SDN with Link-State Routing Protocols

PIRL

Olivier Tilmans

8th March 2016

UCLouvain

Joint work with

S. Vissicchio (UCLouvain), L. Vanbever (ETH Zurich) and J. Rexford (Princeton)

IPv6 comes with a unique opportunity

current network

new network

IPv6 transition

IPv6 comes with a unique opportunity

to improve configuration automation

current network

new network

IPv6 transition

IPv6 comes with a unique opportunity

to simplify the protocol stack

current network

new network

IGPMPLS

RSVPBGP

IPv6 transition

IPv6 comes with a unique opportunity

to change network designs

SDN (e.g., OpenFlow, Segment Routing)

Traditional (e.g., IGP, distributed MPLS)

The state of the art includes two networking models

based on opposite principles

SDN simplifies control-plane and management,

but sacrifices robustness of distributed protocols

Manageability

Flexibility

Scalability

Robustness

SDN

ad hoc

low

highest

high

Traditional

IGP, tunnelling (RSVP-TE)

by design

high

low

low

SDN simplifies control-plane and management,

but sacrifices robustness of distributed protocols

Manageability

Flexibility

Scalability

Robustness

SDN

ad hoc

low

highest

high

Traditional

IGP, tunnelling (RSVP-TE)

by design

high

low

low

We propose Fibbing, a network architecture which

combines advantages of SDN and traditional networking

Fibbingcentral control over a single link-state IGP

SDN with Link-State Routing Protocols

Manageability1

Scalability & Robustness

2 Flexibility

3

SDN with Link-State Routing Protocols

Manageability1

Scalability & Robustness

2 Flexibility

3

achieving central control

A B

C

destinationsource

Consider this simple network

(implemented with Cisco routers)

X

12

A B

C X

An IGP control-plane computes

shortest paths on a shared weighted topology

control-plane

3

1

110

shortest paths

13

IGP shortest paths are translated into

forwarding paths on the data-plane

data-plane

traffic flow

A B

C

X

A B

C X

control-plane

3

1

110

14

In Fibbing, operators can ask

the controller to modify forwarding paths

requirement (C,A,B,X)

A B

C X3

1

110

15

The Fibbing controller injects information on

fake nodes and links into the IGP control-plane

node V1 link (V1,C) map (V1,C) to (C,A)

A B

C X3

1

110

requirement (C,A,B,X)

16

Informations are flooded

to all IGP routers in the network

A B

C X3

1

110

requirement (C,A,B,X)

17

node V1 link (V1,C) map (V1,C) to (C,A)

Fibbing messages augment

the topology seen by all IGP routers

1

A B

C X3

1

110V1

requirement (C,A,B,X)

18

node V1 link (V1,C) map (V1,C) to (C,A)

Augmented topologies translate

into new control-plane paths

A B

C X3

1

110

requirement (C,A,B,X)

1

V1

19

node V1 link (V1,C) map (V1,C) to (C,A)

Augmented topologies translate

into new data-plane paths

A B

C

X

A B

C X3

1

110

1

V1

requirement (C,A,B,X)

20

node V1 link (V1,C) map (V1,C) to (C,A)

SDN with Link-State Routing Protocols

Manageability1

Scalability & Robustness

2 Flexibility

3

Fibbing can enforce

any set of forwarding DAGs

22

paths for the same destination not creating loops

Fibbing can enforce

any set of forwarding DAGs

23

SDN with Link-State Routing Protocols

Manageability1

Scalability & Robustness

2 Flexibility

3

fine-grained control

24

In the following network,

the blue destination is subject to a DoS attack

A C

B

X

D

5

10

5

5

1051

1

scrubber25

Fibbing can steer away

traffic on a per-destination basis

A C

B

X

D

5

10

5

5

1051

1

fA1

requirement (C,D,X) and (B,C,D,X)

26

SDN with Link-State Routing Protocols

Manageability1

Scalability & Robustness

2 Flexibility

3

per-destination load-balancing

27

Leveraging multiple paths is hard

when links/flows have different capacities/demands

A C

B

X

D

10

10

5

5

1010

Higher link bandwidth

Lower link bandwidth

Higher traffic demand

28

Fibbing has fine-grained control over ECMP routing

Adding new equal-cost path

A C

B

X

D

10

10

5

5

1010fA

15

requirement (A,C,X) and (A,B,X) and (A,D,X)

29

requirements splittingRatios{ (A,B): 2 (A,C): 1}

A C

B

X

D

10

10

5

5

1010

fA

15

Fibbing has fine-grained control over ECMP routing

Introducing uneven load-balancing

30

SDN with Link-State Routing Protocols

Manageability1

Scalability & Robustness

2 Flexibility

3

backup paths provisioning

31

Link failures may induce

congestion or increased delays

A C

B

X

D

5

10

5

10

20 20

32

Fibbing can provision backup paths

C

B

X

D

5

10

5

10

20 20

A

fA

15

requirement (A,D,X) asBackupOf (A,B,X)

33

SDN with Link-State Routing Protocols

Manageability1

Scalability & Robustness

2 Flexibility

3

IGP on steroids

We implemented a Fibbing controller

Works with vanilla OSPF and off-the-shelf routers

Supports all presented use-cases

Induces very little overhead on the routers

No impact on SPF computation

IS-IS requires a protocol extension

Source-code on Github

35

By building upon the underlying IGP,

Fibbing is robust and reactive to failures

1. IGP provides sync primitives

2. replica failures have no impact on forwarding

Fibbing naturally supports replicated controllers

1. IGP is sufficient for some failures [Filsfils07]

2. IGP provides a default for partitions

Fibbing easily deals with network failures

36

Fibbing shows the benefits of

central control over distributed protocols

heavy work is still done by routers

IGPs are in charge of all intra-domain paths

Simplifies controllers and improves robustness

network-wide automated control

Realizes SDN management model

Simplifies network design

37

Olivier Tilmans

olivier.tilmans@uclouvain.be

Tell me lies, tell me sweet little lies

— Fleetwood Mac

SDN with Link-State Routing Protocols

fibbing.net

Backup slides

SDN with Link-State Routing Protocols

MPLS+RSVP-TE/SR

can solve all the presented use-cases

Need to provision one tunnel per ingress point

Hard to add/remove equal-paths for elephant flows

Fibbing also controls path cost seen by other protocols

40

Fibbing manipulates IGP topology, so

does MTR, what’s the difference?

MTR is CLI-driven (configuration changes to do on

every router vs flooding)

Cannot do uneven load-balancing

41

Why shouldn’t I use

Policy-Based Routing?

PBR is CLI-driven (configuration changes to do on

every router vs flooding)

PBR decisions are local to a single router

CPU fallback

42

How am I supposed to troubleshoot a

network with fake elements?

The controller is the primary source of information

Fake elements can be quickly identified in LSDBs

43

Openflow solves everything

The controller has to setup flow entries on every switch

Switches rely on the controller to handle failures

IGPs are getting extensions to support Flowspec, …

44

Experiments on real routers show that

Fibbing has very limited impact on routers

1 000

5 000

10 000

router memory (MB)

0.7

76.0

153

50 000

100 000

6.8

14.5

# fake nodes

CPU utilization always under 4%

>> # real routers

45

The controller can choose between a (very) fast

algorithm or one that minimize the augmented topology

Rocketfuel topology of AS1239 (300+ routers)

46

We study which messages to inject

for controlling intra-domain routing protocols

forwarding

paths

weighted

topology

shortest-path

computation

link-state IGP

input function output

47

The output of the controlled protocol

is specified by operators’ requirements

forwarding

paths

weighted

topology

shortest-path

computation

input function

provided by operators or controller optimizers

(e.g., DEFO)

link-state IGP

output

48

Inverse

To control IGP output, the Fibbing controller

inverts the shortest-path function

forwarding

paths

weighted

topology

shortest-path

computation

49

SDN achieves high manageability

by relying on a centralized controller

derives FIB entries

install FIB entries

computes paths

high-level requirements

network controller

configuration

50

Fibbing is as manageable as SDN,

but centralizes only high-level decisions

Fibbing controller

computes paths

requirements

51

Fibbing keeps installation distributed,

relying on distributed protocols

distributed control-plane install FIB entries

computes FIB entries

data-plane52

Distributed installation is controlled

by injecting carefully-computed information

control-plane messages

53

Manageability

Flexibility

Scalability

Robustness

SDN

ad hoc

low

highest

high

Traditional

IGP, tunnelling (RSVP-TE)

by design

high

low

low

Fibbing

by design

high

high

high

Fibbing combines advantages

of SDN and traditional networking

Manageability

Flexibility

Scalability

Robustness

Fibbing

by design

high

high

high

centralized controller

per-destination full control

some functions are distributed

Fibbing combines advantages

of SDN and traditional networking

Our prototype includes algorithms

to compute augmented topologies of limited size

network topology

+

path reqs.

per-destination forwarding DAGs

augmented topology

reduced topology

running network

Compilation Augmentation OptimizationInjection/Monitoring

56

The controller listens through an OSPF adjacency

to keep an up-to-date view of the topology

network topology

+

path reqs.

per-destination forwarding DAGs

augmented topology

reduced topology

running network

Compilation Augmentation OptimizationInjection/Monitoring

57