Architecture for programmable network infrastructure

Autor: Barbette, Tom
Jazyk: angličtina
Rok vydání: 2018
Předmět:
ISSN: 2018-0918
DOI: 10.13140/rg.2.2.10929.02409
Popis: Software networking promises a more flexible network infrastructure, poised to leverage the computational power available in datacenters. Virtual Net- work Functions (VNF) can now run on commodity hardware in datacenters instead of using specialized equipment disposed along the network path. VNFs applications like stateful firewalls, carrier-grade NAT or deep packet inspection that are found “in-the-middle”, and therefore often categorized as middleboxes, are now software functions that can be migrated to reduce costs, consolidate the processing or scale easily. But if not carefully implemented, VNFs won’t achieve high-speed and will barely sustain rates of even small networks and therefore fail to fulfil their promise. As of today, out-of-the-box solutions are far from efficient and cannot handle high rates, especially when combined in a single host, as multiple case studies will show in this thesis. We start by reviewing the current obstacles to high-speed software net- working. We leverage current commodity hardware to achieve what seemed impossible to do in software not long ago and made software solutions be- lieved unworthy and untrusted by network operators. Our work paves the way for building a proper software framework for a programmable network infrastructure that can be used to quickly implement network functions. We built FastClick, a faster version of the Click Modular Router, that allows fast packet processing thanks to a careful integration of fast I/O frame- works and a deep study of interactions of their features. FastClick proposes a revised, easier to use execution model that hides multi-queueing and sim- plifies multithreading using a thread traversal analysis of the configuration. We propose tailored network-specific multi-threaded algorithms that enable parallel high-speed networking. We build a new retro-compatible batching implementation, and avoid system calls “left over” by previous work. We then build MiddleClick, an NFV dataplane built on top of FastClick. It combines VNFs along a service chain to use a common subsystem that implements shared features such as classification and session handling, but makes sure no feature is applied that isn’t absolutely needed by one of the VNFs. E.g., the classification is optimized to be minimal and only needs to be done once for all VNFs. E.g., if no VNF needs TCP reconstruction, that reconstruction won’t happen. We propose an algorithm to enable a per-session, per-VNF “scratchpad”. Only the minimal amount of state is declared and accessible in predictable locations using a per-VNF offset into the “scratchpad” for fast lookups across the chain. MiddleClick also offers new flow abstractions and ways to handle sessions that enable fast and easy development of new middlebox functions that can handle many flows in parallel. Cooperation, consolidation and using the hardware in an appropriate way may not always be enough. This thesis finally explores how to use classi- fication hardware such as smart NICs and SDN switches to accelerate the processing of the combined service chain, removing the need for software classification. While this work mostly relies on known high-level NFV dataplane principles and proposes a few new ones, it is one of the most low-level work in the field, leading to precise implementation considerations yielding very high performance results. Both FastClick and MiddleClick are available as Open Source projects and constitute an important contribution to the state of the art. Multiple leading edge use cases are built to show how the prototype can be used to build fast and efficient solutions quickly. QC 20180918
Databáze: OpenAIRE