Research Challenges for Network Function Virtualization - Re-Architecting Middlebox for High Performance and Efficient, Elastic and Resilient Platform to Create New Services -

Today’s enterprise, data-center, and internet-serviceprovider networks deploy different types of network devices, including switches, routers, and middleboxes such as network address translation and firewalls. These devices are vertically integrated monolithic systems. Software-defined networking (SDN) and network function virtualization (NFV) are promising technologies for dis-aggregating vertically integrated systems into components by using “softwarization”. Software-defined networking separates the control plane from the data plane of switch and router, while NFV decouples high-layer service functions (SFs) or Network Functions (NFs) implemented in the data plane of a middlebox and enables the innovation of policy implementation by using SF chaining. Even though there have been several survey studies in this area, this area is continuing to grow rapidly. In this paper, we present a recent survey of this area. In particular, we survey research activities in the areas of re-architecting middleboxes, state management, high-performance platforms, service chaining, resource management, and trouble shooting. Efforts in these research areas will enable the development of future virtual-network-function platforms and innovation in service management while maintaining acceptable capital and operational expenditure. key words: network function virtualization, software-defined networking, service chain, policy management, resource management

[1]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[2]  Anat Bremler-Barr,et al.  OpenBox: Enabling Innovation in Middlebox Applications , 2015, HotMiddlebox '15.

[3]  George Varghese,et al.  Forwarding metamorphosis: fast programmable match-action processing in hardware for SDN , 2013, SIGCOMM.

[4]  Ian F. Akyildiz,et al.  A roadmap for traffic engineering in SDN-OpenFlow networks , 2014, Comput. Networks.

[5]  Hani Jamjoom,et al.  Pico replication: a high availability framework for middleboxes , 2013, SoCC.

[6]  Yi Wang,et al.  Virtual routers on the move: live router migration as a network-management primitive , 2008, SIGCOMM '08.

[7]  Hong Yan,et al.  A clean slate 4D approach to network control and management , 2005, CCRV.

[8]  Aditya Akella,et al.  A Standardized Southbound API for VNF Management , 2016, HotMiddlebox@SIGCOMM.

[9]  Raouf Boutaba,et al.  ViNEYard: Virtual Network Embedding Algorithms With Coordinated Node and Link Mapping , 2012, IEEE/ACM Transactions on Networking.

[10]  Vyas Sekar,et al.  Design and Implementation of a Consolidated Middlebox Architecture , 2012, NSDI.

[11]  K. K. Ramakrishnan,et al.  NetVM: High Performance and Flexible Networking Using Virtualization on Commodity Platforms , 2014, IEEE Transactions on Network and Service Management.

[12]  Kazuya Suzuki,et al.  A Survey on OpenFlow Technologies , 2014, IEICE Trans. Commun..

[13]  Jose Renato Santos,et al.  Bridging the Gap between Software and Hardware Techniques for I/O Virtualization , 2008, USENIX Annual Technical Conference.

[14]  Nick Feamster,et al.  Design and implementation of a routing control platform , 2005, NSDI.

[15]  Seungyeop Han,et al.  SSLShader: Cheap SSL Acceleration with Commodity Processors , 2011, NSDI.

[16]  Dong Zhou,et al.  Raising the Bar for Using GPUs in Software Packet Processing , 2015, NSDI.

[17]  Jerome H. Saltzer,et al.  End-to-end arguments in system design , 1984, TOCS.

[18]  Ion Stoica,et al.  A policy-aware switching layer for data centers , 2008, SIGCOMM '08.

[19]  Bryan Veal,et al.  Performance scalability of a multi-core web server , 2007, ANCS '07.

[20]  K. K. Ramakrishnan,et al.  Virtual function placement and traffic steering in flexible and dynamic software defined networks , 2015, The 21st IEEE International Workshop on Local and Metropolitan Area Networks.

[21]  EDDIE KOHLER,et al.  The click modular router , 2000, TOCS.

[22]  Sotiris Ioannidis,et al.  MIDeA: a multi-parallel intrusion detection architecture , 2011, CCS '11.

[23]  Hasan Pirkul,et al.  A multi-commodity, multi-plant, capacitated facility location problem: formulation and efficient heuristic solution , 1998, Comput. Oper. Res..

[24]  Yongqiang Xiong,et al.  ClickNP: Highly Flexible and High Performance Network Processing with Reconfigurable Hardware , 2016, SIGCOMM.

[25]  Robert Ricci,et al.  Fast and flexible: Parallel packet processing with GPUs and click , 2013, Architectures for Networking and Communications Systems.

[26]  Filip De Turck,et al.  VNF-P: A model for efficient placement of virtualized network functions , 2014, 10th International Conference on Network and Service Management (CNSM) and Workshop.

[27]  Adrian Farrel,et al.  A Path Computation Element (PCE)-Based Architecture , 2006, RFC.

[28]  Glen Gibb,et al.  Outsourcing network functionality , 2012, HotSDN '12.

[29]  Hani Jamjoom,et al.  Stateless Network Functions , 2015, HotMiddlebox@SIGCOMM.

[30]  Haoyu Song,et al.  Protocol-oblivious forwarding: unleash the power of SDN through a future-proof forwarding plane , 2013, HotSDN '13.

[31]  Minlan Yu,et al.  Rethinking virtual network embedding: substrate support for path splitting and migration , 2008, CCRV.

[32]  Martín Casado,et al.  Abstractions for software-defined networks , 2014, Commun. ACM.

[33]  Sylvia Ratnasamy,et al.  A Survey of Enterprise Middlebox Deployments , 2012 .

[34]  Ashish Gupta,et al.  The RAMCloud Storage System , 2015, ACM Trans. Comput. Syst..

[35]  Lei Xu,et al.  Can machine learning aid in delivering new use cases and scenarios in 5G? , 2016, NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium.

[36]  Alan L. Cox,et al.  Achieving 10 Gb/s using safe and transparent network interface virtualization , 2009, VEE '09.

[37]  Sneha Kumar Kasera,et al.  Scaling the LTE control-plane for future mobile access , 2015, CoNEXT.

[38]  David Wetherall,et al.  A protocol-independent technique for eliminating redundant network traffic , 2000, SIGCOMM.

[39]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[40]  Martín Casado,et al.  Ethane: taking control of the enterprise , 2007, SIGCOMM '07.

[41]  Scott Shenker,et al.  Internet indirection infrastructure , 2004, IEEE/ACM Transactions on Networking.

[42]  Seungjoon Lee,et al.  Network function virtualization: Challenges and opportunities for innovations , 2015, IEEE Communications Magazine.

[43]  Alvin Cheung,et al.  Packet Transactions: High-Level Programming for Line-Rate Switches , 2015, SIGCOMM.

[44]  Hao Wu,et al.  Wire Speed Name Lookup: A GPU-based Approach , 2013, NSDI.

[45]  Mark Handley,et al.  Network stack specialization for performance , 2015, SIGCOMM 2015.

[46]  Luciana S. Buriol,et al.  Piecing together the NFV provisioning puzzle: Efficient placement and chaining of virtual network functions , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[47]  Yuan-Cheng Lai,et al.  An extended SDN architecture for network function virtualization with a case study on intrusion prevention , 2015, IEEE Network.

[48]  Obi Akonjang,et al.  SANE: A Protection Architecture For Enterprise Networks , 2007 .

[49]  Jinwei Xia,et al.  Uniform handling and abstraction of NFV hardware accelerators , 2015, IEEE Network.

[50]  Richard Gold,et al.  A virtualized link layer with support for indirection , 2004, FDNA '04.

[51]  Eddie Kohler,et al.  The Click modular router , 1999, SOSP.

[52]  Giuseppe Lettieri,et al.  VALE, a switched ethernet for virtual machines , 2012, CoNEXT '12.

[53]  Jr. G. Forney,et al.  The viterbi algorithm , 1973 .

[54]  Minlan Yu,et al.  Enforcing Network-Wide Policies in the Presence of Dynamic Middlebox Actions using FlowTags , 2014, NSDI.

[55]  Aditya Akella,et al.  OpenNF: enabling innovation in network function control , 2015, SIGCOMM 2015.

[56]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[57]  Vyas Sekar,et al.  Making middleboxes someone else's problem: network processing as a cloud service , 2012, SIGCOMM '12.

[58]  Srikanth Kandula,et al.  Dynamic load balancing without packet reordering , 2007, CCRV.

[59]  Rolf Stadler,et al.  vNMF: Distributed fault detection using clustering approach for network function virtualization , 2015, 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM).

[60]  Scott Shenker,et al.  NetBricks: Taking the V out of NFV , 2016, OSDI.

[61]  Luigi Rizzo,et al.  netmap: A Novel Framework for Fast Packet I/O , 2012, USENIX ATC.

[62]  Juan Felipe Botero,et al.  Resource Allocation in NFV: A Comprehensive Survey , 2016, IEEE Transactions on Network and Service Management.

[63]  Sungryoul Lee,et al.  Kargus: a highly-scalable software-based intrusion detection system , 2012, CCS.

[64]  Nick Feamster,et al.  Programming slick network functions , 2015, SOSR.

[65]  Vyas Sekar,et al.  SmartRE: an architecture for coordinated network-wide redundancy elimination , 2009, SIGCOMM '09.

[66]  Srinivasan Seshan,et al.  Packet caches on routers: the implications of universal redundant traffic elimination , 2008, SIGCOMM '08.

[67]  Nicola Mazzocca,et al.  The dynamic placement of virtual network functions , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[68]  Alfred V. Aho,et al.  Efficient string matching , 1975, Commun. ACM.

[69]  Timothy Roscoe,et al.  Arrakis , 2014, OSDI.

[70]  Taesang Choi,et al.  CO-REDUCE: Collaborative Redundancy Reduction Service in Software-Defined Networks , 2015, HotMiddlebox '15.

[71]  Tilman Wolf,et al.  Adaptive Service-Chain Routing for Virtual Network Functions in Software-Defined Networks , 2016, HotMiddlebox@SIGCOMM.

[72]  Amin Vahdat,et al.  xOMB: Extensible Open MiddleBoxes with commodity servers , 2012, 2012 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[73]  Ion Stoica,et al.  Modeling middleboxes , 2008, IEEE Network.

[74]  T. S. Eugene Ng,et al.  The Impact of Virtualization on Network Performance of Amazon EC2 Data Center , 2010, 2010 Proceedings IEEE INFOCOM.

[75]  Aditya Akella,et al.  Redundancy in network traffic: findings and implications , 2009, SIGMETRICS '09.

[76]  Huan Liu,et al.  On direct routing in the valiant load-balancing architecture , 2005, GLOBECOM '05. IEEE Global Telecommunications Conference, 2005..

[77]  Sue B. Moon,et al.  NBA (network balancing act): a high-performance packet processing framework for heterogeneous processors , 2015, EuroSys.

[78]  George Varghese,et al.  P4: programming protocol-independent packet processors , 2013, CCRV.

[79]  Brian E. Carpenter,et al.  Middleboxes: Taxonomy and Issues , 2002, RFC.

[80]  Scott Shenker,et al.  E2: a framework for NFV applications , 2015, SOSP.

[81]  Aditya Akella,et al.  Improving the Safety, Scalability, and Efficiency of Network Function State Transfers , 2015, HotMiddlebox@SIGCOMM.

[82]  Minlan Yu,et al.  FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions , 2013, HotSDN '13.

[83]  Mark Handley,et al.  Flow processing and the rise of commodity network hardware , 2009, CCRV.

[84]  Didier Colle,et al.  Network service chaining with efficient network function mapping based on service decompositions , 2015, Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft).

[85]  Sotiris Ioannidis,et al.  GASPP: A GPU-Accelerated Stateful Packet Processing Framework , 2014, USENIX Annual Technical Conference.

[86]  Noël Crespi,et al.  Self-modeling based diagnosis of services over programmable networks , 2016, 2016 IEEE NetSoft Conference and Workshops (NetSoft).

[87]  Siu-Ming Yiu,et al.  A Survey on Regular Expression Matching for Deep Packet Inspection: Applications, Algorithms, and Hardware Platforms , 2016, IEEE Communications Surveys & Tutorials.

[88]  Christoforos E. Kozyrakis,et al.  IX: A Protected Dataplane Operating System for High Throughput and Low Latency , 2014, OSDI.

[89]  Jim Esch,et al.  Software-Defined Networking: A Comprehensive Survey , 2015, Proc. IEEE.

[90]  Sylvia Ratnasamy,et al.  SoftNIC: A Software NIC to Augment Hardware , 2015 .

[91]  Eunyoung Jeong,et al.  mTCP: a Highly Scalable User-level TCP Stack for Multicore Systems , 2014, NSDI.

[92]  Laurent Mathy,et al.  Fast userspace packet processing , 2015, 2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[93]  Xavier Hesselbach,et al.  Virtual Network Embedding: A Survey , 2013, IEEE Communications Surveys & Tutorials.

[94]  Andrew Warfield,et al.  Split/Merge: System Support for Elastic Execution in Virtual Middleboxes , 2013, NSDI.

[95]  Joseph Naor,et al.  Near optimal placement of virtual network functions , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[96]  Michael Walfish,et al.  Middleboxes No Longer Considered Harmful , 2004, OSDI.

[97]  K. K. Ramakrishnan,et al.  OpenNetVM: A Platform for High Performance Network Service Chains , 2016, HotMiddlebox@SIGCOMM.

[98]  Raouf Boutaba,et al.  Elastic virtual network function placement , 2015, 2015 IEEE 4th International Conference on Cloud Networking (CloudNet).

[99]  Dan Touitou,et al.  Accelerating NFV with fast path offloading , 2014, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC).

[100]  Miguel Castro,et al.  FaRM: Fast Remote Memory , 2014, NSDI.

[101]  Robert Ricci,et al.  GPUstore: harnessing GPU computing for storage systems in the OS kernel , 2012, SYSTOR '12.

[102]  Wolfgang Kellerer,et al.  Applying NFV and SDN to LTE mobile core gateways, the functions placement problem , 2014, AllThingsCellular '14.

[103]  Laurent Mathy,et al.  FlowOS: a flow-based platform for middleboxes , 2013, HotMiddlebox '13.

[104]  Sangjin Han,et al.  PacketShader: a GPU-accelerated software router , 2010, SIGCOMM '10.

[105]  Raouf Boutaba,et al.  On orchestrating virtual network functions , 2015, 2015 11th International Conference on Network and Service Management (CNSM).

[106]  Vikram S. Adve,et al.  LLVM: a compilation framework for lifelong program analysis & transformation , 2004, International Symposium on Code Generation and Optimization, 2004. CGO 2004..

[107]  Ajaypal Singh,et al.  High-performance evolved packet core signaling and bearer processing on general-purpose processors , 2015, IEEE Network.

[108]  Jianping Wang,et al.  OpenSCaaS: an open service chain as a service platform toward the integration of SDN and NFV , 2015, IEEE Network.

[109]  Scott Shenker,et al.  Rollback-Recovery for Middleboxes , 2015, Comput. Commun. Rev..

[110]  Christian Huitema,et al.  STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) , 2003, RFC.

[111]  Mendel Rosenblum,et al.  Fast crash recovery in RAMCloud , 2011, SOSP.

[112]  Aditya Akella,et al.  Demystifying configuration challenges and trade-offs in network-based ISP services , 2011, SIGCOMM 2011.

[113]  Minlan Yu,et al.  SIMPLE-fying middlebox policy enforcement using SDN , 2013, SIGCOMM.

[114]  Filip De Turck,et al.  Network Function Virtualization: State-of-the-Art and Research Challenges , 2015, IEEE Communications Surveys & Tutorials.

[115]  Raffaele Bolla,et al.  Pc-based software routers: high performance and application service support , 2008, PRESTO '08.

[116]  Aditya Akella,et al.  Paving the Way for NFV: Simplifying Middlebox Modifications Using StateAlyzr , 2016, NSDI.

[117]  Nick Feamster,et al.  The road to SDN: an intellectual history of programmable networks , 2014, CCRV.

[118]  Massimo Gallo,et al.  CliMB: Enabling Network Function Composition with Click Middleboxes , 2016, CCRV.

[119]  Roberto Bifulco,et al.  ClickOS and the Art of Network Function Virtualization , 2014, NSDI.

[120]  Sue B. Moon,et al.  The power of batching in the Click modular router , 2012, APSys.

[121]  Vyas Sekar,et al.  Stratos: A Network-Aware Orchestration Layer for Virtual Middleboxes in Clouds , 2013, 1305.0209.

[122]  Katerina J. Argyraki,et al.  RouteBricks: exploiting parallelism to scale software routers , 2009, SOSP '09.

[123]  Sotiris Ioannidis,et al.  Gnort: High Performance Network Intrusion Detection Using Graphics Processors , 2008, RAID.

[124]  Min Chen,et al.  Software-Defined Network Function Virtualization: A Survey , 2015, IEEE Access.

[125]  Holger Karl,et al.  Specifying and placing chains of virtual network functions , 2014, 2014 IEEE 3rd International Conference on Cloud Networking (CloudNet).

[126]  Georgios Xilouris,et al.  An integrating framework for efficient NFV monitoring , 2016, 2016 IEEE NetSoft Conference and Workshops (NetSoft).

[127]  Mark Handley,et al.  Forwarding path architectures for multicore software routers , 2010, PRESTO '10.