Introduction¶
“The cheapest, fastest, and most reliable components of a computer system are those that aren’t there.” — Gordon Bell
=> "少即是多"
Availability is a network operator’s highest priority and yet, despite significant effort and investment, modern WANs remain vulnerable to failure. Figure 1 shows the frequency of outages that we have experienced in operating the WAN at Google in recent years. Generally speaking, this frequency has not declined over the years despite considerable efforts to improve reliability. Moreover, while minor disruptions are to be expected due to link cuts or router crashes, more impactful medium and major disruptions are harder to rationalize. Major outages continue to be reported by virtually every WAN operator [16, 28, 37, 58, 67]. Avoiding major failures is critical since they impact customers, internal productivity, and market reputation. Ultimately, they also impact innovation as these experiences encourage an overly conservative attitude toward introducing change.
可用性是网络运营商的最高优先级,然而,尽管进行了大量的努力和投资,现代广域网(WAN)仍然容易发生故障。图1展示了我们近年来在运营Google的广域网时所经历的中断频率。总体来说,尽管我们为提高可靠性付出了相当大的努力,这一频率并未随着时间的推移而下降。此外,尽管由于链路中断或路由器崩溃导致的小规模故障是可以预期的,但更具影响力的中等和重大故障则更难以解释。事实上,几乎每个广域网运营商都报告了重大故障的发生 [16, 28, 37, 58, 67]。避免重大故障至关重要,因为它们会影响客户、内部生产力和市场声誉。最终,这些故障还会影响创新,因为这些经历会导致在引入变更时过于保守的态度。
The fundamental challenge in eliminating major failures lies in their complexity: they typically involve bugs or errors in multiple components spanning diverse teams and codebases, that interact in unanticipated ways. As a result, these outages persist, despite our extensive efforts to improve testing, diagnostics, change procedures, and verification.
消除重大故障的根本挑战在于它们的复杂性:这些故障通常涉及多个组件的错误或漏洞,这些组件跨越不同的团队和代码库,并以意想不到的方式相互作用。结果是,尽管我们在改进测试、诊断、变更程序和验证方面做出了广泛的努力,这些中断仍然持续存在。
Given this situation, we ask: Is there more we can do to avoid complex failures? The approach we explore in this paper is to address complexity directly and focus on simplifying the network. More concretely, we aim to identify network components that can be removed without impacting the network’s functionality or performance. Intuitively, this strategy offers: (i) fewer points of failure and failure modalities, (ii) a reduced search space for testing and verification thus improving coverage, and (iii) fewer maintenance “touchpoints” and hence fewer opportunities for errors.
在这种情况下,我们要问:我们是否可以采取更多措施来避免复杂故障?本文探讨的方法是直接应对复杂性,并专注于简化网络。更具体地说,我们的目标是识别那些可以在不影响网络功能或性能的情况下移除的网络组件。直观地看,这一策略提供了:(i) 更少的故障点和故障模式,(ii) 缩小测试和验证的搜索空间,从而提高覆盖率,以及 (iii) 更少的维护“接触点”,因此减少了出错的机会。
But are there significant opportunities for simplification in today’s WANs? In this paper, we will argue that SDN control infrastructure in the WAN introduces significant complexity and propose a new control architecture that allows us to remove the vast majority of this infrastructure without losing the benefits of SDN. This raises three key questions which we summarize here and address through this paper.
但是,在当今的广域网中,是否存在显著的简化机会?在本文中,我们将论证广域网中的SDN控制基础设施引入了显著的复杂性,并提出一种新的控制架构,使我们能够在不丧失SDN优势的情况下,移除绝大多数的这种基础设施。这引出了三个关键问题,我们将在本文中总结并加以探讨。
Q1) Why target SDN infrastructure for simplification?¶
为什么我们选中了SDN来做简化?
While the road to SDN varied across use cases [12], in the WAN context that we focus on, support for operator-driven innovation was a key driver of SDN adoption, enabling operators to customize and evolve network control based on their needs. When SDN was embraced in the mid-2000s, routers were typically closed platforms with no practical way of running 3rd-party code “on-box.” As such, supporting operator-defined code naturally implied running the control plane on infrastructure external to the data plane. This external SDN control plane has typically been implemented as a logically centralized controller whose essential task is to run a traffic engineering (TE) algorithm that computes paths in a capacity-aware manner [11, 25–27].
虽然SDN的应用途径因具体用例而异 [12],但在我们关注的广域网背景下,支持运营商驱动的创新是SDN采用的关键推动力,使运营商能够根据自身需求定制和发展网络控制。中2000年代,当SDN被广泛接受时,路由器通常是封闭的平台,无法在设备上实际运行第三方代码。因此,支持运营商定义的代码自然意味着将控制平面运行在数据平面外部的基础设施上。这个外部的SDN控制平面通常被实现为一个逻辑上集中式的控制器,其基本任务是运行一个流量工程(TE)算法,以容量感知的方式计算路径 [11, 25–27]。
Tips
背景和动机:SDN 的采用路径因具体应用场景而异,在广域网中,支持运营商驱动的创新是SDN得以采用的关键因素。这种创新使运营商能够根据他们的需求定制和改进网络控制。
早期的技术限制:在2000年代中期,SDN刚刚开始被广泛接受。当时的路由器通常是封闭的平台,这意味着没有实际的方式可以在路由器内部运行第三方代码(“on-box” 指的是在设备本身上运行代码)。
控制平面的外部化:因为无法在路由器上直接运行自定义代码,运营商为了实现自定义的网络控制逻辑,不得不把控制平面放在数据平面外部的基础设施上。这意味着SDN的控制平面(用于决定如何在网络中传输数据的逻辑部分)通常作为一个逻辑上集中式的控制器来实现。这个控制器的主要任务是运行一个流量工程(TE)算法,该算法在考虑网络容量的情况下计算数据传输路径。
Unfortunately, implementing the high-level SDN idea in a global WAN involves far more than simply running a TE process on a datacenter server. It typically involves multiple software services, spanning a hierarchy of controllers, and running on a global footprint of servers that connect to the data plane via a separate control plane network. We use “SDN control infrastructure” to refer to these off-box components that are introduced in addition to the data plane. We note further that this infrastructure is not a one-for-one replacement for traditional solutions because, in practice, WANs continue to run protocols such as IS-IS and BGP as a fallback in case SDN control fails. As a result, we argue that current WAN control planes are overly complex: they bring new dependencies (due to SDN), while still retaining old undesirable dependencies (on protocols and vendors).
然而,在全球广域网中实现高层次的SDN理念不仅仅是简单地在数据中心服务器上运行一个TE进程。通常,这涉及多个软件服务,跨越控制器的层级结构,并运行在全球范围的服务器上,这些服务器通过独立的控制平面网络连接到数据平面。我们使用“SDN控制基础设施”来指代这些除了数据平面之外引入的外部组件。我们还指出,这种基础设施并非对传统解决方案的完全替代品,因为在实践中,广域网继续运行诸如IS-IS和BGP等协议,作为SDN控制失效时的备份。因此,我们认为当前的广域网控制平面过于复杂:它们引入了新的依赖关系(由于SDN),同时仍然保留了旧的不受欢迎的依赖关系(对协议和供应商的依赖)。
SDN is not a one-for-one replacement for traditional networking
so so so complex now!
- bring new dependencies (due to SDN)
- retain old undesirable dependencies (on protocols and vendors)
Thus the goal of our work is to simplify the network by eliminating these external components and dependencies where possible, thereby improving overall availability.
因此,我们工作的目标是通过尽可能消除这些外部组件和依赖关系来简化网络,从而提高整体的可用性。
Q2) What benefits of SDN must a simplified architecture retain?¶
在我们简化后的结构中,应该保留SDN的哪些优势?
SDN WANs offer important benefits that we must retain as we consider network simplification: operator-defined innovation, improved network efficiency (because TE computations that act on a global network view have been shown to achieve higher network utilization than greedy distributed solutions such as RSVPTE [2, 25]) and simpler “consensus-free” route computations (because paths are selected by the controller without complex distributed protocols across routers).
SDN广域网提供了我们在考虑网络简化时必须保留的重要优势:运营商定义的创新、提高的网络效率(因为基于全局网络视图的流量工程(TE)计算已被证明可以比诸如RSVP-TE等贪婪的分布式解决方案实现更高的网络利用率),以及更简单的“无共识”路径计算(因为路径是由控制器选择的,不需要通过路由器之间复杂的分布式协议来达成共识)。
Q3) How do we retain the benefits of SDN without its control infrastructure (and without a return to traditional protocols)?¶
我们如何在不使用SDN控制基础设施的情况下保留SDN的优势(而不回到传统协议)?
We see a way forward through developments in the router industry. In early SDN implementations, separation of control between vendors(供应商) and operators(运营商) necessitated separation of infrastructure. However, the router ecosystem has evolved since and vendors now support running 3rd-party code on the router’s control CPU and implement vendor-neutral interfaces that expose key control plane functions to external code [8, 41, 51, 57]. This shift offers an important opportunity to rethink existing SDN designs since we can now run operator-defined code within routers and manage that code in a vendor-neutral manner.
我们认为可以通过路由器行业的发展找到前进的道路。在早期的SDN实现中,供应商和运营商之间的控制分离要求基础设施也必须分开。然而,路由器生态系统自那时以来已经发展,现在供应商支持在路由器的控制CPU上运行第三方代码,并实现了供应商中立的接口,将关键的控制平面功能暴露给外部代码 [8, 41, 51, 57]。这种变化提供了一个重要的机会来重新思考现有的SDN设计,因为我们现在可以在路由器内部运行运营商定义的代码,并以供应商中立的方式管理这些代码。
In this paper, we use this opportunity to propose a novel decentralized SDN (dSDN) architecture in which every router runs an operator-defined “dSDN controller.” Each dSDN controller constructs a global network view via a simple flooding-based dissemination protocol and then locally runs a TE algorithm to compute capacity-aware paths. Finally, for simple consensus-free path selection we use source routing: when a packet enters the network, the ingress router records the TE-computed path into the packet’s header and all other routers along the path simply enforce the source route. Thus in dSDN, a router 𝑅 is the sole decision maker for paths that originate at 𝑅.
在本文中,我们利用这一机会提出了一种新颖的去中心化SDN(dSDN)架构,其中每个路由器都运行一个运营商定义的“dSDN控制器”。每个dSDN控制器通过简单的基于泛洪的传播协议构建全局网络视图,然后在本地运行流量工程(TE)算法来计算感知容量的路径。最后,为了实现简单的无共识路径选择,我们使用源路由:当数据包进入网络时,入口路由器将TE计算出的路径记录到数据包的头部,路径上的所有其他路由器只需执行源路由。因此,在dSDN中,路由器𝑅是所有从𝑅发起路径的唯一决策者。
The dSDN architecture represents a significant simplification to current WANs: it leverages two common techniques (basic control plane flooding and a TE algorithm) but otherwise eliminates any dependency on components external to the data plane and on legacy protocols. Despite these simplifications, dSDN retains the benefits of traditional centralized SDN (cSDN) while restoring the fate-sharing of traditional protocols that provides resiliency. The trade-off that dSDN imposes is a higher computational load on the router CPU (to run TE) and additional packet header state (to carry source-routes). Our evaluation shows that this trade-off is easily accommodated by modern routers.
dSDN架构代表了对当前广域网的显著简化:它利用了两种常见技术(基本的控制平面泛洪和TE算法),但在其他方面消除了对数据平面外部组件和传统协议的依赖。尽管进行了这些简化,dSDN仍保留了传统集中式SDN(cSDN)的优势,同时恢复了传统协议所提供的命运共同体的弹性。dSDN所带来的权衡是路由器CPU的更高计算负载(用于运行TE)和额外的数据包头部状态(用于携带源路由)。我们的评估表明,这种权衡现代路由器能够轻松适应。
borden now
- a higher computational load on the router CPU (to run TE)
- additional packet header state (to carry source-routes)
We recognize that our proposal implies revisiting the SDN deployments that industry has worked on for almost 20 years. This is a radical change that will not be undertaken lightly. As such, it will likely be years before we have the deployment experience to validate our central hypothesis: namely, that the simplifications we propose will reduce complex failures and broadly improve network availability. Hence, the claims and contributions we make in this paper are more modest: (i) we articulate the case for simplification and propose a new WAN control architecture that we believe achieves this simplification while retaining the best of the SDN and traditional protocol paradigms, and (ii) we implement and evaluate dSDN, showing that it can be practically realized on current routers, and significantly outperforms cSDN. Specifically, we show that: (1) our dSDN implementation on an Arista 7808 consumes under 50% of the router’s CPU resources under realistic network scenarios, (2) dSDN achieves up to 100x lower convergence times and 10-100x lower SLO impact than our current cSDN WAN, (3) the above gains hold over a range of topology, traffic, and failure scenarios.
我们认识到,提出的方案意味着需要重新审视业界已进行近20年的SDN部署。这是一项激进的变革,不会轻易进行。因此,可能需要数年时间才能通过实际部署验证我们的核心假设:即我们提出的简化将减少复杂故障并广泛提高网络可用性。
因此,我们在本文中的主张和贡献较为谦虚:
(i)我们阐述了简化的理由,并提出了一种新的广域网控制架构,我们认为该架构在保留SDN和传统协议最佳特性的同时实现了简化,
(ii)我们实现并评估了dSDN,展示了它可以在当前路由器上实际实现,并显著优于cSDN。
具体来说,我们展示了:
(1)在现实网络场景下,我们在Arista 7808上的dSDN实现消耗了不到50%的路由器CPU资源,
(2)dSDN的收敛时间比我们当前的cSDN广域网低达100倍,服务等级协议(SLO)影响低达10-100倍,
(3)上述改进在各种拓扑、流量和故障场景中都保持有效。
Tips
TE Algorithm (Traffic Engineering Algorithm)
流量工程算法(TE算法)用于在网络中优化数据流量的分配,以提高网络资源的利用效率和整体性能。TE算法通常基于对网络全局视图的分析,计算出最优的路径或流量分配方案,从而有效地利用网络带宽和资源。常见的TE算法包括 最短路径算法、最优化流量分配算法 等。
Consensus-free Path Selection
无共识路径选择指的是在选择数据包路径时,不需要通过分布式协议在多个路由器之间达成一致。在传统的分布式网络协议中,各个路由器需要通过复杂的协议达成共识,以决定数据包的转发路径。
而在无共识路径选择中,路径的决策由 集中式控制器 或 源路由信息在数据包头部指定,路径的选择过程不依赖于复杂的分布式共识机制。这种方法简化了路径选择的过程,减少了协议的复杂性和计算开销。