Dynamic Scheduling of Approximate Telemetry Queries

Network telemetry systems provide critical visibility into the state of traffic flowing through modern computer networks. While significant progress has been made by leveraging programmable switch hardware to scale these systems to high and time-varying traffic workloads, less attention has been paid towards efficiently utilizing limited hardware resources in the face of dynamics such as the composition of traffic as well as the number and types of queries run at a given point in time. To efficiently handle traffic and query dynamics we develop DynATOS, the first scheduling system for running network traffic queries on constrained switch hardware while adapting to changing query and resource requirements. DynATOS leverages a novel time-division approach to approximation and multiplexes switch hardware resources among submitted queries using an optimization formulation. We prototype and evaluate DynATOS on a runtime-programmable switch hardware telemetry module.

Architecture of DynATOS
Architecture of DynATOS

Why DynATOS?

Key Points

DDoS
DDoS
DDoS
Port scan
DDoS
Superspreader
DDoS
TCP new connections

Publications

Revisiting Network Telemetry in COIN: A Case for Runtime Programmability
Chris Misa, Ramakrishnan Durairajan, Reza Rejaie, Walter Willinger
IEEE Network, Special Issue on In-Network Computing: Emerging Trends for the Edge-Cloud Continuum, September 2021.
[PAPER]

Dynamic Scheduling of Approximate Telemetry Queries
Chris Misa, Walt O’Connor, Ramakrishnan Durairajan, Reza Rejaie and Walter Willinger
(To appear) In Proceedings of 19th USENIX Symposium on Networked Systems Design and Implementation (NSDI’22)
Renton, WA, April 2022.
[PAPER]

Resources

_

Team Members

_

Acknowledgements

We thank Shahram Davari and Broadcom, Inc. for providing hardware and technical support for our testbed evaluation. This work is supported by the National Science Foundation through CNS 1850297, a Ripple faculty fellowship, and a Ripple graduate fellowship. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of NSF, Ripple, or Broadcom.

Ripple Ripple Broadcom
Last updated Oct. 5th, 2021.