challenges in distributed sdn
play

Challenges in Distributed SDN Duarte Nunes duarte@midokura.com - PowerPoint PPT Presentation

Sep 17, 2023 •178 likes •558 views

Challenges in Distributed SDN Duarte Nunes duarte@midokura.com @duarte_nunes MidoNet transform this... IP Fabric VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Bare Metal Server VM VM VM VM VM VM VM

  1. Challenges in Distributed SDN Duarte Nunes duarte@midokura.com @duarte_nunes

  2. MidoNet transform this... IP Fabric VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Bare Metal Server VM VM VM VM VM VM VM VM Bare Metal Server VM VM VM VM

  3. VM VM VM VM VM ...into this... Internet/ VM VM FW WAN FW VM VM VM VM FW VM VM VM VM VM VM VM VM VM LB VM VM VM VM VM VM Bare Metal Bare Metal VM LB Server Server VM VM VM VM VM

  4. VM VM VM VM VM Packet processing Internet/ VM VM FW WAN FW VM VM VM VM FW VM VM VM VM VM VM VM VM VM LB VM VM VM VM VM VM Bare Metal Bare Metal VM LB Server Server VM VM VM VM VM

  5. Physical view Internet/ WAN IP Fabric IP Fabric IP Fabric midonet VM VM VM VM VM VM VM VM midonet gateway nsdb 1 VM VM VM VM VM VM VM VM 1 midonet VM VM VM VM midonet Bare Metal gateway nsdb 2 Server VM VM VM VM 2 midonet VM VM VM VM midonet Bare Metal gateway nsdb 3 Server VM VM VM VM 3

  6. MidoNet ● Fully distributed architecture ● All traffic processed at the edges, i.e., where it ingresses the physical network ○ virtual devices become distributed ○ a packet can traverse a particular virtual device at any host in the cloud ○ distributed virtual bridges, routers, NATs, FWs, LBs, etc. ● No SPOF ● No middle boxes ● Horizontally scalable L2 and L3 Gateways

  7. MidoNet Hosts IP Fabric Internet/WAN IP1 IP3 eth0 eth0 eth1 VXLAN VXLAN port1 port2 Tunnel Port Tunnel Port OVS kmod OVS kmod port3, veth0 port5, tap12345 VM VM VM VM Quagga, veth1 bgpd VM VM VM VM MidoNet Agent MidoNet Agent (Java Daemon) (Java Daemon) Compute 1 Gateway 1

  8. Flow computation and tunneling ● Flows are computed at the ingress host ○ by simulating a packet’s path through the virtual topology ○ without fetching any information off-box (~99% of the time) ● Just-in-time flow computation ● If the egress port is on a different host, then the packet is tunneled ○ the tunnel key encodes the egress port ○ no computation is needed at the egress

  9. Virtual Devices

  10. Device state ● ZooKeeper serves the virtual network topology ○ reliable subscription to topology changes ● Agents fetch, cache, and “watch” virtual devices on-demand to process packets ● Packets naturally traverse the same virtual device at different hosts ● This affects device state: ○ a virtual bridge learns a MAC-port mapping a host and needs to read it in other hosts ○ a virtual router emits an ARP request out of one host and receives the reply on another host ● Store device state tables (ARP, MAC-learning, routes) in ZooKeeper ○ interested agents subscribe to tables to get updates ○ the owner of an entry manages its lifecycle ○ use ZK Ephemeral nodes so entries go away if a host fails

  11. ARP Table VM VM ARP Table IP Fabric VM VM

  12. ARP Table VM VM ARP Table IP Fabric VM VM

  13. ARP Table VM VM ARP Table IP Fabric VM VM Encapsulated ARP request

  14. ARP Table VM VM ARP ARP reply handled Table ZK notification locally and written to ZK IP Fabric VM VM

  15. ARP Table VM VM ARP Table IP Fabric VM VM Encapsulated packet

  16. Flow State

  17. Flow state ● Per-flow L4 state, e.g. connection tracking or NAT ● Forward and return flows are typically handled by different hosts ○ thus, they need to share state

  18. Virtual NAT Internet/ Internet/ WAN WAN 180.0.1.100:80 Return flow NIC LB 10.0.0.2:6456 Forward flow VM VM VM 10.0.0.2

  19. Asymmetric routing Internet/ WAN NIC NIC NIC LB VM VM

  20. Asymmetric routing Internet/ WAN NIC NIC NIC LB Forward flow VM VM

  21. Asymmetric routing Internet/ WAN NIC NIC NIC LB Return flow VM VM

  22. Asymmetric routing Internet/ WAN NIC NIC NIC LB Return flow VM VM

  23. Flow state ● Connection tracking ○ Key: 5 tuple + ingress device UUID ○ Value: NA ○ Forward state not needed ○ One flow state entry per flow ● NAT ○ Key: 5 tuple + device UUID under which NAT was performed ○ Value: (IP, port) binding ○ Possibly multiple flow state entries per flow ● Key must always be derivable from the packet

  24. Sharing state - Peer-to-peer handoff Node 3 Node 4 (possible (possible asym. asym. fwd. path) ret. path) 3. Replicate the flow state to interested set Node 1 Node 2 1. New flow arrives 4. Tunnel the packet 5. Deliver the packet 2. Check or create local state

  25. Sharing state - Peer-to-peer handoff Node 3 Node 4 (possible (possible asym. asym. fwd. path) ret. path) Node 1 Node 2 4. Deliver the packet 3. Tunnel the packet 1. Return flow arrives 2. Lookup local state

  26. Sharing state - Peer-to-peer handoff 2. Lookup local state Node 3 Node 4 (possible (possible asym. asym. 1. Exiting flow fwd. path) 3. Tunnel the packet ret. path) arrives at different node Node 1 Node 2 4. Deliver the packet

  27. Sharing state - Peer-to-peer handoff ● No added latency ● Fire-and-forget or reliable? ● How often to retry? ● Delay tunneling the packets until the flow state has propagated or accept the risk of the return flow being computed without the flow state?

  28. SNAT block Internet/ Internet/ reservation WAN WAN dst: 216.58.210.164:80 NIC 180.0.1.100:9043 10.0.0.2:6456 VM VM VM VM 10.0.0.2

  29. SNAT block Internet/ Internet/ reservation WAN WAN dst: 216.58.210.164:80 NAT Target: (start_ip..end_ip, start_port..end_port) NIC e.g. 180.0.1.100..180.0.1.100 180.0.1.100:9043 5000..65535 10.0.0.2:6456 VM VM VM VM 10.0.0.2

  30. SNAT block Internet/ Internet/ reservation WAN WAN dst: 216.58.210.164:80 180.0.1.100:9044 NIC 180.0.1.100:9043 10.0.0.1:7182 10.0.0.2:6456 VM VM VM VM 10.0.0.2 10.0.0.1

  31. SNAT block Internet/ Internet/ reservation WAN WAN dst: 216.58.210.164:80 180.0.1.100:? NIC 180.0.1.100:9043 10.0.0.1:7182 VM 10.0.0.2:6456 VM VM VM 10.0.0.2 10.0.0.1

  32. SNAT block reservation ● Performed through ZooKeeper ● /nat/{device_id}/{ip}/{block_idx} ● 64 ports per block, 1024 total blocks ● LRU based allocation ● Blocks are referenced by flow state

  33. Thank you! Q&A

  34. Low-level

  35. Flow Inside the Agent Flow Flow table Flow table table table Flow Virtual Flow Backchannel Backchannel Flow state Backchannel Flow Backchannel state Topology state state ARP ARP ARP broker ARP broker broker broker CPU CPU CPU CPU Simulation User Upcall Output Kernel Datapath

  36. Performance ● Sharding ○ Share nothing model ○ Each simulation thread is responsible for a subset of the installed flows ○ Each simulation thread is responsible for a subset of the flow state ○ Each thread ARPs individually ○ Communication by message passing through “backchannels” ● Run to completion model ○ When a piece of the virtual topology is needed, simulations are parked ● Lock-free algorithms where sharding is not possible

Recommend

Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges

Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges

5/19/2018 Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges scalability and performance apps require more resources than one computer has 13B. Distributed Systems: Communication grow

131 views • 9 slides
Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges

Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges

5/17/2017 Distributed Systems Goals of Distributed Systems 13A. Distributed Systems: Goals & Challenges scalability and performance apps require more resources than one computer has 13B. Distributed Systems: Communication grow

572 views • 7 slides
Status and challenges of security in distributed compu6ng

Status and challenges of security in distributed compu6ng

Status and challenges of security in distributed compu6ng Sebas&an Lopienski CERN Deputy Computer Security Officer (with input from S.Lueders and

569 views • 24 slides
Introduction to Distributed Systems Introduction to Distributed Systems Outline Outline

Introduction to Distributed Systems Introduction to Distributed Systems Outline Outline

Introduction to Distributed Systems Introduction to Distributed Systems Outline Outline about the course relationship to other courses the challenges of distributed systems distributed services *ility for distributed

824 views • 25 slides
Introduction to Distributed * Systems Introduction to Distributed * Systems Outline Outline

Introduction to Distributed * Systems Introduction to Distributed * Systems Outline Outline

Introduction to Distributed * Systems Introduction to Distributed * Systems Outline Outline about the course relationship to other courses the challenges of distributed systems distributed services *ility for distributed

556 views • 20 slides
Distributed Solar on the Grid: Key Opportunities and Challenges National Renewable Energy

Distributed Solar on the Grid: Key Opportunities and Challenges National Renewable Energy

GREENING THE GRID Distributed Solar on the Grid: Key Opportunities and Challenges National Renewable Energy Laboratory November 17, 2016 ENHANCING CAPACITY FOR LOW EMISSION DEVELOPMENT STRATEGIES (EC-LEDS) Outline and Learning Objectives 1.

637 views • 47 slides
Challenges in Management Services for Distributed Storage and how Tendrl addresses them Mrugesh

Challenges in Management Services for Distributed Storage and how Tendrl addresses them Mrugesh

Challenges in Management Services for Distributed Storage and how Tendrl addresses them Mrugesh Karnik, Red Hat 22nd March 2017 1 Tendrl was originally conceived to.. allow administrators to provision, monitor and manage multiple software de

644 views • 28 slides
Three Challenges in Distributed Optimization Keren Censor-Hillel Technion Workshop on Local

Three Challenges in Distributed Optimization Keren Censor-Hillel Technion Workshop on Local

Three Challenges in Distributed Optimization Keren Censor-Hillel Technion Workshop on Local Algorithms WOLA 2019 This project has received funding from the European Unions Horizon 2020 Research and Innovation Programme under grant agreement

966 views • 68 slides
Challenges in Distributed Shortest Paths Algorithms Danupon Nanongkai KTH Royal Institute of

Challenges in Distributed Shortest Paths Algorithms Danupon Nanongkai KTH Royal Institute of

Challenges in Distributed Shortest Paths Algorithms Danupon Nanongkai KTH Royal Institute of Technology, Sweden 1 SIROCCO 2016 About this talk Main focus s-t Distance Known (1+ e )-approx. in Q (n 1/2 +D) time Open problem Technical

1.34k views • 98 slides
Opportunities & Challenges Presentation to Distributed Wind Energy Association Washington, DC

Opportunities & Challenges Presentation to Distributed Wind Energy Association Washington, DC

The Ghana & Tanzania Power Sectors: Opportunities & Challenges Presentation to Distributed Wind Energy Association Washington, DC February 13, 2013 1 Agenda I. Overview of USAID Approaches and Assets for Power Sector Reform II.

771 views • 33 slides
CS 3700 Networks and Distributed Systems Intro to Distributed Systems Revised 10/01/15

CS 3700 Networks and Distributed Systems Intro to Distributed Systems Revised 10/01/15

CS 3700 Networks and Distributed Systems Intro to Distributed Systems Revised 10/01/15 Application Layer 2 Function: Application Whatever you want Presentation Implement your app using the network Session Key challenges:

862 views • 32 slides
Massively distributed intrusions detection : goals, challenges and possible solutions. SEC2 2015,

Massively distributed intrusions detection : goals, challenges and possible solutions. SEC2 2015,

Massively distributed intrusions detection : goals, challenges and possible solutions. SEC2 2015, Lille Michal Hauspie CRIStAL, CNRS UMR 9189 quipe 2XS . . . . . . . . . . . . . . . . . . . . . . . . . . . .

643 views • 40 slides
Historical Challenges of Wind Energy/Wildlife Interactions: How This May Affect Distributed Wind

Historical Challenges of Wind Energy/Wildlife Interactions: How This May Affect Distributed Wind

Historical Challenges of Wind Energy/Wildlife Interactions: How This May Affect Distributed Wind ASES Wind Division Webinar Series Karin Sinclair August 12, 2014 NREL/PR-5000-62492 NREL is a national laboratory of the U.S. Department of

417 views • 26 slides
Challenges in Dynamic Deployment of Condor Across Distributed Environments Andrew Pavlo

Challenges in Dynamic Deployment of Condor Across Distributed Environments Andrew Pavlo

Challenges in Dynamic Deployment of Condor Across Distributed Environments Andrew Pavlo Computer Sciences Department University of Wisconsin-Madison pavlo@cs.wisc.edu http://www.cs.wisc.edu/~pavlo/ Problem Statement Difficult to

324 views • 15 slides
Tag and Release Monitoring Increasingly Distributed Applications dkuebric / dan@appneta.com

Tag and Release Monitoring Increasingly Distributed Applications dkuebric / dan@appneta.com

Tag and Release Monitoring Increasingly Distributed Applications dkuebric / dan@appneta.com Outline What is distributed tracing? Whos doing it, and how? Challenges, and future directions? Thrift Shop Frontend web app:

629 views • 41 slides
The Smart Grid: Distributed optimization & control challenges Kameshwar Poolla UC Berkeley

The Smart Grid: Distributed optimization & control challenges Kameshwar Poolla UC Berkeley

The Smart Grid: Distributed optimization & control challenges Kameshwar Poolla UC Berkeley June 24, 2011 HYCON2 Trento, June 2011 Objectives Cover essential background on power systems Tell you about what is changing -

941 views • 79 slides
Distributed Coordination What makes a system distributed? Time in a distributed system

Distributed Coordination What makes a system distributed? Time in a distributed system

CPSC-410/611: Operating Systems Distr Coord Distributed Coordination What makes a system distributed? Time in a distributed system How do we determine the global state of a distributed system? Event ordering Mutual exclusion

405 views • 12 slides
Distributed Generation with Biomass: Opportunities and Challenges in Liberia Biomass to

Distributed Generation with Biomass: Opportunities and Challenges in Liberia Biomass to

Distributed Generation with Biomass: Opportunities and Challenges in Liberia Biomass to Electricity EcoPower Liberia distributes, installs and operates electricity generators that use agricultural waste for fuel: Agricultural waste such as

478 views • 18 slides
Maintenance-free, distributed sensing Challenges and algorithms Stephan Sigg Department of

Maintenance-free, distributed sensing Challenges and algorithms Stephan Sigg Department of

Maintenance-free, distributed sensing Challenges and algorithms Stephan Sigg Department of Communications and Networking Aalto University, School of Electrical Engineering stephan.sigg@aalto.fi Siremti Workshop, 13.03.2017 Stephan Sigg

551 views • 43 slides
Challenges and tools for maintenance-free, intelligent distributed sensing Stephan Sigg

Challenges and tools for maintenance-free, intelligent distributed sensing Stephan Sigg

Challenges and tools for maintenance-free, intelligent distributed sensing Stephan Sigg Department of Communications and Networking Aalto University, School of Electrical Engineering stephan.sigg@aalto.fi CiNet, 22.02.2017 Stephan Sigg

751 views • 56 slides
Data Collection and Aggregation Data Collection and Aggregation 1 Challenges: data Challenges:

Data Collection and Aggregation Data Collection and Aggregation 1 Challenges: data Challenges:

Data Collection and Aggregation Data Collection and Aggregation 1 Challenges: data Challenges: data Data type: numerical sensor readings. Rich and massive data, spatially distributed and correlated. Data dynamics: data

713 views • 48 slides
Overcoming Challenges in Distributed Agile . c S . M , l a p j a R P k M r a P

Overcoming Challenges in Distributed Agile . c S . M , l a p j a R P k M r a P

Overcoming Challenges in Distributed Agile . c S . M , l a p j a R P k M r a P M , P C A - I M m P o , P c S . C l a , p O j a P r S k C r a , m M @ S C k r a m } About Me } What

1.16k views • 27 slides
Neuron-inspired maintenance-free, distributed sensing Challenges and algorithms Stephan Sigg

Neuron-inspired maintenance-free, distributed sensing Challenges and algorithms Stephan Sigg

Neuron-inspired maintenance-free, distributed sensing Challenges and algorithms Stephan Sigg Department of Communications and Networking Aalto University, School of Electrical Engineering stephan.sigg@aalto.fi NII, 24.02.2017 Stephan

817 views • 56 slides
Distributed File Systems Distributed File Systems A distributed file system (DFS) is a

Distributed File Systems Distributed File Systems A distributed file system (DFS) is a

Distributed File Systems Distributed File Systems A distributed file system (DFS) is a distributed Definitions implementation of a classical time-sharing model of a file Distributed system - A number of loosely coupled system. machines

997 views • 8 slides

More recommend