Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Ranges & Cross-Entrance Consistency with
OpenFlow Yehuda Afek (TAU)
Liron Schiff (TAU)
Anat Bremler-Barr (IDC)
ONS 2014
Issue 1: Ranges
Action End Start
Server r3 61.26.188.55 0.0.0.0
Server r1 61.37.255.0 61.26.188. 56
Server r2 93.2.100.50 61.37.255.1
Drop 127.0.64.40 93.2.100.51
…… ……… …..
Source IP Address
replicas
Internet …
Firewalls Load Balancers DDoS mitigation Forwarding …….
Issue 2: Cross-Entrance Consistency
replicas …
client’s IPs
Internet X
SDN Network
Contributions • Ranges: Efficient implementation w/ OpenFlow
– 2 entries per flow;
total, 2n vs. Previously n∙w table entries (n number of intervals, w field size, usually 16 or 32)
• Consistent & Atomic ranges update
– Per packet, and per flow consistency
• Cross entrance consistency (with ranges)
Ranges Current Solution: Expansion
Action End Start
Server A 125.37.255.0 125.26.188. 56
Server B 126.2.100.50 125.37.255.1
Action Pattern
Server A 125.26.188. [00111***]
Server A 125.26.188. [*1******]
Server A 125.26.188. [10******]
Server A 125. [00011011].*.*
Server A 125. [000111**].*.*
Server A 125. [001000**].*.*
Server A 125.[00100100].*.*
Server A 125.[00100101]. 255.0
Server B 125.[00100101]. 255.*
Server A 125.[00100101]. *.*
Server B 125.[001*****].*.*
Server B 126. 1.*.*
Server B 126. 2. [00******].*
Server B 126. 2. [010*****].*
Server B 126. 2. [011000**].*
Server B 126. 2. 100.[0010****]
Server B 126. 2. 100.[00110001]
Server B 126. 2. 100.[00110010]
2w – 4 entries per range
Current Solution: Range Update • Change affects several entries
• Need atomicity (while traffic passes thru)
• Packet buffering, or
duplicating and switching tables
Action Pattern
Server A 125.26.188. [00111***]
Server A 125.26.188. [*1******]
Server A 125.26.188. [10******]
Server A 125. [00011011].*.*
Server A 125. [000111**].*.*
Server A 125. [001000**].*.*
Server A 125.[00100100].*.*
Server A 125.[00100101].255.0
Server B 125.[00100101]. 255.*
Server A 125.[00100101]. *.*
Server B 125. [001*****].*.*
Server B 126. 1.*.*
Server B 126. 2. [00******].*
Server B 126. 2. [010*****].*
Server B 126. 2. [011000**].*
Server B 126. 2. 100.[0010****]
Server B 126. 2. 100.[00110001]
Server B 126. 2. 100.[00110010]
Action End Start
Server A 125.37.255.0 125.26.188. 56
Server B 126.2.100.50 125.37.255.1
36
36
Flow table
Action Pattern
<EMPTY>
Server A 125.[00100100].255.0
Server B 125.[00100100]. 255.*
Server A 125.[00100100]. *.*
Our Ranges Implementation
• 2 entries per range
• Atomic (create, delete, split, merge)
with O(1) control message complexity. merge
split
[Panigrahy&Sharma2003] TCAM range implementation
TCAM Query
TCAM Query
Co
mp
are
Co
mp
are
Adapting [PS2003] to OpenFlow
• Even Comparisons are Flow-Table based!
Flow Table Query
Flow Table Query
Co
mp
are
Co
mp
are
Flow Table based comparisons
OpenFlow based Comparison
patterns
0******* 1*******
1******* 0*******
*0****** *1******
*1****** *0******
.
.
.
.
.
.
******** ********
Result
m>p
m<p
m>p
m<p
.
.
.
m=p
q m Packet header
Issue 2: Cross Entrance Consistency
Per-Flow Consistency [Reitblatt, Foster, Rexford, Schlesinger, Walker 2012]
Internet
replicas
client’s IPs
…
Internet
replicas
client’s IPs
Change in weights Change in ranges
…
Action End Start
Server 2 125.37.255.0 125.26.188. 56
Server 3 126.2.100.50 125.37.255.1
36
36
But existing flow shouldn’t change
Per-Flow Consistency [Wang, Butnariu, Rexford, 2011]
Per-Flow Consistency solution [Wang et.al.]
Internet
replicas
client’s IPs
…
Controller
Action End Start
Server 2 125.37.255.0 125.26.188. 56
Server 3 126.2.100.50 125.37.255.1
36
36
1. Send flows in affected sub range to
controller
Internet
replicas
client’s IPs
…
Controller
Action End Start
Server 2 125.37.1.1 125.37.1.1
Server 2 125.37.255.0 125.26.188. 56
Server 3 126.2.100.50 125.37.255.1
36
36
2. Add specific rules for existing flows
Per-Flow Consistency solution [Wang et.al.]
Internet
replicas
client’s IPs
…
Richer OpenFlow interface (e.g. DevoFlow) can solve this locally in the switch and save control communication.
Controller
DevoFlow
Per-Flow Consistency solution [Wang et.al.]
Cross-Entrance Consistency
replicas …
client’s IPs
Internet X
Controller
SDN Network
Local solution is not possible We must sync between entrances
Implementing Cross-Entrance Consistency
replicas …
client’s IPs
Internet Controller
DevoFlow + SYN match
DevoFlow + SYN match
Richer OpenFlow interface (e.g. DevoFlow and SYN matching) can reduce control communication.
summary
• Efficient Ranges implementation
• Multi-entrance consistency
Questions ?
Related Documents
