340 likes | 521 Vues
The Stanford Clean Slate Program. http://cleanslate.stanford.edu. Nick McKeown Professor of Computer Science & Electrical Engineering.
E N D
The Stanford Clean Slate Program http://cleanslate.stanford.edu Nick McKeown Professor of Computer Science & Electrical Engineering
“These guys are completely on crack …You do not want to have intelligence inside the network, ever… The [network] should be application-unaware, stupid, unreliable, and as simple as possible. Which is the Internet we have today, and it works great, thank you very much.” “It doesn't need fixing. It just needs a few upgrades. IPV6 would be a nice place to start” It’s just a bunch of tubes, right? The Stanford Clean Slate Program http://cleanslate.stanford.edu
Clean Slate Research is… A way of thinking … that is common elsewhere … but difficult when there is legacy The Stanford Clean Slate Program http://cleanslate.stanford.edu
Installed base • 8,000 • 1968 170M • 2007 700M Car Policy Engine Car Body Control Materials Emissions Fueling Stations Manufacture Safety Fuel Rethinking the car 1 gallon of gas g 22lbs of CO2 The Stanford Clean Slate Program http://cleanslate.stanford.edu
Anything to rethink? “How come it takes an hour to set up a session?” “Why can I join someone else’s call?” “Will the quality always be this poor?” “Can I put a camera on my car and drive around?” The Stanford Clean Slate Program http://cleanslate.stanford.edu
Unthought of applications Economically sustainable Trustworthy: Secure, robust, manageable Mobility by default. Users and data Performance to blow our socks off Unthought of links The Stanford Clean Slate Program http://cleanslate.stanford.edu
Early stakes in the ground Organic growth lead to structure: Let’s exploit it Optics is here to stay: Let’s exploit it too Flows: They are our friends The Stanford Clean Slate Program http://cleanslate.stanford.edu
In parallel 2005: A sea-change in the networking research community • Prompted by NSF • ITRs (including 100x100 Clean Slate Program) • NSF FIND: Funding for architectural ideas • NSF GENI: Creating a platform for experimenting with new architectures, services and technologies 2006-2007: A large community-wide effort • GENI planning process • Programs starting in Europe and Asia 2007 - : GENI Project Office The Stanford Clean Slate Program http://cleanslate.stanford.edu
Bottom-up first, Top-down later • Now…“Innovation in the small” • Coverage of areas • Four funded so far, adding more Architectural Blueprint? The Stanford Clean Slate Program http://cleanslate.stanford.edu
Flagship projects • Larger collaborative projects • Start to tie research together Architectural Blueprint? The Stanford Clean Slate Program http://cleanslate.stanford.edu
Wireless (Spectrum) Backbone (Lightflow) Congestion Control (RCP) Backbone (VLB) Security (Ethane) Flow Theory Top-down blueprint? Too early to decide Architectural Blueprint? Programmable Nationwide Backbone Local Wireless Platform The Stanford Clean Slate Program http://cleanslate.stanford.edu
The Stanford Clean Slate Program • Create a breeding ground for new collaborative projects across boundaries • Projects that will have significant impact in 10-15 years • Exploit Stanford’s breadth and depth • Work closely with a focused group of committed industrial partners The Stanford Clean Slate Program http://cleanslate.stanford.edu
Executive Director Guru Parulkar Stanford Clean Slate Program Faculty Directors Nick McKeown Bernd Girod Affiliate Members Cisco Deutsche Telekom NEC NTT DoCoMo Xilinx + 3 in the works The Stanford Clean Slate Program http://cleanslate.stanford.edu
Stanford’s Breadth and Depth • World-class expertise in: Networking, optical communications, wireless, access networks, theory, economics, security, applications, multimedia, operating systems, hardware and VLSI, system architecture, … • Participants from across EE, CS, MS&E, GSB Dan Boneh, David Cheriton, Bill Dally, Abbas El Gamal, Bernd Girod, Ashish Goel, Andrea Goldsmith, Mark Horowitz, Ramesh Johari, Joseph Kahn, Sunil Kumar, David Mazières, Nick McKeown, David Miller, Phil Levis, Balaji Prabhakar, Mendel Rosenblum, Tim Roughgarden. The Stanford Clean Slate Program http://cleanslate.stanford.edu
Wireless (Spectrum) Backbone (Lightflow) Congestion Control (RCP) Backbone (VLB) Security (Ethane) Flow Theory Projects Professors Leonid Kazovsky & Nick McKeown Optical technology promises enormous capacity & low-power Goal is to propose new networks to exploit optical switching Programmable Nationwide Backbone Local Wireless Platform The Stanford Clean Slate Program http://cleanslate.stanford.edu
Wireless (Spectrum) Backbone (Lightflow) Congestion Control (RCP) Backbone (VLB) Security (Ethane) Flow Theory Projects Professors Balaji Prabhakar & Amin Saberi Existing theory lacks details of flow-dynamics and end-to-end semantics Goal is to develop flow-level theoretical models Programmable Nationwide Backbone Local Wireless Platform The Stanford Clean Slate Program http://cleanslate.stanford.edu
Wireless (Spectrum) Backbone (Lightflow) Congestion Control (RCP) Backbone (VLB) Security (Ethane) Flow Theory Projects Professors Andrea Goldsmith & Ramesh Johari Spectrum scarcity is a result of tight, inefficient government control Goal is to propose new approach to spectrum allocation & protocols Programmable Nationwide Backbone Local Wireless Platform The Stanford Clean Slate Program http://cleanslate.stanford.edu
Wireless (Spectrum) Backbone (Lightflow) Congestion Control (RCP) Backbone (VLB) Security (Ethane) Flow Theory Projects Professors Boneh, Mazieres, Rosenblum, McKeown Goal is to propose clean slate architectures for secure networks Programmable Nationwide Backbone Local Wireless Platform The Stanford Clean Slate Program http://cleanslate.stanford.edu
What we’d like Principle 1: Manage network using policy over real names “Nancy can access Payroll” “Laptops can’t accept incoming connections” “VoIP phones mustn’t move” Principle 2: Policy should dictate the path packets follow “CEO traffic should not pass through engineering” “Guest flows must pass through http proxy” “Laptop flows must pass through IDS” Payroll Principle 3: The origin of packets should be known Principle 4: Network should log all connectivity For diagnostics and auditing Nancy The Stanford Clean Slate Program http://cleanslate.stanford.edu
Today “Everyone who is not Nancy cannot access payroll” Q: How to identify them? Q: Where do their packets flow? dns ACL: Jen’s IP, payroll dhcp ACL: Jim’s IP, payroll ACL: Jen’s IP, payroll Jen Principle 1: Manage network using policy over real names “Nancy can access Payroll” “Laptops can’t accept incoming connections” “VoIP phones mustn’t move” Today Payroll Host: a IP: i MAC: m learning spanning tree ospf Nancy Host: b IP: j MAC: n The Stanford Clean Slate Program http://cleanslate.stanford.edu
Nancy • Dynamic bindings • Allocated elsewhere • Not authenticated • Easily spoofed Host: b IP: j MAC: n dns dhcp Problems • Bindings between users, hosts and addresses keep changing, are not authenticated and are chosen elsewhere. • Route is picked elsewhere and is unknown to the manager. And changes. • New entities require many more filters. Change of entity locations requires updating of filters. • Easy to circumvent, hard to diagnose. The Stanford Clean Slate Program http://cleanslate.stanford.edu
Ethane: Design choices • Centralized management • Policy language governs network • All communication requires permission • Secure and track all bindings The Stanford Clean Slate Program http://cleanslate.stanford.edu
“Nancy can access Payroll” “Laptops can’t accept incoming connections” “VoIP phones mustn’t move” “CEO traffic should not pass through engineering” “Guest flows must pass through http proxy” “Laptop flows must pass through IDS” controller dns dhcp Ethane: Taking Control Payroll Host: a IP: i MAC: m learning spanning tree ospf Nancy Host: b IP: j MAC: n The Stanford Clean Slate Program http://cleanslate.stanford.edu
controller Waypoints “Nancy can access Payroll” “Laptops can’t accept incoming connections” “VoIP phones mustn’t move” “CEO traffic should not pass through engineering” “Guest flows must pass through http proxy” “Flows to Payroll must pass through IDS” Payroll Nancy The Stanford Clean Slate Program http://cleanslate.stanford.edu
Ethane: Manageability • Fine-grain control of each flow • Can isolate users, groups, hosts • Can specify waypoints • Can require different forms of authentication for different access points (e.g. stronger for wireless than wired) The Stanford Clean Slate Program http://cleanslate.stanford.edu
Ethane: Many questions • Central controller • Performance & Scalability • Robustness • How to make it easy to use for manager… • …and transparent to user. The Stanford Clean Slate Program http://cleanslate.stanford.edu
Our deployment • 300+ hosts at Stanford: Servers, laptops, desktops, phones. • 19 switches • Hardware, software, wireless • Policy: 132 rules to replicate policy The Stanford Clean Slate Program http://cleanslate.stanford.edu
Lessons so far… • Controller handles >10,000 flows/second • Maybe enough for whole of campus • Multiple ways to handle redundancy • Cold-standby, hot-standby, stateless, stateful • Transparent to users (even remotely at home!) • Diagnostics • Control who can perform diagnostics and see traffic • Journal all bindings: Can tell who sent a packet when. The Stanford Clean Slate Program http://cleanslate.stanford.edu
Flagship Projects #1: Build our own small private programmable backbone
Open Source “Router Kit” Software: Linux/XORP (ICSI) Routing Control & Mgmt Hardware: NetFPGA (Stanford) Hardware Datapath NetFPGA is a Programmable 4 x 1GE “switch” or any packet processor NetFPGA is a PCI card • Program in Verilog • Industry-standard design flow • Contains embedded CPUs • ~$500 for kit • Available June 2007 • For classroom & research Used in CS344/EE384D “Build an Internet Router” and EE109 The Stanford Clean Slate Program http://cleanslate.stanford.edu
Wireless (Spectrum) Backbone (Lightflow) Congestion Control (RCP) Backbone (VLB) Security (Ethane) Flow Theory How would you like to take part? Architectural Blueprint? Programmable Nationwide Backbone Local Wireless Platform The Stanford Clean Slate Program http://cleanslate.stanford.edu
09:00 - 09:45Nick McKeownIntroduction 09:45 - 10:30Jonathan Turner, WUSTLAn Architecture for a Diversified Internet 10:30 - 11:00Break 11:00 - 11:30Bernd GirodClean Slate Design for Internet Video Delivery 11:30 - 12:00Balaji Prabhakar21st Century Queuing Theory, and Internet Address Allocation 12:00 – 13:30Lunch with Poster Session 13:30 - 14:00William B. Norton, EquinixVideo Internet: The Next Wave of Massive Disruption to the U.S. Peering Ecosystem 14:00 - 14:30Dan BonehA Clean Slate Approach to Web Technology 14:30 - 15:00John MitchellSecurity Analysis of Network Protocols 15:00 - 16:00PANEL (Moderated by Balaji Prabhakar)It's Not Just About the Plumbing Agenda The Stanford Clean Slate Program http://cleanslate.stanford.edu