Alpaca: Compact Network Policies With Attribute-Encoded Addresses

In enterprise networks, policies (e.g., QoS or security) are often defined based on the categorization of hosts along dimensions, such as the organizational role of the host (faculty versus student) and department (engineering versus sales). While current best practices (virtual local area networks)...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE/ACM transactions on networking 2017-06, Vol.25 (3), p.1846-1860
Hauptverfasser:	Nanxi Kang, Rottenstreich, Ori, Rao, Sanjay G., Rexford, Jennifer
Format:	Artikel
Sprache:	eng
Schlagworte:	Algorithms Coding DHCP Engineering education IEEE transactions IP (Internet Protocol) IP address allocation IP networks Local area networks network policies Pipelines Policies Quality of service Quality of service architectures Resource management Security Software defined networking Switches Switching theory Viability Virtual local area networks Virtual networks
Online-Zugang:	Volltext bestellen
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	1860
container_issue	3
container_start_page	1846
container_title	IEEE/ACM transactions on networking
container_volume	25
creator	Nanxi Kang Rottenstreich, Ori Rao, Sanjay G. Rexford, Jennifer
description	In enterprise networks, policies (e.g., QoS or security) are often defined based on the categorization of hosts along dimensions, such as the organizational role of the host (faculty versus student) and department (engineering versus sales). While current best practices (virtual local area networks) help when hosts are categorized along a single dimension, policy may often need to be expressed along multiple orthogonal dimensions. In this paper, we make three contributions. First, we argue for attribute-encoded IPs (ACIPs), where the IP address allocation process in enterprises considers attributes of a host along all policy dimensions. ACIPs enable flexible policy specification in a manner that may not otherwise be feasible owing to the limited size of switch rule-tables. Second, we present Alpaca, algorithms for realizing ACIPs under practical constraints of limited-length IP addresses. Our algorithms can be applied to different switch architectures, and we provide bounds on their performance. Third, we demonstrate the importance and viability of ACIPs on data collected from real campus networks.
doi_str_mv	10.1109/TNET.2017.2657123
format	Article
fullrecord	<record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_crossref_primary_10_1109_TNET_2017_2657123</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>7855776</ieee_id><sourcerecordid>2174474736</sourcerecordid><originalsourceid>FETCH-LOGICAL-c288t-fe6df3750dd2870c8558b85cd88219e6cfe6c29fe07c4a4c3f427055300e69403</originalsourceid><addsrcrecordid>eNo9kE1LAzEQhoMoWKs_QLwseN46STYf620prQqleqh4DNtkFre2TU1SxH9vSouneQ_POzM8hNxSGFEK9cNiPlmMGFA1YlIoyvgZGVAhdMmElOc5g-SllDW7JFcxrgAoByYHpGnWu9a2j8XYb3JIxRzTjw9fxZtf97bHWHz06bNoUgr9cp-wnGytd-iKxrmAMWK8Jhddu454c5pD8j6dLMbP5ez16WXczErLtE5lh9J1XAlwjmkFVufnllpYpzWjNUqbAcvqDkHZqq0s7yqmQAgOgLKugA_J_XHvLvjvPcZkVn4ftvmkYVRVlaoUl5miR8oGH2PAzuxCv2nDr6FgDqbMwZQ5mDInU7lzd-z0iPjPq_yhUpL_AXiFY04</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2174474736</pqid></control><display><type>article</type><title>Alpaca: Compact Network Policies With Attribute-Encoded Addresses</title><source>IEEE Electronic Library (IEL)</source><creator>Nanxi Kang ; Rottenstreich, Ori ; Rao, Sanjay G. ; Rexford, Jennifer</creator><creatorcontrib>Nanxi Kang ; Rottenstreich, Ori ; Rao, Sanjay G. ; Rexford, Jennifer</creatorcontrib><description>In enterprise networks, policies (e.g., QoS or security) are often defined based on the categorization of hosts along dimensions, such as the organizational role of the host (faculty versus student) and department (engineering versus sales). While current best practices (virtual local area networks) help when hosts are categorized along a single dimension, policy may often need to be expressed along multiple orthogonal dimensions. In this paper, we make three contributions. First, we argue for attribute-encoded IPs (ACIPs), where the IP address allocation process in enterprises considers attributes of a host along all policy dimensions. ACIPs enable flexible policy specification in a manner that may not otherwise be feasible owing to the limited size of switch rule-tables. Second, we present Alpaca, algorithms for realizing ACIPs under practical constraints of limited-length IP addresses. Our algorithms can be applied to different switch architectures, and we provide bounds on their performance. Third, we demonstrate the importance and viability of ACIPs on data collected from real campus networks.</description><identifier>ISSN: 1063-6692</identifier><identifier>EISSN: 1558-2566</identifier><identifier>DOI: 10.1109/TNET.2017.2657123</identifier><identifier>CODEN: IEANEP</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>Algorithms ; Coding ; DHCP ; Engineering education ; IEEE transactions ; IP (Internet Protocol) ; IP address allocation ; IP networks ; Local area networks ; network policies ; Pipelines ; Policies ; Quality of service ; Quality of service architectures ; Resource management ; Security ; Software defined networking ; Switches ; Switching theory ; Viability ; Virtual local area networks ; Virtual networks</subject><ispartof>IEEE/ACM transactions on networking, 2017-06, Vol.25 (3), p.1846-1860</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2017</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c288t-fe6df3750dd2870c8558b85cd88219e6cfe6c29fe07c4a4c3f427055300e69403</cites><orcidid>0000-0002-4064-1238</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/7855776$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/7855776$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Nanxi Kang</creatorcontrib><creatorcontrib>Rottenstreich, Ori</creatorcontrib><creatorcontrib>Rao, Sanjay G.</creatorcontrib><creatorcontrib>Rexford, Jennifer</creatorcontrib><title>Alpaca: Compact Network Policies With Attribute-Encoded Addresses</title><title>IEEE/ACM transactions on networking</title><addtitle>TNET</addtitle><description>In enterprise networks, policies (e.g., QoS or security) are often defined based on the categorization of hosts along dimensions, such as the organizational role of the host (faculty versus student) and department (engineering versus sales). While current best practices (virtual local area networks) help when hosts are categorized along a single dimension, policy may often need to be expressed along multiple orthogonal dimensions. In this paper, we make three contributions. First, we argue for attribute-encoded IPs (ACIPs), where the IP address allocation process in enterprises considers attributes of a host along all policy dimensions. ACIPs enable flexible policy specification in a manner that may not otherwise be feasible owing to the limited size of switch rule-tables. Second, we present Alpaca, algorithms for realizing ACIPs under practical constraints of limited-length IP addresses. Our algorithms can be applied to different switch architectures, and we provide bounds on their performance. Third, we demonstrate the importance and viability of ACIPs on data collected from real campus networks.</description><subject>Algorithms</subject><subject>Coding</subject><subject>DHCP</subject><subject>Engineering education</subject><subject>IEEE transactions</subject><subject>IP (Internet Protocol)</subject><subject>IP address allocation</subject><subject>IP networks</subject><subject>Local area networks</subject><subject>network policies</subject><subject>Pipelines</subject><subject>Policies</subject><subject>Quality of service</subject><subject>Quality of service architectures</subject><subject>Resource management</subject><subject>Security</subject><subject>Software defined networking</subject><subject>Switches</subject><subject>Switching theory</subject><subject>Viability</subject><subject>Virtual local area networks</subject><subject>Virtual networks</subject><issn>1063-6692</issn><issn>1558-2566</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2017</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kE1LAzEQhoMoWKs_QLwseN46STYf620prQqleqh4DNtkFre2TU1SxH9vSouneQ_POzM8hNxSGFEK9cNiPlmMGFA1YlIoyvgZGVAhdMmElOc5g-SllDW7JFcxrgAoByYHpGnWu9a2j8XYb3JIxRzTjw9fxZtf97bHWHz06bNoUgr9cp-wnGytd-iKxrmAMWK8Jhddu454c5pD8j6dLMbP5ez16WXczErLtE5lh9J1XAlwjmkFVufnllpYpzWjNUqbAcvqDkHZqq0s7yqmQAgOgLKugA_J_XHvLvjvPcZkVn4ftvmkYVRVlaoUl5miR8oGH2PAzuxCv2nDr6FgDqbMwZQ5mDInU7lzd-z0iPjPq_yhUpL_AXiFY04</recordid><startdate>201706</startdate><enddate>201706</enddate><creator>Nanxi Kang</creator><creator>Rottenstreich, Ori</creator><creator>Rao, Sanjay G.</creator><creator>Rexford, Jennifer</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-4064-1238</orcidid></search><sort><creationdate>201706</creationdate><title>Alpaca: Compact Network Policies With Attribute-Encoded Addresses</title><author>Nanxi Kang ; Rottenstreich, Ori ; Rao, Sanjay G. ; Rexford, Jennifer</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c288t-fe6df3750dd2870c8558b85cd88219e6cfe6c29fe07c4a4c3f427055300e69403</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2017</creationdate><topic>Algorithms</topic><topic>Coding</topic><topic>DHCP</topic><topic>Engineering education</topic><topic>IEEE transactions</topic><topic>IP (Internet Protocol)</topic><topic>IP address allocation</topic><topic>IP networks</topic><topic>Local area networks</topic><topic>network policies</topic><topic>Pipelines</topic><topic>Policies</topic><topic>Quality of service</topic><topic>Quality of service architectures</topic><topic>Resource management</topic><topic>Security</topic><topic>Software defined networking</topic><topic>Switches</topic><topic>Switching theory</topic><topic>Viability</topic><topic>Virtual local area networks</topic><topic>Virtual networks</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Nanxi Kang</creatorcontrib><creatorcontrib>Rottenstreich, Ori</creatorcontrib><creatorcontrib>Rao, Sanjay G.</creatorcontrib><creatorcontrib>Rexford, Jennifer</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE/ACM transactions on networking</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Nanxi Kang</au><au>Rottenstreich, Ori</au><au>Rao, Sanjay G.</au><au>Rexford, Jennifer</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Alpaca: Compact Network Policies With Attribute-Encoded Addresses</atitle><jtitle>IEEE/ACM transactions on networking</jtitle><stitle>TNET</stitle><date>2017-06</date><risdate>2017</risdate><volume>25</volume><issue>3</issue><spage>1846</spage><epage>1860</epage><pages>1846-1860</pages><issn>1063-6692</issn><eissn>1558-2566</eissn><coden>IEANEP</coden><abstract>In enterprise networks, policies (e.g., QoS or security) are often defined based on the categorization of hosts along dimensions, such as the organizational role of the host (faculty versus student) and department (engineering versus sales). While current best practices (virtual local area networks) help when hosts are categorized along a single dimension, policy may often need to be expressed along multiple orthogonal dimensions. In this paper, we make three contributions. First, we argue for attribute-encoded IPs (ACIPs), where the IP address allocation process in enterprises considers attributes of a host along all policy dimensions. ACIPs enable flexible policy specification in a manner that may not otherwise be feasible owing to the limited size of switch rule-tables. Second, we present Alpaca, algorithms for realizing ACIPs under practical constraints of limited-length IP addresses. Our algorithms can be applied to different switch architectures, and we provide bounds on their performance. Third, we demonstrate the importance and viability of ACIPs on data collected from real campus networks.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/TNET.2017.2657123</doi><tpages>15</tpages><orcidid>https://orcid.org/0000-0002-4064-1238</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext_linktorsrc
identifier	ISSN: 1063-6692
ispartof	IEEE/ACM transactions on networking, 2017-06, Vol.25 (3), p.1846-1860
issn	1063-6692 1558-2566
language	eng
recordid	cdi_crossref_primary_10_1109_TNET_2017_2657123
source	IEEE Electronic Library (IEL)
subjects	Algorithms Coding DHCP Engineering education IEEE transactions IP (Internet Protocol) IP address allocation IP networks Local area networks network policies Pipelines Policies Quality of service Quality of service architectures Resource management Security Software defined networking Switches Switching theory Viability Virtual local area networks Virtual networks
title	Alpaca: Compact Network Policies With Attribute-Encoded Addresses
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-05T06%3A20%3A01IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Alpaca:%20Compact%20Network%20Policies%20With%20Attribute-Encoded%20Addresses&rft.jtitle=IEEE/ACM%20transactions%20on%20networking&rft.au=Nanxi%20Kang&rft.date=2017-06&rft.volume=25&rft.issue=3&rft.spage=1846&rft.epage=1860&rft.pages=1846-1860&rft.issn=1063-6692&rft.eissn=1558-2566&rft.coden=IEANEP&rft_id=info:doi/10.1109/TNET.2017.2657123&rft_dat=%3Cproquest_RIE%3E2174474736%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2174474736&rft_id=info:pmid/&rft_ieee_id=7855776&rfr_iscdi=true