1
Management Plane Analytics
Aaron Gember-Jacobson, Wenfei Wu, Xiujun Li, Aditya Akella, Ratul Mahajan
2
What is the management plane?
Data planeForwards packets
Control planeGenerates forwarding tables
Management plane Defines data plane structure and control plane config
ConfigRoutingTable
Forwarding Table
We can model these
How do we model this?
3
Why study the management plane?
• Important to well functioning networks!• But…there’s no systematic understanding
of how management practices impact the health of networks
?Operators have a diversity of opinions on
what matters
4
Our goals
1. Characterize management practices in modern networks
2. Infer the practices that matter mosttoward health (e.g., # of failures)
3. Predict health, based on practices→ Perform what-if analysis
4. Suggest control plane configurations, given some objectives
Inspired by empirical software engineering
5
Challenges
• Management practices aren’t explicitly logged
• Data may be incomplete or insufficient– Use data from many networks and time periods
Configs Inventory Practices Health
&Tickets
+ +
6
Characterizing management practices
• 850+ networks from an online service provider• Two classes of practices– Design: long-term decisions
Define network structure and provisioningE.g., how many switches and which vendors
– Operational: day-to-day activities Changes to address emerging needsE.g., adding subnets
7
Design Practices
• Heterogeneous physical composition– Multiple roles (86% of networks),
vendors (81%), and models (96%)• Heterogeneous logical composition– 2+ layer-2 protocols
(e.g., VLAN, MSTP)– 1+ routing
protocol (89%)
8
Operational practices
# changes ≈
# devices
Differentdevices changed
each month
Interface changes are the most
frequent
Lots of variability in automation;
not correlated with # changes
9
Are current languages good?
• Example: adding a VLAN– Cisco IOS
– Pyretic
– Intent: isolation want a construct that allows operators to specify this intent (e.g., Merlin?)
interface GigabitEthernet1/1switchport access vlan 101switchport mode access
match(switch=s,inport=1)[modify(vlan=101)>>learn]
10
Predicting network health
• Build a decision tree classifier– Benefit: intuitive for operators to understand– 5 bins for practices; 2 or 5 bins for health– Build with C4.5; prune to avoid over-fitting
Healthy Unhealthy0
0.2
0.4
0.6
0.8
1
F-Sc
ore
Excellent Good Moderate Poor Very poor
91.6% accuracy 81.1% accuracy
Few unhealthy data points
11
Improving predictions
• Boosting– Increases (decreases) the weight of examples
that were classified incorrectly (correctly)• Minority oversampling– Clusters data points
in the minority class– Generates examples
in the same cluster