April 9, 2023

Network Programming Languages

Author: Flavio VitCourse: UNICAMP –MO611

Teleprocessamento e RedesProfessor: Nelson da Fonseca

Agenda

• Introduction• Flog• Nettle• FatTire• Comparisons

Introduction

• Flog: Logic Programming for Software-Defined Networks

• Nettle: Taking the Sting Out of Programming Network Routers

• FatTire: Fault Tolerating Regular Expressions

Networks Management

In the past … • Networks managed through a set of complex,

low-level, and heterogeneous interfaces • Firewalls + network address translators + load

balancers + routers + switches == Configured separately

• Thousands of lines low-level code in different domain-specific languages

• Complex routing mechanisms (error-prone tasks)

Software Defined Networks

Recently …• SDN – Software Defined Networks• Logically centralized Controller:– Managing distributed switches– General purpose machines– Working on routing decisions– Instruct the switches to install the necessary

packet-forwarding rules.

Flog - An SDN Logic Programming Language

• SDN packet-forwarding rule Predicate + Action + Priority

• Example: Predicate: match packets based on the IP header

(MAC, IP, etc.) Action: Drop, forward or flood the packet to ports Priority: rules are executed according with priorities

Flog

• Combines two programing languages:– FML:

• set of high-level built-in policy operators (SDN abstractions)

• allow/deny certain flows• provide quality of service• Programing model Not flexible

– Frenetic:• declarative query language - SQL-like syntax• functional stream-processing language• language for describing packet forwarding

Flog

• From FML:– Programming for controlling software-defined

networks• From Frenetic:

Controller programs split into :1. Mechanism for querying network state 2. Mechanism for processing data extracted from

queries3. Component for generating packet-forwarding policies

(automatically push to the switches)

Flog

• Event driven => execution of logic programs

1. Generates a packet-forwarding policy compiled and deployed on switches

2. Generates states : drive the logic program when the next network event is processed

Flog

• Network Events:

– Switches online / offline– Ports on switches active / inactive– Statistics gathered by switches– Packets arrive at the controller and require

handling

Flog

• Flow rule syntax example:flow(srcip=IP,vlan=V), V > 0 --> myvlans(IP,V)

• When vlan tag is greater than 0, generate a network event every time a packet with a new srcip - vlan tag pair is detected

• When this event generated, the rest of the logic program will be executed.

• The initial data for the logic program will include the tuple myvlans(IP,V)

Flog

Police Generation:• generating a routing policy for network switches:

h1(F1), h2(F2), ... |> action, level(i)

left of the |> : kinds of packets that match the forwarding rule. Specifies the packet fields (and switch and ports) that match the rule.

right of the |> : action where to forward or flood the packets or how

to modify them.level specifies the priority of the rule.

Flog

• Example:

# Network Eventsflow(dstip=IP), inport=2 --> seen(IP)

# Information Processingseen(IP) +-> allow(IP)allow(IP) +-> allow(IP)

# Policy Generationinport(2) |> fwd(1), level(0)allow(IP) -->

srcip(IP), inport(1) |> fwd(2), level(0).

Nettle - Taking the Sting Out of Programming Network Routers

• “Don’t configure the network, program it!”• Networks of OpenFlow switches controlled using

a high-level, declarative and expressive language• Based on the principles of functional reactive

programming (FRP)• Embedded in Haskell => general-purpose purely

functional programming language.• Domain Specific Language

Nettle

• Layered architecture

Family of DSLs - each member capturing a different network abstraction

Haskell host language

OpenFlow switches

Nettle / OpenFlow lib

instantiation of the Functional ReactiveProgramming

Nettle

• Nettle/FRP as a language for expressing electrical circuits

• Haskell’s arrow syntax:y ← sigfun − x≺

Nettle

• Focus on the stream of control messages among OpenFlow switches

• Nettle => powerful collection of – Signal functions– Event operators

Nettle

OpenFlow switches maintains flow table with flow entries: • Match conditions match IPs, header fields• Forwarding actions to specific ports, flooding,

dropping packets• Statistics are updated• Expirations settings expires a flow entry after

prescribed time

Nettle

• Nettle Controller transforms:

stream of messages from switches

stream of commands for switches

Nettle

• Example: install the flow rule, whenever a switch joins the network

FatTire: Fault Tolerating Regular Expressions

• Programs for fault tolerant Networks• Based on regular expressions• Main features:

Expressive: easy to describe forwarding and fault tolerant policies

Efficient: based on fast failover from OpenFlowCorrect: reasoning about the behavior of the

system during failure recovery

FatTire

• Central feature: Regular expressions for sets of legal paths through the network

• FatTire programs are translated to OpenFlow switch configurations

• Automatic response to link failures with no controller intervention

FatTire

• Example :OpenFlow Group and Route Tables

FatTire

• Group and Rule Tables for previous slide

FatTire

• Syntax:

FatTire

• FatTire program for this example

Security policy: AllSSH traffic must traverse the IDS

- regular expressionsover switches to describe legal

paths

Fault-tolerance policy: “with” annotationForwarding must be resilient to a single link failure.

Routing policy: Traffic from the gateway (GW) must be forwarded to the access switch (A), along any path

ComparisonsProg Lang Main Characteristic Advantages Disadvantages

Flog - Network Event driven

- Focused on packets flow

- Simple- Combines Frenetic

and FML

Too simple and limited to flow control

FatTire Targets fast failovermechanisms provided by OpenFlow standard

- High level- Regular expression

powered- Turns failover

scenarios easier to understand

Only focused over solving link failures configuration

Nettle - allow fine-grained control over switch behavior

- event-based programming model

- Strong typed- Extensible

Good question!!! I buy it!

References

1. Naga Praveen Katta, Jennifer Rexford, and David Walker. Logic Programming for Software-Defined Networks

2. Mark Reitblatt, Marco Canini, Arjun Guha, and Nate Foster. Fattire: Declarative fault tolerance for software defined networks

3. Andreas Voellmy and Paul Hudak. Nettle: Taking the Sting Out of Programming Network Routers