78 research outputs found
A Fast Compiler for NetKAT
High-level programming languages play a key role in a growing number of
networking platforms, streamlining application development and enabling precise
formal reasoning about network behavior. Unfortunately, current compilers only
handle "local" programs that specify behavior in terms of hop-by-hop forwarding
behavior, or modest extensions such as simple paths. To encode richer "global"
behaviors, programmers must add extra state -- something that is tricky to get
right and makes programs harder to write and maintain. Making matters worse,
existing compilers can take tens of minutes to generate the forwarding state
for the network, even on relatively small inputs. This forces programmers to
waste time working around performance issues or even revert to using
hardware-level APIs.
This paper presents a new compiler for the NetKAT language that handles rich
features including regular paths and virtual networks, and yet is several
orders of magnitude faster than previous compilers. The compiler uses symbolic
automata to calculate the extra state needed to implement "global" programs,
and an intermediate representation based on binary decision diagrams to
dramatically improve performance. We describe the design and implementation of
three essential compiler stages: from virtual programs (which specify behavior
in terms of virtual topologies) to global programs (which specify network-wide
behavior in terms of physical topologies), from global programs to local
programs (which specify behavior in terms of single-switch behavior), and from
local programs to hardware-level forwarding tables. We present results from
experiments on real-world benchmarks that quantify performance in terms of
compilation time and forwarding table size
Event-Driven Network Programming
Software-defined networking (SDN) programs must simultaneously describe
static forwarding behavior and dynamic updates in response to events.
Event-driven updates are critical to get right, but difficult to implement
correctly due to the high degree of concurrency in networks. Existing SDN
platforms offer weak guarantees that can break application invariants, leading
to problems such as dropped packets, degraded performance, security violations,
etc. This paper introduces EVENT-DRIVEN CONSISTENT UPDATES that are guaranteed
to preserve well-defined behaviors when transitioning between configurations in
response to events. We propose NETWORK EVENT STRUCTURES (NESs) to model
constraints on updates, such as which events can be enabled simultaneously and
causal dependencies between events. We define an extension of the NetKAT
language with mutable state, give semantics to stateful programs using NESs,
and discuss provably-correct strategies for implementing NESs in SDNs. Finally,
we evaluate our approach empirically, demonstrating that it gives well-defined
consistency guarantees while avoiding expensive synchronization and packet
buffering
SNAP: Stateful Network-Wide Abstractions for Packet Processing
Early programming languages for software-defined networking (SDN) were built
on top of the simple match-action paradigm offered by OpenFlow 1.0. However,
emerging hardware and software switches offer much more sophisticated support
for persistent state in the data plane, without involving a central controller.
Nevertheless, managing stateful, distributed systems efficiently and correctly
is known to be one of the most challenging programming problems. To simplify
this new SDN problem, we introduce SNAP.
SNAP offers a simpler "centralized" stateful programming model, by allowing
programmers to develop programs on top of one big switch rather than many.
These programs may contain reads and writes to global, persistent arrays, and
as a result, programmers can implement a broad range of applications, from
stateful firewalls to fine-grained traffic monitoring. The SNAP compiler
relieves programmers of having to worry about how to distribute, place, and
optimize access to these stateful arrays by doing it all for them. More
specifically, the compiler discovers read/write dependencies between arrays and
translates one-big-switch programs into an efficient internal representation
based on a novel variant of binary decision diagrams. This internal
representation is used to construct a mixed-integer linear program, which
jointly optimizes the placement of state and the routing of traffic across the
underlying physical topology. We have implemented a prototype compiler and
applied it to about 20 SNAP programs over various topologies to demonstrate our
techniques' scalability
P4CEP: Towards In-Network Complex Event Processing
In-network computing using programmable networking hardware is a strong trend
in networking that promises to reduce latency and consumption of server
resources through offloading to network elements (programmable switches and
smart NICs). In particular, the data plane programming language P4 together
with powerful P4 networking hardware has spawned projects offloading services
into the network, e.g., consensus services or caching services. In this paper,
we present a novel case for in-network computing, namely, Complex Event
Processing (CEP). CEP processes streams of basic events, e.g., stemming from
networked sensors, into meaningful complex events. Traditionally, CEP
processing has been performed on servers or overlay networks. However, we argue
in this paper that CEP is a good candidate for in-network computing along the
communication path avoiding detouring streams to distant servers to minimize
communication latency while also exploiting processing capabilities of novel
networking hardware. We show that it is feasible to express CEP operations in
P4 and also present a tool to compile CEP operations, formulated in our P4CEP
rule specification language, to P4 code. Moreover, we identify challenges and
problems that we have encountered to show future research directions for
implementing full-fledged in-network CEP systems.Comment: 6 pages. Author's versio
Checking-in on Network Functions
When programming network functions, changes within a packet tend to have
consequences---side effects which must be accounted for by network programmers
or administrators via arbitrary logic and an innate understanding of
dependencies. Examples of this include updating checksums when a packet's
contents has been modified or adjusting a payload length field of a IPv6 header
if another header is added or updated within a packet. While static-typing
captures interface specifications and how packet contents should behave, it
does not enforce precise invariants around runtime dependencies like the
examples above. Instead, during the design phase of network functions,
programmers should be given an easier way to specify checks up front, all
without having to account for and keep track of these consequences at each and
every step during the development cycle. In keeping with this view, we present
a unique approach for adding and generating both static checks and dynamic
contracts for specifying and checking packet processing operations. We develop
our technique within an existing framework called NetBricks and demonstrate how
our approach simplifies and checks common dependent packet and header
processing logic that other systems take for granted, all without adding much
overhead during development.Comment: ANRW 2019 ~ https://irtf.org/anrw/2019/program.htm
Measurements As First-class Artifacts
The emergence of programmable switches has sparked a significant amount of
work on new techniques to perform more powerful measurement tasks, for
instance, to obtain fine-grained traffic and performance statistics. Previous
work has focused on the efficiency of these measurements alone and has
neglected flexibility, resulting in solutions that are hard to reuse or
repurpose and that often overlap in functionality or goals.
In this paper, we propose the use of a set of reusable primitive building
blocks that can be composed to express measurement tasks in a concise and
simple way. We describe the rationale for the design of our primitives, that we
have named MAFIA (Measurements As FIrst-class Artifacts), and using several
examples we illustrate how they can be combined to realize a comprehensive
range of network measurement tasks. Writing MAFIA code does not require expert
knowledge of low-level switch architecture details. Using a prototype
implementation of MAFIA, we demonstrate the applicability of our approach and
show that the use of our primitives results in compiled code that is comparable
in size and resource usage with manually written specialized P4 code and can be
run in current hardware.Comment: Infocom 2019 extended versio
- …