Date post: | 20-Dec-2015 |
Category: |
Documents |
View: | 217 times |
Download: | 2 times |
Shadow Configurations:A Network Management Primitive
Richard Alimi, Ye Wang, Y. Richard Yang
Laboratory of Networked SystemsYale University
August 19, 2008 Yale LANS / SIGCOMM 2008 2
Configuration is Complex
Source: The Yankee Group, 2004
Source: Juniper Networks, 2008
“... human error isblamed for 50-80%of network outages.”
“80% of IT budgets isused to maintain the status quo.”
August 19, 2008 Yale LANS / SIGCOMM 2008 3
Configuration is Complex
Source: The Yankee Group, 2004
Source: Juniper Networks, 2008
“... human error isblamed for 50-80%of network outages.”
“80% of IT budgets isused to maintain the status quo.”
Why is configurationhard today?
August 19, 2008 Yale LANS / SIGCOMM 2008 4
Simulation & Analysis Depend on
simplified models Network structure Hardware and software
Limited scalability Hard to access
real traffic
Configuration Management Today
OSPF eBGP
VPNs
ACLs
TE
SLAsiBGPTraffic Software
Hardware
August 19, 2008 Yale LANS / SIGCOMM 2008 5
Configuration Management Today Simulation & Analysis
Depend onsimplified models Network structure Hardware and software
Limited scalability Hard to access
real traffic
Test networks Can be prohibitively expensive
OSPF eBGP
VPNs
ACLs
TE
SLAsiBGPTraffic Software
Hardware
August 19, 2008 Yale LANS / SIGCOMM 2008 6
Configuration Management Today Simulation & Analysis
Depend onsimplified models Network structure Hardware and software
Limited scalability Hard to access
real traffic
Test networks Can be prohibitively expensive
OSPF eBGP
VPNs
ACLs
TE
SLAsiBGPTraffic Software
Hardware
Why are thesenot enough?
August 19, 2008 Yale LANS / SIGCOMM 2008 7
Analogy with Programming
Programming
Program TargetSystem
August 19, 2008 Yale LANS / SIGCOMM 2008 8
Analogy with Programming
Programming
Network ManagementProgram TargetSystem
Configs TargetNetwork
August 19, 2008 Yale LANS / SIGCOMM 2008 9
Analogy with DatabasesDatabases
INSERT ...
DELETE ...
UPDATE ...
INSERT ...
DELETE ...
UPDATE ...
STATE A
STATE B
August 19, 2008 Yale LANS / SIGCOMM 2008 10
Analogy with DatabasesDatabases
Network Management
INSERT ...
DELETE ...
UPDATE ...
INSERT ...
DELETE ...
UPDATE ...
STATE A
STATE B
ip route ...
ip addr ...
STATE A
?
router bgp ...
STATE B
STATE C
router ospf ...STATE D
August 19, 2008 Yale LANS / SIGCOMM 2008 11
Enter, Shadow Configurations
Key ideas Allow additional (shadow)
config on each router In-network, interactive
shadow environment “Shadow” term from
computer graphicsOSPF eBGP
VPNs
ACLs
TE
SLAsiBGPTraffic Software
Hardware
August 19, 2008 Yale LANS / SIGCOMM 2008 12
Enter, Shadow Configurations
OSPF eBGP
VPNs
ACLs
TE
SLAsiBGPTraffic Software
Hardware
Key Benefits Realistic (no model) Scalable
Access to real traffic Transactional
Key ideas Allow additional (shadow)
config on each router In-network, interactive
shadow environment “Shadow” term from
computer graphics
August 19, 2008 Yale LANS / SIGCOMM 2008 13
Roadmap
Motivation and Overview
System Basics and Usage
System Components Design and Architecture Performance Testing Transaction Support
Implementation and Evaluation
August 19, 2008 Yale LANS / SIGCOMM 2008 14
What's in the shadow configuration? Routing parameters ACLs Interface parameters VPNs QoS parameters
Shadow configReal
config
System Basics
August 19, 2008 Yale LANS / SIGCOMM 2008 15
What's in the shadow configuration? Routing parameters ACLs Interface parameters VPNs QoS parameters
Shadow configReal
config
Shadow headermarked “1”
Real headermarked “0”
System Basics
August 19, 2008 Yale LANS / SIGCOMM 2008 16
Example Usage Scenario:Backup Path Verification
Primary
Backup
August 19, 2008 Yale LANS / SIGCOMM 2008 17
Example Usage Scenario:Backup Path Verification
Send test packets in shadow
August 19, 2008 Yale LANS / SIGCOMM 2008 18
Example Usage Scenario:Backup Path Verification
Disableshadow link
X X
August 19, 2008 Yale LANS / SIGCOMM 2008 20
Example Usage Scenario:Configuration Evaluation Video Server
August 19, 2008 Yale LANS / SIGCOMM 2008 21
Example Usage Scenario:Configuration Evaluation Video Server
August 19, 2008 Yale LANS / SIGCOMM 2008 22
Example Usage Scenario:Configuration Evaluation Video Server
Duplicate packets to
shadow
August 19, 2008 Yale LANS / SIGCOMM 2008 23
Roadmap
Motivation and Overview
System Basics and Usage
System Components Design and Architecture Performance Testing Transaction Support
Implementation and Evaluation
August 19, 2008 Yale LANS / SIGCOMM 2008 24
Design and Architecture
Management
Control Plane
Forwarding Engine
Configuration UI
BGPOSPF
IS-IS
Interface0
Interface1
Interface2
Interface3
FIB
August 19, 2008 Yale LANS / SIGCOMM 2008 25
Design and Architecture
Management
Control Plane
Forwarding Engine
Configuration UI
BGPOSPF
IS-IS
Shadow-enabled FIB
Shadow Bandwidth Control
Interface0
Interface1
Interface2
Interface3
August 19, 2008 Yale LANS / SIGCOMM 2008 26
Design and Architecture
Management
Control Plane
Forwarding Engine
Configuration UI
Shadow Management
BGPOSPF
IS-IS
BGPOSPF
IS-IS
Shadow-enabled FIB
Shadow Bandwidth Control
Interface0
Interface1
Interface2
Interface3
August 19, 2008 Yale LANS / SIGCOMM 2008 27
Design and Architecture
Management
Control Plane
Forwarding Engine
Configuration UI
Shadow Management
CommitmentBGP
OSPF
IS-IS
BGPOSPF
IS-IS
Shadow-enabled FIB
Shadow Bandwidth Control
Interface0
Interface1
Interface2
Interface3
August 19, 2008 Yale LANS / SIGCOMM 2008 28
Design and Architecture
Management
Control Plane
Forwarding Engine
Configuration UI Shadow Traffic
ControlFIB Analysis
Debugging Tools
Shadow Management
CommitmentBGP
OSPF
IS-IS
BGPOSPF
IS-IS
Shadow-enabled FIB
Shadow Bandwidth Control
Interface0
Interface1
Interface2
Interface3
August 19, 2008 Yale LANS / SIGCOMM 2008 29
Design and Architecture
Management
Control Plane
Forwarding Engine
Configuration UI Shadow Traffic
ControlFIB Analysis
Debugging Tools
Shadow Management
CommitmentBGP
OSPF
IS-IS
BGPOSPF
IS-IS
Shadow-enabled FIB
Shadow Bandwidth Control
Interface0
Interface1
Interface2
Interface3
August 19, 2008 Yale LANS / SIGCOMM 2008 30
Shadow Bandwidth Control
Requirements Minimal impact on real traffic Accurate performance measurements of shadow
configuration
August 19, 2008 Yale LANS / SIGCOMM 2008 31
Shadow Bandwidth Control
Requirements Minimal impact on real traffic Accurate performance measurements of shadow
configuration
Supported Modes Priority Bandwidth Partitioning Packet Cancellation
August 19, 2008 Yale LANS / SIGCOMM 2008 32
Observation Content of payload may not important in many network
performance testing scenarios Only payload size may matter
Packet Cancellation
August 19, 2008 Yale LANS / SIGCOMM 2008 33
Observation Content of payload may not important in many network
performance testing scenarios Only payload size may matter
Idea: only need headers for shadow traffic
Piggyback shadowheaders on realpackets
Piggybackedshadowheader
Packet Cancellation
August 19, 2008 Yale LANS / SIGCOMM 2008 34
Packet Cancellation Details
Output interface maintains real and shadow queues
Packet cancellation scheduling
If real queue non-empty Grab real packet Piggyback shadow header(s)
if available
Else if shadow queue non-empty Send full shadow packet
August 19, 2008 Yale LANS / SIGCOMM 2008 35
Commitment
Objectives Smoothly swap real and shadow across network
Eliminate effects of transient states due to config changes Easy to swap back
August 19, 2008 Yale LANS / SIGCOMM 2008 36
Commitment
Objectives Smoothly swap real and shadow across network
Eliminate effects of transient states due to config changes Easy to swap back
Issue Packet marked with shadow bit
0 = Real, 1 = Shadow Shadow bit determines which FIB to use Routers swap FIBs asynchronously Inconsistent FIBs applied on the path
August 19, 2008 Yale LANS / SIGCOMM 2008 37
Commitment Protocol
Idea: Use tags to achieve consistency Temporary identifiers
Basic algorithm has 4 phases
August 19, 2008 Yale LANS / SIGCOMM 2008 38
Commitment Protocol
Idea: Use tags to achieve consistency Temporary identifiers
Basic algorithm has 4 phases Distribute tags for each config
C-old for current real config C-new for current shadow config
0
0
00
1 1
0: C-old1: C-new
10
10
10
0
August 19, 2008 Yale LANS / SIGCOMM 2008 39
Commitment Protocol
Idea: Use tags to achieve consistency Temporary identifiers
Basic algorithm has 4 phases Distribute tags for each config
C-old for current real config C-new for current shadow config
Routers mark packets with tags C-old
C-newC-old
C-old
C-newC-old
C-old
C-old
C-old
C-old
C-newC-new
C-new10
10
10
0
August 19, 2008 Yale LANS / SIGCOMM 2008 40
C-old
C-newC-old
C-old
C-newC-old
C-old
C-old
C-old
C-old
C-newC-new
C-new
0: C-new1: C-old
1 0
1 0
1 0
1
Commitment Protocol
Idea: Use tags to achieve consistency Temporary identifiers
Basic algorithm has 4 phases Distribute tags for each config
C-old for current real config C-new for current shadow config
Routers mark packets with tags Swap configs (tags still valid)
August 19, 2008 Yale LANS / SIGCOMM 2008 41
Commitment Protocol
Idea: Use tags to achieve consistency Temporary identifiers
Basic algorithm has 4 phases Distribute tags for each config
C-old for current real config C-new for current shadow config
Routers mark packets with tags Swap configs (tags still valid) Remove tags from packets
Resume use of shadow bit 0 0
1 0
1 0
1 0
1
August 19, 2008 Yale LANS / SIGCOMM 2008 42
Commitment Protocol
Idea: Use tags to achieve consistency Temporary identifiers
Basic algorithm has 4 phases Distribute tags for each config
C-old for current real config C-new for current shadow config
Routers mark packets with tags Swap configs (tags still valid) Remove tags from packets
Resume use of shadow bit For more details, see paper
0 0
1 0
1 0
1 0
1
August 19, 2008 Yale LANS / SIGCOMM 2008 43
Roadmap
Motivation and Overview
System Basics and Usage
System Components Design and Architecture Performance Testing Transaction Support
Implementation and Evaluation
August 19, 2008 Yale LANS / SIGCOMM 2008 44
Implementation
Kernel-level (based on Linux 2.6.22.9) TCP/IP stack support FIB management Commitment hooks Packet cancellation
Tools Transparent software router support (Quagga + XORP) Full commitment protocol Configuration UI (command-line based)
Evaluated on Emulab (3Ghz HT CPUs)
August 19, 2008 Yale LANS / SIGCOMM 2008 45
Static FIB 300B pkts No route caching
With FIB updates 300B pkts @ 100Mbps 1-100 updates/sec No route caching
Static FIB300B pktsNo route caching
August 19, 2008 Yale LANS / SIGCOMM 2008 46
FIB storage overhead for US Tier-1 ISP
Evaluation: Memory Overhead
August 19, 2008 Yale LANS / SIGCOMM 2008 47
Evaluation: Packet Cancellation
Accurate streaming throughput measurement Abilene topology Real transit traffic duplicated to shadow Video streaming traffic in shadow
August 19, 2008 Yale LANS / SIGCOMM 2008 48
Evaluation: Packet Cancellation
Limited interaction of real and shadow Intersecting real and shadow flows
CAIDA traces
Vary flow utilizations
August 19, 2008 Yale LANS / SIGCOMM 2008 49
Evaluation: Packet Cancellation
Limited interaction of real and shadow Intersecting real and shadow flows
CAIDA traces
Vary flow utilizations
August 19, 2008 Yale LANS / SIGCOMM 2008 50
Evaluation: Commitment
Applying OSPF link-weight changes Abilene topology with 3 external peers
Configs translated to Quagga syntax Abilene BGP dumps
August 19, 2008 Yale LANS / SIGCOMM 2008 51
Evaluation: Commitment
Applying OSPF link-weight changes Abilene topology with 3 external peers
Configs translated to Quagga syntax Abilene BGP dumps
Reconvergence in shadow
August 19, 2008 Yale LANS / SIGCOMM 2008 52
Conclusion and Future Work
Shadow configurations is new management primitive Realistic in-network evaluation Network-wide transactional support for configuration
Future work Evaluate on carrier-grade installations Automated proactive testing Automated reactive debugging