Upload
gerard-farmer
View
220
Download
0
Embed Size (px)
DESCRIPTION
Introduction Label switching can be done using MPLS, but MPLS support in commodity switches is limited. We explore an alternative scalable label-switching architecture that can be implemented on existing commodity hard-ware by using virtual MAC addresses, which we call shadow MACs, as forwarding labels. National Cheng Kung University CSIE Computer & Internet Architecture Lab 3
Citation preview
Shadow MACs: Scalable Label-switching for Commodity Ethernet
Author: Kanak Agarwal, John Carter, Eric Rozner and Colin DixonPublisher: HotSDN 2014Presenter: Yi-Tsung HuangDate: 2015/12/02
Department of Computer Science and Information Engineering National Cheng Kung University, Taiwan R.O.C.
Introduction
Issues around consistent updates and rule space exhaustion tend to only arise at scale.
Encoding fine-grained paths as labels allows all forwarding decisions to be made using fixed-width, exact-match lookups, which map easily into large simple hardware tables without requiring large expensive TCAM tables.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
2
Introduction
Label switching can be done using MPLS, but MPLS support in commodity switches is limited.
We explore an alternative scalable label-switching architecture that can be implemented on existing commodity hard-ware by using virtual MAC addresses, which we call shadow MACs, as forwarding labels.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
3
Design-Control Plane
The control plane of our label-based forwarding mechanism is implemented via extensions to a SDN controller.
We modify the controller to export an install route API to install a shadow-MAC-based label-routed path to a destination.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
4
Design-Control Plane
Alternatively, invoking applications can pre-install multiple paths to a host and activate them later for a particular flow.
SDN applications can activate one of the pre-installed routes for a flow by making an API call to the select route interface and specifying the source and flow identifier along with the route identifier for ingress switch match.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
5
Design-Core Forwarding
The key idea in our proposal is to treat each packet’s destination MAC address field as an opaque forwarding label.
The SDN controller allocates a unique shadow MAC address for each path in the network.
It then installs rules that match on the shadow MAC address in the L2 forwarding table of each switch along the path.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
6
Design-Edge Forwarding
Once the core is configured to forward packets based on shadow MACs, all that remains is to steer traffic in and out of MAC-label-switched paths at the source and destination edges.
We have implemented two schemes to accomplish these goals:• MAC address rewriting • ARP spoofing.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
7
Design-Edge Forwarding
We install a rule in the ingress switch that matches flow-specific fields and rewrites the destination MAC address to the shadow MAC address for the desired path.
At the egress switch, we install a rule that rewrites the destination MAC to the destination host’s real MAC address.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
8
Design-Edge Forwarding
National Cheng Kung University CSIE Computer & Internet Architecture Lab
9
Design-Edge Forwarding
The SDN controller acts as an ARP proxy and handles all ARP request from hosts.
When a path is activated between source and destination, the SDN controller sends a gratuitous ARP response to the source identifying the shadow MAC as the MAC address corresponding to the destination.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
10
Design-Edge Forwarding
National Cheng Kung University CSIE Computer & Internet Architecture Lab
11
Key Benefits-Minimal TCAM Usage
It requires little or no scarce TCAM resources to implement fine-grained (e.g., per-flow) forwarding.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
12
Key Benefits-Consistent Updates
SDN controller can pre-install new rules in the core and egress switches along the new path.
When the new path is fully installed, the SDN controller updates the route atomically by installing a new rewrite rule in the ingress switch
National Cheng Kung University CSIE Computer & Internet Architecture Lab
13
Key Benefits-End-to-End Multipathing
SDN controller can allocate multiple distinct paths (shadow MACs) per destination.
OVS can allocate flows in round-robin fashion
National Cheng Kung University CSIE Computer & Internet Architecture Lab
14
Key Benefits-Fast Switch-over
Our API allows SDN applications to pre-install multiple paths for a given flow, each of which uses a distinct shadow MAC address.
After installation, only one is activated, while the remainder lie dormant until needed.
To activate a new path, the SDN controller need only replace the rewrite rule in the ingress switch
National Cheng Kung University CSIE Computer & Internet Architecture Lab
15
Key Benefits-Fast Switch-over
National Cheng Kung University CSIE Computer & Internet Architecture Lab
16
Key Benefits-Fast Switch-over
National Cheng Kung University CSIE Computer & Internet Architecture Lab
17
Key Benefits-Fast Switch-over
National Cheng Kung University CSIE Computer & Internet Architecture Lab
18
Evaluation
National Cheng Kung University CSIE Computer & Internet Architecture Lab
19
Evaluation
We compare two mechanisms to change routes.• Shadow MAC rerouting• Traditional OpenFlow rerouting uses Floodlight’s
Static Flow Pusher We consider a packet to be incorrectly routed
if it traverses part of more than one route.
National Cheng Kung University CSIE Computer & Internet Architecture Lab
20
Evaluation
National Cheng Kung University CSIE Computer & Internet Architecture Lab
21
Evaluation
National Cheng Kung University CSIE Computer & Internet Architecture Lab
22