Xudong Zuo,Qing Li,Jingyu Xiao,Dan Zhao,Jiang Yong

DOI: https://doi.org/10.1145/3555050.3569137

2022-01-01

Abstract:Network failure severely impairs network performance, affecting latency and throughput of data transmission. Existing failure localization solutions for general networks face problems such as difficulty in acquiring data from end hosts, need for extra infrastructure, and excessive resource consumption. Meanwhile, solutions designed for data center networks are hard to apply in general networks, as they usually rely on the topology regularity of DCNs. In this paper, we propose Drift-Bottle, a lightweight and distributed approach to failure localization in general networks. In Drift-Bottle, each switch judges the status of flows and makes a local inference for suspicious links. We design a distributed localization scheme where each normal packet is used as a "drift-bottle" that carries a "letter", i.e., a lightweight inference header, while traversing the network. Each switch along the path updates the inference header by aggregating it with its local inference. Whenever the inference is evident enough to identify the culprit links of failures, a warning is sent to the operator immediately. Drift-Bottle implements its function mainly on the data plane of programmable switches and thus reduce the overhead brought to switches significantly. Evaluation based on simulation on different topologies demonstrates that Drift-Bottle provides fast, precise and lightweight failure localization to operators of general networks.

Xi Sun,Xiang Chen,Di Wang,Zhengyan Zhou,Xinyue Jiang,Wenhai Wang,Chunming Wu,Haifeng Zhou

DOI: https://doi.org/10.1109/secon58729.2023.10287419

2023-01-01

Abstract:How to satisfy the latency and reliability requirements of flow data transfer is an essential problem. To address this problem, we propose RFT, a framework that aims to satisfy the user-specified latency and reliability requirements of flow data transfer, especially in the situation where the network resources are insufficient. Firstly, we formulate the problem of satisfying the user-specified latency and reliability requirements of data transfer via mixed integer linear programming (MILP), and a heuristic algorithm is then designed to solve it in a polynomialtime. Secondly, to satisfy these requirements under insufficient network resources, we proposed a greedy-based algorithm used to select the minimum number of links added to the network, which can be deployed with low cost, especially in production networks such as data centers. Finally, we have implemented RFT on a 64$\times$100 Gbps Intel Barefoot Tofino switch. Our experimental results indicate that RFT satisfies the user-specified latency and reliability requirements in all test cases at acceptable costs, even when the network resources are insufficient.

Boyang Zhou,Wen Gao,Chunming Wu,Bin Wang,Ming Jiang,Yansong Wang

DOI: https://doi.org/10.1007/978-3-319-13326-3_39

2014-01-01

Abstract:The Software-Defined Networking (SDN) separates the control plane from the data plane to increase the flexibility. In the data plane, the unavailability of data forwarding is a common problem preventing a switch from configuring a new arrival flow into its flow table. When the burst flows arrived at the switch, the flow table can be consumed, causing the unavailability occurred. However, the problem is more complicated than in Internet due to the limited channel bandwidth for detecting the table usage. Hence, we propose a transparent core layer in the controller. The mechanism of the layer improves the availability in such way, configuring switches adapting to arrival patterns of flows to prevent the resource of switch exceeding its limit. This paper introduces the design and mechanisms of the layer as well as their algorithms. We further use a real flow trace from a Internet core router to evaluate the performance of layer. By emulating on on miniNet-HiFi, the results demonstrate that the layer can smooth the burst flows without making the flow table exceeding its size, without the layer, the switch lost 8% ingress flows. Meanwhile, the control throughput is lowered by 25.8% than before.

Xiaoliang Wang,Xiaohong Jiang,Cam-Tu Nguyen,Xiao Zhang,Sanglu Lu

2013-01-01

Abstract:Communication networks are vulnerable to the natural disasters or malicious attacks, which may cause a large area of corruptions and long term disconnection of network services. Such significant outage has become a serious problem today with regard to the stringent reliability requirement of the mission critical applications. In this paper, we focus on fast and effective failure recovery in face of region failures. Rather than rely on the time consuming failure localization, we introduce and evaluate a direct restoration mechanism upon detecting the path failure, which use the geographically distributed intermediate nodes, named “landmarks”, to reestablish the connection through a (near-)shortest detour path. The experimental analysis on randomly generated and realistic network topologies have shown that this approach can achieve high reliability and low stretch in case of region failures, and thus significantly reduce the impact of region failures on network based mission critical services.

Hongsheng Qi,Meiqi Liu,Lihui Zhang,Dianhai Wang

DOI: https://doi.org/10.1371/journal.pone.0156089

IF: 3.7

2016-01-01

PLoS ONE

Abstract:Urban road congestions change both temporally and spatially. They are essentially caused by network bottlenecks. Therefore, understanding bottleneck dynamics is critical in the goal of reasonably allocating transportation resources. In general, a typical bottleneck experiences the stages of formation, propagation and dispersion. In order to understand the three stages of a bottle neck and how the bottleneck moves on a road network, traffic flow data can be used to reconstruct these dynamics. However, raw traffic flow data is usually flawed in many ways. For instance some portion of data may be missing due to the failure of data collection devices, or some random factors in the data make it hard to identify real bottlenecks. In this paper a "user voting method" is proposed to deal with such raw-data-related issues. In this method, road links are ranked according to the weighed sum of certain performance measures and the links that are ranked relatively high are regarded as recurrent bottlenecks in a network, and several bottlenecks form a bottleneck area. A series of bottleneck parameters can be defined based on the identified bottleneck areas, such as bottleneck coverage, bottleneck link length, etc. Identifying bottleneck areas and calculating the bottleneck parameters for each time interval can reflect the evolution of the bottlenecks and also help trace how the bottlenecks move.

Lianjin Ye,Qing Li,Xudong Zuo,Jingyu Xiao,Yong Jiang,Zhuyun Qi,Chunsheng Zhu

DOI: https://doi.org/10.1109/ipccc51483.2021.9679436

2021-01-01

Abstract:The increasing amount of network devices brings significant improvement to network quality but is inevitably prone to various failures. The frequent occurrence of link failures and node failures in the real-world network, causing packet losses and delay, calls for more accurate and fast detection methods. Existing network failure detection systems focus on probes and end-to-end metrics, but are limited by overhead on bandwidth or storage. Reliance on specific deployment of monitoring systems on devices like hosts also limits the feasibility and compatibility in general network topology, ignoring the potential of transferring monitoring tasks from hosts to switches. In this paper, we propose PUFF, a passive and data-driven network failure detection system based on in-network feature collection in programmable switches and machine learning algorithms. First, PUFF explores the potential use of continuous traffic changes to detect node and link failures instead of end-to-end metrics. Second, PUFF offers a software-based prototype and compares its performance with the latest passive failure detection methods. Evaluation based on simulation on real-world topology shows that PUFF can detect nearly 90% node failures and 80% link failures with less overhead in a shorter time.

Qing Li,Yang Liu,Zhijie Zhu,Hengtong Li,Yong Jiang

DOI: https://doi.org/10.1016/j.comnet.2018.11.020

IF: 5.493

2019-01-01

Computer Networks

Abstract:Failure recovery has been a hot potato in the maintenance of networks, including software defined networks (SDNs), for many years. To guarantee the network availability in SDNs, some delicate schemes and algorithms have been proposed to pre-compute and set up the backup paths for potential network failures. However, they are generally unpractical for deployment, since they ignore either the failure recovery requirements of different flows or the constrained resources (e.g., flow tables) of SDN switches.In this paper, we propose BOND, a flexible failure recovery system in SDNs. Firstly, we allocate backup rules, instead of backup paths, to forwarding switches with flows’ requirements considered. Secondly, we accelerate the failure recovery with a global hash table and precisely select backup paths to avoid potential congestions in the post-recovery network. To demonstrate the efficiency of BOND, we construct comprehensive experiments with real-world topologies. The results show that compared with Multi-Protocol Label Switching (MPLS) Fast Reroute (FRR), BOND consumes an order of magnitude less memory to achieve the same network recovery goal. Further, we implement BOND with five HUAWEI S5720 SDN switches, two Dell end hosts and a RYU controller. The prototype experiments of this real network implementation further confirm the efficiency of BOND.

Songtao Fu,Qi Li,Xiaoliang Wang,Su Yao,Xuewei Feng,Ziqiang Wang,Xinle Du,Kao Wan,Ke Xu

DOI: https://doi.org/10.1109/TDSC.2024.3392486

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Secure data forwarding is critical for users to meet their requirements. In this paper, we propose D3 (Demon Detector in Data Plane), a source-driven, secure fault localization mechanism, which empowers the source to localize faulty link in Path Aware Networking, thus circumventing faulty link to guarantee secure data forwarding. D3 utilizes the source to instruct the on-path routers, thus empowering it to detect whether the on-path routers forward the packet as expected. Compared with existing schemes that are difficult to be deployed in practice due to the heavy storage, computation, and communication overhead, D3 offloads most of the on-path router's storage and computation overhead, thus dramatically improving the deployment efficiency. Particularly, the length of the additional packet header in D3 is 2-5 times less than the state-of-the-art mechanisms, thus having a low communication overhead. Besides that, the destination in D3 could keep stateless processing, thus having backward compatibility and eliminating the opportunity for DoS attacks toward a stateful destination. The BMv2 and Barefoot Tofino hardware evaluations show that D3 could achieve high fault localization accuracy and process the packet at line rate.

Jingyu Xiao,Qing Li,Dan Zhao,Xudong Zuo,Wenxin Tang,Yong Jiang

DOI: https://doi.org/10.1016/j.comnet.2024.110836

IF: 5.493

2024-01-01

Computer Networks

Abstract:The fast and efficient failure detection and localization is essential for stable network transmission. Unfortunately, existing schemes suffer from a few drawbacks such as significant resource consumption, lack support for fast online failure localization, and limited applicable topologies. In this paper, we design Themis, lightweight learning-based failure localization scheme for general networks. In the data plane, Themis achieves line-speed high performance failure detection using in-network classifiers and fine-grained traffic features. reduce communication overhead, only coarse-grained traffic features are reported to the control plane localization when a failure occurs. In the control plane, we propose a two-stage passive-active hybrid failure localization approach to accurately locate the failure without incurring excessive probing traffic. First, passive detection is conducted through the lightweight model XGBoost to infer a Potential Failure Link Set (PFLS). Then, active detection is done by only sending out probing packets to locations in the PFLS for precise failure localization. Comprehensive experiments demonstrate that Themis achieves ms-level failure localization with at least 95.63% accuracy, while saving 87.41% of bandwidth and 41.88% of hardware resource overhead average compared with the state-of-the-art schemes.

Yanli Zhang,Changde Li,Yun Shi,Jie Xiao,Bin Wu,Hong Wen,Xiaohong Jiang

DOI: https://doi.org/10.1109/icocn.2014.6987082

2014-01-01

Abstract:Data Center Network (DCN) is the supporting platform for various applications in cloud services. As optical switch offers high bandwidth, low latency and reduced energy consumption, it becomes a promising switching solution for scalable DCN. Recently, a new DCN architecture with distributed component sets (racks and optical core switches) in a given optical network has been proposed to simplify the DCN internal connection and make the DCN fully scalable. Because the core switches play an important role in both external service access and inter-node traffic switching, a single core switch failure may lead to traffic congestion or collapse of a DCN. Based on an existing distributed DCN, in this paper we consider how to deploy a backup core switch to fight against an arbitrary single core switch failure while minimizing the total protection cost. Upon a core switch failure, all unaffected traffics keep their original routes unchanged, and predefined protection strategy (rerouting and switching) will take effect for the affected traffics. To solve this problem, we formulate an integer linear program (ILP) to place the backup core switch at a proper node and determine the fast traffic recovery mechanism. We validate the proposed design by extensive simulation studies.

Cheng Tan,Ze Jin,Chuanxiong Guo,Tianrong Zhang,Haitao Wu,Karl Deng,Dongming Bi,Dong Xiang

2019-01-01

Abstract:The availability of data center services is jeopardized by various network incidents. One of the biggest challenges for network incident handling is to accurately localize the failures, among millions of servers and tens of thousands of network devices. In this paper, we propose NetBouncer, a failure localization system that leverages the IP-in-IP technique to actively probe paths in a data center network. NetBouncer provides a complete failure localization framework which is capable of detecting both device and link failures. It further introduces an algorithm for high accuracy link failure inference that is resilient to real-world data inconsistency by integrating both our troubleshooting domain knowledge and machine learning techniques. NetBouncer has been deployed in Microsoft Azure's data centers for three years. And in practice, it produced no false positives and only a few false negatives so far.

DH Gao,ZY Zhou,HY Zhang

DOI: https://doi.org/10.1117/12.575412

2005-01-01

Abstract:In dynamic networks, the failure detection time takes a major part of the convergence time, which is an important network performance index. To detect a node or link failure in the network, traditional protocols, like Hello protocol in OSPF or RSVP, exchanges keep-alive messages between neighboring nodes to keep track of the link/node state. But by default settings, it can get a minimum detection time in the measure of dozens of seconds, which can not meet the demands of fast network convergence and failure recovery. When configuring the related parameters to reduce the detection time, there will be notable instability problems. In this paper. we analyzed the problem and designed a new failure detection algorithm to reduce the network overhead of detection signaling. Through our experiment we found it is effective to enhance the stability by implicitly acknowledge other signaling messages as keep-alive messages. We conducted our proposal and the previous approaches on the ASON test-bed. The experimental results show that our algorithm gives better performances than previous schemes in about an order magnitude reduction of both false failure alarms and queuing delay to other messages, especially under light traffic load.

Zhijie Zhu,Qing Li,Shutao Xia,Mingwei Xu

DOI: https://doi.org/10.1109/icccn.2018.8487363

2018-01-01

Abstract:A logically centralized controller of Software Defined Networking (SDN) is responsible for the management of routing planning and monitoring of network status. With this central control and global visibility, in this paper, we propose a congestion-aware fast failure recovery scheme (CAFFE), which can not only recover the affected flows fast from a wide range of failure scenarios but also avoid potential congestion in the post-recovery network. CAFFE achieves fast recovery by detouring the traffic from neighbour switches as soon as they detect failures and avoids potential congestion by protected paths constructed with the combined consideration of the knowledge of network topology, failure states and network load distribution. We formulate and solve the protected path planning problems where all potential network failures should be protected and the maximum link load in the post-recovery network should be minimized. The resulting protected paths ensure high traffic reachability and low link load even when network failure happens. All these paths are set up a priori by CAFFE. This allows switches to handle failures automatically without the need on waiting for the response from the controller. Experimental results show that CAFFE achieves fast recovery with relatively low overheads on either switches (in terms of backup rule number to configure) or controller (in terms of computational time). It also shows that CAFFE is able to better load-balance the post-recovery network comparing to shortest path re-calculation and OpenFlow-based Segment Protection (OSP).

Fanfu Zhou,Zhengwei Qi,Jianguo Yao,Ruhui Ma,Bin Wang,Athanasios V. Vasilakos,Haibing Guan

DOI: https://doi.org/10.1109/tdsc.2016.2599881

2018-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Compromised or misconfigured routers have been a major concern in large-scale networks, Such routers sabotage packet delivery, and thus hurt network performance. Data-plane fault localization (FL) promises to solve this problem. Regrettably, the path-based FL fails to support dynamic routing, and the neighbor-based FL requires a centralized trusted administrative controller (AC) or global clock synchronization in each router and introduces storage overhead for caching packets. To address these problems, we introduce a dynamic distributed and low-cost model, (DFL)-F-2. Using random two-hop neighborhood authentication, (DFL)-F-2 supports volatile path without the AC or global clock synchronization. Besides, (DFL)-F-2 requires only constant tens of KB for caching which is independent of the packet transmission rate. This is much less than the cache size of DynaFL or DFL which consumes several MB. The simulations show that (DFL)-F-2, achieves low false positive and false negative rate with no more than 3 percent bandwidth overhead. We also implement an open source prototype and evaluate its effect. The result shows that the performance burden in user space is less than 10 percent with the dynamic sampling algorithm.

Bo Wu,Ke Xu,Qi Li,Fan Yang

DOI: https://doi.org/10.1109/pccc.2017.8280428

2017-01-01

Abstract:The current network is vulnerable to various attacks, e.g., source spoofing and flow hijacking attacks, which can be constructed by misconfigurations or compromising routers. Unfortunately, both users and network operators are unable to localize these faults. Existing fault localization mechanisms detect such attacks under an assumption that localization is performed upon reliable communication channels. In this paper, we will relax the assumption and propose a robust and lightweight dataplane fault localization (RFL) protocol that aims to achieve source authenticity and path compliance in unreliable communication channels. RFL uses symmetric keys to build secure detection channels and samples packets for localization on the channels such that it can detect and localize faults. In particular, the localization performed is not impacted by the reliability of the communication channels, e.g., the packets that used to localize faults are dropped. We prototype of RFL on Click routers and the experiment results with the prototype demonstrate that RFL achieves more than 99.5% localization accuracy, while only incurring around 10% throughput degradation.

Anmin Xu,Jun Bi,Baobao Zhang,Shuhe Wang,Jianping Wu

DOI: https://doi.org/10.1109/iwqos.2017.7969163

2017-01-01

Abstract:To speed up the recovery from network failures, an extensive list of methods have been proposed. Many failure-recovery methods are proposed based on tunneling or marking, which increase the packet processing burden on routers and consume extra bandwidth. With neither tunneling nor marking, existing methods guarantee recovery from any single-link failure if a detour for the failed link exists, but they generate long traffic detours that will degrade the network performance, and even increase the operational cost, which is undesirable to network operators. Therefore, in this paper, we propose a Failure Inference approach to shortening Traffic Detours named as FITD, which works in OSPF/IS-IS networks. FITD does not use explicit failure notification, and can infer which link fails based on traffic information. FITD guarantees recovery from any single-link failure if a detour for the failed link exists. In particular, for networks with symmetric link weights, FITD guarantees to generate shortest detours for any single-link failure.

Jia-Qi Wei,Qian-Li Zhang,Xing Li

DOI: https://doi.org/10.1109/iccwamtip.2016.8079795

2016-01-01

Abstract:With the increasing scale and complexity of the network, how to maintain a level of network performance and robustness for network operators to satisfy customers becomes more and more challenging. Network anomaly detection and localization are critical for ensuring network performance. In this paper, a novel framework for detecting and localizing network anomalies using active measurements is presented. The framework is composed of three steps: the first step is to detect network anomalies on network path under monitoring, the second step is to cluster destination IPs on the monitored path using unsupervised learning methods, the last step is to localize network anomalies that induce anomalous network performance and behaviors. The last step is designed to reveal the possible cause for each IP set clustered in the second step and localize root cause at every moment by analyzing the inclusion relation between detected anomalous destination IPs and clustered IP sets. The efficacy of the framework to diagnose network anomalies is demonstrated by several real-world cases, which have been recorded in three years of network monitoring experience.

Chao Xu,Jessie Hui Wang,Rui Li,Tao Yu,Jilong Wang

DOI: https://doi.org/10.1109/iThings-GreenCom-CPSCom-SmartData-Cybermatics53846.2021.00056

2021-01-01

Abstract:The rapid development of immersive multimedia applications puts forward higher requirements for the backbone transmission of CDNs. However, network failures, such as link interruptions, are a considerable challenge to smooth transmission. Ideally, when a failure occurs, the system should handle it seamlessly to avoid QoE degradation. That is, the system should discover more paths to satisfy all users. However, existing recovery strategies for large-scale networks take seconds to minutes to gather network status information and discover new paths, which is unbearable for millisecond-level immersive applications. In this paper, we study the problem of failure recovery in an overlay CDN network. We propose a quick failure recovery strategy. This strategy does not collect network states but re-decides flow transmission schemes with existing multiple paths. This quick recovery strategy aims to obtain an emergency response quickly to minimize the number of users affected by the failure. It is the first line of dealing with the failure so that the system can spend more time collecting network state and discovering new paths to complete its recovery solution until all users are satisfied. Simulations show that our approach can effectively improve the service capability after failures, up to double the performance.

Che Zhang,Hong Xu,Libin Liu,Zhixiong Niu,Peng Wang,Yongqiang Tian,Chengchen Hu

DOI: https://doi.org/10.1155/2018/6361901

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:Network faults like link or switch failures can cause heavy congestion and packet loss. Traffic engineering systems need a lot of time to detect and react to such faults, which results in significant recovery times. Recent work either preinstalls a lot of backup paths in the switches to ensure fast rerouting or proactively prereserves bandwidth to achieve fault resiliency. Our idea agilely reacts to failures in the data plane while eliminating the preinstallation of backup paths. We propose Kuijia, a robust traffic engineering system for data center WANs, which relies on a novel failover mechanism in the data plane called rate rescaling. The victim flows on failed tunnels are rescaled to the remaining tunnels and enter lower priority queues to avoid performance impairment of aboriginal flows. Real system experiments show that Kuijia is effective in handling network faults and significantly outperforms the conventional rescaling method.

Songyun Wang,Xin Li,Zhuzhong Qian,Jiabin Yuan

DOI: https://doi.org/10.1007/978-3-030-05054-2_43

2018-01-01

Abstract:Contemporary datacenter networks are typically organized with multi-rooted tree topologies. To fully utilize the multiple end-to-end paths, effective mechanisms are required to balance traffic across them. However, existing load balancers for datacenters either operate at a coarse granularity, or support little for network failures, or necessitate customized hardware. We propose Distancer, a host-based distributed adaptive load balancer for datacenter traffic, which requires no coordination and modification of switches. Based on a deep investigation of TCP feedback mechanism, we firstly design Congestion Detector (C-Detector), which exploits ACKs to effectively handle network hot-spots and path anomalies in real time; Then we develop Load-Balancer (L-Balancer) to select best paths for both data packets and ACKs. According to our extensive evaluations, Distancer can achieve up to 40% and 20% better average flow completion times (AFCTs) than ECMP and CONGA respectively. Under the presence of path failures, Distancer improves the AFCT up to 400% and 30% over ECMP and CONGA.