1

Participatory Networking:

An API for Application Control of SDNs

Andrew Ferguson, Arjun Guha, Chen Liang,Rodrigo Fonseca, and Shriram Krishnamurthi

Cornell

2

Participatory Networking

3

Motivation

2. Ekiga3. ZooKeeper4. Hadoop

1. SSHGuard

4

2. Ekiga3. ZooKeeper4. Hadoop

1. SSHGuard

blocks hosts in response to login attempts

uses knowledge from host OS

prefers to deny traffic close to source

SSHGuarSSHGuardd

SSHGuarSSHGuardd

SSHGuarSSHGuarddSSHGuarSSHGuar

dd

SSHGuarSSHGuardd

SSHGuarSSHGuardd

SSHGuarSSHGuardd

5

2. Ekiga3. ZooKeeper4. Hadoop

1. SSHGuard

open source VOIP client

network needs dictated by end-user

prefers to reserve bandwidth

EkigaEkiga

EkigaEkiga

6

2. Ekiga3. ZooKeeper4. Hadoop

1. SSHGuard

Paxos-like coordination service

network needs dictated by placement

prefers high-priority switch queues

ZooKeepeZooKeeperr ZooKeepeZooKeepe

rr

ZooKeepeZooKeeperr

7

2. Ekiga3. ZooKeeper4. Hadoop

1. SSHGuard

open source data processing platform

network weights known by scheduler

prefers to reserve bandwidth

HadoopHadoop

HadoopHadoop

HadoopHadoop

HadoopHadoop

HadoopHadoop

HadoopHadoop

HadoopHadoop

HadoopHadoop

HadoopHadoop

HadoopHadoop

HadoopHadoop

HadoopHadoop

8

SDN ControllersSDN Controllers

SSHGuarSSHGuardd

SSHGuarSSHGuarddSSHGuardSSHGuard EkigaEkiga ZooKeepeZooKeepe

rrHadoopHadoopEkigaEkiga

9

10

1. decompose control and visibility2. resolve conflicts between requests

Challenges

11

Participatory

Networking

12

PANE

Participatory

Networking1. Requests 2. Hints3. Queries

13

Participatory

Networking• End-user API for SDNs• Exposes existing mechanisms• No effect on

unmodified applications

14

Decomposing Control

15

Shares

Hadoop

16

root

root adf

bandwidth100Mbps

bandwidth50Mbps

Share Tree

17

PANE

Reserve 2 Mbpsfrom now to +5min?

Yes

This traffic will be

short and bursty

OKHow much web trafficin the last hour?

67,560 bytes

18

bandwidth100Mbps

bandwidth100Mbps

bandwidth100Mbps

PANE

Current: 0 Mbps Current: 0 Mbps

Current: 0 Mbps

Reserve 80 Mbps?

Current: 80 Mbps

Yes

Current: 80 Mbps

Res

erve

50

Mbp

s?

No

ShareA

ShareB

19

Resolving Conflicts

20

root

root adf

bandwidth100Mbps

bandwidth50Mbps

Share Tree

21

(dstPort = 22, Deny)

(dstIP=10.0.0.2, GMB=30)

(dstPort=80, GMB=10) (srcIP=10.0.0.1, Allow)

Policy Trees

(srcIP=10.0.0.2, GMB=20)

22

(dstPort = 22, Deny)

(dstIP=10.0.0.2, GMB=30)

(dstPort=80, GMB=10) (srcIP=10.0.0.1, Allow)

Packet:

src 10.0.0.1

dst 10.0.0.2:80

Packet:

src 10.0.0.1

dst 10.0.0.2:80

Policy Trees

(srcIP=10.0.0.2, GMB=20)

23

(dstPort = 22, Deny)

(dstIP=10.0.0.2, GMB=30)

(dstPort=80, GMB=10) (srcIP=10.0.0.1, Allow)

Packet:

src 10.0.0.1

dst 10.0.0.2:80

Packet:

src 10.0.0.1

dst 10.0.0.2:80

Allow?++SS

GMB=10GMB=30

0 ++PP

GMB=30

Packet Evaluation

(srcIP=10.0.0.1, GMB=20) GMB=10

++DD

HierarchicalFlow Tables

24

GMB=10GMB=30

GMB=30

Conflict Resolution

Only Requirements:Associative, 0-

identity

GMB=10(dstPort=80, GMB=10)

Allow(srcIP=10.0.0.1,

Allow)

(srcIP=10.0.0.1, GMB=20)

(dstIP=10.0.0.2, GMB=30)

++PP

++DD++

SS

HierarchicalFlow Tables

25

++DD

++PP

++SS

Sibling

Parent-Sibling

In nodeD and S identical.

Deny overrides Allow.GMB combines as max

Rate-limit combines as min

Child overrides Parentfor Access Control

GMB combines as maxRate-limit combines as min

PANE’s Conflict Resolution Operators

26

Implementation

27

(dstPort = 22, Deny)

(dstIP=10.0.0.2, G

MB=30)

(dstPort=80, GMB=10)

(srcIP=10.0.0.1, Allow)

(dstPort = 22, Deny)

(dstIP=10.0.0.2, G

MB=30)

(dstPort=80, GMB=10)

(srcIP=10.0.0.1, Allow)

(dstPort = 22, Deny)

(dstIP=10.0.0.2, G

MB=30)

(dstPort=80, GMB=10)

(srcIP=10.0.0.1, Allow)

(dstPort = 22, Deny)

(dstIP=10.0.0.2, G

MB=30)

(dstPort=80, GMB=10)

(srcIP=10.0.0.1, Allow)

(dstPort = 22, Deny)

(dstIP=10.0.0.2, G

MB=30)

(dstPort=80, GMB=10)

(srcIP=10.0.0.1, Allow)PA

NE

28

(dstPort = 22, Deny)

(dstIP=10.0.0.2, GMB=30)

(dstPort=80, GMB=10) (srcIP=10.0.0.1, Allow)

(srcIP=10.0.0.2, GMB=20)

29

PANE

30

PANE

31

PANE

32

PANE

33

24Mbps5Mbps8Mbps24Mbps

PANE

34

24Mbps

PANE

35

PANE

0.6

0.6

36

Evaluation

37

38

Evaluation

2. Ekiga3. ZooKeeper4. Hadoop

1. SSHGuard

access controlbandwidth

reservationsqueues for low latency

centralized traffic weights

39

Three equal-sized sort jobs:•Two Low Priority with 25% weight•One High Priority with 50% weight

Dynamically apply QoS to High Priority flows using PANE.

PANE2

2Hosts

40

Hadoop’s OpenFlow rules

PANE2

2Hosts

41

Conclusion

1.For applications that know what they want from the network

• Allows these applications to co-exist

42

Andrew Fergusonadf@cs.brown.edupane.cs.brown.edu

43

Andrew Fergusonadf@cs.brown.edu

• Arjun Guha

• Chen Liang

• Rodrigo

Fonseca

• Shriram

Krishnamurthi

Co-

auth

or

s

pane.cs.brown.edu

Brown ↦ Cornell ↦ UMass Amherst

Brown ↦ Duke

Brown

Brown

44

BackupSlides

45

Proof of Correctness

46

Packet:

src 10.0.0.1

dst 10.0.0.2:80

Packet:

src 10.0.0.1

dst 10.0.0.2:80(dstPort = 22, Deny)

(dstIP=10.0.0.2, GMB=30)

(dstPort=80, GMB=10) (srcIP=10.0.0.1, Allow)

AllowGMB=10

++SS

GMB=10GMB=30++PP

GMB=30

Hierarchical Flow Tables

47

Compiler Correctness

48

Coq Proof Assistant

49

Packet:

src 10.0.0.1

dst 10.0.0.2:80

Packet:

src 10.0.0.1

dst 10.0.0.2:80GMB 30compile

Theorem

50

Protocol

51

NewShare aBW for (user=Alice) [reserve <=

10Mb]on rootShare.

PANE

OK

Grant aBW to Alice.

OK

reserve(user=Alice,dstPort=80) = 5Mb on aBW

from now to +10min.

reserve(user=Alice,dstPort=80) = 5Mb on aBW

from now to +10min.

reserve(user=Alice,dstPort=80) = 5Mb on aBW

from now to +10min.

NewShare aBW for (user=Alice) [reserve <=

10Mb]on rootShare.

Root

Alice

52

PANE

reserve(user=Alice,dstPort=80) = 5Mb on aBW

from now to +10min.

53

PANE

reserve(user=Alice,dstPort=80) = 5Mb on aBW

from now to +10min.

54

PANE

reserve(user=Alice,dstPort=80) = 5Mb on aBW

from now to +10min.

55

PANE

reserve(user=Alice,dstPort=80) = 5Mb on aBW

from now to +10min.

56

PANE

reserve(user=Alice,dstPort=80) = 5Mb on aBW

from now to +10min.NO

reserve(user=Alice,dstPort=80) = 5Mb on aBWfrom +20min to +30min.

Alice

57

PANE

reserve(user=Alice,dstPort=80) = 5Mb on aBWfrom +20min to +30min.

58

PANE

reserve(user=Alice,dstPort=80) = 5Mb on aBWfrom +20min to +30min.

59

PANE

reserve(user=Alice,dstPort=80) = 5Mb on aBWfrom +20min to +30min.

60

PANE

reserve(user=Alice,dstPort=80) = 5Mb on aBW

from now to +10min.NO

reserve(user=Alice,dstPort=80) = 5Mb on aBWfrom +20min to +30min.

OKAlice

61

NewShare aAC for (dstHost=10.0.0.2) [deny =

True]on rootShare.

PANE

OK

Grant aAC to Alice.

OK

10.0.0.2Alice

Root

62

10.0.0.3 Eve

PANE

10.0.0.2

deny(dstHost=10.0.0.2, srcHost=10.0.0.3) on

aACfrom now to +5min.

OK

Alice

63

Netflix

64

6565

66

67

68

69

Datacenter

70

Based on “Delusional Boot: Securing Cloud Hypervisors without Massive Re-Engineering” (EuroSys 2012)

ProductionPlatform

BootService

71

Based on “Delusional Boot: Securing Cloud Hypervisors without Massive Re-Engineering” (EuroSys 2012)

ProductionPlatform

BootService

72

Based on “Delusional Boot: Securing Cloud Hypervisors without Massive Re-Engineering” (EuroSys 2012)

ProductionPlatform

BootService

73

Based on “Delusional Boot: Securing Cloud Hypervisors without Massive Re-Engineering” (EuroSys 2012)

ProductionPlatform

BootService

74

Enterprise

75

76

77

78

79

A problem in the datacenter

80

81

82

Participatory

Networking

8383Ken Thompson & Dennis Ritchie

Jon Postel

8585

86

Safe?Secure? Fair?Loop freedom

?

Participatory

NetworkingBlack holes?