summary of networked systems breakoutwireless control network configuration runtime adaptation....
TRANSCRIPT
Summary of Networked Systems Summary of Networked Systems BreakoutBreakout
Boon Thau Loo University of Pennsylvania
Net orked S stems Breako tNetworked Systems Breakout
Series of 15-20 minute talks: Challenges in safe routing (Alex Gurney) Compositional network services (Pamela Zave) Synthesis in wireless control networks (George Pappas) Existing solutions as starting points (Boon Thau Loo)g g p ( )
Discussion.
O tlineOutline
Summary of yesterday’s discussionSafe RoutinggCompositional network servicesWireless control systemsySynergies and Opportunities
One concrete use case (answering the 7 One concrete use case (answering the 7 questions)
Border Gateway Protocol (BGP)Border Gateway Protocol (BGP)
BGP: single de-facto Internet routing protocol Network is partitioned into Autonomous Systems (AS) operated by
Internet Service provider (ISP)Internet Service provider (ISP) eBGP across autonomous systems (ASes) + iBGP within one AS
ASes exchange routing information using path-vector protocol ISP sets local routing policy to influence route decision ISP sets local routing policy to influence route decision
Local policy is expressed in terms of path-vector attributes
Apply import Apply exportSelect best SendReceive Apply import policies
Apply export policies
Select best route
Filter routes and tweak attributes
Based on attribute values
Filter routes and tweak attributes
Send updates
Receiveadvertisement
BGP is unsafe: route oscillation, slow convergence …
Some Hard Q estionsSome Hard Questions
Can we formalize policy intentions?
Can we tell whether a given implementation (set of configurations) matches the intent?
How can intentions (plus constraints) be used to synthesize network configurations?
F ll S f R ti (FSR) T lkitFormally Safe Routing (FSR) ToolkitHotNets’09, IEEE/ACM Transactions on Networking (ToN)
Contribution #1: Reduction of safety analysis to SMT solving Contribution #2: Provably correct distributed implementation
G ti f d l ti t ki Generation of declarative networking programs Correctness proof for the policy -> Network Datalog (NDlog) translation
Pinpoint BGP Misconfigurationsp g[SIGCOMM’11 demo, http://netdb.cis.upenn.edu/fvr/video.html]
Node 7
Node 27Node 27
Node 32
Declarative Networking Implementation
gpvRecv sig(@U,SNew,PNew) :- msg(@U,V,D,S,Path),PNew=f_concatPath(U,Path), V=f_head(Path),SNew=f_concatSig(L,S), label(@U,V,L),_f_import(L,S)=true.
gpvStore route(@U,D,S,P) :- sig(@U,S,P), D=f_last(P).
S l t l lO t(@U D f S P) t (@U D S P)gpvSelect localOpt(@U,D,a_pref<S>,P) :- route(@U,D,S,P).
gpvSend msg(@N,U,D,S,P) :- localOpt(@U,D,S,P),label(@U,N,L), f_export(L,S)=true.
Receiving routes: gpvRec computes new route signature according to P, I
Storing routes: gvpStore builds routing table and stores all candidate routes
Selecting routes: gpvSelect selects best route according to route preference <
Sending routes: gpvSend propagates routes according to export filter E
Ch t i ti f d l tiCharacteristics of a good solution
Must be obviously superior to having an assortment of Perl scripts and templates.
Expresses high level policy ideas Expresses high level policy ideas “Bogons and martians must never appear” “Stay close to a 3:2 traffic ratio on this link” “Never cause BGP convergence failure”
Must have a debugging story – not just synthesize and hopehope.
Accounts for partial information –neighbors’ configurations are probably not available.
Handles multiple protocols and multiple vendor implementations.
Wireless is transformative for e ess s a s o a e oindustrial control Paradigm shift towards multi-hop control architectures
PlantPlant Controller a tControllerPlant
Wired Control System Wireless Control System
Synthesis challenges for centralized control with multi-hop networks
Plant Controller
• Control-scheduling co-designC iti l h d li f lti l t l l– Compositional scheduling of multiple control loops
• Controller design incorporating TDMA-based properties• Network topology design based on physical plant properties• Robustness
– Robustness analysis with respect to packet loses, node failures– Robustness with respect to faulty or malicious nodes
Th Wi l C t l N t k (WCN)The Wireless Control Network (WCN)
In multi-hop control, nodes route information to controllerWCN
Plant Controller PlantController
Can we leverage computation of the network? Can we distribute the controller to nodes of the network?
C rrent ResearchCurrent Research
Monitoring Requirements
Intrusion DetectionLevel
Plant Dynamics
Plant Dynamics
Network Synthesis
NetworkTopology
Communication h d lTopology schedule
Embedding of existing controllers
OptimalControl
Proposed ResearchRobustness g
Wireless Control Network Configuration
Runtime Adaptation
PUMA: Declarative Policy-based Routing y gand Channel Selection
Wi l i t f
COMSNET’12, VLDB’12
Wireless interference: Links interfere if running on nearby channels
Ideally, all links use non-interfering channels However constraints exists: However, constraints exists:
# of channels, interfaces Primary users
Optimization under goal and constraints Constraint Optimization Optimization under goal and constraints Constraint Optimization Problem (COP)
D l ti Ch l S l tigoal minimize C in totalCost(C)var assignChannel(X,Y,C) forall link(X,Y)
Declarative Channel Selection
s1 cost(X,Y,Z,C) :- assignChannel(X,Y,C1), assignChannel(X,Z,C2), Y!=Z, C=1, |C1-C2|<F_mindiff.
s2 totalCost(COUNT<C>) :- cost(X,Y,Z,C).
c1 assignChannel(X,Y,C) -> link(X,Y), availChannel(X,C,F,St).
// primary user constraintc2 assignChannel(X Y C) -> !primaryUser(X C)c2 assignChannel(X,Y,C) -> !primaryUser(X,C).c3 assignChannel(X,Y,C) -> assignChannel(Y,X,C).c4 uniqueChannel(X,Count) -> numInterface(X,K),
Count<=K.s3 uniqueChannel(X,UNIQUE<C>) :-
assignChannel(X,Y,C).Channel selection as COP (one-hop interference model) Colog rules in PUMA
18Natural mapping: COP declarative specifications
S nergies and Opport nitiesSynergies and Opportunities Wireless control networks + declarative networking
Distributed constraint solving Probabilistic notions, exploiting performance and robustness tradeoffs High level objectives, realized in network layer functionalities.
Compositional network synthesis Mobility options as an optimization problem.y p p p Mobile control system?
Application-layer synthesis Resource management challenges at Google Resource management challenges at Google Determining number/placement of replicas, caching, number of servers
allocated, etc. to provide consistency, robustness, and fault tolerance. Initial work in declarative cloud resource orchestration (poster last night).(p g )
Software defined networking (e.g. OpenFlow).
O tlineOutline
Summary of discussionSafe RoutinggCompositional network servicesWireless control systemsy
One concrete use case (answering the 7 questions)questions)
Ro ter Config ration S nthesisRouter Configuration Synthesis
Reconcile diverse policy ideas into a coherent network-wide setup
(Q1 Programmer insights) Explore and decide on (Q1 Programmer insights) Explore and decide on tradeoffs when goals conflict
(Q2 Feedback) Use simulation or live network link to ( )gather data and demonstrate traffic-flow consequences; present examples of problematic feature interactions
(Q3 User studies) Engage expert operators in (Q3 User studies) Engage expert operators in determining language of policy needs – then ask them and novices to carry out (re-)configuration tasks
Ro ter Config ration S nthesisRouter Configuration Synthesis
(Q5 Specifications) Partial configuration data, hard constraints (e.g. protocol convergence, robustness), and optimization goalsoptimization goals
(Q6/7 Strategies and tools) Combinatorial theory, mechanized with SMT, constraint solving, etc.; single representation usable by multiple related tools
(Q4 Artifacts) Router configurations, with a deployment, reconfiguration and measurement capabilityreconfiguration and measurement capability
P d R t Sh h d T lkitProposed Route Shepherd ToolkitSIGCOMM’12 demo