Two challenges of software networking : name-based forwarding and table verification Leonardo Linguaglossa To cite this version: Leonardo Linguaglossa. Two challenges of software networking : name-based forwarding and table verification. Networking and Internet Architecture [cs.NI]. Université Sorbonne Paris Cité, 2016. English. NNT : 2016USPCC306. tel-02053721 HAL Id: tel-02053721 https://tel.archives-ouvertes.fr/tel-02053721 Submitted on 1 Mar 2019 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Acknowledgements I would like to express to: everyone: many thanks. • i Contents Acknowledgements i Introduction 1 1 Background 5 1.1 Telecommunication Networks . 5 1.1.1 Circuit switching and packet switching . 6 1.1.2 Computer Networks . 8 1.2 The Internet . 8 1.2.1 The TCP/IP Protocol Stack . 9 1.2.2 Data Plane and Control Plane . 11 1.3 The evolution of the Internet . 12 1.3.1 The behavioral issue . 12 1.3.2 The architectural issue . 13 1.4 Enhancing the Data Plane with ICN . 15 1.4.1 Architecture of NDN . 15 1.4.2 Features of ICN and NDN . 20 1.4.3 Implementation of ICN . 22 1.4.4 Challenges . 23 1.5 The SDN approach for an evolvable Network . 25 1.5.1 Architecture . 26 1.5.2 Implementation of SDN . 28 1.5.3 Features of SDN . 30 1.5.4 Challenges . 32 I Data Plane Enhancement 34 2 Introduction to the First Part 35 2.1 Design principles . 38 2.2 Design space . 39 2.3 Architecture . 40 2.4 Methodology and testbed . 41 ii 2.4.1 Methodology . 41 2.4.2 Test equipment . 42 2.4.3 Workload . 44 2.5 Contributions . 45 3 Forwarding module 46 3.1 Description . 47 3.2 Design space . 48 3.2.1 Related work . 48 3.2.2 Algorithm . 50 3.2.3 Data structure . 51 3.3 Forwarding module: design and implementation . 52 3.3.1 Prefix Bloom Filter . 52 3.3.2 Block Expansion . 55 3.3.3 Reducing the number of hashing operations . 56 3.3.4 Hash table design . 57 3.3.5 Caesar extensions . 58 3.3.6 Implementation . 59 3.4 Evaluation . 64 3.4.1 Experimental setting . 64 3.4.2 Performance evaluation . 69 3.4.3 Distributed Processing . 72 3.4.4 GPU Off-load . 73 3.5 Conclusion . 75 4 PIT module 76 4.1 Description . 77 4.2 Design space . 78 4.2.1 Related work . 78 4.2.2 Placement . 80 4.2.3 Data structure . 82 4.2.4 Timer support . 84 4.2.5 Loop detection . 85 4.2.6 Parallel access . 86 4.3 PIT: design and implementation . 87 4.3.1 PIT placement and packet walktrough . 87 4.3.2 Data structure . 88 4.3.3 PIT operations . 89 4.3.4 Timer support . 91 4.3.5 Loop detection with Bloom filter . 91 4.4 Evaluation . 93 4.4.1 Experimental setting . 93 4.4.2 Memory footprint . 95 4.4.3 Throughput without timer . 97 4.4.4 Throughput with timer . 98 4.5 Conclusion . 99 iii Table of symbols 101 II Network Verification 102 5 Introduction to the Second Part 103 5.1 Network Verification . 104 5.2 State of the art . 107 5.3 Contributions . 110 6 Forwarding rule verification through atom computation 112 6.1 Model . 113 6.1.1 Definitions . 114 6.1.2 Header Classes . 115 6.1.3 Set representation . 115 6.1.4 Representation of a collection of sets . 116 6.2 Atoms generated by a collection of sets . 117 6.2.1 Representing atoms by uncovered combinations . 117 6.2.2 Overlapping degree of a collection . 119 6.3 Incremental computation of atoms . 120 6.3.1 Computation of atoms generated by a collection of sets . 120 6.3.2 Application to forwarding loop detection . 127 6.4 Theoretical comparison with related work . 128 6.4.1 Related notion of weak completeness . 130 6.4.2 Lower bound for HSA / NetPlumber . 130 6.4.3 Lower bound for VeriFlow . 131 6.4.4 Linear fragmentation versus overlapping degree . 132 6.5 Conclusion . 133 Table of symbols 135 Conclusion 137 Glossary 142 Bibliography 143 iv Introduction Since the beginning, the Internet changed the lives of network users similarly to what the tele- phone invention did at the beginning of the 20th century. While Internet is affecting users’ habits, it is also increasingly being shaped by network users’ behavior (cf. Background Sec- tion 1.3, page 12). Several new services have been introduced during the past decades (i.e. file sharing, video streaming, cloud computing) to meet users’ expectation. The Internet is not any- more a simple network meant to connect nodes providing few websites access: this influences the network traffic pattern and the users’ network usage. As a consequence, although the Internet infrastructure provides a good best-effort service to exchange information in a point-to-point fashion, this is not the principal need that todays users requests. Current networks necessitate some major architectural changes in order to follow the upcoming requirements, but the expe- rience of the past decades shows that bringing new features to the existing infrastructure may be slow (a well known example is the IPv6 protocol, defined in the late Nineties and slowly spreading only in the last few years). In the current thesis work, we identify two main aspects of the Internet evolution: a “behavioral” aspect, which refers to a change occurred in the way users interact with the network, and a “structural” aspect, related to the evolution problem from an architectural point of view. The behavioral perspective states that there is a mis-match between the usage of the network and the actual functions it provides. While network devices implements the simple primitives of sending and receiving generic packets, users are really interested in different primitives, such as retrieving or consuming content. The structural perspective suggests that the problem of the slow evolution of the Internet infrastructure lies in its architectural design, that has been shown to be hardly upgradeable. On the one hand, to encounter the new network usage, the research community proposed the Named-data networking paradigm (NDN), which brings the content-based functionalities to network devices. On the other hand Software-defined networking (SDN) can be adopted to simplify the architectural evolution and shorten the upgrade-time thanks to its centralized software control plane, at the cost of a higher network complexity that can easily introduce some 1 Introduction 2 bugs. Both NDN and SDN are two novel paradigms which aim to innovate current network’s infrastructure, but despite sharing similar goals, they act at different levels. The rationale behind NDN comes from the observation of current Internet usage. Nowadays, users send emails, use chats and surf the Web no more than sharing multimedia files or watching YouTube videos. Modern Internet is in fact a content network, where users are interested in retrieving and consuming some.