VINI:%20Virtual%20Network%20Infrastructure - PowerPoint PPT Presentation

About This Presentation

Title:

VINI:%20Virtual%20Network%20Infrastructure

Description:

User-Mode Linux: Environment. Interface network. PlanetLab limitation: ... Click UDP tunnels correspond to UML network interfaces. Filters ' ... – PowerPoint PPT presentation

Number of Views:140

Avg rating:3.0/5.0

Slides: 42

Provided by: andrew203

Learn more at: https://www.cs.princeton.edu

Category:

more less

Transcript and Presenter's Notes

Title: VINI:%20Virtual%20Network%20Infrastructure

1
VINI Virtual Network Infrastructure

Jennifer Rexford
Princeton University
http//www.cs.princeton.edu/jrex

2
The Internet A Remarkable Story

Tremendous success
From research experiment to global communications
infrastructure
The brilliance of under-specifying
Best-effort packet delivery service
Key functionality at programmable end hosts
Enabled massive growth and innovation
Ease of adding hosts and link technologies
Ease of adding services (Web, P2P, VoIP, )
But, change is easy only at the edge ?

3
Internet is Showing Signs of Age

Security
Weak notions of identity that are easy to spoof
Protocols that rely on good behavior
Mobility
Hierarchical addressing closely tied with routing
Presumption that communicating hosts are
connected
Availability
Poor visibility into underlying shared risks
Multiple interconnected protocols and systems
Network management
Many coupled, decentralized control loops

4
Variety of Architectural Solutions

Revisiting definition placement of function
Naming, addressing, and location
Routing, forwarding, and addressing
Management, control, and data planes
End hosts, routers, and operators
Designing with new constraints in mind
Selfish and adversarial participants
Mobile hosts and disconnected operation
Large number of small, low-power devices
Ease of network management

5
Hurdle 1 Deployment Dilemma

An unfortunate catch-22
Must deploy an idea to demonstrate feasibility
Cant get an undemonstrated idea deployed
A corollary the testbed dilemma
Production network real users, but cant change
Research testbed easy changes, but no users
Bad for the research community
Good ideas sit on the shelf
Promising ideas do not grow up into good ones

6
Hurdle 2 Too Many Design Goals

Many different system-engineering goals
Scalability, reliability, security, privacy,
robustness, performance guarantees,
Perhaps we cannot satisfy all of them at once
Applications have different priorities
Online banking security
Web surfing privacy, high throughput
Voice and gaming low delay and loss
Compromise solution isnt good for anyone

7
Hurdle 3 Coordination Constraint

Difficult to deploy end-to-end services
Benefits only when most networks deploy
No single network wants to deploy first
Many deployment failures
QoS, IP multicast, secure routing, IPv6,
Despite solving real, pressing problems
Increasing commoditization of ISPs

1
2
3
sender
receiver
8
Virtualization to the Rescue

Multiple customized architectures in parallel
Multiple logical routers on a single platform
Isolation of resources, like CPU and bandwidth
Programmability for customizing each slice

9
Overcoming the Hurdles

Deployment Dilemma
Run multiple experimental networks in parallel
Some are mature, offering services to users
Isolated from others that are works in progress
Too Many Design Goals
Run multiple operational networks in parallel
Customized to certain applications and users
Coordination Constraint
Run multiple end-to-end services in parallel
Over equipment owned by different parties

10
Three Projects GENI, VINI, CABO

Global Environment for Network Innovations
Large initiative for a shared experimental
facility
Jointly between NSF CISE division community
Distributed systems, wireless, optics, backbone
VIrtual Network Infrastructure
Baby step toward the design of GENI
Systems research on network virtualization
Concurrent Architectures Better than One
Clean-slate architecture based on virtualization
Economic refactoring for end-to-end services

See http//www.geni.net and http//www.vini-verita
s.net
11
VINI Offers Controlled Realism

Start with a controlled experiment
Relax constraints, study effects
Result an operational virtual network thats
Feasible
Valuable
Robust
Scalable, etc.

Real clients, servers
Synthetic or traces
Traffic
12
Fixed Infrastructure
Deployed VINI nodes in National Lambda Rail and
Abilene, and PoPs in Seattle and Virginia
13
Shared Infrastructure
Experiments given illusion of dedicated hardware
14
Flexible Topology
VINI supports arbitrary virtual topologies
15
Network Events
VINI exposes, can inject network failures
16
External Connectivity
s
Experiments can carry traffic for real end-users
17
External Routing Adjacencies
s
Experiments can participate in Internet routing
18
Virtualizing the Computer

Starting with the PlanetLab software
Simultaneous experiments in separate VMs
Each has root in its own VM, can customize
Reserve processing resources per VM

Node Mgr
Local Admin
VM1
VM2
VMn

Virtual Machine Monitor (VMM) (Linux)
PlanetLab node
19
Creating the Virtual Topology

Goal real routing protocols on virtual network
topologies
Various routing protocols (BGP, OSPF, RIP, IP
multicast)
Run unmodified routing software in a PlanetLab VM

XORP (routing protocols)
20
User-Mode Linux Environment
UML

Interface network
PlanetLab limitation
Does not virtualize the underlying network
Level of indirection
Run routing software in UML environment
Create virtual network interfaces in UML

XORP (routing protocols)
eth1
eth3
eth2
eth0
21
Click Data Plane

Interfaces ? tunnels
Click UDP tunnels correspond to UML network
interfaces
Filters
Fail a link by blocking packets at tunnel
Forwarding packets
Avoid UML overhead
Around 200 Mbps
Not good enough

UML
XORP (routing protocols)
eth1
eth3
eth2
eth0
Control
Data

Packet Forward Engine
UmlSwitch element
Tunnel table
Click
Filters
22
Operating System Extensions

Move data plane into the operating system
Higher speed, lower jitter, and better
scalability
Virtualize the network data structures
Separate forwarding table per virtual host
Virtual links inside the operating system
Terminate tunnels inside the operating system
No data copying leads to fast packet forwarding
Resource isolation
Apply traffic shaping to control resource usage

23
Three-Level Design

Virtual host, in user space
Experimenters software
Routing protocols, applications
Virtual host, in the OS
Forwarding tables
Virtual Ethernet interfaces
Shared substrate, in the OS
Tunnels between VINI nodes
Shaping to enforce rate limits

Research experiment
Forwarding table, Virtual interfaces
Traffic shaping, Tunnel interfaces
Network
24
Intra-domain Route Changes
s
2095
856
700
260
233
1295
c
639
548
366
846
587
902
1893
1176
Watch OSPF route convergence on Abilene
25
Ping During Link Failure
26
TCP Throughput
27
Arriving TCP Packets
VINI enables a virtual network to behave like a
real network
28
Other Example VINI Experiments

Scaling Ethernet to a large enterprise
Routing-protocol support for mobile hosts
Network-layer support for overlay services
Piggybacking diagnostic data on packets
ltInsert your prototype system heregt
Multiple solutions to multiple problems

29
Theoretical Challenges

In collaboration with Mung Chiang

30
1. VINI Management Framework

Managing individual nodes
Instantiates virtual nodes and virtual links
Configures the CPU and link schedulers
Monitors the behavior of the virtual nodes
Instantiating virtual networks
Admission control
Book-keeping of node and link resources
Topology embedding
Finding available node and link resources

31
Theory Angle Network Embedding

Virtual network embedding problem
Given a set of virtual network topologies
With node and link constraints
Assign physical nodes and paths

Virtual network
VINI substrate
32
Theory Angle Network Embedding

Computationally intractable problem
Online problem, with node and link constraints
Two possible approaches
Could work on effective heuristics
Or, change the problem to make it easier!
Modifying the substrate to simply embedding
Splitting virtual link over multiple substrate
paths
Migration of virtual links and virtual nodes
With Mung Chiang, Yung Yi, and Minlan Yu

33
2. Virtualization as a Deployment Platform

Moving beyond experimental facilities
Helping providers run their networks better
Customized virtual networks
Security for online banking
Fast-convergence for VoIP and gaming
Anonymity and throughput for Web traffic
Testing and deploying new protocols
Evaluate on a separate virtual network
Rather than in a dedicated test lab
Large scale and early-adopter traffic

34
Theory Angle Virtualization

Theoretical foundation for virtualization
Does running customized protocols in parallel
make sense?
Or, does it waste resources, or add complexity?
Example supporting two classes of traffic
Two applications with different utility functions
E.g., delay-sensitive vs. throughput-sensitive
Where should the traffic go (routing)?
What source rates to use (congestion control)?
One architecture or two?

35
Theory Angles Virtualization

Layering as optimization decomposition
Formulate the joint optimization problem
Primal decomposition to generate the protocols

Master problem
36
Theory Angles Virtualization

Primal decomposition Virtualization
Separable objectives for the two classes
Solve each subproblem independently
Dynamically adapt the share of resources
Virtualization may indeed make sense
Design and run each protocol independently on its
own virtual network
With cooperation between virtual networks to
adapt the resource shares
Ongoing work with Mung Chiang, Jiayue He, and Rui
Zhang-Shen

37
2. Virtualization for Economic Refactoring
Infrastructure Providers
Service Providers

Infrastructure providers Maintain routers,
links, data centers, and other physical
infrastructure
Service providers Offer end-to-end services
(e.g., layer 3 VPNs, SLAs, etc.) to users

Today ISPs try to play both roles, and cannot
offer end-to-end services
38
Similar Trends in Other Industries