The middlebox manifesto: enabling innovation in middlebox deployment

Most network deployments respond to changing application, workload, and policy requirements via the deployment of specialized network appliances or "middleboxes". Despite the critical role that middleboxes play in introducing new network functionality, they have been surprisingly ignored in recent efforts for designing networks that are amenable to innovation. We make the case that enabling innovation in middleboxes is at least as important, if not more important, as that for traditional switches and routers. To this end, our vision is a world with software-centric middlebox implementations running on general-purpose hardware platforms that are managed via open and extensible management APIs. While these principles have been applied in other contexts, they introduce unique opportunities and challenges in the context of middleboxes that we highlight in this paper.

[1]  Martín Casado,et al.  NOX: towards an operating system for networks , 2008, CCRV.

[2]  Mark Handley,et al.  Flow processing and the rise of commodity network hardware , 2009, CCRV.

[3]  Larry L. Peterson,et al.  binpac: a yacc for writing application protocol parsers , 2006, IMC '06.

[4]  Ion Stoica,et al.  A policy-aware switching layer for data centers , 2008, SIGCOMM '08.

[5]  Ion Stoica,et al.  Modeling middleboxes , 2008, IEEE Network.

[6]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[7]  Sangjin Han,et al.  PacketShader: a GPU-accelerated software router , 2010, SIGCOMM '10.

[8]  Tal Garfinkel,et al.  SANE: A Protection Architecture for Enterprise Networks , 2006, USENIX Security Symposium.

[9]  Michael E. Kounavis,et al.  Encrypting the internet , 2010, SIGCOMM '10.

[10]  Walter Willinger,et al.  cSamp: A System for Network-Wide Flow Monitoring , 2008, NSDI.

[11]  Emin Gün Sirer,et al.  SideCar: building programmable datacenter networks without programmable switches , 2010, Hotnets-IX.

[12]  Ming Zhang,et al.  An untold story of middleboxes in cellular networks , 2011, SIGCOMM.

[13]  Katerina J. Argyraki,et al.  RouteBricks: exploiting parallelism to scale software routers , 2009, SOSP '09.

[14]  Aditya Akella,et al.  Demystifying configuration challenges and trade-offs in network-based ISP services , 2011, SIGCOMM.

[15]  Nick Feamster,et al.  Design and implementation of a routing control platform , 2005, NSDI.

[16]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[17]  Haitao Wu,et al.  ServerSwitch: A Programmable and High Performance Platform for Data Center Networks , 2011, NSDI.

[18]  Mark Handley,et al.  Towards high performance virtual routers on commodity hardware , 2008, CoNEXT '08.

[19]  Nick Feamster,et al.  SwitchBlade: a platform for rapid deployment of network protocols on programmable hardware , 2010, SIGCOMM '10.

[20]  Alberto Leon-Garcia,et al.  On robust network planning , 2009, 2009 7th International Workshop on Design of Reliable Communication Networks.

[21]  Hong Yan,et al.  A clean slate 4D approach to network control and management , 2005, CCRV.