Transcript Document
Network Operations and Research at Georgia Tech Nick Feamster and Ron Hutchins Georgia Tech Main Message • Researchers and operators can both benefit from close interaction – This requires trust from both sides, developed through one-on-one relationships – This requires risk-taking, but offers benefits to both sides • We have a successful mode of working together at Georgia Tech – Main element: GT-RNOC,the “interface” between research and operations Each group offers something… • Operators – Source of real problems to solve and real network data – Opportunities for deployment – Infrastructure resources • Researchers – Fundamentally new ways of approaching old (and sometimes nagging) problems …but, there are challenges • Operators – Downtime is unacceptable – This can lead to conservative approaches and a fear of disrupting the status quo • Researchers – Producing production-quality software, etc. is often not the first-order concern Despite these challenges, both parties can benefit. Need to build trust, common understanding of issues and incentives. Two Examples • Operations problem: Access control – Researchers can offer new flexible, scalable approaches – Operators can offer opportunities for deployment and testing • Support for experimentation: BGP Mux – Requirements: VLAN, BGP, filters, transit Current Access Control Model • New hosts – Assigned to private VLAN – Given private IP address space – Authenticated and scanned Problems with Status Quo • Access control is too coarse-grained – All unauthenticated/unscanned hosts are on the same subnet – Hosts with access are all on the same VLAN • Lack of dynamism – Hosts cannot be dynamically remapped • Monitoring is not continuous – Reaction to alarms is manual Dynamic Access Control with OpenFlow • Flow-table entries in switches redirect hosts to gardenwall • Traffic is remapped with flow table entries per-host • Continuous, real-time monitoring integrated with controller Challenges • Will it scale in a real deployment? – Inventory of campus network users – Traffic forwarding rates at switch – Amount of traffic at the controller • Researchers need – Realistic evaluation scenarios (topologies, traffic, etc.) – Actual deployment platform Big challenge: How to do a phased deployment without disrupting the operational network? Support for Evaluation • Space for running real-world projects and applications • Need: Ability to “re-enact” network events • Real-world connectivity • • • • BGP session to border VLAN to border /30 prefix for the session Route filters to permit BGP announcements • Packet filters to permit traffic from new source IPs • Researchers: understand restrictions and assumptions • Operators: adjust mental model of “normal” operations BGP Mux Key Piece: BGP Mux Summary • Researchers and operators can both benefit from close interaction – This requires trust from both sides, developed through one-on-one relationships – This requires risk-taking, but offers benefits to both sides