RoSCo: Robust Updates for Software-Defined Networks

IF 13.8 1区 计算机科学 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC
James Lembke, Srivatsan Ravi, P. Eugster, S. Schmid
{"title":"RoSCo: Robust Updates for Software-Defined Networks","authors":"James Lembke, Srivatsan Ravi, P. Eugster, S. Schmid","doi":"10.1109/JSAC.2020.2986959","DOIUrl":null,"url":null,"abstract":"In many Software-Defined Networking (SDN) deployments the control plane ends up being actually centralized, yielding a single point of failure and attack. This paper models the interaction between the data plane and a distributed control plane consisting of a set of failure-prone and potentially malicious (compromised) control devices, and implements a secure and robust controller platform that allows network administrators to integrate new network functionality as with a centralized approach. Concretely, the network administrator may program the data plane from the perspective of a centralized controller without worrying about distribution, asynchrony, failures, attacks, or coordination problems that any of these could cause. We introduce a formal SDN computation model for applying network policies and show that it is impossible to implement asynchronous non-blocking and strongly consistent SDN controller platforms in that model. We then present a robust SDN controller protocol (RoSCo) which implements (i) a protocol with provably linearizable semantics for applying network policies that is resilient against faulty/malicious control devices as long as a correct majority exists, and (ii) a modification to the protocol that improves performance by relaxing the guarantees of linearizability to exploit commutativity among updates. Extensive experiments conducted with a functional prototype of RoSCo over a large networked infrastructure supporting Open vSwitch (OVS)-compatible Agilio CX™ SmartNIC hardware show that RoSCo induces bearable overhead. In fact, RoSCo achieves higher throughput in most cases investigated than the seminal Ravana platform which addresses only benign (crash) failures.","PeriodicalId":13243,"journal":{"name":"IEEE Journal on Selected Areas in Communications","volume":"38 1","pages":"1352-1365"},"PeriodicalIF":13.8000,"publicationDate":"2020-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1109/JSAC.2020.2986959","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Journal on Selected Areas in Communications","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/JSAC.2020.2986959","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
引用次数: 5

Abstract

In many Software-Defined Networking (SDN) deployments the control plane ends up being actually centralized, yielding a single point of failure and attack. This paper models the interaction between the data plane and a distributed control plane consisting of a set of failure-prone and potentially malicious (compromised) control devices, and implements a secure and robust controller platform that allows network administrators to integrate new network functionality as with a centralized approach. Concretely, the network administrator may program the data plane from the perspective of a centralized controller without worrying about distribution, asynchrony, failures, attacks, or coordination problems that any of these could cause. We introduce a formal SDN computation model for applying network policies and show that it is impossible to implement asynchronous non-blocking and strongly consistent SDN controller platforms in that model. We then present a robust SDN controller protocol (RoSCo) which implements (i) a protocol with provably linearizable semantics for applying network policies that is resilient against faulty/malicious control devices as long as a correct majority exists, and (ii) a modification to the protocol that improves performance by relaxing the guarantees of linearizability to exploit commutativity among updates. Extensive experiments conducted with a functional prototype of RoSCo over a large networked infrastructure supporting Open vSwitch (OVS)-compatible Agilio CX™ SmartNIC hardware show that RoSCo induces bearable overhead. In fact, RoSCo achieves higher throughput in most cases investigated than the seminal Ravana platform which addresses only benign (crash) failures.
RoSCo:软件定义网络的稳健更新
在许多软件定义网络(SDN)部署中,控制平面最终实际上是集中的,从而产生单点故障和攻击。本文对数据平面和分布式控制平面之间的交互进行了建模,分布式控制平面由一组易发生故障和潜在恶意(受损)的控制设备组成,并实现了一个安全可靠的控制器平台,该平台允许网络管理员以集中的方式集成新的网络功能。具体地,网络管理员可以从集中式控制器的角度对数据平面进行编程,而不必担心这些问题中的任何一个可能导致的分布、异步、故障、攻击或协调问题。我们介绍了一个用于应用网络策略的形式化SDN计算模型,并表明在该模型中不可能实现异步非阻塞和强一致的SDN控制器平台。然后,我们提出了一种鲁棒的SDN控制器协议(RoSCo),该协议实现了(i)具有可证明线性化语义的协议,以及(ii)对协议的修改,其通过放松线性化的保证来利用更新之间的交换性来提高性能。在支持开放式vSwitch(OVS)兼容Agilio CX的大型网络基础设施上,使用RoSCo的功能原型进行了大量实验™ SmartNIC硬件显示RoSCo会产生可承受的开销。事实上,在所调查的大多数情况下,RoSCo的吞吐量都高于仅解决良性(崩溃)故障的开创性Ravana平台。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
30.00
自引率
4.30%
发文量
234
审稿时长
6 months
期刊介绍: The IEEE Journal on Selected Areas in Communications (JSAC) is a prestigious journal that covers various topics related to Computer Networks and Communications (Q1) as well as Electrical and Electronic Engineering (Q1). Each issue of JSAC is dedicated to a specific technical topic, providing readers with an up-to-date collection of papers in that area. The journal is highly regarded within the research community and serves as a valuable reference. The topics covered by JSAC issues span the entire field of communications and networking, with recent issue themes including Network Coding for Wireless Communication Networks, Wireless and Pervasive Communications for Healthcare, Network Infrastructure Configuration, Broadband Access Networks: Architectures and Protocols, Body Area Networking: Technology and Applications, Underwater Wireless Communication Networks, Game Theory in Communication Systems, and Exploiting Limited Feedback in Tomorrow’s Communication Networks.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信