IGP-as-a-Backup for Robust Software-Defined Networks Olivier Tilmans Stefano Vissicchio Université Catholique de Louvain ICTEAM / INGI / IP Networking Lab [email protected] CNSM2014 – Nov. 20 2014 “Use the right tool for the right job” Distributed network protocols and SDN IGPs are distributed by nature Flooding of reachability information Each node infers the current map of the topology Global shortest-path routing is achieved 4 Nodes only forward packets according to the overall shortest-path b e 1 10 a 1 1 c d 1 1 f 5 SDN technologies are more expressive controller b a e c d f 6 Openflow enables for arbitrary behaviors Match tcp, dst.port=2 Action output=3 in_port=2, ip_proto=89 tcp, src.port=1234 drop rewrite:src.port=4567, output=1 Explicit control over the paths on a per-device basis 7 Handling failures Because bad things will happen Recovery in SDN is hard as switches are not autonomous The controller is a new type of failures 9 Recovery in SDN is hard as switches are not autonomous The controller is a new type of failures Two families of recovery techniques: Reactive approaches Switches ask the controller “What to do?” 9 10000 1000 100 10 1 Rule updates per single link failure Performance of reactive approaches vary with the network size 1221 1239 1755 3257 3967 6461 Topology 10 Recovery in SDN is hard as switches are not autonomous The controller is a new type of failures Two families of recovery techniques: Reactive approaches Switches ask the controller ”What to do?” Proactive approaches Switches have backup rules “If X happens do this If Y happens do that If Z happens do…” 11 0.6 0.4 0.2 1221−bck 1221−nobck 1239−bck 1239−nobck 0.0 CDF of nodes 0.8 1.0 Proactive approaches come at a price 100 1k 10k 100k number of FIB entries per node (log scale) 12 IGPs are highly resilient by design Scales well with large networks Connectivity will be restored Convergence can be very fast! 13 SDN are more expressive but IGPs are more resilient Why picking only one? IBSDN Components Operator IBSDN Controller IBSDN Node IBSDN Components Operator IBSDN Controller Local Agent IBSDN Node SDN switch 15 IBSDN is an Hybrid Architecture IBSDN Controller Policy configuration IBSDN is an Hybrid Architecture IBSDN Controller nfl ow pe co nfi g ow nfl pe O P O a P IG IG g nfi co b IBSDN is an Hybrid Architecture pe O ow nfl pe a O nfl ow IBSDN Controller b IGP adjacency messages 16 IBSDN offers the same expressiveness than Openflow during normal operation controller b a e c d f IBSDN offers the same expressiveness than Openflow during normal operation b a c d h e f IBSDN offers the same expressiveness than Openflow during normal operation b a e c d f h 17 IBSDN reacts to failures by using the underlying IGP as failover b a c d h e f IBSDN reacts to failures by using the underlying IGP as failover b a c d h e f IBSDN reacts to failures by using the underlying IGP as failover b a c d h e f Until the controller computes and installs the new set of optimal SDN rules b a e c d f h 18 Enabling a performant IBSDN Packet returns stretch the post-failure path 19 Packet returns stretch the post-failure path b a c d h e f We built a packet return removal procedure b a e c d f h 20 Enabling a performant IBSDN Packet returns stretch the post-failure path Packet return removal procedure 21 Enabling a performant IBSDN Packet returns stretch the post-failure path Packet return removal procedure Forwarding packets through local agent is inefficient 21 Forwarding through software local agents is slow b a e c d f h 22 Removing slow local Forwarding b a e c d f h 22 Removing slow local Forwarding b a e c d f h 22 Removing slow local Forwarding b a e c d f h 22 Enabling a performant IBSDN Packet returns stretch the backup path Forwarding packets through local agent is inefficient Generalized packet return removal procedure 23 IBSDN has strong guarantees Safety Th.1 Connectivity is preserved for any combination of failures if there is no network partition, without any action from the controller 24 IBSDN has strong guarantees Safety Th.1 Connectivity is preserved for any combination of failures if there is no network partition, without any action from the controller Efficiency Th.2 Packet returns are removed in linear time Th.3 Slow forwarding is removed in linear time 24 Implementation and Evaluation Does it work in practice? An IBSDN node is a coordinated stack of forwarding decisions Incoming Packet Openflow Forwarded Packet An IBSDN node is a coordinated stack of forwarding decisions IGP Forwarded Packet Send to local-agent Incoming Packet Openflow Forwarded Packet An IBSDN node is a coordinated stack of forwarding decisions Processed Packet Control-plane message IGP Forwarded Packet Send to local-agent Incoming Packet Openflow Forwarded Packet 26 Can be implemented today! Vanilla Openflow 1.1+ Uses the Logical OFPP_NORMAL Openflow port and Fast-failover groups Implemented on Linux machines with modified Open vSwitch 27 Experiments in a virtual testbed confirmed IBSDN safety No packet losses if the failure does not trigger IGP convergence In the worst case, IGP convergence is fast 1 1 Francois, Pierre, et al. ”Achieving sub-second IGP convergence in large IP networks.” ACM SIGCOMM Computer Communication Review 35.3 (2005): 35-44. 28 Evaluating the path stretch |IBSDN path| := |Path until node adjacent to failure| + |IGP path from there to the destination| b a e c d Evaluating the path stretch |IBSDN path| := |Path until node adjacent to failure| + |IGP path from there to the destination| |Path stretch| := |IBSDN backup path| − |IGP path| b a e c d 29 0.6 0.4 0.2 1221 1239 1755 3257 3967 6461 0.0 CDF of paths 0.8 1.0 The packet return removal procedure effectively removes most of the path stretches −5 0 5 10 15 path stretch 30 IBSDN is not only about failure recovery IBSDN is not only about failure recovery ▶ Incremental deployment of SDN functions ▶ Communication with an inband controller … ▶ IGP-as-a-Backup for Robust Software-Defined Networks IBSDN flanks a SDN with an IGP Implements separation of concern in network management Benefits from both control-planes 32
© Copyright 2024 ExpyDoc
