View
5
Download
0
Category
Preview:
Citation preview
Pamela Zave
AT&T Laboratories—Research
Florham Park, New Jersey, USA
joint work with Jennifer Rexford, Princeton University
ABSTRACTIONS
OF THE DATA PLANE
DIMACS Working Group on
Abstractions for Network
Services, Architecture, and Implementation
WHAT WE ATE FOR LUNCH
CHINESE FOOD, OF COURSE, AND LEARNED THAT . . .
“We find comfort among those who agree with us—
growth among those who don’t.”
THE PREVAILING ABSTRACTION OF THE DATA PLANE
APPLICATION LAYER
TRANSPORT LAYER
NETWORK LAYER
LINK LAYER
PHYSICAL LAYER
applications andmnemonic names
reliable (orunreliable) transport
best-effort globalpacket delivery
best-effort localpacket delivery
physical transferof bits
abstractions from “The futureof networking, and the past ofprotocols”
[Shenker 2011]
APPLICATION LAYER
TRANSPORT LAYER
NETWORK LAYER
LINK LAYER
PHYSICAL LAYER
applications andmnemonic names
reliable (or unreliable) transport
best-effort globalpacket delivery
best-effort localpacket delivery
physical transferof bits
2
1WHY SHOULD WE QUESTION THIS?
Because there are many
serious problems with the
current Internet, and we must
look at all possible solutions.
Because the purpose of the
control plane is to manage the
data plane, so a well-structured
data plane may be the key to a
well-structured control plane.
For example, “An axiomatic basisfor communication” is intendedto formalize what routers do . . .
. . . but much of the space isdevoted to a careful discussion of the behavior of the data plane. [Karsten, Keshav,
Prasad & Beg 2007]
3WHY SHOULD WE QUESTION THIS?
Because it is
not realistic.headers in a typical AT&T packet
Cloud Service
HTTP
TCP
IP
IPsec
IP
GTP (QoS, billing)
UDP
IP
MPLS
MPLS
Ethernet
15+ load balancing / routing algorithmsare involved in getting this packet to itsdestination . . .
. . . most with different goals in mind;
. . . most have been analyzed / designed in some state of isolation;
. . . all are getting more dynamic every day
from “Cloud computing and my worriesabout the network that enables it”
[Spatscheck 2010]
A BETTER ABSTRACTIONOF THE DATA PLANE? APPLICATION LAYER
TRANSPORT LAYER
LISP LAYER
MIDDLEWARE LAYER
NETWORK LAYER
LINK LAYER
MPLS LAYER
PHYSICAL LAYER
this is more realistic, . . .
. . . but consensus wouldbe difficult to achieve . . .
. . . and not long-lasting
A DIFFERENT VIEW OF THE DATA PLANE
LAYER
LAYER LAYER
LAYER
LAYER LAYER LAYER
Each layer is a distributedsystem with the sameabstract functionalityand the same abstractstate.
upper interface is aspecification of communication
services (provided)
lower interface is aspecification of communication
services (used)
includes transport,routing, and forwarding
This pattern isinstantiated manytimes in a networkarchitecture, formany purposes, atmany levels, andwith many differentscopes.
this hypothesiscomes fromPatterns inNetworkArchitecture
[Day 2008]
WE CALL THIS THE “GEOMORPHIC VIEW”OF NETWORKS . . .
. . . BECAUSE THE ARRANGEMENT OF
LAYERS RESEMBLES THE EARTH’S CRUST
it is inspired by Day’s ideas, with manychanges in terminology and (we hope)improvements
OUTLINE
Frequently-asked questions
Examples
Basic information about layers
Summary and conclusions
1234
LAYERS: MACHINES AND PROCESSES
these processes can onlycommunicate through a NETWORK,with all of the challenges we know well
the OPERATINGSYSTEM createsthese processesand enablesthem tocommunicatequickly and reliablywith each other
machine machine
we can choose to regard a virtualmachine as a machine . . .
this communicationis assumed as abuilding block
. . . and to regard communicationthrough the hypervisor and softswitchof a physical machine as networkedcommunication, and an object of study
LAYERS: MEMBERS, NAMES, AND ROUTING
a member has a name that is uniqueand permanent (although re-usable)
UNDERLAY(lower layer)
OVERLAY(higher layer)
members are connectedto each other by links
because there is usually not alink between each pair of members,routes tell members how to reacheach other
routing protocolmaintains routesas links change
B E
edb
a c
member process link
a member is a processthat represents itsmachine in that layer
each layerhas its ownname space
a link is an instance or usageof a communication service
UNDERLAY(lower layer)
OVERLAY(higher layer) B E
edb
a c
LAYERS: REGISTRATIONS
here theseregistrationsare attachments
here theseregistrationsare locations
registrations canbe created ordestroyed byeither layer
a registration maps anoverlay process to anunderlay process
both processes areon the same machine
the underlay process is aprocess in the lower layerthat represents the overlayprocess to the network
registrations
UNDERLAY(lower layer)
OVERLAY(higher layer) B E
edb
a c
LAYERS: CHANNELSa channel is an instance or usageof a communication service
a channel can be implemented as aservice by an underlay for an overlay
in the underlay,the channel iscalled a session
higher endpoint
lower endpoint
when b receives a channel requestfrom B for E, it uses locationsto find that E is located at e
in the overlay,the channel iscalled a link
underlay includes a transportprotocol that enforces theservice specification
LAYERS: SCOPE AND LEVEL
APPLICATIONLAYERS
INTERNETCORE
(IP, TCP, UDP)
LANs ANDWANs
application process
IP interface ofnetworked machine
Ethernetport interface
layers are arranged in ausage hierarchy, whichdefines levels
the scope of a layer is the set or classof processes that could be members
gateway
this is thegeomorphicview of theclassicInternetarchitecture
Webappli-cation
cloud
Internet
here there is no routing,because members are fullyconnected by communicationservices
LAYERS: VARIATIONS
client
client
host host host
server
server
securityfilter
router router
here the communicationservices offered mightinclude security,anycast, broadcast, etc.
here the communicationservices might be onlypoint-to-point
here the filter is “in the network”
here the filter isan “endpoint”
here the purpose of routingis to provide services suchas security
“CloudNaaS: A cloud networkingplatform for enterprise applications”
[Benson, Akella,Shaikh & Sahu 2011]
here the purpose of routingis reachability
“The end-to-endargumentand applica-tiondesign: Therole of trust”[Clark &Blumenthal2011]
LAYERS: SOFTWARE STATE OF A LAYER
a layer is a distributedsoftware system
overlay
underlay underlay
members: set Process
locations: set Registration
sessions: set Channel
attachments: set Registration
links: set Channel
forwarding: set Route
this is a snapshot of its distributed, dynamic state
related toservingoverlays
strictlyinternal
related tousingunderlays
depends on
OUTLINE
Frequently-asked questions
Examples
Basic information about layers
Summary and conclusions
1234
FAQ: HOW IS THE GEOMORPHIC VIEW DIFFERENT FROM OVERLAYS?
LAYER LAYER
LAYER
LAYER
LAYER LAYER LAYER
“MOSAIC: Unifieddeclarative platformfor dynamic overlaycomposition”
[Mao, Loo, Ives& Smith 2008]
layering
bridging
geomorphic viewhas no uniquereference point, sothere is nothingfor an “overlay” tobe “over”
geomorphic viewattempts to explainwhat is in eachlayer, as well ashow they compose
FAQ: IS THE GEOMORPHIC VIEW DESCRIPTIVE OR PRESCRIPTIVE?
FUNCTIONALLY, IT IS DESCRIPTIVEthere should be no major function ordesign that cannot be described
HOWEVER, THERE ARE FEWERMECHANISMS THAN ARE FOUND “IN THE WILD”
no arguing about names vs. identifiersvs. locators vs. addresses—each layerhas one name space, designed andused for the purposes of the layer
no tunneling used as an intra-layerexception to the routing system—justinter-layer interfaces
FEWER MECHANISMS COULD MEAN: GOAL IS TO CHOOSE THEMECHANISMS THAT ARE THE BESTBECAUSE THEY FACILITATE . . .each design has exactly one
correct description
designs can be compared easily
it is possible to map out structuredspaces of design trade-offs
it is possible to get implementationsby code generation and re-use
composition—of layers,mechanisms within a layer, orreasoning methods
separation of concerns, so thatdiverse goals can be met withoutinterfering with each other
. . .
. . .
OUTLINE
Frequently-asked questions
Examples
Basic information about layers
Summary and conclusions
1234
LISPlayer
IPlayer
Endpoint Identifier (EID)
RLOC (IPaddress)
edge routers are fully connectedby IP links
when E1 sends to E2, R1A orR1B needs route to E2, becauseforwarding tables are sparselypopulated
route is (routes are) the samefrom every router, so the routecan be obtained by directorylookup
WHAT DO LISP AND SEATTLE HAVE IN COMMON?
EXAMPLE: COMPARING RESEARCH RESULTS
enterprise site enterprise site
R1A R2CE1 E2
R1B
R1A
R2D
R2D
Locator/IdentifierSeparation Protocol
SEATTLElayer
edge routers are fully connectedby SEATTLE links
when E1 sends to E4, R1needs route to E4, becauseforwarding tables are sparselypopulated
route is the same from everyrouter, so the route can beobtained by directory lookup
MAC addresses
WHAT DO LISP AND SEATTLE HAVE IN COMMON?
“Floodless in SEATTLE: A scalable Ethernet architecture for large enterprises”[Kim, Caesar & Rexford 2008]
IP layer
E1 R1
R2
R1
R3
R4
R4
E2
E3
E4
EthernetLANlayer
Nicira networks also have this structure;comparison focuses attention on the difference,which is how directories are implemented
EXAMPLE: COMPOSITION OF MOBILITY MECHANISMS
AS A PROBLEM, NETWORK MOBILITYIS A CHANGE IN REGISTRATION . . .
old new
AS A SOLUTION, NETWORK MOBILITYMAINTAINS CHANNELS, DESPITE THE MOBILITYOF THE PROCESSES PARTICIPATING IN THEM
higher endpoint
lower endpoint
. . . of a process, while it is participatingin a channel
service specification
BENEFITING LAYER
LAYER IMPLEMENTINGMOBILITY
MOBILITY IMPLEMENTATION: ATTACHMENT MOBILITY
A B
b
b’
a
a1’ a2’
a becomesdisconnectedbecause attachmentto a1’ and linksimplementedthrough a1’ fail
a forms a newattachment and newlinks through a2’
1
1
12
2
2
BENEFITING LAYER
the hard work of implementingattachment mobility is re-routingso that other processes canreach a through new links
LAYERIMPLEMENTING
MOBILITY
examples:
LANs/VLANs
Mobile IP
MSM-IP (usesIP multicast)
MOBILITY IMPLEMENTATION: LOCATION MOBILITY
A B
b1 b2
b1’ b2’
a
a’
1
1
2 2
BENEFITINGLAYER
LAYERIMPLEMENTINGMOBILITY
B or b1 destroys theirregistration
B or b2 creates a newregistration, session statetransferred from b1 to b2
the hard work of implementinglocation mobility is updatinglocations and a’s session stateso that B can be found at b2
disconnection may comefrom this layer, but thereis no mobility involvingthis layer
unless this is a case ofprocess migration, b1 andb2 are on same machine
examples:
TCP Migrate
“Serval: An end-host stack for service-centric networking” [Nordstrom, Shue, Gopalan,
Kiefer, Arye, Ko, Rexford & Freedman 2012]
A B
b1 b2
b1’ b2’
a
a1’ a2’
ARE THEY REALLY DIFFERENT?
ATTACHMENTMOBILITY
LOCATIONMOBILITY
registration changeat implementing layer’slower interface
registration changeat implementing layer’s
upper interface
distributed layer state affected:
distributed layerstate affected:
attachmentslinksforwarding
locationssessions
BENEFITING LAYER
LAYERIMPLEMENTING
MOBILITY
locations
sessions
members
routes
attachments
links
affected bylocationmobility
affected byattachmentmobility
there is no dependency betweenthe two state partitions
EXAMPLE: COMPOSITION OF MOBILITY MECHANISMS
WITHIN A LAYER:
mobility at one end of a session isindependent of mobility at theother end—either one can beattachment or location mobility,even simultaneously
at one end of a session, locationmobility can take over if attachmentmobility is failing
ACROSS LAYER BOUNDARIES:
mobility mechanisms in adjacentlayers are logically independent,can co-exist and even operatesimultaneously
established by reasoning aboutactions at the layer interface
established by verification of a formalmodel of the session protocol,reasoning about the layer state
“Compositional network mobility”
[Zave & Rexford 2012]
work session
EXAMPLE: NEW DESIGNS FROM THE MOBILITY SPACE
appli-cation
THE GOAL IS TO PROVIDE MOBILITY FOR THIS LAPTOP . . .
. . . NOTING THAT SOMETIMESTHE LAPTOP IS ON A BUS acts as a
mobile router
we want to avoid, e.g., . . .
. . . solutions that require updates for every passenger when the bus moves
. . . solutions that require an update for the bus when a passenger gets on or off
work session
registrationwhen laptop ison the bus
registrationwhen laptopis elsewhere
LAN on busvarious subnets, including roadside WiFi
bus companyrouter
port onbus LAN
EXAMPLE: NEW DESIGNS FROM THE MOBILITY SPACE
appli-cation
layer implementslocation mobilityfor laptop—activewhen laptopmoves on and offbus, not when busmoves
b00 b35
b30
layer implementsattachment mobility forbus—active when busmoves, does nothingwith individualdevices on bus
OUTLINE
Frequently-asked questions
Examples
Basic information about layers
Summary and conclusions
1234
SOME PURPOSES OFABSTRACTIONS
SOME CHARACTERISTICS (OR,MORE ACCURATELY, GOALS) OFTHE GEOMORPHIC VIEW
to compare and relate researchresults
to provide applications with richercommunication services andcleaner interfaces to them
to manage complexity withseparation of concerns anduse of general-purpose theories
the same basic pattern or templateis instantiated many times, formany different purposes, atdifferent levels and scopes
basic structures such as members,channels, and routing can look verydifferent at different levels of thestack
by partitioning the control state of alayer, facilitates composition of mechanisms within a layer
each design has exactly onecorrect description
by solidifying layer interfaces, facilitates composition of layers ina network stack
to compose successful solutions todiverse problems
to map out structured spaces ofdesign trade-offs
to implement layers by means ofcode generation and code re-use
SUMMARY
A BIG TRADE-OFF
STRUCTURES YOU OFTENSEE
THE GEOMORPHIC VIEWOF THESE STRUCTURES
gateway
each mechanism is adhoc, and its interactionswith other mechanismsare unpredictable
WHAT ABOUT THEREDUNDANCYAND OVERHEAD?
each layer can achievemultiple purposes
interactions amongmechanisms can bestudied, will becomewell-known
How much?Routers alreadyhave forwardingrules frommultiple layers.
Redundancy andoverhead can beremoved byoptimization—atthe cost of lessresilience tochange.
tunnel
layer boundary
THE GEOMORPHIC VIEW IS NEW AND IMMATURE
IN PARTICULAR, THE VIEW OF LAYERSTATE (partitions, dependencies) ISVERY SIMPLISTIC . . .
. . . because the only issue we havestudied in enough detail is mobility
OTHER ISSUES TO BE INVESTIGATED
anycast, multicast, broadcast, etc.
multihoming
middleboxes
enrollment
authentication
access control
privacy
failure recovery
resource management
ON THE OTHER HAND, THESE TWOIDEAS NOW SEEM INTUITIVELYOBVIOUS:
To understand the control plane,you must first understand the dataplane.
The geomorphic view of the dataplane—consisting of “complete” layersthat can be instantiated freely withdifferent levels, scopes, andpurposes—is a better abstraction of the dataplane than the classic Internetarchitecture.
Recommended