SNAP: Stateful Network-Wide Abstractions for Packet Processing. Collaboration of Princeton University & Pomona College
|
|
- Hugo Hubbard
- 5 years ago
- Views:
Transcription
1 SNAP: Stateful Network-Wide Abstractions for Packet Processing Collaboration of Princeton University & Pomona College
2 Brief Overview: Motivation Introduction to SNAP/Example(s) of SNAP SNAP Syntax Overview Compilation Phases Contributions Evaluation Extending SNAP/The Future
3 Motivation <<...these systems [early SDN implementations] were partitioned into (1) a stateless packet-processing part that could be analyzed statically, compiled, and installed on OpenFlow switches, and (2) a general stateful component that ran on the controller.>>
4 Motivation cont d <<...emerging hardware and software switches offer much more sophisticated support for persistent state in the data plane, without involving a central controller.>>
5 Motivation cont d <<...programming distributed collections of stateful devices is typically one of the most difficult kinds of programming problems. We need new languages and abstractions to help us manage the complexity and optimize resource utilization effectively.>>
6 What is SNAP? A new language <<SNAP offers a simpler centralized stateful programming model, by allowing programmers to develop programs on top of one big switch rather than many.>> <<The SNAP compiler relieves programmers of having to worry about how to distribute, place, and optimize access to these stateful arrays [global, persistent arrays of network states] by doing it all for them.>>
7 SNAP Paradigms: The Network is one big Switch
8 SNAP Paradigms: The Network is one big Switch <<Programmers can allocate persistent arrays on that OBS, and do not have to worry about where or how such arrays are stored in the physical network.>>
9 SNAP Paradigms: The Network is one big Switch <<Moreover, if multiple arrays must be updated simultaneously, we provide a form of network transaction to ensure such updates occur atomically.>>
10 SNAP: An SDN Programming Language Let s get to know SNAP!
11 SNAP Overview: An example DNS tunnel detection
12 REFRESH: DNS (Domain Name System) End user DNS Server ask for corresponding IP look up IP and return it (has its own DNS cache)
13 A little more detail Resolver (from ISP) End user Root Server TLD Server Name Server 7
14 DNS Tunneling By using DNS tunneling, a user will be able to access a website even though the proxy is blocking the website. Normally, when you consider a proxy server, all the HTTP traffic will be received by a proxy server, but no DNS traffic will fall on a proxy server. So exploiting this DNS traffic will allow us to use all blocked websites as well.
15 How to detect DNS tunneling? 1. For each client, keep track of the IP addresses resolved by DNS responses. 2. For each DNS response, increment a counter. This counter tracks the number of resolved IP addresses that a client does not use. 3. When a client sends a packet to a resolved IP address, decrement the counter for the client. 4. Report tunneling for clients that exceed a threshold for resolved, but unused IP addresses.
16 SNAP Example 1. For each client, keep track of the IP addresses resolved by DNS responses. 2. For each DNS response, increment a counter. This counter tracks the number of resolved IP addresses that a client does not use. 3. When a client sends a packet to a resolved IP address, decrement the counter for the client. 4. Report tunneling for clients that exceed a threshold for resolved, but unused IP addresses.
17 Routing in SNAP
18 SNAP Syntax
19 SNAP Predicates <<Predicates have a constrained semantics: they never update the state (but may read from it), and either return the empty set or the singleton set containing the input packet.>>
20 SNAP Predicates id drop f=v s[e1] = e2 -> pass the input package -> drop the input package -> pass pkt if pkt.f = v (field = value) -> pass if eval(e1) = eval(e2)
21 SNAP Policies <<Policies can modify packets and the state. Every predicate is a policy - it simply makes no modifications.>>
22 SNAP Policies f <-v s[e1]<-e2 s[e]++ p+q atomic(p) -> new packet pkt s.t. pkt.f = v -> pass input packet while updating state -> increment/decrement state -> run p and q in parallel -> ensure atomicity Possible data race, compile error
23 Realizing Programs on the Data Plane Questions: 1. Where to place state variables (orphan, susp-client, and blacklist in the previous example) (state dependency analysis) 2. How to route the packets across the physical network Demands: 1. Packets must pass through devices storing all state variables they need. 2. The order of the states has to be correct. (read-write dependencies)
24 Back to the Example Order matters! First those Than this
25 Program Analysis Transform program to an intermediate representation! (To receive the needed information)
26 Intermediate Representation: xfdd
27 Packet-State Mapping <<Traversing from d s [an xfdd] root down to the action sets at d s leaves, we can gather information associating each flow with the set of state variables read or written.>> And...
28 Packet-State Mapping <<...the operators can give hints to the compiler by specifying their network assumptions in a separate policy: >>
29 State Placement and Routing: MILP (great acronym) Input: concrete network topology, state dependency graph G, packet-state mapping Output: routing and state placement
30 State Placement Strategies: (i) Keep each state variable at one location (ii) Keep multiple copies of states on different switches Not possible to provide strong consistency guarantees
31 MILP <<It [the compiler] uses a mixed-integer linear program (MILP) that solves an extension of the multi-commodity flow problem to jointly decide state placement and routing while minimizing network congestion.>>
32 Multi-commodity flow problem Essentially, given a graph with edges/vertices and edge weights (a network), fulfilling certain flow demands. Kind of similar to the max flow problem, just that you have some flow constraints that have to be met.
33 Compilation: Recap Two critical details: 1. traffic routing 2. state placement
34 Compilation: a simple example <<If two flows (with different input and output ports) both need some state variable s, we should select routes for the two flows such that they pass through a common location where we place s.>>
35 Compilation: A general diagram
36 Contributions A stateful and compositional SDN programming language: SNAP A compiler to translate SNAP programs into low-level switch mechanics Implementation and evaluation of about 20 applications
37 Evaluation
38 Evaluation TCP State machine policy added
39 Evaluation
40 Evaluation <<We believe that our compilation techniques meet the requirements of enterprise networks and medium-size ISPs.>>
41 Evaluation <<Our current prototype composes xfdds in the same order as the programs themselves are composed and leaves finding the optimal order to compose xfdds to future work.>>
42 Extending SNAP/The Future Sharing State Variables Fault-Tolerance!!! Modifying fields with state variables Deep packet inspection (DPI) Resource constraints Cross-packet fields Queue-based policies
43
44 Appendix: xfdd compositions
SNAP: Stateful Network-Wide Abstractions for Packet Processing
SNAP: Stateful Network-Wide Abstractions for Packet Processing Mina Tahmasbi Arashloo1, Yaron Koral1, Michael Greenberg2, Jennifer Rexford1, and David Walker1 1 Princeton University, 2 Pomona College Early
More informationStates on a (Data) Plane. Jennifer Rexford
States on a (Data) Plane Jennifer Rexford Traditional data planes are stateless 1 Software Defined Networks (SDN) Program your network from a logically central point! 2 OpenFlow Rule Tables Prio match
More informationLecture 14 SDN and NFV. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 14 SDN and NFV Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Traditional network vs SDN TRADITIONAL Closed equipment Software + hardware Cost Vendor-specific management.
More informationProgrammable Software Switches. Lecture 11, Computer Networks (198:552)
Programmable Software Switches Lecture 11, Computer Networks (198:552) Software-Defined Network (SDN) Centralized control plane Data plane Data plane Data plane Data plane Why software switching? Early
More informationIQ for DNA. Interactive Query for Dynamic Network Analytics. Haoyu Song. HUAWEI TECHNOLOGIES Co., Ltd.
IQ for DNA Interactive Query for Dynamic Network Analytics Haoyu Song www.huawei.com Motivation Service Provider s pain point Lack of real-time and full visibility of networks, so the network monitoring
More informationDEPLOYMENT GUIDE Version 1.1. DNS Traffic Management using the BIG-IP Local Traffic Manager
DEPLOYMENT GUIDE Version 1.1 DNS Traffic Management using the BIG-IP Local Traffic Manager Table of Contents Table of Contents Introducing DNS server traffic management with the BIG-IP LTM Prerequisites
More informationSoftware Defined Networking
Software Defined Networking Daniel Zappala CS 460 Computer Networking Brigham Young University Proliferation of Middleboxes 2/16 a router that manipulatees traffic rather than just forwarding it NAT rewrite
More informationLecture 10.1 A real SDN implementation: the Google B4 case. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 10.1 A real SDN implementation: the Google B4 case Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it WAN WAN = Wide Area Network WAN features: Very expensive (specialized high-end
More informationCS 5114 Network Programming Languages Data Plane. Nate Foster Cornell University Spring 2013
CS 5114 Network Programming Languages Data Plane http://www.flickr.com/photos/rofi/2097239111/ Nate Foster Cornell University Spring 2013 Based on lecture notes by Jennifer Rexford and Michael Freedman
More informationComputer Networks - Midterm
Computer Networks - Midterm October 30, 2015 Duration: 2h15m This is a closed-book exam Please write your answers on these sheets in a readable way, in English or in French You can use extra sheets if
More informationOpenCache. A Platform for Efficient Video Delivery. Matthew Broadbent. 1 st Year PhD Student
OpenCache A Platform for Efficient Video Delivery Matthew Broadbent 1 st Year PhD Student Motivation Consumption of video content on the Internet is constantly expanding Video-on-demand is an ever greater
More informationState Replication for Programmable Stateful Data Planes in SDN
State Replication for Programmable Stateful Data Planes in SDN Paolo Giaccone Giuseppe Bianchi, Andrea Bianco, Marco Bonola, Abubakar Muqaddas, Janvi Palan, German Sviridov, Angelo Tulumello Workshop on
More informationSlicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)
Slicing a Network Advanced! Computer Networks Sherwood, R., et al., Can the Production Network Be the Testbed? Proc. of the 9 th USENIX Symposium on OSDI, 2010 Reference: [C+07] Cascado et al., Ethane:
More informationCompiling Path Queries
Compiling Path Queries Princeton University Srinivas Narayana Mina Tahmasbi Jen Rexford David Walker Management = Measure + Control Network Controller Measure Control Software-Defined Networking (SDN)
More informationCluster-Based Scalable Network Services
Cluster-Based Scalable Network Services Suhas Uppalapati INFT 803 Oct 05 1999 (Source : Fox, Gribble, Chawathe, and Brewer, SOSP, 1997) Requirements for SNS Incremental scalability and overflow growth
More informationBasics (cont.) Characteristics of data communication technologies OSI-Model
48 Basics (cont.) Characteristics of data communication technologies OSI-Model Topologies Packet switching / Circuit switching Medium Access Control (MAC) mechanisms Coding Quality of Service (QoS) 49
More informationCurriculum 2013 Knowledge Units Pertaining to PDC
Curriculum 2013 Knowledge Units Pertaining to C KA KU Tier Level NumC Learning Outcome Assembly level machine Describe how an instruction is executed in a classical von Neumann machine, with organization
More informationCSC 4900 Computer Networks: Network Layer
CSC 4900 Computer Networks: Network Layer Professor Henry Carter Fall 2017 Chapter 4: Network Layer 4. 1 Introduction 4.2 What s inside a router 4.3 IP: Internet Protocol Datagram format 4.4 Generalized
More informationSoftware Defined Networking
CSE343/443 Lehigh University Fall 2015 Software Defined Networking Presenter: Yinzhi Cao Lehigh University Acknowledgement Many materials are borrowed from the following links: https://www.cs.duke.edu/courses/spring13/compsc
More informationApplication of SDN: Load Balancing & Traffic Engineering
Application of SDN: Load Balancing & Traffic Engineering Outline 1 OpenFlow-Based Server Load Balancing Gone Wild Introduction OpenFlow Solution Partitioning the Client Traffic Transitioning With Connection
More informationETSI FUTURE Network SDN and NFV for Carriers MP Odini HP CMS CT Office April 2013
ETSI FUTURE Network SDN and NFV for Carriers MP Odini HP CMS CT Office April 2013 Challenges and Opportunities Reduce Capex/Opex Challenges Innovation at devices and OTT side Number of devices explode
More informationBIG-IP Access Policy Manager : Portal Access. Version 12.1
BIG-IP Access Policy Manager : Portal Access Version 12.1 Table of Contents Table of Contents Overview of Portal Access...7 Overview: What is portal access?...7 About portal access configuration elements...7
More information15-441: Computer Networks Homework 3
15-441: Computer Networks Homework 3 Assigned: Oct 29, 2013 Due: Nov 12, 2013 1:30 PM in class Name: Andrew ID: 1 TCP 1. Suppose an established TCP connection exists between sockets A and B. A third party,
More informationFundamentals of STEP Implementation
Fundamentals of STEP Implementation David Loffredo loffredo@steptools.com STEP Tools, Inc., Rensselaer Technology Park, Troy, New York 12180 A) Introduction The STEP standard documents contain such a large
More informationOPTIMAL METHOD FOR SHARING INTERNET IN WIRELESS MESH NETWORK USING FIXED- BAND NON-SHARING, NON-FIXED-BAND NON-SHARING / SHARING ALGORITHMS
OPTIMAL METHOD FOR SHARING INTERNET IN WIRELESS MESH NETWORK USING FIXED- BAND NON-SHARING, NON-FIXED-BAND NON-SHARING / SHARING ALGORITHMS Palanivel.N Assistant Professor Department of CSE Manakula Vinayagar
More informationUtilizing Datacenter Networks: Centralized or Distributed Solutions?
Utilizing Datacenter Networks: Centralized or Distributed Solutions? Costin Raiciu Department of Computer Science University Politehnica of Bucharest We ve gotten used to great applications Enabling Such
More informationCourse Review. Hui Lu
Course Review Hui Lu Syllabus Cloud computing Server virtualization Network virtualization Storage virtualization Cloud operating system Object storage Syllabus Server Virtualization Network Virtualization
More informationManaging and Securing Computer Networks. Guy Leduc. Chapter 2: Software-Defined Networks (SDN) Chapter 2. Chapter goals:
Managing and Securing Computer Networks Guy Leduc Chapter 2: Software-Defined Networks (SDN) Mainly based on: Computer Networks and Internets, 6 th Edition Douglas E. Comer Pearson Education, 2015 (Chapter
More informationIntroduction to Distributed Systems
Introduction to Distributed Systems Other matters: review of the Bakery Algorithm: why can t we simply keep track of the last ticket taken and the next ticvket to be called? Ref: [Coulouris&al Ch 1, 2]
More informationUNIVERSITY OF CAGLIARI
UNIVERSITY OF CAGLIARI DIEE - Department of Electrical and Electronic Engineering Infrastrutture ed Applicazioni Avanzate nell Internet SDN: Control Plane ACK: content taken from Foundations of Modern
More informationTable of Contents. 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1
Table of Contents 1 Intrusion Detection Statistics 1-1 Overview 1-1 Displaying Intrusion Detection Statistics 1-1 i 1 Intrusion Detection Statistics Overview Intrusion detection is an important network
More informationPIRE ExoGENI ENVRI preparation for Big Data science
System and Network Engineering MSc Research project PIRE ExoGENI ENVRI preparation for Big Data science Stavros Konstantaras, Ioannis Grafis February 5, 2014 Background Big Data science Huge amount of
More informationCMPE 80N: Introduction to Networking and the Internet
CMPE 80N: Introduction to Networking and the Internet Katia Obraczka Computer Engineering UCSC Baskin Engineering Lecture 11 CMPE 80N Fall'10 1 Announcements Forum #2 due on 11.05. CMPE 80N Fall'10 2 Last
More informationOTSDN What is it? Does it help?
OTSDN What is it? Does it help? Dennis Gammel Schweitzer Engineering Laboratories, Inc. Funded by the U.S. Department of Energy and the U.S. Department of Homeland Security cred-c.org Important Aspects
More informationEthane: taking control of the enterprise
Ethane: taking control of the enterprise Martin Casado et al Giang Nguyen Motivation Enterprise networks are large, and complex, and management is distributed. Requires substantial manual configuration.
More informationCSE 461 Midterm Winter 2018
CSE 461 Midterm Winter 2018 Your Name: UW Net ID: General Information This is a closed book/laptop examination. You have 50 minutes to answer as many questions as possible. The number in parentheses at
More informationBIG-IP Access Policy Manager : Portal Access. Version 13.0
BIG-IP Access Policy Manager : Portal Access Version 13.0 Table of Contents Table of Contents Overview of Portal Access...7 Overview: What is portal access?...7 About portal access configuration elements...
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationTopic 6: SDN in practice: Microsoft's SWAN. Student: Miladinovic Djordje Date:
Topic 6: SDN in practice: Microsoft's SWAN Student: Miladinovic Djordje Date: 17.04.2015 1 SWAN at a glance Goal: Boost the utilization of inter-dc networks Overcome the problems of current traffic engineering
More informationSYN Flood Attack Protection Technology White Paper
Flood Attack Protection Technology White Paper Flood Attack Protection Technology White Paper Keywords: flood, Cookie, Safe Reset Abstract: This document describes the technologies and measures provided
More informationAnnouncements. me your survey: See the Announcements page. Today. Reading. Take a break around 10:15am. Ack: Some figures are from Coulouris
Announcements Email me your survey: See the Announcements page Today Conceptual overview of distributed systems System models Reading Today: Chapter 2 of Coulouris Next topic: client-side processing (HTML,
More informationService-Centric Networking for the Developing World
GAIA workshop Service-Centric Networking for the Developing World Arjuna Sathiaseelan, Liang Wang, Andrius Aucinas, Gareth Tyson*, Jon Crowcroft N4D Lab liang.wang@cl.cam.ac.uk Cambridge University, UK
More informationPractical Network-wide Packet Behavior Identification by AP Classifier
Practical Network-wide Packet Behavior Identification by AP Classifier NETWORK-WIDE PACKET BEHAVIOR IDENTIFICATION o An control plane application identifying forwarding behaviors of packets in a flow:
More informationIntroduction to Distributed Systems. INF5040/9040 Autumn 2018 Lecturer: Eli Gjørven (ifi/uio)
Introduction to Distributed Systems INF5040/9040 Autumn 2018 Lecturer: Eli Gjørven (ifi/uio) August 28, 2018 Outline Definition of a distributed system Goals of a distributed system Implications of distributed
More informationDistributed Systems. 21. Content Delivery Networks (CDN) Paul Krzyzanowski. Rutgers University. Fall 2018
Distributed Systems 21. Content Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2018 1 2 Motivation Serving web content from one location presents problems Scalability Reliability Performance
More informationConfiguring Virtual Servers
3 CHAPTER This section provides an overview of server load balancing and procedures for configuring virtual servers for load balancing on an ACE appliance. Note When you use the ACE CLI to configure named
More informationCS November 2018
Distributed Systems 21. Delivery Networks (CDN) Paul Krzyzanowski Rutgers University Fall 2018 1 2 Motivation Serving web content from one location presents problems Scalability Reliability Performance
More informationParticipatory Networking: An API for Application Control of SDNS SIGCOMM 13
Participatory Networking: An API for Application Control of SDNS SIGCOMM 13 Ferguson, Guha, Liang, Fonseca, Krishnamurthi MAURICIO DE OLIVEIRA 1 The idea behind participatory networking There is a lot
More informationMAGIC OF SDN IN NETWORKING
Innovate, Integrate, Transform MAGIC OF SDN IN NETWORKING www.altencalsoftlabs.com Executive Summary Software Defined Networking (SDN) brings a transformational paradigm shift from traditional vendor-locked
More informationOpenADN: A Case for Open Application Delivery Networking
OpenADN: A Case for Open Application Delivery Networking Subharthi Paul, Raj Jain, Jianli Pan Washington University in Saint Louis {Pauls, jain, jp10}@cse.wustl.edu International Conference on Computer
More informationThink of drawing/diagramming editors. ECE450 Software Engineering II. The problem. The Composite pattern
Think of drawing/diagramming editors ECE450 Software Engineering II Drawing/diagramming editors let users build complex diagrams out of simple components The user can group components to form larger components......which
More informationDatacenter Wide- area Enterprise
Datacenter Wide- area Enterprise Client LOAD- BALANCER Can t choose path : ( Servers Outline and goals A new architecture for distributed load-balancing joint (server, path) selection Demonstrate a nation-wide
More informationBIG-IP Local Traffic Management: Basics. Version 12.1
BIG-IP Local Traffic Management: Basics Version 12.1 Table of Contents Table of Contents Introduction to Local Traffic Management...7 About local traffic management...7 About the network map...7 Viewing
More informationARE LARGE-SCALE AUTONOMOUS NETWORKS UNMANAGEABLE?
ARE LARGE-SCALE AUTONOMOUS NETWORKS UNMANAGEABLE? Motivation, Approach, and Research Agenda Rolf Stadler and Gunnar Karlsson KTH, Royal Institute of Technology 164 40 Stockholm-Kista, Sweden {stadler,gk}@imit.kth.se
More informationLecture 21: Transactional Memory. Topics: consistency model recap, introduction to transactional memory
Lecture 21: Transactional Memory Topics: consistency model recap, introduction to transactional memory 1 Example Programs Initially, A = B = 0 P1 P2 A = 1 B = 1 if (B == 0) if (A == 0) critical section
More informationEEC-484/584 Computer Networks
EEC-484/584 Computer Networks Lecture 13 wenbing@ieee.org (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall) Outline 2 Review of lecture 12 Routing Congestion
More informationCAS CS 556. What to expect? Background? Abraham Matta. Advanced Computer Networks. Increase understanding of fundamentals and design tradeoffs
CAS CS 556 Abraham Matta Advanced Computer Networks What to expect? Increase understanding of fundamentals and design tradeoffs Discuss latest developments and research issues Naming & addressing, routing,
More informationFinal Exam Computer Networks Fall 2015 Prof. Cheng-Fu Chou
Final Exam Computer Networks Fall 2015 Prof. Cheng-Fu Chou Question 1: CIDR (10%) You are given a pool of 220.23.16.0/24 IP addresses to assign to hosts and routers in the system drawn below: a) (3%) How
More informationControl plane requirements for wireless and cellular networks based on SDN
Ministry of Education and Science of Ukraine State University of Telecommunications Control plane requirements for wireless and cellular networks based on SDN Pavlo Melnikov, Ph.D. student State University
More informationCS 344/444 Computer Network Fundamentals Final Exam Solutions Spring 2007
CS 344/444 Computer Network Fundamentals Final Exam Solutions Spring 2007 Question 344 Points 444 Points Score 1 10 10 2 10 10 3 20 20 4 20 10 5 20 20 6 20 10 7-20 Total: 100 100 Instructions: 1. Question
More informationDraft Recommendation X.sdnsec-3 Security guideline of Service Function Chain based on software defined network
Draft Recommendation X.sdnsec-3 Security guideline of Service Function Chain based on software defined network Summary This recommendation is to analyze the security threats of the SDN-based Service Function
More informationMODELS OF DISTRIBUTED SYSTEMS
Distributed Systems Fö 2/3-1 Distributed Systems Fö 2/3-2 MODELS OF DISTRIBUTED SYSTEMS Basic Elements 1. Architectural Models 2. Interaction Models Resources in a distributed system are shared between
More informationLecture 17: Router Design
Lecture 17: Router Design CSE 123: Computer Networks Alex C. Snoeren HW 3 due WEDNESDAY Eample courtesy Mike Freedman Lecture 17 Overview BGP relationships Router internals Buffering Scheduling 2 Business
More informationA Global Operating System «from the Things to the Clouds»
GRUPPO TELECOM ITALIA EAI International Conference on Software Defined Wireless Networks and Cognitive Technologies for IoT Rome, 26th October 2015 A Global Operating System «from the Things to the Clouds»
More informationToward a Reliable Data Transport Architecture for Optical Burst-Switched Networks
Toward a Reliable Data Transport Architecture for Optical Burst-Switched Networks Dr. Vinod Vokkarane Assistant Professor, Computer and Information Science Co-Director, Advanced Computer Networks Lab University
More informationFirewall offloading based on SDN and NFV
Chair of Communication Networks Department of Electrical and Computer Engineering Technical University of Munich Firewall offloading based on SDN and NFV ITG 5.2.2/5.2.4 05.12.2016 Raphael Durner r.durner@tum.de
More informationConfiguring attack detection and prevention 1
Contents Configuring attack detection and prevention 1 Overview 1 Attacks that the device can prevent 1 Single-packet attacks 1 Scanning attacks 2 Flood attacks 3 TCP fragment attack 4 Login DoS attack
More informationSecure Access Troubleshooting Rewrite related issues (Core/Web Based Access)
Secure Access Troubleshooting Rewrite related issues (Core/Web Based Access) Published June 2015 Why do certain web-based applications have issues through the rewrite engine compared to accessing the resource
More informationThe Google File System
The Google File System Sanjay Ghemawat, Howard Gobioff and Shun Tak Leung Google* Shivesh Kumar Sharma fl4164@wayne.edu Fall 2015 004395771 Overview Google file system is a scalable distributed file system
More informationChanging the IP Fairness Rule With Flow Management
Changing the IP Fairness Rule With Flow Management Dr. Lawrence Roberts Founder, Chairman, Anagran 1 The Beginning of the Internet ARPANET became the Internet 1965 MIT- 1 st Packet Experiment -Roberts
More informationExtending OpenFlow for Managing Service Insertion and Payload Inspection
Extending OpenFlow for Managing Service Insertion and Payload Inspection Robinson Udechukwu Dr. Rudra Dutta Dept. of, North Carolina State University Outline Big Picture What is OpenFlow Contribution:
More informationSession 8. Reading and Reference. en.wikipedia.org/wiki/list_of_http_headers. en.wikipedia.org/wiki/http_status_codes
Session 8 Deployment Descriptor 1 Reading Reading and Reference en.wikipedia.org/wiki/http Reference http headers en.wikipedia.org/wiki/list_of_http_headers http status codes en.wikipedia.org/wiki/_status_codes
More informationFatTire: Declarative Fault Tolerance for SDN
FatTire: Declarative Fault Tolerance for SDN Mark Reitblatt Marco Canini Arjun Guha Nate Foster (Cornell) (TU Berlin UC Louvain) (Cornell UMass Amherst) (Cornell) 1 In a Perfect World... 2 But in Reality...
More informationProfessor Yashar Ganjali Department of Computer Science University of Toronto
Professor Yashar Ganjali Department of Computer Science University of Toronto yganjali@cs.toronto.edu http://www.cs.toronto.edu/~yganjali Some slides courtesy of J. Rexford (Princeton), N. Foster (Cornell)
More informationSoftware-Defined Networking (Continued)
Software-Defined Networking (Continued) CS640, 2015-04-23 Announcements Assign #5 released due Thursday, May 7 at 11pm Outline Recap SDN Stack Layer 2 Learning Switch Control Application Design Considerations
More informationApplication Delivery Using SDN
Application Delivery Using SDN Project Leader: Subharthi Paul Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu These slides and audio/video recordings are available at: 1 Northbound
More informationCybersecurity was nonexistent for most network data exchanges until around 1994.
1 The Advanced Research Projects Agency Network (ARPANET) started with the Stanford Research Institute (now SRI International) and the University of California, Los Angeles (UCLA) in 1960. In 1970, ARPANET
More informationComputer Networks - Midterm
Computer Networks - Midterm October 28, 2016 Duration: 2h15m This is a closed-book exam Please write your answers on these sheets in a readable way, in English or in French You can use extra sheets if
More informationCOE 431 Computer Networks. Welcome to Exam I Thursday April 02, Instructor: Wissam F. Fawaz
1 COE 431 Computer Networks Welcome to Exam I Thursday April 02, 2015 Instructor: Wissam F. Fawaz Name: Student ID: Instructions: 1. This exam is Closed Book. Please do not forget to write your name and
More informationSimulation of Petri Nets in Rule-Based Expert System Shell McESE
Abstract Simulation of Petri Nets in Rule-Based Expert System Shell McESE F. Franek and I. Bruha Dept of Computer Science and Systems, McMaster University Hamilton, Ont., Canada, L8S4K1 Email: {franya
More informationBIG-IP Network Firewall: Policies and Implementations. Version 13.0
BIG-IP Network Firewall: Policies and Implementations Version 13.0 Table of Contents Table of Contents About the Network Firewall...9 What is the BIG-IP Network Firewall?...9 About firewall modes... 9
More informationDesign and Implementation of Virtual TAP for Software-Defined Networks
Design and Implementation of Virtual TAP for Software-Defined Networks - Master Thesis Defense - Seyeon Jeong Supervisor: Prof. James Won-Ki Hong Dept. of CSE, DPNM Lab., POSTECH, Korea jsy0906@postech.ac.kr
More informationSchool of Engineering Department of Computer and Communication Engineering Semester: Fall Course: CENG415 Communication Networks
School of Engineering Department of Computer and Communication Engineering Semester: Fall 2012 2013 Course: CENG415 Communication Networks Instructors: Mr Houssam Ramlaoui, Dr Majd Ghareeb, Dr Michel Nahas,
More informationQuality of Service Routing. Anunay Tiwari Anirudha Sahoo
Quality of Service Routing Anunay Tiwari Anirudha Sahoo Motivation Real time applications like audio and video conferencing, VoIP requires QoS from the Internet to have satisfactory performance. Internet
More informationCS244 Advanced Topics in Computer Networks Midterm Exam Monday, May 2, 2016 OPEN BOOK, OPEN NOTES, INTERNET OFF
CS244 Advanced Topics in Computer Networks Midterm Exam Monday, May 2, 2016 OPEN BOOK, OPEN NOTES, INTERNET OFF Your Name: Answers SUNet ID: root @stanford.edu In accordance with both the letter and the
More informationIntroduction to Protocols
Chapter 6 Introduction to Protocols 1 Chapter 6 Introduction to Protocols What is a Network Protocol? A protocol is a set of rules that governs the communications between computers on a network. These
More informationLecture 16: Router Design
Lecture 16: Router Design CSE 123: Computer Networks Alex C. Snoeren Eample courtesy Mike Freedman Lecture 16 Overview End-to-end lookup and forwarding example Router internals Buffering Scheduling 2 Example:
More informationMultimedia networking: outline
Multimedia networking: outline 9.1 multimedia networking applications 9.2 streaming stored video 9.3 voice-over-ip 9.4 protocols for real-time conversational applications: SIP Skip RTP, RTCP 9.5 network
More informationNetwork Design and Management. Nixu Ltd.
Network Design and Management Nixu Ltd. Contents Network Design and Management The FCAPS Model High Availability solutions SNMP protocol Nixu Ltd. 2/31 Network Design and Management Network Design and
More informationCS454/654 Midterm Exam Fall 2004
CS454/654 Midterm Exam Fall 2004 (3 November 2004) Question 1: Distributed System Models (18 pts) (a) [4 pts] Explain two benefits of middleware to distributed system programmers, providing an example
More informationPlacement of Web-Server Proxies with Consideration of Read and Update Operations on the Internet
Placement of Web-Server Proxies with Consideration of Read and Update Operations on the Internet Xiaohua Jia, Deying Li, Xiaodong Hu, Weili Wu and Dingzhu Du THE COMPUTER JOURNAL, Vol46, No4, 2003 Placement
More information.BIZ Agreement Appendix 10 Service Level Agreement (SLA) (22 August 2013)
.BIZ Agreement Appendix 10 Service Level Agreement (SLA) (22 August 2013) Registry Operator and ICANN agree to engage in good faith negotiations to replace this Appendix 10 with a Service Level Agreement
More informationDragonWave, Horizon and Avenue are registered trademarks of DragonWave Inc DragonWave Inc. All rights reserved
NOTICE This document contains DragonWave proprietary information. Use, disclosure, copying or distribution of any part of the information contained herein, beyond that for which it was originally furnished,
More information«Computer Science» Requirements for applicants by Innopolis University
«Computer Science» Requirements for applicants by Innopolis University Contents Architecture and Organization... 2 Digital Logic and Digital Systems... 2 Machine Level Representation of Data... 2 Assembly
More informationDeploying the BIG-IP System with Oracle WebLogic Server
Deploying the BIG-IP System with Server Welcome to the F5 and Oracle WebLogic Server deployment guide. F5 provides a highly effective way to optimize and direct traffic for WebLogic Server with the BIG-IP
More informationSERVICE-ORIENTED COMPUTING
THIRD EDITION (REVISED PRINTING) SERVICE-ORIENTED COMPUTING AND WEB SOFTWARE INTEGRATION FROM PRINCIPLES TO DEVELOPMENT YINONG CHEN AND WEI-TEK TSAI ii Table of Contents Preface (This Edition)...xii Preface
More informationA Secure and Dynamic Multi-keyword Ranked Search Scheme over Encrypted Cloud Data
An Efficient Privacy-Preserving Ranked Keyword Search Method Cloud data owners prefer to outsource documents in an encrypted form for the purpose of privacy preserving. Therefore it is essential to develop
More information4. Performance Specifications. 4.1 Goals and intentions of Service Level Agreements and Public Service Monitoring. Goals of Service Level Agreements:
4. Performance Specifications 4.1 Goals and intentions of Service Level Agreements and Public Service Monitoring Goals of Service Level Agreements: Service Level Agreements are set between ICANN and Registry
More informationONOS OVERVIEW. Architecture, Abstractions & Application
ONOS OVERVIEW Architecture, Abstractions & Application WHAT IS ONOS? Open Networking Operating System (ONOS) is an open source SDN network operating system (controller). Mission: to enable Service Providers
More informationConfiguring Advanced Firewall Settings
Configuring Advanced Firewall Settings This section provides advanced firewall settings for configuring detection prevention, dynamic ports, source routed packets, connection selection, and access rule
More information