[Editor’s note: Curt is an extended member of the Wiretap/SDNCentral family and graciously agreed to help us cover ONS while Matt and Roy were fulfilling multiple duties at ONS 2013 on Tuesday.]
There were several research track presentations given today. Here are some thoughts on five of the most interesting ones:
“Toward Transitional SDN Deployment in Enterprise Networks” by Marco Canini (TU Berlin / T-Labs)
Marco introduced Panopticon, an SDN architectural approach and tools to help migrate from today’s networks to partially SDN-enabled networks and then eventually fully enabled SDNs. Based on their research, Marco contends that it’s possible to do migrations by converting a very small subset of existing switches to being SDN-enabled. The architecture ensures that all traffic traverses OpenFlow-enabled switches so that policy can be applied consistently. He discussed a trial involving 1713 switches across a campus network, and found that they needed only 6% of switches to get 100% traffic coverage. While this is clearly very much in the research stage, it is promising to see someone looking into this problem. It is also encouraging to see that complex migrations can happen without forklift upgrading entire networks in order to adopt SDN and capture some of the benefits.
“Extending SDN to Large-Scale Networks” by Murphy McCauley (UC Berkeley, ICSI)
Murphy’s research focused on how to build a controller architecture that would scale to physically large SDN networks of 10,000 switches or more. They compared approaches and decided to leverage the tried and true networking approaches of aggregation and hierarchies using a recursive approach. Murphy’s approach is based on “Logical Crossbars” (LXBars), where up to 10 switches are grouped together and managed by a single controller to form a single LXBar. Groups of LXBars are further grouped into higher-level hierarchical structures, with each LXBar group handled by another controller. In this approach, state always travels up the hierarchy, while configuration always travels down. Hierarchies can be an arbitrarily high number of levels, and they are SDN friendly. Murphy’s tests found that the design scales to 10,000 networks and can maintain sub-second convergence times. It sounds like there are still a lot of details to work out, but this is very encouraging as a possible approach to tackling highly distributed SDN networks. Highly available and redundant controller architectures are still fairly limited in capabilities today.
“Software Defined Patch-Panels: Technology and Use Cases” by Anthony Kewitsch (Telescent Inc.)
Anthony presented Telescent’s product, Network Topology Manager, a physical layer (L0) solution for re-wiring networks. This session gave me flashbacks from my days at Turnstone Systems, where we provided a similar functions for copper wires that supported DSL services. In Telescent’s case, they rely on robotic control arms to reconfigure fiber cables, along with algorithms based on “knots and braids” theory. Overall it was a pretty interesting talk, but it feels like there are very limited use cases for such a product. Most networks are still “set and forget” from a cabling perspective, or they undergo periodic re-cabling transformations. This product fits when there is a high velocity of network changes, where fast physical reconfiguration of the network is at a premium. This covers cases where users simply cannot let expensive CapEx investments sit idle for long periods of time and labor costs are high (or unavailable to do large jobs on short notice). Research institutions seem to be the likely candidates and CERN was pointed out as a specific customer. It will be interesting to see if they get broader adoption for this kind of niche technology.
“Virtual Middleboxes as First-Class Entities in the Cloud” by Aaron Gember (University of Wisconsin-Madison)
Aaron talked about how to integrate middleboxes (MBs) like load balancers, firewall, IDS/IPS, etc. into multi-tenant cloud networks. He pointed out that the maze of network tunnels that must be created, along with the added challenges of VM mobility, is a difficult and complex problem to manage in the datacenter. To address this, Aaron introduced Stratos, a network orchestration layer built on top of a Floodlight controller. Stratos figures out where to place MBs in the network, informs a VM manager, and instructs an OpenFlow controller to distribute flows to the correct switches. His team’s approach is based on watching network latency and adding services into the chain until it gets down to an acceptable level. The software tries to find an optimal number of MBs to put in the path, and can also remove services that aren’t needed any more. Although still very research-oriented, it sounds like an interesting approach. Check out their booth in the exhibitors area to learn more.
“Scalable Programming for SDN Controllers” by Andreas Voellmy (Yale University)
Andreas started his talk with a short demo showing how difficult it is to get OpenFlow rules prioritized and loaded correctly into switches without policy gaps. He then introduced Maple, an API using a Java or Python binding that enables developers to code the behavior of rules rather than trying to translate their intentions into a set of the rules directly. His team’s approach is to use a technique called “Dynamic Tracing” which analyzes the developer’s code and create rules empirically based on how it behaves as real packets are processed. Maple builds a more complete model of the behavior over time without allowing policy violations. This appears to be a pretty novel approach to the tough problem of reducing programming and logic errors in controller applications. While it’s still clearly early days, it’s very encouraging to see research in this area. Maple seems like a good first step and deserves to be watched.