Christopher Monsanto
Nate Foster
Abstract
Software-defined networks (SDNs) are a new kind of network architecture in which a controller machine manages a distributed collection of switches by instructing them to install or uninstall packet-forwarding rules and report traffic statistics. The recently formed Open Networking Consortium, whose members include Google, Facebook, Microsoft, Verizon, and others, hopes to use this architecture to transform the way that enterprise and data center networks are implemented.
In this paper, we define a high-level, declarative language, called NetCore, for expressing packet-forwarding policies on SDNs. NetCore is expressive, compositional, and has a formal semantics. To ensure that a majority of packets are processed efficiently on switches---instead of on the controller---we present new compilation algorithms for NetCore and couple them with a new run-time system that issues rule installation commands and traffic-statistics queries to switches. Together, the compiler and run-time system generate efficient rules whenever possible and outperform the simple, manual techniques commonly used to program SDNs today. In addition, the algorithms we develop are generic, assuming only that the packet-matching capabilities available on switches satisfy some basic algebraic laws.
Overall, this paper delivers a new design for a high-level network programming language; an improved set of compiler algorithms; a new run-time system for SDN architectures; the first formal semantics and proofs of correctness in this domain; and an implementation and evaluation that demonstrates the performance benefits over traditional manual techniques.
Supplemental Material
- Beacon: A java-based OpenFlow control platform., Nov 2010. See http://www.beaconcontroller.net.Google Scholar
- G. Berry and G. Boudol. The chemical abstract machine. In POPL, pages 81--94, 1990. Google ScholarDigital Library
- Z. Cai, A. Cox, and T. Ng. Maestro: A system for scalable OpenFlow control. Technical Report TR10-08, Rice University, Dec 2010.Google Scholar
- M. Casado, M. Freedman, J. Pettit, J. Luo, N. Gude, N. McKeown, and S. Shenker. Rethinking enterprise network control. Trans. on Networking., 17(4), Aug 2009. Google ScholarDigital Library
- M. Chen, X. Li, R. Lian, J. Lin, L. Liu, T. Liu, and R. Ju. Shangri-la: Achieving high performance from compiled network applications while enabling ease of programming. In PLDI, Jun 2005. Google ScholarDigital Library
- M. Cristea, C. Zissulescu, E. Deprettere, and H. Bos. FPL-3E: Towards language support for reconfigurable packet processing. In SAMOS, pages 201--212, Jul 2005. Google ScholarDigital Library
- S. Egorov and G. Savchuk. SNORTRAN: An Optimizing Compiler for Snort Rules. Fidelis Security Systems, 2002.Google Scholar
- D. Erickson et al. A demonstration of virtual machine mobility in an OpenFlow network, Aug 2008. Demo at ACM SIGCOMM.Google Scholar
- N. Foster, R. Harrison, M. Freedman, C. Monsanto, J. Rexford, A. Story, and D. Walker. Frenetic: A network programming language. In ICFP, Sep 2011. Google ScholarDigital Library
- A. Greenberg, G. Hjalmtysson, D. Maltz, A. Myers, J. Rexford, G. Xie, H. Yan, J. Zhan, and H. Zhang. A clean slate 4D approach to network control and management. SIGCOMM Comput. Commun. Rev., 35:41--54, October 2005. Google ScholarDigital Library
- N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado, N. McKeown, and S. Shenker. NOX: Towards an operating system for networks. SIGCOMM CCR, 38(3), 2008. Google ScholarDigital Library
- N. Handigol, S. Seetharaman, M. Flajslik, N. McKeown, and R. Johari. Plug-n-Serve: Load-balancing web traffic using OpenFlow, Aug 2009. Demo at ACM SIGCOMM.Google Scholar
- B. Heller, S. Seetharaman, P. Mahadevan, Y. Yiakoumis, P. Sharma, S. Banerjee, and N. McKeown. ElasticTree: Saving energy in data center networks. In NSDI, Apr 2010. Google ScholarDigital Library
- L. Jose, M. Yu, and J. Rexford. Online measurement of large traffic aggregates on commodity switches. In Hot-ICE, Mar 2011. Google ScholarDigital Library
- T. Koponen, M. Casado, N. Gude, J. Stribling, L. Poutievski, M. Zhu, R. Ramanathan, Y. Iwata, H. Inoue, T. Hama, and S. Shenker. Onix: A distributed control platform for large-scale production networks. In OSDI, Oct 2010. Google ScholarDigital Library
- B. Loo, J. Hellerstein, I. Stoica, and R. Ramakrishnan. Declarative routing: Extensible routing with declarative queries. In SIGCOMM, pages 289--300, 2005. Google ScholarDigital Library
- N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner. Openflow: Enabling innovation in campus networks. SIGCOMM CCR, 38(2):69--74, 2008. Google ScholarDigital Library
- A. Nayak, A. Reimers, N. Feamster, and R. Clark. Resonance: Dynamic access control in enterprise networks. In WREN, Aug 2009. Google ScholarDigital Library
- The Open Networking Foundation, Mar 2011. See http://www.opennetworkingfoundation.org/.Google Scholar
- OpenFlow, Nov 2010. See http://www.openflowswitch.org.Google Scholar
- Vern Paxson. Bro: A system for detecting network intruders in real-time. Computer Networks, 31(23--24):2435--2463, Dec 1999. Google ScholarDigital Library
- J. Sommers, R. Bowden, B. Eriksson, P. Barford, M. Roughan, and N. Duffield. Efficient network-wide flow record generation. In INFOCOM, pages 2363--2371, 2011.Google ScholarCross Ref
- SwitchWare. http://www.cis.upenn.edu/switchware, 1997.Google Scholar
- D. Taylor. Survey and taxonomy of packet classification techniques. ACM Comput. Surv., 37:238--275, September 2005. Google ScholarDigital Library
- A. Voellmy and P. Hudak. Nettle: Functional reactive programming of OpenFlow networks. In PADL, Jan 2011.Google Scholar
- R. Wang, D. Butnariu, and J. Rexford. OpenFlow-based server load balancing gone wild. In Hot-ICE, Mar 2011. Google ScholarDigital Library
- K. Yap, M. Kobayashi, R. Sherwood, T. Huang, M. Chan, N. Handigol, and N. McKeown. OpenRoads: Empowering research in mobile networks. SIGCOMM Comput. Commun. Rev., 40(1):125--126, 2010. Google ScholarDigital Library
Index Terms
- A compiler and run-time system for network programming languages
Recommendations
NetKAT: semantic foundations for networks
POPL '14Recent years have seen growing interest in high-level languages for programming networks. But the design of these languages has been largely ad hoc, driven more by the needs of applications and the capabilities of network hardware than by foundational ...
A compiler and run-time system for network programming languages
POPL '12: Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languagesSoftware-defined networks (SDNs) are a new kind of network architecture in which a controller machine manages a distributed collection of switches by instructing them to install or uninstall packet-forwarding rules and report traffic statistics. The ...
Language support for verifiable SDNs
SPLASH Companion 2016: Companion Proceedings of the 2016 ACM SIGPLAN International Conference on Systems, Programming, Languages and Applications: Software for HumanityProgramming languages for Software-Defined Networks (SDNs) provide higher abstractions on top of hardware-based APIs like OpenFlow. Researchers started to develop SDN programming languages based on mathematical foundations, which makes these languages ...
Comments