-
Flow Optimization at Inter-Datacenter Networks for Application Run-time Acceleration
Authors:
Berta Serracanta,
Alberto Rodriguez-Natal,
Fabio Maino,
Albert Cabellos
Abstract:
In the present-day, distributed applications are commonly spread across multiple datacenters, reaching out to edge and fog computing locations. The transition away from single datacenter hosting is driven by capacity constraints in datacenters and the adoption of hybrid deployment strategies, combining on-premise and public cloud facilities. However, the performance of such applications is often l…
▽ More
In the present-day, distributed applications are commonly spread across multiple datacenters, reaching out to edge and fog computing locations. The transition away from single datacenter hosting is driven by capacity constraints in datacenters and the adoption of hybrid deployment strategies, combining on-premise and public cloud facilities. However, the performance of such applications is often limited by extended Flow Completion Times (FCT) for short flows due to queuing behind bursts of packets from concurrent long flows. To address this challenge, we propose a solution to prioritize short flows over long flows in the Software-Defined Wide-Area Network (SD-WAN) interconnecting the distributed computing platforms. Our solution utilizes eBPF to segregate short and long flows, transmitting them over separate tunnels with the same properties. By effectively mitigating queuing delays, we consistently achieve a 1.5 times reduction in FCT for short flows, resulting in improved application response times. The proposed solution works with encrypted traffic and is application-agnostic, making it deployable in diverse distributed environments without modifying the applications themselves. Our testbed evaluation demonstrates the effectiveness of our approach in accelerating the run-time of distributed applications, providing valuable insights for optimizing multi-datacenter and edge deployments.
△ Less
Submitted 18 June, 2024;
originally announced June 2024.
-
Towards Deep Application-Network Integration: Architectures, Progress and Opportunities
Authors:
Berta Serracanta,
Kai Gao,
Jordi Ros-Giralt,
Alberto Rodriguez-Natal,
Luis M. Contreras,
Richard Yang,
Albert Cabellos
Abstract:
With the rise of a new generation of applications (e.g., virtual and augmented reality, artificial intelligence, etc) demanding stringent performance requirements, the need for networking solutions and architectures that can enable a higher Quality of Experience (QoE) is becoming increasingly important.
While jointly optimizing application and network may increase the applications' QoE and simul…
▽ More
With the rise of a new generation of applications (e.g., virtual and augmented reality, artificial intelligence, etc) demanding stringent performance requirements, the need for networking solutions and architectures that can enable a higher Quality of Experience (QoE) is becoming increasingly important.
While jointly optimizing application and network may increase the applications' QoE and simultaneously improve the utilization of network resources, such a paradigm has had limited success in real production networks. However, with the combination of revolutionary trends in (1) compute processing demands, (2) networking capabilities, and (3) sustainable business models, it is high time the community explores the full potential of deeper integration between application and network.
In this paper, recent trends observed over the past few years are systematically reviewed. These include the paradigm shift in modern communication services towards computing-driven applications, such as on-site AI training, advances in programmable network technologies like Software Defined Networking (SDN), and new business models incentivizing collaboration and cooperation between parties. Following this, successful scenarios that benefit from various forms of deeper network-application integration are reported, highlighting their considerable potential. A unified framework is then introduced, providing an overview of possible architecture paradigms for network-application integration and bringing awareness to existing abstractions, mechanisms, tools, and their potential combinations. The paper concludes with a discussion of several remaining challenges in building practical network-application integrated systems.
△ Less
Submitted 18 June, 2024;
originally announced June 2024.
-
A Reflection on the Organic Growth of the Internet Protocol Stack
Authors:
Jordi Paillisse,
Alberto Rodriguez-Natal,
Fabio Maino,
Albert Cabellos
Abstract:
In the last 15 years, the Internet architecture has continued evolving organically, introducing new headers and protocols to the classic TCP/IP stack. More specifically, we have identified two major trends. First, it is common that most communications are encrypted, either at L3 or L4. And second, due to protocol ossification, developers have resorted to upper layers to introduce new functionaliti…
▽ More
In the last 15 years, the Internet architecture has continued evolving organically, introducing new headers and protocols to the classic TCP/IP stack. More specifically, we have identified two major trends. First, it is common that most communications are encrypted, either at L3 or L4. And second, due to protocol ossification, developers have resorted to upper layers to introduce new functionalities (L4 and above). For example, QUIC's connection migration feature provides mobility at L4.
In this paper we present a reflection around these changes, and attempt to formalize them by adding two additional protocol headers to the TCP/IP stack: one for security, and another for new functionalities. We must note that we are not presenting a new architecture, but trying to draw up what it's already out there. In addition, we elaborate on the forces that have brought us here, and we enumerate current proposals that are sha** these new headers. We also analyze in detail three examples of such trends: the Zero Trust Networking paradigm, the QUIC transport protocol, and modern SD-WAN systems. Finally, we present a formalization of this architecture by adding these two additional layers to the TCP/IP protocol stack. Our goal is triggering a discussion on the changes of the current Internet architecture.
△ Less
Submitted 10 August, 2022;
originally announced August 2022.
-
RiskNet: Neural Risk Assessment in Networks of Unreliable Resources
Authors:
Krzysztof Rusek,
Piotr Boryło,
Piotr Jaglarz,
Fabien Geyer,
Albert Cabellos,
Piotr Chołda
Abstract:
We propose a graph neural network (GNN)-based method to predict the distribution of penalties induced by outages in communication networks, where connections are protected by resources shared between working and backup paths. The GNN-based algorithm is trained only with random graphs generated with the Barabási-Albert model. Even though, the obtained test results show that we can precisely model t…
▽ More
We propose a graph neural network (GNN)-based method to predict the distribution of penalties induced by outages in communication networks, where connections are protected by resources shared between working and backup paths. The GNN-based algorithm is trained only with random graphs generated with the Barabási-Albert model. Even though, the obtained test results show that we can precisely model the penalties in a wide range of various existing topologies. GNNs eliminate the need to simulate complex outage scenarios for the network topologies under study. In practice, the whole design operation is limited by 4ms on modern hardware. This way, we can gain as much as over 12,000 times in the speed improvement.
△ Less
Submitted 21 June, 2023; v1 submitted 28 January, 2022;
originally announced January 2022.
-
Wide Area Network Autoscaling for Cloud Applications
Authors:
Berta Serracanta,
Jordi Paillisse,
Albert Cabellos,
Anna Claiborne,
Alberto Rodriguez-Natal,
Dave Ward,
Fabio Maino
Abstract:
Modern cloud orchestrators like Kubernetes provide a versatile and robust way to host applications at scale. One of their key features is autoscaling, which automatically adjusts cloud resources (compute, memory, storage) in order to adapt to the demands of applications. However, the scope of cloud autoscaling is limited to the datacenter hosting the cloud and it doesn't apply uniformly to the all…
▽ More
Modern cloud orchestrators like Kubernetes provide a versatile and robust way to host applications at scale. One of their key features is autoscaling, which automatically adjusts cloud resources (compute, memory, storage) in order to adapt to the demands of applications. However, the scope of cloud autoscaling is limited to the datacenter hosting the cloud and it doesn't apply uniformly to the allocation of network resources. In I/O-constrained or data-in-motion use cases this can lead to severe performance degradation for the application. For example, when the load on a cloud service increases and the Wide Area Network (WAN) connecting the datacenter to the Internet becomes saturated, the application flows experience an increase in delay and loss. In many cases this is dealt with overprovisioning network capacity, which introduces additional costs and inefficiencies.
On the other hand, thanks to the concept of "Network as Code", the WAN exposes a set of APIs that can be used to dynamically allocate and de-allocate capacity on-demand. In this paper we propose extending the concept of cloud autoscaling into the network to address this limitation. This way, applications running in the cloud can communicate their networking requirements, like bandwidth or traffic profile, to a Software-Defined Networking (SDN) controller or Network as a Service (NaaS) platform. Moreover, we aim to define the concepts of vertical and horizontal autoscaling applied to networking. We present a prototype that automatically allocates bandwidth to the underlay network, according to the requirements of the applications hosted in Kubernetes. Finally, we discuss open research challenges.
△ Less
Submitted 7 September, 2021;
originally announced September 2021.
-
SD-Access: Practical Experiences in Designing and Deploying Software Defined Enterprise Networks
Authors:
Jordi Paillisse,
Marc Portoles,
Albert Lopez,
Alberto Rodriguez-Natal,
David Iacobacci,
Johnson Leong,
Victor Moreno,
Albert Cabellos,
Fabio Maino,
Sanjay Hooda
Abstract:
Enterprise Networks, over the years, have become more and more complex trying to keep up with new requirements that challenge traditional solutions. Just to mention one out of many possible examples, technologies such as Virtual LANs (VLANs) struggle to address the scalability and operational requirements introduced by Internet of Things (IoT) use cases. To keep up with these challenges we have id…
▽ More
Enterprise Networks, over the years, have become more and more complex trying to keep up with new requirements that challenge traditional solutions. Just to mention one out of many possible examples, technologies such as Virtual LANs (VLANs) struggle to address the scalability and operational requirements introduced by Internet of Things (IoT) use cases. To keep up with these challenges we have identified four main requirements that are common across modern enterprise networks: (i) scalable mobility, (ii) endpoint segmentation, (iii) simplified administration, and (iv) resource optimization. To address these challenges we designed SDA (Software Defined Access), a solution for modern enterprise networks that leverages Software-Defined Networking (SDN) and other state of the art techniques. In this paper we present the design, implementation and evaluation of SDA. Specifically, SDA: (i) leverages a combination of an overlay approach with an event-driven protocol (LISP) to dynamically adapt to traffic and mobility patterns while preserving resources, and (ii) enforces dynamic endpoint groups for scalable segmentation with low operational burden. We present our experience with deploying SDA in two real-life scenarios: an enterprise campus, and a large warehouse with mobile robots. Our evaluation shows that SDA, when compared with traditional enterprise networks, can (i) reduce overall data plane forwarding state up to 70% thanks to a reactive protocol using a centralized routing server, and (ii) reduce by an order of magnitude the handover delays in scenarios of massive mobility with respect to other approaches. Finally, we discuss lessons learned while deploying and operating SDA, and possible optimizations regarding the use of an event-driven protocol and group-based segmentation.
△ Less
Submitted 19 February, 2021; v1 submitted 28 October, 2020;
originally announced October 2020.
-
Distributed Access Control with Blockchain
Authors:
Jordi Paillisse,
Jordi Subira,
Albert Lopez,
Alberto Rodriguez-Natal,
Vina Ermagan,
Fabio Maino,
Albert Cabellos
Abstract:
The specification and enforcement of network-wide policies in a single administrative domain is common in today's networks and considered as already resolved. However, this is not the case for multi-administrative domains, e.g. among different enterprises. In such situation, new problems arise that challenge classical solutions such as PKIs, which suffer from scalability and granularity concerns.…
▽ More
The specification and enforcement of network-wide policies in a single administrative domain is common in today's networks and considered as already resolved. However, this is not the case for multi-administrative domains, e.g. among different enterprises. In such situation, new problems arise that challenge classical solutions such as PKIs, which suffer from scalability and granularity concerns. In this paper, we present an extension to Group-Based Policy -- a widely used network policy language -- for the aforementioned scenario. To do so, we take advantage of a permissioned blockchain implementation (Hyperledger Fabric) to distribute access control policies in a secure and auditable manner, preserving at the same time the independence of each organization. Network administrators specify polices that are rendered into blockchain transactions. A LISP control plane (RFC 6830) allows routers performing the access control to query the blockchain for authorizations. We have implemented an end-to-end experimental prototype and evaluated it in terms of scalability and network latency.
△ Less
Submitted 11 January, 2019;
originally announced January 2019.
-
IPchain: Securing IP Prefix Allocation and Delegation with Blockchain
Authors:
Jordi Paillisse,
Miquel Ferriol,
Eric Garcia,
Hamid Latif,
Carlos Piris,
Albert Lopez,
Brenden Kuerbis,
Alberto Rodriguez-Natal,
Vina Ermagan,
Fabio Maino,
Albert Cabellos
Abstract:
We present IPchain, a blockchain to store the allocations and delegations of IP addresses, with the aim of easing the deployment of secure interdomain routing systems. Interdomain routing security is of vital importance to the Internet since it prevents unwanted traffic redirections. IPchain makes use of blockchains' properties to provide flexible trust models and simplified management when compar…
▽ More
We present IPchain, a blockchain to store the allocations and delegations of IP addresses, with the aim of easing the deployment of secure interdomain routing systems. Interdomain routing security is of vital importance to the Internet since it prevents unwanted traffic redirections. IPchain makes use of blockchains' properties to provide flexible trust models and simplified management when compared to existing systems. In this paper we argue that Proof of Stake is a suitable consensus algorithm for IPchain due to the unique incentive structure of this use-case. We have implemented and evaluated IPchain's performance and scalability storing around 150k IP prefixes in a 1GB chain.
△ Less
Submitted 11 May, 2018;
originally announced May 2018.
-
A Deep-Reinforcement Learning Approach for Software-Defined Networking Routing Optimization
Authors:
Giorgio Stampa,
Marta Arias,
David Sanchez-Charles,
Victor Muntes-Mulero,
Albert Cabellos
Abstract:
In this paper we design and evaluate a Deep-Reinforcement Learning agent that optimizes routing. Our agent adapts automatically to current traffic conditions and proposes tailored configurations that attempt to minimize the network delay. Experiments show very promising performance. Moreover, this approach provides important operational advantages with respect to traditional optimization algorithm…
▽ More
In this paper we design and evaluate a Deep-Reinforcement Learning agent that optimizes routing. Our agent adapts automatically to current traffic conditions and proposes tailored configurations that attempt to minimize the network delay. Experiments show very promising performance. Moreover, this approach provides important operational advantages with respect to traditional optimization algorithms.
△ Less
Submitted 20 September, 2017;
originally announced September 2017.
-
Knowledge-Defined Networking
Authors:
Albert Mestres,
Alberto Rodriguez-Natal,
Josep Carner,
Pere Barlet-Ros,
Eduard Alarcón,
Marc Solé,
Victor Muntés,
David Meyer,
Sharon Barkai,
Mike J Hibbett,
Giovani Estrada,
Khaldun Ma`ruf,
Florin Coras,
Vina Ermagan,
Hugo Latapie,
Chris Cassar,
John Evans,
Fabio Maino,
Jean Walrand,
Albert Cabellos
Abstract:
The research community has considered in the past the application of Artificial Intelligence (AI) techniques to control and operate networks. A notable example is the Knowledge Plane proposed by D.Clark et al. However, such techniques have not been extensively prototyped or deployed in the field yet. In this paper, we explore the reasons for the lack of adoption and posit that the rise of two rece…
▽ More
The research community has considered in the past the application of Artificial Intelligence (AI) techniques to control and operate networks. A notable example is the Knowledge Plane proposed by D.Clark et al. However, such techniques have not been extensively prototyped or deployed in the field yet. In this paper, we explore the reasons for the lack of adoption and posit that the rise of two recent paradigms: Software-Defined Networking (SDN) and Network Analytics (NA), will facilitate the adoption of AI techniques in the context of network operation and control. We describe a new paradigm that accommodates and exploits SDN, NA and AI, and provide use cases that illustrate its applicability and benefits. We also present simple experimental results that support its feasibility. We refer to this new paradigm as Knowledge-Defined Networking (KDN).
△ Less
Submitted 23 June, 2016; v1 submitted 20 June, 2016;
originally announced June 2016.