Composing Heterogeneous SDN Controllers with Flowbricks

Dixit, Advait; Kogan, Kirill; Eugster, Patrick

doi:10.1109/icnp.2014.50

Cited by 16 publications

(10 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Whereas power optimization is out of scope of this paper, in the TCAM case, assuming the power consumption linearly depends on the number of TCAM cells (participated in lookup), reducing the classification width implicitly results in an improved power consumption (see Table IV). Multi-group representations to reduce power consumption have appeared at [35], [50], while the space-time tradeoff for representation of hierarchical classifiers has been considered in [15], [23], [27]. Minimization of memory requirements for multiple instances of a given classifier has been explored in [29].…”

Section: Related Workmentioning

confidence: 99%

Exploiting Order Independence for Scalable and Expressive Packet Classification

Kogan

Nikolenko

Rottenstreich

et al. 2016

IEEE/ACM Trans. Networking

Self Cite

View full text Add to dashboard Cite

Efficient packet classification is a core concern for network services. Traditional multi-field classification approaches, in both software and ternary content-addressable memory (TCAMs), entail tradeoffs between (memory) space and (lookup) time. TCAMs cannot efficiently represent range rules, a common class of classification rules confining values of packet fields to given ranges. The exponential space growth of TCAM entries relative to the number of fields is exacerbated when multiple fields contain ranges. In this work, we present a novel approach which identifies properties of many classifiers which can be implemented in linear space and with worst-case guaranteed logarithmic time and allows the addition of more fields including range constraints without impacting space and time complexities. On real-life classifiers from Cisco Systems and additional classifiers from ClassBench (with real parameters), 90-95% of rules are thus handled, and the other 5-10% of rules can be stored in TCAM to be processed in parallel.Index Terms-Packet classification, ternary content-addressable memory (TCAM).

show abstract

Section: Related Workmentioning

confidence: 99%

Exploiting Order Independence for Scalable and Expressive Packet Classification

Kogan

Nikolenko

Rottenstreich

et al. 2016

IEEE/ACM Trans. Networking

Self Cite

View full text Add to dashboard Cite

show abstract

“…Therefore, East/West‐bound communication is not possible for controllers from different vendors unless a network application was built to accomplish that specific purpose. There are attempts() to establish this heterogeneous East/West‐bound communication, but the proposed methods are not adopted by other controllers besides those in the proposed platforms.…”

Section: East/west‐bound Communicationmentioning

confidence: 99%

Design, implementation, and performance evaluation of identity‐based cryptography in ONOS

Lam

Lee

et al. 2017

Int J Network Mgmt

View full text Add to dashboard Cite

SummaryDistributed Software-Defined Network introduces a new communication channel:the East/West-bound communication where the controllers synchronize the network information to achieve the logically centralized view of the network. The East/West-bound communication can be divided into 2 types, the intra-cluster and inter-cluster communication. Intra-cluster communication happens within the control plane while inter-cluster communication usually happens on the application plane through the northbound communication of each controller. The security of the East/West-bound communication ensures that no malicious controllers are eavesdropping on or even driving the network. However, most current Software-Defined Network projects do not implement the security mechanism for the East/West-bound communication with Open Networking Operating System (ONOS) being the exception. In ONOS, Transport Layer Security (TLS) was used to secure the intra-cluster communication, but the complicated key management of TLS could be a hindrance for practical implementation. Hence, Identity-based cryptography protocol was proposed to solve this TLS issue of our previous implementation. In this paper, we have designed, implemented, and evaluated the identity-based cryptography protocol to secure the East/West-bound intra-cluster communication of ONOS.

show abstract

“…To set the scene, we first briefly present some features of SDN policy, and then review the parallel and sequential composition operations introduced in [14], [13], [19], [9]. Finally, we give examples to motivate our work.…”

Section: Background and Motivationmentioning

confidence: 99%

“…A practical composition mechanism should ensure that the composed rule of multiple policies is correct (in terms of application intents) and efficient (in terms of packet processing) for both match fields and action lists. Prior work on policy composition [13], [19], [14], [11] however mostly discusses how to merge the match fields of rules from different member polices and how to calculate the priority of the composed rules, leaving action composition much overlooked. Indeed, the action composition essentially boils down to the "union" of actions (often implemented as the concatenation of actions) in the previous work.…”

mentioning

confidence: 99%

“…These programs are then translated into a set of low-level OpenFlow rules representing the union of the intents of the applications. The bottom-up approaches on the other hand utilize SDN hypervisors [13], [14], lying between the controllers and the underlying forwarding devices, to compose policies 1 into a prioritized list of (OpenFlow [15]) rules. Nonetheless, both types of approaches essentially face the same challenge: composing multiple policies, each representing the intent of an application (program, module), into a single rule list that represents the union of these intents.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Action computation for compositional software-defined networking

Pan

Xie

et al. 2016

2016 IFIP Networking Conference (IFIP Networking) and Workshops

View full text Add to dashboard Cite

Abstract-Software-defined networking (SDN) envisions the support of multiple applications collaboratively operating on the same traffic. Policies of applications are therefore required to being composed into a rule list that represents the union of application intents. In this context, ensuring the correctness and efficiency of composition for match fields as well as the associated actions is the fundamental requirement. Prior work however focuses only on the composition of match fields and assumes simple concatenation for action composition. We show in this paper that simple concatenation can result in incorrect behavior (for parallel composition) and inefficiency (for sequential composition) for actions composition. To address this issue, we formalized the action composition problem and prove a feasibility condition on the composition of rule actions. We then propose a graph-based approach that facilitates fast composition of action lists without action redundancy. Our proposed approach has been integrated into the CoVisor code base and the evaluation results show its fitness for purpose.

show abstract

Composing Heterogeneous SDN Controllers with Flowbricks

Cited by 16 publications

References 11 publications

Exploiting Order Independence for Scalable and Expressive Packet Classification

Exploiting Order Independence for Scalable and Expressive Packet Classification

Design, implementation, and performance evaluation of identity‐based cryptography in ONOS

Action computation for compositional software-defined networking

Contact Info

Product

Resources

About