co conc ncer erto to cooperative network wide telemetry
play

Co Conc ncer erto to: Cooperative Network-Wide Telemetry with - PowerPoint PPT Presentation

Oct 29, 2023 •346 likes •524 views

Co Conc ncer erto to: Cooperative Network-Wide Telemetry with Controllable Error Rate Yiran Li Kevin Gao Xin Jin Wei Xu Net etwork rk Tel elem emet etry ry Provide ides s Us Usef eful ul Status tus Knowle wledge dge Query

  1. Co Conc ncer erto to: Cooperative Network-Wide Telemetry with Controllable Error Rate Yiran Li Kevin Gao Xin Jin Wei Xu

  2. Net etwork rk Tel elem emet etry ry Provide ides s Us Usef eful ul Status tus Knowle wledge dge Query Interface DDoS Det. New TCP Port Scan Expressive & High Fidelity Operators Telemetry System Core Operates Packets Switch Config Telemetry Tuples of Whole Network in Real-Time Switch 2

  3. Exe xecuti uting ng Lo Location ion: : Stream eam Proces essor sor vs. s. PISA A Swit itch ch Task Assignment DDoS Det. SP vs. PISA Switch Executing at SP: √ General Processing × Scalability Problem Executing at PISA Switch √ Real-Time Processing × Limited Stages & Memory Stage 1 Stage 2 Deparser Parser Traffic Traffic Mem. ALU Mem. ALU Protocol Independent Switch Architecture Network Telemetry System 3

  4. Di Differe rent nt Swi witche ches s Pla lay y Di Differe rent nt Role les Telemetry Systems Big Data Frameworks Driver Program Query Cluster Manager Core SP Dynamically Assign Statically Assign to vs. to Available Executor Specific Switch S 3 Worker Worker Worker S 1 Executor Executor Executor Executor Executor Executor Executor Executor Executor Executor Executor Executor S 2 Switches with Different Roles Identical Workers, Executors 4

  5. Usi sing g Swi witche ches s In Inde depe pendent dently ly Is Is In Insu suffic fficient ient Splitting Query Between SP 4 .map ((_, dip ) => (dip ,1)) & Edge Switch Dynamically 5 .scan (( dip ,_) => dip , sum ) 6 .filter (( dip , count ) => count ==T) 7 .map (( dip , count ) => dip ) 1 packetStream 2 .map (p => (p.ip.sip ,p.ip. dip )) SP Unused 3 .distinct (( sip , dip ) => (sip , dip )) 4 .map ((_, dip ) => (dip ,1)) SRC DST 5 .scan (( dip ,_) => dip , sum ) Edge 6 .filter (( dip , count ) => count ==T) SRC 7 .map (( dip , count ) => dip ) S 3 Edge DDoS Detection Query Unused S 1 1 packetStream 2 .map (p => (p.ip.sip ,p.ip. dip )) S 2 3 .distinct (( sip , dip ) => (sip , dip )) 5

  6. Usi sing g Swi witche ches s In Inde depe pendent dently ly Is Is In Insu suffic fficient ient (Cont.) t.) Static Splitting & Using 4 .map ((_, dip ) => (dip ,1)) Switches Independently 5 .scan (( dip ,_) => dip , sum ) 6 .filter (( dip , count ) => count ==T) 7 .map (( dip , count ) => dip ) Wasted 1 packetStream Duplicated 2 .map (p => (p.ip.sip ,p.ip. dip )) SP 3 .distinct (( sip , dip ) => (sip , dip )) 4 .map ((_, dip ) => (dip ,1)) SRC DST 5 .scan (( dip ,_) => dip , sum ) Edge Unused 6 .filter (( dip , count ) => count ==T) SRC 7 .map (( dip , count ) => dip ) S 3 Edge DDoS Detection Query S 1 S 2 1 packetStream 2 .map (p => (p.ip.sip ,p.ip. dip )) 3 .distinct (( sip , dip ) => (sip , dip )) 6

  7. Concert erto: o: Cooper erative ative Net etwork rk-Wide Wide Te Telem emet etry ry • Challenge • Splitting queries among switches while meeting resource & network constraints • Cooperative query execution model Q Q Q Query • Splitting query to multiple PISA switches Result 1 2 3 • Each switch processes tuples locally Stream SP Concerto Core • Various operations on different switches Processor Config • Best-effort tuple processing Intermediate Tuples Switch Config • Automatic query placement • Analyzing query restrictions from AST • Formulating query placement as MIP Switch • Result • Reduce the stream processor’s workload by up to 19 × • Achieve 10 4 × lower error rate with the same workload 7

  8. Coope perativ ative Query y Executi ution on Mo Mode del 6 .filter (( dip , count ) => count ==T) 7 .map (( dip , count ) => dip ) 1 packetStream 2 .map (p => (p.ip.sip ,p.ip. dip )) 5→7 4→7 3 .distinct (( sip , dip ) => (sip , dip )) Phase 7 Phase 4 S 3 SP 1 →3 5 .scan (( dip ,_) => dip , sum ) 6 .filter (( dip , count ) => count ==T) S 1 7 .map (( dip , count ) => dip ) S 2 3→5 4 .map ((_, dip ) => (dip ,1)) 5 .scan (( dip ,_) => dip , sum ) 8

  9. Query y Executi ution on on Swi witche hes Stage Like Bloom Filter Subquery 1: 05:scan Subquery 2: 06:filter 07:map Mem. ALU S 1 05 06 07 07 PHV PHV Pkt Pkt 04 05 05 05 05 S 2 Stage 1 Stage 2 Stage 3 Stage 4 Parser Deparser Four-Stage PISA Switch Only Based on Phase 9

  10. Concerto rto Puts s Mo More Op Operati tions ons on S Swi witche ches 1 packetStream 2333 4 - - - 5556 f 1 : S 1 → S 6 2 .map (p => (p.ip.sip ,p.ip. dip )) 3333 7 3 .distinct (( sip , dip ) => (sip , dip )) S 1 S 4 S 6 Result 4 .map ((_, dip ) => (dip ,1)) Tuples f 2 : S 2 → S 6 4 - - - 2 - - - 555 6 5 .scan (( dip ,_) => dip , sum ) S 3 Stream f 3 : S 2 → S 7 6 .filter (( dip , count ) => count ==T) Processor 7 .map (( dip , count ) => dip ) S 5 S 2 S 7 • Switch hardware # Tuples # Stages Flow t1, t2 t3, t4 t5 t6, t7 d3 d5 • 4 stages f1 442628 50034 1033 25 3 3 • 0.5 Mb of registers at each stage f2 1383594 113584 1739 36 4 3 • Results f3 307941 8874 2194 25 3 3 f1+f2 1826222 163618 2772 61 5 3 • Stateless filtering: 2.1 × 10 6 f2+f3 1691535 122458 3933 61 4 4 • Independent stateful: 1.4 × 10 6 f1+f2+f3 2134163 172492 4966 86 5 4 • Concerto: 86 10

  11. Eval aluat uatio ion n Setup up • Questions: workload reduction, error rate guarantee, scalability • Topology ATT North America Topology # Sites # Links Claranet 15 018 ATT North America 25 056 Cesnet-10 52 063 OTEGlobe 93 103 • CAIDA trace: captured at a backbone ISP link from New York to San Paulo • Compared systems • Stateless : Everflow, DREAM • EdgeAll : Sonata • AnyAggre : OpenSketch, UnivMon, Marple • Metric: # tuples to the stream processor (same as Sonata) 11

  12. Concerto Reduces SP’s Workload on Various Queries Stateless EdgeAll AnyAggre Concerto 10 8 10 6 #Tuples 10 4 10 2 Log- Better SSpreader New TCP Port Scan DDoS In. Flows SSH Brute Slowloris Scaled Single-Query Performance on Various Queries 12

  13. Concerto rto Ac Achie ieve ves s Mu Much Lowe wer Error Rate Stateless EdgeAll AnyAggre Concerto 10 8 10 7 10 7 #Tuples 10 6 10 6 10 4 10 5 10 5 10 4 10 4 10 1 10 -1 10 -3 10 1 10 0 10 -5 10 -1 Error Rate (%) Error Rate (%) One Query Four Queries Error Rate Requirement 13

  14. Concerto rto Scal ales s Well ll Stateless EdgeAll AnyAggre Concerto Similar Similar Similar Normalized #Tuples 10 4 10 4 10 3 10 2 10 2 10 0 10 0 10 0 Different Different One Query Two Queries Four Queries Normalized To Concerto Normalized Workloads on Various Topologies 14

  15. Conclusi lusion on • We propose a cooperative query execution model • Mimics network routing, each switch processes tuples locally • Independent of the underlying routing method • Applies to arbitrary topology • We provide a method to automatically compile queries to PISA switches • Analyzes the query placement requirement from AST • Formulates and optimizes query placement on switches using MIP • We show that the cooperative query execution of Concerto is effective • Reduces the stream processor’s workload by as much as 19 times • Achieves an error rate of 10 4 times lower than state-of-the-art systems 15

  16. Th Thanks! anks! Q& Q&A

Recommend

PAS ASSP SPORT ORT PR PROPO POSED SED CHANGES NGES and CONC NCER ERNS NS Purpose of

PAS ASSP SPORT ORT PR PROPO POSED SED CHANGES NGES and CONC NCER ERNS NS Purpose of

PAS ASSP SPORT ORT PR PROPO POSED SED CHANGES NGES and CONC NCER ERNS NS Purpose of this meeting Brief history Talk about some proposed changes to the system What some of the current issues are Determine next steps Ask

528 views • 22 slides
analysis of a real online social network using semantic web frameworks Guillaume Erto,

analysis of a real online social network using semantic web frameworks Guillaume Erto,

analysis of a real online social network using semantic web frameworks Guillaume Erto, Michel Buffa, Fabien Gandon, Olivier Corby social media landscape social web amplifies social network effects overwhelming flow of social data social

322 views • 31 slides
Collecting telemetry data using P4 and RDMA Rutger Beltman Silke Knossen Supervisors: Joseph

Collecting telemetry data using P4 and RDMA Rutger Beltman Silke Knossen Supervisors: Joseph

Collecting telemetry data using P4 and RDMA Rutger Beltman Silke Knossen Supervisors: Joseph Hill M.Sc. Dr. Paola Grosso 1 Introduction: Network Telemetry (I) Monitoring network health In-band network telemetry includes

702 views • 23 slides
Marking-based Network Telemetry Alon Riesenberg * , Yonnie Kirzon * , Michael Bunin * , Elad Galili

Marking-based Network Telemetry Alon Riesenberg * , Yonnie Kirzon * , Michael Bunin * , Elad Galili

Time-Muxed Parsing in Marking-based Network Telemetry Alon Riesenberg * , Yonnie Kirzon * , Michael Bunin * , Elad Galili * , Gidi Navon , Tal Mizrahi * ACM SYSTOR, Haifa, May 2019 * Background What is network telemetry?

854 views • 29 slides
Listening to the Network: Leveraging Network Flow Telemetry for Security Applications Darren

Listening to the Network: Leveraging Network Flow Telemetry for Security Applications Darren

Listening to the Network: Leveraging Network Flow Telemetry for Security Applications Darren Anstee EMEA Solutions Architect Introduction Security has an increased focus from ALL businesses, whether they are an enterprise, ISP, IDC or

926 views • 60 slides
Applications+of+Clock+Synchronization: Network+Telemetry 1

Applications+of+Clock+Synchronization: Network+Telemetry 1

Applications+of+Clock+Synchronization: Network+Telemetry 1 Market'Data'Synchronization'and'Freshness Recall&two&scenarios: Fast&loop Traders'place'orders'based'on'market'data'feeds'from'several'exchanges

305 views • 18 slides
NETWORK TELEMETRY AND ANALYTICS IN THE AGE OF BIG DATA RUTURAJ PATHAK/Senior Product

NETWORK TELEMETRY AND ANALYTICS IN THE AGE OF BIG DATA RUTURAJ PATHAK/Senior Product

NETWORK TELEMETRY AND ANALYTICS IN THE AGE OF BIG DATA RUTURAJ PATHAK/Senior Product Manager/INVENTEC Open Computing Project (OCP) Participation OCP Accepted! D7032Q28BP and D7032Q28BX D6254QSBP and D6254QSBX Inventec is a Platinum Member !!!

168 views • 14 slides
Towards Knowledge-Defined Networking using In-band Network Telemetry Jonghwan Hyun, Nguyen Van Tu

Towards Knowledge-Defined Networking using In-band Network Telemetry Jonghwan Hyun, Nguyen Van Tu

Towards Knowledge-Defined Networking using In-band Network Telemetry Jonghwan Hyun, Nguyen Van Tu and James Won-Ki Hong Department of Computer Science and Engineering, POSTECH, Pohang, Korea Email: { noraki, tunguyen, jwkhong } @postech.ac.kr

514 views • 7 slides
Cooperative Web Caching Cooperative Web Caching Cooperative Caching Cooperative Caching

Cooperative Web Caching Cooperative Web Caching Cooperative Caching Cooperative Caching

Cooperative Web Caching Cooperative Web Caching Cooperative Caching Cooperative Caching Previous work has shown that hit rate increases with population size [Duska et al. 97, Breslau et al. 98] However, single proxy caches have practical limits

868 views • 53 slides
Detecting outages with telemetry Alessio Placitelli - @dexterp37 June 16th - Internet

Detecting outages with telemetry Alessio Placitelli - @dexterp37 June 16th - Internet

Detecting outages with telemetry Alessio Placitelli - @dexterp37 June 16th - Internet Measurement Village 2020 Italy, March 11th - 2020 Tales from a mid-pandemic network outage Public 2 ...failure on a foreign network... Source :

591 views • 29 slides
Conc u rrent v alidit y & model diagrams SU R VE Y AN D ME ASU R E ME N T D E VE L OP ME N T

Conc u rrent v alidit y & model diagrams SU R VE Y AN D ME ASU R E ME N T D E VE L OP ME N T

Conc u rrent v alidit y & model diagrams SU R VE Y AN D ME ASU R E ME N T D E VE L OP ME N T IN R George Mo u nt Data anal y tics ed u cator Conc u rrent v alidit y Conc u rrent v alidit y: Does the model correlate w ith another meas u re no

604 views • 39 slides
All Saints: Pi Top Telemetry System ALL SAINTS SOLAR CAR Usage The Telemetry system

All Saints: Pi Top Telemetry System ALL SAINTS SOLAR CAR Usage The Telemetry system

All Saints: Pi Top Telemetry System ALL SAINTS SOLAR CAR Usage The Telemetry system is used to measure the input and output of the battery systems. Using sensors to measure the current, our drivers are able to see how

226 views • 7 slides
TELEMETRY Project overview and update JULIEN DANJOU IRC: JD_ GORDON CHUNG IRC: GORDC What

TELEMETRY Project overview and update JULIEN DANJOU IRC: JD_ GORDON CHUNG IRC: GORDC What

05.11.2017 TELEMETRY Project overview and update JULIEN DANJOU IRC: JD_ GORDON CHUNG IRC: GORDC What does Telemetry do? Metering services The Telemetry project provides service for data collection, storage and alarming. 3

130 views • 10 slides
Princess Marga ret Hospital and Ontario Can Ontario Can ncer Institute ncer Institute 50th

Princess Marga ret Hospital and Ontario Can Ontario Can ncer Institute ncer Institute 50th

Princess Marga ret Hospital and Ontario Can Ontario Can ncer Institute ncer Institute 50th Annive 50th Annive ersary Event ersary Event 16 18 Oc ctober 2008 The Unexpected Consequence es of Being a Research Fellow at PMH/OCI

1.1k views • 41 slides
Arpit Gupta Princeton University Rob Harrison, Ankita Pawar, Rdiger Birkner, Marco Canini,

Arpit Gupta Princeton University Rob Harrison, Ankita Pawar, Rdiger Birkner, Marco Canini,

SONATA: Query-Driven Network Telemetry Arpit Gupta Princeton University Rob Harrison, Ankita Pawar, Rdiger Birkner, Marco Canini, Nick Feamster, Jennifer Rexford, Walter Willinger Conventional Network Telemetry Compute Store Analysis

692 views • 24 slides
High Tide Technologies, LLC Advances In Telemetry- Satellite Telemetry COMPANY INTRODUCTION

High Tide Technologies, LLC Advances In Telemetry- Satellite Telemetry COMPANY INTRODUCTION

High Tide Technologies, LLC Advances In Telemetry- Satellite Telemetry COMPANY INTRODUCTION High Tide Technologies, LLC Satellite SCADA Provider Easy to Install Hardware Web-based Software Satellite Communications 24x7

310 views • 27 slides
Measurement for Cooperative Network Defense: DEMONS and BlockMon Brian Trammell Communication

Measurement for Cooperative Network Defense: DEMONS and BlockMon Brian Trammell Communication

Measurement for Cooperative Network Defense: DEMONS and BlockMon Brian Trammell Communication Systems Group, ETH Zrich Flocon 2012, January 11, Austin, Texas USA The problem The attack landscape has become more complex and cooperative.

220 views • 19 slides
Cooperative Choice Cooperative and non-cooperative motives and their consequences via Mark

Cooperative Choice Cooperative and non-cooperative motives and their consequences via Mark

Cooperative Choice Cooperative and non-cooperative motives and their consequences via Mark L oczy Livia.Markoczy@ucr.edu Gary A. Anderson Graduate School of Management University of California, Riverside Cooperative Choice p.1/26

413 views • 26 slides
Cooperative Multicast Scheduling with Random Network Coding in WiMAX Jin Jin, Baochun Li,

Cooperative Multicast Scheduling with Random Network Coding in WiMAX Jin Jin, Baochun Li,

Cooperative Multicast Scheduling with Random Network Coding in WiMAX Jin Jin, Baochun Li, Department of Electrical Computer Engineering University of Toronto WiMAX MBS IWQoS 2009: Cooperative Multicast Scheduling with Random Network Coding in

856 views • 53 slides
Utilizing Lean Methodologies to Manage Telemetry Devices Christina Carranza, MSN, RN-BC, CNML

Utilizing Lean Methodologies to Manage Telemetry Devices Christina Carranza, MSN, RN-BC, CNML

October 20, 2017 12pm to 1pm From the AAMI Foundations National Coalition for Alarm Management Safety Utilizing Lean Methodologies to Manage Telemetry Devices Christina Carranza, MSN, RN-BC, CNML Nurse Manager Cardiac Telemetry, NCH

697 views • 50 slides
Satellite Telemetry Services for ARGO floats Solne Routaboul sroutaboul@groupcls.com

Satellite Telemetry Services for ARGO floats Solne Routaboul sroutaboul@groupcls.com

Satellite Telemetry Services for ARGO floats Solne Routaboul sroutaboul@groupcls.com http://www.cls-telemetry.com CLS is a subsidiary of the French Space Agency (CNES), and was created in 1986. Unique operator of the Argos system

357 views • 25 slides
Cooperative Broadcast for Cooperative Broadcast for Maximum Network Lifetime Maximum Network

Cooperative Broadcast for Cooperative Broadcast for Maximum Network Lifetime Maximum Network

Cooperative Broadcast for Cooperative Broadcast for Maximum Network Lifetime Maximum Network Lifetime Ivana Maric and Roy Yates Ivana Maric and Roy Yates Wireless Multihop Multihop Network Broadcast Network Broadcast Wireless N nodes

444 views • 28 slides
A Mor A More Resi sili lien ent Y t You CONCERN: CONCERN: EMPLOYEE EMPLOYEE ASSISTANCE

A Mor A More Resi sili lien ent Y t You CONCERN: CONCERN: EMPLOYEE EMPLOYEE ASSISTANCE

A Mor A More Resi sili lien ent Y t You CONCERN: CONCERN: EMPLOYEE EMPLOYEE ASSISTANCE ASSISTANCE PROGRAM PROGRAM A Benefit for Employees and Families 3 CONC NCER ERN: N: E EAP S AP Servi ervice ces Work/Life Benefits

253 views • 21 slides
2 Yes! s! eYE YE DO DO. 3 Yes! s! 4 Or Oral C l Canc ncer All malignant cancerous

2 Yes! s! eYE YE DO DO. 3 Yes! s! 4 Or Oral C l Canc ncer All malignant cancerous

2 Yes! s! eYE YE DO DO. 3 Yes! s! 4 Or Oral C l Canc ncer All malignant cancerous tissue growth located in the oral cavity 90% are squamous cell carcinomas https://en.wikipedia.org/wiki/Oral_cancer

500 views • 30 slides

More recommend