1 / 28

Policy-Compliant Path Diversity and Bisection Bandwidth

Explore how policy-compliant min-cuts impact path diversity in network graphs, leveraging regular expressions in graph transformation algorithms for accurate calculations. Discover implications for AS-level connectivity and multipath routing applications.

francesj
Download Presentation

Policy-Compliant Path Diversity and Bisection Bandwidth

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Policy-Compliant Path Diversity andBisection Bandwidth Rowan Klöti1, Vasileios Kotronis1, Bernhard Ager1, Xenofontas Dimitropoulos2,1 1ETH Zurich, Switzerland • 2University of Crete / FORTH, Greece IEEE INFOCOM, April 2015, Hong Kong

  2. Assume that you are a network domain admin The other guy Me *Picture from: http://www.caida.org/research/topology/as_core_network/historical.xml / How resilient is my AS-level connection to a remote AS? What limits the path diversity between me and the remote AS? • My multi-homing degree? • The Internet topology at large? • Poor connectivity on the local/remote upstream ISPs’ side? IEEE INFOCOM, April 2015, Hong Kong

  3. Consider an example network topology IEEE INFOCOM, April 2015, Hong Kong

  4. We can perform a min-cut between S and D IEEE INFOCOM, April 2015, Hong Kong

  5. We can calculate the maximum S-D flow IEEE INFOCOM, April 2015, Hong Kong

  6. We can calculate the edge-disjoint S-D paths IEEE INFOCOM, April 2015, Hong Kong

  7. Basic mechanism: min-cuts Generalized problem: max-flow / min-cut • Basic theorem was proven back in 1956  • Menger’s theorem  path diversity = min-cut, for unitary edge capacities Well-known algorithms available  Well, then everything is already solved, right? IEEE INFOCOM, April 2015, Hong Kong

  8. Networks are governed by policies p2p p2c c2p Peak p2c c2p Motivation • Security considerations • Routing optimization techniques • Financial agreements, SLAs, … Example 1: the “valley-free” AS-level Internet • Peers, providers, customers: p2p, p2c, c2p links Example 2: (negative) waypoint routing • Force traffic into waypoints • Avoid certain nodes/links along the way IEEE INFOCOM, April 2015, Hong Kong

  9. Challenge: policies restrict path selection  Assume trivial regex policy: ( )* ( )+ ( )* IEEE INFOCOM, April 2015, Hong Kong

  10. Challenge: policies restrict path selection  Only two edge-disjoint paths are now valid (min-cut=2) IEEE INFOCOM, April 2015, Hong Kong

  11. Our contribution: estimating policy-compliant min-cuts General methodology • Assumption: network policies as regular expressions Graph transformation algorithm • Transformed graph contains only policy-compliant paths • Min-cut values should not be distorted by the transform Min-cut calculations • Complex on original graph (no straightforward method) • Simple on transformed graph • No modification required on classic graph algorithms IEEE INFOCOM, April 2015, Hong Kong

  12. How we represent graphs and policies Network graph: Network policy: Valley-free example:  Graph = AS-level Internet  Policy = c2p*p2p?p2c* IEEE INFOCOM, April 2015, Hong Kong

  13. Core of transformation: tensor product Intuition: move between G nodes and NFA states concurrently Should yield valid, policy-compliant paths IEEE INFOCOM, April 2015, Hong Kong

  14. Does this process preserve the min-cut?  Intuition: the min-cut paths between any 2 node sets in G’ should traverse at most the same number of || edges as in G IEEE INFOCOM, April 2015, Hong Kong

  15. Idea: properly add aggregation states IEEE INFOCOM, April 2015, Hong Kong

  16. Are all cases fully aggregatable? Aggregatable NFA cases • One-to-One • One-to-Many • Many-to-One • Many-to-Many Non-aggregatable NFA cases Not a complete bipartite graph! •  Min-cut is inflated by a factor of 2 •  “Maximal biclique finding” problem IEEE INFOCOM, April 2015, Hong Kong

  17. Remember our initial motivation The other guy + POLICIES! Me *Picture from: http://www.caida.org/research/topology/as_core_network/historical.xml / How resilient is my AS-level connection to a remote AS? What limits the path diversity between me and the remote AS? • My multi-homing degree? • The Internet topology at large? • Poor connectivity on the local/remote upstream ISPs’ side? IEEE INFOCOM, April 2015, Hong Kong

  18. Example I: Policies and AS-level path diversity p2p p2c c2p Peak p2c c2p p2p p2p c2p p2c Plateau c2p p2c Classic Valley-Free (VF) vs Multi-Peering Links (MPL) Graph based on CAIDA’s AS relationship dataset (+/- open p2p links from PeeringDB) IEEE INFOCOM, April 2015, Hong Kong

  19. Example II: Effect of depeering events Simulated depeering between two tier-ones Examined the effect on their exclusive customer cones Valley-free  significant loss of path diversity Multi-p2p links  negligible loss Policy relaxation seems to be beneficial IEEE INFOCOM, April 2015, Hong Kong

  20. Summary and Contributions Estimating policy-compliant min-cuts on network graphs • Network policies as regular expressions • Graph transformation algorithm • Exact values or approximations depending on NFA form Min-cut calculations • Complex on original graph • Simple on transformed graph • No modification required on classic graph algorithms Large variety of use cases out there • AS-level path diversity under diverse policy models • MPTCP, multipath routing, flow routing applications IEEE INFOCOM, April 2015, Hong Kong

  21. Questions? POLICY- COMPLIANT MIN-CUTS AS-level Internet IEEE INFOCOM, April 2015, Hong Kong

  22. BACKUP IEEE INFOCOM, April 2015, Hong Kong

  23. Assume that you are a datacenter operator Picture from: http://www.slashgear.com/google-data-center-hd-photos-hit-where-the-internet-lives-gallery-17252451/ How resilient is my switched topology to link failures? What is the bisection bandwidth of my datacenter? IEEE INFOCOM, April 2015, Hong Kong

  24. Min-cuts are the answer to many more questions What is the max feasible bandwidth for a MPTCP transfer between two of my server clusters? What is the bisection bandwidth of my datacenter? How resilient is my switched topology to link failures? How much edge capacity should be depleted for a successful DDoS link-flooding attack against my network? What limits the AS-level path diversity between my domain and another remote domain? • My multi-homing degree? • The Internet topology at large? • Poor connectivity on the local/remote upstream providers’ side? IEEE INFOCOM, April 2015, Hong Kong

  25. Complexity of the graph transform process In space:  |V’| = O (|V|(|Q| + |Δ|)  |E’| = O (|Δ|(|V| + |E|) In time:  t = O (|V||Q| + |Δ|(|V| + |E| + |Q|)) + tdec In practice, the total running time is dominated by the min-cut calculation on the transformed graph IEEE INFOCOM, April 2015, Hong Kong

  26. Related Work Tensor products  Soule et al. use tensor products in a different context (bandwidth allocation policies) Network resilience  Research on resilient networks • Network are not simply geographical maps • Policy-compliance framework is very important Min-cuts with policies  Connectivity discovered by RV protocols by Sobrinho et al., valley-free s-t paths/cuts  Our main contribution: graph transformation without changing classic algorithms (can also be extended for finding the shortest valid paths), generic method IEEE INFOCOM, April 2015, Hong Kong

  27. Inter-domain Routing Policy NFAs IEEE INFOCOM, April 2015, Hong Kong

  28. NFA vs DFA (With Steps MPL scenario) IEEE INFOCOM, April 2015, Hong Kong

More Related