Network

Programming
Languages
Author: Flavio Vit
Course: UNICAMP MO611
Teleprocessamento e Redes
Professor: Nelson da Fonseca
11/17/15

Agenda

Introduction
Flog
Nettle
FatTire
Comparisons

Introduction
Flog: Logic Programming for
Software-Defined Networks
Nettle: Taking the Sting Out of
Programming Network Routers
FatTire: Fault Tolerating Regular
Expressions

Networks Management
In the past
Networks managed through a set of complex,
low-level, and heterogeneous interfaces
Firewalls + network address translators +
load balancers + routers + switches ==
Configured separately
Thousands of lines low-level code in different
domain-specific languages
Complex routing mechanisms (error-prone
tasks)

Software Defined Networks

Recently
SDN Software Defined Networks
Logically centralized Controller:
Managing distributed switches
General purpose machines
Working on routing decisions
Instruct the switches to install the
necessary packet-forwarding rules.

Flog - An SDN Logic

Programming Language
SDN packet-forwarding rule
Predicate + Action + Priority

Example:
Predicate: match packets based on the IP header
(MAC, IP, etc.)
Action: Drop, forward or flood the packet to ports
Priority: rules are executed according with
priorities

Flog
Combines two programing languages:
FML:
set of high-level built-in policy operators (SDN
abstractions)
allow/deny certain flows
provide quality of service
Programing model Not flexible

Frenetic:
declarative query language - SQL-like syntax
functional stream-processing language
language for describing packet forwarding

Flog
From FML:
Programming for controlling software-defined
networks

From Frenetic:
Controller programs split into :
1. Mechanism for querying network state
2. Mechanism for processing data extracted
from queries
3. Component for generating packet-forwarding
policies (automatically push to the switches)

Flog
Event driven => execution of logic
programs
1. Generates a packet-forwarding policy
compiled and deployed on switches
2. Generates states : drive the logic
program when the next network event
is processed

Flog
Network Events:
Switches online / offline
Ports on switches active / inactive
Statistics gathered by switches
Packets arrive at the controller and
require handling

Flog
Flow rule syntax example:
flow(srcip=IP,vlan=V), V > 0 -->
myvlans(IP,V)

When vlan tag is greater than 0, generate a

network event every time a packet with a
new srcip - vlan tag pair is detected
When this event generated, the rest of the
logic program will be executed.
The initial data for the logic program will
include the tuple myvlans(IP,V)

Flog
Police Generation:
generating a routing policy for network switches:
h1(F1), h2(F2), ... |> action, level(i)

left of the |> : kinds of packets that match the forwarding

rule. Specifies the packet fields (and switch and ports) that
match the rule.
right of the |> :
action where to forward or flood the packets or how to
modify them.
level specifies the priority of the rule.

Flog
Example:
# Network Events
flow(dstip=IP), inport=2 --> seen(IP)
# Information Processing
seen(IP) +-> allow(IP)
allow(IP) +-> allow(IP)
# Policy Generation
inport(2) |> fwd(1), level(0)
allow(IP) -->
srcip(IP), inport(1) |> fwd(2), level(0).

Nettle - Taking the Sting Out of Programming Network

Routers

Dont configure the network, program it!

Networks of OpenFlow switches controlled using
a high-level, declarative and expressive
language
Based on the principles of functional reactive
programming (FRP)
Embedded in Haskell => general-purpose
purely functional programming language.
Domain Specific Language

Nettle
Layered architecture
Family of DSLs - each
member capturing a
different network
abstraction
instantiation of the Functional
Reactive
Programming
Nettle / OpenFlow lib
Haskell host language
OpenFlow switches

Nettle
Nettle/FRP as a language for
expressing electrical circuits

Haskells arrow syntax:

y sigfun x

Nettle
Focus on the stream of control
messages among OpenFlow switches
Nettle => powerful collection of
Signal functions
Event operators

Nettle
OpenFlow switches maintains flow table
with flow entries:
Match conditions match IPs, header
fields
Forwarding actions to specific ports,
flooding, dropping packets
Statistics are updated
Expirations settings expires a flow
entry after prescribed time

Nettle
Nettle Controller transforms:
stream of messages from
switches

stream of commands for

switches

Nettle
Example: install the flow rule,
whenever a switch joins the network

FatTire: Fault Tolerating Regular

Expressions
Programs for fault tolerant Networks
Based on regular expressions
Main features:
Expressive: easy to describe
forwarding and fault tolerant policies
Efficient: based on fast failover from
OpenFlow
Correct: reasoning about the behavior
of the system during failure recovery

FatTire
Central feature: Regular
expressions for sets of legal paths
through the network
FatTire programs are translated to
OpenFlow switch configurations
Automatic response to link failures
with no controller intervention

FatTire
Example :OpenFlow Group and Route
Tables

FatTire
Group and Rule Tables for previous
slide

FatTire
Syntax:

FatTire
FatTire program for this example
Security policy: All
SSH traffic must traverse
the IDS - regular
expressions
over switches to describe
legal paths
Routing policy:
Traffic from the gateway
(GW) must be forwarded
to the access switch (A),
along any path

Fault-tolerance policy:
with annotation
Forwarding must be
resilient to a single link
failure.

Comparisons
Prog
Lang

Main
Characteristic

Advantages

Disadvantages

Flog

- Network Event
driven
- Focused on
packets flow

- Simple
- Combines
Frenetic and
FML

Too simple and

limited to flow
control

FatTire

- High level
Targets fast
- Regular
failover
mechanisms
expression
provided by
powered
OpenFlow standard - Turns failover
scenarios easier
to understand

Only focused
over solving link
failures
configuration

Nettle

- allow finegrained control

over switch
behavior
- event-based
programming

Good
question!!!
I buy it!

- Strong typed
- Extensible

References
1. Naga Praveen Katta, Jennifer Rexford, and David
Walker. Logic Programming for SoftwareDefined Networks
2. Mark Reitblatt, Marco Canini, Arjun Guha, and
Nate Foster. Fattire: Declarative fault
tolerance for software defined networks
3. Andreas Voellmy and Paul Hudak. Nettle: Taking
the Sting Out of Programming Network
Routers