Clairvoyant Networks

We use the term clairvoyant to refer to networks which provide on-demand visibility for any flow at any time. Traditionally, network visibility is achieved by instrumenting and passively monitoring all flows in a network. SDN networks, by design endowed with full visibility, offer another alternative to network-wide flow monitoring. Both approaches incur significant capital and operational costs to make networks clairvoyant.In this paper, we argue that we can make any existing network clairvoyant by installing one or more SDN-enabled switches and a specialized controller to support on-demand visibility. We analyze the benefits and costs of such clairvoyant networks and provide a basic design by integrating two existing mechanisms for updating paths through legacy switches with SDN, telekinesis and magnet MACs. Our evaluation on a lab testbed and through extensive simulations show that, even with a single SDN-enabled switch, operators can make any flow visible for monitoring within milliseconds, albeit at 38% average increase in path length. With as many as 2% strategically chosen legacy switches replaced with SDN switches, clairvoyant networks achieve on-demand flow visibility with negligible overhead.

[1]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[2]  David A. Maltz,et al.  Towards Systematic Design of Enterprise Networks , 2008, IEEE/ACM Transactions on Networking.

[3]  Minlan Yu,et al.  Software Defined Traffic Measurement with OpenSketch , 2013, NSDI.

[4]  Laurent Vanbever,et al.  Central Control Over Distributed Routing , 2015, Comput. Commun. Rev..

[5]  Ramana Rao Kompella,et al.  Not all microseconds are equal: fine-grained per-flow measurements with reference latency interpolation , 2010, SIGCOMM 2010.

[6]  S. Muthukrishnan,et al.  Heavy-Hitter Detection Entirely in the Data Plane , 2016 .

[7]  Anja Feldmann,et al.  Panopticon: Reaping the Benefits of Incremental SDN Deployment in Enterprise Networks , 2014, USENIX Annual Technical Conference.

[8]  Monia Ghobadi,et al.  OpenTM: Traffic Matrix Estimator for OpenFlow Networks , 2010, PAM.

[9]  Sujata Banerjee,et al.  DevoFlow: scaling flow management for high-performance networks , 2011, SIGCOMM 2011.

[10]  Anirudh Sivaraman,et al.  In-band Network Telemetry via Programmable Dataplanes , 2015 .

[11]  Harsha V. Madhyastha,et al.  FlowSense: Monitoring Network Utilization with Zero Measurement Cost , 2013, PAM.

[12]  Minlan Yu,et al.  Online Measurement of Large Traffic Aggregates on Commodity Switches , 2011, Hot-ICE.

[13]  George Varghese,et al.  Building a better NetFlow , 2004, SIGCOMM 2004.

[14]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[15]  George Varghese,et al.  Automatic Test Packet Generation , 2012, IEEE/ACM Transactions on Networking.

[16]  Ramesh Govindan,et al.  DREAM: dynamic resource allocation for software-defined measurement , 2015, SIGCOMM 2015.

[17]  Laurent Vanbever,et al.  Mille-Feuille: Putting ISP traffic under the scalpel , 2016, HotNets.

[18]  Balachander Krishnamurthy,et al.  Piggybacking Network Functions on SDN Reactive Routing: A Feasibility Study , 2017, SOSR.

[19]  Qiang Xu,et al.  Magneto: Unified Fine-grained Path Control in Legacy and OpenFlow Hybrid Networks , 2017, SOSR.

[20]  Scott Shenker,et al.  Ethane: taking control of the enterprise , 2007, SIGCOMM.

[21]  Hui Lu,et al.  HybNET: network manager for a hybrid network infrastructure , 2013, Middleware Industry '13.

[22]  Guofei Gu,et al.  CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?) , 2012, 2012 20th IEEE International Conference on Network Protocols (ICNP).

[23]  Mabry Tyson,et al.  FRESCO: Modular Composable Security Services for Software-Defined Networks , 2013, NDSS.