CS 5114 Network Programming Languages Data Plane. Nate Foster Cornell University Spring 2013

Similar documents
Programmable Software Switches. Lecture 11, Computer Networks (198:552)

Lecture 3: Packet Forwarding

CSC358 Week 6. Adapted from slides by J.F. Kurose and K. W. Ross. All material copyright J.F Kurose and K.W. Ross, All Rights Reserved

CSC 4900 Computer Networks: Network Layer

COMP211 Chapter 4 Network Layer: The Data Plane

Chapter 4 Network Layer: The Data Plane

Lecture 24: Scheduling and QoS

CS 5114 Network Programming Languages Control Plane. Nate Foster Cornell University Spring 2013

Chapter 4 Network Layer: The Data Plane

Generic Architecture. EECS 122: Introduction to Computer Networks Switch and Router Architectures. Shared Memory (1 st Generation) Today s Lecture

EECS 122: Introduction to Computer Networks Switch and Router Architectures. Today s Lecture

Chapter 4 Network Layer: The Data Plane

Software Defined Networking

Lecture Outline. Bag of Tricks

Chapter 4: network layer. Network service model. Two key network-layer functions. Network layer. Input port functions. Router architecture overview

Software-Defined Networking (Continued)

CSE398: Network Systems Design

Overview Computer Networking What is QoS? Queuing discipline and scheduling. Traffic Enforcement. Integrated services

Lecture 16: Network Layer Overview, Internet Protocol

Decision Forest: A Scalable Architecture for Flexible Flow Matching on FPGA

Principles. IP QoS DiffServ. Agenda. Principles. L74 - IP QoS Differentiated Services Model. L74 - IP QoS Differentiated Services Model

Configuring ACLs. ACL overview. ACL categories. ACL numbering and naming

Modular Quality of Service Overview on Cisco IOS XR Software

H3C S9500 QoS Technology White Paper

Network Support for Multimedia

b. Suppose the two packets are to be forwarded to two different output ports. Is it

Network Virtualization and Data Center Networks Introduction

Network Layer: Chapter 4. The Data Plane. Computer Networking: A Top Down Approach

Quality of Service (QoS)

Resource allocation in networks. Resource Allocation in Networks. Resource allocation

Chapter 4 Network Layer: The Data Plane

Chapter 4 Network Layer: The Data Plane

Differentiated Services

Routers. Session 12 INST 346 Technologies, Infrastructure and Architecture

Quality of Service. Understanding Quality of Service

EC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane

Computer Network Fundamentals Spring Week 4 Network Layer Andreas Terzis

Network Layer: Data Plane 4-2

CSE 123b Communications Software

NETWORK LAYER DATA PLANE

Configuring QoS CHAPTER

Network Layer. IP Protocol Stack: Key AbstracHons. Best- Effort Global Packet Delivery. Circuit Switching (e.g., Phone Network)

Lecture 8. Network Layer (cont d) Network Layer 1-1

Software Defined Networking

Chapter 4 Network Layer: The Data Plane

Network Layer: Control/data plane, addressing, routers

On Distributed Communications, Rand Report RM-3420-PR, Paul Baran, August 1964

EE 122: Differentiated Services

Lecture 3: Packet Forwarding

Real-Time Protocol (RTP)

Slicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)

internet technologies and standards

Firewalls. Firewall. means of protecting a local system or network of systems from network-based security threats creates a perimeter of defense

of-service Support on the Internet

CSE/EE 461 Lecture 13 Connections and Fragmentation. TCP Connection Management

Before configuring standard QoS, you must have a thorough understanding of these items: Standard QoS concepts.

Professor Yashar Ganjali Department of Computer Science University of Toronto

Lecture 2: Basic routing, ARP, and basic IP

Topics for Today. Network Layer. Readings. Introduction Addressing Address Resolution. Sections 5.1,

Introduction to Computer Networking. Guy Leduc. Chapter 4 Network Layer: The Data Plane. Chapter 4: Network Layer Data Plane

HP 5920 & 5900 Switch Series

Topic 4a Router Operation and Scheduling. Ch4: Network Layer: The Data Plane. Computer Networking: A Top Down Approach

QoS Configuration. Overview. Introduction to QoS. QoS Policy. Class. Traffic behavior

Software Defined Networking

EEC-484/584 Computer Networks

Unit 2 Packet Switching Networks - II

The Network Layer Forwarding Tables and Switching Fabric

Chapter 5 Network Layer: The Control Plane

Chapter 4 Network Layer: The Data Plane

CSC 401 Data and Computer Communications Networks

CSCD 433/533 Advanced Networks Spring Lecture 22 Quality of Service

CS 4226: Internet Architecture

Understanding How Routing Updates and Layer 2 Control Packets Are Queued on an Interface with a QoS Service Policy

Network Processors. Nevin Heintze Agere Systems

CSCE 463/612 Networks and Distributed Processing Spring 2018

Quality of Service in the Internet

CSCE 463/612 Networks and Distributed Processing Spring 2018

Topics. TCP sliding window protocol TCP PUSH flag TCP slow start Bulk data throughput

Networking Potpourri: Plug-n-Play, Next Gen

Advanced Computer Networks

Internet Technology 3/23/2016

Grandstream Networks, Inc. GWN7000 QoS - VoIP Traffic Management

Lecture 21. Reminders: Homework 6 due today, Programming Project 4 due on Thursday Questions? Current event: BGP router glitch on Nov.

Week 7: Traffic Models and QoS

Lecture 17: Network Layer Addressing, Control Plane, and Routing

ECE 158A: Lecture 7. Fall 2015

Computer Networks. ENGG st Semester, 2010 Hayden Kwok-Hay So

Contents. QoS overview 1

IP Access List Overview

CS 43: Computer Networks. 20: The Network Layer November 5, 2018

Queuing Mechanisms. Overview. Objectives

ip rsvp reservation-host

Configuring OpenFlow 1

CSC 401 Data and Computer Communications Networks

HP 3100 v2 Switch Series

Quality of Service Monitoring and Delivery Part 01. ICT Technical Update Module

HP 3600 v2 Switch Series

Announcements. IP Forwarding & Transport Protocols. Goals of Today s Lecture. Are 32-bit Addresses Enough? Summary of IP Addressing.

Quality of Service in the Internet. QoS Parameters. Keeping the QoS. Leaky Bucket Algorithm

Presentation Outline. Evolution of QoS Architectures. Quality of Service Monitoring and Delivery Part 01. ICT Technical Update Module

Transcription:

CS 5114 Network Programming Languages Data Plane http://www.flickr.com/photos/rofi/2097239111/ Nate Foster Cornell University Spring 2013 Based on lecture notes by Jennifer Rexford and Michael Freedman

Announcements Overview Last lecture today Start with SDNs on Tuesday Homework #1 Goes out next Tuesday Due two weeks later Topic: OpenFlow programming

Data Plane Streaming algorithms that act on packets Matching on some bits, taking a simple action at behest of control and management plane Wide range of functionality Forwarding Access control Mapping header fields Traffic monitoring Buffering and marking Shaping and scheduling Deep packet inspection

Packet Forwarding

Packet Forwarding Control plane computes a forwarding table Maps destination address(es) to an output link Handling an incoming packet Match: destination address Action: direct the packet to the chosen output link Switching fabric Directs packet from input link to output link Processor Switching Fabric

Switch: Match on Destination MAC MAC addresses are location independent Assigned by the vendor of the interface card Cannot be aggregated across hosts in the LAN mac1 mac2 mac3 host host... host mac1 mac2 host mac5 switch host mac4 mac3 mac4 mac5 Implemented using a hash table or a content addressable memory.

IP Routers: Match on IP Prefix IP addresses grouped into common subnets Allocated by ICANN, regional registries, ISPs, and within individual organizations Variable-length prefix identified by a mask length 1.2.3.4 1.2.3.7 1.2.3.156 5.6.7.8 5.6.7.9 5.6.7.212 host host... host host host... host LAN 1 router router router WAN WAN LAN 2 1.2.3.0/24 5.6.7.0/24 forwarding table Prefixes may be nested. Routers identify the longest matching prefix.

Switch Fabric: From Input to Output Data Hdr Header Processing Lookup Address Update Header 1 1 Queue Packet Address Table Buffer Memory Data Hdr Header Processing Lookup Address Update Header 2 2 Queue Packet Address Table Buffer Memory Data Hdr Header Processing Lookup Address Update Header N N Queue Packet Address Table Buffer Memory

Access Control

Access Control: Packet Filtering 5-tuple for access control lists (ACLs) Source and destination IP addresses TCP/UDP source and destination ports Protocol (e.g., UDP vs. TCP) Can be more sophisticated E.g., block all TCP SYN packets from outside hosts Should arriving packet be allowed in? Departing packet let out?

Applying Access Control Lists Ordered list of accept/deny clauses Clauses can have wild cards Clauses can overlap so order matters Packet classification Given all of the fields identify the match with the highest priority Approaches Src=1.2.3.4, Dest=5.6.7.8 Dest=1.2.3.* Dest=1.2.3.8, Dport!=53 Src=1.2.3.7, Dport=100 Dport=100 Deny Allow Deny Allow Deny Clever algorithms for multi-dimensional classification Ternary Content Addressable Memories (TCAMs)

Mapping Header Fields

Network Address Translation (NAT) 10.0.0.1 138.76.29.7 NAT outside 13 10.0.0.2 inside

Mapping Addresses and Ports Remap IP addresses and TCP/UDP port numbers Addresses: between end-host and NAT addresses Port numbers: to ensure each connection is unique Create table entries as packets arrive Src 10.0.0.1, SPort 1024, Dest 1.2.3.4, DPort 80 Map to Src 138.76.29.7, Sport 1024, Dest 1.2.3.4, Dport 80 Src 10.0.0.2, SPort 1024, Dest 1.2.3.4, DPort 80 Map to Src 138.76.29.7, Sport 1025, Dest 1.2.3.4, Dport 80 Challenges When do we remove entries? How do we run services behind a NAT? What if both ends of a connection are behind NATs

Traffic Monitoring

Observing Traffic Passing Through source dest input output source prefix source AS intermediate AS dest prefix dest AS Applications of traffic measurement Usage-based billing Network engineering Detecting anomalous or malicious traffic

Passive Traffic Monitoring Counting the traffic Match based on fields in the packet header and update a counter of # bytes and # packets Examples Link IP prefixes TCP/UDP ports Individual flows Challenges Identify traffic aggregates in advance vs. reactively Summarizing other information (e.g., time, TCP flags) Not knowing if you see all packets in a connection Dest Prefix # Packets # Bytes 1.2.3.0/24 3 1500 7.8.0.0/16 10 13000 8.0.0.0/8 100 85020 7.7.6.0/23 1 40

Resource Allocation

Buffering Drop-tail FIFO queue Packets served in the order they arrive and dropped if queue is full Random Early Detection (RED) When the buffer is nearly full drop or mark some packets to signal congestion Multiple classes of traffic Separate FIFO queue for each flow or traffic class with a link scheduler to arbitrate between them

Link Scheduling Strict priority Assign an explicit rank to the queues and serve the highest-priority backlogged queue Weighted fair scheduling Interleave packets from different queues in proportion to weights 50% red, 25% blue, 25% green

Traffic Shaping Force traffic to conform with a profile To avoid congesting downstream resources To enforce a contract with the customer Leaky-bucket shaping Can send at rate r and intermittently burst Parameters: token rate r and bucket depth d Tokens arrive (rate r) Max # of tokens (d tokens) packets tokens A leaky-bucket shaper for each flow or traffic class

Traffic Classification and Marking Mark a packet to influence handling downstream Explicit Congestion Notification (ECN) flag Type-of-Service (ToS) bits Ways to set the ToS bits End host sets the bits based on the application But, then the network must trust (or bill!) the end host Network sets the bits based on traffic classes But, then the network needs to know how to classify packets Identifying traffic classes Packet classification based on the five tuple Rate limits, with separate mark for out of profile traffic

Generalizing the Data Plane

Many Boxes, But Similar Functions Router Forward on destination IP address Access control on 5-tuples Link scheduling and marking Monitoring traffic Deep packet inspection Switch Forward on destination MAC address Firewall Access control on five tuple (and more) NAT Mapping addresses and port numbers Shaper Classify packets Shape or schedule Packet sniffer Monitoring traffic

Match Match on a subset of bits in the packet header E.g., key header fields (addresses, port numbers, etc.) Well-suited to capitalize on TCAM hardware Action Perform a simple action on the matching packet E.g., forward, flood, drop, rewrite, count, etc. Controller Software that installs rules and reads counts... and handles packets the switch cannot handle 25

Programmable Data Plane Programmable data plane Arbitrary customized packet-handling functionality Building a new data plane, or extending existing one Speed is important Data plane in hardware or in the kernel Streaming algorithms the handle packets as they arrive Two open platforms Click: software data plane in user space or the kernel NetFPGA: hardware data plane based on FPGAs Lots of ongoing research activity

Click Modular Router (backup slides) 27

Click Motivation Flexibility Add new features and enable experimentation Openness Allow users/researchers to build and extend (In contrast to most commercial routers) Modularity Simplify the composition of existing features Simplify the addition of new features Speed/efficiency Operation (optionally) in the operating system Without the user needing to grapple with OS internals 28

Router as a Graph of Elements Large number of small elements Each performing a simple packet function E.g., IP look-up, TTL decrement, buffering Connected together in a graph Elements inputs/outputs snapped together Beyond elements in series to a graph E.g., packet duplication or classification Packet flow as main organizational primitive Consistent with data-plane operations on a router (Larger elements needed for, say, control planes) 29

Click Elements: Push vs. Pull Packet hand-off between elements Directly inspired by properties of routers Annotations on packets to carry temporary state Push processing Initiated by the source end E.g., when an unsolicited packet arrives (e.g., from a device) Pull processing Initiated by the destination end E.g., to control timing of packet processing (e.g., based on a timer or packet scheduler) 30

Click Language Declarations Create elements Connections Connect elements Compound elements src :: FromDevice(eth0); ctr :: Counter; sink :: Discard; src -> ctr; ctr -> sink; Combine multiple smaller elements, and treat as single, new element to use as a primitive class Language extensions through element classes Configuration strings for individual elements Rather than syntactic extensions to the language 31

Handlers and Control Socket Access points for user interaction Appear like files in a file system Can have both read and write handlers Examples Installing/removing forwarding-table entries Reporting measurement statistics Changing a maximum queue length Control socket Allows other programs to call read/write handlers Command sent as single line of text to the server http://read.cs.ucla.edu/click/elements/controlsocket?s=llrpc 32

Example: EtherSwitch Element Ethernet switch Expects and produces Ethernet frames Each input/output pair of ports is a LAN Learning and forwarding switch among these LANs Element properties Ports: any # of inputs, and same # of outputs Processing: push Element handlers Table (read-only): returns port association table Timeout (read/write): returns/sets TIMEOUT http://read.cs.ucla.edu/click/elements/etherswitch 33

An Observation Click is widely used And the paper on Click is widely cited Click elements are created by others Enabling an ecosystem of innovation Take-away lesson Creating useful systems that others can use and extend has big impact in the research community And brings tremendous professional value Compensating amply for the time and energy J 34

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback