ntroduction to Software-defined Networking (SDN) презентация

Август 1, 2022

Главная
Информатика
ntroduction to Software-defined Networking (SDN)

Содержание

28. Ethane: Addressing the Protection Problem in Enterprise Networks Martin Casado Michael Freedman Glen Gibb Lew Glendenning
29. Goal Design network where connectivity is governed by high-level, global policy “Nick can talk to Martin
30. Problem with Bindings Today Host Name IP MAC Physical Interface Goal: map “hostname” to physical “host”
31. Examples of Problems Today are LEGION ARP is unauthenticated (attacker can map IP to wrong MAC)
32. Two Main Challenges Provide a namespace for the policy Design Mechanism to Enforce Policy
33. Our Solution: Ethane Flow-based network Central Domain Controller (DC) Implements secure bindings Authenticates users, hosts, services,
34. Host authenticate hi, I’m host B, my password is … Can I have an IP? Send
35. Component Overview Domain Controller Switches End-Hosts Authenticates users/switches/end-hosts Manages secure bindings Contains network topology Does permissions
36. Finding the DC Authentication Generating topology at DC Bootstrapping
37. DC knows all switches and their public keys All switches know DC’s public key Assumptions
38. Finding the DC Switches construct spanning tree Rooted at DC Switches don’t advertise path to DC
39. Initial Traffic to DC 2
40. Initial Traffic to DC All packets to the DC (except first hop switch) are tunneled Tunneling
41. Decouple control and data path in switches Software control path (connection setup) (slightly higher latency) DC
87. https://marketplace.saas.hpe.com/sdn
154. Скачать презентацию

Ethane: Addressing the Protection Problem in Enterprise Networks
Martin Casado
Michael Freedman
Glen Gibb
Lew Glendenning
Dan Boneh
Nick

McKeown
Scott Shenker
Gregory Watson
Presented By: Martin Casado
PhD Student in Computer Science, Stanford University
casado@cs.stanford.edu
http://www.stanford.edu/~casado

Goal
Design network where connectivity is governed by high-level, global policy
“Nick can talk to

Martin using IM”
“marketing can use http via web proxy”
“Administrator can access everything” “Traffic from secret access point cannot share infrastructure with traffic from open access point”

Problem with Bindings Today
Host Name
IP
MAC
Physical Interface
Goal: map “hostname” to physical “host”
But!!!
What if attacker

can interpose between any of the bindings? (e.g. change IP/MAC binding)
What if bindings change dynamically? (e.g. DHCP lease is up)
Or physical network changes?

Host

MAC

Physical Interface

Host

Examples of Problems Today are LEGION
ARP is unauthenticated (attacker can map IP to wrong MAC)
DHCP

is unauthenticated (attacker can map gateway to wrong IP)
DNS caches aren’t invalidate as DHCP lease times come up (or clients leave)
Security filters aren’t often invalidated with permission changes
Many others …

Слайд 32

Two Main Challenges
Provide a namespace for the policy
Design Mechanism to Enforce Policy

Слайд 33

Our Solution: Ethane
Flow-based network
Central Domain Controller (DC)
Implements secure bindings
Authenticates users, hosts, services, …
Contains

global security policy
Checks every new flow against security policy
Decides the route for each flow
Access is granted to a flow
Can enforce permit/deny
Can enforce middle-box interposition constraints
Can enforce isolation constraints

Слайд 34

Host authenticate hi, I’m host B, my password is …
Can I have an IP?
Send

tcp SYN packet to host A port 2525

User Authentication “hi, I’m martin, my password is”

Ethane: High-Level Operation

Domain Controller

Host A

Host Authentication “hi, I’m host A, my password is … can I have an IP address?”

Host B

User authentication hi, I’m Nick, my password is

Permission check
Route computation

Secure Binding State
ICQ → 2525/tcp
IP 1.2.3.4
switch3 port 4
Host A
IP 1.2.3.5
switch 1 port 2
HostB

Network Policy
“Nick can access Martin using ICQ”

Host A →
IP 1.2.3.4 →
Martin →
Host B →
IP 1.2.3.5 →
Nick →

Слайд 35

Component Overview
Domain Controller
Switches
End-Hosts
Authenticates users/switches/end-hosts
Manages secure bindings
Contains network topology
Does permissions checking
Computes routes
Send topology information

to the DC
Provide default connectivity to the DC
Enforce paths created by DC
Handle flow revocation
Specify access controls
Request access to services

Слайд 36

Finding the DC
Authentication
Generating topology at DC
Bootstrapping

Слайд 37

DC knows all switches and their public keys
All switches know DC’s public key
Assumptions

Слайд 38

Finding the DC
Switches construct spanning tree Rooted at DC
Switches don’t advertise path to DC

until they’ve authenticated
Once authenticated, switches pass all traffic without flow entries to the DC (next slide)

Слайд 39

Initial Traffic to DC
2

Слайд 40

Initial Traffic to DC
All packets to the DC (except first hop switch) are

tunneled
Tunneling includes incoming port
DC can shut off malicious packet sources

Слайд 41

Decouple control and data path in switches
Software control path (connection setup) (slightly higher latency)
DC

can handle complicated policy
Switches just forward (very simple datapath)
Simple, fast, hardware forwarding path (Gigabits)
Single exact-match lookup per packet

ntroduction to Software-defined Networking (SDN) презентация

Содержание

Ethane: Addressing the Protection Problem in Enterprise NetworksMartin CasadoMichael FreedmanGlen GibbLew GlendenningDan BonehNick

GoalDesign network where connectivity is governed by high-level, global policy “Nick can talk to

Problem with Bindings TodayHost NameIPMACPhysical InterfaceGoal: map “hostname” to physical “host”But!!!What if attacker

Examples of Problems Today are LEGIONARP is unauthenticated (attacker can map IP to wrong MAC)DHCP

Two Main ChallengesProvide a namespace for the policy Design Mechanism to Enforce Policy

Our Solution: EthaneFlow-based networkCentral Domain Controller (DC)Implements secure bindingsAuthenticates users, hosts, services, …Contains

Host authenticate hi, I’m host B, my password is …Can I have an IP?Send

Component OverviewDomain ControllerSwitchesEnd-HostsAuthenticates users/switches/end-hostsManages secure bindingsContains network topologyDoes permissions checkingComputes routesSend topology information

Finding the DCAuthenticationGenerating topology at DCBootstrapping

DC knows all switches and their public keysAll switches know DC’s public keyAssumptions

Finding the DCSwitches construct spanning tree Rooted at DCSwitches don’t advertise path to DC

Initial Traffic to DC2

Initial Traffic to DCAll packets to the DC (except first hop switch) are

Decouple control and data path in switchesSoftware control path (connection setup) (slightly higher latency)DC

https://marketplace.saas.hpe.com/sdn