An NFV Orchestration Framework for Interference-Free Policy Enforcement

Network functions virtualization is a new paradigm to offer flexibility of software network function processing on demand. Policy enforcement satisfies network function policies that requires flows to traverse through given sequences of network functions. We summarize three desired properties of virtual network function placement, namely policy enforcement, interference freedom, and resource isolation. However, none of existing solutions can satisfy all of them. In this paper, we present a novel SDN-based NFV orchestration framework, called APPLE, to enforce network function policies while providing the above properties. We present detailed design considerations and prototype implementation. We conduct experiments using representative network topologies, traffic matrices, and policy chains. The results from both prototype experiments and simulations show that APPLE is resource efficient and can quickly react to traffic changes.

[1]  Anja Feldmann,et al.  Deriving traffic demands for operational IP networks: methodology and experience , 2000, SIGCOMM.

[2]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[3]  Shunsuke Homma,et al.  Service Function Chaining Use Cases In Data Centers , 2017 .

[4]  Vyas Sekar,et al.  Design and Implementation of a Consolidated Middlebox Architecture , 2012, NSDI.

[5]  Roberto Bifulco,et al.  ClickOS and the Art of Network Function Virtualization , 2014, NSDI.

[6]  George Pavlou,et al.  A toolchain for simplifying network simulation setup , 2013, SimuTools.

[7]  Ye Yu,et al.  Practical Network-Wide Packet Behavior Identification by AP Classifier , 2017, IEEE/ACM Transactions on Networking.

[8]  Bruce S. Davie,et al.  The Open vSwitch Database Management Protocol , 2013, RFC.

[9]  Xin Li,et al.  Traffic and failure aware VM placement for multi-tenant cloud computing , 2015, 2015 IEEE 23rd International Symposium on Quality of Service (IWQoS).

[10]  Minlan Yu,et al.  SIMPLE-fying middlebox policy enforcement using SDN , 2013, SIGCOMM.

[11]  Scott Shenker,et al.  Rollback-Recovery for Middleboxes , 2015, Comput. Commun. Rev..

[12]  A. Rowstron,et al.  Towards predictable datacenter networks , 2011, SIGCOMM.

[13]  David Steurer,et al.  Analytical approach to parallel repetition , 2013, STOC.

[14]  Albert G. Greenberg,et al.  The nature of data center traffic: measurements & analysis , 2009, IMC '09.

[15]  Sylvia Ratnasamy,et al.  A Survey of Enterprise Middlebox Deployments , 2012 .

[16]  Scott Shenker,et al.  E2: a framework for NFV applications , 2015, SOSP.

[17]  Dan Li,et al.  PACE: Policy-Aware Application Cloud Embedding , 2013, 2013 Proceedings IEEE INFOCOM.

[18]  Robert Tappan Morris,et al.  Variance of aggregated Web traffic , 2000, Proceedings IEEE INFOCOM 2000. Conference on Computer Communications. Nineteenth Annual Joint Conference of the IEEE Computer and Communications Societies (Cat. No.00CH37064).

[19]  Meral Shirazipour,et al.  StEERING: A software-defined networking for inline service chaining , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[20]  Mikael Johansson,et al.  Traffic matrix estimation on a large IP backbone: a comparison on real data , 2004, IMC '04.

[21]  Xin Li,et al.  A survey of network function placement , 2016, 2016 13th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[22]  Hongkun Yang,et al.  Real-time verification of network properties using Atomic Predicates , 2013, 2013 21st IEEE International Conference on Network Protocols (ICNP).

[23]  David A. Maltz,et al.  Network traffic characteristics of data centers in the wild , 2010, IMC '10.

[24]  Amin Vahdat,et al.  Enforcing Performance Isolation Across Virtual Machines in Xen , 2006, Middleware.

[25]  Di Xie,et al.  The only constant is change: incorporating time-varying network reservations in data centers , 2012, CCRV.

[26]  Steve Uhlig,et al.  Providing public intradomain traffic matrices to the research community , 2006, CCRV.

[27]  Ratul Mahajan,et al.  Measuring ISP topologies with Rocketfuel , 2004, IEEE/ACM Transactions on Networking.

[28]  Otto Carlos Muniz Bandeira Duarte,et al.  Orchestrating Virtualized Network Functions , 2015, IEEE Transactions on Network and Service Management.

[29]  Xin Li,et al.  Low-complexity multi-resource packet scheduling for network function virtualization , 2015, 2015 IEEE Conference on Computer Communications (INFOCOM).

[30]  Vyas Sekar,et al.  The middlebox manifesto: enabling innovation in middlebox deployment , 2011, HotNets-X.

[31]  Vyas Sekar,et al.  Stratos: A Network-Aware Orchestration Layer for Virtual Middleboxes in Clouds , 2013, 1305.0209.