Results 1 - 10
of
39
PacketShader: a GPU-Accelerated Software Router
"... We present PacketShader, a high-performance software router framework for general packet processing with Graphics Processing Unit (GPU) acceleration. PacketShader exploits the massively-parallel processing power of GPU to address the CPU bottleneck in current software routers. Combined with our high ..."
Abstract
-
Cited by 165 (14 self)
- Add to MetaCart
(Show Context)
We present PacketShader, a high-performance software router framework for general packet processing with Graphics Processing Unit (GPU) acceleration. PacketShader exploits the massively-parallel processing power of GPU to address the CPU bottleneck in current software routers. Combined with our high-performance packet I/O engine, PacketShader outperforms existing software routers by more than a factor of four, forwarding 64B IPv4 packets at 39 Gbps on a single commodity PC. We have implemented IPv4 and IPv6 forwarding, OpenFlow switching, and IPsec tunneling to demonstrate the flexibility and performance advantage of PacketShader. The evaluation results show that GPU brings significantly higher throughput over the CPU-only implementation, confirming the effectiveness of GPU for computation and memory-intensive operations in packet processing.
HyperFlow: A Distributed Control Plane for OpenFlow
"... OpenFlow assumes a logically centralized controller, which ideally can be physically distributed. However, current deployments rely on a single controller which has major drawbacks including lack of scalability. We present HyperFlow, a distributed event-based control plane for OpenFlow. HyperFlow is ..."
Abstract
-
Cited by 69 (4 self)
- Add to MetaCart
(Show Context)
OpenFlow assumes a logically centralized controller, which ideally can be physically distributed. However, current deployments rely on a single controller which has major drawbacks including lack of scalability. We present HyperFlow, a distributed event-based control plane for OpenFlow. HyperFlow is logically centralized but physically distributed: it provides scalability while keeping the benefits of network control centralization. By passively synchronizing network-wide views of OpenFlow controllers, HyperFlow localizes decision making to individual controllers, thus minimizing the control plane response time to data plane requests. HyperFlow is resilient to network partitioning and component failures. It also enables interconnecting independently managed OpenFlow networks, an essential feature missing in current OpenFlow deployments. We have implemented HyperFlow as an application for NOX. Our implementation requires minimal changes to NOX, and allows reuse of existing NOX applications with minor modifications. Our preliminary evaluation shows that, assuming sufficient control bandwidth, to bound the window of inconsistency among controllers by a factor of the delay between the farthest controllers, the network changes must occur at a rate lower than 1000 events per second across the network. 1.
OFLOPS: An Open Framework for Openflow Switch Evaluation,” in PAM,
, 2012
"... Abstract. Recent efforts in software-defined networks, such as OpenFlow, give unprecedented access into the forwarding plane of networking equipment. When building a network based on OpenFlow however, one must take into account the performance characteristics of particular OpenFlow switch implement ..."
Abstract
-
Cited by 49 (4 self)
- Add to MetaCart
(Show Context)
Abstract. Recent efforts in software-defined networks, such as OpenFlow, give unprecedented access into the forwarding plane of networking equipment. When building a network based on OpenFlow however, one must take into account the performance characteristics of particular OpenFlow switch implementations. In this paper, we present OFLOPS, an open and generic software framework that permits the development of tests for OpenFlow-enabled switches, that measure the capabilities and bottlenecks between the forwarding engine of the switch and the remote control application. OFLOPS combines hardware instrumentation with an extensible software framework. We use OFLOPS to evaluate current OpenFlow switch implementations and make the following observations: (i) The switching performance of flows depends on applied actions and firmware. (ii) Current OpenFlow implementations differ substantially in flow updating rates as well as traffic monitoring capabilities. (iii) Accurate OpenFlow command completion can be observed only through the data plane. These observations are crucial for understanding the applicability of OpenFlow in the context of specific use-cases, which have requirements in terms of forwarding table consistency, flow setup latency, flow space granularity, packet modification types, and/or traffic monitoring abilities.
Software-Defined Networking: A Comprehensive Survey
, 2014
"... The Internet has led to the creation of a digital society, where (almost) everything is connected and is accessible from anywhere. However, despite their widespread adoption, traditional IP networks are complex and very hard to manage. It is both difficult to configure the network according to pre- ..."
Abstract
-
Cited by 20 (3 self)
- Add to MetaCart
The Internet has led to the creation of a digital society, where (almost) everything is connected and is accessible from anywhere. However, despite their widespread adoption, traditional IP networks are complex and very hard to manage. It is both difficult to configure the network according to pre-defined policies, and to reconfigure it to respond to faults, load and changes. To make matters even more difficult, current networks are also vertically integrated: the control and data planes are bundled together. Software-Defined Networking (SDN) is an emerging paradigm that promises to change this state of affairs, by breaking vertical integration, separating the network’s control logic from the underlying routers and switches, promoting (logical) centralization of network control, and introducing the ability to program the network. The separation of concerns introduced between the definition of network policies, their
AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-Defined Networks
"... Among the leading reference implementations of the Software De-fined Networking (SDN) paradigm is the OpenFlow framework, which decouples the control plane into a centralized application. In this paper, we consider two aspects of OpenFlow that pose secu-rity challenges, and we propose two solutions ..."
Abstract
-
Cited by 17 (5 self)
- Add to MetaCart
(Show Context)
Among the leading reference implementations of the Software De-fined Networking (SDN) paradigm is the OpenFlow framework, which decouples the control plane into a centralized application. In this paper, we consider two aspects of OpenFlow that pose secu-rity challenges, and we propose two solutions that could address these concerns. The first challenge is the inherent communication bottleneck that arises between the data plane and the control plane, which an adversary could exploit by mounting a control plane sat-uration attack that disrupts network operations. Indeed, even well-mined adversarial models, such as scanning or denial-of-service (DoS) activity, can produce more potent impacts on OpenFlow net-works than traditional networks. To address this challenge, we in-troduce an extension to the OpenFlow data plane called connec-tion migration, which dramatically reduces the amount of data-to-control-plane interactions that arise during such attacks. The second challenge is that of enabling the control plane to expedite both detection of, and responses to, the changing flow dynamics within the data plane. For this, we introduce actuating triggers over the data plane’s existing statistics collection services. These triggers are inserted by control layer applications to both register for asynchronous call backs, and insert conditional flow rules that are only activated when a trigger condition is detected within the data plane’s statistics module. We present AVANT-GUARD, an im-plementation of our two data plane extensions, evaluate the perfor-mance impact, and examine its use for developing more scalable and resilient SDN security services.
Scalable Packet Classification on FPGA
- IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS
, 2011
"... Multi-field packet classification has evolved from traditional fixed 5-tuple matching to flexible matching with arbitrary combination of numerous packet header fields. For example, the recently proposed OpenFlow switching requires classifying each packet using up to 12-tuple packet header fields. It ..."
Abstract
-
Cited by 9 (2 self)
- Add to MetaCart
(Show Context)
Multi-field packet classification has evolved from traditional fixed 5-tuple matching to flexible matching with arbitrary combination of numerous packet header fields. For example, the recently proposed OpenFlow switching requires classifying each packet using up to 12-tuple packet header fields. It has become a great challenge to develop scalable solutions for next-generation packet classification that support higher throughput, larger rule sets and more packet header fields. This paper exploits the abundant parallelism and other desirable features provided by current field-programmable gate arrays (FPGAs), and proposes a decision-tree-based, 2-D multi-pipeline architecture for next-generation packet classification. We revisit the techniques for traditional 5-tuple packet classification and propose several optimization techniques for the state-of-the-art decision-tree-based algorithm. Given a set of 12-tuple rules, we develop a framework to partition the rule set into multiple subsets each of which is built into an optimized decision tree. A tree-to-pipeline mapping scheme is carefully designed to maximize the memory utilization while sustaining high throughput. The implementation results show that our architecture can store either 10K real-life 5-tuple rules or 1K synthetic 12-tuple rules in on-chip memory of a single state-of-the-art FPGA, and sustain 80 and 40 Gbps throughput for minimum size (40 bytes) packets, respectively.
An OpenFlow-based Testbed for Information Centric Networking
"... Abstract: Information-centric networking (ICN) is a novel networking paradigm which is attracting increasing attention by both academic and industrial researchers. In fact, it promises to provide technological solutions that best fit with the way in which Internet is actually utilized. Assessment of ..."
Abstract
-
Cited by 6 (0 self)
- Add to MetaCart
(Show Context)
Abstract: Information-centric networking (ICN) is a novel networking paradigm which is attracting increasing attention by both academic and industrial researchers. In fact, it promises to provide technological solutions that best fit with the way in which Internet is actually utilized. Assessment of proposed solutions require
Reconfigurable Data Processing for Clouds
"... Abstract—Reconfigurable computing in the cloud helps to solve many practical problems relating to scaling out datacenters where computation is limited by energy consumption or latency. However, for reconfigurable computing in the cloud to become practical several research challenges have to be addre ..."
Abstract
-
Cited by 5 (2 self)
- Add to MetaCart
(Show Context)
Abstract—Reconfigurable computing in the cloud helps to solve many practical problems relating to scaling out datacenters where computation is limited by energy consumption or latency. However, for reconfigurable computing in the cloud to become practical several research challenges have to be addressed. This paper identifies some of the perquisites for reconfigurable computing systems in the cloud and picks out several scenarios made possible with immense cloud-based computing capability. Keywords-reconfigurable computing; cloud computing. I.
SoNIC: Precise Realtime Software Access and Control of Wired Networks
"... The physical and data link layers of the network stack contain valuable information. Unfortunately, a systems programmer would never know. These two layers are often inaccessible in software and much of their potential goes untapped. In this paper we introduce SoNIC, Software-defined Network Interfa ..."
Abstract
-
Cited by 4 (4 self)
- Add to MetaCart
(Show Context)
The physical and data link layers of the network stack contain valuable information. Unfortunately, a systems programmer would never know. These two layers are often inaccessible in software and much of their potential goes untapped. In this paper we introduce SoNIC, Software-defined Network Interface Card, which provides access to the physical and data link layers in software by implementing them in software. In other words, by implementing the creation of the physical layer bitstream in software and the transmission of this bitstream in hardware, SoNIC provides complete control over the entire network stack in realtime. SoNIC utilizes commodity off-the-shelf multi-core processors to implement parts of the physical layer in software, and employs an FPGA board to transmit optical signal over the wire. Our evaluations demonstrate that SoNIC can communicate with other network components while providing realtime access to the entire network stack in software. As an example of SoNIC’s fine-granularity control, it can perform precise network measurements, accurately characterizing network components such as routers, switches, and network interface cards. Further, SoNIC enables timing channels with nanosecond modulations that are undetectable in software. 1
