[talks] Nanxi Kang will present her Pre-FPO on Monday, June 29 at 12pm in CS 401.

Mon Jun 22 09:43:02 EDT 2015

Nanxi Kang will present her Pre-FPO on Monday, June 29 at 12pm in CS 401.

The members of her committee are:  Jennifer Rexford (adviser), David Walker, Sanjay Rao (Purdue), Nick Feamster, Mike Freedman. 

Everyone is invited to attend her talk.  The the abstract follow below:

Managing large enterprise networks is challenging. Operators need diverse policies such as 
routing, access control, QoS and load balancing, for performance, security and 
reliability. The best practice to enforce these policies today is to configure rules on 
network switches individually. This forces operators to reason about many low-level 
details, all at the same time, including the choice of path, the rule-table space limits 
on each switch, and the hop-by-hop interaction of rules for forwarding, dropping, 
modifying, and monitoring packets. The rule-table space, in particular, is a scarce 
commodity on switches. While the rule-tables (e.g., TCAM) are optimized for high-speed 
arbitrary packet-header matching and widely used for ACL, QoS and forwarding, they have 
small capacities on the order of a few thousand entries. 

In this talk, we propose a series of abstractions that enable operators to specify 
high-level goals without worry about the configurations of underlying switches, and 
algorithms that realize these abstractions within the constrained rule-table 
sizes. 

We first present the "One-Big-Switch" abstraction, which virtualizes the network topology as a 
single switch and allows operators to specify network policies as if configuring a single 
switch. The rule placement algorithm is responsible for distributing the rules for this 
single switch to the underlying physical switches. With this abstraction, we also 
develop a traffic monitoring system, PacketSeer, which acts as "Wireshark" running on 
top of the "One-Big-Switch" to aid measurement and troubleshooting. 

The second abstraction is "One-Big-Server", which consists of a set of equivalent servers 
offering the same services (e.g., websites). Given the desired distribution of server 
loads, Niagara algorithms compute forwarding rules on a switch to split incoming traffic 
accurately. 

Finally, we propose "Attribute-Carrying IPs". ACIP allows operators to define policies 
for groups of hosts with the same attributes (e.g., owner role or department). Our ACIP 
allocation algorithms effectively compact these policies defined on host attributes (e.g., 
faculty or students, CS or EE) into a small number of switch rules. 

Together, these abstractions -- coupled with efficient algorithms for realizing the 
abstractions -- enables flexible enterprise network management on commodity switches. 