Programming SDNs

Question 1

SDN programming: Three Steps

Answer 1

1. read/monitor network state as well as respond to events such as failures, topology changes, and security events
2. compute the policy based on the state that the controller sees from the network
3. write policy back to the switches by installing flow table state into the switches

Question 2

Problems with consistency when reading network state

Answer 2

1. Predicates
2. Unfolding
3. Suppression

Question 3

Network Virtualization

Answer 3

abstracting the logical networks away from the physical equipment (network) - analogy VM and physical computer

Question 4

Motivation for NV

Answer 4

Facilitate research/evolution by allowing coexistence;

Adjust resources devoted to any service at ant given time;

Question 5

Benefits of NV

Answer 5

Rapid Innovation (at the rate of software evolves)
Allow new forms of network control
Simplify programming

Question 6

NV vs SDN

Answer 6

1. NV is one of the applications for SDN and SDN can be seen as a tool for implementing NV (NV can be accomplished without SDN such as Mininet in Project1)
2. SDN does not necessarily imply Network Virtualization is employed. But NV allows SDN to be tested in a virtual environment to emulate physical network devices

Question 7

SDN programming difficulty (openflow)

Answer 7

1. low level of abstraction in the form of match-action rules
2. controller only see events that switch don’t know how to handle
3. race conditions if switch-level rules are not installed properly

Question 8

Southbound API

Answer 8

the communication interface between the controller and the forwarding devices (such as openflow)

Question 9

Northbound API

Answer 9

a higher-level programming interface between apps and controller so that an application is expressing what it wants to happen in terms of higher-level semantics such as policy APIs, billing APIs, and security APIs

Question 10

Pyretic

Answer 10

SDN language (express high-level policies) and runtime (automatically compile these policies to low-level OpenFlow rules and install on hardware devices)

Question 11

Pyretic features

Answer 11

1. implement network policy as a function that map packet (input) to other packets (output: 0, 1 or other modified packets)
2. Express boolean (and, or, not)
3. Provide virtual packet header fields
4. Provide composition operators (parallel and sequential )

Question 12

Pyretic function examples

Answer 12

1. identity: return original packet
2. drop: return an empty set
3. match(f=v): return the identity if the field f matches the value v, otherwise drop the packet
4. mod(f=v): return the same packet with the field f set to v
5. flood(): return one packet for each port on the network spanning tree
6. fwd(a): forward packet to output port a