Machine learning has been applied to many network operations problems, from detecting network infections to inferring the quality of application traffic. In most cases, however, the models developed in the research lab cannot be transitioned to practice: they operate in offline settings with limited datasets, ignoring challenging problems from model efficiency and retraining to obtaining ground truth at scale.
Our research agenda considers a new direction: operationalizing network analytics. We describe some of the shortcomings of existing applications of machine learning in network operations in the context of broadband access networks and cellular networks and explain how more fundamental research at the intersection between networking, systems, and machine learning can help develop more effective solutions for managing today’s networks.
Sonata is a query-driven streaming network telemetry system that uses a declarative query interface to drive the joint collection and analysis of network traffic. It takes advantage of two emerging technologies---streaming analytics platforms and programmable network devices---to facilitate query-driven telemetry.
Sonata allows operators to directly express queries for a range of network telemetry applications using a high level declarative language. Under the hood, Sonata partitions each query into a portion that runs in the switch and another that runs on the streaming analytics platform, iteratively refines the queries to efficiently capture only the traffic that satisfies the respective queries.
Software Defined IXP (SDX) brings the merits of Software Defined Networking (SDN) to interdomain routing. Today's intedomain routing protocol, Border Gateway Protocol (BGP) constrains how networks can deliver traffic over the Internet. Today's networks can only forward traffic based on the destination IP prefixes, by selecting among the routes offered by their immediate neighbors. SDN can offer direct control over packet-processing rules that match on multiple header fields and perform a variety of actions. IXPs are a compelling place to deploy these changes, given their role in interconnecting many networks and their growing importance in bringing popular content closer to end users.
SDX does more than simply replace an IXP's switches with their OpenFlow counterparts. SDX's capabilities enable new applications, such as application-specific peering---where two networks peer only for (say) streaming video traffic. We also developed new programming abstractions that allow participating networks to create and run these applications and a runtime that both behaves correctly when interacting with BGP and ensures that applications do not interfere with each other. Finally, we also ensured that the system scales, both in terms of table size and computational overhead. Our SDX controller has been deployed at various IXPs around the world.