Transcript Document
Network Operations and
Research at Georgia Tech
Nick Feamster and Ron Hutchins
Georgia Tech
Main Message
• Researchers and operators can both
benefit from close interaction
– This requires trust from both sides,
developed through one-on-one relationships
– This requires risk-taking, but offers benefits
to both sides
• We have a successful mode of working
together at Georgia Tech
– Main element: GT-RNOC,the “interface”
between research and operations
Each group offers something…
• Operators
– Source of real problems to solve and real
network data
– Opportunities for deployment
– Infrastructure resources
• Researchers
– Fundamentally new ways of approaching old
(and sometimes nagging) problems
…but, there are challenges
• Operators
– Downtime is unacceptable
– This can lead to conservative approaches and
a fear of disrupting the status quo
• Researchers
– Producing production-quality software, etc. is
often not the first-order concern
Despite these challenges, both parties can benefit.
Need to build trust, common understanding of issues and incentives.
Two Examples
• Operations problem: Access control
– Researchers can offer new flexible, scalable
approaches
– Operators can offer opportunities for
deployment and testing
• Support for experimentation: BGP Mux
– Requirements: VLAN, BGP, filters, transit
Current Access Control Model
• New hosts
– Assigned to private VLAN
– Given private IP address space
– Authenticated and scanned
Problems with Status Quo
• Access control is too coarse-grained
– All unauthenticated/unscanned hosts are on
the same subnet
– Hosts with access are all on the same VLAN
• Lack of dynamism
– Hosts cannot be dynamically remapped
• Monitoring is not continuous
– Reaction to alarms is manual
Dynamic Access Control with OpenFlow
• Flow-table entries in switches redirect hosts to gardenwall
• Traffic is remapped with flow table entries per-host
• Continuous, real-time monitoring integrated with controller
Challenges
• Will it scale in a real deployment?
– Inventory of campus network users
– Traffic forwarding rates at switch
– Amount of traffic at the controller
• Researchers need
– Realistic evaluation scenarios (topologies,
traffic, etc.)
– Actual deployment platform
Big challenge: How to do a phased deployment without disrupting
the operational network?
Support for Evaluation
• Space for running real-world projects and applications
• Need: Ability to “re-enact” network events
• Real-world connectivity
•
•
•
•
BGP session to border
VLAN to border
/30 prefix for the session
Route filters to permit BGP
announcements
• Packet filters to permit traffic
from new source IPs
• Researchers: understand
restrictions and assumptions
• Operators: adjust mental
model of “normal” operations
BGP Mux
Key Piece: BGP Mux
Summary
• Researchers and operators can both
benefit from close interaction
– This requires trust from both sides,
developed through one-on-one relationships
– This requires risk-taking, but offers benefits
to both sides