Aplicações de monitoramento de tráfego utilizando redes programáveis eBPF
Resumo
Monitoramento de tráfego é uma ferramenta importante em engenharia de tráfego, permitindo que gerentes de rede possam detectar ataques e comportamentos anormais da rede. O paradigma de SDN provê uma nova forma para fazer isso, separando os planos de dados e controle e permitindo que eles sejam programáveis. Neste trabalho propõem-se a implementação de aplicações para monitoramento de redes utilizando o BPFabric, uma arquitetura SDN flex´ıvel e programável que utiliza uma máquina virtual eBPF para o processamento de pacotes. As capacidades do BPFabric para tarefas de monitoramento de tráfego são apresentadas através de aplicações baseadas em amostragens e sketches.
Referências
Bloom, B. H. (1970). Space/time trade-offs in hash coding with allowable errors. Communications of the ACM, 13(7):422–426.
Bosshart, P., Daly, D., Gibb, G., Izzard, M., McKeown, N., Rexford, J., Schlesinger, C., Talayco, D., Vahdat, A., Varghese, G., and Walker, D. (2014). P4: Programming protocol-independent packet processors. SIGCOMM Comput. Commun. Rev., 44(3):87–95.
CAIDA (2013). The CAIDA UCSD Anonymized Internet Traces - 2013. http:// www.caida.org/data/passive/passive_dataset.xml.
Carter, J. L. and Wegman, M. N. (1979). Universal classes of hash functions. Journal of computer and system sciences, 18(2):143–154.
Cormode, G. and Muthukrishnan, S. (2005). An improved data stream summary: the count-min sketch and its applications. Journal of Algorithms, 55(1):58–75.
Duffield, N., Lund, C., and Thorup, M. (2003). Estimating flow distributions from sampled flow statistics. In Proceedings of the 2003 Conference on Applications, Technologies,
Architectures, and Protocols for Computer Communications, SIGCOMM ’03, pages 325–336, New York, NY, USA. ACM.
Estan, C. and Varghese, G. (2002). New directions in traffic measurement and accounting. SIGCOMM Comput. Commun. Rev., 32(4):323–336.
Flajolet, P. and Martin, G. N. (1985). Probabilistic counting algorithms for data base applications. J. Comput. Syst. Sci., 31(2):182–209.
Gupta, A., Harrison, R., Pawar, A., Birkner, R., Canini, M., Feamster, N., Rexford, J., and Willinger, W. (2017). Sonata: Query-driven network telemetry. CoRR, abs/1705.01049.
Harrison, R., Cai, Q., Gupta, A., and Rexford, J. (2018). Network-wide heavy hitter detection with commodity switches. In Proceedings of the Symposium on SDN Research, SOSR ’18, pages 8:1–8:7, New York, NY, USA.
Huang, Q., Jin, X., Lee, P. P. C., Li, R., Tang, L., Chen, Y.-C., and Zhang, G. (2017). Sketchvisor: Robust network measurement for software packet processing. In Proceedings of the Conference of the ACM Special Interest Group on Data Communication, SIGCOMM ’17, pages 113–126, New York, NY, USA. ACM.
Jouet, S. (2017). BPFabric Implementation. Available at: https://github.com/ UofG-netlab/BPFabric.
Jouet, S. and Pezaros, D. P. (2017). Bpfabric: Data plane programmability for software defined networks. In Proceedings of the Symposium on Architectures for Networking and Communications Systems, pages 38–48. IEEE Press.
Kreutz, D., Ramos, F. M., Verissimo, P. E., Rothenberg, C. E., Azodolmolky, S., and Uhlig, S. (2015). Software-defined networking: A comprehensive survey. Proceedings of the IEEE, 103(1):14–76.
Krishnamurthy, B., Sen, S., Zhang, Y., and Chen, Y. (2003). Sketch-based change detection: Methods, evaluation, and applications. In Proceedings of the 3rd ACM SIGCOMM
Conference on Internet Measurement, IMC ’03, pages 234–247, New York, NY, USA. ACM.
Kumar, A., Sung, M., Xu, J. J., and Wang, J. (2004). Data streaming algorithms for efficient and accurate estimation of flow size distribution. In Proceedings of the Joint International Conference on Measurement and Modeling of Computer Systems, SIGMETRICS ’04/Performance ’04, pages 177–188, New York, NY, USA. ACM.
Lantz, B., Heller, B., and McKeown, N. (2010). A network in a laptop: rapid prototyping for software-defined networks. In Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks, page 19. ACM.
McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., and Turner, J. (2008). Openflow: enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review, 38(2):69–74.
Pac´ıfico, R. D., Coelho, G. R., Vieira, M. A., and Nacif, J. A. (2018). Roteador sdn em hardware independente de protocolo com an´alise, casamento e ac¸ ˜oes dinˆamicas. In Simp´osio Brasileiro de Redes de Computadores (SBRC), volume 36.
Schweller, R., Li, Z., Chen, Y., Gao, Y., Gupta, A., Zhang, Y., Dinda, P. A., Kao, M. Y., and Memik, G. (2007). Reversible sketches: Enabling monitoring and analysis over high-speed data streams. IEEE/ACM Transactions on Networking, 15(5):1059–1072.
Sivaraman, V., Narayana, S., Rottenstreich, O., Muthukrishnan, S., and Rexford, J. (2017). Heavy-hitter detection entirely in the data plane. In Proceedings of the Symposium on SDN Research, SOSR ’17, pages 164–176, New York, NY, USA. ACM.
Tsai, P. W., Tsai, C. W., Hsu, C. W., and Yang, C. S. (2018). Network monitoring in software-defined networking: A review. IEEE Systems Journal, pages 1–12. van Adrichem, N. L. M., Doerr, C., and Kuipers, F. A. (2014).
Opennetmon: Network monitoring in openflow software-defined networks. In 2014 IEEE Network Operations and Management Symposium (NOMS), pages 1–8.
Yu, M., Jose, L., and Miao, R. (2013). Software defined traffic measurement with opensketch. In Proceedings of the 10th USENIX Conference on Networked Systems Design and Implementation, nsdi’13, pages 29–42, Berkeley, CA, USA. USENIX Association.