FLEXIBLE ENTERPRISE NETWORK MANAGEMENT ON COMMODITY SWITCHE
Enterprise networks interconnect heterogeneous hosts, requiring careful management to
provide secure, reliable and high-performance network communication. Today, the operators
have to manually configure individual network devices, while considering the host
address assignments and devices constraints (e.g., limited memory). These approaches are
too complicated and inefficient for enterprise networks with growing numbers of hosts and
The rise of Software Defined Networks (SDN) offers opportunities to simplify the
management of enterprise networks. Leveraging the logically-centralized control plane and
the programmable switch rule-tables in SDN, we design a novel network management system
that supports flexible policies and reduces configuration complexity. We argue that
the operators should focus on defining network-wide policies rather than grappling with
low-level details, such as switch memory sizes, individual switch configurations and host
addresses. It is the controller’s job to compile the high-level policies into rules for individual
switches while staying within the rule-table sizes.
In this thesis, we present a flexible enterprise network management system that assigns
addresses based on host attributes, distributes network-wide policies across multiple
switches and computes switch rules to achieve high-level load balancing policies. Specifi-
• we propose the “Attribute-Carrying IPs” (ACIPs) abstraction, where the attributes
of a host are encoded in the IP addresses to enable flexible policy specification. We
present Alpaca, algorithms for realizing ACIPs under practical constraints of limitedlength
IP addresses and constraint switch rule-tables.
• we propose the “One Big Switch” abstraction, which consists of an endpoint policy
that views all hosts connected to a single switch, a hop-by-hop routing policy that
defines paths between endpoints and a compiler that synthesizes switch rules that
obey policies and adhere to the resource constraints. We present efficient algorithms
that distribute policies across networks while managing rule-space constraints.
• we propose the “One Big Server” abstraction, where a switch load balances incoming
service requests to multiple equivalent servers based on their capacities. We present
Niagara, an SDN-based traffic-splitting scheme that achieves accurate traffic splits
while being extremely efficient in using the rule-table space.