Architecture for building hybrid kernel-user space virtual network functions

Network Function Virtualization (NFV) is one of the important aspects of modern network architecture. NFV decouples Network Functions (NFs) from hardware, therefore produces Virtual Network Functions (VNFs) that can run on standard, commodity servers, which in turn mostly run Linux kernel. In this paper, we propose a general architecture for building hybrid kernel-user space VNFs which leverages extended Berkeley Packet Filter (eBPF). eBPF is a framework in Linux kernel that enables network programmability inside kernel for optimal performance. However, the programmability of eBPF is limited due to safety and security of the kernel. Our proposed architecture applies hybrid approach: leave the simple work inside the kernel with eBPF and let complex work be processed in the user space. This architecture allows building complex VNFs to have both speed and flexibility. To demonstrate, we use the proposed architecture to build two VNFs: Dynamic Load Balancer and Deep Packet Inspection with Dynamic Sniffing. The evaluation results show that both VNFs significantly outperform the widely used solutions.

[1]  Dimitrios P. Pezaros,et al.  BPFabric: Data Plane Programmability for Software Defined Networks , 2017, 2017 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[2]  Maurizio Martinelli,et al.  nDPI: Open-source high-speed deep packet inspection , 2014, 2014 International Wireless Communications and Mobile Computing Conference (IWCMC).

[3]  Anat Bremler-Barr,et al.  OpenBox: A Software-Defined Framework for Developing, Deploying, and Managing Network Functions , 2016, SIGCOMM.

[4]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[5]  Muhammad Hamad Alizai,et al.  InKeV: in-kernel distributed network virtualization for DCN , 2018, CCRV.

[6]  Minlan Yu,et al.  SIMPLE-fying middlebox policy enforcement using SDN , 2013, SIGCOMM.

[7]  Filip De Turck,et al.  Network Function Virtualization: State-of-the-Art and Research Challenges , 2015, IEEE Communications Surveys & Tutorials.