Chaining-box: a transparent SFC architecture leveraging BPF
Autor(a) principal: | |
---|---|
Data de Publicação: | 2020 |
Tipo de documento: | Dissertação |
Idioma: | eng |
Título da fonte: | Repositório Institucional da UFMG |
Texto Completo: | http://hdl.handle.net/1843/40984 https://orcid.org/ 0000-0003-3412-0062 |
Resumo: | The development and adoption of Network Function Virtualization (NFV) has allowed great improvements in the way network services are deployed and managed by service providers. It has enabled the design of infrastructures more capable of responding to quick changes in demand due to the dynamic nature of traffic, while also providing reduction in management costs. In this setting, it is often required to compose different Service Functions (SF) in a sequential manner to create complex network services that operate on incoming traffic. Several approaches to handle this interconnection, also called Service Function Chaining (SFC), have been proposed in recent years, including high-performance implementations used in production systems. However, a careful analysis of these proposals shows that the separation of concerns between the service and data planes has not been among the main design objectives. As a consequence, the existing SFC architectures are tailor-made for specific environments and platforms, often relying on specialized or modified network devices, either in software or in hardware. This work proposes a new SFC architecture called Chaining-Box. It is based on a simple idea: integrating all functionality needed to provide SFC into each SF as a set of processing stages. This is done in a fully transparent manner, requiring little to no support from the underlying infrastructure and without any modifications to functions. The stages are implemented as BPF programs running inside a Linux kernel to provide all SFC actions as the packets traverse the kernel stack. Chaining-Box in detail, presenting its design and discussing how it compares to other existing SFC implementations, highlighting its advantages and also the disadvantages. An experimental analysis is also presented to demonstrate its applicability and the performance of the prototype implemented. |
id |
UFMG_b5bcc80f1323669645478dac6335007e |
---|---|
oai_identifier_str |
oai:repositorio.ufmg.br:1843/40984 |
network_acronym_str |
UFMG |
network_name_str |
Repositório Institucional da UFMG |
repository_id_str |
|
spelling |
Marcos Augusto Menezes Vieirahttp://lattes.cnpq.br/9763065820419680Cristina Klippel DominiciniDaniel Fernandes MacedoÍtalo Fernando Scotá CunhaMagnos Martinellohttp://lattes.cnpq.br/2889299231798319Matheus Salgueiro Castanho2022-04-11T20:14:29Z2022-04-11T20:14:29Z2020-03-27http://hdl.handle.net/1843/40984https://orcid.org/ 0000-0003-3412-0062The development and adoption of Network Function Virtualization (NFV) has allowed great improvements in the way network services are deployed and managed by service providers. It has enabled the design of infrastructures more capable of responding to quick changes in demand due to the dynamic nature of traffic, while also providing reduction in management costs. In this setting, it is often required to compose different Service Functions (SF) in a sequential manner to create complex network services that operate on incoming traffic. Several approaches to handle this interconnection, also called Service Function Chaining (SFC), have been proposed in recent years, including high-performance implementations used in production systems. However, a careful analysis of these proposals shows that the separation of concerns between the service and data planes has not been among the main design objectives. As a consequence, the existing SFC architectures are tailor-made for specific environments and platforms, often relying on specialized or modified network devices, either in software or in hardware. This work proposes a new SFC architecture called Chaining-Box. It is based on a simple idea: integrating all functionality needed to provide SFC into each SF as a set of processing stages. This is done in a fully transparent manner, requiring little to no support from the underlying infrastructure and without any modifications to functions. The stages are implemented as BPF programs running inside a Linux kernel to provide all SFC actions as the packets traverse the kernel stack. Chaining-Box in detail, presenting its design and discussing how it compares to other existing SFC implementations, highlighting its advantages and also the disadvantages. An experimental analysis is also presented to demonstrate its applicability and the performance of the prototype implemented.O desenvolvimento e a adoção da Virtualização de Funções de Rede (NFV) permitiu grandes avanços na forma como serviços de rede são implantados e gerenciados. Isso possibilitou o projeto de infraestruturas mais capazes de responder a rápidas variações de demanda causada pela natureza dinâmica do tráfego de rede, ao mesmo tempo que reduziu o custo de manutenção. Nesses cenários, há a necessidade de composição de diferentes funções de rede de maneira sequencial para criar serviços de rede mais complexos para operarem sobre o tráfego de entrada. Diversas abordagens para lidar com essa interconexão, também chamada de encadeamento de funções de rede (SFC), têm sido propostas nos últimos anos, incluindo implementações de alto desempenho usadas em ambientes de produção. Porém, uma análise cuidadosa dessas propostas evidencia que a separação entre os planos de serviço e de dados não tem estado entre os principais objetivos de projeto. Como consequência, as arquiteturas de SFC existentes são feitas sob medida para ambientes e plataformas específicas, frequentemente dependendo de dispositivos de rede especializados ou modificados, seja em software ou hardware. Este trabalho propõe uma nova arquitetura de SFC denominada Chaining-Box. Ela é baseada em uma ideia simples: integrar toda a funcionalidade necessária para habilitar SFC em cada função de rede na forma de estágios de processamento. Isso é feito de forma completamente transparente, exigindo pouco ou nenhum suporte da infrastrutura de rede e sem modificar as funções. Os estágios são implementados como programas BPF rodando dentro do kernel do Linux e provêm todas as ações de SFC enquanto os pacotes atravessam a pilha de rede. Chaining-Box é descrita em detalhes, apresentando o seu projeto e comparando-a a outras implementações de SFC, destacando tanto suas vantagens quanto suas desvantagens. Uma análise experimental também é apresentada para demonstrar a aplicabilidade da arquitetura e o desempenho do protótipo implementado.CNPq - Conselho Nacional de Desenvolvimento Científico e TecnológicoengUniversidade Federal de Minas GeraisPrograma de Pós-Graduação em Ciência da ComputaçãoUFMGBrasilICX - DEPARTAMENTO DE CIÊNCIA DA COMPUTAÇÃOhttp://creativecommons.org/licenses/by-sa/3.0/pt/info:eu-repo/semantics/openAccessComputação - TesesVirtualização de funções de rede - TesesRedes programáveis - TesesEncadeamento de funções de rede - TesesService function chainingNetwork function virtualizationProgrammable networksChaining-box: a transparent SFC architecture leveraging BPFChaining-Box: uma arquitetura de encadeamento de funções de rede transparente usando BPFinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisreponame:Repositório Institucional da UFMGinstname:Universidade Federal de Minas Gerais (UFMG)instacron:UFMGORIGINALdissertacao-MatheusCastanho-v1.7.pdfdissertacao-MatheusCastanho-v1.7.pdfapplication/pdf1455453https://repositorio.ufmg.br/bitstream/1843/40984/6/dissertacao-MatheusCastanho-v1.7.pdfeee49ff5c9d1b51b5672a4eaf0faf58bMD56LICENSElicense.txtlicense.txttext/plain; charset=utf-82118https://repositorio.ufmg.br/bitstream/1843/40984/7/license.txtcda590c95a0b51b4d15f60c9642ca272MD57CC-LICENSElicense_rdflicense_rdfapplication/rdf+xml; charset=utf-81031https://repositorio.ufmg.br/bitstream/1843/40984/2/license_rdf5dda753f5b57b1020a56e348e443aa73MD521843/409842022-04-11 17:14:30.573oai:repositorio.ufmg.br:1843/40984TElDRU7Dh0EgREUgRElTVFJJQlVJw4fDg08gTsODTy1FWENMVVNJVkEgRE8gUkVQT1NJVMOTUklPIElOU1RJVFVDSU9OQUwgREEgVUZNRwoKQ29tIGEgYXByZXNlbnRhw6fDo28gZGVzdGEgbGljZW7Dp2EsIHZvY8OqIChvIGF1dG9yIChlcykgb3UgbyB0aXR1bGFyIGRvcyBkaXJlaXRvcyBkZSBhdXRvcikgY29uY2VkZSBhbyBSZXBvc2l0w7NyaW8gSW5zdGl0dWNpb25hbCBkYSBVRk1HIChSSS1VRk1HKSBvIGRpcmVpdG8gbsOjbyBleGNsdXNpdm8gZSBpcnJldm9nw6F2ZWwgZGUgcmVwcm9kdXppciBlL291IGRpc3RyaWJ1aXIgYSBzdWEgcHVibGljYcOnw6NvIChpbmNsdWluZG8gbyByZXN1bW8pIHBvciB0b2RvIG8gbXVuZG8gbm8gZm9ybWF0byBpbXByZXNzbyBlIGVsZXRyw7RuaWNvIGUgZW0gcXVhbHF1ZXIgbWVpbywgaW5jbHVpbmRvIG9zIGZvcm1hdG9zIMOhdWRpbyBvdSB2w61kZW8uCgpWb2PDqiBkZWNsYXJhIHF1ZSBjb25oZWNlIGEgcG9sw610aWNhIGRlIGNvcHlyaWdodCBkYSBlZGl0b3JhIGRvIHNldSBkb2N1bWVudG8gZSBxdWUgY29uaGVjZSBlIGFjZWl0YSBhcyBEaXJldHJpemVzIGRvIFJJLVVGTUcuCgpWb2PDqiBjb25jb3JkYSBxdWUgbyBSZXBvc2l0w7NyaW8gSW5zdGl0dWNpb25hbCBkYSBVRk1HIHBvZGUsIHNlbSBhbHRlcmFyIG8gY29udGXDumRvLCB0cmFuc3BvciBhIHN1YSBwdWJsaWNhw6fDo28gcGFyYSBxdWFscXVlciBtZWlvIG91IGZvcm1hdG8gcGFyYSBmaW5zIGRlIHByZXNlcnZhw6fDo28uCgpWb2PDqiB0YW1iw6ltIGNvbmNvcmRhIHF1ZSBvIFJlcG9zaXTDs3JpbyBJbnN0aXR1Y2lvbmFsIGRhIFVGTUcgcG9kZSBtYW50ZXIgbWFpcyBkZSB1bWEgY8OzcGlhIGRlIHN1YSBwdWJsaWNhw6fDo28gcGFyYSBmaW5zIGRlIHNlZ3VyYW7Dp2EsIGJhY2stdXAgZSBwcmVzZXJ2YcOnw6NvLgoKVm9jw6ogZGVjbGFyYSBxdWUgYSBzdWEgcHVibGljYcOnw6NvIMOpIG9yaWdpbmFsIGUgcXVlIHZvY8OqIHRlbSBvIHBvZGVyIGRlIGNvbmNlZGVyIG9zIGRpcmVpdG9zIGNvbnRpZG9zIG5lc3RhIGxpY2Vuw6dhLiBWb2PDqiB0YW1iw6ltIGRlY2xhcmEgcXVlIG8gZGVww7NzaXRvIGRlIHN1YSBwdWJsaWNhw6fDo28gbsOjbywgcXVlIHNlamEgZGUgc2V1IGNvbmhlY2ltZW50bywgaW5mcmluZ2UgZGlyZWl0b3MgYXV0b3JhaXMgZGUgbmluZ3XDqW0uCgpDYXNvIGEgc3VhIHB1YmxpY2HDp8OjbyBjb250ZW5oYSBtYXRlcmlhbCBxdWUgdm9jw6ogbsOjbyBwb3NzdWkgYSB0aXR1bGFyaWRhZGUgZG9zIGRpcmVpdG9zIGF1dG9yYWlzLCB2b2PDqiBkZWNsYXJhIHF1ZSBvYnRldmUgYSBwZXJtaXNzw6NvIGlycmVzdHJpdGEgZG8gZGV0ZW50b3IgZG9zIGRpcmVpdG9zIGF1dG9yYWlzIHBhcmEgY29uY2VkZXIgYW8gUmVwb3NpdMOzcmlvIEluc3RpdHVjaW9uYWwgZGEgVUZNRyBvcyBkaXJlaXRvcyBhcHJlc2VudGFkb3MgbmVzdGEgbGljZW7Dp2EsIGUgcXVlIGVzc2UgbWF0ZXJpYWwgZGUgcHJvcHJpZWRhZGUgZGUgdGVyY2Vpcm9zIGVzdMOhIGNsYXJhbWVudGUgaWRlbnRpZmljYWRvIGUgcmVjb25oZWNpZG8gbm8gdGV4dG8gb3Ugbm8gY29udGXDumRvIGRhIHB1YmxpY2HDp8OjbyBvcmEgZGVwb3NpdGFkYS4KCkNBU08gQSBQVUJMSUNBw4fDg08gT1JBIERFUE9TSVRBREEgVEVOSEEgU0lETyBSRVNVTFRBRE8gREUgVU0gUEFUUk9Dw41OSU8gT1UgQVBPSU8gREUgVU1BIEFHw4pOQ0lBIERFIEZPTUVOVE8gT1UgT1VUUk8gT1JHQU5JU01PLCBWT0PDiiBERUNMQVJBIFFVRSBSRVNQRUlUT1UgVE9ET1MgRSBRVUFJU1FVRVIgRElSRUlUT1MgREUgUkVWSVPDg08gQ09NTyBUQU1Cw4lNIEFTIERFTUFJUyBPQlJJR0HDh8OVRVMgRVhJR0lEQVMgUE9SIENPTlRSQVRPIE9VIEFDT1JETy4KCk8gUmVwb3NpdMOzcmlvIEluc3RpdHVjaW9uYWwgZGEgVUZNRyBzZSBjb21wcm9tZXRlIGEgaWRlbnRpZmljYXIgY2xhcmFtZW50ZSBvIHNldSBub21lKHMpIG91IG8ocykgbm9tZXMocykgZG8ocykgZGV0ZW50b3IoZXMpIGRvcyBkaXJlaXRvcyBhdXRvcmFpcyBkYSBwdWJsaWNhw6fDo28sIGUgbsOjbyBmYXLDoSBxdWFscXVlciBhbHRlcmHDp8OjbywgYWzDqW0gZGFxdWVsYXMgY29uY2VkaWRhcyBwb3IgZXN0YSBsaWNlbsOnYS4KRepositório de PublicaçõesPUBhttps://repositorio.ufmg.br/oaiopendoar:2022-04-11T20:14:30Repositório Institucional da UFMG - Universidade Federal de Minas Gerais (UFMG)false |
dc.title.pt_BR.fl_str_mv |
Chaining-box: a transparent SFC architecture leveraging BPF |
dc.title.alternative.pt_BR.fl_str_mv |
Chaining-Box: uma arquitetura de encadeamento de funções de rede transparente usando BPF |
title |
Chaining-box: a transparent SFC architecture leveraging BPF |
spellingShingle |
Chaining-box: a transparent SFC architecture leveraging BPF Matheus Salgueiro Castanho Service function chaining Network function virtualization Programmable networks Computação - Teses Virtualização de funções de rede - Teses Redes programáveis - Teses Encadeamento de funções de rede - Teses |
title_short |
Chaining-box: a transparent SFC architecture leveraging BPF |
title_full |
Chaining-box: a transparent SFC architecture leveraging BPF |
title_fullStr |
Chaining-box: a transparent SFC architecture leveraging BPF |
title_full_unstemmed |
Chaining-box: a transparent SFC architecture leveraging BPF |
title_sort |
Chaining-box: a transparent SFC architecture leveraging BPF |
author |
Matheus Salgueiro Castanho |
author_facet |
Matheus Salgueiro Castanho |
author_role |
author |
dc.contributor.advisor1.fl_str_mv |
Marcos Augusto Menezes Vieira |
dc.contributor.advisor1Lattes.fl_str_mv |
http://lattes.cnpq.br/9763065820419680 |
dc.contributor.advisor-co1.fl_str_mv |
Cristina Klippel Dominicini |
dc.contributor.referee1.fl_str_mv |
Daniel Fernandes Macedo |
dc.contributor.referee2.fl_str_mv |
Ítalo Fernando Scotá Cunha |
dc.contributor.referee3.fl_str_mv |
Magnos Martinello |
dc.contributor.authorLattes.fl_str_mv |
http://lattes.cnpq.br/2889299231798319 |
dc.contributor.author.fl_str_mv |
Matheus Salgueiro Castanho |
contributor_str_mv |
Marcos Augusto Menezes Vieira Cristina Klippel Dominicini Daniel Fernandes Macedo Ítalo Fernando Scotá Cunha Magnos Martinello |
dc.subject.por.fl_str_mv |
Service function chaining Network function virtualization Programmable networks |
topic |
Service function chaining Network function virtualization Programmable networks Computação - Teses Virtualização de funções de rede - Teses Redes programáveis - Teses Encadeamento de funções de rede - Teses |
dc.subject.other.pt_BR.fl_str_mv |
Computação - Teses Virtualização de funções de rede - Teses Redes programáveis - Teses Encadeamento de funções de rede - Teses |
description |
The development and adoption of Network Function Virtualization (NFV) has allowed great improvements in the way network services are deployed and managed by service providers. It has enabled the design of infrastructures more capable of responding to quick changes in demand due to the dynamic nature of traffic, while also providing reduction in management costs. In this setting, it is often required to compose different Service Functions (SF) in a sequential manner to create complex network services that operate on incoming traffic. Several approaches to handle this interconnection, also called Service Function Chaining (SFC), have been proposed in recent years, including high-performance implementations used in production systems. However, a careful analysis of these proposals shows that the separation of concerns between the service and data planes has not been among the main design objectives. As a consequence, the existing SFC architectures are tailor-made for specific environments and platforms, often relying on specialized or modified network devices, either in software or in hardware. This work proposes a new SFC architecture called Chaining-Box. It is based on a simple idea: integrating all functionality needed to provide SFC into each SF as a set of processing stages. This is done in a fully transparent manner, requiring little to no support from the underlying infrastructure and without any modifications to functions. The stages are implemented as BPF programs running inside a Linux kernel to provide all SFC actions as the packets traverse the kernel stack. Chaining-Box in detail, presenting its design and discussing how it compares to other existing SFC implementations, highlighting its advantages and also the disadvantages. An experimental analysis is also presented to demonstrate its applicability and the performance of the prototype implemented. |
publishDate |
2020 |
dc.date.issued.fl_str_mv |
2020-03-27 |
dc.date.accessioned.fl_str_mv |
2022-04-11T20:14:29Z |
dc.date.available.fl_str_mv |
2022-04-11T20:14:29Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
format |
masterThesis |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/1843/40984 |
dc.identifier.orcid.pt_BR.fl_str_mv |
https://orcid.org/ 0000-0003-3412-0062 |
url |
http://hdl.handle.net/1843/40984 https://orcid.org/ 0000-0003-3412-0062 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.rights.driver.fl_str_mv |
http://creativecommons.org/licenses/by-sa/3.0/pt/ info:eu-repo/semantics/openAccess |
rights_invalid_str_mv |
http://creativecommons.org/licenses/by-sa/3.0/pt/ |
eu_rights_str_mv |
openAccess |
dc.publisher.none.fl_str_mv |
Universidade Federal de Minas Gerais |
dc.publisher.program.fl_str_mv |
Programa de Pós-Graduação em Ciência da Computação |
dc.publisher.initials.fl_str_mv |
UFMG |
dc.publisher.country.fl_str_mv |
Brasil |
dc.publisher.department.fl_str_mv |
ICX - DEPARTAMENTO DE CIÊNCIA DA COMPUTAÇÃO |
publisher.none.fl_str_mv |
Universidade Federal de Minas Gerais |
dc.source.none.fl_str_mv |
reponame:Repositório Institucional da UFMG instname:Universidade Federal de Minas Gerais (UFMG) instacron:UFMG |
instname_str |
Universidade Federal de Minas Gerais (UFMG) |
instacron_str |
UFMG |
institution |
UFMG |
reponame_str |
Repositório Institucional da UFMG |
collection |
Repositório Institucional da UFMG |
bitstream.url.fl_str_mv |
https://repositorio.ufmg.br/bitstream/1843/40984/6/dissertacao-MatheusCastanho-v1.7.pdf https://repositorio.ufmg.br/bitstream/1843/40984/7/license.txt https://repositorio.ufmg.br/bitstream/1843/40984/2/license_rdf |
bitstream.checksum.fl_str_mv |
eee49ff5c9d1b51b5672a4eaf0faf58b cda590c95a0b51b4d15f60c9642ca272 5dda753f5b57b1020a56e348e443aa73 |
bitstream.checksumAlgorithm.fl_str_mv |
MD5 MD5 MD5 |
repository.name.fl_str_mv |
Repositório Institucional da UFMG - Universidade Federal de Minas Gerais (UFMG) |
repository.mail.fl_str_mv |
|
_version_ |
1801676917967945728 |