P4BFT: Hardware-Accelerated Byzantine-Resilient Network Control Plane

Byzantine Fault Tolerance (BFT) enables correct operation of distributed, i.e., replicated applications in the face of malicious take-over and faulty/buggy individual instances. Recently, BFT designs have gained traction in the context of Software Defined Networking (SDN). In SDN, controller replicas are distributed and their state replicated for high availability purposes. Malicious controller replicas, however, may destabilize the control plane and manipulate the data plane, thus motivating the BFT requirement. Nonetheless, deploying BFT in practice comes at a disadvantage of increased traffic load stemming from replicated controllers, as well as a requirement for proprietary switch functionalities, thus putting strain on switches' control plane where particular BFT actions must be executed in software. P4BFT leverages an optimal strategy to decrease the total amount of messages transmitted to switches that are the configuration targets of SDN controllers. It does so by means of message comparison and deduction of correct messages in the determined optimal locations in the data plane. In terms of the incurred control plane load, our P4-based data plane extensions outperform the existing solutions by ~33.2% and ~40.2% on average, in random 128-switch and Fat-Tree/Internet2 topologies, respectively. To validate the correctness and performance gains of P4BFT, we deploy bmv2 and Netronome Agilio SmartNIC-based topologies. The advantages of P4BFT can thus be reproduced both with software switches and "commodity" P4-enabled hardware. A hardware- accelerated controller packet comparison procedure results in an average 96.4% decrease in processing delay per request compared to existing software approaches.

[1]  Pavlin Radoslavov,et al.  ONOS: towards an open, distributed SDN OS , 2014, HotSDN.

[2]  Wolfgang Kellerer,et al.  Response Time and Availability Study of RAFT Consensus in Distributed SDN Control Plane , 2018, IEEE Transactions on Network and Service Management.

[3]  Wolfgang Kellerer,et al.  BFT Protocols for Heterogeneous Resource Allocations in Distributed SDN Control Plane , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[4]  George Varghese,et al.  P4: programming protocol-independent packet processors , 2013, CCRV.

[5]  Panos Kalnis,et al.  In-Network Computation is a Dumb Idea Whose Time Has Come , 2017, HotNets.

[6]  Tram Truong Huu,et al.  Primary-Backup Controller Mapping for Byzantine Fault Tolerance in Software Defined Networks , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[7]  Petr Kuznetsov,et al.  In-Band Synchronization for Distributed SDN Control Planes , 2016, CCRV.

[8]  C. Copeland,et al.  Tangaroa : a Byzantine Fault Tolerant Raft , 2014 .

[9]  Song Guo,et al.  Byzantine-Resilient Secure Software-Defined Networks with Multiple Controllers in Cloud , 2014, IEEE Transactions on Cloud Computing.

[10]  Bo Han,et al.  Network-Assisted Raft Consensus Algorithm , 2017, SIGCOMM Posters and Demos.

[11]  Andrea Bianco,et al.  Inter-controller traffic in ONOS clusters for SDN networks , 2016, 2016 IEEE International Conference on Communications (ICC).

[12]  Jon Crowcroft,et al.  Raft Refloated: Do We Have Consensus? , 2015, OPSR.

[13]  Wolfgang Kellerer,et al.  MORPH: An Adaptive Framework for Efficient and Byzantine Fault-Tolerant SDN Control Plane , 2018, IEEE Journal on Selected Areas in Communications.

[14]  Tobias Distler,et al.  Scalable Byzantine Fault Tolerance on Heterogeneous Servers , 2017, 2017 13th European Dependable Computing Conference (EDCC).

[15]  Fernando Pedone,et al.  Paxos Made Switch-y , 2015, CCRV.

[16]  Jan Medved,et al.  OpenDaylight: Towards a Model-Driven SDN Controller architecture , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.