A Systematic Approach for Evolving VLAN Designs

Enterprise networks are large and complex, and their designs must be frequently altered to adapt to changing organizational needs. The process of redesigning and reconfiguring enterprise networks is ad-hoc and error-prone, and configuration errors could cause serious issues such as network outages. In this paper, we take a step towards systematic evolution of network designs in the context of virtual local area networks (VLANs). We focus on VLANs given their importance and prevalence, the frequent need to change VLAN designs, and the time-consuming and error-prone process of making changes. We present algorithms for common design tasks encountered in evolving VLANs such as deciding which VLAN a new host must be assigned to. Our algorithms trade off multiple criteria such as broadcast traffic costs, and costs associated with maintaining spanning trees for each VLAN in the network, while honoring correctness and feasibility constraints on the design. Our algorithms also enable automatic detection of network-wide dependencies which must be factored when reconfiguring VLANs. We evaluate our algorithms on longitudinal snapshots of configuration files of a large-scale operational campus network obtained over a two year period. Our results show that our algorithms can produce significantly better designs than current practice, while avoiding errors and minimizing human work. Our unique data-sets also enable us to characterize VLAN related change activity in real networks, an important contribution in its own right.

[1]  Paul Francis,et al.  CONMan: a step towards network manageability , 2007, SIGCOMM.

[2]  Nick Feamster,et al.  Design and implementation of a routing control platform , 2005, NSDI.

[3]  Nan Zhang,et al.  Characterizing VLAN usage in an operational network , 2007, INM '07.

[4]  Albert G. Greenberg,et al.  Configuration management at massive scale: system design and experience , 2007, IEEE Journal on Selected Areas in Communications.

[5]  Hong Yan,et al.  A clean slate 4D approach to network control and management , 2005, CCRV.

[6]  Tal Garfinkel,et al.  SANE: A Protection Architecture for Enterprise Networks , 2006, USENIX Security Symposium.

[7]  David A. Maltz,et al.  Unraveling the Complexity of Network Management , 2009, NSDI.

[8]  Albert G. Greenberg,et al.  VL2: a scalable and flexible data center network , 2009, SIGCOMM '09.

[9]  Franck Le,et al.  Shedding light on the glue logic of the internet routing architecture , 2008, SIGCOMM '08.

[10]  Subhabrata Sen,et al.  Extracting Network-Wide Correlated Changes from Longitudinal Configuration Data , 2009, PAM.

[11]  Carsten Lund,et al.  Modeling and understanding end-to-end class of service policies in operational networks , 2009, SIGCOMM '09.

[12]  R. Dreisbach,et al.  STANFORD UNIVERSITY. , 1914, Science.

[13]  Martín Casado,et al.  Ethane: taking control of the enterprise , 2007, SIGCOMM '07.

[14]  Albert G. Greenberg,et al.  Routing design in operational networks: a look from the inside , 2004, SIGCOMM '04.

[15]  Jennifer Rexford,et al.  Floodless in seattle: a scalable ethernet architecture for large enterprises , 2008, SIGCOMM '08.

[16]  David A. Maltz,et al.  Towards Systematic Design of Enterprise Networks , 2008, IEEE/ACM Transactions on Networking.

[17]  Sanjay G. Rao,et al.  Virtual MAN : A VLAN Management System for Enterprise Networks , 2009 .

[18]  Ratul Mahajan,et al.  Understanding BGP misconfiguration , 2002, SIGCOMM '02.

[19]  Sanjai Narain,et al.  Network Configuration Management via Model Finding , 2005, LISA.

[20]  David A. Maltz,et al.  Network-Wide Decision Making: Toward A Wafer-Thin Control Plane , 2004 .

[21]  Z. Morley Mao,et al.  Towards automated network management: network operations using dynamic views , 2007, INM '07.

[22]  Nick Feamster,et al.  The case for separating routing from routers , 2004, FDNA '04.

[23]  Albert G. Greenberg,et al.  On static reachability analysis of IP networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[24]  C. Issariyapat,et al.  Inference of network-wide VLAN usage in small enterprise networks , 2008, IEEE INFOCOM Workshops 2008.