Measuring ISP topologies with rocketfuel
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Counterexample-Guided Abstraction Refinement
CAV '00 Proceedings of the 12th International Conference on Computer Aided Verification
Scalable kernel performance for internet servers under realistic loads
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
Ethane: taking control of the enterprise
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
OpenFlow: enabling innovation in campus networks
ACM SIGCOMM Computer Communication Review
NOX: towards an operating system for networks
ACM SIGCOMM Computer Communication Review
A policy-aware switching layer for data centers
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Efficient querying and maintenance of network provenance at internet-scale
Proceedings of the 2010 ACM SIGMOD International Conference on Management of data
No more middlebox: integrate processing into network
Proceedings of the ACM SIGCOMM 2010 conference
ETTM: a scalable fault tolerant network manager
Proceedings of the 8th USENIX conference on Networked systems design and implementation
X-trace: a pervasive network tracing framework
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
The middlebox manifesto: enabling innovation in middlebox deployment
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
Header space analysis: static checking for networks
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Design and implementation of a consolidated middlebox architecture
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Making middleboxes someone else's problem: network processing as a cloud service
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
Abstractions for network update
Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication
The controller placement problem
Proceedings of the first workshop on Hot topics in software defined networks
Where is the debugger for my software-defined network?
Proceedings of the first workshop on Hot topics in software defined networks
Toward software-defined middlebox networking
Proceedings of the 11th ACM Workshop on Hot Topics in Networks
xOMB: extensible open middleboxes with commodity servers
Proceedings of the eighth ACM/IEEE symposium on Architectures for networking and communications systems
Automatic test packet generation
Proceedings of the 8th international conference on Emerging networking experiments and technologies
Reproducible network experiments using container-based emulation
Proceedings of the 8th international conference on Emerging networking experiments and technologies
Composing software-defined networks
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
VeriFlow: verifying network-wide invariants in real time
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Forwarding metamorphosis: fast programmable match-action processing in hardware for SDN
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
SIMPLE-fying middlebox policy enforcement using SDN
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
Virtual network diagnosis as a service
Proceedings of the 4th annual Symposium on Cloud Computing
SoftCell: scalable and flexible cellular core network architecture
Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
| Hi-index | 0.00 |
Middleboxes provide key security and performance guarantees in networks. Unfortunately, the dynamic traffic modifications they induce make it difficult to reason about network management tasks such as access control, accounting, and diagnostics. This also makes it difficult to integrate middleboxes into SDN-capable networks and leverage the benefits that SDN can offer. In response, we develop the FlowTags architecture. FlowTags-enhanced middleboxes export tags to provide the necessary causal context (e.g., source hosts or internal cache/miss state). SDN controllers can configure the tag generation and tag consumption operations using new FlowTags APIs. These operations help restore two key SDN tenets: (i) bindings between packets and their "origins," and (ii) ensuring that packets follow policy-mandated paths. We develop new controller mechanisms that leverage FlowTags. We show the feasibility of minimally extending middleboxes to support FlowTags. We also show that FlowTags imposes low overhead over traditional SDN mechanisms. Finally, we demonstrate the early promise of FlowTags in enabling new verification and diagnosis capabilities.