PARES: Packet Rewriting on SDN-Enabled Edge Switches for Network Virtualization in Multi-Tenant Cloud Data Centers

Multi-tenant data centers for cloud computing require the deployment of virtual private networks for tenants in an on-demand manner, providing isolation and security between tenants. To address these requirements, network virtualization techniques such as encapsulation and tunneling have been widely used. However, these approaches inherently incur processing overhead on end-points (such as the host hypervisor), reducing the effective throughput for the tenant virtual network compared to the native network. This problem is exacerbated with increases in line rates, now exceeding 10Gbps. In this paper, we introduce PARES (PAcket REwriting on SDN), a novel technique which uses the packet rewriting feature of SDN switches to provide multi-tenancy in data center networks at edge switches, thereby reducing the load on end-point hypervisors and improving the throughput, compared to tunneling. Experiments in an SDN testbed show that our proposed data center arhictecture with PARES achieves near line-rate multi-tenancy virtualization with 10Gbps links (compared to 20% of line-rate for VXLAN tunneling), without incurring processing overhead at end-point hypervisors or guest servers. Additionally, the paper evaluates the scalability of PARES for ARP protocol handling and with respect to number of SDN flow entries.

[1]  Nick McKeown,et al.  Algorithms for packet classification , 2001, IEEE Netw..

[2]  Amin Vahdat,et al.  PortLand: a scalable fault-tolerant layer 2 data center network fabric , 2009, SIGCOMM '09.

[3]  Lawrence Kreeger,et al.  Virtual eXtensible Local Area Network (VXLAN): A Framework for Overlaying Virtualized Layer 2 Networks over Layer 3 Networks , 2014, RFC.

[4]  Helen J. Wang,et al.  SecondNet: a data center network virtualization architecture with bandwidth guarantees , 2010, CoNEXT.

[5]  Renato J. O. Figueiredo,et al.  Self-configuring Software-defined Overlay Bypass for Seamless Inter- and Intra-cloud Virtual Networking , 2016, HPDC.

[6]  Brian E. Carpenter,et al.  Middleboxes: Taxonomy and Issues , 2002, RFC.

[7]  Ling Ding,et al.  A scalable multi-datacenter layer-2 network architecture , 2015, SOSR.

[8]  Pierre St. Juste,et al.  TinCan: User-Defined P2P Virtual Network Overlays for Ad-hoc Collaboration , 2014, EAI Endorsed Trans. Collab. Comput..

[9]  Martín Casado,et al.  Network Virtualization in Multi-tenant Datacenters , 2014, NSDI.

[10]  Charles E. Perkins IP Encapsulation within IP , 1996, RFC.

[11]  Jeffrey C. Mogul,et al.  NetLord: a scalable multi-tenant network architecture for virtualized datacenters , 2011, SIGCOMM 2011.

[12]  Ayan Banerjee,et al.  Transparent Interconnection of Lots of Links (TRILL) Use of IS-IS , 2014, RFC.

[13]  Jesse Gross,et al.  A Stateless Transport Tunneling Protocol for Network Virtualization (STT) , 2016 .

[14]  N. Bitar Multi-tenant Data Center and cloud networking evolution , 2013, 2013 Optical Fiber Communication Conference and Exposition and the National Fiber Optic Engineers Conference (OFC/NFOEC).

[15]  Eric C. Rosen,et al.  Multiprotocol Label Switching Architecture , 2001, RFC.

[16]  Martín Casado,et al.  The Design and Implementation of Open vSwitch , 2015, NSDI.

[17]  Dino Farinacci,et al.  The Locator/ID Separation Protocol (LISP) , 2009, RFC.

[18]  Scott Shenker,et al.  SoftFlow: A Middlebox Architecture for Open vSwitch , 2016, USENIX Annual Technical Conference.

[19]  Amin Vahdat,et al.  A scalable, commodity data center network architecture , 2008, SIGCOMM '08.

[20]  Lisandro Zambenedetti Granville,et al.  Data Center Network Virtualization: A Survey , 2013, IEEE Communications Surveys & Tutorials.

[21]  Kohei Ichikawa,et al.  PRAGMA‐ENT: An International SDN testbed for cyberinfrastructure in the Pacific Rim , 2017, Concurr. Comput. Pract. Exp..

[22]  Stephen T. Kent,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[23]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.