Design and Implementation of eBPF-based Virtual TAP for Inter-VM Traffic Monitoring

With the proliferation of cloud computing and services, the internet traffic and the demand for better quality of service are increasing. To handle a huge amount of traffic using limited resources in a data center, server virtualization technology, which uses the resources of internal servers in the data center more efficiently, is receiving increased attention. However, the existing hardware test access port (TAP) equipment that duplicates packets for monitoring has many drawbacks, which make it unfit for deployment in the virtual datapaths configured for server virtualization. vTAP, which is a software version of the hardware TAP, overcomes this problem by duplicating packets in a virtual switch. However, implementation of vTAP in a virtual switch has a performance problem because it uses the computing resources of the host machines. To overcome this problem, we propose a vTAP implementation technique based on the extended Berkeley packet filter (eBPF), which is a high-speed packet processing technology. Finally, we compare its performance with that of the existing virtual TAP.

[1]  Timothy Wood,et al.  Cloud-Scale Application Performance Monitoring with SDN and NFV , 2015, 2015 IEEE International Conference on Cloud Engineering.

[2]  James Won-Ki Hong,et al.  OpenFlow-based virtual TAP using open vSwitch and DPDK , 2018, NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium.

[3]  Mohsine Eleuldj,et al.  OpenStack: Toward an Open-source Solution for Cloud Computing , 2012 .

[4]  Bernardi Pranggono,et al.  Machine learning based intrusion detection system for software defined networks , 2017, 2017 Seventh International Conference on Emerging Security Technologies (EST).

[5]  Luís Bernardo,et al.  Machine Learning in Software Defined Networks: Data collection and traffic classification , 2016, 2016 IEEE 24th International Conference on Network Protocols (ICNP).

[6]  Rodrigo Fonseca,et al.  Planck , 2014, SIGCOMM.

[7]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.