Data Plane Programmability Beyond OpenFlow: Opportunities and Challenges for Network and Service Operations and Management

SDN and OpenFlow reshaped the way we configure forwarding devices and determine network behavior, by offering an open interface upon which apps like routing, monitoring, etc. can be built. SDN/OpenFlow helped break network “ossification” and unleash evolution, by enabling one to effectively think networking from top-down. It evidenced, however, a subtle but important problem: networking evolution is also hampered by the inability to change switch behavior, which forces one to build systems constrained from the bottom up. This scenario can change dramatically with the re-emergence of programmable data planes, and languages like POF and P4. Although recent, these languages proved to be very influential, powering several contributions towards flexible and customizable forwarding devices. In this paper, we survey the literature on data plane programmability, from early concepts (like Active Networks) to state-of-the-art solutions. We then dive into research questions that more recent work (especially P4) have uncovered: how to deploy and manage custom switch programs in large-scale networks? Can we improve services like monitoring and security with programmable data planes? Can we make network operation more dependable? As another contribution, we organize and discuss opportunities and challenges with potential to influence research in the field, from the perspective of network and service operations and management.

[1]  Raouf Boutaba,et al.  Policy-based Management: A Historical Perspective , 2007, Journal of Network and Systems Management.

[2]  Anat Bremler-Barr,et al.  OpenBox: A Software-Defined Framework for Developing, Deploying, and Managing Network Functions , 2016, SIGCOMM.

[3]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[4]  Hilarie K. Orman,et al.  Activating Networks: A Progress Report , 1999, Computer.

[5]  Wolfgang Kellerer,et al.  Survey on Network Virtualization Hypervisors for Software Defined Networking , 2015, IEEE Communications Surveys & Tutorials.

[6]  David Walker,et al.  Frenetic: a high-level language for OpenFlow networks , 2010, PRESTO '10.

[7]  Hong Yan,et al.  Tesseract: A 4D Network Control Plane , 2007, NSDI.

[8]  Scott Shenker,et al.  Ethane: taking control of the enterprise , 2007, SIGCOMM.

[9]  John V. Guttag,et al.  ANTS: a toolkit for building and dynamically deploying network protocols , 1998, 1998 IEEE Open Architectures and Network Programming.

[10]  Jennifer Rexford,et al.  Dapper: Data Plane Performance Diagnosis of TCP , 2016, SOSR.

[11]  George Varghese,et al.  New directions in traffic measurement and accounting: Focusing on the elephants, ignoring the mice , 2003, TOCS.

[12]  Nick McKeown,et al.  PISCES: A Programmable, Protocol-Independent Software Switch , 2016, SIGCOMM.

[13]  T. V. Lakshman,et al.  The SoftRouter Architecture , 2016 .

[14]  Lisandro Zambenedetti Granville,et al.  Refined failure remediation for IT change management systems , 2009, 2009 IFIP/IEEE International Symposium on Integrated Network Management.

[15]  Nicholas Kyriakopoulos,et al.  A comparative analysis of network dependability, fault-tolerance, reliability, security, and survivability , 2009, IEEE Communications Surveys & Tutorials.

[16]  Marco Canini,et al.  A NICE Way to Test OpenFlow Applications , 2012, NSDI.

[17]  George Varghese,et al.  Usenix Association 10th Usenix Symposium on Networked Systems Design and Implementation (nsdi '13) 99 Real Time Network Policy Checking Using Header Space Analysis , 2022 .

[18]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[19]  Nick Feamster,et al.  Detecting BGP configuration faults with static analysis , 2005 .

[20]  Emil C. Lupu,et al.  Security and management policy specification , 2002, IEEE Netw..

[21]  Mark Allman,et al.  Measuring IPv6 adoption , 2014, SIGCOMM.

[22]  Jim Esch,et al.  Software-Defined Networking: A Comprehensive Survey , 2015, Proc. IEEE.

[23]  Jürgen Quittek,et al.  Applying and Evaluating Active Technologies in Distributed Management , 2004, Journal of Network and Systems Management.

[24]  John Moy,et al.  OSPF Version 2 , 1998, RFC.

[25]  Samuel T. King,et al.  Debugging the data plane with anteater , 2011, SIGCOMM 2011.

[26]  Pontus Sköldström,et al.  Centrally Controlled Distributed VNF State Management , 2015, HotMiddlebox@SIGCOMM.

[27]  Tal Mizrahi,et al.  The case for Data Plane Timestamping in SDN , 2016, 2016 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[28]  Deep Medhi,et al.  Network routing - algorithms, protocols, and architectures , 2007 .

[29]  Vinton G. Cerf,et al.  Specification of Internet Transmission Control Program , 1974, RFC.

[30]  Tim Berners-Lee,et al.  WorldWideWeb : proposal for a HyperText Project , 1990 .

[31]  Tianlong Yu,et al.  BUZZ: Testing Context-Dependent Policies in Stateful Networks , 2016, NSDI.

[32]  Minlan Yu,et al.  FlowRadar: A Better NetFlow for Data Centers , 2016, NSDI.

[33]  Haoyu Song,et al.  Protocol-oblivious forwarding: unleash the power of SDN through a future-proof forwarding plane , 2013, HotSDN '13.

[34]  Lisandro Zambenedetti Granville,et al.  ChangeLedge: Change design and planning in networked systems based on reuse of knowledge and automation , 2009, Comput. Networks.

[35]  Dinesh C. Verma,et al.  Simplifying network administration using policy-based management , 2002, IEEE Netw..

[36]  Dijiang Huang,et al.  SnortFlow: A OpenFlow-Based Intrusion Prevention System in Cloud Environment , 2013, 2013 Second GENI Research and Educational Experiment Workshop.

[37]  Kun-Lung Wu,et al.  The CHAMPS system: change management with planning and scheduling , 2004, 2004 IEEE/IFIP Network Operations and Management Symposium (IEEE Cat. No.04CH37507).

[38]  Morris Sloman,et al.  Policy driven management for distributed systems , 1994, Journal of Network and Systems Management.

[39]  William A. Arbaugh,et al.  The SwitchWare active network architecture , 1998, IEEE Netw..

[40]  Ram Dantu,et al.  Forwarding and Control Element Separation (ForCES) Framework , 2004, RFC.

[41]  Hana Kubatova,et al.  P4-to-VHDL: Automatic Generation of 100 Gbps Packet Parsers , 2016, 2016 IEEE 24th Annual International Symposium on Field-Programmable Custom Computing Machines (FCCM).

[42]  Yakov Rekhter,et al.  A Border Gateway Protocol 4 (BGP-4) , 1994, RFC.

[43]  Obi Akonjang,et al.  SANE: A Protection Architecture For Enterprise Networks , 2007 .

[44]  Kenneth L. Calvert,et al.  Directions in active networks , 1998 .

[45]  Ben Y. Zhao,et al.  Packet-Level Telemetry in Large Datacenter Networks , 2015, SIGCOMM.

[46]  Nick Feamster,et al.  The case for separating routing from routers , 2004, FDNA '04.

[47]  Benoit Claise,et al.  Network Management - Accounting and Performance Strategies , 2007 .

[48]  Brighten Godfrey,et al.  VeriFlow: verifying network-wide invariants in real time , 2012, HotSDN '12.

[49]  Arun K. Sood,et al.  A Comparison of Intrusion-Tolerant System Architectures , 2011, IEEE Security & Privacy.

[50]  Walter Willinger,et al.  Sonata: Query-Driven Network Telemetry , 2017, ArXiv.

[51]  Mohsen Guizani,et al.  Software-defined networking security: pros and cons , 2015, IEEE Communications Magazine.

[52]  Sujata Banerjee,et al.  P5: Policy-driven optimization of P4 pipeline , 2017, SOSR.

[53]  Martín Casado,et al.  NOX: towards an operating system for networks , 2008, CCRV.

[54]  Rolf Stadler,et al.  The impact of active networking technology on service management in a telecom environment , 1999, Integrated Network Management VI. Distributed Management for the Networked Millennium. Proceedings of the Sixth IFIP/IEEE International Symposium on Integrated Network Management. (Cat. No.99EX302).

[55]  Jari Arkko,et al.  Introduction to Accounting Management , 2000, RFC.

[56]  Chen-Nee Chuah,et al.  FIREMAN: a toolkit for firewall modeling and analysis , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[57]  G.J. Minden,et al.  A survey of active network research , 1997, IEEE Communications Magazine.

[58]  Emil C. Lupu,et al.  Conflicts in Policy-Based Distributed Systems Management , 1999, IEEE Trans. Software Eng..

[59]  Jonathan S. Turner,et al.  Diversifying the Internet , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[60]  Tal Mizrahi,et al.  Requirements for In-situ OAM , 2017 .

[61]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.

[62]  Katerina J. Argyraki,et al.  Software dataplane verification , 2014, NSDI.

[63]  Robert S. Gray,et al.  Agent Tcl: a Exible and Secure Mobile-agent System , 1996 .

[64]  G. Finn,et al.  A Virtual Internet Architecture , 2003 .

[65]  Marianne Shaw,et al.  Active bridging , 1997, SIGCOMM '97.

[66]  Nancy R. Mead,et al.  Survivable Network Systems: An Emerging Discipline , 1997 .

[67]  Dorgival O. Guedes,et al.  Programmable Networks—From Software-Defined Radio to Software-Defined Networking , 2015, IEEE Communications Surveys & Tutorials.

[68]  George Varghese,et al.  Checking Beliefs in Dynamic Networks , 2015, NSDI.

[69]  Xin Jin,et al.  CoVisor: A Compositional Hypervisor for Software-Defined Networks , 2015, NSDI.

[70]  David Walker,et al.  Composing Software Defined Networks , 2013, NSDI.

[71]  Costin Raiciu,et al.  SymNet: Scalable symbolic execution for modern networks , 2016, SIGCOMM.

[72]  Minlan Yu,et al.  Software Defined Traffic Measurement with OpenSketch , 2013, NSDI.

[73]  Jamal Hadi Salim,et al.  Linux Netlink as an IP Services Protocol , 2003, RFC.

[74]  Paulo Veríssimo,et al.  Intrusion-tolerant middleware: the road to automatic security , 2006, IEEE Security & Privacy.

[75]  Fernando Pedone,et al.  Paxos Made Switch-y , 2015, CCRV.

[76]  Stephen E. Deering,et al.  Internet Protocol, Version 6 (IPv6) Specification , 1995, RFC.

[77]  Ramesh Govindan,et al.  A General Approach to Network Configuration Analysis , 2015, NSDI.

[78]  George Varghese,et al.  Header Space Analysis: Static Checking for Networks , 2012, NSDI.

[79]  Jennifer Rexford,et al.  Scalable Network Virtualization in Software-Defined Networks , 2013, IEEE Internet Computing.

[80]  Akhil Sahai,et al.  A Classification-Based Approach to Policy Refinement , 2007, 2007 10th IFIP/IEEE International Symposium on Integrated Network Management.

[81]  Jacobus E. van der Merwe,et al.  HyPer4: Using P4 to Virtualize the Programmable Data Plane , 2016, CoNEXT.

[82]  Samar Abdi,et al.  PFPSim: A programmable forwarding plane simulator , 2016, 2016 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[83]  Nick Feamster,et al.  The road to SDN: an intellectual history of programmable networks , 2014, CCRV.

[84]  Scott Shenker,et al.  Overcoming the Internet impasse through virtualization , 2005, Computer.

[85]  Jacob Nelson,et al.  Evaluating the Power of Flexible Packet Processing for Network Resource Allocation , 2017, NSDI.

[86]  Yan Chen,et al.  Reversible sketches for efficient and accurate change detection over network data streams , 2004, IMC '04.

[87]  Radia J. Perlman,et al.  An algorithm for distributed computation of a spanningtree in an extended LAN , 1985, SIGCOMM '85.

[88]  Yashar Ganjali,et al.  HyperFlow: A Distributed Control Plane for OpenFlow , 2010, INM/WREN.

[89]  Jürgen Schönwälder,et al.  Network Configuration Protocol (NETCONF) , 2011, RFC.

[90]  Huynh Tu Dang,et al.  P4FPGA: A Rapid Prototyping Framework for P4 , 2017, SOSR.

[91]  Vinod Yegneswaran,et al.  Model checking invariant security properties in OpenFlow , 2013, 2013 IEEE International Conference on Communications (ICC).

[92]  Vinton G. Cerf,et al.  A brief history of the internet , 1999, CCRV.

[93]  Anat Bremler-Barr,et al.  OpenBox: Enabling Innovation in Middlebox Applications , 2015, HotMiddlebox '15.

[94]  George Varghese,et al.  Forwarding metamorphosis: fast programmable match-action processing in hardware for SDN , 2013, SIGCOMM.

[95]  Albert G. Greenberg,et al.  On static reachability analysis of IP networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[96]  Graham Cormode,et al.  An improved data stream summary: the count-min sketch and its applications , 2004, J. Algorithms.

[97]  Jorge Lobo,et al.  Policy refinement: Decomposition and operationalization for dynamic domains , 2011, 2011 7th International Conference on Network and Service Management.

[98]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[99]  Hong Yan,et al.  A clean slate 4D approach to network control and management , 2005, CCRV.

[100]  Rajeev Motwani,et al.  Approximate Frequency Counts over Data Streams , 2012, VLDB.

[101]  Moses Charikar,et al.  Finding frequent items in data streams , 2004, Theor. Comput. Sci..

[102]  David Wetherall,et al.  Active network vision and reality: lessons from a capsule-based system , 1999, OPSR.

[103]  S. Muthukrishnan,et al.  Heavy-Hitter Detection Entirely in the Data Plane , 2016 .

[104]  Alfons Kemper,et al.  Efficient verification of IT change operations or: How we could have prevented Amazon's cloud outage , 2012, 2012 IEEE Network Operations and Management Symposium.

[105]  Anirudh Sivaraman,et al.  In-band Network Telemetry via Programmable Dataplanes , 2015 .

[106]  Yu Zhou,et al.  MPVisor: A Modular Programmable Data Plane Hypervisor , 2017, SOSR.

[107]  Huynh Tu Dang,et al.  Whippersnapper: A P4 Language Benchmark Suite , 2017, SOSR.

[108]  Jürgen Quittek,et al.  Script MIB Extensibility Protocol Version 1.1 , 2001, RFC.

[109]  Andrea Westerinen,et al.  Terminology for Policy-Based Management , 2001, RFC.

[110]  Yan Luo,et al.  P4GPU: Acceleration of programmable data plane using a CPU-GPU heterogeneous architecture , 2016, 2016 IEEE 17th International Conference on High Performance Switching and Routing (HPSR).

[111]  Yan Luo,et al.  P4GPU: Accelerate packet processing of a P4 program with a CPU-GPU heterogeneous architecture , 2016, 2016 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[112]  George Pavlou,et al.  Decentralized Solutions for Monitoring Large-Scale Software-Defined Networks , 2016, AIMS.

[113]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[114]  Vinton G. Cerf,et al.  A protocol for packet network intercommunication , 1974, CCRV.

[115]  Vyas Sekar,et al.  Making middleboxes someone else's problem: network processing as a cloud service , 2012, SIGCOMM '12.

[116]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[117]  Jennifer Rexford,et al.  CLOVE: How I learned to stop worrying about the core and love the edge , 2016, HotNets.

[118]  Damien Zufferey,et al.  P: safe asynchronous event-driven programming , 2013, PLDI.

[119]  Ehab Al-Shaer,et al.  Taxonomy of conflicts in network security policies , 2006, IEEE Communications Magazine.

[120]  George Varghese,et al.  P4: programming protocol-independent packet processors , 2013, CCRV.