y. Velner K. Alpernas A. Rabinovich M. Sagiv
On the Complexity of Verifying Stateful Networks A. Panda S. Shenker Y. Velner K. Alpernas A. Rabinovich M. Sagiv Alice Classical Networking Ted Stevens was right Bob Mallory Trent Networks provide end-to-end
More informationA Hypothesis Testing Framework for Network Security
A Hypothesis Testing Framework for Network Security P. Brighten Godfrey University of Illinois at Urbana-Champaign TSS Seminar, September 15, 2015 Part of the SoS Lablet with David Nicol Kevin Jin Matthew
More informationData Plane Verification and Anteater
Data Plane Verification and Anteater Brighten Godfrey University of Illinois Work with Haohui Mai, Ahmed Khurshid, Rachit Agarwal, Matthew Caesar, and Sam King Summer School on Formal Methods and Networks
More informationACI Multi-Site Architecture and Deployment. Max Ardica Principal Engineer - INSBU
ACI Multi-Site Architecture and Deployment Max Ardica Principal Engineer - INSBU Agenda ACI Network and Policy Domain Evolution ACI Multi-Site Deep Dive Overview and Use Cases Introducing ACI Multi-Site
More informationLecture 14 SDN and NFV. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 14 SDN and NFV Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Traditional network vs SDN TRADITIONAL Closed equipment Software + hardware Cost Vendor-specific management.
More informationData Center Configuration. 1. Configuring VXLAN
Data Center Configuration 1. 1 1.1 Overview Virtual Extensible Local Area Network (VXLAN) is a virtual Ethernet based on the physical IP (overlay) network. It is a technology that encapsulates layer 2
More informationSession objectives and takeaways
Session objectives and takeaways Objectives Explain SDN Core Concepts Deploy SDN Fabric with SCVMM 2016 Takeaways: Deploying SDN Fabric components with SCVMM requires planning Deploying Tenant Resources
More informationIntroduction to External Connectivity
Before you begin Ensure you know about Programmable Fabric. Conceptual information is covered in the Introduction to Cisco Programmable Fabric and Introducing Cisco Programmable Fabric (VXLAN/EVPN) chapters.
More informationCisco Wide Area Bonjour Solution Overview
, page 1 Topology Overview, page 2 About the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), page 5 The Cisco Wide Area Bonjour solution is based on a distributed and hierarchical
More informationFormal Verification of Computer Switch Networks
Formal Verification of Computer Switch Networks Sharad Malik; Department of Electrical Engineering; Princeton Univeristy (with Shuyuan Zhang (Princeton), Rick McGeer (HP Labs)) 1 SDN: So what changes for
More informationHigh Availability WAN
High Availability WAN How Cisco IT Achieved a High Availability WAN A Cisco on Cisco Case Study: Inside Cisco IT 1 Overview Challenge: Achieve high availability for CAPNet, Cisco s global backbone WAN
More informationlecture 18: network virtualization platform (NVP) 5590: software defined networking anduo wang, Temple University TTLMAN 401B, R 17:30-20:00
lecture 18: network virtualization platform (NVP) 5590: software defined networking anduo wang, Temple University TTLMAN 401B, R 17:30-20:00 Network Virtualization in multi-tenant Datacenters Teemu Koponen.,
More informationCloud 3.0 and Software Defined Networking October 28, Amin Vahdat on behalf of Google Technical Infratructure Google Fellow
Cloud 3.0 and Software Defined Networking October 28, 2016 Amin Vahdat on behalf of Google Technical Infratructure Google Fellow Overview This talk: example of the Google research model Driven by novel
More informationModel Checking Dynamic Datapaths
Model Checking Dynamic Datapaths Aurojit Panda, Katerina Argyraki, Scott Shenker UC Berkeley, ICSI, EPFL Networks: Not Just for Delivery Enforce a variety of invariants: Packet Isolation: Packets from
More informationOpenADN: Service Chaining of Globally Distributed VNFs
OpenADN: Service Chaining of Globally Distributed VNFs Project Leader: Subharthi Paul Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Software Telco Congress, Santa Clara,
More informationFatTire: Declarative Fault Tolerance for SDN
FatTire: Declarative Fault Tolerance for SDN Mark Reitblatt Marco Canini Arjun Guha Nate Foster (Cornell) (TU Berlin UC Louvain) (Cornell UMass Amherst) (Cornell) 1 In a Perfect World... 2 But in Reality...
More informationHyperkernel: Push-Button Verification of an OS Kernel
Hyperkernel: Push-Button Verification of an OS Kernel Luke Nelson, Helgi Sigurbjarnarson, Kaiyuan Zhang, Dylan Johnson, James Bornholt, Emina Torlak, and Xi Wang The OS Kernel is a critical component Essential
More informationNetwork Verification: Reflections from Electronic Design Automation (EDA)
Network Verification: Reflections from Electronic Design Automation (EDA) Sharad Malik Princeton University MSR Faculty Summit: 7/8/2015 $4 Billion EDA industry EDA Consortium $350 Billion Semiconductor
More informationACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)
This chapter contains the following sections:, on page 1 Alias API Inspector App Center Alias A changeable name for a given object. While the name of an object, once created, cannot be changed, the Alias
More informationAutomatic Test Packet Generation
Automatic Test Packet Generation James Hongyi Zeng with Peyman Kazemian, George Varghese, Nick McKeown Stanford University, UCSD, Microsoft Research http://eastzone.github.com/atpg/ CoNEXT 2012, Nice,
More informationTenantGuard: Scalable Runtime Verification of Cloud-Wide VM-Level Network Isolation
NDSS 2017 TenantGuard: Scalable Runtime Verification of Cloud-Wide -Level Network Isolation Y. Wang 1, T. Madi 1, S. Majumdar 1, Y. Jarraya 2, A. Alimohammadifar 1, M. Pourzandi 2, L. Wang 1 and M. Debbabi
More informationHeader Space Analysis Part I
Header Space Analysis Part I Peyman Kazemian With James Zeng, George Varghese, Nick McKeown Summer School on Formal Methods and Networks Cornell University June 2013 Recap of the last session Network TroubleshooPng
More informationAbstraction-Driven Network Verification and Design (a personal odyssey) Geoffrey Xie Naval Postgraduate School
Abstraction-Driven Network Verification and Design (a personal odyssey) Geoffrey Xie Naval Postgraduate School xie@nps.edu It started in 2004 A sabbatical at CMU Joined a collaborative project with AT&T
More informationEnterprise. Nexus 1000V. L2/L3 Fabric WAN/PE. Customer VRF. MPLS Backbone. Service Provider Data Center-1 Customer VRF WAN/PE OTV OTV.
2 CHAPTER Cisco's Disaster Recovery as a Service (DRaaS) architecture supports virtual data centers that consist of a collection of geographically-dispersed data center locations. Since data centers are
More informationSQL Azure. Abhay Parekh Microsoft Corporation
SQL Azure By Abhay Parekh Microsoft Corporation Leverage this Presented by : - Abhay S. Parekh MSP & MSP Voice Program Representative, Microsoft Corporation. Before i begin Demo Let s understand SQL Azure
More informationSCALING SOFTWARE DEFINED NETWORKS. Chengyu Fan (edited by Lorenzo De Carli)
SCALING SOFTWARE DEFINED NETWORKS Chengyu Fan (edited by Lorenzo De Carli) Introduction Network management is driven by policy requirements Network Policy Guests must access Internet via web-proxy Web
More informationCOMP211 Chapter 5 Network Layer: The Control Plane
COMP211 Chapter 5 Network Layer: The Control Plane All material copyright 1996-2016 J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking: A Top Down Approach 7 th edition Jim Kurose, Keith
More informationDeploying VMware Validated Design Using OSPF Dynamic Routing. Technical Note 9 NOV 2017 VMware Validated Design 4.1 VMware Validated Design 4.
Deploying VMware Validated Design Using PF Dynamic Routing Technical Note 9 NOV 2017 VMware Validated Design 4.1 VMware Validated Design 4.0 Deploying VMware Validated Design Using PF Dynamic Routing You
More informationSecurity Considerations for Cloud Readiness
Application Note Zentera Systems CoIP Platform CoIP Defense-in-Depth with Advanced Segmentation Advanced Segmentation is Essential for Defense-in-Depth There is no silver bullet in security a single solution
More informationOpenFlow: What s it Good for?
OpenFlow: What s it Good for? Apricot 2016 Pete Moyer pmoyer@brocade.com Principal Solutions Architect Agenda SDN & OpenFlow Refresher How we got here SDN/OF Deployment Examples Other practical use cases
More informationVerified Secure Routing
Verified Secure Routing David Basin ETH Zurich EPFL, Summer Research Institute June 2017 Team Members Verification Team Information Security David Basin Tobias Klenze Ralf Sasse Christoph Sprenger Thilo
More informationCisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003
Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003 Agenda ACI Introduction and Multi-Fabric Use Cases ACI Multi-Fabric Design Options ACI Stretched Fabric Overview
More informationIntroduction to Formal Methods
2008 Spring Software Special Development 1 Introduction to Formal Methods Part I : Formal Specification i JUNBEOM YOO jbyoo@knokuk.ac.kr Reference AS Specifier s Introduction to Formal lmethods Jeannette
More informationDescribing the architecture: Creating and Using Architectural Description Languages (ADLs): What are the attributes and R-forms?
Describing the architecture: Creating and Using Architectural Description Languages (ADLs): What are the attributes and R-forms? CIS 8690 Enterprise Architectures Duane Truex, 2013 Cognitive Map of 8090
More informationSoftware Architecture
Software Architecture Architectural Design and Patterns. Standard Architectures. Dr. Philipp Leitner @xleitix University of Zurich, Switzerland software evolution & architecture lab Architecting, the planning
More informationCisco ACI Terminology ACI Terminology 2
inology ACI Terminology 2 Revised: May 24, 2018, ACI Terminology Cisco ACI Term Alias API Inspector App Center Application Policy Infrastructure Controller (APIC) Application Profile Atomic Counters Alias
More informationChecking Beliefs in Dynamic Networks
Nuno P. Lopes Microsoft Research Checking Beliefs in Dynamic Networks Nikolaj Bjørner Microsoft Research George Varghese Microsoft Research Patrice Godefroid Microsoft Research Karthick Jayaraman Microsoft
More informationNetwork Monitoring using Test Packet Generation
Network Monitoring using Test Packet Generation Madhuram Kabra Modern Education Society s College of Engineering Pune, India Mohammed Sukhsarwala Modern Education Society s College of Engineering Pune,
More informationVirtual Private Cloud. User Guide. Issue 21 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 21 Date 2018-09-30 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationIntroduction to Software-Defined Networking UG3 Computer Communications & Networks (COMN)
Introduction to Software-Defined Networking UG3 Computer Communications & Networks (COMN) Myungjin Lee myungjin.lee@ed.ac.uk Courtesy note: Slides from course CPS514 Spring 2013 at Duke University and
More informationData Center Networks Driving SDN Openness Accelerating Data Center Service Innovation. huaweienterpriseusa.com
Data Center Networks Driving SDN Openness Accelerating Data Center Service Innovation Challenges to Data Center Network Prevailing Big Data Growing Virtualization SDN: Accelerates Internet Service Innovation
More informationNetworking Recap Storage Intro. CSE-291 (Cloud Computing), Fall 2016 Gregory Kesden
Networking Recap Storage Intro CSE-291 (Cloud Computing), Fall 2016 Gregory Kesden Networking Recap Storage Intro Long Haul/Global Networking Speed of light is limiting; Latency has a lower bound (.) Throughput
More informationCisco SD-WAN (Viptela) Migration, QoS and Advanced Policies Hands-on Lab
Cisco SD-WAN (Viptela) Migration, QoS and Advanced Policies Hands-on Lab Ali Shaikh Technical Leader Faraz Shamim Sr. Technical Leader Mossaddaq Turabi Distinguished ENgineer Cisco Spark How Questions?
More informationComponent Design. Systems Engineering BSc Course. Budapest University of Technology and Economics Department of Measurement and Information Systems
Component Design Systems Engineering BSc Course Budapest University of Technology and Economics Department of Measurement and Information Systems Traceability Platform-based systems design Verification
More informationNaaS Network-as-a-Service in the Cloud
NaaS Network-as-a-Service in the Cloud joint work with Matteo Migliavacca, Peter Pietzuch, and Alexander L. Wolf costa@imperial.ac.uk Motivation Mismatch between app. abstractions & network How the programmers
More informationMPLS VPN--Inter-AS Option AB
The feature combines the best functionality of an Inter-AS Option (10) A and Inter-AS Option (10) B network to allow a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) service provider
More informationSoftware verification for ubiquitous computing
Software verification for ubiquitous computing Marta Kwiatkowska Computing Laboratory, University of Oxford QA 09, Grenoble, June 2009 Software everywhere Electronic devices, ever smaller Laptops, phones,
More informationIQ for DNA. Interactive Query for Dynamic Network Analytics. Haoyu Song. HUAWEI TECHNOLOGIES Co., Ltd.
IQ for DNA Interactive Query for Dynamic Network Analytics Haoyu Song www.huawei.com Motivation Service Provider s pain point Lack of real-time and full visibility of networks, so the network monitoring
More informationTraffic Engineering with Forward Fault Correction
Traffic Engineering with Forward Fault Correction Harry Liu Microsoft Research 06/02/2016 Joint work with Ratul Mahajan, Srikanth Kandula, Ming Zhang and David Gelernter 1 Cloud services require large
More informationCisco SDN 解决方案 ACI 的基本概念
Cisco SDN 解决方案 ACI 的基本概念 Presented by: Shangxin Du(@shdu)-Solution Support Engineer, Cisco TAC Aug 26 th, 2015 2013 Cisco and/or its affiliates. All rights reserved. 1 Type Consumption Delivery Big data,
More informationManaging Demand Spikes in a highly flexible and agile deployment
Managing Demand Spikes in a highly flexible and agile deployment Yuki Sato S2 (Akita, Japan) Jan Hilberath Midokura (Tokyo, Japan) Agenda Company Introduction Why SUSE OpenStack with MidoNet? MidoNet Introduction
More informationIBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture
IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture Date: 2017-03-29 Version: 1.0 Copyright IBM Corporation 2017 Page 1 of 16 Table of Contents 1 Introduction... 4 1.1 About
More informationTowards Systematic Design of Enterprise Networks
Towards Systematic Design of Enterprise Networks Yu-Wei Eric Sung 1, Sanjay G. Rao 1, Geoffrey G. Xie 2, David A. Maltz 3 1 Purdue University 2 Naval Postgraduate School 3 Microsoft Research Copyright
More informationOpenADN: Mobile Apps on Global Clouds Using OpenFlow and SDN
OpenADN: Mobile Apps on Global Clouds Using OpenFlow and SDN Raj Jain Project Leader: Subharthi Paul Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Microsoft Corporation
More informationTungstenFabric (Contrail) at Scale in Workday. Mick McCarthy, Software Workday David O Brien, Software Workday
TungstenFabric (Contrail) at Scale in Workday Mick McCarthy, Software Engineer @ Workday David O Brien, Software Engineer @ Workday Agenda Introduction Contrail at Workday Scale High Availability Weekly
More informationCPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer
1 CPSC 826 Intering The Network Layer: Routing & Addressing Outline The Network Layer Michele Weigle Department of Computer Science Clemson University mweigle@cs.clemson.edu November 10, 2004 Network layer
More informationNetworking Domains. Physical domain profiles (physdomp) are typically used for bare metal server attachment and management access.
This chapter contains the following sections:, on page 1 Bridge Domains, on page 2 VMM Domains, on page 2 Configuring Physical Domains, on page 4 A fabric administrator creates domain policies that configure
More informationNetKAT: Semantic Foundations for Networks. Nate Foster Cornell University
NetKAT: Semantic Foundations for Networks Nate Foster Cornell University Team NetKAT Carolyn Anderson Nate Foster Arjun Guha Jean-Baptiste Jeannin Dexter Kozen Cole Schlesinger David Walker Carbon Software-Defined
More informationAOSA - Betriebssystemkomponenten und der Aspektmoderatoransatz
AOSA - Betriebssystemkomponenten und der Aspektmoderatoransatz Results obtained by researchers in the aspect-oriented programming are promoting the aim to export these ideas to whole software development
More informationFOUNDATIONS OF INTENT- BASED NETWORKING
FOUNDATIONS OF INTENT- BASED NETWORKING Loris D Antoni Aditya Akella Aaron Gember Jacobson Network Policies Enterprise Network Cloud Network Enterprise Network 2 3 Tenant Network Policies Enterprise Network
More informationStatic program checking and verification
Chair of Software Engineering Software Engineering Prof. Dr. Bertrand Meyer March 2007 June 2007 Slides: Based on KSE06 With kind permission of Peter Müller Static program checking and verification Correctness
More informationDriving SDN openness, accelerating data center service innovation Cloud Fabric Data Center Network Solution
2014 年 3 月 13 日星期四 Driving SDN openness, accelerating data center service innovation Cloud Fabric Data Center Network Solution Challenges to Data Center Network Prevailing Big Data Growing Virtualization
More informationChapter 06 IP Address
Chapter 06 IP Address IP Address Internet address Identifier used at IP layer 32 bit binary address The address space of IPv4 is 2 32 or 4,294,967,296 Consists of netid and hosted IP Address Structure
More informationArista 7010 Series: Q&A
7010 Series: Q&A Document Arista 7010 Series: Q&A Product Overview What is the 7010 Series? The Arista 7010 Series are a family of purpose built high performance and power efficient fixed configuration
More informationArista 7020R Series: Q&A
7020R Series: Q&A Document Arista 7020R Series: Q&A Product Overview What is the 7020R Series? The Arista 7020R Series, including the 7020SR, 7020TR and 7020TRA, offers a purpose built high performance
More informationThe Next Opportunity in the Data Centre
The Next Opportunity in the Data Centre Application Centric Infrastructure Soni Jiandani Senior Vice President, Cisco THE NETWORK IS THE INFORMATION BROKER FOR ALL APPLICATIONS Applications Are Changing
More informationCommunication-Based Design
Communication-Based Design Motivation System-level verification of large component-oriented designs will be very costly. We cannot afford to debug interface mismatches between internal components... especially
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationHuawei CloudFabric and VMware Collaboration Innovation Solution in Data Centers
Huawei CloudFabric and ware Collaboration Innovation Solution in Data Centers ware Data Center and Cloud Computing Solution Components Extend virtual computing to all applications Transform storage networks
More informationSoftware Reuse and Component-Based Software Engineering
Software Reuse and Component-Based Software Engineering Minsoo Ryu Hanyang University msryu@hanyang.ac.kr Contents Software Reuse Components CBSE (Component-Based Software Engineering) Domain Engineering
More informationFinding and Fixing Bugs in Liquid Haskell. Anish Tondwalkar
Finding and Fixing Bugs in Liquid Haskell Anish Tondwalkar Overview Motivation Liquid Haskell Fault Localization Fault Localization Evaluation Predicate Discovery Predicate Discovery Evaluation Conclusion
More informationExtending Enterprise Security to Multicloud and Public Cloud
Extending Enterprise Security to Multicloud and Public Cloud Paul Kofoid Sr. Consulting Engineer: Security & Cloud This statement of direction sets forth Juniper Networks current intention and is subject
More informationZentera Systems CoIP Platform
Application Note Zentera Systems CoIP Platform Traffic Isolation Using CoIP Traffic Isolation is Critical to Network Security An important attribute of any network is that it ensures certain types of traffic
More informationFlexible Networking at Large Mega-Scale. Exploring issues and solutions
Flexible Networking at Large Mega-Scale Exploring issues and solutions What is Mega-Scale? One or more of: > 10,000 compute nodes > 100,000 IP addresses > 1 Tb/s aggregate bandwidth Massive East/West traffic
More informationRaj Jain (Washington University in Saint Louis) Mohammed Samaka (Qatar University)
APPLICATION DEPLOYMENT IN FUTURE GLOBAL MULTI-CLOUD ENVIRONMENT Raj Jain (Washington University in Saint Louis) Mohammed Samaka (Qatar University) GITMA 2015 Conference, St. Louis, June 23, 2015 These
More informationA Global Operating System «from the Things to the Clouds»
GRUPPO TELECOM ITALIA EAI International Conference on Software Defined Wireless Networks and Cognitive Technologies for IoT Rome, 26th October 2015 A Global Operating System «from the Things to the Clouds»
More informationLAN Interconnection. different interconnecting devices, many approaches Vasile Dadarlat- Local Area Computer Networks
LAN Interconnection different interconnecting devices, many approaches 1 Need for ability to expand beyond single LAN; appears concept of Extended LAN, extending the number of attached stations and maximum
More informationEnforcing Customizable Consistency Properties in Software-Defined Networks. Wenxuan Zhou, Dong Jin, Jason Croft, Matthew Caesar, Brighten Godfrey
Enforcing Customizable Consistency Properties in Software-Defined Networks Wenxuan Zhou, Dong Jin, Jason Croft, Matthew Caesar, Brighten Godfrey 1 Network changes control applications, changes in traffic
More informationAn Introduction to Software Architecture. David Garlan & Mary Shaw 94
An Introduction to Software Architecture David Garlan & Mary Shaw 94 Motivation Motivation An increase in (system) size and complexity structural issues communication (type, protocol) synchronization data
More informationAdvanced threats. "Software defined" everything. Internet of Things. SDDC/Cloud. HTTP is the new TCP. Mobile. F5 Networks, Inc 2
F5 Software Defined Application Services F5 Synthesis Fred Wu Technical Director of F5 Networks China Advanced threats "Software defined" everything SDDC/Cloud Internet of Things Mobile HTTP is the new
More informationMinsoo Ryu. College of Information and Communications Hanyang University.
Software Reuse and Component-Based Software Engineering Minsoo Ryu College of Information and Communications Hanyang University msryu@hanyang.ac.kr Software Reuse Contents Components CBSE (Component-Based
More informationNetwork Policy Enforcement
CHAPTER 6 Baseline network policy enforcement is primarily concerned with ensuring that traffic entering a network conforms to the network policy, including the IP address range and traffic types. Anomalous
More informationBuilding Security Services on top of SDN
Building Security Services on top of SDN Gregory Blanc Télécom SudParis, IMT 3rd FR-JP Meeting on Cybersecurity WG7 April 25th, 2017 Keio University Mita Campus, Tokyo Table of Contents 1 SDN and NFV as
More informationVISIBILITY INTO CLOUD COMPUTING
VISIBILITY INTO CLOUD COMPUTING Brendan Leitch, Head of APAC Marketing 1 SECURITY AND PERFORMANCE DEPENDS ON DATA VISIBILITY Access Challenges: Get data access for tools VISIBILITY: Seeing the Traffic
More informationLink State Routing & Inter-Domain Routing
Link State Routing & Inter-Domain Routing CS640, 2015-02-26 Announcements Assignment #2 is due Tuesday Overview Link state routing Internet structure Border Gateway Protocol (BGP) Path vector routing Inter
More informationOrchestration: Accelerate Deployments and Reduce Operational Risk. Nathan Pearce, Product Development SA Programmability & Orchestration Team
Orchestration: Accelerate Deployments and Reduce Operational Risk Nathan Pearce, Product Development SA Programmability & Orchestration Team Agenda 1 2 3 Industry Trends Customer Journey Use Cases 2016
More informationUsing Event-Driven SDN for Dynamic DDoS Mitigation
Using Event-Driven SDN for Dynamic DDoS Mitigation Craig Hill Distinguished SE, US Federal crhill@cisco.com CCIE #1628 1 Concept and Content Creators The Cisco Engineering Team: Jason King Steven Carter
More informationS A I U p d a t e s a n d L o o k i n g F o r w a r d. Guohan Lu, Principal Dev Manager Xin Liu, Principal Product Manager Microsoft Azure Networking
S A I U p d a t e s a n d L o o k i n g F o r w a r d Guohan Lu, Principal Dev Manager Xin Liu, Principal Product Manager Microsoft Azure Networking Switch Abstraction Interface (SAI) Network Applications
More informationCommunity College LAN Design Considerations
CHAPTER 3 LAN Design The community college LAN design is a multi-campus design, where a campus consists of multiple buildings and services at each location, as shown in Figure 3-1. 3-1 LAN Design Chapter
More information