Managing the network with Merlin

This paper presents the Merlin network management framework. With Merlin, administrators express network policy using programs in a declarative language based on logical predicates and regular expressions. The Merlin compiler automatically partitions these programs into components that can be placed on a variety of devices including switches, middleboxes, and end hosts. It uses a constraint solver and parameterizable heuristics to allocate resources such as paths and bandwidth. To ease the administration of federated networks, Merlin provides mechanisms for delegating management of sub-policies to tenants, along with tools for verifying that delegated sub-policies do not violate global constraints. Overall, Merlin simplifies the task of network administration by providing high-level abstractions for directly specifying network policy.

[1]  David Walker,et al.  Frenetic: a network programming language , 2011, ICFP.

[2]  Thomas E. Anderson,et al.  ETTM: A Scalable Fault Tolerant Network Manager , 2011, NSDI.

[3]  I. Stoica,et al.  FairCloud: sharing the network in cloud computing , 2011, CCRV.

[4]  Min Zhu,et al.  B4: experience with a globally-deployed software defined wan , 2013, SIGCOMM.

[5]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[6]  Emin Gün Sirer,et al.  SideCar: building programmable datacenter networks without programmable switches , 2010, Hotnets-IX.

[7]  Eddie Kohler,et al.  The Click modular router , 1999, SOSP.

[8]  Aditya Akella,et al.  Toward software-defined middlebox networking , 2012, HotNets-XI.

[9]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[10]  Angelos D. Keromytis,et al.  Implementing a distributed firewall , 2000, CCS.

[11]  Albert G. Greenberg,et al.  Seawall: Performance Isolation for Cloud Datacenter Networks , 2010, HotCloud.

[12]  Martín Casado,et al.  Practical declarative network management , 2009, WREN '09.

[13]  Ravindra K. Ahuja,et al.  Network Flows: Theory, Algorithms, and Applications , 1993 .

[14]  Xin Qi,et al.  Fabric: a platform for secure distributed computation and storage , 2009, SOSP '09.

[15]  Sanjay Ghemawat,et al.  MapReduce: Simplified Data Processing on Large Clusters , 2004, OSDI.

[16]  Jon M. Kleinberg,et al.  Single-source unsplittable flow , 1996, Proceedings of 37th Conference on Foundations of Computer Science.

[17]  Vyas Sekar,et al.  Design and Implementation of a Consolidated Middlebox Architecture , 2012, NSDI.

[18]  Minlan Yu,et al.  SIMPLE-fying middlebox policy enforcement using SDN , 2013, SIGCOMM.

[19]  David Walker,et al.  A compiler and run-time system for network programming languages , 2012, POPL '12.

[20]  Clifford Stein,et al.  Approximation Algorithms for Single-Source Unsplittable Flow , 2001, SIAM J. Comput..

[21]  Chen Liang,et al.  Participatory networking: an API for application control of SDNs , 2013, SIGCOMM 2013.

[22]  Michel X. Goemans,et al.  On the Single-Source Unsplittable Flow Problem , 1999, Comb..

[23]  David Walker,et al.  Composing Software Defined Networks , 2013, NSDI.

[24]  Martín Casado,et al.  Ethane: taking control of the enterprise , 2007, SIGCOMM '07.

[25]  Paul Hudak,et al.  Maple: simplifying SDN programming using algorithmic policies , 2013, SIGCOMM.

[26]  Sanjay Ghemawat,et al.  MapReduce: simplified data processing on large clusters , 2008, CACM.

[27]  Shi Li,et al.  A Polylogarithmic Approximation Algorithm for Edge-Disjoint Paths with Congestion 2 , 2012, FOCS.

[28]  Cynthia Barnhart,et al.  Using Branch-and-Price-and-Cut to Solve Origin-Destination Integer Multicommodity Flow Problems , 2000, Oper. Res..

[29]  Albert G. Greenberg,et al.  EyeQ: Practical Network Performance Isolation at the Edge , 2013, NSDI.

[30]  Dario Rossi,et al.  Detailed Analysis of Skype Traffic , 2009, IEEE Transactions on Multimedia.

[31]  Nate Foster,et al.  NetKAT: semantic foundations for networks , 2014, POPL.

[32]  Brighten Godfrey,et al.  Pathlet routing , 2009, SIGCOMM '09.

[33]  Yoav Tock,et al.  Dr. multicast: Rx for data center communication scalability , 2010, EuroSys '10.

[34]  A. Rowstron,et al.  Towards predictable datacenter networks , 2011, SIGCOMM.

[35]  Vyas Sekar,et al.  Making middleboxes someone else's problem: network processing as a cloud service , 2012, SIGCOMM '12.

[36]  Xin Zheng,et al.  Secure web applications via automatic partitioning , 2007, SOSP.

[37]  Katerina J. Argyraki,et al.  RouteBricks: exploiting parallelism to scale software routers , 2009, SOSP '09.

[38]  Martín Casado,et al.  Fabric: a retrospective on evolving SDN , 2012, HotSDN '12.

[39]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[40]  Shi Li,et al.  A Polylogarithmic Approximation Algorithm for Edge-Disjoint Paths with Congestion 2 , 2012, 2012 IEEE 53rd Annual Symposium on Foundations of Computer Science.

[41]  Amit Kumar,et al.  Approximation Algorithms for the Unsplittable Flow Problem , 2002, Algorithmica.