Merlin: A Language for Provisioning Network Resources
Nate Foster
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
This paper presents Merlin, a new framework for managing resources in software-defined networks. With Merlin, administrators express high-level policies using programs in a declarative language. The language includes logical predicates to identify sets of packets, regular expressions to encode forwarding paths, and arithmetic formulas to specify bandwidth constraints. The Merlin compiler uses a combination of advanced techniques to translate these policies into code that can be executed on network elements including a constraint solver that allocates bandwidth using parameterizable heuristics. To facilitate dynamic adaptation, Merlin provides mechanisms for delegating control of sub-policies and for verifying that modifications made to sub-policies do not violate global constraints. Experiments demonstrate the expressiveness and scalability of Merlin on real-world topologies and applications. Overall, Merlin simplifies network administration by providing high-level abstractions for specifying network policies and scalable infrastructure for enforcing them.
Related papers
Policy Authoring for Software-Defined Networking Management
— Software-Defined Networking (SDN) permits centralizing part of the decision-logic in controller devices. Thus, controllers can have an overall view of the network, assisting network programmers to configure network-wide services. Despite this, the behavior of network devices and their configurations are often written for specific situations directly in the controller. As an alternative, techniques such as Policy-Based Network Management (PBNM) can be used by business-level operators to write Service Level Agreements (SLAs) in a user-friendly interface without the need to change the code implemented in the controllers. In this paper, we introduce a framework for Policy Authoring to (i) facilitate the specification of business-level goals and (ii) automate the translation of these goals into the configuration of system-level components in an SDN. We use information from the network infrastructure obtained through SDN features and logic reasoning for analyzing policy objectives. As a result, experiments demonstrate that the framework performs well even when increasing the number of expressions in an SLA or increasing the size of the repository.
NetEgg: A Scenario-Based Programming Toolkit for SDN Policies
IEEE/ACM Transactions on Networking, 2018
Recent emergence of software-defined networks offers an opportunity to design domain-specific programming abstractions aimed at network operators. In this paper, we propose scenario-based programming, a framework that allows network operators to program network policies by describing example behaviors in representative scenarios. Given these scenarios, our synthesis algorithm automatically infers the controller state that needs to be maintained along with the rules to process network events and update state. We have developed the NetEgg scenario-based programming tool, which can execute the generated policy implementation on top of a centralized controller, but also automatically infers flow-table rules that can be pushed to switches to improve throughput. We evaluate the performance of NetEgg based on the computational requirements of our synthesis algorithm as well as the overhead introduced by the generated policy implementation, and we study the usability of NetEgg based on a user study. Our results show that our synthesis algorithm can generate policy implementations in less than a second for all policies we studied, and the automatically generated policy implementations have performance comparable to their hand-crafted implementations. Our user study shows that the proposed scenario-based programming approach can reduce the programming time by 50% and the error rate by 32% compared with an alternative programming approach.
Authoring for Software-Defined Networking Management
2015
Software-Defined Networking (SDN) permits centralizing part of the decision-logic in controller devices. Thus, controllers can have an overall view of the network, assisting network programmers to configure network-wide services. Despite this, the behavior of network devices and their configurations are often written for specific situations directly in the controller. As an alternative, techniques such as Policy-Based Network Management (PBNM) can be used by business-level operators to write Service Level Agreements (SLAs) in a user-friendly interface without the need to change the code implemented in the controllers. In this paper, we introduce a framework for Policy Authoring to (i) facilitate the specification of businesslevel goals and (ii) automate the translation of these goals into the configuration of system-level components in an SDN. We use information from the network infrastructure obtained through SDN features and logic reasoning for analyzing policy objectives. As a re...
A Generic Framework to Support Application-Level Flow Management in Software-Defined Networks
IEEE NetSoft
Software-Defined Networking (SDN) provides a highly flexible flow management platform through a logically centralized controller that exposes network capabilities to the applications. However, most applications do not natively use SDN. An external entity is thus responsible for defining the corresponding flow management policies. Usually network operators prefer to control the flow management policies, rather than granting full control to the applications. Although IP addresses and port numbers can suffice to identify users and applications in ISP networks and determine the policies applicable to their flows, such an assumption does not hold strongly in cloud environments. IP addresses are allocated dynamically to the users, while port numbers can be freely chosen by users or cloud-based applications. These applications, like computing or storage framework, use diverse port numbers which amplifies this phenomenon. This paper introduces higher-level abstractions for defining user-and application-specific policies. These policies are then automatically mapped to OpenFlow rules by retrieving flow-based information of active users and applications in real-time. We implemented this framework and evaluated its practicality by measuring the underlying overhead.
Towards SLA Policy Refinement for QoS Management in Software-Defined Networking
2014 IEEE 28th International Conference on Advanced Information Networking and Applications, 2014
Software-defined networking (SDN) is a dynamic, adaptable, controllable and flexible network architecture. It provides an extensible platform for delivery of network services, capable of responding quickly to service requirement changes. As a result, SDN has become a suitable scenario for the application of techniques and approaches for improved infrastructure management, such as policy-based management (PBM). In PBM, using techniques such as refinement, a high-level policy -e.g., specified as a service level agreement (SLA) -can be translated into a set of corresponding low-level rules, enforceable in various elements of a system. However, when using SLAs, their translation to low-level policies, e.g., for controller configuration, is not straightforward. If this translation is not done properly, the controller may not be able to meet the implicit requirements of the SLA, failing to satisfy the goals described in the highlevel policy. This paper proposes a novel approach towards SLA policy refinement for quality of service (QoS) management (based on routing) in software-defined networking. It consists of an initial manual process performed by an administrator, followed by an automatic policy refinement process executed by an OpenFlow controller. As a result, our approach is capable of identifying the requirements and resources that need to be configured in accordance with SLA refinement, and can successfully configure and execute reactive dynamic actions for supporting dynamic infrastructure reconfiguration.
Languages for software-defined networks
IEEE Communications Magazine, 2013
Modern computer networks perform a bewildering array of tasks, from routing and traffic monitoring, to access control and server load balancing. Yet, managing these networks is unnecessarily complicated and error-prone, due to a heterogeneous mix of devices (e.g., routers, switches, firewalls, and middleboxes) with closed and proprietary configuration interfaces. Software-Defined Networks (SDN) are poised to change this by offering a clean and open interface between networking devices and the software that controls them. In particular, many commercial switches support the OpenFlow protocol, and a number of campus, data-center, and backbone networks have deployed the new technology. Yet, while SDN makes it possible to program the network, it does not make it easy. Today's OpenFlow controllers offer low-level APIs that mimic the underlying switch hardware. To reach SDN's full potential, we need to identify the right higher-level abstractions for creating (and composing) applications. In the Frenetic project, we are designing simple and intuitive abstractions for programming the three main stages of network management: (i) monitoring network traffic, (ii) specifying and composing packet-forwarding policies, and (iii) updating policies in a consistent way. Overall, these abstractions make it dramatically easier for programmers to write and reason about SDN applications.
EnforSDN: Network policies enforcement with SDN
2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), 2015
Network services, such as security, load-balancing, and monitoring, are an indisputable part of modern networking infrastructure and are traditionally realized as specialized appliances or middleboxes. Middleboxes complicate the management, the deployment, and the operations of the entire network. Moreover, they induce network performance issues and scalability limitations by requiring huge amounts of traffic to be, often sub-optimally redirected, and sometimes redundantly processed. Recent trends of server virtualization and Network Function Virtualization (NFV) exacerbate these scalability and performance issues. In this paper, we present EnforSDN-a new management approach that exploits SDN principles to decouple the policy resolution layer from the policy enforcement layer in network service appliances. Our approach improves the enforcement management, network utilization and communication latency, without compromising the policy and the functionality of the network. Using emulated SDN-based data center environment, we demonstrate higher throughput and lower latency achieved with EnforSDN, as compared to a baseline SDN network. In addition, we show that EnforSDN reduces the overall network appliances load, as well as the forwarding tables size.
PolicyCop: An Autonomic QoS Policy Enforcement Framework for Software Defined Networks.
IEEE Software Defined Networks for Future Networks and Services (IEEE SDN4FNS), 2013
"Network management is becoming increasingly challenging with the relentless growth in network size, traffic volume, and the diversity in QoS requirements. Traditionally, the concept of predefined Service Level Agreements (SLAs) has been utilized to establish QoS parameters. However, state-of-the-art technologies in this area are both proprietary and inflexible. To this end, Software Defined Networking (SDN) has the potential to make network management tasks flexible and scalable, and to provide an open platform to encourage innovation. In this paper, we present PolicyCop – an open, flexible, and vendor agnostic QoS policy management framework targeted towards OpenFlow based SDN. PolicyCop provides an interface for specifying QoS-based SLAs and enforces them using the OpenFlow API. It monitors the network and autonomically readjusts network parameters to satisfy customer SLAs. We present experimental results to demonstrate PolicyCop’s effectiveness in ensuring throughput, latency, and reliability guarantees."
OSDF: A Framework For Software Defined Network Programming
Using SDN to configure and control a multi-site network involves writing code that handles low-level details. We describe preliminary work on a framework that takes a network description and set of policies as input, and handles all the details of deriving routes and installing flow rules in switches. The paper describes key software components and reports preliminary results.
Hierarchical policies for software defined networks
Proceedings of the first workshop on Hot topics in software defined networks - HotSDN '12, 2012
Hierarchical policies are useful in many contexts in which resources are shared among multiple entities. Such policies can easily express the delegation of authority and the resolution of conflicts, which arise naturally when decision-making is decentralized. Conceptually, a hierarchical policy could be used to manage network resources, but commodity switches, which match packets using flow tables, do not realize hierarchies directly.
A High-Level Rule-based Language for Software Defined Network Programming based on OpenFlow
2017
This paper proposes XML-Defined Network policies (XDNP), a new high-level language based on XML notation, to describe network control rules in Software Defined Network environments. We rely on existing OpenFlow controllers specifically Floodlight but the novelty of this project is to separate complicated language- and framework-specific APIs from policy descriptions. This separation makes it possible to extend the current work as a northbound higher level abstraction that can support a wide range of controllers who are based on different programming languages. By this approach, we believe that network administrators can develop and deploy network control policies easier and faster.
Enhancement of Network Administration through Software Defined Networks
Now a days organizing the Network is very complex and challenging issue. To control, manage, and to provide a secure communication network, network managers must grapple with low-level vendor-specific configuration to implement complex high-level network policies .Most of the previous proposals to make networks easier to manage, many solutions to network management problems amount to stopgap solutions because of the complexity of changing the underlying infrastructure. The rigidity of the underlying infrastructure presents few considerations for innovation or improvement, since network devices have generally been closed, proprietary, and vertically integrated. A new approach in networking, software defined networking (SDN), suggests separating the data plane and the control plane, making network switches and routers in the data plane simple packet forwarding devices and leaving a logically centralized software program to manage the behavior of the entire network. SDN introduces new possibilities for network management and configuration methods. In this paper, we identify problems with the current state-of-the-art network configuration and management mechanisms and introduce mechanisms to improve various aspects of network management. We focus on three problems in network management: first one enabling frequent changes to network conditions and state, second providing support for network configuration in a highlevel language, and third providing better visibility and control over tasks for performing network analysis and troubleshooting.
Composing Software-Defined Networks
2012
Managing a network requires support for multiple concurrent tasks, from routing and traffic monitoring, to access control and server load balancing. Software-Defined Networking (SDN) allows applications to realize these tasks directly, by installing packet-processing rules on switches. However, today's SDN platforms provide limited support for creating modular applications. This paper introduces new abstractions for building applications out of multiple, independent modules that jointly manage network traffic. First, we define composition operators and a library of policies for forwarding and querying traffic. Our parallel composition operator allows multiple policies to operate on the same set of packets, while a novel sequential composition operator allows one policy to process packets after another. Second, we enable each policy to operate on an abstract topology that implicitly constrains what the module can see and do. Finally, we define a new abstract packet model that allows programmers to extend packets with virtual fields that may be used to associate packets with high-level meta-data. We realize these abstractions in Pyretic, an imperative, domain-specific language embedded in Python.
ProgLab: Programmable labels for QoS provisioning on software defined networks
Computer Communications, 2020
To ensure the quality of service of an end-to-end connection, current network solutions are mostly dependable on the differentiation between different classes of traffic. The Software-defined networking (SDN) architecture has emerged to offer network programmability, giving to network operators a programmatic control over their network. In SDN, network devices are programmed in many ways, having a standard, open, and vendoragnostic interface, e.g., OpenFlow, enabling the control plane to instruct the forwarding behavior of network devices from different vendors. In this paper, we introduce the Programmable Labels (ProgLab) approach to support traffic differentiation with QoS guarantees as a low-cost alternative built over an SDN architecture. The idea relies on the simplification of a packet-forwarding operation which relies on the remainder of a division, instead of classical table lookup method. ProgLab computes programmable label at the control plane by solving a congruence system from Residue Number System and the co-prime numbers assigned to the switches in the path of an end-to-end connection. Such label has a meaning within this network that expresses the entire route, addressing the respective traffic class at each switch's logical queue along the path. ProgLab approach has been implemented through the P4 language and evaluated through an emulation-based evaluation. The experiments demonstrated the feasibility of ProgLab and showed its ability in providing QoS differentiation on demand.
PonderFlow: A Policy Specification Language for Openflow Networks
The OpenFlow architecture is a proposal from the Clean Slate initiative to define a new Internet architecture where network devices are simple, and the control plane and management are performed on a centralized controller, called Openflow controller. Each Openflow controller provides an Application Programming Interface (API) that allows a researcher or a network administrator to define the desired treatment to each flow inside controller. However, each Openflow controller has its own standard API, requiring users to define the behavior of each flow in a programming or scripting language. It also makes difficult for the migration from one controller to another one, due to the different APIs. This paper proposes the PonderFlow, an extension of Ponder language to OpenFlow network policy specification. The PonderFlow extends the original Ponder specification language allowing to define an Openflow flow rule abstractly, independent of Openflow controller used. Some examples of OpenFlow policy will be evaluated showing its syntax and the grammar validation.
An EC-Based Formalism for Policy Refinement in Software-Defined Networking
—Software-Defined Networking (SDN) provides a sophisticated and accurate solution for managing network traffic. SDN logically centralizes, in devices called controllers, part of the decision-making logic of flow processing and packet routing. The whole network is controlled according to rules written and deployed in the controller device. However, the large amount of network devices, links, and services also gives rise to a large number of rules to be managed in the controller. Policy-Based Network Management (PBNM) can be used to manage complex network infrastructures through policies rather than specifying device-by-device configurations. Particularly, policy refinement techniques can be used to automatically translate high-level policies into a set of low-level ones. In this paper, we define a formal representation of high-level SLA policies using Event Calculus (EC) and apply logical reasoning to model both the system behavior and the policy refinement process for SDN management. We also describe the implementation of this formal model in Prolog, which enables the automatic inference of low-level policies from high-level ones, and present evaluation results.
Software-defined networking: management requirements and challenges
IEEE Communications Magazine, 2015
Development of an automatic managing system of wide-area distributed networks with defined network specification
10th International Conference on Network and Service Management (CNSM) and Workshop, 2014
Software-Defined Networking (SDN) attracts attention as a technology to control and manage IP networks, which are inherently designed to be operated autonomously and decentralized, in a centralized manner. There have been proposed some SDN protocols like OpenFlow, but they have a restriction that existing legacy network devices which do not support SDN protocols are not controllable. In this paper, we allow an administrator to manage a wide-area distributed network composed of campus networks and data-center networks in which network devices do not have SDN features, in a single unitary policy, under an assumption that the backbone network supports SDN protocols like OpenFlow. We propose a network management system which generates necessary configuration based on defined network specification and sets the configuration to devices automatically and reactively, based on our Service-Defined Networking (SvDN) concept.
Policy-based QoS Management Framework for Software-Defined Networks
2018 International Symposium on Networks, Computers and Communications (ISNCC), 2018
Full bibliographic details must be given when referring to, or quoting from full items including the author's name, the title of the work, publication details where relevant (place, publisher, date), pagination, and for theses or dissertations the awarding institution, the degree type awarded, and the date of the award.
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.