In a software-defined network (SDN), statistics information is of vital importance for different applications, such as traffic engineering, flow rerouting, and attack detection. Since some resources, e.g., ternary content addressable memory, SRAM, and computing capacity, are often limited on SDN switches, traffic measurements based on flow tables or sampling become infeasible. In fact, sketches provide a promising building block for filling this void by monitoring every packet with fixed-size memory. Although many efficient sketches have been designed, our analysis shows that existing sketch-based measurement solutions may suffer from severe computing overhead on switches especially under high traffic load that significantly interferes with switch’s basic functions, such as flow rule setup and modification. In this paper, we present CountMax, a lightweight and cooperative sketch for traffic measurement, which can achieve low-amortized processing overhead and tight estimation bounds, to track large flows in SDNs. We also discuss how to apply CountMax to support a variety of applications. We have implemented the proposed algorithm on our open switches. Testbed experiments and extensive simulation results show that CountMax consumes only 1/3–1/2 computing overhead and reduces the average estimation error by 20%–30%, compared with the existing solutions under the same memory size.
Read full abstract