This paper presents Ethane, a new network architecture for the enterprise. Ethane allows managers to define a single networkwide fine-grain policy, and then enforces it directly. Ethane couples extremely simple flow-based Ethernet switches with a centralized controller that manages the admittance and routing of flows. While radical, this design is backwards-compatible with existing hosts and switches. We have implemented Ethane in both hardware and software, supporting both wired and wireless hosts. Our operational Ethane network has supported over 300 hosts for the past four months in a large university network, and this deployment experience has significantly affected Ethane’s design. Categories and Subject Descriptors

This article is an editorial note submitted to CCR. It has NOT been peer reviewed. The author takes full responsibility for this article’s technical content. Comments can be posted through CCR Online. The data centers used to create cloud services represent a significant investment in capital outlay and ongoing costs. Accordingly, we first examine the costs of cloud service data centers today. The cost breakdown reveals the importance of optimizing work completed per dollar invested. Unfortunately, the resources inside the data centers often operate at low utilization due to resource stranding and fragmentation. To attack this first problem, we propose (1) increasing network agility, and (2) providing appropriate incentives to shape resource consumption. Second, we note that cloud service providers are building out geo-distributed networks of data centers. Geo-diversity lowers latency to users and increases reliability in the presence of an outage taking out an entire site. However, without appropriate design and management, these geo-diverse data center networks can raise the cost of providing service. Moreover, leveraging geo-diversity requires services be designed to benefit from it. To attack this problem, we propose (1) joint optimization of network and data center resources, and (2) new systems and mechanisms for geo-distributing state.

We present Tesseract, an experimental system that enables the direct control of a computer network that is under a single administrative domain. Tesseract’s design is based on the 4D architecture, which advocates the decomposition of the network control plane into decision, dissemination, discovery, and data planes. Tesseract provides two primary abstract services to enable direct control: the dissemination service that carries opaque control information from the network decision element to the nodes in the network, and the node configuration service which provides the interface for the decision element to command the nodes in the network to carry out the desired control policies. Tesseract is designed to enable easy innovation. The neighbor discovery, dissemination and node configuration services, which are agnostic to network control policies, are the only distributed functions implemented in the switch nodes. A variety of network control policies can be implemented outside of switch nodes without the need for introducing new distributed protocols. Tesseract also minimizes the need for manual node configurations to reduce human errors. We evaluate Tesseract’s responsiveness and robustness when applied to backbone and enterprise network topologies in the Emulab environment. We find that Tesseract is resilient to component failures. Its responsiveness for intra-domain routing control is sufficiently scalable to handle a thousand nodes. Moreover, we demonstrate Tesseract’s flexibility by showing its application in joint packet forwarding and policy based filtering for IP networks, and in link-cost driven Ethernet packet forwarding. 1

The complexity of network management is widely recognized as one of the biggest challenges facing the Internet today. Point solutions for individual problems further increase system complexity while not addressing the underlying causes. In this paper, we argue that many network-management problems stem from the same root cause—the need to maintain consistency between the physical and logical configuration of the routers. Hence, we propose VROOM (Virtual ROuters On the Move), a new network-management primitive that avoids unnecessary changes to the logical topology by allowing (virtual) routers to freely move from one physical node to another. In addition to simplifying existing network-management tasks like planned maintenance and service deployment, VROOM can also help tackle emerging challenges such as reducing energy consumption. We present the design, implementation, and evaluation of novel migration techniques for virtual routers with either hardware or software data planes. Our evaluation shows that VROOM is transparent to routing protocols and results in no performance impact on the data traffic when a hardware-based data plane is used.

Enterprise networks are important, with size and complexity even surpassing carrier networks. Yet, the design of enterprise networks remains ad-hoc and poorly understood. In this paper, we show how a systematic design approach can handle two key areas of enterprise design: virtual local area networks (VLANs) and reachability control. We focus on these tasks given their complexity, prevalence, and time-consuming nature. Our contributions are three-fold. First, we show how these design tasks may be formulated in terms of networkwide performance, security, and resilience requirements. Our formulations capture the correctness and feasibility constraints on the design, and they model each task as one of optimizing desired criteria subject to the constraints. The optimization criteria may further be customized to meet operator-preferred design strategies. Second, we develop a set of algorithms to solve the problems that we formulate. Third, we demonstrate the feasibility and value of our systematic design approach through validation on a large-scale campus network with hundreds of routers and VLANs.

Network management is the proverbial “elephant in the room”—the pressing problem we all know is plaguing the Internet, yet seems intractable to solve. Each new management challenge leads to a new point solution, such as a new configuration script, measurement tool, or protocol extension. In this paper, we argue that many networkmanagement problems stem from the same root cause— the need to maintain consistency between the physical and logical configuration of routers. Instead, we believe that future networks should break this tight coupling by allowing (virtual) routers to freely move from one physical node to another, without changing the IP-layer topology. Our VROOM (Virtual ROuters On the Move) architecture supports live virtual router migration and re-mapping of virtual links, by capitalizing on recent innovations in programmable transport networks, packet-aware access networks, virtual server migration and virtual router technologies. Preliminary experiments with a simple prototype, built using Xen and the Linux routing software, show that VROOM is feasible in practice. We believe that virtual router migration will simplify a variety of networkmanagement tasks, including planned maintenance, service deployment, and minimizing power consumption. 1.

We argue for the refactoring of the IP control plane to support network-wide objectives and control. We put forward a design that refactors functionality into a novel 4D architecture composed of four separate planes: decision, dissemination, discovery and data. All decision-making logic is moved out of routers along with current management plane functions to create a logically centralized decision plane, where network-level objectives and policies are specified and enforced by direct configuration of states on individual network elements. Pulling much of the control state and logic out of the routers enables both simpler protocols, which do not have to embed decision-making logic, and more powerful decision algorithms for implementing sophisticated goals. Remaining on the routers is a wafer-thin class of intrinsically distributed control functions. These support the discovery plane, consisting of elementary functions to discover topology and network state, and the dissemination plane, consisting of elementary functions to distribute explicit instructions to manipulate the data plane forwarding mechanisms.

Abstract—This paper presents Ethane, a new network architecture for the enterprise. Ethane allows managers to define a single network-wide fine-grain policy and then enforces it directly. Ethane couples extremely simple flow-based Ethernet switches with a centralized controller that manages the admittance and routing of flows. While radical, this design is backwards-compatible with existing hosts and switches. We have implemented Ethane in both hardware and software, supporting both wired and wireless hosts. We also show that it is compatible with existing high-fanout switches by porting it to popular commodity switching chipsets. We have deployed and managed two operational Ethane networks, one in the Stanford University Computer Science Department supporting over 300 hosts, and another within a small business of 30 hosts. Our deployment experiences have significantly affected Ethane’s design. Index Terms—Architecture, management, network, security.

Abstract. IP network operators face the challenge of making and managing router configuration changes to serve rapidly evolving user and organizational needs. Changes are expressed in low-level languages, and often impact multiple parts of a configuration file and multiple routers. These dependencies make configuration changes difficult for operators to reason about, detect problems in, and troubleshoot. In this paper, we present a methodology to extract networkwide correlations of changes. From longitudinal snapshots of low-level router configuration data, our methodology identifies syntactic configuration blocks that changed, applies data mining techniques to extract correlated changes, and highlights changes of interest via operator feedback. Employing our methodology, we analyze an 11-month archive of router configuration data from 5 different large-scale enterprise Virtual Private Networks (VPNs). Our study shows that our techniques effectively extract correlated configuration changes, within and across individual routers, and shed light on the prevalence and causes of systemwide and intertwined change operations. A deeper understanding of correlated changes has potential applications in the design of an auditing system that can help operators proactively detect errors during change management. To demonstrate this, we conduct an initial study analyzing the prevalence and causes of anomalies in system-wide changes. 1

We recently proposed Ethane: A clean-slate approach to managing and securing enterprise networks. The goal of Ethane is to make enterprise networks (e.g. networks in companies, universities, and home offices) much easier to manage. Ethane is built on the premise that the only way to manage and secure networks is to make sure we can identify the origin of all traffic, and hold someone (or some machine) accountable for it. So first, Ethane authenticates every human, computer and switch in the network, and tracks them at all times. Every packet can be immediately identified with its sender. Second, Ethane implements a network-wide policy language in terms of users, machines and services. Before a flow is allowed into the network, it is checked against the policy. Ethane requires two substantial changes to the network: Network switches and routers are replaced with much simpler switches, that are based on flow-tables. The switch doesn’t learn addresses, doesn’t run spanning tree, routing protocols or any access control lists. All it does is permit or deny flows under the control of a central controller. The controller is the second big change. Each network contains a central controller that decides if a flow is to be allowed into the network. It makes its decisions based on a set of rules that make up a policy. One premise of Ethane is that although the network is much more powerful as a whole, the switches are much simpler than conventional switches and routers. To explore whether this is true, we built 4-port Ethane switches in dedicated hardware (on the NetFPGA platform), running at 1Gb/s per port. We have deployed the switches in our network at Stanford University, and demonstrated that despite the simplicity of the switches, Ethane can support a very feature-rich and easy-to-manage network.