1 / 57

Shadow Configurations : A Network Management Primitive

Shadow Configurations : A Network Management Primitive. Richard Alimi, Ye Wang, and Y. Richard Yang Laboratory of Networked Systems Yale University February 16, 2009. Configuration Leads to Errors. “ 80% of IT budgets is used to maintain the status quo.”. “... human error is

avi
Download Presentation

Shadow Configurations : A Network Management Primitive

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Shadow Configurations:A Network Management Primitive Richard Alimi, Ye Wang, and Y. Richard Yang Laboratory of Networked Systems Yale University February 16, 2009

  2. Yale University Configuration Leads to Errors “80% of IT budgets isused to maintain the status quo.” “... human error is blamed for 50-80% of network outages.” Source: Juniper Networks, 2008 Source: The Yankee Group, 2004 Why is configuration hard today?

  3. Yale University Configuration Management Today Simulation & Analysis Depend onsimplified models Network structure Hardware and software Limited scalability Hard to accessreal traffic Test networks Can be prohibitively expensive Hardware Traffic iBGP SLAs Software VPNs OSPF ACLs eBGP TE Why are these not enough?

  4. Yale University Analogy with Programming Program Target System TargetNetwork Configs Programming Network Management

  5. Yale University Analogy with Databases STATE A INSERT ... UPDATE ... DELETE ... STATE B INSERT ... UPDATE ... DELETE ... STATE A ip route ... STATE B ip addr ... STATE C router bgp ... STATE D router ospf ... ? Databases Network Management

  6. Yale University Enter, Shadow Configurations Key Benefits Realistic (no model) Scalable Hardware Traffic iBGP SLAs Software VPNs OSPF ACLs eBGP TE • Key ideas • Allow additional (shadow)config on each router • In-network, interactiveshadow environment • “Shadow” term fromcomputer graphics • Access to real traffic • Transactional

  7. Yale University Roadmap Motivation and Overview System Basics and Usage System Components Design and Architecture Performance Testing Transaction Support Implementation and Evaluation

  8. Yale University What's in the shadow configuration? Routing parameters ACLs Interface parameters VPNs QoS parameters System Basics Shadow config Real config Real header marked “0” Shadow header marked “1”

  9. Yale University Example Usage Scenario:Backup Path Verification Backup Primary

  10. Yale University Example Usage Scenario:Backup Path Verification Send test packets in shadow

  11. Yale University Example Usage Scenario:Backup Path Verification Disable shadow link X X

  12. Yale University Example Usage Scenario:Backup Path Verification

  13. Yale University Example Usage Scenario:Configuration Evaluation Video Server

  14. Yale University Example Usage Scenario:Configuration Evaluation Video Server

  15. Yale University Example Usage Scenario:Configuration Evaluation Video Server Duplicate packets to shadow

  16. Yale University Roadmap Motivation and Overview System Basics and Usage System Components Design and Architecture Performance Testing Transaction Support Implementation and Evaluation

  17. Yale University Design and Architecture Management Configuration UI Control Plane OSPF BGP IS-IS Forwarding Engine FIB Interface0 Interface1 Interface2 Interface3

  18. Yale University Design and Architecture Management Configuration UI Control Plane OSPF BGP IS-IS Forwarding Engine Shadow-enabled FIB Shadow Bandwidth Control Interface0 Interface1 Interface2 Interface3

  19. Yale University Design and Architecture Management Configuration UI Control Plane Shadow Management OSPF BGP Commitment IS-IS Forwarding Engine Shadow-enabled FIB Shadow Bandwidth Control Interface0 Interface1 Interface2 Interface3

  20. Yale University Design and Architecture Management Debugging Tools Configuration UI Shadow Traffic Control FIB Analysis Control Plane Shadow Management OSPF BGP Commitment IS-IS Forwarding Engine Shadow-enabled FIB Shadow Bandwidth Control Interface0 Interface1 Interface2 Interface3

  21. Yale University Design and Architecture Management Debugging Tools Configuration UI Shadow Traffic Control FIB Analysis Control Plane Shadow Management OSPF BGP Commitment IS-IS Forwarding Engine Shadow-enabled FIB Shadow Bandwidth Control Interface0 Interface1 Interface2 Interface3

  22. Yale University Shadow Bandwidth Control Requirements Minimal impact on real traffic Accurate performance measurements of shadow configuration Supported Modes Priority Bandwidth Partitioning Packet Cancellation

  23. Yale University Observation: in many network performancetesting scenarios, Content of payload is not important Only payload size matters Idea: only need headers for shadow traffic Piggyback shadowheaders on realpackets Packet Cancellation Piggybackedshadowheader

  24. Yale University Packet Cancellation Details Output interface maintains real and shadow queues Qr and Qs

  25. Yale University Packet Cancellation Details Output interface maintains real and shadow queues Qr and Qs

  26. Yale University Packet Cancellation Details Output interface maintains real and shadow queues Qr and Qs

  27. Yale University Packet Cancellation Details Output interface maintains real and shadow queues Qr and Qs

  28. Yale University Forwarding Overhead IPLookup IPLookup Without Packet Cancellation: With Packet Cancellation: Cancellation may require routers to process more packets. Can routers support it?

  29. Yale University Routers can be designed for worst-case L : Link speed Kmin : Minimum packet size Router supports packets per second Load typically measured by link utilization αr : Utilization due to real traffic (packet sizes kr ) αs : Utilization due to shadow traffic (packet sizes ks ) We require: Forwarding Overhead Analysis

  30. Yale University Routers can be designed for worst-case L : Link speed Kmin : Minimum packet size Router supports packets per second Load typically measured by link utilization αr : Utilization due to real traffic (packet sizes kr ) αs : Utilization due to shadow traffic (packet sizes ks ) We require: Forwarding Overhead Analysis Example: With α = 70%, and 80% real traffic utilizationSupport up to 75% shadow traffic utilization

  31. Yale University Commitment Objectives Smoothly swap real and shadow across network Eliminate effects of reconvergence due to config changes Easy to swap back

  32. Yale University Commitment Objectives Smoothly swap real and shadow across network Eliminate effects of reconvergence due to config changes Easy to swap back Issue Packet marked with shadow bit 0 = Real, 1 = Shadow Shadow bit determines which FIB to use Routers swap FIBs asynchronously Inconsistent FIBs applied on the path

  33. Yale University Commitment Protocol Idea: Use tags to achieve consistency Temporary identifiers Basic algorithm has 4 phases

  34. Yale University Commitment Protocol Idea: Use tags to achieve consistency Temporary identifiers Basic algorithm has 4 phases Distribute tags for each config C-old for current real config C-new for current shadow config 0: C-old 1: C-new 0 0 0 0 1 0 1 0 0 1 1 1 0

  35. Yale University Commitment Protocol Idea: Use tags to achieve consistency Temporary identifiers Basic algorithm has 4 phases Distribute tags for each config C-old for current real config C-new for current shadow config Routers mark packets with tags Packets forwarded according to tags C-old 0 C-old C-old C-new C-old C-old C-new 0 1 0 1 C-old C-new C-old 0 1 C-new C-new C-old

  36. Yale University Commitment Protocol Idea: Use tags to achieve consistency Temporary identifiers Basic algorithm has 4 phases Distribute tags for each config C-old for current real config C-new for current shadow config Routers mark packets with tags Packets forwarded according to tags Swap configs (tags still valid) 0: C-new 1: C-old C-old 1 C-old C-old C-new C-old C-old C-new 0 1 0 1 C-old C-new C-old 0 1 C-new C-new C-old

  37. Yale University Commitment Protocol Idea: Use tags to achieve consistency Temporary identifiers Basic algorithm has 4 phases Distribute tags for each config C-old for current real config C-new for current shadow config Routers mark packets with tags Packets forwarded according to tags Swap configs (tags still valid) Remove tags from packets Resume use of shadow bit 1 0 1 0 1 0 1 0 0

  38. Yale University Commitment Protocol Idea: Use tags to achieve consistency Temporary identifiers Basic algorithm has 4 phases Distribute tags for each config C-old for current real config C-new for current shadow config Routers mark packets with tags Packets forwarded according to tags Swap configs (tags still valid) Remove tags from packets Resume use of shadow bit 1 0 1 0 1 0 1 0 0

  39. Yale University Transient States Definition: State in which some packets use C-old and others use C-new. C-old C-new C-old C-new TransientState

  40. Yale University Transient States Definition: State in which some packets use C-old and others use C-new. C-old C-new C-old C-new C-old C-new

  41. Yale University Transient States Definition: State in which some packets use C-old and others use C-new. C-old C-new C-old C-new C-new C-old Possible overutilization! Should be short-lived, even with errors

  42. Yale University Error Recovery During Swap If ACK missing from at least one router, two cases: Router completed SWAP but ACK not sent Router did not complete SWAP C-new C-old Transient State

  43. Yale University Error Recovery During Swap If ACK missing from at least one router, two cases: Router completed SWAP but ACK not sent Router did not complete SWAP Detect (b) and rollback quickly Querying router directly may be impossible C-new C-old Transient State

  44. Yale University Error Recovery During Swap If ACK missing from at least one router, two cases: Router completed SWAP but ACK not sent Router did not complete SWAP Detect (b) and rollback quickly Querying router directly may be impossible Solution: Ask neighboring routers C-new C-old Transient State If YES: Case (b): rollback other routers Otherwise, Case (a): no transient state Do you see C-old data packets?

  45. Yale University Roadmap Motivation and Overview System Basics and Usage System Components Design and Architecture Performance Testing Transaction Support Implementation and Evaluation

  46. Yale University Implementation Kernel-level (based on Linux 2.6.22.9) TCP/IP stack support FIB management Commitment hooks Packet cancellation Tools Transparent software router support (Quagga + XORP) Full commitment protocol Configuration UI (command-line based) Evaluated on Emulab (3Ghz HT CPUs)

  47. Yale University Static FIB300B pktsNo route caching • Static FIB • 300B pkts • No route caching • With FIB updates • 300B pkts @ 100Mbps • 1-100 updates/sec • No route caching

  48. Yale University Evaluation: Memory Overhead FIB storage overhead for US Tier-1 ISP

  49. Yale University Evaluation: Packet Cancellation • Accurate streaming throughput measurement • Abilene topology • Real transit traffic duplicated to shadow • Video streaming traffic in shadow

  50. Yale University Evaluation: Packet Cancellation • Limited interaction of real and shadow • Intersecting real and shadow flows • CAIDA traces • Vary flow utilizations

More Related