Ethane: Taking Control of the Enterprise
sdn
Casado M, Freedman M J, Pettit J, et al. Ethane: Taking control of the enterprise[C]//ACM SIGCOMM Computer Communication Review. ACM, 2007, 37(4): 1-12.
该论文提出一种新型网络Ethane,该网络可以说是SDN的前身。
创新点:提出一种新型网络架构
不足:无法与现有的网络相结合,因为替代现有的网络不可能实现
基本内容如下。
1 introduction
3 Ethane principles:
- The network should be governed by policies declared over high-
level names
- policy should determine the path that packets follow
- The network should enforce a strong binding between a packet
and its origin
2 design overview
- Controller:decides whether the flow represented by that packet should be allowed
- Switch: packet in the flow,foward them according to the controller's direction,else foward them to the Controller.
2.1 names,bindings,policy language
- packet must come from a machine that is registed
- user are required authenticate themselves
2.2 Ethane in use
registration
all switches,users,hosts are registered at the Controller
Bootstraping
switches bootstrap connectivity by creating spanning tree rooted at the Controller
authentication
- user use host_A
- Controller allocate ip,and bind id with hosta's MAC
- user authenticate through web-form
Ethane in more detail
switches
- fowarding packets,flow table is smaller
- two types flow entries in flow table:drop or foward
- entris is managed by Controller,will delete timeout entry
- switch talk to Controller:use minimum spaning tree protocol(in the same broadcast domain) or create an IP Tunnel(else)
- use neighbor discovering messages to maintain a list of neighbors
Controller
- registration
- authentication
- tracking bindings
- namespace interface
- permission checks and access granting
- enforcing resource limits
handling broadcast and multicast
replicating Controller for scalability and fault-tolerance
cold-standby
backups need only contain the registration state and the network policy
warm-standby
a separate MST is created for every Controller.
link failure
switch use neighbor-discver messages to find,then removes all flow tables entries tied to failed port and sends new link-information to Controller
bootstrapping
the network creates a minimum spanning tree with the Controller advertising itself as the root.all work is to initialize the topo and establish secure channes between Controller and switches
4 Policy language:Pol-Eth
5 Prototype and deployment
perfect
7 shortcomings
- broadcast and sevice discovery
- application-layer routing
- knowing what user is doing
- spoofing Ethernet addresses
