SDNRacer. Concurrency Analysis for SDNs. Ahmed El-Hassany Jeremie Miserez Pavol Bielik Laurent Vanbever Martin Vechev.
|
|
- Harry Daniel
- 5 years ago
- Views:
Transcription
1 SDNRacer Concurrency Analysis for SDNs Ahmed El-Hassany Jeremie Miserez Pavol Bielik Laurent Vanbever Martin Vechev ETH Zürich April 29 th,
2 Load Balancer Application 2
3 Load Balancer Application Controller load-balancer Internet Host#1 S2 Replica#1 Replica#2 3
4 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer Internet Host#1 S2 Replica#1 Replica#2 4
5 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer read(s1, pkt) Internet Host#1 1 S2 Replica#1 Replica#2 5
6 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer PktIn(s1, pkt) 2 Internet Host#1 1 S2 Replica#1 Replica#2 6
7 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) Select Replica #1 packet_out(pkt,in sw) Controller load-balancer PktIn(s1, pkt) 2 Internet Host#1 1 S2 Replica#1 Replica#2 7
8 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer write(s1, match, out S2) 2 3 Internet Host#1 1 src H1 out S2 S2 Replica#1 Replica#2 8
9 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer write(s2, match, out R1) Host#1 Internet S2 Replica#1 src H1 out S2 src H1 out R1 Replica#2 9
10 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) write(s1, match -1, out Internet) Controller load-balancer Internet Host#1 1 src H1 out S2 dst H1 out I S2 Replica#1 src H1 out R1 Replica#2 10
11 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer write(s2, match -1, out ) Internet Host#1 1 src H1 out S2 dst H1 out I S2 src H1 out R1 dst H1 out Replica#1 Replica#2 11
12 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer PktOut(s1, pkt) Internet Host#1 1 src H1 out S2 dst H1 out I S2 Replica#1 src H1 out R1 dst H1 out Replica#2 12
13 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer Host#1 Internet 1 2 src H1 out S2 dst H1 out I 3 read(s2, pkt) S2 src H1 out R1 dst H1 out Replica#1 Replica#2 13
14 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 What is the result of install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) read(s2, pkt)? Controller load-balancer Host#1 Internet src H1 out S2 dst H1 out I read(s2, pkt) S2 src H1 out R1 dst H1 out Replica#1 Replica#2 14
15 Load Balancer Application Did read(s2, pkt) if dst == server: rep = rep[idx] idx = (idx+1)%2 happened before or install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) after write(s2, match, out R1)? 2 Internet Controller load-balancer write(s2, match, out R1) read(s2, pkt) Host#1 1 src H1 out S2 dst H1 out I S2 Replica#1 src H1 out R1 dst H1 out Replica#2 15
16 Load Balancer Application What if read(s2, pkt) if dst == server: rep = rep[idx] idx = (idx+1)%2 happened before install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) write(s2, match, out R1)? Controller load-balancer Internet read(s2, pkt) Host#1 1 src H1 out S2 dst H1 out I S2 Replica#1 src H1 out R1 dst H1 out Replica#2 16
17 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer PktIn(s2, pkt) Internet Host#1 src H1 out S2 dst H1 out I S2 Replica#1 src H1 out R1 dst H1 out Replica#2 17
18 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) Select Replica #2 packet_out(pkt,in sw) Controller load-balancer PktIn(s2, pkt) Internet Host#1 src H1 out S2 dst H1 out I S2 Replica#1 src H1 out R1 dst H1 out Replica#2 18
19 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer write(s2, match, out ) Internet Host#1 src H1 out S2 dst H1 out I S2 src H1 out R1 dst H1 out src H1 out Replica#1 Replica#2 19
20 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer write(s3, match, out R2) Internet Host#1 src H1 out S2 dst H1 out I src H1 out S2 src H1 out R1 dst H1 out src H1 out Replica#1 Replica#2 src H1 out R2 20
21 Load Balancer Application if dst == server: rep = rep[idx] idx = (idx+1)%2 install_path(src, rep) install_path(rep, src) packet_out(pkt,in sw) Controller load-balancer write(s3, match, out R2) Internet Host#1 src H1 out S2 dst H1 out I src H1 out S2 src H1 out R1 dst H1 out src H1 out Replica#1 Indeterministic Loop! 21 Replica#2 src H1 out R2
22 What is the result of read(s2, pkt)??? 22
23 What is the result of read(s2, pkt)??? Did read(s2, pkt) happened before or after write(s2, match, out R1)? 23
24 What is the result of read(s2, pkt)??? Did read(s2, pkt) happened before or after write(s2, match, out R1)? To ensure correctness read(s2, pkt) must happen after write(s2, match, out R1). 24
25 What is the result of read(s2, pkt)??? Did read(s2, pkt) happened before or after write(s2, match, out R1)? To ensure correctness read(s2, pkt) must happen after write(s2, match, out R1). This is a real bug in Floodlight s Load balancer! 25
26 SDNRacer Detecting Concurrency Violations Filtering false-positives Checking for High level properties Implementation and Evaluation 26
27 SDNRacer Detecting Concurrency Violations Filtering false-positives Checking for High level properties Implementation and Evaluation 27
28 Detecting Concurrency Violations How to model the SDN network? How to capture asynchrony? 28
29 SDN Programs Flow tables are just memory locations. The controller writes and reads to/from memory. Packet reads memory. 29
30 Capturing Asynchrony Identifying the causality between events. 30
31 Happens-Before relation Defines partial ordering for events. a b reads event b happened before event a. HB relation is: Transitive Irreflexive Antisymmetric 31
32 Happens-Before relation A switch sends a PktIn message after reading it. read(s1, pkt) PktIn(s1, pkt) A controller may issue FlowMods after PktIn. PktIn(s1, pkt) write(s1, match, out S2) PktIn(s1, pkt) write(s2, match, out R1) 32
33 Load Balancer Application HB Relations: (1) (2) (2) (3) (2) (5) (2) (6) (2) (7) (2) (8) (8) (9) Host# Internet 1 Controller load-balancer S2 Replica# Replica#
34 Load Balancer Application HB Relations: (1) (2) (2) (3) (2) (5) (2) (6) (2) (7) (2) (8) (8) (9) Host#1 What about events (4) and (9)? Internet 1 Controller load-balancer S2 Replica#1 Replica#2 34
35 Real Example Floodlight Load Balancer Host#1 Replica#1 Host#2 Replica#2 35
36 Real Example Floodlight Load Balancer 30 seconds experiment. Host#1 Replica#1 Host#2 Replica#2 36
37 Real Example Floodlight Load Balancer 30 seconds experiment 822 Write event 476 Read event Host#1 Replica#1 Host#2 Replica#2 37
38 Real Example Floodlight Load Balancer 30 seconds experiment 822 Write event 476 Read event Host#1 Replica#1 703,864 Possible Races!!! Host#2 Replica#2 38
39 SDNRacer Detecting Concurrency Violations Filtering false-positives Checking for High level properties Implementation and Evaluation 39
40 Filtering False-Positives Identifying harmless race conditions. Identifying impossible race conditions due to physical limitations. 40
41 Harmful vs Harmless Non-Overlapping Events read(s1, dst=x) write(s1, dst=y, output port 1) write(s1, dst=z, output port 1) 41
42 Harmful vs Harmless Events with the same net effect write(s1, dst=x, output port 1) write(s1, dst=x, output port 1) 42
43 Real Example Floodlight Load Balancer 30 seconds experiment Host#1 Replica#1 822 Write event 476 Read event 703,864 Possible Races!!! 685,158 Commuting events Host#2 Replica#2 43
44 Real Example Floodlight Load Balancer 30 seconds experiment Host#1 Replica#1 822 Write event 476 Read event 703,864 Possible Races 685,158 Commuting events Host#2 Replica#2 What about the remaining 18,706 events??? 44
45 None feasible races write(s1, pkt, out replica 1) 45
46 None feasible races write(s1, pkt, out replica 1) 46
47 None feasible races write(s1, pkt, out replica 1) read(s1, pkt) 47
48 Real Example Floodlight Load Balancer 30 seconds experiment Host#1 Replica#1 822 Write event 476 Read event 703,864 Possible Races 685,158 Commuting events 16,492 Filtered by time 2214 (0.31%) Remaining 48 Host#2 Replica#2
49 SDNRacer Detecting Concurrency Violations Filtering False-Positives Checking for High level properties Implementation and Evaluation 49
50 Can we leverage low-level race detector to check for high-level properties? 50
51 Network Update A set of write events that together reflects highlevel network-wide policy change. Network updates are either reactive or proactive. 51
52 Network Update Isolation Network updates are isolated if they are serializable. 52
53 Network Update Isolation We check if there is no race between the two updates sets. 53
54 Real Bug: POX L2_Multi 54
55 Packet Coherence A packet is coherent if it is processed entirely using one consistent global network configuration. 55
56 Packet Coherence Check Take note if the first version the packet sees. Check at every switch if the read operations triggered by the packet races with write operations from different version than originally observed. 56
57 Real Bug: POX L2_Multi 57
58 SDNRacer Detecting Concurrency Violations Filtering False-Positives Checking for High level properties Implementation and Evaluation 58
59 Effect of Time-Based Filter Choosing smaller δ filters more races. 59
60 SDNRacer Filters More than 90% of all races are filtered in 89% of the cases 60
61 SDNRacer Runtime In 90% of the cases SDNRacer can analyze the traces in less than 30 seconds. 61
62 Conclusion SDNRacer can: 1. detect concurrency violation 2. detect violations of high-level network properties In short time. 62
BigBug: Practical Concurrency Analysis for SDN
BigBug: Practical Concurrency Analysis for SDN Roman May, Ahmed El-Hassany, Laurent Vanbever, Martin Vechev ETH Zürich ABSTRACT By operating in highly asynchronous environments, SDN controllers often suffer
More informationSDN-based Network Obfuscation. Roland Meier PhD Student ETH Zürich
SDN-based Network Obfuscation Roland Meier PhD Student ETH Zürich This Talk This thesis vs. existing solutions Alice Bob source: Alice destination: Bob Hi Bob, Hi Bob, Payload encryption ǾǼōĦ
More informationEventRacer: Finding Concurrency Errors in Event-Driven Applications. Pavol Bielik
Eventr: Finding Concurrency Errors in Event-Driven Applications Pavol Bielik Android Errors Caused by Concurrency Display article twice 1 Display wrong directory Display wrong order Web Page Errors Caused
More informationSoftware Architecture and Engineering: Part II
Software Architecture and Engineering: Part II ETH Zurich, Spring 2016 Prof. http://www.srl.inf.ethz.ch/ Framework SMT solver Alias Analysis Relational Analysis Assertions Second Project Static Analysis
More informationCrash Course in Applied PL
Crash Course in Applied PL (with applications to Networks) Software Reliability Lab Department of Computer Science ETH Zurich Overview of Applied PL techniques Static Analysis Program Synthesis ibgp, OSPF,
More informationVeriCon: Towards Verifying Controller Programs in SDNs
VeriCon: Towards Verifying Controller Programs in SDNs Thomas Ball, Nikolaj Bjorner, Aaron Gember, Shachar Itzhaky, Aleksandr Karbyshev, Mooly Sagiv, Michael Schapira, Asaf Valadarsky 1 Guaranteeing network
More informationSoftware-Defined Networking (SDN)
EPFL Princeton University 2 5 A p r 12 Software-Defined Networking (SDN) Third-party Enables new functionality through mability 2 1 at the risk of bugs 3 Software Faults Will make communication unreliable
More informationSoftware Defined Networking
CSE343/443 Lehigh University Fall 2015 Software Defined Networking Presenter: Yinzhi Cao Lehigh University Acknowledgement Many materials are borrowed from the following links: https://www.cs.duke.edu/courses/spring13/compsc
More informationSecurify: Practical Security Analysis of Smart Contracts
Securify: Practical Security Analysis of Smart Contracts https://securify.ch Dr. Petar Tsankov Scientific Researcher, ICE center, ETH Zurich Co-founder and Chief Scientist, ChainSecurity AG http://www.ptsankov.com/
More informationSoftware-Defined Networking (Continued)
Software-Defined Networking (Continued) CS640, 2015-04-23 Announcements Assign #5 released due Thursday, May 7 at 11pm Outline Recap SDN Stack Layer 2 Learning Switch Control Application Design Considerations
More informationAttacking the Brain: Races in the SDN Control Plane
Attacking the Brain: Races in the SDN Control Plane Lei Xu, Jeff Huang, and Sungmin Hong, Texas A&M University; Jialong Zhang, IBM Research; Guofei Gu, Texas A&M University https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/xu-lei
More informationUMass Amherst Cornell Princeton
The Frenetic Network Controller Arjun Guha, Nate Foster, Mark Reitblatt, Cole Schlesinger, and others: www.github.com/frenetic- lang/frenetic/contributors UMass Amherst Cornell Princeton 1 networks today
More informationVulcan: Hardware Support for Detecting Sequential Consistency Violations Dynamically
Vulcan: Hardware Support for Detecting Sequential Consistency Violations Dynamically Abdullah Muzahid, Shanxiang Qi, and University of Illinois at Urbana-Champaign http://iacoma.cs.uiuc.edu MICRO December
More informationNetComplete: Practical Network-Wide Configuration Synthesis with Autocompletion. Ahmed El-Hassany Petar Tsankov Laurent Vanbever Martin Vechev
NetComplete: Practical Network-Wide Configuration Synthesis with Autocompletion Ahmed El-Hassany Petar Tsankov Laurent Vanbever Martin Vechev I shouldn t be the one giving this talk Third year PhD student
More informationApplication of SDN: Load Balancing & Traffic Engineering
Application of SDN: Load Balancing & Traffic Engineering Outline 1 OpenFlow-Based Server Load Balancing Gone Wild Introduction OpenFlow Solution Partitioning the Client Traffic Transitioning With Connection
More informationProfessor Yashar Ganjali Department of Computer Science University of Toronto
Professor Yashar Ganjali Department of Computer Science University of Toronto yganjali@cs.toronto.edu http://www.cs.toronto.edu/~yganjali Some slides courtesy of J. Rexford (Princeton), N. Foster (Cornell)
More informationSoftware Defined Networking
Software Defined Networking Jennifer Rexford COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101 http://www.cs.princeton.edu/courses/archive/spr12/cos461/ The Internet: A Remarkable
More informationCS434/534: Topics in Networked (Networking) Systems
CS434/534: Topics in Networked (Networking) Systems High-Level Language for Programmable Networks: A Blackbox Approach Yang (Richard) Yang Computer Science Department Yale University 208A Watson Email:
More informationEnhanced Malware Monitor in SDN using Kinetic Controller
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661,p-ISSN: 2278-8727 PP 46-52 www.iosrjournals.org Enhanced Malware Monitor in SDN using Kinetic Controller Jiphi T S, Simi Krishna K R Department
More informationSDX: A Software Defined Internet Exchange
SDX: A Software Defined Internet Exchange @SIGCOMM 2014 Laurent Vanbever Princeton University FGRE Workshop (Ghent, iminds) July, 8 2014 The Internet is a network of networks, referred to as Autonomous
More informationAbstractions for Model Checking SDN Controllers. Divjyot Sethi, Srinivas Narayana, Prof. Sharad Malik Princeton University
Abstractions for Model Checking SDN s Divjyot Sethi, Srinivas Narayana, Prof. Sharad Malik Princeton University Traditional Networking Swt 1 Swt 2 Talk OSPF, RIP, BGP, etc. Swt 3 Challenges: - Difficult
More informationAn Assertion Language for Debugging SDN Applications
An Assertion Language for Debugging SDN Applications Ryan Beckett, X. Kelvin Zou, Shuyuan Zhang, Sharad Malik, Jennifer Rexford, and David Walker Princeton University {rbeckett, xuanz, shuyuanz, sharad,
More informationProgrammable Networks with Synthesis
Programmable Networks with Synthesis Ahmed ElHassany Petar Tsankov Laurent Vanbever Martin Vechev Network Misconfigurations are Common What Example Makes Network Configuration Hard? Low-level, local router
More informationNetwork Security: Network Flooding. Seungwon Shin GSIS, KAIST
Network Security: Network Flooding Seungwon Shin GSIS, KAIST Detecting Network Flooding Attacks SYN-cookies Proxy based CAPCHA Ingress/Egress filtering Some examples SYN-cookies Background In a TCP 3-way
More informationThinking Architecturally (80 Minutes Inside Scott s Head)
Thinking Architecturally (80 Minutes Inside Scott s Head) EE122 Fall 2012 Scott Shenker http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other
More informationCOCONUT: Seamless Scale-out of Network Elements
COCONUT: Seamless Scale-out of Network Elements Soudeh Ghorbani P. Brighten Godfrey University of Illinois at Urbana-Champaign Simple abstractions Firewall Loadbalancer Router Network operating system
More informationA Serializability Violation Detector for Shared-Memory Server Programs
A Serializability Violation Detector for Shared-Memory Server Programs Min Xu Rastislav Bodík Mark Hill University of Wisconsin Madison University of California, Berkeley Serializability Violation Detector:
More informationMDCC MULTI DATA CENTER CONSISTENCY. amplab. Tim Kraska, Gene Pang, Michael Franklin, Samuel Madden, Alan Fekete
MDCC MULTI DATA CENTER CONSISTENCY Tim Kraska, Gene Pang, Michael Franklin, Samuel Madden, Alan Fekete gpang@cs.berkeley.edu amplab MOTIVATION 2 3 June 2, 200: Rackspace power outage of approximately 0
More informationRAPTOR: Routing Attacks on Privacy in Tor. Yixin Sun. Princeton University. Acknowledgment for Slides. Joint work with
RAPTOR: Routing Attacks on Privacy in Tor Yixin Sun Princeton University Joint work with Annie Edmundson, Laurent Vanbever, Oscar Li, Jennifer Rexford, Mung Chiang, Prateek Mittal Acknowledgment for Slides
More informationExperiences in Realizing Large Robust Software Defined Networks. Ravi Manghirmalani Ramesh Subrahmaniam
Experiences in Realizing Large Robust Software Defined Networks Ravi anghirmalani Ramesh Subrahmaniam Controller Offload SDN mandates a split of control and forwarding plane The control and forwarding
More informationDynamically Detecting and Tolerating IF-Condition Data Races
Dynamically Detecting and Tolerating IF-Condition Data Races Shanxiang Qi (Google), Abdullah Muzahid (University of San Antonio), Wonsun Ahn, Josep Torrellas University of Illinois at Urbana-Champaign
More informationConsistent SDN Flow Migration aided by Optical Circuit Switching. Rafael Lourenço December 2nd, 2016
Consistent SDN Flow Migration aided by Optical Circuit Switching Rafael Lourenço December 2nd, 2016 What is Flow Migration? Installation/update of new rules on [multiple] [asynchronous] SDN switches to
More informationCSE 403: Software Engineering, Fall courses.cs.washington.edu/courses/cse403/16au/ Static Analysis. Emina Torlak
CSE 403: Software Engineering, Fall 2016 courses.cs.washington.edu/courses/cse403/16au/ Static Analysis Emina Torlak emina@cs.washington.edu Outline What is static analysis? How does it work? Free and
More informationSoftware-Defined Networking (SDN) Overview
Reti di Telecomunicazione a.y. 2015-2016 Software-Defined Networking (SDN) Overview Ing. Luca Davoli Ph.D. Student Network Security (NetSec) Laboratory davoli@ce.unipr.it Luca Davoli davoli@ce.unipr.it
More informationToward a Reliable Data Transport Architecture for Optical Burst-Switched Networks
Toward a Reliable Data Transport Architecture for Optical Burst-Switched Networks Dr. Vinod Vokkarane Assistant Professor, Computer and Information Science Co-Director, Advanced Computer Networks Lab University
More informationCommunication Networks
Communication Networks Spring 2018 Laurent Vanbever nsg.ee.ethz.ch ETH Zürich (D-ITET) April 30 2018 Materials inspired from Scott Shenker & Jennifer Rexford Last week on Communication Networks We started
More informationCSC 4900 Computer Networks: Network Layer
CSC 4900 Computer Networks: Network Layer Professor Henry Carter Fall 2017 Chapter 4: Network Layer 4. 1 Introduction 4.2 What s inside a router 4.3 IP: Internet Protocol Datagram format 4.4 Generalized
More informationIntroduction to Problem Solving and Programming in Python.
Introduction to Problem Solving and Programming in Python http://cis-linux1.temple.edu/~tuf80213/courses/temple/cis1051/ Overview Types of errors Testing methods Debugging in Python 2 Errors An error in
More informationCommunication Networks
Communication Networks Prof. Laurent Vanbever Exercises week 6 VLAN, Internet Protocol & Forwarding VLAN The network below consists of 9 switches and hosts in two different VLANs (blue and red). Compute
More informationSoftware Defined Networking Data centre perspective: Open Flow
Software Defined Networking Data centre perspective: Open Flow Seminar: Prof. Timothy Roscoe & Dr. Desislava Dimitrova D. Dimitrova, T. Roscoe 04.03.2016 1 OpenFlow Specification, protocol, architecture
More informationAssignment 5: Software Defined Networking CS640 Spring 2015
Assignment 5: Software Defined Networking CS640 Spring 2015 Due: Thursday, May 7 at 11pm Overview For this project you will implement two control application for a software defined network (SDN). A layer
More informationLanguages for SDN (Frenetic)
Languages for SDN (Frenetic) Software Defined Networking: The Data Centre Perspective Seminar Informatikdienste A. Pantelopoulos 20.05.2016 1 SDN is useful Direct network control. Enables new applications,
More informationAssignment 5. 2 Assignment: Emulate a Data Center and Manage it via a Cloud Network Controller
University of Crete Computer Science Department Lecturer: Prof. Dr. X. Dimitropoulos TAs: Dimitrios Gkounis, George Nomikos Manos Lakiotakis, George Vardakis HY436 - Software Defined Networks Tasks of
More information6.033 Computer System Engineering
MIT OpenCourseWare http://ocw.mit.edu 6.033 Computer System Engineering Spring 2009 For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms. 6.033 Lecture 10:
More informationA framework to evaluate 5G networks for smart and fail-safe communications
A framework to evaluate 5G networks for smart and fail-safe communications in ERTMS/ETCS Roberto Canonico (*), Stefano Marrone (**), Roberto Nardone (*), and Valeria Vittorini (*) (*) Università degli
More informationDistributed Systems. 09. State Machine Replication & Virtual Synchrony. Paul Krzyzanowski. Rutgers University. Fall Paul Krzyzanowski
Distributed Systems 09. State Machine Replication & Virtual Synchrony Paul Krzyzanowski Rutgers University Fall 2016 1 State machine replication 2 State machine replication We want high scalability and
More informationImproving the Internet
Improving the Internet From Fragility to Resilience Laurent Vanbever D-ITET ETH Zürich December, 1st 2015 80 000 80 000 estimated # of Internet hosts in 1990 2.8 billion estimated* # of Internet hosts
More informationLeveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives
Leveraging Test Generation and Specification Mining for Automated Bug Detection without False Positives Michael Pradel and Thomas R. Gross Department of Computer Science ETH Zurich 1 Motivation API usage
More informationConcurrency Analysis of Asynchronous APIs
Concurrency Analysis of Asynchronous APIs Anirudh Santhiar and Aditya Kanade April 2, 2016 Computer Science and Automation, IISc Introduction Asynchronous Programming Model1 A way to organize programs
More informationSoftware-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017
Software-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017 Traditional Ethernet Challenges Plug-and-play Allow all ROOT D D D D Nondeterministic Reactive failover Difficult
More informationA taxonomy of race. D. P. Helmbold, C. E. McDowell. September 28, University of California, Santa Cruz. Santa Cruz, CA
A taxonomy of race conditions. D. P. Helmbold, C. E. McDowell UCSC-CRL-94-34 September 28, 1994 Board of Studies in Computer and Information Sciences University of California, Santa Cruz Santa Cruz, CA
More informationDevoFlow: Scaling Flow Management for High Performance Networks
DevoFlow: Scaling Flow Management for High Performance Networks SDN Seminar David Sidler 08.04.2016 1 Smart, handles everything Controller Control plane Data plane Dump, forward based on rules Existing
More informationComputer Networks. Sándor Laki ELTE-Ericsson Communication Networks Laboratory
Computer Networks Sándor Laki ELTE-Ericsson Communication Networks Laboratory ELTE FI Department Of Information Systems lakis@elte.hu http://lakis.web.elte.hu Based on the slides of Laurent Vanbever. Further
More informationOn the Complexity of Verifying Stateful Networks. A. Panda S. Shenker Y. Velner K. Alpernas A. Rabinovich M. Sagiv
On the Complexity of Verifying Stateful Networks A. Panda S. Shenker Y. Velner K. Alpernas A. Rabinovich M. Sagiv Alice Classical Networking Ted Stevens was right Bob Mallory Trent Networks provide end-to-end
More informationOn the Effectiveness of Route-Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets
Kihong Park Heejo Lee On the Effectiveness of Route-Based Packet Filtering for Distributed DoS Attack Prevention in Power-Law Internets SIGCOMM'01 Presented by WeeSan Lee 10/28/2004
More informationData Plane Monitoring in Segment Routing Networks Faisal Iqbal Cisco Systems Clayton Hassen Bell Canada
Data Plane Monitoring in Segment Routing Networks Faisal Iqbal Cisco Systems (faiqbal@cisco.com) Clayton Hassen Bell Canada (clayton.hassen@bell.ca) Reference Topology & Conventions SR control plane is
More informationDMP Deterministic Shared Memory Multiprocessing
DMP Deterministic Shared Memory Multiprocessing University of Washington Joe Devietti, Brandon Lucia, Luis Ceze, Mark Oskin A multithreaded voting machine 2 thread 0 thread 1 while (more_votes) { load
More informationExercise 1 INTERNET. x.x.x.254. net /24. net /24. x.x.x.33. x.x.x.254. x.x.x.52. x.x.x.254. x.x.x.254. x.x.x.
Exercise 1 Given the IP network below: Assign feasible IP addresses to the interfaces and write down a feasible routing table for routers A and B guaranteeing full connectivity x.x.x.33 x.x.x.254 net 131.175.16.0/24
More informationCOCONUT: Seamless Scale-out of Network Elements
COCONUT: Seamless Scale-out of Network Elements Soudeh Ghorbani and P. Brighten Godfrey University of Illinois at Urbana-Champaign Abstract A key use of software-defined networking is to enable scaleout
More informationBasic vs. Reliable Multicast
Basic vs. Reliable Multicast Basic multicast does not consider process crashes. Reliable multicast does. So far, we considered the basic versions of ordered multicasts. What about the reliable versions?
More informationSDN-enabled Internet Exchange Point
SDN-enabled Internet Exchange Point Muhammad Shahbaz Georgia Tech Internet2 Innovation Award Joint collaboration with: Arpit Gupta, Laurent Vanbever, Hyojoon Kim, Sean Donovan, Russ Clark, Nick Feamster,
More informationSo#ware Defined Networking
The Internet: A Remarkable Story 2! Tremendous success From research experiment to global infrastructure So#ware Defined Networking Brilliance of under- specifying Network: best- effort packet delivery
More informationIntroduction to Software-Defined Networking UG3 Computer Communications & Networks (COMN)
Introduction to Software-Defined Networking UG3 Computer Communications & Networks (COMN) Myungjin Lee myungjin.lee@ed.ac.uk Courtesy note: Slides from course CPS514 Spring 2013 at Duke University and
More informationVerified Secure Routing
Verified Secure Routing David Basin ETH Zurich EPFL, Summer Research Institute June 2017 Team Members Verification Team Information Security David Basin Tobias Klenze Ralf Sasse Christoph Sprenger Thilo
More informationRemote Procedure Call. Tom Anderson
Remote Procedure Call Tom Anderson Why Are Distributed Systems Hard? Asynchrony Different nodes run at different speeds Messages can be unpredictably, arbitrarily delayed Failures (partial and ambiguous)
More informationCS434/534: Topics in Networked (Networking) Systems
CS434/534: Topics in Networked (Networking) Systems High-Level Programming for Programmable Networks Yang (Richard) Yang Computer Science Department Yale University 208A Watson Email: yry@cs.yale.edu http://zoo.cs.yale.edu/classes/cs434/
More information2 5 A p r 12. Princeton University
EPFL 2 5 A p r 12 Princeton University So8ware-Defined Networking (SDN) Third-party program Enables new funchonality through programmability 2 at the risk of bugs 3 So8ware Faults Will make communicahon
More informationFault Tolerance. Goals: transparent: mask (i.e., completely recover from) all failures, or predictable: exhibit a well defined failure behavior
Fault Tolerance Causes of failure: process failure machine failure network failure Goals: transparent: mask (i.e., completely recover from) all failures, or predictable: exhibit a well defined failure
More informationSymbolic Execution, Dynamic Analysis
Symbolic Execution, Dynamic Analysis http://d3s.mff.cuni.cz Pavel Parízek CHARLES UNIVERSITY IN PRAGUE faculty of mathematics and physics Symbolic execution Pavel Parízek Symbolic Execution, Dynamic Analysis
More informationSoftRing: Taming the Reactive Model for Software Defined Networks
SoftRing: Taming the Reactive Model for Software Defined Networks Chengchen Hu, Kaiyu Hou, Hao Li, Ruilong Wang Peng Zheng, Peng Zhang, Huanzhao Wang MOE KLINNS Lab Xi an Jiaotong University Match-Action
More informationPrecise and Maximal Race Detection from Incomplete Traces
Precise and Maximal Race Detection from Incomplete Traces Jeff Huang Texas A&M University, USA jeff@cse.tamu.edu Arun K. Rajagopalan Texas A&M University, USA arunxls@tamu.edu Abstract We present RDIT,
More informationIntro to Proving Absence of Errors in C/C++ Code
Intro to Proving Absence of Errors in C/C++ Code Develop high quality embedded software Kristian Lindqvist Senior Pilot Engineer MathWorks 2016 The MathWorks, Inc. 1 The Cost of Failure Ariane 5: Overflow
More informationSoftware Defined Networking
Software Defined Networking Daniel Zappala CS 460 Computer Networking Brigham Young University Proliferation of Middleboxes 2/16 a router that manipulatees traffic rather than just forwarding it NAT rewrite
More informationReview of last lecture. Peer Quiz. DPHPC Overview. Goals of this lecture. Lock-based queue
Review of last lecture Design of Parallel and High-Performance Computing Fall 2016 Lecture: Linearizability Motivational video: https://www.youtube.com/watch?v=qx2driqxnbs Instructor: Torsten Hoefler &
More informationUsing SDN and NFV to Realize a Scalable and Resilient Omni-Present Firewall
Institute of Computer Science Chair of Communication Networks Prof. Dr.-Ing. P. Tran-Gia Using SDN and NFV to Realize a Scalable and Resilient Omni-Present Firewall comnet.informatik.uni-wuerzburg.de SarDiNe
More informationLight64: Ligh support for data ra. Darko Marinov, Josep Torrellas. a.cs.uiuc.edu
: Ligh htweight hardware support for data ra ce detection ec during systematic testing Adrian Nistor, Darko Marinov, Josep Torrellas University of Illinois, Urbana Champaign http://iacoma a.cs.uiuc.edu
More informationChapter 5 Network Layer: The Control Plane
Chapter 5 Network Layer: The Control Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you
More informationMonitoring and Threat Detection
Monitoring and Threat Detection with Netflow Michael Belan Consulting Systems Engineer Cisco GSSO January 2017 AGENDA What is SW? Where does it fit in overall Cisco Security framework? What is SW? What
More informationRule Caching in Software- Define Networkings. Supervisor: Prof Weifa Liang Student: Zhenge Jia, u Date of presentation: 24 th May 2016
Rule Caching in Software- Define Networkings Supervisor: Prof Weifa Liang Student: Zhenge Jia, u5433077 Date of presentation: 24 th May 2016 Background Related Work System Model CONTENT Wildcard Rule Caching
More informationBringing SDN to the Internet, one exchange point at the time
Bringing SDN to the Internet, one exchange point at the time Joint work with: Arpit Gupta, Muhammad Shahbaz, Sean P. Donovan, Russ Clark, Brandon Schlinker, E. Katz-Bassett, Nick Feamster, Jennifer Rexford
More informationand controller independence with NetIDE
Supporting composed SDN applications and controller independence with NetIDE Alec Leckey Intel Labs SDN Application Development Java Python C/C++ Javascript Beacon Iris Pox Nox NodeFlow Jaxon Floodlight
More informationToday CSCI Data Replication. Example: Distributed Shared Memory. Data Replication. Data Consistency. Instructor: Abhishek Chandra
Today CSCI 5105 Data Replication Examples and Issues Data Consistency Consistency Models Instructor: Abhishek Chandra 2 Data Replication Using multiple copies of same data Why do we need data replication?
More informationSoftware Defined Networking Security: Security for SDN and Security with SDN. Seungwon Shin Texas A&M University
Software Defined Networking Security: Security for SDN and Security with SDN Seungwon Shin Texas A&M University Contents SDN Basic Operation SDN Security Issues SDN Operation L2 Forwarding application
More informationChapter 11 - Data Replication Middleware
Prof. Dr.-Ing. Stefan Deßloch AG Heterogene Informationssysteme Geb. 36, Raum 329 Tel. 0631/205 3275 dessloch@informatik.uni-kl.de Chapter 11 - Data Replication Middleware Motivation Replication: controlled
More informationDo you have to reproduce the bug on the first replay attempt?
Do you have to reproduce the bug on the first replay attempt? PRES: Probabilistic Replay with Execution Sketching on Multiprocessors Soyeon Park, Yuanyuan Zhou University of California, San Diego Weiwei
More informationPerformance and Security Evaluation of SDN Networks in OMNeT++/INET. Marco Tiloca, Alexandra Stagkopoulou, Gianluca Dini
Performance and Security Evaluation of SDN Networks in OMNeT++/INET Marco Tiloca, Alexandra Stagkopoulou, Gianluca Dini Software Defined Networking - Overview Key concepts Separation of Control plane and
More informationNetCP: Consistent, Non-interruptive and Efficient Checkpointing and Rollback of SDN
NetCP: Consistent, Non-interruptive and Efficient Checkpointing and Rollback of SDN Ye Yu University of Kentucky Chen Qian University of California Santa Cruz Wenfei Wu Tsinghua University Ying Zhang Facebook
More informationTable of Contents 1 ARP Configuration Guide 1-1
Table of Contents 1 ARP Configuration Guide 1-1 Configuring ARP Basics 1-1 Network Diagram 1-1 Networking and Configuration Requirements 1-1 Applicable Product Matrix 1-1 Configuration Procedure 1-1 Complete
More informationPractical Network-wide Packet Behavior Identification by AP Classifier
Practical Network-wide Packet Behavior Identification by AP Classifier NETWORK-WIDE PACKET BEHAVIOR IDENTIFICATION o An control plane application identifying forwarding behaviors of packets in a flow:
More informationFault Tolerance Causes of failure: process failure machine failure network failure Goals: transparent: mask (i.e., completely recover from) all
Fault Tolerance Causes of failure: process failure machine failure network failure Goals: transparent: mask (i.e., completely recover from) all failures or predictable: exhibit a well defined failure behavior
More informationVeriFlow: Verifying Network-Wide Invariants in Real Time
VeriFlow: Verifying Network-Wide Invariants in Real Time Ahmed Khurshid, Xuan Zou, Wenxuan Zhou, Matthew Caesar, P. Brighten Godfrey University of Illinois at Urbana-Champaign {khurshi1, xuanzou2, wzhou10,
More informationNetwork Programming Languages. Nate Foster
Network Programming Languages Nate Foster We are at the start of a revolution! Network architectures are being opened up giving programmers the freedom to tailor their behavior to suit applications!
More informationThe Java Memory Model
Jeremy Manson 1, William Pugh 1, and Sarita Adve 2 1 University of Maryland 2 University of Illinois at Urbana-Champaign Presented by John Fisher-Ogden November 22, 2005 Outline Introduction Sequential
More informationProgramming Network Policies by Examples: Platform, Abstraction and User Studies
Programming Network Policies by Examples: Platform, Abstraction and User Studies Boon Thau Loo University of Pennsylvania NetPL workshop @ SIGCOMM 2017 Joint work with Yifei Yuan, Dong Lin, Siri Anil,
More informationLeveraging SDN for Collaborative DDoS Mitigation
Leveraging SDN for Collaborative DDoS Mitigation Sufian Hameed, Hassan Ahmed Khan IT Security Labs National University of Computer and Emerging Sciences, Pakistan Introduction The legacy of DDoS continues
More informationXen*, SDN and Apache Cloudstack. Sebastien Goasguen, Apache CloudStack Citrix EMEA August 28 th 2012 Xen Summit
Xen*, SDN and Apache Cloudstack Sebastien Goasguen, Apache CloudStack Citrix EMEA August 28 th 2012 Xen Summit Outline A bit about CloudStack A bit about SDN A bit about OpenVswitch Some bits about SDN
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Network Layer ICMP (5.6), Network Management(5.7) & SDN (5.1, 5.5, 4.4) Prof. Lina Battestilli Fall 2017 Outline 5.6 ICMP: The Internet Control Message
More informationPart 5: Total Order Broadcast
Dependable Distributed Systems 2 Part 5: Total Order Broadcast Prof Dr. Felix Freiling (based on slides by Rachid Guerraoui, EPFL) Looking Back Asynchronous system model with reliable channels best-effort/reliable/uniform
More informationAdvanced Computer Networks. End Host Optimization
Oriana Riva, Department of Computer Science ETH Zürich 263 3501 00 End Host Optimization Patrick Stuedi Spring Semester 2017 1 Today End-host optimizations: NUMA-aware networking Kernel-bypass Remote Direct
More informationChapter 4 Network Layer: The Data Plane
Chapter 4 Network Layer: The Data Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see
More information