Stateful Data Plane Abstractions for Software-Defined Networks and Their Applications

RESUME Le Software-Defined Networking (SDN) permet la programmation du reseau. Malheureusement, la technologie SDN actuelle limite la programmabilite uniquement au plan de controle. Les operateurs ne peuvent pas programmer des algorithmes du plan de donnees tels que l’equilibrage de charge, le controle de congestion, la detection de pannes, etc. Ces fonctions sont implementees a l’aide d’hardware dedie, car elles doivent fonctionner au taux de ligne, c’est-a-dire 10-100 Gbit/s sur 10-100 ports. Dans ce travail, nous presentons deux abstractions de plan de donnees pour le traitement de paquets a etats (stateful), OpenState et OPP. OpenState est une extension d’OpenFlow qui permet la definition des regles de flux en tant que machines a etats finis. OPP est une abstraction plus flexible qui generalise OpenState en ajoutant des capacites de calcul, permettant la programmation d’algorithmes de plan de donnees plus avances. OpenState et OPP sont a la fois disponibles pour les implementations d’haute performance en utilisant des composants de commutateurs hardware courants. Cependant, les deux abstractions sont basees sur un choix de design problematique : l’utilisation d’une boucle de retroaction dans le pipeline de traitement des paquets. Cette boucle, si elle n’est pas correctement controlee, peut nuire a la coherence des operations d’etat. Les approches de verrouillage de la memoire peuvent etre utilisees pour eviter les incoherences, au detriment du debit. Nous presentons des resultats de simulations sur des traces de trafic reelles, montrant que les boucles de retroaction de plusieurs cycles d’horloge peuvent etre supportees avec peu ou pas de degradation des performances, meme avec les charges de travail des plus defavorables. Pour mieux prouver les avantages d’un plan de donnees programmables, nous presentons deux nouvelles applications : Spider et FDPA. Spider permet de detecter et de reagir aux pannes de reseau aux echelles temporelles du plan de donnees (i.e., micro/nanosecondes), egalement dans le cas de pannes a distance. En utilisant OpenState, Spider fournit des fonctionnalites equivalentes aux protocoles de plans de controle anciens tels que BFD et MPLS Fast Reroute, mais sans necessiter un plan de controle.---------- ABSTRACT Software-Defined Networking (SDN) enables programmability in the network. Unfortunately, current SDN limits programmability only to the control plane. Operators cannot program data plane algorithms such as load balancing, congestion control, failure detection, etc. These capabilities are usually baked in the switch via dedicated hardware, as they need to run at line rate, i.e. 10-100 Gbit/s on 10-100 ports. In this work, we present two data plane abstractions for stateful packet processing, namely OpenState and OPP. These abstractions allow operators to program data plane tasks that involve stateful processing. OpenState is an extension to OpenFlow that permits the definition of forwarding rules as finite state machines. OPP is a more flexible abstraction that generalizes OpenState by adding computational capabilities, opening for the programming of more advanced data plane algorithms. Both OpenState and OPP are amenable for highperformance hardware implementations by using commodity hardware switch components. However, both abstractions are based on a problematic design choice: to use a feedback-loop in the processing pipeline. This loop, if not adequately controlled, can represent a harm for the consistency of the state operations. Memory locking approaches can be used to prevent inconsistencies, at the expense of throughput. We present simulation results on real traffic traces showing that feedback-loops of several clock cycles can be supported with little or no performance degradation, even with near-worst case traffic workloads. To further prove the benefits of a stateful programmable data plane, we present two novel applications: Spider and FDPA. Spider permits to detect and react to network failures at data plane timescales, i.e. micro/nanoseconds, also in the case of distant failures. By using OpenState, Spider provides functionalities equivalent to legacy control plane protocols such as BFD and MPLS Fast Reroute, but without the need of a control plane. That is, both detection and rerouting happen entirely in the data plane. FDPA allows a switch to enforce approximate fair bandwidth sharing among many TCP-like senders. Most of the mechanisms to solve this problem are based on complex scheduling algorithms, whose feasibility becomes very expensive with today’s line rate requirements. FDPA, which is based on OPP, trades scheduling complexity with per-user state. FDPA works by dynamically assigning users to few (3-4) priority queues, where the priority is chosen based on the sending rate history of a user.