SoftFlow: A Middlebox Architecture for Open vSwitch

Open vSwitch is a high-performance multi-layer virtual switch that serves as a flexible foundation for building virtualized, stateless Layer 2 and 3 network services in multitenant datacenters. As workloads become more sophisticated, providing tenants with virtualized middlebox services is an increasingly important and recurring theme, yet it remains difficult to integrate these stateful services efficiently into Open vSwitch and its OpenFlow forwarding model: middleboxes perform complex operations that depend on internal state and inspection of packet payloads - functionality which is impossible to express in OpenFlow. In this paper, we present SoftFlow, an extension of Open vSwitch that seamlessly integrates middlebox functionality while maintaining the familiar OpenFlow forwarding model and performing significantly better than alternative techniques for middlebox integration.

[1]  Patrick Th. Eugster,et al.  SAX-PAC (Scalable And eXpressive PAcket Classification) , 2014, SIGCOMM.

[2]  Costin Raiciu,et al.  Rekindling network protocol innovation with user-level stacks , 2014, CCRV.

[3]  Eddie Kohler,et al.  The Click modular router , 1999, SOSP.

[4]  Mohan Kumar,et al.  CoPTUA: Consistent Policy Table Update Algorithm for TCAM without locking , 2004, IEEE Transactions on Computers.

[5]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[6]  Katerina J. Argyraki,et al.  RouteBricks: exploiting parallelism to scale software routers , 2009, SOSP '09.

[7]  Venkatachary Srinivasan,et al.  Packet classification using tuple space search , 1999, SIGCOMM '99.

[8]  Jon Crowcroft,et al.  Unikernels: library operating systems for the cloud , 2013, ASPLOS '13.

[9]  Giuseppe Lettieri,et al.  Speeding up packet I/O in virtual machines , 2013, Architectures for Networking and Communications Systems.

[10]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[11]  Nick McKeown,et al.  Flow caching for high entropy packet fields , 2014, HotSDN.

[12]  Martín Casado,et al.  Network Virtualization in Multi-tenant Datacenters , 2014, NSDI.

[13]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.

[14]  T. N. Vijaykumar,et al.  EffiCuts: optimizing packet classification for memory and throughput , 2010, SIGCOMM '10.

[15]  George Varghese,et al.  Packet classification using multidimensional cutting , 2003, SIGCOMM '03.

[16]  Vyas Sekar,et al.  Making middleboxes someone else's problem: network processing as a cloud service , 2012, SIGCOMM '12.

[17]  Amin Vahdat,et al.  xOMB: Extensible Open MiddleBoxes with commodity servers , 2012, 2012 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[18]  Aditya Akella,et al.  Toward software-defined middlebox networking , 2012, HotNets-XI.

[19]  Rolf Neugebauer — Netronome Selective and transparent acceleration of OpenFlow switches , 2013 .

[20]  Roberto Bifulco,et al.  ClickOS and the Art of Network Function Virtualization , 2014, NSDI.

[21]  Mark Handley,et al.  Network stack specialization for performance , 2013, HotNets.

[22]  Vyas Sekar,et al.  Design and Implementation of a Consolidated Middlebox Architecture , 2012, NSDI.

[23]  K. K. Ramakrishnan,et al.  NetVM: High Performance and Flexible Networking Using Virtualization on Commodity Platforms , 2014, IEEE Transactions on Network and Service Management.

[24]  Scott Shenker,et al.  E2: a framework for NFV applications , 2015, SOSP.

[25]  Nick McKeown,et al.  Packet classification on multiple fields , 1999, SIGCOMM '99.

[26]  Giuseppe Lettieri,et al.  VALE, a switched ethernet for virtual machines , 2012, CoNEXT '12.

[27]  Luigi Rizzo,et al.  netmap: A Novel Framework for Fast Packet I/O , 2012, USENIX ATC.