UNO: uniflying host and smart NIC offload for flexible packet processing

Increasingly, smart Network Interface Cards (sNICs) are being used in data centers to offload networking functions (NFs) from host processors thereby making these processors available for tenant applications. Modern sNICs have fully programmable, energy-efficient multi-core processors on which many packet processing functions, including a full-blown programmable switch, can run. However, having multiple switch instances deployed across the host hypervisor and the attached sNICs makes controlling them difficult and data plane operations more complex. This paper proposes a generalized SDN-controlled NF offload architecture called UNO. It can transparently offload dynamically selected host processors' packet processing functions to sNICs by using multiple switches in the host while keeping the data centerwide network control and management planes unmodified. UNO exposes a single virtual control plane to the SDN controller and hides dynamic NF offload behind a unified virtual management plane. This enables UNO to make optimal use of host's and sNIC's combined packet processing capabilities with local optimization based on locally observed traffic patterns and resource consumption, and without central controller involvement. Experimental results based on a real UNO prototype in realistic scenarios show promising results: it can save processing worth up to 8 CPU cores, reduce power usage by up to 2x, and reduce the control plane overhead by more than 50%.

[1]  Thomas F. Wenisch,et al.  Thin servers with smart pipes: designing SoC accelerators for memcached , 2013, ISCA.

[2]  Timothy Roscoe,et al.  We Need to Talk About NICs , 2013, HotOS.

[3]  Anees Shaikh,et al.  Load-sensitive routing of long-lived IP flows , 1999, SIGCOMM '99.

[4]  Minlan Yu,et al.  Enforcing Network-Wide Policies in the Presence of Dynamic Middlebox Actions using FlowTags , 2014, NSDI.

[5]  Alec Wolman,et al.  MAUI: making smartphones last longer with code offload , 2010, MobiSys '10.

[6]  Rob Sherwood,et al.  FlowVisor: A Network Virtualization Layer , 2009 .

[7]  Vyas Sekar,et al.  Making middleboxes someone else's problem: network processing as a cloud service , 2012, SIGCOMM '12.

[8]  Gustavo Alonso,et al.  Consensus in a Box: Inexpensive Coordination in Hardware , 2016, NSDI.

[9]  Amin Vahdat,et al.  SENIC: Scalable NIC for End-Host Rate Limiting , 2014, NSDI.

[10]  Ronald L. Rivest,et al.  Max-flow Min-cut Theorem , 1998 .

[11]  George Varghese,et al.  P4: programming protocol-independent packet processors , 2013, CCRV.

[12]  Isaac Keslassy,et al.  Palette: Distributing tables in software-defined networks , 2013, 2013 Proceedings IEEE INFOCOM.

[13]  Franck Le,et al.  Stateless Network Functions: Breaking the Tight Coupling of State and Processing , 2017, NSDI.

[14]  Ke Liu,et al.  Intra-host Rate Control with Centralized Approach , 2016, 2016 IEEE International Conference on Cluster Computing (CLUSTER).

[15]  Zdravko Bozakov,et al.  AutoSlice: automated and scalable slicing for software-defined networks , 2012, CoNEXT Student '12.

[16]  Christos Gkantsidis,et al.  Enabling End-Host Network Functions , 2015, Comput. Commun. Rev..

[17]  Martín Casado,et al.  Fabric: a retrospective on evolving SDN , 2012, HotSDN '12.

[18]  Scott Shenker,et al.  E2: a framework for NFV applications , 2015, SOSP.

[19]  Seungwon Shin,et al.  UNISAFE: A Union of Security Actions for Software Switches , 2016, SDN-NFV@CODASPY.

[20]  Will Dietz,et al.  Slipstream: Automatic Interprocess Communication Optimization , 2015, USENIX Annual Technical Conference.

[21]  David Walker,et al.  Optimizing the "one big switch" abstraction in software-defined networks , 2013, CoNEXT.

[22]  Alan L. Cox,et al.  Hyper-Switch: A Scalable Software Virtual Switching Architecture , 2013, USENIX Annual Technical Conference.

[23]  Yan Luo,et al.  Accelerated virtual switching with programmable NICs for scalable data center networking , 2010, VISA '10.

[24]  Pedro Assunção A Zero Trust Approach to Network Security , 2019 .

[25]  Aditya Akella,et al.  Toward software-defined middlebox networking , 2012, HotNets-XI.

[26]  Christoforos E. Kozyrakis,et al.  IX: A Protected Dataplane Operating System for High Throughput and Low Latency , 2014, OSDI.

[27]  Sylvia Ratnasamy,et al.  SoftNIC: A Software NIC to Augment Hardware , 2015 .

[28]  Fang Hao,et al.  Application-aware data plane processing in SDN , 2014, HotSDN.

[29]  Scott Shenker,et al.  SoftFlow: A Middlebox Architecture for Open vSwitch , 2016, USENIX ATC.

[30]  David F. Bacon,et al.  FPGA programming for the masses , 2013, CACM.

[31]  David Walker,et al.  Incremental consistent updates , 2013, HotSDN '13.

[32]  Fernando Pedone,et al.  Network Hardware-Accelerated Consensus , 2016, ArXiv.

[33]  Eyal de Lara,et al.  Accelerating Complex Data Transfer for Cluster Computing , 2016, HotCloud.

[34]  Ramesh Govindan,et al.  vCRIB: Virtualized Rule Management in the Cloud , 2012, HotCloud.

[35]  Paolo Valente,et al.  PSPAT: Software packet scheduling at hardware speed , 2018, Comput. Commun..

[36]  Guru M. Parulkar,et al.  OpenVirteX: make your virtual SDNs programmable , 2014, HotSDN.

[37]  Jia Wang,et al.  Scalable flow-based networking with DIFANE , 2010, SIGCOMM '10.

[38]  Seungjoon Lee,et al.  Network function virtualization: Challenges and opportunities for innovations , 2015, IEEE Communications Magazine.

[39]  Yuping Zhao,et al.  OpenANFV: accelerating network function virtualization with a consolidated framework in openstack , 2015, SIGCOMM 2015.

[40]  Gerald Sabin,et al.  Security offload using the SmartNIC, A programmable 10 Gbps ethernet NIC , 2015, 2015 National Aerospace and Electronics Conference (NAECON).

[41]  Vyas Sekar,et al.  Design and Implementation of a Consolidated Middlebox Architecture , 2012, NSDI.

[42]  K. K. Ramakrishnan,et al.  NetVM: High Performance and Flexible Networking Using Virtualization on Commodity Platforms , 2014, IEEE Transactions on Network and Service Management.

[43]  Babak Falsafi,et al.  Optimizing Data-Center TCO with Scale-Out Processors , 2012, IEEE Micro.

[44]  David F. Bacon,et al.  FPGA Programming for the Masses , 2013, ACM Queue.

[45]  Yashar Ganjali,et al.  HyperFlow: A Distributed Control Plane for OpenFlow , 2010, INM/WREN.

[46]  Alan L. Cox,et al.  sNICh: Efficient last hop networking in the data center , 2010, 2010 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[47]  Martín Casado,et al.  Software-defined internet architecture: decoupling architecture from infrastructure , 2012, HotNets-XI.

[48]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.

[49]  Kees A. Vissers,et al.  Dataflow architectures for 10Gbps line-rate key-value-stores , 2013, 2013 IEEE Hot Chips 25 Symposium (HCS).

[50]  Fang Hao,et al.  UMON: flexible and fine grained traffic monitoring in open vSwitch , 2015, CoNEXT.

[51]  Ramesh Govindan,et al.  Scalable Rule Management for Data Centers , 2013, NSDI.

[52]  Aditya Akella,et al.  OpenNF , 2014, SIGCOMM.

[53]  Michio Honda,et al.  mSwitch: a highly-scalable, modular software switch , 2015, SOSR.

[54]  Pete Wyckoff,et al.  Accelerating Distributed Computing Applications Using a Network Offloading Framework , 2007, 2007 IEEE International Parallel and Distributed Processing Symposium.

[55]  Dongsu Han,et al.  Scaling the performance of network intrusion detection with many-core processors , 2015, 2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[56]  Minlan Yu,et al.  SIMPLE-fying middlebox policy enforcement using SDN , 2013, SIGCOMM.

[57]  Thomas E. Anderson,et al.  Ingress Pipeline Queues Packet Buffer DMA PipelineDMA Egress Pipeline , 2015 .

[58]  Ben Lee,et al.  Platform IO DMA Transaction Acceleration , 2012 .

[59]  Jialin Li,et al.  Just Say NO to Paxos Overhead: Replacing Consensus with Network Ordering , 2016, OSDI.

[60]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[61]  Timothy Roscoe,et al.  Arrakis , 2014, OSDI.