Skip to main content

Alpaca: Compact Network Policies With Attribute-Encoded Addresses

Author(s): Kang, Nanxi; Rottenstreich, Ori; Rao, Sanjay G.; Rexford, Jennifer

To refer to this page use:
Abstract: In enterprise networks, policies (e.g., QoS or security) are often defined based on the categorization of hosts along dimensions, such as the organizational role of the host (faculty versus student) and department (engineering versus sales). While current best practices (virtual local area networks) help when hosts are categorized along a single dimension, policy may often need to be expressed along multiple orthogonal dimensions. In this paper, we make three contributions. First, we argue for attribute-encoded IPs (ACIPs), where the IP address allocation process in enterprises considers attributes of a host along all policy dimensions. ACIPs enable flexible policy specification in a manner that may not otherwise be feasible owing to the limited size of switch rule-tables. Second, we present Alpaca, algorithms for realizing ACIPs under practical constraints of limited-length IP addresses. Our algorithms can be applied to different switch architectures, and we provide bounds on their performance. Third, we demonstrate the importance and viability of ACIPs on data collected from real campus networks.
Publication Date: 14-Feb-2017
Citation: Kang, Nanxi, Rottenstreich, Ori, Rao, Sanjay G. and Rexford, Jennifer. "Alpaca: Compact Network Policies With Attribute-Encoded Addresses." IEEE/ACM Transactions on Networking 25, no. 3 (2017): 1846-1860. doi:10.1109/TNET.2017.2657123
DOI: 10.1109/TNET.2017.2657123
ISSN: 1063-6692
EISSN: 1558-2566
Pages: 1846 - 1860
Type of Material: Journal Article
Journal/Proceeding Title: IEEE/ACM Transactions on Networking
Version: Author's manuscript

Items in OAR@Princeton are protected by copyright, with all rights reserved, unless otherwise indicated.