A cleanslate perspective on where NFV and SDN
- Slides: 42
A clean-slate perspective on where NFV and SDN meet Sylvia Ratnasamy In collaboration with the SPAN group at U. C. Berkeley
• Clean slate throw everything out • Does mean – we start top down – only keep what’s needed • Result is simpler, more streamlined systems – vital for performance and extensibility
“from customer port” CDN FW Qo. S IDS Global Network View Router View Forwarding IDS Router View Opt WAN Opt opt Router View Forwarding FW Firewall IDS Slides from Nick Mc. Keown, Stanford Univ.
F W C D N I D S Control Program IDS Opt Q o S Control Program Global Network View Forwarding Opt Forwarding IDS Forwarding FW Opt IDS FW IDS
`SDN v 2’ F W C D N I D S Control Program Q o S Control Program Global Network Viewjasjdlasjd F W C D N I D S F W Q o S Forwarding Forwarding C D N Q o S
NFV should do more than replace monolithic hardware with monolithic software • Today: F W C D N I D S Q o S – Custom per-app solutions to scaling, failover, etc. – Custom management and configuration APIs – Limited ability to compose or extend apps
Contrast / Inspiration • Modern data analytics systems (Spark, Hadoop, etc. ) – a programming model (map-reduce) – but also a runtime framework • Framework takes care of routine tasks and end-to-end coordination – placement, scheduling, elastic scaling, failover, … • Need a runtime framework for NFV – Frees app developers to focus on app logic – Automates/consolidates management for operators
Framework’s role 1) Provide general solutions for common tasks – – Fault tolerance Dynamic scaling Performance isolation Diagnostics, … 2) Provide end-to-end management of NFs – – Placement Composition End-to-end performance Qo. S Energy management, …
A framework for NFV F W FWall Firewall IDS C D N I D S Q o S WAN optmizr framework functions software switching + software switching hardware interconnect NF Control rich(er) API OF OF
Implications • For NF vendor – write core app logic – provide some NF-specific information • For operator – write high-level policy pipeline – select NFs – provide some hardware information • Framework automates pipeline execution – automated response to load changes, failure, etc.
Remainder of this talk F W C D N I D S Q o S Details in ACM SOSP 2015 paper “E 2: A runtime framework for NFV”
Questions • How do we express NFV jobs? – policy `pipelets’ • How do we execute pipelets? – Sizing: how many NF instances? – Placement: where do we place NF instances? – Composition: how do we steer traffic between NFs? – Dynamic Scaling: adapting to traffic changes – Fault Tolerance: how we recover from failures? FTMB paper @ SIGCOMM’ 15 – SLAs: how do we provide latency/throughput guarantees? WIP 12
Outline • Pipelets: how we express NFV jobs • How we execute pipelets – system architecture – functions: sizing, placement, scaling, composition • Results 13
Parental Control safe, URL=utube From customer ports IDS safe, tcp-port=80 uns afe Web Cache Traffic Shaper safe, tcp-port!=80 Logger Defined onapplication packet Defined on packet header Defined on bytestream semantics 14
E 2: Operator Interface • Pipelet: a traffic-class policy-graph statement – traffic-class: defined on packet headers and ports – policy-graph: defines how traffic is processed by NFs • nodes are NFs • edges annotated w/ a list of <attribute, value> pairs • optional: estimate of the traffic load on an edge • Declarative, extensible, and end-to-end 15
Outline • Pipelets: how we express NFV jobs • How we execute pipelets – system architecture – functions: sizing, placement, scaling, composition • Results 16
E 2 Cluster internal ports external ports Hardware switch Servers 17
Open. Stac k E 2 manager ODL/ONOS 123. 4. 5. * p 2 19. 4. 5. *. * p 7 87. 98. 65. * D flow table Hardware switch NFs software switch Servers 18
NF NF NF Virtual ports (vports) Flow table API: add/rm match-action rules Physical ports (pports) Traditional virtual switch (e. g. , OVS) 19
NF NF NF Traditional virtual switch (e. g. , OVS) NF NF NF BESS: a modular SW switch (https: //github. com/Net. Sys/bess) 20
vports `bytestream’ vports per-packet metadata NF NF NF rich API (add/remove modules) E 2 modules for dynamic scaling, composition, etc. BESS: a modular SW switch (https: //github. com/Net. Sys/bess) 21
E 2 Operates on Three Inputs 1. Policy pipelets 2. Network Function (NF) description – Attributes: which attributes an NF exports and how • (attribute, value) method bindings • Current methods: vports and metadata –e. g. , (is_safe, TRUE) vport#4 –e. g. , (URL, *) metadata#2 22
E 2 Operates on Three Inputs 1. Policy pipelets 2. Network Function (NF) description – Attributes: which attributes an NF exports and how – Affinity: traffic aggregate an NF acts on • e. g. , “per flow”, “per prefix”, “per port” 23
E 2 Operates on Three Inputs 1. Policy pipelets 2. Network Function (NF) description – Attributes: which attributes an NF exports and how – Affinity: traffic aggregate an NF acts on – Performance profile (optional) • e. g. , per-core throughput 24
E 2 Operates on Three Inputs 1. Policy pipelets 2. Network Function (NF) description 3. Hardware description – capabilities of HW infrastructure – e. g. , #cores/server, #ports/switch, bandwidth/link, … 25
E 2 Operation NF descriptions Policy pipelets Sizing HW description policy graph instance graph 26
E 2 Operation NF descriptions Policy pipelets Sizing Placemen t HW description Internal ports External ports Switch fabric Servers instance graph 27
E 2 Operation NF descriptions Policy pipelets Sizing Placemen t HW description • Goal: minimize switch traffic • A graph partitioning problem Internal ports External ports Switch fabric Servers • E 2 uses Kernighan-Lin algo. – Initial placement: O(n 2 log n) – Incremental placement: O(n)
E 2 Operation NF descriptions Policy pipelets Sizing Placemen t Compositio n HW description Internal ports External ports Switch fabric Servers 29
E 2 Operation NF descriptions Policy pipelets Sizing Placemen t Compositio n HW description Involves “appropriately” configuring the HW and SW switches 30
“Appropriate” Composition • What traffic should be sent to a NF – based on pipelet’s edge attributes with NF methods – vports vs. metadata vs. header matching • How traffic is sent – packet vs. bytestream vports • Which NF instance is traffic sent to – affinity-aware traffic splitting through migration avoidance** – “eventually optimal” load balance w/o complex state migration *Now an approved ETSI informative standard (#GS NFV-REL 002) 31
E 2 Operation NF descriptions Policy pipelets Sizing Placemen t Compositio n HW description Load events 32
Outline • Pipelets: how we express NFV jobs • How we execute pipelets – system architecture – functions: sizing, placement, scaling, composition • Results 33
What overheads does E 2 add? SW switch (BESS) • Intel E 5 -2680 • BESS runs on one core Path NF BESS NF Latency (μs) Gbps (1500 B) Mpps (64 B) Baseline BESS (vport) 1. 2 187. 5 15. 2 Header-Match 1. 56 152. 5 12. 76 Metadata-Match 1. 695 145. 826 11. 96 16% 6% 34
Do rich abstractions help performance? HTTP Logger metadata=X. com? URL extract URL=X. com? BESS With metadata: GHz/Gb = 0. 16 BESS Without metadata: GHz/Gb = 0. 27 41% reduction in cycles per packet 35
Do rich abstractions help performance? bytestream NFs Redundanc y URL filter IDS Eliminator packet vports: GHz/Gb = 1. 5 25% reduction in cycles per packet TCP assemblr IDS URL filter bytestream vports: GHz/Gb = 1. 12 Redundanc y Eliminator 36
End-to-End Operation Bandwidth (Gbps) NAT 40 35 30 25 20 15 10 5 0 Input load (Gbps) 0 Time (s) 100 Intel FM 6000 switch : 48 x 10 Gbps ports, 2048 rule entries 37 4 servers (68 cores total): 1 x Intel E 5 -2680 (2 x 10 cores), 3 x Intel E 5 -2650 (2 x 8 cores)
End-to-End Operation Bandwidth (Gbps) NAT 40 35 30 25 20 15 10 5 0 Switch bandwidth consumed (16. 4% higher than lower bound) 0 Time (s) 100 Intel FM 6000 switch : 48 x 10 Gbps ports, 2048 rule entries 38 4 servers (68 cores total): 1 x Intel E 5 -2680 (2 x 10 cores), 3 x Intel E 5 -2650 (2 x 8 cores)
End-to-End Operation 40 35 30 25 20 15 10 5 0 70 60 Optimal CPU consumption 50 40 30 20 #Cores Bandwidth (Gbps) NAT 10 0 Time (s) 100 0 Intel FM 6000 switch : 48 x 10 Gbps ports, 2048 rule entries 39 4 servers (68 cores total): 1 x Intel E 5 -2680 (2 x 10 cores), 3 x Intel E 5 -2650 (2 x 8 cores)
End-to-End Operation 40 35 30 25 20 15 10 5 0 Actual CPU consumption; 22. 7% above optimal #NF instances varies between 22 -56 70 60 50 40 30 20 #Cores Bandwidth (Gbps) NAT 10 0 Time (s) 100 0 Intel FM 6000 switch : 48 x 10 Gbps ports, 2048 rule entries 40 4 servers (68 cores total): 1 x Intel E 5 -2680 (2 x 10 cores), 3 x Intel E 5 -2650 (2 x 8 cores)
Conclusion • NFV needs a runtime framework – simplifies NF development and management • Interface: traffic-class NF-pipeline • Design for a clean separation of concerns – NFs implement app-specific processing – Framework implements common functions – Framework coordinates end-to-end execution 41
Thanks! 42
- Nfv&sdn
- Sdn vs nfv
- Nfv&sdn
- Sdn nfv certification
- Sdn nfv
- 3 point perspective stairs
- Silo perspective vs business process perspective
- Sdwan
- Www.etsi.org
- Cisco nfv solution
- Nfv 介紹
- Nfv
- Nfv
- Etsi nfv release 4
- Nfv,jd
- Anders carlsson bth
- Ecomp nfv
- Nfv
- Vnf descriptor
- Etsi nfv sol 001
- Nfv ohz
- Etsi gs nfv-ifa 011
- Nfv router
- Software defined networking vs traditional networking
- Examples of sdn
- Generalized forwarding and sdn
- Sdn security challenges
- Sdn issues and challenges
- Generalized forwarding and sdn
- Tsl success trading sdn bhd
- Tsl success trading sdn bhd
- Open source sdn projects
- Teknologi tenaga perlis consortium
- Http://compitv.info:8080
- Stanford sdn
- Sdn use cases
- Sdn sawojajar 3
- Finger network sdn bhd
- Sdn preparation
- Penawar international sdn bhd
- Pcep sdn
- Mti advisor sdn bhd
- Aerohub system