network function control
play

Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, - PowerPoint PPT Presentation

Nov 11, 2023 •274 likes •1.16k views

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1 Network functions (NFs) Perform sophisticated stateful actions

  1. OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1

  2. Network functions (NFs) • Perform sophisticated stateful actions on packets/flows WAN optimizer Caching proxy Intrusion detection system (IDS) 2

  3. NF trends • Network Functions Virtualization (NFV) WAN optimizer Caching proxy Intrusion detection system (IDS) 3

  4. NF trends • Network Functions Virtualization (NFV) → dynamically allocate NF instances Hypervisor 3

  5. NF trends • Network Functions Virtualization (NFV) → dynamically allocate NF instances • Software-defined Networking → dynamically reroute flows Hypervisor 3

  6. NF trends • Network Functions Virtualization (NFV) → dynamically allocate NF instances • Software-defined Networking → dynamically reroute flows Dynamic reallocation Hypervisor of packet processing 3

  7. Example: elastic NF scaling 1. Satisfy performance SLAs 4

  8. Example: elastic NF scaling 1. Satisfy performance SLAs CPU Packet loss 4

  9. Example: elastic NF scaling 1. Satisfy performance SLAs CPU Packet loss 4

  10. Example: elastic NF scaling 1. Satisfy performance SLAs CPU Packet loss 4

  11. Example: elastic NF scaling 1. Satisfy performance SLAs 2. Minimize operating costs CPU Packet loss 4

  12. Example: elastic NF scaling 1. Satisfy performance SLAs 2. Minimize operating costs CPU Packet loss 4

  13. Example: elastic NF scaling 1. Satisfy performance SLAs 2. Minimize operating costs 3. Accurately monitor traffic CPU Packet loss 4

  14. Problem: NFV+SDN is insufficient To simultaneously … 1. Satisfy performance SLAs 2. Minimize operating costs 3. Accurately monitor traffic 5

  15. Why NFV + SDN falls short Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  16. Why NFV + SDN falls short Packet loss SLA: <1% 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  17. Why NFV + SDN falls short ? Packet loss SLA: <1% 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  18. Why NFV + SDN falls short ? Packet loss SLA: <1% 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  19. Why NFV + SDN falls short ? Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  20. Why NFV + SDN falls short ? Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  21. Why NFV + SDN falls short ? Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  22. Why NFV + SDN falls short ? Packet loss 1. SLAs 2. Cost 3. Accuracy Reroute new flows Reroute existing flows Wait for flows to die 6

  23. SLAs + cost + accuracy: What do we need? • Quickly move, copy, or share internal NF state alongside updates to network forwarding state • Guarantees: loss-free, order- preserving, …    … 1 2 3 … Also applies to other scenarios 7

  24. Outline • Motivation and requirements • Challenges • OpenNF architecture – State export/import – State operations – Guarantees • Evaluation 8

  25. Challenges 1. Supporting many NFs with minimal changes 2. Dealing with race conditions 3. Bounding overhead 9

  26. Existing approaches • Virtual machine replication – Cannot combine → limited rebalancing • Split/Merge [NSDI’13] – State allocations and accesses occur via library – Addresses a specific problem → limited suitability – Packets may be dropped or re-ordered → wrong NF behavior 10

  27. OpenNF overview Control Application move/copy/share state OpenNF NF State Manager Flow Manager Controller export/import State 11

  28. NF state taxonomy State created or updated by an NF applies to either a single flow or a collection of flows Multi-flow state Per-flow state TcpAnalyzer Connection HttpAnalyzer ConnCount Connection TcpAnalyzer All-flows state HttpAnalyzer Statistics 12

  29. NF API: export/import state • Functions: get , put , delete put Per Scope Multi All Filter get NF No need to expose/change internal state organization! 13

  30. Control operations: move Control Application Flow Manager NF State Manager Bro 1 Bro 2 14

  31. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager Bro 1 Bro 2 14

  32. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager get(per, port=80) Bro 1 Bro 2 14

  33. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager get(per, port=80) [Chunk1] [Chunk2] Bro 1 Bro 2 14

  34. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager get(per, port=80) [Chunk1] del(per, port=80) [Chunk2] Bro 1 Bro 2 14

  35. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) NF State Manager get(per, port=80) put (per, Chunk1) [Chunk1] del(per, port=80) put (per, Chunk2) [Chunk2] Bro 1 Bro 2 14

  36. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) forward(port=80, Bro 2 ) NF State Manager get(per, port=80) put (per, Chunk1) [Chunk1] del(per, port=80) put (per, Chunk2) [Chunk2] Bro 1 Bro 2 14

  37. Control operations: move Control Application Flow Manager move (port=80, Bro 1 , Bro 2 ) forward(port=80, Bro 2 ) NF State Manager get(per, port=80) put (per, Chunk1) [Chunk1] del(per, port=80) put (per, Chunk2) [Chunk2] Bro 1 Bro 2 Also provide copy and share 14

  38. Challenges 1. Supporting many NFs with minimal changes 2. Dealing with race conditions 3. Bounding overhead 15

  39. Lost updates during move detect- MHR Bro 1 Bro 2 16

  40. Lost updates during move detect- MHR R1 B1 Bro 1 Bro 2 16

  41. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR R1 B1 Bro 1 Bro 2 16

  42. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR R1 B1 Bro 1 Bro 2 16

  43. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing R1 state B1 R2 Bro 1 Bro 2 16

  44. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing R2 R1 state B1 Bro 1 Bro 2 16

  45. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing R2 R1 state B1 Bro 1 Bro 2 16

  46. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing Missing R2 R1 state updates B1 R3 Bro 1 Bro 2 16

  47. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing Missing R2 R1 state updates B1 R3 Bro 1 Bro 2 16

  48. Lost updates during move detect- move(red,Bro 1 ,Bro 2 ) MHR Missing Missing R2 R1 state updates B1 R3 Bro 1 Bro 2 Loss-free: All state updates should be reflected in the transferred state, and all packets should be processed • Split/Merge [NSDI ‘13] : pause traffic, buffer packets – Packets in-transit when buffering starts are dropped 16

  49. NF API: observe/prevent updates using events NF R1 Only need to change an NF’s receive packet function! 17

  50. Use events for loss-free move R1 Bro 1 Bro 2 18

  51. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 R1 Drop Bro 1 Bro 2 18

  52. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 Drop Bro 1 Bro 2 R1 18

  53. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 Drop R2 Bro 1 Bro 2 R1 18

  54. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller Drop Bro 1 Bro 2 R1 R2 18

  55. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller 4. put on Bro 2 R1 Drop Bro 1 Bro 2 R2 18

  56. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller 4. put on Bro 2 5. Flush packets in events to Bro 2 R1,R2 R1 Drop Bro 1 Bro 2 18

  57. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller 4. put on Bro 2 5. Flush packets in events to Bro 2 R1,R2 R1 Drop 6. Update Bro 1 Bro 2 forwarding 18

  58. Use events for loss-free move 1. enableEvents(red,drop) on Bro 1 2. get / delete on Bro 1 3. Buffer events at controller 4. put on Bro 2 5. Flush packets in events to Bro 2 R1,R2,R3 R1,R2 R1 Drop 6. Update Bro 1 Bro 2 forwarding 18

  59. Re-ordering of packets • False positives from Bro’s weird script Switch Bro 2 Bro 1 Controller 19

  60. Re-ordering of packets • False positives from Bro’s weird script Switch Bro 2 Bro 1 Controller 5. Flush buffer R2 R2 R2 19

  61. Re-ordering of packets • False positives from Bro’s weird script Switch Bro 2 Bro 1 Controller 5. Flush buffer R2 6. Request R2 forwarding update R2 19

Recommend

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash,

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash,

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1 Network functions (NFs) Perform sophisticated stateful actions

770 views • 76 slides
OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash,

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash,

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1 Network functions (NFs) Perform sophisticated stateful actions

361 views • 32 slides
Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert

Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert

OpenNF: Enabling Innovation in Network Function Control Aaron Gember-Jacobson , Chaithan Prakash, Raajay Viswanathan, Robert Grandl, Junaid Khalid, Sourav Das, Aditya Akella 1 Network functions (NFs) Perform sophisticated stateful actions

925 views • 44 slides
Network Function Insertion for Reliable and Secure Control Messaging Over Commodity Transport

Network Function Insertion for Reliable and Secure Control Messaging Over Commodity Transport

Network Function Insertion for Reliable and Secure Control Messaging Over Commodity Transport Deniz Gurkan, Nicholas Bastin, Stuart Baxley University of Houston Funded by the U.S. Department of Energy and the U.S. Department of Homeland

541 views • 15 slides
Value function and optimal trajectories for a control problem with supremum cost function and

Value function and optimal trajectories for a control problem with supremum cost function and

Value function and optimal trajectories for a control problem with supremum cost function and state constraints Hasnaa Zidani ENSTA ParisTech, University of Paris-Saclay joint work with: A. Assellaou, &amp; O. Bokanowski, &amp; A. Desilles

448 views • 41 slides
1 b. Implement the function using a minimal network of 4:1 multiplexers. The truth table using a ,

1 b. Implement the function using a minimal network of 4:1 multiplexers. The truth table using a ,

CSE140 Exercise Solutions m (0 , 2 , 4 , 6 , 7) + d (1). I. Given a three-input Boolean function f ( a, b, c ) = a. Implement the function using a minimal network of 2:4 decoders and OR gates. Standard solution : Use a as the enable signal,

407 views • 12 slides
SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose

SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose

SLAC Control Network SLAC Control Network Campaign 1 12/13/01,12/17/01 01/18/02 Purpose Purpose To tie SLAC control points to existing coordinate system &amp; datum. (ie. NAD 83 CA State Plane Zone 3, UTM Zone 10, WGS84) Network

372 views • 14 slides
Diffusing Your Mobile Apps: Extending In-Network Function Virtualisation to Mobile Function

Diffusing Your Mobile Apps: Extending In-Network Function Virtualisation to Mobile Function

Diffusing Your Mobile Apps: Extending In-Network Function Virtualisation to Mobile Function Offloading Mario Almeida, Liang Wang*, Jeremy Blackburn, Konstantina Papagiannaki, Jon Crowcroft* Telefonica Research, ES University of

903 views • 26 slides
Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane traditional (intra-domain) routing algorithms SDN controllers and their instantiation, implementation in the Internet: OSPF, RIP, OpenFlow, ODL

1.31k views • 75 slides
Maria Bulatova, Daria Kolistratova Background Network Function (NF) a component of a network

Maria Bulatova, Daria Kolistratova Background Network Function (NF) a component of a network

Maria Bulatova, Daria Kolistratova Background Network Function (NF) a component of a network infrastructure with well defined interfaces and behavior ( routing, network address translation (NAT), firewall, etc.). Traditional NFs:

224 views • 19 slides
Eliminating Adverse Control Plane Interactions in Independent Network Systems Matthew K.

Eliminating Adverse Control Plane Interactions in Independent Network Systems Matthew K.

Eliminating Adverse Control Plane Interactions in Independent Network Systems Matthew K. Mukerjee Computer Science PhD Thesis Defense May 1st, 2018 Network Control CDN server selection Routing Congestion Control VM migration Network

1.71k views • 131 slides
CONTROL YOUR CARGO. CONTROL YOUR NETWORK. CONTROL YOUR BRAND. APRIL 2019

CONTROL YOUR CARGO. CONTROL YOUR NETWORK. CONTROL YOUR BRAND. APRIL 2019

CONTROL YOUR CARGO. CONTROL YOUR NETWORK. CONTROL YOUR BRAND. APRIL 2019 annika@sensortransport.com THE PROBLEM Status of Cargo Status of Shipment $100 BILL LOST ANNUALLY FROM DAMAGE Manual Delivery AND THEFT THE SOLUTION A

2.74k views • 9 slides
Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control

Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control

Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control Systems Research Philipp Mieden &amp; Rutger Beltman, 2020 Supervisor: Bartosz Czaszynski, Deloitte Industrial Network VS Corporate Network 2

379 views • 35 slides
Function Approximation for (on policy) Prediction and Control Lecture 8, CMU 10-403 Katerina

Function Approximation for (on policy) Prediction and Control Lecture 8, CMU 10-403 Katerina

Carnegie Mellon School of Computer Science Deep Reinforcement Learning and Control Function Approximation for (on policy) Prediction and Control Lecture 8, CMU 10-403 Katerina Fragkiadaki Used Materials Disclaimer : Much of the material

642 views • 41 slides
The Gas Network Control Problem and How to Approach It Felix Hennings Combinatorial Optimization

The Gas Network Control Problem and How to Approach It Felix Hennings Combinatorial Optimization

The Gas Network Control Problem and How to Approach It Felix Hennings Combinatorial Optimization @ Work 2020 The Gas Network Control Problem General description Optimization of short-term transient gas network control of large real-world

917 views • 39 slides
Unemployment Duration and Re-employment Wages: A Control Function Approach Marta C. Lopes 1 1

Unemployment Duration and Re-employment Wages: A Control Function Approach Marta C. Lopes 1 1

Unemployment Duration and Re-employment Wages: A Control Function Approach Marta C. Lopes 1 1 NovaSBE, Universidade Nova de Lisboa 23 rd London Stata User Group Meeting September 7, 2017 Marta C. Lopes (NovaSBE) A Control Function Approach

669 views • 38 slides
Tiny%Packet%Programs% for%low4latency%network%control% Vimal %

Tiny%Packet%Programs% for%low4latency%network%control% Vimal %

Tiny%Packet%Programs% for%low4latency%network%control% Vimal % Mohammad%Alizadeh,%Yilong%Geng,%Changhoon%Kim,%David%Mazires% Timescales%of%Network%FuncFons% Network% Load%Balancing% Virtual%Network% CongesFon% Forwarding%% Provisioning%

567 views • 29 slides
Finding the Optimal Reconfiguration for Network Function Virtualization Orchestration with

Finding the Optimal Reconfiguration for Network Function Virtualization Orchestration with

Finding the Optimal Reconfiguration for Network Function Virtualization Orchestration with Time-varied Workload Satyajit Padhy, Jerry Chou National Tsing Hua University The Third International Workshop on Systems and Network Telemetry and

725 views • 26 slides
Topic #38 Transfer function to state-space Reference textbook : Control Systems, Dhanesh N.

Topic #38 Transfer function to state-space Reference textbook : Control Systems, Dhanesh N.

ME 779 Control Systems Topic #38 Transfer function to state-space Reference textbook : Control Systems, Dhanesh N. Manik, Cengage Publishing, 2012 1 Transfer function to state-space Phase-variable and controller canonical forms

947 views • 36 slides
Session #4: Transport Network Control (ASON, Session #4: Transport Network Control (ASON, GMPLS

Session #4: Transport Network Control (ASON, Session #4: Transport Network Control (ASON, GMPLS

I nternational Telecom m unication Union ITU-T Session #4: Transport Network Control (ASON, Session #4: Transport Network Control (ASON, GMPLS and Control plane management) GMPLS and Control plane management) Highlights &amp; Conclusions

420 views • 7 slides
NETWORK FLOWS NETWORK FLOWS A network consists of a loopless digraph D = ( V , A ) plus a function

NETWORK FLOWS NETWORK FLOWS A network consists of a loopless digraph D = ( V , A ) plus a function

NETWORK FLOWS NETWORK FLOWS A network consists of a loopless digraph D = ( V , A ) plus a function c : A R + . Here c ( x , y ) for ( x , y ) A is the capacity of the edge ( x , y ) . We use the following notation: if : A R and S , T

566 views • 17 slides
What is executive function? There are many brain-based abilities that make up executive

What is executive function? There are many brain-based abilities that make up executive

10/27/2014 Executive Function MAKING THE WORLD A BIT EASIER TO NAVIGATE: USING EXECUTIVE FUNCTION SKILLS Brenda Smith Myles, Ph.D. brenda_myles@mac.com Executive Function The set of brain-based abilities that help people control their

617 views • 39 slides
Network Components Component Names Component Function Example Application, or app, user Uses

Network Components Component Names Component Function Example Application, or app, user Uses

Network Components Component Names Component Function Example Application, or app, user Uses the network Skype, iTunes, Amazon Host, or end-system, edge Supports apps Laptop, mobile, desktop device, node, source, sink Router, or switch,

1.25k views • 37 slides
Working Set- -Based Access Control for Based Access Control for Working Set Network File

Working Set- -Based Access Control for Based Access Control for Working Set Network File

Working Set- -Based Access Control for Based Access Control for Working Set Network File Systems Network File Systems Stephen Smaldone, Vinod Ganapathy, and Liviu Iftode DiscoLab - Department of Computer Science Rutgers, The State University

667 views • 23 slides

More recommend