FOUNDATIONS OF INTENT- BASED NETWORKING
|
|
- Doris Peters
- 5 years ago
- Views:
Transcription
1 FOUNDATIONS OF INTENT- BASED NETWORKING Loris D Antoni Aditya Akella Aaron Gember Jacobson
2 Network Policies Enterprise Network Cloud Network Enterprise Network 2
3 3 Tenant Network Policies Enterprise Network Reachability: A can talk to B A B Waypoints: C to B traffic goes through a Firewall C
4 4 Cloud Network Policies Tenant 1 Network Policies Tenant 2 Network Policies 100Gbps S 1 S 2 100Gbps Network isolation: Tenant 1 and 2 s traffic must not affect each other Network resource management Fault tolerance S 3 S 4 S 5 S 6 100Gbps 100 Gbps 100Gbps S 7 S 8 S 9 S 1 0
5 5 Intent-based networking High level language to specify policies INPUT Synthesize Policy compliant network configurations OUTPUT
6 6 GENESIS SYNTHESIZING FORWARDING TABLES IN MULTI TENANT NETWORKS Kausik Subramanian [Subramanian, D Antoni, Akella, POPL17]
7 7 Software-defined Networks SDN Controller Centralized controller Programmable switch rules: Enforcing policies using conventional enforces policies Match: Packet headers distributed S 1 networks S 2 is difficult Action: Forward to next switch SSH traffic at S 3 is forwarded to S 7 SSH S 3 S 4 S 5 S 6 S 7 S 8 S 9 S 10
8 8 Support for complex and diverse policies High level language to specify policies Genesis Switch forwarding tables Enforcing certain policies is NP complete Genesis uses Satisfiability Modulo Theories (SMT) solvers to synthesize forwarding tables
9 9 Outline of the Talk Motivation Synthesis of forwarding tables in Genesis Scaling to large workloads: Tactics Genesis extensions and conclusions
10 10 Synthesis Approach High level policies + Topology INPUT Constraints on Fwd and Reach Abstract Representation (Fwd, Reach) Paths from Fwd and Reach solution Forwarding tables OUTPUT
11 11 Semantics of (Fwd, Reach) Fwd(S 1, ID) = S 2 : Switch S 1 forwards to S 2 Reach(S 2, ID) = 1: Specifies that S 2 is reachable in 1 step from source Reach(S 1, ID) = 0 Reach(S 2, ID) = 1 Reach(S 3, ID) = 2 Fwd(S 1, ID) = S 2 Fwd(S 2, ID) = S 3 S 1 S 2 S 3
12 12 Reachability Constraints SRC S 3 Reach(S 3, ID) = k 1 S 1 S 4 S 5 Reach(S 2, ID) = k 1 Reach(S 4, ID) = k S 2 Fwd(S 3, ID) = S 4 DST If a switch is reachable in k steps, one of its neighbors must be reachable in k 1 steps
13 13 Policy Constraints Waypoint: Blue Tenant specifies Reach(S 4, ID) = k path must traverse through S 4 S 2 S 4 Isolation: Blue Tenant and Red Tenant paths do not share any link S 1 S 5 Traffic Engineering: Using SMT OPT S 3 (S 3, ID1) (S 3, ID2)
14 THE END? 14
15 15 Baseline Synthesis Evaluation Setup Genesis implemented in Python, uses Z3 SMT solver Multi tenant isolation: Each tenant has a single reachability policy, and all tenant paths are mutually isolated Medium sized fat tree datacenter topologies
16 16 Baseline Synthesis Evaluation To scale to large networks and workloads, we need to further algorithmic insights and optimizations Exponential Complexity Synthesis time for over 60 tenants takes >5000s
17 17 SCALING TO LARGE WORKLOADS TACTICS
18 18 Tactics: Motivation Edge to edge paths: 272 Large search space Use network structure to specify path properties Core Aggregate Edge
19 19 Tactics as regular expressions Core No Edge Tactic: Not (Edge.* Edge.* Edge) Aggregate Edge
20 20 Tactics: Constraint Reduction Genesis uses tactics as a search strategy to eliminate constraints No Edge Tactic ensures no intermediate edge switch Reach(C 1 ) = k 1 Reach(A 1 ) = k 1 C 1 A 1 Reach(S) = k S Reach(E 1 ) = k 1 E 1
21 21 Tactics: Algorithmic Properties Specified using a restricted subset of regular expressions Sound and Complete algorithm for enforcing them Policy agnostic The operator can develop a repository of tactics based on their topology
22 22 Tactics: Evaluation Multi tenant isolation workload Valley Free Tactic and No Edge Tactic Valley Free Tactic speedup: 400x
23 23 Outline of the Talk Motivation Synthesis of forwarding tables in Genesis Scaling Genesis: Tactics and Divide and Conquer Genesis extensions and conclusions
24 24 Genesis Extensions Genesis Rich Policy Language Synthesis using SMT Resilient Paths Network Repair
25 25 Network Resilience Single path: Not resilient Cloud network Link failure S1 S2 S3 t resilience: For events under t arbitrary link failures, there exists a valid path
26 26 Policy-compliant Resiliency Backup path Cloud network 1 resilient Isolation policy S1 S2 S3 For 1 resilience, backup path must be edge disjoint from original path Sound transformation of input policies to provide t resilience
27 27 Minimal Reactive Network Repair Cloud network Policies Policies Best repair: Minimize change overhead Genesis uses MaxSMT
28 28 Network Repair Evaluation Multi tenant isolation workload One switch failure, network repair such that number of switches affected is minimized For larger workloads, repair is faster than re synthesis.
29 CONCLUSION 29
30 High level policies on paths and switches INPUT Genesis Switch forwarding tables satisfying policies OUTPUT OSPF and BGP configurations Efficient optimal repair 30
Programmable Networks with Synthesis
Programmable Networks with Synthesis Ahmed ElHassany Petar Tsankov Laurent Vanbever Martin Vechev Network Misconfigurations are Common What Example Makes Network Configuration Hard? Low-level, local router
More informationGenesis: Synthesizing Forwarding Tables in Multi-tenant Networks
Genesis: Synthesizing Forwarding Tables in Multi-tenant Networks Kausik Subramanian Loris D Antoni Aditya Akella University of Wisconsin-Madison, USA {sskausik08, loris, akella}@cs.wisc.edu * POPL * Artifact
More informationA Routing Infrastructure for XIA
A Routing Infrastructure for XIA Aditya Akella and Peter Steenkiste Dave Andersen, John Byers, David Eckhardt, Sara Kiesler, Jon Peha, Adrian Perrig, Srini Seshan, Marvin Sirbu, Hui Zhang FIA PI Meeting,
More informationCOCONUT: Seamless Scale-out of Network Elements
COCONUT: Seamless Scale-out of Network Elements Soudeh Ghorbani P. Brighten Godfrey University of Illinois at Urbana-Champaign Simple abstractions Firewall Loadbalancer Router Network operating system
More informationNetComplete: Practical Network-Wide Configuration Synthesis with Autocompletion. Ahmed El-Hassany Petar Tsankov Laurent Vanbever Martin Vechev
NetComplete: Practical Network-Wide Configuration Synthesis with Autocompletion Ahmed El-Hassany Petar Tsankov Laurent Vanbever Martin Vechev I shouldn t be the one giving this talk Third year PhD student
More informationNaaS Network-as-a-Service in the Cloud
NaaS Network-as-a-Service in the Cloud joint work with Matteo Migliavacca, Peter Pietzuch, and Alexander L. Wolf costa@imperial.ac.uk Motivation Mismatch between app. abstractions & network How the programmers
More informationExpeditus: Congestion-Aware Load Balancing in Clos Data Center Networks
Expeditus: Congestion-Aware Load Balancing in Clos Data Center Networks Peng Wang, Hong Xu, Zhixiong Niu, Dongsu Han, Yongqiang Xiong ACM SoCC 2016, Oct 5-7, Santa Clara Motivation Datacenter networks
More informationA Scalable, Commodity Data Center Network Architecture
A Scalable, Commodity Data Center Network Architecture B Y M O H A M M A D A L - F A R E S A L E X A N D E R L O U K I S S A S A M I N V A H D A T P R E S E N T E D B Y N A N X I C H E N M A Y. 5, 2 0
More informationAutomatically Repairing Network Control Planes Using an Abstract Representation
Automatically Repairing Network Control Planes Using an Abstract Representation ABSTRACT Aaron Gember-Jacobson Colgate University agemberjacobson@colgate.edu Ratul Mahajan Intentionet ratul@ratul.org The
More informationSoftware-Defined Networking (Continued)
Software-Defined Networking (Continued) CS640, 2015-04-23 Announcements Assign #5 released due Thursday, May 7 at 11pm Outline Recap SDN Stack Layer 2 Learning Switch Control Application Design Considerations
More informationSoftware-Defined Networking (SDN) Overview
Reti di Telecomunicazione a.y. 2015-2016 Software-Defined Networking (SDN) Overview Ing. Luca Davoli Ph.D. Student Network Security (NetSec) Laboratory davoli@ce.unipr.it Luca Davoli davoli@ce.unipr.it
More informationHEADER SPACE ANALYSIS
HEADER SPACE ANALYSIS Peyman Kazemian (Stanford University) George Varghese (UCSD, Yahoo Labs) Nick McKeown (Stanford University) 1 July 17 th, 2012 Joint Techs 2012 TODAY A typical network is a complex
More informationPOLYMORPHIC ON-CHIP NETWORKS
POLYMORPHIC ON-CHIP NETWORKS Martha Mercaldi Kim, John D. Davis*, Mark Oskin, Todd Austin** University of Washington *Microsoft Research, Silicon Valley ** University of Michigan On-Chip Network Selection
More informationEnforcing Customizable Consistency Properties in Software-Defined Networks. Wenxuan Zhou, Dong Jin, Jason Croft, Matthew Caesar, Brighten Godfrey
Enforcing Customizable Consistency Properties in Software-Defined Networks Wenxuan Zhou, Dong Jin, Jason Croft, Matthew Caesar, Brighten Godfrey 1 Network changes control applications, changes in traffic
More informationModel Checking Dynamic Datapaths
Model Checking Dynamic Datapaths Aurojit Panda, Katerina Argyraki, Scott Shenker UC Berkeley, ICSI, EPFL Networks: Not Just for Delivery Enforce a variety of invariants: Packet Isolation: Packets from
More informationBootstrapping evolvability for inter-domain routing with D-BGP. Raja Sambasivan David Tran-Lam, Aditya Akella, Peter Steenkiste
Bootstrapping evolvability for inter-domain routing with D-BGP Raja Sambasivan David Tran-Lam, Aditya Akella, Peter Steenkiste This talk in one slide Q What evolvability features needed in any inter-domain
More informationData Center Configuration. 1. Configuring VXLAN
Data Center Configuration 1. 1 1.1 Overview Virtual Extensible Local Area Network (VXLAN) is a virtual Ethernet based on the physical IP (overlay) network. It is a technology that encapsulates layer 2
More informationSoftware Transactional Networking: Concurrent and Consistent Policy Composition
Software Transactional Networking: Concurrent and Consistent Policy Composition Dan Levin Marco Canini, Petr Kuznetsov*, Stefan Schmid TU Berlin/T-Labs, *Telecom ParisTech Software Transactional Networking:
More informationCamdoop Exploiting In-network Aggregation for Big Data Applications Paolo Costa
Camdoop Exploiting In-network Aggregation for Big Data Applications costa@imperial.ac.uk joint work with Austin Donnelly, Antony Rowstron, and Greg O Shea (MSR Cambridge) MapReduce Overview Input file
More informationResilient IP Backbones. Debanjan Saha Tellium, Inc.
Resilient IP Backbones Debanjan Saha Tellium, Inc. dsaha@tellium.com 1 Outline Industry overview IP backbone alternatives IP-over-DWDM IP-over-OTN Traffic routing & planning Network case studies Research
More informationBoon Thau Loo University of Pennsylvania
Summary of Networked Systems Breakout Boon Thau Loo University of Pennsylvania Networked Systems Breakout Series of 15-20 minute talks: Challenges in safe routing (Alex Gurney) Compositional network services
More informationPlexxi Theory of Operations White Paper
White Paper Introduction Cloud computing, virtualization, and distributed application architectures are reshaping data center traffic flows, escalating bandwidth and performance demands, and introducing
More informationSoftware-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017
Software-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017 Traditional Ethernet Challenges Plug-and-play Allow all ROOT D D D D Nondeterministic Reactive failover Difficult
More informationSDN SEMINAR 2017 ARCHITECTING A CONTROL PLANE
SDN SEMINAR 2017 ARCHITECTING A CONTROL PLANE NETWORKS ` 2 COMPUTER NETWORKS 3 COMPUTER NETWORKS EVOLUTION Applications evolve become heterogeneous increase in traffic volume change dynamically traffic
More informationSecurity Considerations for Cloud Readiness
Application Note Zentera Systems CoIP Platform CoIP Defense-in-Depth with Advanced Segmentation Advanced Segmentation is Essential for Defense-in-Depth There is no silver bullet in security a single solution
More informationImplementing VXLAN. Prerequisites for implementing VXLANs. Information about Implementing VXLAN
This module provides conceptual information for VXLAN in general and configuration information for layer 2 VXLAN on Cisco ASR 9000 Series Router. For configuration information of layer 3 VXLAN, see Implementing
More informationvcloud Director Tenant Portal Guide vcloud Director 8.20
vcloud Director Tenant Portal Guide vcloud Director 8.20 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about this documentation,
More informationProgrammableFlow White Paper. March 24, 2016 NEC Corporation
March 24, 2016 NEC Corporation Contents Preface 3 OpenFlow and ProgrammableFlow 5 Seven Functions and Techniques in ProgrammableFlow 6 Conclusion 19 2 NEC Corporation 2016 Preface SDN (Software-Defined
More informationNetwork Verification Solvers, Symmetries, Surgeries. Nikolaj Bjørner
Network Verification Solvers, Symmetries, Surgeries Nikolaj Bjørner NetPL, August, 2016 Networking needs: Configuration Sanity/Synthesis, Programming, Provisioning Network Design Automation Z3 Z3 advances:
More informationPolynomial-Time What-If Analysis for Prefix-Manipulating MPLS Networks
Polynomial-Time What-If Analysis for Prefix-Manipulating MPLS Networks Stefan Schmid University of Vienna, Austria and Segment Routing!... Jiri Srba Aalborg University, Denmark Polynomial-Time What-If
More informationSDN-based Network Obfuscation. Roland Meier PhD Student ETH Zürich
SDN-based Network Obfuscation Roland Meier PhD Student ETH Zürich This Talk This thesis vs. existing solutions Alice Bob source: Alice destination: Bob Hi Bob, Hi Bob, Payload encryption ǾǼōĦ
More informationDelay Tolerant Network Routing Sathya Narayanan, Ph.D. Computer Science and Information Technology Program California State University, Monterey Bay
Delay Tolerant Network Routing Sathya Narayanan, Ph.D. Computer Science and Information Technology Program California State University, Monterey Bay This work is supported by the Naval Postgraduate School
More informationInterdomain Routing Design for MobilityFirst
Interdomain Routing Design for MobilityFirst October 6, 2011 Z. Morley Mao, University of Michigan In collaboration with Mike Reiter s group 1 Interdomain routing design requirements Mobility support Network
More informationIntroduction to Segment Routing
Segment Routing (SR) is a flexible, scalable way of doing source routing. Overview of Segment Routing, page 1 How Segment Routing Works, page 2 Examples for Segment Routing, page 3 Benefits of Segment
More informationComputation of Multiple Node Disjoint Paths
Chapter 5 Computation of Multiple Node Disjoint Paths 5.1 Introduction In recent years, on demand routing protocols have attained more attention in mobile Ad Hoc networks as compared to other routing schemes
More informationMulti-resource Energy-efficient Routing in Cloud Data Centers with Network-as-a-Service
in Cloud Data Centers with Network-as-a-Service Lin Wang*, Antonio Fernández Antaº, Fa Zhang*, Jie Wu+, Zhiyong Liu* *Institute of Computing Technology, CAS, China ºIMDEA Networks Institute, Spain + Temple
More informationUNIVERSITY OF CAGLIARI
UNIVERSITY OF CAGLIARI DIEE - Department of Electrical and Electronic Engineering Infrastrutture ed Applicazioni Avanzate nell Internet SDN: Control Plane ACK: content taken from Foundations of Modern
More informationTrident. Toward a Unified SDN Programming Framework with Automatic Updates. Kai Gao 1 Taishi Nojima 2 Y. Richard Yang 2, 3 August 23, 2018
Trident Toward a Unified SDN Programming Framework with Automatic Updates Kai Gao 1 Taishi Nojima 2 Y. Richard Yang 2, 3 August 23, 2018 1 Tsinghua University 2 Yale University 3 Tongji University Software-Defined
More informationSoftware Defined Networks and OpenFlow. Courtesy of: AT&T Tech Talks.
MOBILE COMMUNICATION AND INTERNET TECHNOLOGIES Software Defined Networks and Courtesy of: AT&T Tech Talks http://web.uettaxila.edu.pk/cms/2017/spr2017/temcitms/ MODULE OVERVIEW Motivation behind Software
More informationStateful Detection in High Throughput Distributed Systems
Stateful Detection in High Throughput Distributed Systems Gunjan Khanna, Ignacio Laguna, Fahad A. Arshad, Saurabh Bagchi Dependable Computing Systems Lab School of Electrical and Computer Engineering Purdue
More informationCisco Extensible Network Controller
Data Sheet Cisco Extensible Network Controller Product Overview Today s resource intensive applications are making the network traffic grow exponentially putting high demands on the existing network. Companies
More informationCSE 123: Computer Networks
CSE 123: Computer Networks Homework 3 Out: 11/19 Due: 11/26 Instructions 1. Turn in a physical copy at the beginning of the class on 11/26 2. Ensure the HW cover page has the following information clearly
More informationLecture 10.1 A real SDN implementation: the Google B4 case. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 10.1 A real SDN implementation: the Google B4 case Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it WAN WAN = Wide Area Network WAN features: Very expensive (specialized high-end
More informationTitle DC Automation: It s a MARVEL!
Title DC Automation: It s a MARVEL! Name Nikos D. Anagnostatos Position Network Consultant, Network Solutions Division Classification ISO 27001: Public Data Center Evolution 2 Space Hellas - All Rights
More informationCS4450. Computer Networks: Architecture and Protocols. Lecture 15 BGP. Spring 2018 Rachit Agarwal
CS4450 Computer Networks: Architecture and Protocols Lecture 15 BGP Spring 2018 Rachit Agarwal Autonomous System (AS) or Domain Region of a network under a single administrative entity Border Routers Interior
More informationNetwork Verification: Reflections from Electronic Design Automation (EDA)
Network Verification: Reflections from Electronic Design Automation (EDA) Sharad Malik Princeton University MSR Faculty Summit: 7/8/2015 $4 Billion EDA industry EDA Consortium $350 Billion Semiconductor
More informationVeriCon: Towards Verifying Controller Programs in SDNs
VeriCon: Towards Verifying Controller Programs in SDNs Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly Sagiv, Michael Schapira, Asaf Valadarsky 1 Guaranteeing network
More informationBROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK
BROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK Ken Cheng VP, Service Provider and Application Delivery Products September 12, 2012 Brocade Cloud-Optimized Networking
More informationTowards a Universal Stream Processing System Robert Soulé Cornell University
1 Towards a Universal Stream Processing System Robert Soulé Cornell University 2 Data Crisis 2.5 quintillion bytes every day 90% of the world s data was created in the last 2 years 3 How Big is Your Data?
More informationOn the Complexity of Verifying Stateful Networks. A. Panda S. Shenker Y. Velner K. Alpernas A. Rabinovich M. Sagiv
On the Complexity of Verifying Stateful Networks A. Panda S. Shenker Y. Velner K. Alpernas A. Rabinovich M. Sagiv Alice Classical Networking Ted Stevens was right Bob Mallory Trent Networks provide end-to-end
More informationNetworked Systems. Boon Thau Loo. University of Pennsylvania. NSF ExCAPE Meeting 20 Aug 2013
Networked Systems Boon Thau Loo University of Pennsylvania NSF ExCAPE Meeting 20 Aug 2013 Outline Summary (activities over past year) Research highlights Conclusion Year 1 in Retrospect Original proposal
More informationA Network-aware Scheduler in Data-parallel Clusters for High Performance
A Network-aware Scheduler in Data-parallel Clusters for High Performance Zhuozhao Li, Haiying Shen and Ankur Sarker Department of Computer Science University of Virginia May, 2018 1/61 Data-parallel clusters
More informationVideo-Aware Networking: Automating Networks and Applications to Simplify the Future of Video
Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video The future of video is in the network We live in a world where more and more video is shifting to IP and mobile.
More informationBuilding Efficient and Reliable Software-Defined Networks. Naga Katta
FPO Talk Building Efficient and Reliable Software-Defined Networks Naga Katta Jennifer Rexford (Advisor) Readers: Mike Freedman, David Walker Examiners: Nick Feamster, Aarti Gupta 1 Traditional Networking
More informationCS 640: Introduction to Computer Networks. Intra-domain routing. Inter-domain Routing: Hierarchy. Aditya Akella
CS 640: Introduction to Computer Networks Aditya Akella Lecture 11 - Inter-Domain Routing - BGP (Border Gateway Protocol) Intra-domain routing The Story So Far Routing protocols generate the forwarding
More informationAbstractions for Model Checking SDN Controllers. Divjyot Sethi, Srinivas Narayana, Prof. Sharad Malik Princeton University
Abstractions for Model Checking SDN s Divjyot Sethi, Srinivas Narayana, Prof. Sharad Malik Princeton University Traditional Networking Swt 1 Swt 2 Talk OSPF, RIP, BGP, etc. Swt 3 Challenges: - Difficult
More informationPractical Network-wide Packet Behavior Identification by AP Classifier
Practical Network-wide Packet Behavior Identification by AP Classifier NETWORK-WIDE PACKET BEHAVIOR IDENTIFICATION o An control plane application identifying forwarding behaviors of packets in a flow:
More informationTSHOOT: Troubleshooting and Maintaining Cisco IP Networks
642-832 TSHOOT: Troubleshooting and Maintaining Cisco IP Networks Course Number: 642-832 Length: 5 Days Course Overview Troubleshooting and Maintaining Cisco IP Switched Networks (TSHOOT 642-832) is a
More informationNetwork Security: Network Flooding. Seungwon Shin GSIS, KAIST
Network Security: Network Flooding Seungwon Shin GSIS, KAIST Detecting Network Flooding Attacks SYN-cookies Proxy based CAPCHA Ingress/Egress filtering Some examples SYN-cookies Background In a TCP 3-way
More informationVerified Secure Routing
Verified Secure Routing David Basin ETH Zurich EPFL, Summer Research Institute June 2017 Team Members Verification Team Information Security David Basin Tobias Klenze Ralf Sasse Christoph Sprenger Thilo
More informationChapter 5 Network Layer: The Control Plane
Chapter 5 Network Layer: The Control Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you
More informationTolerating Faults in Disaggregated Datacenters
Tolerating Faults in Disaggregated Datacenters Amanda Carbonari, Ivan Beschastnikh University of British Columbia To appear at HotNets17 Current Datacenters 2 The future: Disaggregation 3 The future: Disaggregation
More informationCloudLab. Updated: 5/24/16
2 The Need Addressed by Clouds are changing the way we look at a lot of problems Impacts go far beyond Computer Science but there's still a lot we don't know, from perspective of Researchers (those who
More informationData Center Network Topologies II
Data Center Network Topologies II Hakim Weatherspoon Associate Professor, Dept of Computer cience C 5413: High Performance ystems and Networking April 10, 2017 March 31, 2017 Agenda for semester Project
More informationCTS2134 Introduction to Networking. Module 09: Network Management
CTS2134 Introduction to Networking Module 09: Network Management Documentation Facts Good documentation: Ensures that users can find the information they need when making decisions or troubleshooting problems
More informationIBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture
IBM Cloud for VMware Solutions NSX Edge Services Gateway Solution Architecture Date: 2017-03-29 Version: 1.0 Copyright IBM Corporation 2017 Page 1 of 16 Table of Contents 1 Introduction... 4 1.1 About
More informationSlicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)
Slicing a Network Advanced! Computer Networks Sherwood, R., et al., Can the Production Network Be the Testbed? Proc. of the 9 th USENIX Symposium on OSDI, 2010 Reference: [C+07] Cascado et al., Ethane:
More informationCOM-208: Computer Networks - Homework 6
COM-208: Computer Networks - Homework 6. (P22) Suppose you are interested in detecting the number of hosts behind a NAT. You observe that the IP layer stamps an identification number sequentially on each
More informationDEVOPSIFYING NETWORK SECURITY. An AlgoSec Technical Whitepaper
DEVOPSIFYING NETWORK SECURITY An AlgoSec Technical Whitepaper Introduction This technical whitepaper presents and discusses the concept of Connectivity as Code, a complementary concept to Infrastructure
More informationManaging Demand Spikes in a highly flexible and agile deployment
Managing Demand Spikes in a highly flexible and agile deployment Yuki Sato S2 (Akita, Japan) Jan Hilberath Midokura (Tokyo, Japan) Agenda Company Introduction Why SUSE OpenStack with MidoNet? MidoNet Introduction
More informationPricing Intra-Datacenter Networks with
Pricing Intra-Datacenter Networks with Over-Committed Bandwidth Guarantee Jian Guo 1, Fangming Liu 1, Tao Wang 1, and John C.S. Lui 2 1 Cloud Datacenter & Green Computing/Communications Research Group
More informationAssignment 5. 2 Assignment: Emulate a Data Center and Manage it via a Cloud Network Controller
University of Crete Computer Science Department Lecturer: Prof. Dr. X. Dimitropoulos TAs: Dimitrios Gkounis, George Nomikos Manos Lakiotakis, George Vardakis HY436 - Software Defined Networks Tasks of
More informationOpen Systems Interconnection (OSI) Routing Protocol
CHAPTER 41 Open Systems Interconnection (OSI) Protocol Background The International Organization for Standardization (O) developed a complete suite of routing protocols for use in the Open Systems Interconnection
More informationLecture 15: Measurement Studies on Internet Routing
Internet Routing Lecture 15: Measurement Studies on Internet Routing Lakshminarayanan Subramanian CS 268 class March 10 th, 2004 Internet organized as a two level hierarchy First level autonomous systems
More informationSecurely Access Services Over AWS PrivateLink. January 2019
Securely Access Services Over AWS PrivateLink January 2019 Notices This document is provided for informational purposes only. It represents AWS s current product offerings and practices as of the date
More informationAd Hoc Networks: Issues and Routing
Ad Hoc Networks: Issues and Routing Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse574-08/
More informationNetworks. Distributed Systems. Philipp Kupferschmied. Universität Karlsruhe, System Architecture Group. May 6th, 2009
Networks Distributed Systems Philipp Kupferschmied Universität Karlsruhe, System Architecture Group May 6th, 2009 Philipp Kupferschmied Networks 1/ 41 1 Communication Basics Introduction Layered Communication
More informationApplication-Aware SDN Routing for Big-Data Processing
Application-Aware SDN Routing for Big-Data Processing Evaluation by EstiNet OpenFlow Network Emulator Director/Prof. Shie-Yuan Wang Institute of Network Engineering National ChiaoTung University Taiwan
More informationProgramming Network Policies by Examples: Platform, Abstraction and User Studies
Programming Network Policies by Examples: Platform, Abstraction and User Studies Boon Thau Loo University of Pennsylvania NetPL workshop @ SIGCOMM 2017 Joint work with Yifei Yuan, Dong Lin, Siri Anil,
More informationCOMP211 Chapter 5 Network Layer: The Control Plane
COMP211 Chapter 5 Network Layer: The Control Plane All material copyright 1996-2016 J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking: A Top Down Approach 7 th edition Jim Kurose, Keith
More informationZentera Systems CoIP Platform
Application Note Zentera Systems CoIP Platform Traffic Isolation Using CoIP Traffic Isolation is Critical to Network Security An important attribute of any network is that it ensures certain types of traffic
More informationSDN abstraction and security: a database perspective
June 17, 2016 SoSSDN SDN abstraction and security: a database perspective Anduo Wang * Jason Croft Xueyuan Mei Matthew Caesar Brighten Godfrey * Temple University University of Illinois Urbana-Champaign
More informationRouting(2) Inter-domain Routing
Routing(2) Inter-domain Routing Information Network I Youki Kadobayashi 1 Outline! Continued from previous lecture on:! Distance vector routing! Link state routing! IGP and EGP Interior gateway protocol,
More informationPolicy-Compliant Path Diversity and Bisection Bandwidth
Policy-Compliant Path Diversity and Bisection Bandwidth Rowan Klöti1, Vasileios Kotronis1, Bernhard Ager1, Xenofontas Dimitropoulos2,1 1 ETH Zurich, Switzerland 2 University of Crete / FORTH, Greece 1
More informationSmall-World Datacenters
2 nd ACM Symposium on Cloud Computing Oct 27, 2011 Small-World Datacenters Ji-Yong Shin * Bernard Wong +, and Emin Gün Sirer * * Cornell University + University of Waterloo Motivation Conventional networks
More informationOutline. EL736 Communications Networks II: Design and Algorithms. Class3: Network Design Modelling Yong Liu 09/19/2006
EL736 Communications Networks II: Design and Algorithms Class3: Network Design Modelling Yong Liu 09/19/2006 1 Outline Examples Basic Problems Routing Restriction 2 1 Example: Intra-Domain Traffic Engineering
More informationNetwork Behavior Analysis
N E T W O R K O P E R AT I O N S. S I M P L I F I E D. FORWARD ENTERPRISE HIGHLIGHTS Forward Networks is the leader in Intent-based Networking and network assurance to automate the analysis and verification
More informationLecture 19: Network Layer Routing in the Internet
Lecture 19: Network Layer Routing in the Internet COMP 332, Spring 2018 Victoria Manfredi Acknowledgements: materials adapted from Computer Networking: A Top Down Approach 7 th edition: 1996-2016, J.F
More informationISG-600 Cloud Gateway
ISG-600 Cloud Gateway Cumilon ISG Integrated Security Gateway Integrated Security Gateway Cumilon ISG-600C cloud gateway is the security product developed by Systrome for the distributed access network
More informationDeclarative, Distributed Configuration Distributed SDN Workshop, July 15, 2014, Paris
Declarative, Distributed Configuration Distributed SDN Workshop, July 15, 2014, Paris Applied Communication Sciences Sanjai Narain Dana Chee Chung-Min Chen Brian Coan Ben Falchuk Samuel Gordon Jonathan
More informationOpen Security Controller Project Use Cases
Open Security Controller Project Use Cases Security Orchestration for Software-defined Infrastructure https://www.opensecuritycontroller.org Conceptual Architecture Orchestrating security policies with
More informationDissemination of Paths in Path-Aware Networks
Dissemination of Paths in Path-Aware Networks Christos Pappas Network Security Group, ETH Zurich IETF, November 16, 2017 PANRG Motivation How does path-awareness extend to the edge? 2 PANRG Motivation
More informationGenetic-Algorithm-Based Construction of Load-Balanced CDSs in Wireless Sensor Networks
Genetic-Algorithm-Based Construction of Load-Balanced CDSs in Wireless Sensor Networks Jing He, Shouling Ji, Mingyuan Yan, Yi Pan, and Yingshu Li Department of Computer Science Georgia State University,
More informationMPLS in the DCN. Introduction CHAPTER
CHAPTER 5 First Published: January 3, 2008 Last Updated: January 3, 2008 Finding Support Information for Platforms and Cisco IOS and Catalyst OS Software Images Use Cisco Feature Navigator to find information
More informationWHITE PAPER ARUBA SD-BRANCH OVERVIEW
WHITE PAPER ARUBA SD-BRANCH OVERVIEW June 2018 Table of Contents Overview of the Traditional Branch...1 Adoption of Cloud Services...1 Shift to the Internet as a Business Transport Medium...1 Increasing
More informationBW Protection. 2002, Cisco Systems, Inc. All rights reserved.
BW Protection 2002, Cisco Systems, Inc. All rights reserved. 1 Cisco MPLS - Traffic Engineering for VPNs Amrit Hanspal Sr. Product Manager MPLS & QoS Internet Technologies Division 2 Agenda MPLS Fundamentals
More informationNo Country for Old Security Compliance in the Cloud. Joel Sloss, CDSA Board of Directors May 2017
No Country for Old Security Compliance in the Cloud Joel Sloss, CDSA Board of Directors May 2017 Emerging Threats Specific/sequential targeting Effective reconnaissance Practiced tool usage Sophisticated
More informationVMware Validated Design for NetApp HCI
Network Verified Architecture VMware Validated Design for NetApp HCI VVD 4.2 Architecture Design Sean Howard Oct 2018 NVA-1128-DESIGN Version 1.0 Abstract This document provides the high-level design criteria
More informationNuage Networks Product Architecture. White Paper
Nuage Networks Product Architecture White Paper Table of Contents Abstract... 3 Networking from the Application s Perspective... 4 Design Principles... 4 Architecture... 4 Integrating Bare Metal Resources...
More informationAutomated Synthesis of NFV Topology: A Security Requirement-Oriented Design
Automated Synthesis of NFV Topology: A Security Requirement-Oriented Design A H M Jakaria, Mohammad Ashiqur Rahman, and Carol J Fung Department of Computer Science, Tennessee Tech University, Cookeville,
More information