Software Defined Networking

Software Defined Networking (SDN) is growing in popularity and relevance especially in data centre context. This project will continue the investigations on the applicability of SDN for UNINETT.

Among the aspects to be addressed are
– Controller resilience and performance in a backbone context
– Performance and price of open/white-box equipment
– Potential “killer” application areas

Clean Sky and Netsys 2017

In week 11 (March 13-17) 2017 both Clean Sky‘s (an EU ITN) annual conference as well as the  NetSys 2017 conference took place in Göttingen, Germany. UNINETT visited both events.

The Clean Sky fellows (PhD students) are all progressing steadily with their SDN-NFV topics. A majority of the works focus on optimizing different aspects of a future edge/fog computing environment.  Among the topics presented (some by keynote speakers) this time was

  • ClusPR: An algorithm for optimized placement of both flows and VNF in a topology
  • Profiling the edge network: Work in progress to anonymized web-logs so that they may be applied for user interests analysis
  • Multihop middle-box selection: New DNS record suggested to enable a client to influence how a chain of middle-boxes is to be composed
  • NFV state migration: “Statelets” introduced (small state update packets) to enable close to seamless migration of a VFN.
  • VNF placement in the edge-cloud: Network cost, processing cost with energy parameters are included in  a placement algorithm. IoT is the target domain.
  • Deploying distributed application: A VNF is just a high performance (low delay and/or high throughput) micro-service. Software developer need to supply quantitative information (from code profiling) to deployments engineers. New deployment templates suggested.

UNINETT is currently hosting one of the Clean Sky fellows and supporting him in his work on profiling user behavior to optimized data caching and computation in fog-computing contexts. Web server logs will (hopefully) be made available, after being anonymized, for profiling analysis (ref. pin 2 above).

NetSys 2017 presented work from a fairly broad range of networking research topics. “Single line” summaries of the more relevant presentations, seen from a backbone operators point of view, follows below.

  • Sufian Hameed et al (NUCES) presented a light weight protocol which may utilize SDN equipment in multiple domains (ASes) to block DDoS attacks efficiently.
  • Nicholas Gray et al (University of Würzburg) suggested a hot-standby regime for L4 firewalls.
  • Robert Bauer et al (Karlsruhe Institute of Technology) showed how “flow load” distribution can be realized in an SDN network. A switch with full FIB may be offloaded by having entries moved to neighboring switches.
  • Leonhard Nobach et al (Technische Universität Darmstadt) presented how the balance between applying FPGA or COTS hardware for NFV can be optimized.
  • Keynote speaker Henning Schulzrinne ( Columbia University) emphasized that IoT expose all security deficiencies of the internet. There is currently little incentive for producers and consumers to change this, since none of them are directly affected when IoT devices are exploited for e.g. DDoS attacks. Large scale management (enrollment, updates, …) of IoT devices will be crucial in the future.
  • Cristina Muñoz et al (University of Cambridge) explained how iterative bloom-filters may be applied to reduce FIB size in a named data network (or information centric network, ICN)  node.
  • Keynote speaker Wieland Holfelder (Google Germany GmbH) recommends Googles tensorflow.org project for machine learning.
  • Keynote speaker Rolf Stadler (KTH) showed how a prediction engine can be trained to predict QoE-parameters from system KPI values only (e.g. from statistics in linux servers’s  /proc or just statistics from network switches.)
  • Claas Lorenz (genua GmbH) suggested how complex firewall rule sets may be analyses and verified efficiently.

In search for “the meaning of SDN”

UNINETTs 2015 innovation project on SDN technology has continued the search for a “the meaning of SDN” for an IP backbone network operator. A growing number of vendors and  communities (both commercially driven and more idealistic)  keep on announcing enthusiastically SDN as the way to go while also posting warnings about believing SDN is the panacea for network management challenges.

What is clear so far is that the big players providing could services, e.g. Amazon, Facebook, Microsoft Azure and Google, have made great advancements within the data center management domain by introducing SDN controlled switching hardware and centralized control and orchestration software. Several papers reporting such success where presented at e.g. Sigcomm 2015 . Strict top-down control enables (not surprisingly) configurations which push utilization of resources close to 100%. Near optimal reconfiguration due to dynamic demands is also achievable.

When it comes to SDN applied in an average backbone network (e.g. like UNINETT), a growing number of option seem to emerge, much due to advances made in data center networking.

  • Capacities of open networking SDN hardware has increased to 10/40Gbps
  • SDN controllers have matured. Several open source license free alternatives are now relevant.

But when it comes to orchestration of a overall SDN based infrastructure, the options available are less. Most open frameworks, e.g. like Open Stack, are tuned towards data center resource management. It is not obvious how such frameworks can be reapplied in a backbone context.  The big cloud service players do to a large extent have their inter-data center backbone networks operated by SDN infrastructures. However their orchestration systems are “home grown”, potentially not general enough, and not (yet) publicly available.

UNINETTs SDN2015 innovation project has resulted in gained knowledge in the domain of SDN through a collection of activities.

  • Aryan TaheriMonfared, partly funded by UNINETT,  completed his PhD October 26th 2015. His thesis is titled “Software-Defined Networking Architecture Framework for Multi-Tenant Enterprise Cloud Environments”
  • A half day workshop on SDN was successfully held in August 2015.
  • A re-initiation of UNINETTs SDN-lab has been started. Due to cost and timeing factors, a locally located variant of the lab is now in progress (instead of the first inter-city variant). The mail aim now is to better enable experimentation with inter-datacenter traffic management.
  • Participation in the InaaS task of Geant4 1 year JRA2 has been done. Due to limited overlap with activities directly relevant for UNINETT, an observatory role was taken.
  • UNINETT has contributed in applications for research project funding within the SDN-domain.
  • Analysis of controller organization and placement in a futuristic SDN-based UNINETT backbone has been initiated, but not yet concluded.
  • A presentation on datacentre backbone networks was held at the EU FP7 Clean Sky Summer School in Göttingen in September 2015.

 

PHD in SDN at University of Stavanger

Aryan Taherimonfared has completed his PHD at the University of Stavanger within Software Defined Networking(SDN). His PHD advisor was Chunming Rong. He has been working for UNNETT contributing to the UNINETT SDN-project as well during this time.

Thesis abstract

The contribution of this thesis is twofold. First, several architectural improvements are proposed for network monitoring services. These proposals take advantage of the data-intensive computing model and SDN mechanisms to advance the state-of-the-art in monitoring backbone and data centre networks. Second, various components of an SDN architecture framework are designed that enhance the efficacy, reliability, and manageability of a large-scale cloud infrastructure. The enhancements are particularly made to network virtualization techniques, which are the critical building blocks in the cloud service delivery.

Read the thesis at http://www.ux.uis.no/~aryan/docs/thesis/

Workshop on SDN, Summer 2015

UNINETT invited to a another workshop in our series of half day workshops on SDN at the end of the summer, August 27 2015. 8 people attended, arriving from Transpacket, Department of Telematics at NTNU and UNINETT. Two participants attended remotely from Oslo.

The workshop program was the following

Presentation slides will soon become available.

Discussions went lively throughout the workshop, and many aspects and challenges with SDN where addressed. The participants where in general satisfied with the workshop (even though attendance was somewhat lower than expected). Hence UNINETT will strive to offer another workshop in the spring 2016.

SDN at SIGCOMM 2015

Close to 1/3 of all main track presentation at SIGCOMM 2015 in London, August 18-20, addressed challenges and experiences related to data centres. Software Defined Networking was often the actual or assumed underlying technology.

All SIGCOMM 2015 papers are available online  via the conference web site.

A general impression is that most accepted work at SIGCOMM is funded by “the big players”, e.g. Google, Facebook, Microsoft, Cisco. A majority of work presented reports results from mature research often already deployed in pilot (and even production) infrastructures. Hence few “crazy” new ideas are introduced.

Fortunately the poster sessions did give room for some novel and surprising ideas, among them free space optics based intra-data centre networks with physical multicast capabilities.

This post summarises a selection of the papers presented.

  • Best paper award:  Stefano Vissicchio et al from UCLouvain presented their SDN concept added on top of a link-state routed network. A central controller introduce fake nodes by communicating tailored link state announcements to routers in the network, and enable traffic engineering on a source-destination level. If the controller fails, the system default back to standard link-state behaviour.
  • Keynote:  Albert Greenberg from Microsoft explained how the Azure infrastructure is running close to 100% on SDN technology. 40Gbps 4 level clos networks interconnects servers in data centres. Data centre resources are now applied to operate the data centre, e.g. fairly intense active monitoring of end-to-end paths by running traffic generators and sinks.
  • Policy languages: Prakash et al from University of Wisconsin-Madison presented a graph based system for better policy conflict managements. Set theory is applied. It seems to scale well, but results are none-deterministic.
  • Resource management: Several papers presented techniques to optimize placement and access to data centre resource. Scheduling challenges were addressed. Google gave a historical summary of their data centre activities explaining how and what they have learned is important to be able to scale up their installations.
  • Wireless aspects: A set of papers look into the utilizing backscatter, i.e. superimposing signals on top of reflected or transit waves from other sources,  in new ways.  High accuracy positioning with off-the-shelf  wifi equipment was also address by several groups.
  • Video streaming: Work on optimization of content placement in content delivery networks (CDNs) where presented, as well as advanced control theory driven rate control in video players
  • Physical internet: Ramakrishnan Durairajan et al from University of Wisconsin – Madison presented work on mapping physical infrastructure of US based ISPs. Results show that ducts are shared frequently and as many as 80% share at least one duct. Hence care is needed to ensure true resilience when multi-homing to different ISPs.

Otto’s personal notes are available on request.