Last week we organised the 7th SDN workshop with our collaborators and co-organisers SWITCH at their own premises in Zurich. The bi-annual workshop was the 2nd in the series of this year’s workshop. Wondering why the 7th SDN workshop took place for only half a day? So did we with our co-organiser SWITCH, before we got to know it was a public holiday in many Swiss cantons 🙂
Nonetheless and as usual, it brought high quality speakers and talks in a relaxed atmosphere of discussions and debates. What follows is a short recap of the presentations, as usual for those who missed the event.
Tu Dang, a PhD candidate from the Università della Svizzera Italiana, presented a tool for synthetic benchmarking of the P4 language. After brief P4 intro, a point was made that due to the increasing number of P4 compilers coming from both, open source (BMV2, PISCES, P4FPGA, P4@ELTE) and proprietary solutions (Xilinx SDNet, Netronome NFP, Barefoot Tofino), it is a best moment to turn the focus on targeted comparison and common evaluation of the already existing platforms. The idea of Whippersnapper is to assess different compilers and switch implementations under common set of key features. For example, the Processing feature benchmarks platform-independent features such as the following ones related to Match-Tables: Number of tables, Depth of pipeline (Tables having dependencies), and Checksum computation. Features of CPU, NPU, FPGAs and ASICs, are offered as a platform-specific benchmarking. We leave you the slides to check out the evaluation results for different set of switches. Novel solutions are well establishing the growth of the P4 era, therefore the described tool looks like a good candidate for aiding design optimization and convergence among the existing P4 compilers.
This talk has definitely left a place for curiosity and questions. Just when we wondered what the P4 implementation use-cases focus on, Theodore Jepsen, PhD candidate from the same university presented Gotthard – a P4 based approach for transaction processing on a data plane level. The system name identifies itself with the famous Gotthard tunnel in Switzerland to stress the advantages these two solutions have in common: reduced latency and increased throughput. Theodore explained the logic behind Gotthard’s approach on optimistic Write Cache and how it helps to keep the state in the switch for cache Update and Abort values. The early detection and decision for aborting invalid transactions before they reach the backend store, is dealt by the switch via packet header re-writing. This saves RTT and contributes to consistency. The slides from the presented system summarize the evaluation results that state: higher achievement when switch is closer to client, benefits with high locality, and low overhead in read-heavy transactions.
The next presenter, Akos Mate from IBM Research Lab Zurich, brought forward the advancements in the Endeavour project by presenting zMon. Initially the most prominent solutions were revised for monitoring data and control plane, followed by presenting the v2.0 of the IBM Planck tool, i.e. zMon, which also embraces the Intel* Red Rock Canyon (RRC) and AITIA C-GEP. With other words – a mirror-based online IDS/IPS SDN system on a Tbps-class SDN switch, packed in a real-time monitoring system with a single-chip design. A PoC demo was shown of a real life DDoS attack traces (UDP traffic), mitigating the same in 400us reaction time.
Our final speaker, Thomas Graf from Cisco Switzerland, spoke about a new open source project, Cilium aimed to rely on eBPF & XDP in providing networking for Linux Containers. With this, he transferred his vision of the real SDN advantages, which is the ability to pursue a direct network control from application point of view. In Cilium, this is achieved by first defining network and security policies (based on container labels) at a userspace, then injecting the byte code in the kernel. The benefits are: configuration optimization, smaller attack surface, networking code rendered on container startup, or re-rendered at a runtime. It is currently bound to the Cilium Daemon Agent for generating and compiling eBPF programs and it integrates with CNI (Kubernetes/Mesos) and libnetwork (Docker). All in all, very interesting project from the area of dataplane networking, embracing variety of use cases.
Open doubts and useful discussions followed during and in between each talk. A bit of philosophical question was triggered by Kurt from SWITCH to reflect on the academy/industry opinion on the SDN status, “do-ability” and shape up the topics for the upcoming SDN workshops.
Finally we acknowledge that OpenFlow is the biggest catalyst for many SDN solutions and those have consequently led to novel concepts and wider scope of control/data- plane network programmability. To sum up: P4 language lets you create protocol-independent packet processors but let’s focus on the use-cases and benchmarking before drowning into tools and libraries; security matters and SDN monitoring brings a big benefit on how to achieve it in modern DCs; achieving application-defined network policy enforcing, regardless of the virtual infrastructure and the network fabrics is well worth the efforts.
We look forward to the 8th SDN workshop in 2017 when we bring to you another set of talks on interesting and cutting-edge SDN technology in Switzerland and around the world, so stay tuned for more information through our official meetup page SDN-Switzerland.
See you next time!