Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

1/17

Customizing Data-plane Processing in Edge Routers

Fulvio Risso, Politecnico di Torino

http://fulvio.frisso.net

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

2/17

My kids

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

3/17

Francesco creates a Christmas card

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

4/17

How do my kids connect to the Internet?

Internet

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

5/17

How the edge of a NSP looks like?

WAN accelerator

CDN web cache

IDS/Firewall

Network Monitor

QoS

Edge network router

Internet

Interface linecards

Processing linecards

High-speed interconnec

t

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

6/17

Network Service Provider

Management server

User authentication, applications, permissions…

Network traffic

Network traffic

A network with programmable edge routers

Applications operating on the network

slice associated to User 1

Applications operating on the network

slice associated to User N

Network Node Virtualization Framework

Switching path (hardware)

...

Both domestic and NSP routers

can be part of the vision

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

7/17

A possible use case

Parental control

Personal firewall

Web advertis. killer

Network monitor

WAN accelerator

QoS

VPN

Network monitor

Web cache

Personal firewall

Gtalk contact filter

IDS

. . .

Lawful interception

Video streaming optimizer

User 1 User 2 User N

Network edge node

Traffic in

Video streaming optimizer

Traffic out

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

8/17

We propose the creation of user-driven data plane applications that operate on

a network slice associated to a given actor, enabling the customization of the

processing of the traffic inside the network edge router.

User 1

User 2

User 3Network operators

Transport, then trasform

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

9/17

General architecture of the prototype

User Appsin VMs

OpenvSwitch

Networkgateway

Management server (DB + apps on disk)

Flowvisor

Internet

L2 network

Motherboard Mini-ITX,4 GbE ports (Intel) + 1 GbE (on mainboard)WiFi USB DongleCPU i5-3450SRAM 4 GB DDR3

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

10/17

The current edge node

SoftSwitch

Host 1 -User 1

ARP * : send to all ports* ARP : send to all portsDHCP *: send to all ports* DHCP: send to all portsmcast, bcast: send to all portsDefault : send to Controller

Networkgateway

Network Hypervisor

App1

App2

App3

App1

App4

App5

CNodeApp

Web Node Manager

Tomcat on port 80

Controller User 1

Controller User 2

Controller of this node

DefaultApp

DefaultController

NSPController

Switching plane

Controller plane

Host 2 -User 2

Transparent Bridging Application

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

11/17

Managing user applications

Create the custom application flow

Applications can be selected from the list of available apps and copied to the list of the installed apps, started/stopped, and stacked in a different calling order.

Install/Uninstall applications

Users can install their own application by simply uploading their file. Application that are under the ownership of the selected user can also be uninstalled. Applications are stored in the management server and downloaded in the network node when a new user is recognized.

http://config.ctrl

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

12/17

Validation environment

OpenFlow Controller

OpenvSwitch

Networkgateway

Flowvisor

L2 network

Debian 7, 32 bitsVanilla Open vSwitchModified FlowVisor

2 User controllers, 3 applications each• DNSFilter• Gsafe• NetMon

1 NSP controller• Default bridging

Two large file transfers (350 Mbps each)

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

13/17

Memory and CPU load

Component Memory occupancy CPU consumption (% on a single core)

Controller User 1 165 Mbytes 35%

Controller User 2 165 Mbytes 35%

Controller Edge Router 60 Mbytes 0%

Default Controller 46 Mbytes 0%

NSP Controller (transparent bridging)

48 Mbytes 11%

FlowVisor 150 Mbytes 81%

Open vSwitch 8 Mbytes 100%

Tomcat Web Server 156 Mbytes 0%

Operating System 274 Mbytes 2%

Total 1072 MBytes 264%

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

14/17

Openflow is great

We were able to complete this prototype only thanks to OpenFlow

but….

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

15/17

Thanks to...

• M. Ullio, V. Vercellone, F. Invernizzi, R. Milito, M. Nemirovsky, P. Monclus, M. De Benedetto, G. Borgione, M. Leogrande

• The anonymous reviewer of the EWSDN paper

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

16/17

Fulvio Risso, 41,Project Leader

Marco Pramotton, 24,OpenFlow prototype

Ivano Cerrato, 25,General architect

Marco Cita, 25,User interface, management server

Team

Fulvio Risso, Politecnico di Torino – EWSDN, Oct 26th, 2012

17/17

that is the question.

or to trasform,

To transport,