DHL: Enabling Flexible Software Network Functions with FPGA Acceleration

Network function virtualization (NFV) aims to run software network functions (NFs) in commodity servers. As CPU is general-purpose hardware, one has to use many CPU cores to handle complex packet processing at line rate. Owing to its performance and programmability, FPGA has emerged as a promising platform for NFV. However, the programmable logic blocks on an FPGA board are limited and expensive. Implementing the entire NFs on FPGA is thus resource-demanding. Further, FPGA needs to be reprogrammed when the NF logic changes which can take hours to synthesize the code. It is thus inflexible to use FPGA to implement the entire NFV service chain. We present dynamic hardware library (DHL), a novel CPU-FPGA co-design framework for NFV with both high performance and flexibility. DHL employs FPGA as accelerators only for complex packet processing. It abstracts accelerator modules in FPGA as a hardware function library, and provides a set of transparent APIs for developers. DHL supports running multiple concurrent software NFs with distinct accelerator functions on the same FPGA and provides data isolation among them. We implement a prototype of DHL with Intel DPDK. Experimental results demonstrate that DHL greatly reduces the programming efforts to access FPGA, brings significantly higher throughput and lower latency over CPU-only implementation, and minimizes the CPU resources.

[1]  Sue B. Moon,et al.  NBA (network balancing act): a high-performance packet processing framework for heterogeneous processors , 2015, EuroSys.

[2]  Luca Giraudo,et al.  NetFPGA-based load balancer for a multi-stage router architecture , 2014, 2014 World Congress on Computer Applications and Information Systems (WCCAIS).

[3]  S. Kittitornkun,et al.  A FPGA-based deep packet inspection engine for Network Intrusion Detection System , 2012, 2012 9th International Conference on Electrical Engineering/Electronics, Computer, Telecommunications and Information Technology.

[4]  Jian Guo,et al.  Joint Optimization of Chain Placement and Request Scheduling for Network Function Virtualization , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[5]  Vern Paxson,et al.  The shunt: an FPGA-based accelerator for network intrusion prevention , 2007, FPGA '07.

[6]  Viktor K. Prasanna,et al.  Scalable multi-pipeline architecture for high performance multi-pattern string matching , 2010, 2010 IEEE International Symposium on Parallel & Distributed Processing (IPDPS).

[7]  Yongqiang Xiong,et al.  ClickNP: Highly Flexible and High Performance Network Processing with Reconfigurable Hardware , 2016, SIGCOMM.

[8]  Eddie Kohler,et al.  The Click modular router , 1999, SOSP.

[9]  Sungryoul Lee,et al.  Kargus: a highly-scalable software-based intrusion detection system , 2012, CCS.

[10]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[11]  KyoungSoo Park,et al.  APUNet: Revitalizing GPU as Packet Processing Accelerator , 2017, NSDI.

[12]  Hong Xu,et al.  Multi-resource Load Balancing for Virtual Network Functions , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[13]  Vijay Kumar,et al.  High Speed Pattern Matching for Network IDS/IPS , 2006, Proceedings of the 2006 IEEE International Conference on Network Protocols.

[14]  Sangjin Han,et al.  PacketShader: a GPU-accelerated software router , 2010, SIGCOMM '10.

[15]  Luigi Rizzo,et al.  netmap: A Novel Framework for Fast Packet I/O , 2012, USENIX ATC.

[16]  Lixin Gao,et al.  Scalable network virtualization using FPGAs , 2010, FPGA '10.

[17]  Hong Xu,et al.  Demystifying the energy efficiency of Network Function Virtualization , 2016, 2016 IEEE/ACM 24th International Symposium on Quality of Service (IWQoS).

[18]  Andrew W. Moore,et al.  NetFPGA SUME: Toward 100 Gbps as Research Commodity , 2014, IEEE Micro.

[19]  Robert Soulé,et al.  Emu: Rapid Prototyping of Networking Services , 2017, USENIX Annual Technical Conference.

[20]  Nick Feamster,et al.  Building a fast, virtualized data plane with programmable hardware , 2009, CCRV.

[21]  Deep Medhi,et al.  Performance analysis of IPSec protocol: encryption and authentication , 2002, 2002 IEEE International Conference on Communications. Conference Proceedings. ICC 2002 (Cat. No.02CH37333).

[22]  Katerina J. Argyraki,et al.  RouteBricks: exploiting parallelism to scale software routers , 2009, SOSP '09.

[23]  Yi Liu,et al.  VNRE: Flexible and Efficient Acceleration for Network Redundancy Elimination , 2016, 2016 IEEE International Parallel and Distributed Processing Symposium (IPDPS).

[24]  Huynh Tu Dang,et al.  P4FPGA: A Rapid Prototyping Framework for P4 , 2017, SOSR.

[25]  Miao Li,et al.  Demystifying the Performance Interference of Co-Located Virtual Network Functions , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[26]  Hai Jin,et al.  Adaptive VNF Scaling and Flow Routing with Proactive Demand Prediction , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[27]  Roberto Bifulco,et al.  ClickOS and the Art of Network Function Virtualization , 2014, NSDI.

[28]  Sue B. Moon,et al.  The power of batching in the Click modular router , 2012, APSys.

[29]  Satnam Singh,et al.  Kiwi: Synthesis of FPGA Circuits from Parallel Programs , 2008, 2008 16th International Symposium on Field-Programmable Custom Computing Machines.

[30]  Hai Jin,et al.  Towards load-balanced VNF assignment in geo-distributed NFV Infrastructure , 2017, 2017 IEEE/ACM 25th International Symposium on Quality of Service (IWQoS).