There exists highly recommendable literature on the history of SDN and programmable data planes. We also report on two other important topics, deployment and algorithms of programmable data planes.
There are several interesting papers putting the technological trends around programmable networks into a historic perspective.
Smart packets: Applying active networks to network management
One intellectual precursor to programmable networks is the Active Networks concept. This paper surveys the application of active networks technology to network management and monitoring. The main idea of Smart Packets, which contain programs written in a safe language, is to move management decision points closer to the nodes being managed, as well as to target specific aspects of the node for information.
Reconfigurable Network Systems and Software-Defined Networking
The paper reviews the state of the art in reconfigurable network systems, covering hardware reconfiguration, SDN, and the interplay between them. It starts with a tutorial on software-defined networks, then continues to discuss programming languages as the linking element between different levels of software and hardware in the network, reviews electronic switching systems, highlighting programmability and reconfiguration aspects, and describes the trends in reconfigurable network elements.
Programmable Forwarding Planes are Here to Stay
A keynote from Nick McKeown at NetPL'17 on the many great research ideas and new languages that have emerged for programmable forwarding. The talk considers how we got here, why programmable forwarding planes are inevitable, why now is the right time, why they are a final frontier for SDN, and why they are here to stay.
A very relevant question, which is also a research challenge, regards the deployment of SDN and programmable data planes.
Ethane: Taking Control of the Enterprise
A seminal paper for deploying SDN in enterprise networks, this paper presents Ethane, a network architecture allowing managers to define a single network-wide fine-grain policy and then enforcing it directly. Ethane couples extremely simple flow-based Ethernet switches with a centralized controller that manages the admittance and routing of flows. While radical, this design is backwards-compatible with existing hosts and switches. Ethane was implemented in both hardware and software, supporting both wired and wireless hosts.
Softcell: Scalable and flexible cellular core network architecture
SoftCell aims to overcome today's expensive, inflexible and complex cellular core networks by supporting fine-grained policies for mobile devices, using commodity switches and servers. In particular, SoftCell allows to flexibly route traffic through sequences of middleboxes based on subscriber attributes and applications. Scalability is achieved by minimizing the size of the forwarding tables, using aggregation, and by performing packet classification at the access switches, next to the base stations.
B4: Experience with a Globally-deployed Software Defined Wan
The paper presents the design, implementation, and evaluation of B4, a private WAN connecting Google's data centers across the planet. B4 has a number of unique characteristics: (1) massive bandwidth requirements deployed to a modest number of sites, (2) elastic traffic demand that seeks to maximize average bandwidth, and (3) full control over the edge servers and network, which enables rate limiting and demand measurement at the edge. These characteristics led to a Software Defined Networking architecture using OpenFlow to control relatively simple switches built from merchant silicon.
A High Performance Packet Core for Next Generation Cellular Networks
To support deploying SDNs into the Evolved Packet Core (EPC), the paper presents the design and evaluation of a system architecture for a software EPC that achieves high and scalable performance. The authors postulate that the poor scaling of existing EPC systems stems from the manner in which the system is decomposed, which leads to device state being duplicated across multiple components, which in turn results in frequent interactions between the different components. An alternate approach is proposed in which state for a single device is consolidated in one location and EPC functions are reorganized for efficient access to this consolidated state. A prototype for PEPC is also presented, as a software EPC that implements the key components of the design.
Simulators and evaluation platforms
NS4: Enabling Programmable Data Plane Simulation
The paper presents a new simulator platform on top of ns-3 specifically tailored to programmable dataplanes and P4 in particular. Evaluations show tht NS4 can effectively simulate representative P4 programs and scales to large-scale P4-enabled networks at a low cost.
P8: P4 with Predictable Packet Processing Performance
The authors leverage the characteristics of the P4 programming language to provide a method for estimating the packet forwarding latency as a function of the data path program. They analyze the impact of different P4 constructs on packet processing latency for three state-of-the-art P4 devices: a Netronome SmartNIC, the NetFPGA-SUME, and the T4P4S DPDK-based software switch. Besides comparing the performance of these three targets, derived results are used to propose a method for estimating the average packet latency, at compilation time, of arbitrary P4-based network functions implemented using the surveyed P4 constructs. The proposed method is finally validated using a set of realistic network functions, which shows that the method estimates the average packet latency with sub-microsecond precision.
P4Fuzz: Compiler Fuzzer for Dependable Programmable Dataplanes
Extending programmability into the data plane introduces new threat models, in particular related to compilers used to map data plane languages, such as P4 to software or hardware targets. P4Fuzz aims at uncovering vulnerabilities in such compilers through automated compiler fuzzing. The author's compiler found several bugs in production compilers that since have been acknowledged and fixed by the community.
FlowLens: Enabling Efficient Flow Classification for ML-based Network Security Applications
FlowLens is a system that leverages commodity programmable switches to efficiently support multi-purpose ML-based security applications. FlowLens collects features of packet distributions at line speed and classifies flows directly on the switches, enabling network operators to re-purpose this measurement primitive at run-time to serve a different flow classification task. To cope with the resource constraints of programmable switches, FlowLens computes for each flow a memory-efficient representation of relevant features, named "flow marker". Despite its small size, a flow marker contains enough information to perform accurate flow classification. We evaluated our system in three usage scenarios: covert channel detection, website fingerprinting, and botnet chatter detection.
Fix with P6: Verifying Programmable Switches at Runtime
Is it possible to patch software bugs in P4 programs without human involvement? The paper shows that this is partially possible in many cases due to advances in software testing and the structure of P4 programs. The insight is that runtime verification can detect bugs, even those that are not detected at compile-time, with machine learning-guided fuzzing. This enables a more automated and real-time localization of bugs in P4 programs using software testing techniques like Tarantula. Once the bug in a P4 program is localized, the faulty code can be patched due to the programmable nature of P4. In addition, platform-dependent bugs can be detected. From P4_14 to P4_16 (latest version), the key observation is that as the programmable blocks increase, the patchability of P4 programs increases accordingly. To this end, the authors design, develop, and evaluate P6 that (a) detects, (b) localizes, and (c) patches bugs in P4 programs with minimal human interaction. P6 tests P4 switch non-intrusively, i.e., requires no modification to the P4 program for detecting and localizing bugs. The authors used a P6 prototype to detect and patch seven existing bugs in eight publicly available P4 application programs deployed on two different switch platforms: behavioral model (bmv2) and Tofino. The evaluation shows that P6 significantly outperforms bug detection baselines while generating fewer packets and patches bugs in P4 programs such as switch.p4 without triggering any regressions.
Runtime Verification of P4 Switches with Reinforcement Learning
This paper presents the design and early implementation of p4rl, a system that uses reinforcement learning-guided fuzz testing to execute the verification of P4 switches automatically at runtime. p4rl system uses novel user-friendly query language, p4q to conveniently specify the intended properties in simple conditional statements (if-else) and check the actual runtime behavior of the P4 switch against such properties. In p4rl, user-specified p4q queries with the control plane configuration, Agent, and the Reward System guide the fuzzing process to trigger runtime bugs automatically during Agent training. To illustrate the strength of p4rl, an early prototype of p4rl system is developed and evaluated to execute runtime verification of a P4 network device, e.g., L3 (Layer-3) switch. Initial results are promising and show that p4rl automatically detects diverse bugs while outperforming the baseline approach.
P4CONSIST: Towards Consistent P4 SDNs
The prevailing wisdom is that a software-defined network (SDN) operates under the premise that the logically centralized control plane has an accurate representation of the actual data plane state. Unfortunately, bugs, misconfigurations, faults or attacks can introduce inconsistencies between the network control and the data plane that can undermine the correct operation at runtime. Through experiments, the authors realize that P4 SDNs are no exception, and are prone to similar problems. With the aim to verify the control-data plane inconsistency, the authors present the design and implementation of P4Consist, a system to detect the inconsistency between control and data plane in P4 SDNs. P4Consist generates active probe-based traffic continuously or periodically as an input to the P4 SDNs to check whether the actual behavior on the data plane corresponds to the expected control plane behavior. In P4Consist, the control plane and the data plane generate independent reports which are later, compared to verify the control-data plane consistency. The previous works in the field of monitoring and verification mostly aim to test the P4 programs through static analysis and thus, are insufficient to verify the network consistency at runtime. Experiments with the prototype implementation of P4Consist are promising and show that P4Consist can verify the control-data plane consistency in the complex datacenter 4-ary fat-tree (20 switches) and multipath grid (4, 9 and 16 switches) topologies with 60k rules per switch within a minimum time of 4 minutes. At the same time, P4Consist scales to multiple source-destination pairs to detect control-data plane inconsistency.