SlideShare a Scribd company logo

Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines

Download as PPT, PDF
Tal Lavian Ph.D.
Tal Lavian Ph.D.

1) The document discusses Nortel Networks' work on enabling active flow manipulation in silicon-based network forwarding engines. This includes their development of the Openet platform, which provides an active services runtime environment on commercial network devices. 2) The document presents examples of active services applications developed using the Openet platform, including an Alteon Switched Firewall and SSL acceleration. 3) It outlines Nortel's vision for next generation active services platforms, including service-centric APIs and improved security and management capabilities.

Devices & Hardware
1 of 34
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines Tal Lavian - tlavian@ieee.org Phil Wang, Ramesh Durairaj, Jennifer Rasimas, Doan Hoang, Franco Travostino. Nortel Networks, Advanced Technology Labs Open Source - http://www.openetlab.org May 28-29, 2002 1 DANCE Exposition
• AN technology Transfer • Issues in the realization of AN technologies • Main contributions of the paper. • Commercial Active Services Platform • Application Example 1 – SSL • Application Example 2 – ASF • A Demo Application • Next Generation Active Services Platform • Conclusion May 28-29, 2002 2 Outline of the talk DANCE Exposition
May 28-29, 2002 3 AN Technology Transfer Great Ideas Usable/Realizable Mechanisms/Products DANCE Exposition Active Nets Community Active Nets Community Active Nets Ideas Active Nets Ideas Real Active Services Products Realistic Internet Mechanisms Scan the technology horizon
May 28-29, 2002 4 Any AN products? DANCE Exposition Active Nets Community Active Nets Community Active Nets Ideas Active Nets Ideas Realistic Mechanisms Experimental/Laboratory Platforms Commercial Active Services Platform? ? Nortel Networks Active Services Products SSSSLL AASSFF IDIDSS VVPPNN Scan the technology horizon
Great Active Nets CCoommmmuunniittyy SSoolluuttiioonnss • Active networks (AN) approach opens an exciting opportunity for individual applications to define the service provided by the network through programmability. • Active Networks technologies expose a novel approach that allows customer value-added services to be introduced to the network “on-the-fly”. • Active Nets program has produced a new network platform flexible and extensible at runtime to accommodate the rapid evolution and deployment of network technologies. • The exciting opportunity exists for network service providers and third parties, not just the network device providers, to program the network infrastructure and services. May 28-29, 2002 5 DANCE Exposition
Lack of industrial-strength Active Network devices that dispel major concerns: May 28-29, 2002 6 DANCE Exposition AANN iissssuueess • AN requires substantial supports from a NOS • AN introduces substantial software component, hence delay on the data path • AN lacks adequate measures to addressing integrity and security of network devices.
May 28-29, 2002 7 Main contributions of the paper • Active Flow Manipulation Concept DANCE Exposition — Flow abstraction — Actions on Flows — Control/Data separation • Openet Platform — Commercial Network Devices — Runtime Environment — Active Services • Applications
May 28-29, 2002 8 Active Flow Manipulation DANCE Exposition Forwarding Processor Forwarding Processor Packet Policy Filters AFM Packet Filte r Packet Action • A key enabling technology of Openet • Two abstractions — Primitive flows — Primitive actions • Customer network services exercise active network control — Identifying specific flows — Apply actions to alter network behavior in real-time
Dynamic L2-L7 Filtering Active Flow Manipulation May 28-29, 2002 9 DANCE Exposition L2-L7 Filtering Capability • Source Address • Source Port • Destination Address • Destination Port • Protocol • VLAN • Diffserv Code Points • Content Filtering • Cookies Filtering • Flow redirection • Stop/Forward flow • Change DSCP field • Set VLAN priority • Adjust priority queue • Modify session table • Parsing request header • Parsing application contents
May 28-29, 2002 10 Openet: An active service platform User Oplets ORE JFWD CPU JNI/Native Code Monitor status DANCE Exposition JVM MEM … Filtered packets New forwarding rules Forwarding Engine OpletService, Shell, Logger Jcapture, HTTP, IpPacket Standard Services ANTS Application services Firewall, DiffServ Function Services Control Plane Data Plane
Openet Alteon Active Services Platform = A Powerful Platform for AN Technologies Transfer May 28-29, 2002 11 DANCE Exposition • A powerful and extensible control and computational plane — Partitioning hardware/software resources — Active service enabling — Content filtering in real-time — Active services accommodation Optical Wireless Active Services router Content gateway Edge Device Content Aware Computation Power Dynamic Service Enabling
Nortel Networks’ contributions to Active Services • Practical Active Services Architecture on real network device. • First Commercial Active Services platform. — ASF - Product — SSL – Product — Open Active Architecture for more product — Alteon+iSD as a research platform — L3 programmable routing switch PP8600 – used by research community — Photonic Switch – Early prototype — Active VPN – Carrier A — Active fault diagnostic – Carrier A — Active SLA reliability — Active Extranet on Demand – CeNTIE- Media post production industry — Early stages in disaster recovery and fault tolerant networks May 28-29, 2002 12 • Identify Active applications (More than Ping ) DANCE Exposition
Strong computation power inside Computation May 28-29, 2002 13 network device. AActcitviev eS eSrevrivciecse sP Plaltaftofromrm AActcitviev eS eSrevrivciecse sP Plaltaftofromrm AActcitviev eS eSrevrivciecse sP Plaltaftofromrm Active Services Platform Intercepts selected flows and performs intelligent processing based on L2- L7 filtering Users Servers The emphasis is on interception and processing transparently. Entities at both ends may not be aware of the existence of the Alteon in the path DANCE Exposition Forwarding Up to 256 Linux based engines
This slide is from the official product literature!!! May 28-29, 2002 14 Active Service – Example 1 ASF – Alteon Switched Firewall A Real Product DANCE Exposition
Runtime Environment For Active Services May 28-29, 2002 15 Alteon Switched Firewall (ASF) A Real Product Active Services Download DANCE Exposition Servers AFM Action on the data Flow AFM Flow (Req.) Selection data for the session 1 1st pkt Active Service: Policy Checking 2 Data
May 28-29, 2002 16 Alteon Switched Firewall (ASF) A Real Product Active Services Download 3 Active Service: Policy Checking DANCE Exposition 1 1st pkt 1 Add 1 Conn. 2 Data for the session accelerated Delete Conn. after UDP timeout if session is inactive Servers AFM Flow Selection AFM Action on the Flow Runtime Environment For Active Services
May 28-29, 2002 17 Secure XL & NAAP in Action TCP session Alteon Switched Firewall (ASF) 5 Update Conn. DANCE Exposition 1 SYN Policy Check 1 1 Add Conn. (F2F) 1 2 SYN/ACK 3 Update Conn. 6 4 TCP 3-way handshake complete, data for the session accelerated 5 FIN-1 6 FIN-2 7 ACK Update Conn. Delete Conn. 7 Clients Servers 3 ACK (TCP 3-way handshake complete)
AFS as an Active Service Technology • The Alteon selectively redirects new connection requests to the Alteon Switched Firewall Director to perform policy checking. • The Director runs the Check Point FireWall-1 engine as an Active Service. • The Active Service manages the connection table, specifies rules for handling packets in the session, passes the connection table to the Alteon Switched Accelerator. • 90% of traffic is accelerated, supporting a throughput of 3.2 Gbps. May 28-29, 2002 18 DANCE Exposition
This slide is from the official product literature!!! • Client sends an HTTPS request • Switch redirects request on port 443 to iSD-SSL • iSD-SSL completes SSL handshake • iSD-SSL initiates HTTP connection to server on port 80 • Switch selects real server based on configured LB policy • Server responds to HTTP request and replies to the iSD-SSL • iSD-SSL encrypts session and sends HTTPS response to client HTTPS, SMTP-S, POP3-S and IMAP-S services May 28-29, 2002 19 SSL Acceleration How Does the iiSSDD--SSSSLL AAcccceelleerraattoorr wwoorrkk?? DANCE Exposition
Active Services Download Runtime Environment May 28-29, 2002 20 SSL Acceleration Cont Encrypt Decrypt Server DANCE Exposition Servers Policy Check Conn. Splice Selection AFM Action on the data Flow AFM Flow (Req.) Selection data for the session accelerated For Active Services Data Accelar
On the Horizon: Alteon Security Cluster Acceleration and intelligent integration of security applications Single point of secure central management IDS IDS URL Filtering Virus Scan Nortel Appliance Acceleration Protocol (Enables application control of switch sessions) May 28-29, 2002 21 BBI, CLI, SSI, Plug and Play DANCE Exposition Application Plane Security Appliance NAAP Control Plane Controller of accelerated sessions Management Plane IDS IDS IDS Fir Fi Firewall SSL SSL SSL Security Accelerator Data Plane Switch based acceleration of session data Fir Fi VPNs SSL SSL
May 28-29, 2002 22 SSL FW VPN IDS Virus Scanning Intelligent Flow Management DANCE Exposition Security Cluster Application Clusters Security Dashboard URL SSL FW VPN IDS Virus Filtering Scanning URL SSL FW VPN IDS Virus Filtering Scanning URL SSL FW VPN IDS Virus Filtering Scanning URL SSL FW VPN IDS Virus Filtering Scanning URL SSL FW VPN IDS Virus Filtering Scanning URL Filtering
May 28-29, 2002 23 Disaster Recovery Demonstration DANCE Exposition • Early Prototype
NAS NAS May 28-29, 2002 24 Disaster Recovery concept Active Services on 10GE All-Optical Switch Nortel’s Active Services DANCE Exposition Control Mesg 8600 NAS 8600 Photonic Switch Prototype 8600 10G 10G 10G NAS 1G 1G 1G A B C D X Y Z B2 B3 Alteon Alteon Alteon EvaQ8 OG - 1 EvaQ8 OG -2 EvaQ8 OG - 3 1. Normal App flow : Client X -> Server Z 2. Disaster Strikes at Location Z 3. EvaQ8 OG 3 sends a signal to OG1 4. OG1 instructs Photonic Switch to connect B2 & B3 ; Server Z and Server Y data syncd 5. On successful sync, OG2 instructs Photonic switch to connect B1->B2. 6. Service Restored for Client X ->server Y Disaster Event/ Environ. Sensor B1 Control Mesg NAS NAS
Active Services Download Runtime Environment May 28-29, 2002 25 A Disaster Discovery Application DANCE Exposition Policy Check Service Oplet Management Action AFM Flow (Req.) Connection Setup Selection data transfer between centers For Active Services Event Request Control Plane ATI Photonic Switch
Service-centric Active Nets Platform May 28-29, 2002 26 What after next? DANCE Exposition Manage Service Enabling SERVICES Control Matching Impedance Intra-Service Comm Security • Service Enabling API • Control API • Impedance Matching API • Security API • Management API • Intra-service Communications API
May 28-29, 2002 27 DANCE Exposition AN Collaboration: CeNTIE – CSRIO-Nortel Tele-Health Focus Group • Royal Australian College of Surgeons • Medic Vision • University of Sydney • NSW Health • Royal Prince Alfred • Interactive Virtual Environment Centre (IVEC). • Centre for Medical and Surgical Skills (CTEC). Media Systems Focus Group • Fox Studios • Animal Logic • GMD • Ambience • Film Industry Broadband Resource Enterprise (FIBRE) • WAM!NET • Australian Broadcasting Corporation (ABC) • ScreenWest Center for Networking Technologies for Information Economy (CeNTIE) - a CSIRO-led consortium including Nortel Networks, Amcom Telecommunications, the UNSW, UTS and the WA Interactive Virtual Environments Centre (IVEC). www.centie.net
• A major Carrier is interested in some aspects of the research and technologies incubated by the AN community  • The main value is to role out new services – and fast — Active VPN — Active Fault diagnostic • Unfortunately - the current market condition slowed down the interest (great direction – but no money now)  May 28-29, 2002 28 1st Expl: Collaboration with a Major Carrier DANCE Exposition
Summary of Our Work • We have inspired ourselves to active networks concepts • Demonstrate Active Networks technology transfer through Nortel Active Services platform. • We have implemented programmable Gigabit Routing Switch (backplane 256 Gbs) • Active Services in the control plane (slows down in the data plane) May 28-29, 2002 29 — New Active Services platform: Openet + Alteon + iSD DANCE Exposition — AFM abstraction • Capable of dynamic monitoring and modification of silicon knobs — The granularity is streams and not packets — Short time granularity (part of apps and not human intervention, keyboard, telnet, cli, snmp)
programmable network device to handle Infinite Bandwidth resources, Wire speed routing capability, and nontrivial Streaming media application. • Important next step is the development of a Service-centric Active Services Platform. May 28-29, 2002 30 Summary of Our Our Work (cont.) • Enabling New Types of intelligence on DANCE Exposition
OpenetLab – Nortel Networks: http://www.openetlab.org/ May 28-29, 2002 31 QQ&&AA DANCE Exposition
May 28-29, 2002 32 Client And Server Authentication DANCE Exposition 1 User opens session 2 Sends server certificate Requests client certificate 3 Serves request/response 7 Send encrypted data to back 6 end Validates the client certificate info. 5 Private key Confidential 4 Client sends the certificate with public key Public key Published
Strong computation power inside network device. Load balance of iSDs (and servers) May 28-29, 2002 33 iSD iSD iSD iSD DANCE Exposition User connections Intelligent Processing such As Load Balancing, Optimizing Bandwidth, Specialized services Server Server Server Server Server Server Balancing servers Connections terminate at the Alteon Balancing iSDs Balancing can be based on •load, or •Functionality Powerful generic processors do not have the filtering capability of the Alteon. That is if they have to do the same thing as the Alteons, they have to do filtering in software, hence slow. •An API is needed for exploring this filtering capacity
May 28-29, 2002 34 Content Re-route Optical Ring DANCE Exposition Mirror Server Data Server • Resource optimization (route 2) — Alternative lightpath • Route to mirror sites (route 3) — Lightpath setup failed — Load balancing — Long response time – Congestion – Fault Route 1 Route 2 Route 3

Recommended

Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Tal Lavian Ph.D.
 
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding EnginesEnabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Tal Lavian Ph.D.
 
Active Nets Technology Transfer through High-Performance Network Devices
Active Nets Technology Transfer through High-Performance Network DevicesActive Nets Technology Transfer through High-Performance Network Devices
Active Nets Technology Transfer through High-Performance Network Devices
Tal Lavian Ph.D.
 
SDN overview 2014
SDN overview 2014SDN overview 2014
SDN overview 2014
Dave Michels
 
Industrial Internet of Things: Protocols an Standards
Industrial Internet of Things: Protocols an StandardsIndustrial Internet of Things: Protocols an Standards
Industrial Internet of Things: Protocols an Standards
Javier Povedano
 
Integrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing PlatformsIntegrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing Platforms
Tal Lavian Ph.D.
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDN
NetCraftsmen
 
Open Networking
Open NetworkingOpen Networking
Open Networking
Tal Lavian Ph.D.
 

Recommended

Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Tal Lavian Ph.D.
 
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding EnginesEnabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Tal Lavian Ph.D.
 
Active Nets Technology Transfer through High-Performance Network Devices
Active Nets Technology Transfer through High-Performance Network DevicesActive Nets Technology Transfer through High-Performance Network Devices
Active Nets Technology Transfer through High-Performance Network Devices
Tal Lavian Ph.D.
 
SDN overview 2014
SDN overview 2014SDN overview 2014
SDN overview 2014
Dave Michels
 
Industrial Internet of Things: Protocols an Standards
Industrial Internet of Things: Protocols an StandardsIndustrial Internet of Things: Protocols an Standards
Industrial Internet of Things: Protocols an Standards
Javier Povedano
 
Integrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing PlatformsIntegrating Active Networking and Commercial-Grade Routing Platforms
Integrating Active Networking and Commercial-Grade Routing Platforms
Tal Lavian Ph.D.
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDN
NetCraftsmen
 
Open Networking
Open NetworkingOpen Networking
Open Networking
Tal Lavian Ph.D.
 
Embracing SDN in the Next Gen Network
Embracing SDN in the Next Gen NetworkEmbracing SDN in the Next Gen Network
Embracing SDN in the Next Gen Network
NetCraftsmen
 
DPDK Acceleration with Arkville
DPDK Acceleration with ArkvilleDPDK Acceleration with Arkville
DPDK Acceleration with Arkville
Shepard Siegel
 
Build Safe and Secure Distributed Systems
Build Safe and Secure Distributed Systems Build Safe and Secure Distributed Systems
Build Safe and Secure Distributed Systems
Real-Time Innovations (RTI)
 
Tutorial on SDN data plane evolution
Tutorial on SDN data plane evolutionTutorial on SDN data plane evolution
Tutorial on SDN data plane evolution
Antonio Capone
 
443029825 cloud-computing-week8-9-pptx
443029825 cloud-computing-week8-9-pptx443029825 cloud-computing-week8-9-pptx
443029825 cloud-computing-week8-9-pptx
Abdulqader Al-kaboudei
 
TechTalk: Connext DDS 5.2.
TechTalk: Connext DDS 5.2.TechTalk: Connext DDS 5.2.
TechTalk: Connext DDS 5.2.
Real-Time Innovations (RTI)
 
Software-Defined Networking: Evolution or Revolution?
Software-Defined Networking: Evolution or Revolution?Software-Defined Networking: Evolution or Revolution?
Software-Defined Networking: Evolution or Revolution?
Diego Kreutz
 
Software Defined Networks
Software Defined NetworksSoftware Defined Networks
Software Defined Networks
Shreeya Shah
 
Open Programmability
Open ProgrammabilityOpen Programmability
Open Programmability
Tal Lavian Ph.D.
 
Why sdn
Why sdnWhy sdn
Why sdn
lz1dsb
 
Software defined network and Virtualization
Software defined network and VirtualizationSoftware defined network and Virtualization
Software defined network and Virtualization
idrajeev
 
Weather Information System Airport and Decision Support (WISADS)
Weather Information System Airport and Decision Support (WISADS)Weather Information System Airport and Decision Support (WISADS)
Weather Information System Airport and Decision Support (WISADS)
Real-Time Innovations (RTI)
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDN
APNIC
 
Disaggregated Networking - The Drivers, the Software & The High Availability
Disaggregated Networking - The Drivers, the Software & The High AvailabilityDisaggregated Networking - The Drivers, the Software & The High Availability
Disaggregated Networking - The Drivers, the Software & The High Availability
Open Networking Summit
 
SDN Basics – What You Need to Know about Software-Defined Networking
SDN Basics – What You Need to Know about Software-Defined NetworkingSDN Basics – What You Need to Know about Software-Defined Networking
SDN Basics – What You Need to Know about Software-Defined Networking
SDxCentral
 
Is SDN Necessary?
Is SDN Necessary?Is SDN Necessary?
Is SDN Necessary?
Bruce Davie
 
P9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_finalP9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_final
Aamir Habib
 
Software defined networks and openflow protocol
Software defined networks and openflow protocolSoftware defined networks and openflow protocol
Software defined networks and openflow protocol
Mahesh Mohan
 
Tools and Platforms for OpenFlow/SDN
Tools and Platforms for OpenFlow/SDNTools and Platforms for OpenFlow/SDN
Tools and Platforms for OpenFlow/SDN
Umesh Krishnaswamy
 
Tackling 400 MHz Timing Closure
Tackling 400 MHz Timing ClosureTackling 400 MHz Timing Closure
Tackling 400 MHz Timing Closure
Shepard Siegel
 
Ordinanza punteruolo-rosso
Ordinanza punteruolo-rossoOrdinanza punteruolo-rosso
Ordinanza punteruolo-rosso
st3fy_182
 
10 Ways Municipal Gov Can Use Gov 2.0
10 Ways Municipal Gov Can Use Gov 2.010 Ways Municipal Gov Can Use Gov 2.0
10 Ways Municipal Gov Can Use Gov 2.0
GovLoop
 

More Related Content

What's hot

What's hot (20)

Embracing SDN in the Next Gen Network
Embracing SDN in the Next Gen NetworkEmbracing SDN in the Next Gen Network
Embracing SDN in the Next Gen Network
 
DPDK Acceleration with Arkville
DPDK Acceleration with ArkvilleDPDK Acceleration with Arkville
DPDK Acceleration with Arkville
 
Build Safe and Secure Distributed Systems
Build Safe and Secure Distributed Systems Build Safe and Secure Distributed Systems
Build Safe and Secure Distributed Systems
 
Tutorial on SDN data plane evolution
Tutorial on SDN data plane evolutionTutorial on SDN data plane evolution
Tutorial on SDN data plane evolution
 
443029825 cloud-computing-week8-9-pptx
443029825 cloud-computing-week8-9-pptx443029825 cloud-computing-week8-9-pptx
443029825 cloud-computing-week8-9-pptx
 
TechTalk: Connext DDS 5.2.
TechTalk: Connext DDS 5.2.TechTalk: Connext DDS 5.2.
TechTalk: Connext DDS 5.2.
 
Software-Defined Networking: Evolution or Revolution?
Software-Defined Networking: Evolution or Revolution?Software-Defined Networking: Evolution or Revolution?
Software-Defined Networking: Evolution or Revolution?
 
Software Defined Networks
Software Defined NetworksSoftware Defined Networks
Software Defined Networks
 
Open Programmability
Open ProgrammabilityOpen Programmability
Open Programmability
 
Why sdn
Why sdnWhy sdn
Why sdn
 
Software defined network and Virtualization
Software defined network and VirtualizationSoftware defined network and Virtualization
Software defined network and Virtualization
 
Weather Information System Airport and Decision Support (WISADS)
Weather Information System Airport and Decision Support (WISADS)Weather Information System Airport and Decision Support (WISADS)
Weather Information System Airport and Decision Support (WISADS)
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDN
 
Disaggregated Networking - The Drivers, the Software & The High Availability
Disaggregated Networking - The Drivers, the Software & The High AvailabilityDisaggregated Networking - The Drivers, the Software & The High Availability
Disaggregated Networking - The Drivers, the Software & The High Availability
 
SDN Basics – What You Need to Know about Software-Defined Networking
SDN Basics – What You Need to Know about Software-Defined NetworkingSDN Basics – What You Need to Know about Software-Defined Networking
SDN Basics – What You Need to Know about Software-Defined Networking
 
Is SDN Necessary?
Is SDN Necessary?Is SDN Necessary?
Is SDN Necessary?
 
P9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_finalP9 addressing signal_integrity_ in_ew_2015_final
P9 addressing signal_integrity_ in_ew_2015_final
 
Software defined networks and openflow protocol
Software defined networks and openflow protocolSoftware defined networks and openflow protocol
Software defined networks and openflow protocol
 
Tools and Platforms for OpenFlow/SDN
Tools and Platforms for OpenFlow/SDNTools and Platforms for OpenFlow/SDN
Tools and Platforms for OpenFlow/SDN
 
Tackling 400 MHz Timing Closure
Tackling 400 MHz Timing ClosureTackling 400 MHz Timing Closure
Tackling 400 MHz Timing Closure
 

Viewers also liked

Ordinanza punteruolo-rosso
Ordinanza punteruolo-rossoOrdinanza punteruolo-rosso
Ordinanza punteruolo-rosso
st3fy_182
 
12 121112 assoservizi-scale_portatili_dpi_linee_operative
12 121112 assoservizi-scale_portatili_dpi_linee_operative12 121112 assoservizi-scale_portatili_dpi_linee_operative
12 121112 assoservizi-scale_portatili_dpi_linee_operative
http://www.studioingvolpi.it
 
Livorno istruzioni imu
Livorno istruzioni imuLivorno istruzioni imu
Livorno istruzioni imu
pierpaolomeini
 
탐구모임 수정
탐구모임 수정탐구모임 수정
탐구모임 수정
yousc
 
Contratto preliminare e compravendita immobiliare
Contratto preliminare e compravendita immobiliareContratto preliminare e compravendita immobiliare
Contratto preliminare e compravendita immobiliare
morc74
 

Viewers also liked (10)

Ordinanza punteruolo-rosso
Ordinanza punteruolo-rossoOrdinanza punteruolo-rosso
Ordinanza punteruolo-rosso
 
10 Ways Municipal Gov Can Use Gov 2.0
10 Ways Municipal Gov Can Use Gov 2.010 Ways Municipal Gov Can Use Gov 2.0
10 Ways Municipal Gov Can Use Gov 2.0
 
12 121112 assoservizi-scale_portatili_dpi_linee_operative
12 121112 assoservizi-scale_portatili_dpi_linee_operative12 121112 assoservizi-scale_portatili_dpi_linee_operative
12 121112 assoservizi-scale_portatili_dpi_linee_operative
 
Livorno istruzioni imu
Livorno istruzioni imuLivorno istruzioni imu
Livorno istruzioni imu
 
Nar 01 2013
Nar 01 2013Nar 01 2013
Nar 01 2013
 
Denunce, multe e sequestri della Polizia Ambientale - Maggio 2013
Denunce, multe e sequestri della Polizia Ambientale - Maggio 2013Denunce, multe e sequestri della Polizia Ambientale - Maggio 2013
Denunce, multe e sequestri della Polizia Ambientale - Maggio 2013
 
Pr11141
Pr11141Pr11141
Pr11141
 
탐구모임 수정
탐구모임 수정탐구모임 수정
탐구모임 수정
 
Contratto preliminare e compravendita immobiliare
Contratto preliminare e compravendita immobiliareContratto preliminare e compravendita immobiliare
Contratto preliminare e compravendita immobiliare
 
EL HIPERTEXTO EDUCATIVO.
EL HIPERTEXTO EDUCATIVO.EL HIPERTEXTO EDUCATIVO.
EL HIPERTEXTO EDUCATIVO.
 

Similar to Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines

Edge Device Multi-unicasting for Video Streaming
Edge Device Multi-unicasting for Video StreamingEdge Device Multi-unicasting for Video Streaming
Edge Device Multi-unicasting for Video Streaming
Tal Lavian Ph.D.
 
Banv meetup 04162014
Banv meetup 04162014Banv meetup 04162014
Banv meetup 04162014
ozkan01
 
OpenDaylight-in-NextGenNetworkServices
OpenDaylight-in-NextGenNetworkServicesOpenDaylight-in-NextGenNetworkServices
OpenDaylight-in-NextGenNetworkServices
Charles Eckel
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networking
OpenSourceIndia
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networking
suniltomar04
 
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SAMeh Zaghloul
 

Similar to Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines (20)

Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding EnginesEnabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines
 
Open Networking through Programmability
Open Networking through ProgrammabilityOpen Networking through Programmability
Open Networking through Programmability
 
Software Innovations and Control Plane Evolution in the new SDN Transport Arc...
Software Innovations and Control Plane Evolution in the new SDN Transport Arc...Software Innovations and Control Plane Evolution in the new SDN Transport Arc...
Software Innovations and Control Plane Evolution in the new SDN Transport Arc...
 
Weaving the Future - Enable Networks to Be More Agile for Services
Weaving the Future - Enable Networks to Be More Agile for ServicesWeaving the Future - Enable Networks to Be More Agile for Services
Weaving the Future - Enable Networks to Be More Agile for Services
 
Edge Device Multi-unicasting for Video Streaming
Edge Device Multi-unicasting for Video StreamingEdge Device Multi-unicasting for Video Streaming
Edge Device Multi-unicasting for Video Streaming
 
Next Steps in the SDN/OpenFlow Network Innovation
Next Steps in the SDN/OpenFlow Network InnovationNext Steps in the SDN/OpenFlow Network Innovation
Next Steps in the SDN/OpenFlow Network Innovation
 
OVNC 2015-Enabling Software-Defined Transformation of Service Provider Networks
OVNC 2015-Enabling Software-Defined Transformation of Service Provider NetworksOVNC 2015-Enabling Software-Defined Transformation of Service Provider Networks
OVNC 2015-Enabling Software-Defined Transformation of Service Provider Networks
 
SDN - a new security paradigm?
SDN - a new security paradigm?SDN - a new security paradigm?
SDN - a new security paradigm?
 
Banv meetup 04162014
Banv meetup 04162014Banv meetup 04162014
Banv meetup 04162014
 
Software Define Network, a new security paradigm ?
Software Define Network, a new security paradigm ?Software Define Network, a new security paradigm ?
Software Define Network, a new security paradigm ?
 
07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...
07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...
07 (IDNOG02) SDN Research activity in Institut Teknologi Bandung by Affan Bas...
 
OpenFlow tutorial
OpenFlow tutorialOpenFlow tutorial
OpenFlow tutorial
 
OpenFlow Tutorial
OpenFlow TutorialOpenFlow Tutorial
OpenFlow Tutorial
 
Weaving the Future - Enable Networks to Be More Agile for Services
Weaving the Future - Enable Networks to Be More Agile for ServicesWeaving the Future - Enable Networks to Be More Agile for Services
Weaving the Future - Enable Networks to Be More Agile for Services
 
OpenDaylight-in-NextGenNetworkServices
OpenDaylight-in-NextGenNetworkServicesOpenDaylight-in-NextGenNetworkServices
OpenDaylight-in-NextGenNetworkServices
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1
 
100 ngn workshop-sdn-english-v4
100 ngn workshop-sdn-english-v4100 ngn workshop-sdn-english-v4
100 ngn workshop-sdn-english-v4
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networking
 
Naveen nimmu sdn future of networking
Naveen nimmu sdn future of networkingNaveen nimmu sdn future of networking
Naveen nimmu sdn future of networking
 
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014
 

More from Tal Lavian Ph.D.

Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
Tal Lavian Ph.D.
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
Tal Lavian Ph.D.
 
Photonic line sharing for high-speed routers
Photonic line sharing for high-speed routersPhotonic line sharing for high-speed routers
Photonic line sharing for high-speed routers
Tal Lavian Ph.D.
 
Systems and methods to support sharing and exchanging in a network
Systems and methods to support sharing and exchanging in a networkSystems and methods to support sharing and exchanging in a network
Systems and methods to support sharing and exchanging in a network
Tal Lavian Ph.D.
 
Systems and methods for visual presentation and selection of IVR menu
Systems and methods for visual presentation and selection of IVR menuSystems and methods for visual presentation and selection of IVR menu
Systems and methods for visual presentation and selection of IVR menu
Tal Lavian Ph.D.
 
Grid proxy architecture for network resources
Grid proxy architecture for network resourcesGrid proxy architecture for network resources
Grid proxy architecture for network resources
Tal Lavian Ph.D.
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
Tal Lavian Ph.D.
 
Systems and methods for electronic communications
Systems and methods for electronic communicationsSystems and methods for electronic communications
Systems and methods for electronic communications
Tal Lavian Ph.D.
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
Tal Lavian Ph.D.
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
Tal Lavian Ph.D.
 
Radar target detection system for autonomous vehicles with ultra-low phase no...
Radar target detection system for autonomous vehicles with ultra-low phase no...Radar target detection system for autonomous vehicles with ultra-low phase no...
Radar target detection system for autonomous vehicles with ultra-low phase no...
Tal Lavian Ph.D.
 
Grid proxy architecture for network resources
Grid proxy architecture for network resourcesGrid proxy architecture for network resources
Grid proxy architecture for network resources
Tal Lavian Ph.D.
 
Method and apparatus for scheduling resources on a switched underlay network
Method and apparatus for scheduling resources on a switched underlay networkMethod and apparatus for scheduling resources on a switched underlay network
Method and apparatus for scheduling resources on a switched underlay network
Tal Lavian Ph.D.
 
Method and apparatus for using a command design pattern to access and configu...
Method and apparatus for using a command design pattern to access and configu...Method and apparatus for using a command design pattern to access and configu...
Method and apparatus for using a command design pattern to access and configu...
Tal Lavian Ph.D.
 
Reliable rating system and method thereof
Reliable rating system and method thereofReliable rating system and method thereof
Reliable rating system and method thereof
Tal Lavian Ph.D.
 
Time variant rating system and method thereof
Time variant rating system and method thereofTime variant rating system and method thereof
Time variant rating system and method thereof
Tal Lavian Ph.D.
 
Systems and methods for visual presentation and selection of ivr menu
Systems and methods for visual presentation and selection of ivr menuSystems and methods for visual presentation and selection of ivr menu
Systems and methods for visual presentation and selection of ivr menu
Tal Lavian Ph.D.
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
Tal Lavian Ph.D.
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
Tal Lavian Ph.D.
 

More from Tal Lavian Ph.D. (20)

Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
 
Photonic line sharing for high-speed routers
Photonic line sharing for high-speed routersPhotonic line sharing for high-speed routers
Photonic line sharing for high-speed routers
 
Systems and methods to support sharing and exchanging in a network
Systems and methods to support sharing and exchanging in a networkSystems and methods to support sharing and exchanging in a network
Systems and methods to support sharing and exchanging in a network
 
Systems and methods for visual presentation and selection of IVR menu
Systems and methods for visual presentation and selection of IVR menuSystems and methods for visual presentation and selection of IVR menu
Systems and methods for visual presentation and selection of IVR menu
 
Grid proxy architecture for network resources
Grid proxy architecture for network resourcesGrid proxy architecture for network resources
Grid proxy architecture for network resources
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
 
Systems and methods for electronic communications
Systems and methods for electronic communicationsSystems and methods for electronic communications
Systems and methods for electronic communications
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
 
Radar target detection system for autonomous vehicles with ultra-low phase no...
Radar target detection system for autonomous vehicles with ultra-low phase no...Radar target detection system for autonomous vehicles with ultra-low phase no...
Radar target detection system for autonomous vehicles with ultra-low phase no...
 
Grid proxy architecture for network resources
Grid proxy architecture for network resourcesGrid proxy architecture for network resources
Grid proxy architecture for network resources
 
Method and apparatus for scheduling resources on a switched underlay network
Method and apparatus for scheduling resources on a switched underlay networkMethod and apparatus for scheduling resources on a switched underlay network
Method and apparatus for scheduling resources on a switched underlay network
 
Dynamic assignment of traffic classes to a priority queue in a packet forward...
Dynamic assignment of traffic classes to a priority queue in a packet forward...Dynamic assignment of traffic classes to a priority queue in a packet forward...
Dynamic assignment of traffic classes to a priority queue in a packet forward...
 
Method and apparatus for using a command design pattern to access and configu...
Method and apparatus for using a command design pattern to access and configu...Method and apparatus for using a command design pattern to access and configu...
Method and apparatus for using a command design pattern to access and configu...
 
Reliable rating system and method thereof
Reliable rating system and method thereofReliable rating system and method thereof
Reliable rating system and method thereof
 
Time variant rating system and method thereof
Time variant rating system and method thereofTime variant rating system and method thereof
Time variant rating system and method thereof
 
Systems and methods for visual presentation and selection of ivr menu
Systems and methods for visual presentation and selection of ivr menuSystems and methods for visual presentation and selection of ivr menu
Systems and methods for visual presentation and selection of ivr menu
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
 
Ultra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizerUltra low phase noise frequency synthesizer
Ultra low phase noise frequency synthesizer
 

Recently uploaded

一比一定(购)坎特伯雷大学毕业证(UC毕业证)成绩单学位证
一比一定(购)坎特伯雷大学毕业证(UC毕业证)成绩单学位证一比一定(购)坎特伯雷大学毕业证(UC毕业证)成绩单学位证
一比一定(购)坎特伯雷大学毕业证(UC毕业证)成绩单学位证
wpkuukw
 
In Riyadh Saudi Arabia |+966572737505 | Buy Cytotec| Get Abortion pills
In Riyadh Saudi Arabia |+966572737505 | Buy Cytotec| Get Abortion pillsIn Riyadh Saudi Arabia |+966572737505 | Buy Cytotec| Get Abortion pills
In Riyadh Saudi Arabia |+966572737505 | Buy Cytotec| Get Abortion pills
Abortion pills in Riyadh +966572737505 get cytotec
 
怎样办理维多利亚大学毕业证(UVic毕业证书)成绩单留信认证
怎样办理维多利亚大学毕业证(UVic毕业证书)成绩单留信认证怎样办理维多利亚大学毕业证(UVic毕业证书)成绩单留信认证
怎样办理维多利亚大学毕业证(UVic毕业证书)成绩单留信认证
tufbav
 
Abortion Pill for sale in Riyadh ((+918761049707) Get Cytotec in Dammam
Abortion Pill for sale in Riyadh ((+918761049707) Get Cytotec in DammamAbortion Pill for sale in Riyadh ((+918761049707) Get Cytotec in Dammam
Abortion Pill for sale in Riyadh ((+918761049707) Get Cytotec in Dammam
ahmedjiabur940
 
一比一定(购)国立南方理工学院毕业证(Southern毕业证)成绩单学位证
一比一定(购)国立南方理工学院毕业证(Southern毕业证)成绩单学位证一比一定(购)国立南方理工学院毕业证(Southern毕业证)成绩单学位证
一比一定(购)国立南方理工学院毕业证(Southern毕业证)成绩单学位证
wpkuukw
 
Abort pregnancy in research centre+966_505195917 abortion pills in Kuwait cyt...
Abort pregnancy in research centre+966_505195917 abortion pills in Kuwait cyt...Abort pregnancy in research centre+966_505195917 abortion pills in Kuwait cyt...
Abort pregnancy in research centre+966_505195917 abortion pills in Kuwait cyt...
drmarathore
 
在线办理(scu毕业证)南十字星大学毕业证电子版学位证书注册证明信
在线办理(scu毕业证)南十字星大学毕业证电子版学位证书注册证明信在线办理(scu毕业证)南十字星大学毕业证电子版学位证书注册证明信
在线办理(scu毕业证)南十字星大学毕业证电子版学位证书注册证明信
oopacde
 
Low Cost Patna Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class Call Gi...
Low Cost Patna Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class Call Gi...Low Cost Patna Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class Call Gi...
Low Cost Patna Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class Call Gi...
vershagrag
 
Abortion pills in Dammam +966572737505 Buy Cytotec
Abortion pills in Dammam +966572737505 Buy CytotecAbortion pills in Dammam +966572737505 Buy Cytotec
Abortion pills in Dammam +966572737505 Buy Cytotec
Abortion pills in Riyadh +966572737505 get cytotec
 
怎样办理昆士兰大学毕业证(UQ毕业证书)成绩单留信认证
怎样办理昆士兰大学毕业证(UQ毕业证书)成绩单留信认证怎样办理昆士兰大学毕业证(UQ毕业证书)成绩单留信认证
怎样办理昆士兰大学毕业证(UQ毕业证书)成绩单留信认证
ehyxf
 
CRISIS COMMUNICATION presentation=-Rishabh(11195)-group ppt (4).pptx
CRISIS COMMUNICATION presentation=-Rishabh(11195)-group ppt (4).pptxCRISIS COMMUNICATION presentation=-Rishabh(11195)-group ppt (4).pptx
CRISIS COMMUNICATION presentation=-Rishabh(11195)-group ppt (4).pptx
Rishabh332761
 
Top profile Call Girls In Udgir [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Udgir [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Udgir [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Udgir [ 7014168258 ] Call Me For Genuine Models We ...
gajnagarg
 
Abortion pills in Jeddah |+966572737505 | Get Cytotec
Abortion pills in Jeddah |+966572737505 | Get CytotecAbortion pills in Jeddah |+966572737505 | Get Cytotec
Abortion pills in Jeddah |+966572737505 | Get Cytotec
Abortion pills in Riyadh +966572737505 get cytotec
 
一比一原版(Otago毕业证书)奥塔哥理工学院毕业证成绩单学位证靠谱定制
一比一原版(Otago毕业证书)奥塔哥理工学院毕业证成绩单学位证靠谱定制一比一原版(Otago毕业证书)奥塔哥理工学院毕业证成绩单学位证靠谱定制
一比一原版(Otago毕业证书)奥塔哥理工学院毕业证成绩单学位证靠谱定制
uodye
 
一比一定(购)新西兰林肯大学毕业证(Lincoln毕业证)成绩单学位证
一比一定(购)新西兰林肯大学毕业证(Lincoln毕业证)成绩单学位证一比一定(购)新西兰林肯大学毕业证(Lincoln毕业证)成绩单学位证
一比一定(购)新西兰林肯大学毕业证(Lincoln毕业证)成绩单学位证
wpkuukw
 
Hilti's Latest Battery - Hire Depot.pptx
Hilti's Latest Battery - Hire Depot.pptxHilti's Latest Battery - Hire Depot.pptx
Hilti's Latest Battery - Hire Depot.pptx
hiredepot6
 
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
uodye
 
Jual Obat Aborsi Samarinda ( No.1 ) 088980685493 Obat Penggugur Kandungan Cy...
Jual Obat Aborsi Samarinda ( No.1 ) 088980685493 Obat Penggugur Kandungan Cy...Jual Obat Aborsi Samarinda ( No.1 ) 088980685493 Obat Penggugur Kandungan Cy...
Jual Obat Aborsi Samarinda ( No.1 ) 088980685493 Obat Penggugur Kandungan Cy...
Obat Aborsi 088980685493 Jual Obat Aborsi
 

Recently uploaded (20)

一比一定(购)坎特伯雷大学毕业证(UC毕业证)成绩单学位证
一比一定(购)坎特伯雷大学毕业证(UC毕业证)成绩单学位证一比一定(购)坎特伯雷大学毕业证(UC毕业证)成绩单学位证
一比一定(购)坎特伯雷大学毕业证(UC毕业证)成绩单学位证
 
Abortion pills in Jeddah +966572737505 <> buy cytotec <> unwanted kit Saudi A...
Abortion pills in Jeddah +966572737505 <> buy cytotec <> unwanted kit Saudi A...Abortion pills in Jeddah +966572737505 <> buy cytotec <> unwanted kit Saudi A...
Abortion pills in Jeddah +966572737505 <> buy cytotec <> unwanted kit Saudi A...
 
In Riyadh Saudi Arabia |+966572737505 | Buy Cytotec| Get Abortion pills
In Riyadh Saudi Arabia |+966572737505 | Buy Cytotec| Get Abortion pillsIn Riyadh Saudi Arabia |+966572737505 | Buy Cytotec| Get Abortion pills
In Riyadh Saudi Arabia |+966572737505 | Buy Cytotec| Get Abortion pills
 
怎样办理维多利亚大学毕业证(UVic毕业证书)成绩单留信认证
怎样办理维多利亚大学毕业证(UVic毕业证书)成绩单留信认证怎样办理维多利亚大学毕业证(UVic毕业证书)成绩单留信认证
怎样办理维多利亚大学毕业证(UVic毕业证书)成绩单留信认证
 
Abortion Pill for sale in Riyadh ((+918761049707) Get Cytotec in Dammam
Abortion Pill for sale in Riyadh ((+918761049707) Get Cytotec in DammamAbortion Pill for sale in Riyadh ((+918761049707) Get Cytotec in Dammam
Abortion Pill for sale in Riyadh ((+918761049707) Get Cytotec in Dammam
 
一比一定(购)国立南方理工学院毕业证(Southern毕业证)成绩单学位证
一比一定(购)国立南方理工学院毕业证(Southern毕业证)成绩单学位证一比一定(购)国立南方理工学院毕业证(Southern毕业证)成绩单学位证
一比一定(购)国立南方理工学院毕业证(Southern毕业证)成绩单学位证
 
Abort pregnancy in research centre+966_505195917 abortion pills in Kuwait cyt...
Abort pregnancy in research centre+966_505195917 abortion pills in Kuwait cyt...Abort pregnancy in research centre+966_505195917 abortion pills in Kuwait cyt...
Abort pregnancy in research centre+966_505195917 abortion pills in Kuwait cyt...
 
在线办理(scu毕业证)南十字星大学毕业证电子版学位证书注册证明信
在线办理(scu毕业证)南十字星大学毕业证电子版学位证书注册证明信在线办理(scu毕业证)南十字星大学毕业证电子版学位证书注册证明信
在线办理(scu毕业证)南十字星大学毕业证电子版学位证书注册证明信
 
Low Cost Patna Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class Call Gi...
Low Cost Patna Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class Call Gi...Low Cost Patna Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class Call Gi...
Low Cost Patna Call Girls Service Just Call 🍑👄6378878445 🍑👄 Top Class Call Gi...
 
Abortion pills in Dammam +966572737505 Buy Cytotec
Abortion pills in Dammam +966572737505 Buy CytotecAbortion pills in Dammam +966572737505 Buy Cytotec
Abortion pills in Dammam +966572737505 Buy Cytotec
 
怎样办理昆士兰大学毕业证(UQ毕业证书)成绩单留信认证
怎样办理昆士兰大学毕业证(UQ毕业证书)成绩单留信认证怎样办理昆士兰大学毕业证(UQ毕业证书)成绩单留信认证
怎样办理昆士兰大学毕业证(UQ毕业证书)成绩单留信认证
 
CRISIS COMMUNICATION presentation=-Rishabh(11195)-group ppt (4).pptx
CRISIS COMMUNICATION presentation=-Rishabh(11195)-group ppt (4).pptxCRISIS COMMUNICATION presentation=-Rishabh(11195)-group ppt (4).pptx
CRISIS COMMUNICATION presentation=-Rishabh(11195)-group ppt (4).pptx
 
Top profile Call Girls In Udgir [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Udgir [ 7014168258 ] Call Me For Genuine Models We ...Top profile Call Girls In Udgir [ 7014168258 ] Call Me For Genuine Models We ...
Top profile Call Girls In Udgir [ 7014168258 ] Call Me For Genuine Models We ...
 
Abortion pills in Jeddah |+966572737505 | Get Cytotec
Abortion pills in Jeddah |+966572737505 | Get CytotecAbortion pills in Jeddah |+966572737505 | Get Cytotec
Abortion pills in Jeddah |+966572737505 | Get Cytotec
 
一比一原版(Otago毕业证书)奥塔哥理工学院毕业证成绩单学位证靠谱定制
一比一原版(Otago毕业证书)奥塔哥理工学院毕业证成绩单学位证靠谱定制一比一原版(Otago毕业证书)奥塔哥理工学院毕业证成绩单学位证靠谱定制
一比一原版(Otago毕业证书)奥塔哥理工学院毕业证成绩单学位证靠谱定制
 
Point of Care Testing in clinical laboratory
Point of Care Testing in clinical laboratoryPoint of Care Testing in clinical laboratory
Point of Care Testing in clinical laboratory
 
一比一定(购)新西兰林肯大学毕业证(Lincoln毕业证)成绩单学位证
一比一定(购)新西兰林肯大学毕业证(Lincoln毕业证)成绩单学位证一比一定(购)新西兰林肯大学毕业证(Lincoln毕业证)成绩单学位证
一比一定(购)新西兰林肯大学毕业证(Lincoln毕业证)成绩单学位证
 
Hilti's Latest Battery - Hire Depot.pptx
Hilti's Latest Battery - Hire Depot.pptxHilti's Latest Battery - Hire Depot.pptx
Hilti's Latest Battery - Hire Depot.pptx
 
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
一比一原版(USYD毕业证书)澳洲悉尼大学毕业证如何办理
 
Jual Obat Aborsi Samarinda ( No.1 ) 088980685493 Obat Penggugur Kandungan Cy...
Jual Obat Aborsi Samarinda ( No.1 ) 088980685493 Obat Penggugur Kandungan Cy...Jual Obat Aborsi Samarinda ( No.1 ) 088980685493 Obat Penggugur Kandungan Cy...
Jual Obat Aborsi Samarinda ( No.1 ) 088980685493 Obat Penggugur Kandungan Cy...
 

Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines

  • 1. Enabling Active Flow Manipulation In Silicon-based Network Forwarding Engines Tal Lavian - tlavian@ieee.org Phil Wang, Ramesh Durairaj, Jennifer Rasimas, Doan Hoang, Franco Travostino. Nortel Networks, Advanced Technology Labs Open Source - http://www.openetlab.org May 28-29, 2002 1 DANCE Exposition
  • 2. • AN technology Transfer • Issues in the realization of AN technologies • Main contributions of the paper. • Commercial Active Services Platform • Application Example 1 – SSL • Application Example 2 – ASF • A Demo Application • Next Generation Active Services Platform • Conclusion May 28-29, 2002 2 Outline of the talk DANCE Exposition
  • 3. May 28-29, 2002 3 AN Technology Transfer Great Ideas Usable/Realizable Mechanisms/Products DANCE Exposition Active Nets Community Active Nets Community Active Nets Ideas Active Nets Ideas Real Active Services Products Realistic Internet Mechanisms Scan the technology horizon
  • 4. May 28-29, 2002 4 Any AN products? DANCE Exposition Active Nets Community Active Nets Community Active Nets Ideas Active Nets Ideas Realistic Mechanisms Experimental/Laboratory Platforms Commercial Active Services Platform? ? Nortel Networks Active Services Products SSSSLL AASSFF IDIDSS VVPPNN Scan the technology horizon
  • 5. Great Active Nets CCoommmmuunniittyy SSoolluuttiioonnss • Active networks (AN) approach opens an exciting opportunity for individual applications to define the service provided by the network through programmability. • Active Networks technologies expose a novel approach that allows customer value-added services to be introduced to the network “on-the-fly”. • Active Nets program has produced a new network platform flexible and extensible at runtime to accommodate the rapid evolution and deployment of network technologies. • The exciting opportunity exists for network service providers and third parties, not just the network device providers, to program the network infrastructure and services. May 28-29, 2002 5 DANCE Exposition
  • 6. Lack of industrial-strength Active Network devices that dispel major concerns: May 28-29, 2002 6 DANCE Exposition AANN iissssuueess • AN requires substantial supports from a NOS • AN introduces substantial software component, hence delay on the data path • AN lacks adequate measures to addressing integrity and security of network devices.
  • 7. May 28-29, 2002 7 Main contributions of the paper • Active Flow Manipulation Concept DANCE Exposition — Flow abstraction — Actions on Flows — Control/Data separation • Openet Platform — Commercial Network Devices — Runtime Environment — Active Services • Applications
  • 8. May 28-29, 2002 8 Active Flow Manipulation DANCE Exposition Forwarding Processor Forwarding Processor Packet Policy Filters AFM Packet Filte r Packet Action • A key enabling technology of Openet • Two abstractions — Primitive flows — Primitive actions • Customer network services exercise active network control — Identifying specific flows — Apply actions to alter network behavior in real-time
  • 9. Dynamic L2-L7 Filtering Active Flow Manipulation May 28-29, 2002 9 DANCE Exposition L2-L7 Filtering Capability • Source Address • Source Port • Destination Address • Destination Port • Protocol • VLAN • Diffserv Code Points • Content Filtering • Cookies Filtering • Flow redirection • Stop/Forward flow • Change DSCP field • Set VLAN priority • Adjust priority queue • Modify session table • Parsing request header • Parsing application contents
  • 10. May 28-29, 2002 10 Openet: An active service platform User Oplets ORE JFWD CPU JNI/Native Code Monitor status DANCE Exposition JVM MEM … Filtered packets New forwarding rules Forwarding Engine OpletService, Shell, Logger Jcapture, HTTP, IpPacket Standard Services ANTS Application services Firewall, DiffServ Function Services Control Plane Data Plane
  • 11. Openet Alteon Active Services Platform = A Powerful Platform for AN Technologies Transfer May 28-29, 2002 11 DANCE Exposition • A powerful and extensible control and computational plane — Partitioning hardware/software resources — Active service enabling — Content filtering in real-time — Active services accommodation Optical Wireless Active Services router Content gateway Edge Device Content Aware Computation Power Dynamic Service Enabling
  • 12. Nortel Networks’ contributions to Active Services • Practical Active Services Architecture on real network device. • First Commercial Active Services platform. — ASF - Product — SSL – Product — Open Active Architecture for more product — Alteon+iSD as a research platform — L3 programmable routing switch PP8600 – used by research community — Photonic Switch – Early prototype — Active VPN – Carrier A — Active fault diagnostic – Carrier A — Active SLA reliability — Active Extranet on Demand – CeNTIE- Media post production industry — Early stages in disaster recovery and fault tolerant networks May 28-29, 2002 12 • Identify Active applications (More than Ping ) DANCE Exposition
  • 13. Strong computation power inside Computation May 28-29, 2002 13 network device. AActcitviev eS eSrevrivciecse sP Plaltaftofromrm AActcitviev eS eSrevrivciecse sP Plaltaftofromrm AActcitviev eS eSrevrivciecse sP Plaltaftofromrm Active Services Platform Intercepts selected flows and performs intelligent processing based on L2- L7 filtering Users Servers The emphasis is on interception and processing transparently. Entities at both ends may not be aware of the existence of the Alteon in the path DANCE Exposition Forwarding Up to 256 Linux based engines
  • 14. This slide is from the official product literature!!! May 28-29, 2002 14 Active Service – Example 1 ASF – Alteon Switched Firewall A Real Product DANCE Exposition
  • 15. Runtime Environment For Active Services May 28-29, 2002 15 Alteon Switched Firewall (ASF) A Real Product Active Services Download DANCE Exposition Servers AFM Action on the data Flow AFM Flow (Req.) Selection data for the session 1 1st pkt Active Service: Policy Checking 2 Data
  • 16. May 28-29, 2002 16 Alteon Switched Firewall (ASF) A Real Product Active Services Download 3 Active Service: Policy Checking DANCE Exposition 1 1st pkt 1 Add 1 Conn. 2 Data for the session accelerated Delete Conn. after UDP timeout if session is inactive Servers AFM Flow Selection AFM Action on the Flow Runtime Environment For Active Services
  • 17. May 28-29, 2002 17 Secure XL & NAAP in Action TCP session Alteon Switched Firewall (ASF) 5 Update Conn. DANCE Exposition 1 SYN Policy Check 1 1 Add Conn. (F2F) 1 2 SYN/ACK 3 Update Conn. 6 4 TCP 3-way handshake complete, data for the session accelerated 5 FIN-1 6 FIN-2 7 ACK Update Conn. Delete Conn. 7 Clients Servers 3 ACK (TCP 3-way handshake complete)
  • 18. AFS as an Active Service Technology • The Alteon selectively redirects new connection requests to the Alteon Switched Firewall Director to perform policy checking. • The Director runs the Check Point FireWall-1 engine as an Active Service. • The Active Service manages the connection table, specifies rules for handling packets in the session, passes the connection table to the Alteon Switched Accelerator. • 90% of traffic is accelerated, supporting a throughput of 3.2 Gbps. May 28-29, 2002 18 DANCE Exposition
  • 19. This slide is from the official product literature!!! • Client sends an HTTPS request • Switch redirects request on port 443 to iSD-SSL • iSD-SSL completes SSL handshake • iSD-SSL initiates HTTP connection to server on port 80 • Switch selects real server based on configured LB policy • Server responds to HTTP request and replies to the iSD-SSL • iSD-SSL encrypts session and sends HTTPS response to client HTTPS, SMTP-S, POP3-S and IMAP-S services May 28-29, 2002 19 SSL Acceleration How Does the iiSSDD--SSSSLL AAcccceelleerraattoorr wwoorrkk?? DANCE Exposition
  • 20. Active Services Download Runtime Environment May 28-29, 2002 20 SSL Acceleration Cont Encrypt Decrypt Server DANCE Exposition Servers Policy Check Conn. Splice Selection AFM Action on the data Flow AFM Flow (Req.) Selection data for the session accelerated For Active Services Data Accelar
  • 21. On the Horizon: Alteon Security Cluster Acceleration and intelligent integration of security applications Single point of secure central management IDS IDS URL Filtering Virus Scan Nortel Appliance Acceleration Protocol (Enables application control of switch sessions) May 28-29, 2002 21 BBI, CLI, SSI, Plug and Play DANCE Exposition Application Plane Security Appliance NAAP Control Plane Controller of accelerated sessions Management Plane IDS IDS IDS Fir Fi Firewall SSL SSL SSL Security Accelerator Data Plane Switch based acceleration of session data Fir Fi VPNs SSL SSL
  • 22. May 28-29, 2002 22 SSL FW VPN IDS Virus Scanning Intelligent Flow Management DANCE Exposition Security Cluster Application Clusters Security Dashboard URL SSL FW VPN IDS Virus Filtering Scanning URL SSL FW VPN IDS Virus Filtering Scanning URL SSL FW VPN IDS Virus Filtering Scanning URL SSL FW VPN IDS Virus Filtering Scanning URL SSL FW VPN IDS Virus Filtering Scanning URL Filtering
  • 23. May 28-29, 2002 23 Disaster Recovery Demonstration DANCE Exposition • Early Prototype
  • 24. NAS NAS May 28-29, 2002 24 Disaster Recovery concept Active Services on 10GE All-Optical Switch Nortel’s Active Services DANCE Exposition Control Mesg 8600 NAS 8600 Photonic Switch Prototype 8600 10G 10G 10G NAS 1G 1G 1G A B C D X Y Z B2 B3 Alteon Alteon Alteon EvaQ8 OG - 1 EvaQ8 OG -2 EvaQ8 OG - 3 1. Normal App flow : Client X -> Server Z 2. Disaster Strikes at Location Z 3. EvaQ8 OG 3 sends a signal to OG1 4. OG1 instructs Photonic Switch to connect B2 & B3 ; Server Z and Server Y data syncd 5. On successful sync, OG2 instructs Photonic switch to connect B1->B2. 6. Service Restored for Client X ->server Y Disaster Event/ Environ. Sensor B1 Control Mesg NAS NAS
  • 25. Active Services Download Runtime Environment May 28-29, 2002 25 A Disaster Discovery Application DANCE Exposition Policy Check Service Oplet Management Action AFM Flow (Req.) Connection Setup Selection data transfer between centers For Active Services Event Request Control Plane ATI Photonic Switch
  • 26. Service-centric Active Nets Platform May 28-29, 2002 26 What after next? DANCE Exposition Manage Service Enabling SERVICES Control Matching Impedance Intra-Service Comm Security • Service Enabling API • Control API • Impedance Matching API • Security API • Management API • Intra-service Communications API
  • 27. May 28-29, 2002 27 DANCE Exposition AN Collaboration: CeNTIE – CSRIO-Nortel Tele-Health Focus Group • Royal Australian College of Surgeons • Medic Vision • University of Sydney • NSW Health • Royal Prince Alfred • Interactive Virtual Environment Centre (IVEC). • Centre for Medical and Surgical Skills (CTEC). Media Systems Focus Group • Fox Studios • Animal Logic • GMD • Ambience • Film Industry Broadband Resource Enterprise (FIBRE) • WAM!NET • Australian Broadcasting Corporation (ABC) • ScreenWest Center for Networking Technologies for Information Economy (CeNTIE) - a CSIRO-led consortium including Nortel Networks, Amcom Telecommunications, the UNSW, UTS and the WA Interactive Virtual Environments Centre (IVEC). www.centie.net
  • 28. • A major Carrier is interested in some aspects of the research and technologies incubated by the AN community  • The main value is to role out new services – and fast — Active VPN — Active Fault diagnostic • Unfortunately - the current market condition slowed down the interest (great direction – but no money now)  May 28-29, 2002 28 1st Expl: Collaboration with a Major Carrier DANCE Exposition
  • 29. Summary of Our Work • We have inspired ourselves to active networks concepts • Demonstrate Active Networks technology transfer through Nortel Active Services platform. • We have implemented programmable Gigabit Routing Switch (backplane 256 Gbs) • Active Services in the control plane (slows down in the data plane) May 28-29, 2002 29 — New Active Services platform: Openet + Alteon + iSD DANCE Exposition — AFM abstraction • Capable of dynamic monitoring and modification of silicon knobs — The granularity is streams and not packets — Short time granularity (part of apps and not human intervention, keyboard, telnet, cli, snmp)
  • 30. programmable network device to handle Infinite Bandwidth resources, Wire speed routing capability, and nontrivial Streaming media application. • Important next step is the development of a Service-centric Active Services Platform. May 28-29, 2002 30 Summary of Our Our Work (cont.) • Enabling New Types of intelligence on DANCE Exposition
  • 31. OpenetLab – Nortel Networks: http://www.openetlab.org/ May 28-29, 2002 31 QQ&&AA DANCE Exposition
  • 32. May 28-29, 2002 32 Client And Server Authentication DANCE Exposition 1 User opens session 2 Sends server certificate Requests client certificate 3 Serves request/response 7 Send encrypted data to back 6 end Validates the client certificate info. 5 Private key Confidential 4 Client sends the certificate with public key Public key Published
  • 33. Strong computation power inside network device. Load balance of iSDs (and servers) May 28-29, 2002 33 iSD iSD iSD iSD DANCE Exposition User connections Intelligent Processing such As Load Balancing, Optimizing Bandwidth, Specialized services Server Server Server Server Server Server Balancing servers Connections terminate at the Alteon Balancing iSDs Balancing can be based on •load, or •Functionality Powerful generic processors do not have the filtering capability of the Alteon. That is if they have to do the same thing as the Alteons, they have to do filtering in software, hence slow. •An API is needed for exploring this filtering capacity
  • 34. May 28-29, 2002 34 Content Re-route Optical Ring DANCE Exposition Mirror Server Data Server • Resource optimization (route 2) — Alternative lightpath • Route to mirror sites (route 3) — Lightpath setup failed — Load balancing — Long response time – Congestion – Fault Route 1 Route 2 Route 3

Editor's Notes

  1. Here is the outline of the talk. First I will identify several driving forces that led us in this direction of programmable networking Next, I review some basic functionality of a routing network element. Then I introduce our idea when we develop the AFM concept I will describe a framework for which AFM can be applied I will also describe several relevant examples using AFM and the platform Finally I conclude with a hint of what we go from here.
  2. To me as a researcher : to be able to implement several of our new congestion control algorithms on a real router. For Nortel Networks (if I am not wrong): potential revenue generating direction by inventing and developing advanced technology/ By looking at the Internet from users’ perspective, service providers’ perspective and network providers’ perspective, we have identified several driving forces that steered us in this direction of research: Users want intelligent services Service providers want to differentiate their service and offer new services in: time to market, flexibility and by managing their services Network Providers want to manage their services efficiently and economically. They want to sell, lease their resources at premium price. They want to sell bandwidth on-demand, etc.
  3. To me as a researcher : to be able to implement several of our new congestion control algorithms on a real router. For Nortel Networks (if I am not wrong): potential revenue generating direction by inventing and developing advanced technology/ By looking at the Internet from users’ perspective, service providers’ perspective and network providers’ perspective, we have identified several driving forces that steered us in this direction of research: Users want intelligent services Service providers want to differentiate their service by QoS, time to market, flexibility in managing their services Network Providers want to manage their services efficiently and economically. They want to sell, lease their resources at premium price. They want to sell bandwidth on-demand, etc.
  4. Above all we need programmability in network devices for introducing, enabling all kinds of intelligent services. What we need : a framework, a platform independent API.
  5. Database of what to be done based on SLA Database of possible filters of interests AFM defines a set of primitive flows and operation to obtain composite flows AFM defines a set of primitive actions Flow and Action can form an algebra in the most general sense. One can actually design machine with this algebra. The main interest is in identifying specific flows and applying actions to alter the behaviour in real-time.
  6. iSD acts as a transparent proxy; source IP addresses are preserved. Not only does it work with HTTP type of traffic but it can now also handle other protocols: Additional (besides HTTPS) virtual servers for SMTP-S and POP3-S and IMAP-S services are created. Each virtual SSL server listens to a specific TCP port and is mapped to a virtual (VIP) on the Web switch. Each server must be assigned a unique number.
  7. Key hardware components – Alteon ASIC HW fabric and the iSD platform NAAP – Patent pending interconnect technology – more details on the next slide ISD – a 1u high Linux based platform that runs our version of Linux that is hardened for security applications The application plane – Run a variety of security applications. Deploy capacity for today’s needs, and scale up as your needs grow. Solution can be scaled by adding more iSDs running the desired application in a plug and play fashion. Power on an iSD and connect it to the accelerator and the iSD gets auto-configured and you have added capacity online in a matter of minutes. Today we have SSL and Firewall, we have plans for IDS and other complementary security apps in 2002 Unified management – both the iSD and the accelerator platforms get configured from a single interface – user has the choice of CLI or a browser based interface (BBI). SNMP agent. Support secure interfaces for management – SSL, SSH etc.
  8. Tele-Health user information: Medic Vision – an Australian organisation that commercializes Tele-Health applications (e.g. robotics) University of Sydney: Chris Liddle (Doctorate of Pharmecology). Interest lies in Information Technology as it applies to health initiatives. NSW Health: Representation from the group involved with Tele-health initiatives. Royal Prince Alfred: IVEC: organisations including CSIRO, University of Western Australia, Curtin University of Technology, Central TAFE. Media Systems Information about user groups Animal Logic: film Industry adds special effects. GMD Ambience: FIBRE: WAM!NET: ABC ScreenWest: constorium of companies based in Western Australia that work on film industry related activities.
  9. This slide describes how the authentication is performed with an Alteon SSL Acceleration solution This whole process enables authentication of both server and client through certificate and key verifications Authenticating both clients and servers is a critical need for applications like B2B, extranets and financial. Not only the server has to identify itself to the client but also the user has to be identified for the transaction to be valid. Authenticating servers only is sufficient in most B2C e-Commerce transactions because the customer has to be reassured about buying on a real and known site while the site does not care about who is buying as long as the credit card information are valid.