WORKSHOP PROGRAM ABSTRACTS

Automated and Scalable QoS Control for Network Convergence
Back to Program
Network convergence is becoming increasingly important for cost reduction and management simplification. However, this convergence requires strict performance isolation while keeping fine-grained control of each service (e.g. VoIP, video conference etc.). It is difficult to guarantee the performance requirements for various serviceswith manual configuration of the Quality-of- Service (QoS) knobs on a per-device basis as is prevalent today. We propose a network QoS control framework for converged fabrics that automatically and flexibly programs a network of devices with the necessary QoS parameters, derived from a high level set of application requirements. The controller leverages our QoS extensions of OpenFlow APIs, including per-flow rate-limiters and dynamic priority assignment. We also present some results from a testbed implementation to validate the performance of our controller.

The Case for Fine-Grained Traffic Engineering in Data Centers
Back to Program
In recent years, several techniques have been suggested for routing and traffic engineering in data centers. However, not much is known about how these techniques performrelative to each other under realistic data center traffic patterns. Our preliminary study reveals that existing techniques can only achieve 80% to 85% of the ideal solution in terms of the number of bytes delivered. We find that these techniques suffer due to their inability to utilize global knowledge of the properties of traffic flows and their inability to make coordinated decision for scheduling flows at fine time-scales. Even recent traffic engineering techniques such as COPE fail in data centers despite their proven ability to adapt to dynamic variations, because they are designed to operate at longer time scales (on the order of hours, at least). In contrast, data centers, due to the bursty nature inherent to their traffic, require adaptation at much finer times scales. To this end, we define a set of requirements that a data center-oriented traffic engineering technique must possess in order to successfully mitigate congestion. In this paper, we present the design for a strawman framework that fulfills these requirements.

HyperFlow: A Distributed Control Plane for OpenFlow
Back to Program
OpenFlow assumes a logically centralized controller, which ideally can be physically distributed. However, current deployments rely on a single controller which has major drawbacks including lack of scalability. We present HyperFlow, a distributed event-based control plane for OpenFlow. HyperFlow is logically centralized but physically distributed: it provides scalability while keeping the benefits of network control centralization. By passively synchronizing network-wide views of OpenFlow controllers, HyperFlow localizes decision making to individual controllers, thus minimizing the control plane response time to data plane requests. HyperFlow is resilient to network partitioning and component failures. It also enables interconnecting independently managed OpenFlow networks, an essential feature missing in current OpenFlow deployments. We have implemented HyperFlow as an application for NOX. Our implementation requires minimal changes to NOX, and allows reuse of existing NOX applications with minor modifications. Our preliminary evaluation shows that, assuming sufficient control bandwidth, to bound the window of inconsistency among controllers by a factor of the delay between the farthest controllers, the network changes must occur at a rate lower than 1000 events per second across the network.

The "Platform as a Service" Model for Networking
Back to Program
Decoupling infrastructure management from service management can lead to innovation, new business models, and a reduction in the complexity of running services. It is happening in the world of computing, and is poised to happen in networking. While many have considered this in the context of network virtualization, they all focus on one model—overlaying a virtual network of multiple virtual routers on top of a shared physical infrastructure, each completely isolated from the others through the use of virtualization. In this paper we argue for a different approach, where those running the service are presented with the abstraction of a single router in order to enable them to focus solely on their service rather than worrying about managing a virtual network as well. We discuss the abstraction of a single router, and the challenges of mapping the collection of abstract routers (from different parties) to the distributed and shared physical infrastructure.

vDC: Virtual Data Center Powered with AS Alliance for Enabling Cost-Effective Business Continuity and Coverage
Back to Program
In the cloud computing era, cloud providers must design data centers that satisfy the requirements such as business continuity, coverage and performance, and cost-effectiveness for offering application providers the competitive hosting services. However, it is hard for even elephant cloud providers to satisfy these requirements all together because of the cost problem. In this paper, we propose the concept of virtual data center (vDC) of multiple geographically distributed data centers over the Internet to extend the coverage of hosting services in a cost-effective manner and apply the concept of AS alliance to ensure resilient connectivity of vDC to achieve high business continuity. We also introduce the detail design of AS alliance tailored for the vDC concept and conduct a feasibility study for making vDC connectivity robust.

Europa: Efficient User Mode Packet Forwarding in Network Virtualization
Back to Program
Network virtualization provides the ability to run concurrent virtual networks over a shared substrate. However, it is challenging to design such a platform to host multiple heterogeneous and often highly customized virtual networks. Not only minimal interference among different virtual networks is desired, high-speed packet forwarding is also required. This paper presents Europa, a virtual network platform uses Efficient UseR mOde Packet forwArding, which supports high-speed and highly customizable virtual networks. Our platform adopts lightweight OS-level virtualization to slice a physical server into virtual machines. The data plane of a virtual router runs in an isolated virtual machine so as to safe for customization. We design a new user mode packet processing scheme for virtual routers hosted in Europa to achieve high speed forwarding. Experiments show that an Europa virtual router can be four times faster than conventional user mode software router.

A Preliminary Analysis of TCP Performance in an Enterprise Network
Back to Program
Although TCP behavior is one of the most studied aspects of Internet traffic, little is known about TCP performance within modern enterprise networks. In this paper we analyze aspects of TCP performance observed in packet traces taken over four months from a medium-sized enterprise. We assess the prevalence of broken TCP transactions, applications used, throughput of TCP connections, and phenomena that influence performance, such as retransmissions, out-of-order delivery, and packet corruption. While much remains to explore, this work represents a first step towards understanding TCP performance in the under-studied environment.

Extensible and Scalable Network Monitoring Using OpenSAFE
Back to Program
Administrators of today's networks are highly interested in monitoring traffic for purposes of collecting statistics, detecting intrusions, and providing forensic evidence. Unfortunately, network size and complexity can make this a daunting task. Aside from the problems in analyzing network traffic for this information—an extremely difficult task itself—a more fundamental problem exists: how to route the traffic for network analysis in a robust, high performance manner that does not impact normal network traffic. Current solutions fail to address these problems in a manner that allows high performance and easy management. In this paper, we propose OpenSAFE, a system for enabling the arbitrary direction of traffic for security monitoring applications at line rates. Additionally, we describe ALARMS, a flow specification language that greatly simplifies management of network monitoring appliances. Finally, we describe a proof-of-concept implementation that we are currently undertaking to monitor traffic across our network.

Beyond the Best: Real-Time Non-Invasive Collection of BGP Messages
Back to Program
Interdomain routing in the Internet has a large impact on network traffic and related economic issues. For this reason, BGP monitoring attracts both academic and industrial research interest. The most common solution for collecting BGP routing data is to establish BGP peerings between border routers and a route collector. The downside of this approach is that it only allows us to trace changes of routes selected as best by routers: this drawback hinders a wide range of analyses that need access to all BGP messages received by border routers. In this paper, we present an effective technique enabling fast, non-invasive and scalable collection of all BGP messages received by border routers. By selectively cloning BGP traffic and sending it to a remote monitor, we are able to collect BGP messages without establishing additional BGP peerings. Our technique does not require any new feature to be implemented by routers and we experimentally show that our approach incurs a negligible processing overhead at the border routers. Our prototype implementation is able to process and archive all BGP messages in near real-time on commodity hardware.

Experiences with Tracing Causality in Networked Services
Back to Program
Unlike device-centric monitoring, task-centric tracing enables an operator to causally trace the complete execution of a networked system across the boundaries of applications, protocols, and administrative domains. In this paper, we argue that causal, end-to-end tracing should be an integral part of network services. Moreover, it is not fundamentally difficult to achieve, given a primitive that propagates task metadata alongside logical execution and communication paths. X-Trace is a framework that relies on such propagation to provide comprehensive causal tracing. We report on our experience integrating X-Trace into several production networked services—including 802.1X authentication, Web content distribution, and DNS-based replica selection—to illustrate benefits of causal tracing, and to discuss the instrumentation of different protocols and component architectures. We highlight the challenges we encountered and techniques we developed to better integrate causal tracing into network services.

Proactive Network Management of IPTV Networks
Back to Program
Consumer communications and entertainment services, including broadcast TV and VoIP, require service providers to meet stringent availability and latency constraints. When a packet technology, such as IP, is used to transport these services, this also poses stringent packet loss requirement on the network. This aspect of IPTV, where impairments have consumer-visible impact and potential public relations consequences, creates new challenges in protocol design, as well as network management. The key to operating an effective network is to expand to a more comprehensive network management approach to be able to better anticipate and manage potential network problems. This paper describes network management techniques deployed in a production IPTV network with over 2 million customers.