Communications networks remain incredibly difficult to manage, troubleshoot, and secure. Network management challenges exist in all kinds of networks. In this talk, I will describe how Software Defined Networking (SDN), which decouples logical network control from the underlying network infrastructure, can simplify many network management tasks in different types of networks and may ultimately provide a means by which network operators (and home users) can make their networks more predictable, manageable, and secure.
I will first present Kinetic, a new programming language and runtime for SDNs that we have developed, implemented, and deployed (in both home networks and on a large campus network) and describe how it allows network operators to express and implement complex policies in a simple and high-level control framework. Current SDN controller platforms typically offer little domain-specific support for programming changes to data-plane policy over time (dynamic policy). Links are provisioned and fail; users arrive and depart; traffic demands change; and hosts are compromised and patched. Today’s controller platforms offer SDN programmers little guidance on how to encode dynamic policies, which makes the resulting programs difficult to write and analyze. Kinetic encodes dynamic policies and realizes them in the underlying network. It offers novel Finite State Machine (FSM)-based abstractions for encoding dynamic policies that are expressive and intuitive, efficient for programmers to write, and amenable to automated verification. To prevent state explosion, we develop a new type of runtime policy that reactively generates only the required portions of the FSM abstractions that correspond to received events.
I will then describe how we are applying new SDN abstractions and control to help approach longstanding problems in interdomain routing in a framework called SDN. To date, SDN has not affected how we interconnect separately administered networks as we do today through BGP. Because many of the current failings of the Internet are due to BGP’s poor performance and limited functionality, it behooves us to explore incrementally deployable ways to leverage SDN’s power to improve interdomain routing. Towards this goal, this project exploits the re-emergence of Internet eXchange Points (IXPs) to create Software Defined eXchanges (SDXs). Although the SDX approach does involve deploying SDN technology at IXPs, the improvements we describe involve fundamental changes to network control. I will describe how improved network control can realize the potential of SDN-capable functions at Internet exchange points.
Nick Feamster is a professor in the Computer Science Department at Princeton University and the Acting Director of the Center for Information Technology Policy at Princeton University. Before joining the faculty at Princeton, he was a professor in the School of Computer Science at Georgia Tech. He received his Ph.D. in Computer science from MIT in 2005, and his S.B. and M.Eng. degrees in Electrical Engineering and Computer Science from MIT in 2000 and 2001, respectively. His research focuses on many aspects of computer networking and networked systems, with a focus on network operations, network security, and censorship-resistant communication systems. In December 2008, he received the Presidential Early Career Award for Scientists and Engineers (PECASE) for his contributions to cybersecurity, notably spam filtering. His honors include the Technology Review 35 “Top Young Innovators Under 35” award, the ACM SIGCOMM Rising Star Award, a Sloan Research Fellowship, the NSF CAREER award, the IBM Faculty Fellowship, the IRTF Applied Networking Research Prize, and award papers at the SIGCOMM Internet Measurement Conference (measuring Web performance bottlenecks), SIGCOMM (network-level behavior of spammers), the NSDI conference (fault detection in router configuration), Usenix Security (circumventing web censorship using Infranet), and Usenix Security (web cookie analysis).