Chaining-box: a transparent SFC architecture leveraging BPF

Matheus Salgueiro Castanho

Chaining-box: a transparent SFC architecture leveraging BPF

Detalhes bibliográficos
Autor(a) principal:	Matheus Salgueiro Castanho
Data de Publicação:	2020
Tipo de documento:	Dissertação
Idioma:	eng
Título da fonte:	Repositório Institucional da UFMG
Texto Completo:	http://hdl.handle.net/1843/40984 https://orcid.org/ 0000-0003-3412-0062
Resumo:	The development and adoption of Network Function Virtualization (NFV) has allowed great improvements in the way network services are deployed and managed by service providers. It has enabled the design of infrastructures more capable of responding to quick changes in demand due to the dynamic nature of traffic, while also providing reduction in management costs. In this setting, it is often required to compose different Service Functions (SF) in a sequential manner to create complex network services that operate on incoming traffic. Several approaches to handle this interconnection, also called Service Function Chaining (SFC), have been proposed in recent years, including high-performance implementations used in production systems. However, a careful analysis of these proposals shows that the separation of concerns between the service and data planes has not been among the main design objectives. As a consequence, the existing SFC architectures are tailor-made for specific environments and platforms, often relying on specialized or modified network devices, either in software or in hardware. This work proposes a new SFC architecture called Chaining-Box. It is based on a simple idea: integrating all functionality needed to provide SFC into each SF as a set of processing stages. This is done in a fully transparent manner, requiring little to no support from the underlying infrastructure and without any modifications to functions. The stages are implemented as BPF programs running inside a Linux kernel to provide all SFC actions as the packets traverse the kernel stack. Chaining-Box in detail, presenting its design and discussing how it compares to other existing SFC implementations, highlighting its advantages and also the disadvantages. An experimental analysis is also presented to demonstrate its applicability and the performance of the prototype implemented.

Metadados do item

id	UFMG_b5bcc80f1323669645478dac6335007e
oai_identifier_str	oai:repositorio.ufmg.br:1843/40984
network_acronym_str	UFMG
network_name_str	Repositório Institucional da UFMG
repository_id_str
spelling	Marcos Augusto Menezes Vieirahttp://lattes.cnpq.br/9763065820419680Cristina Klippel DominiciniDaniel Fernandes MacedoÍtalo Fernando Scotá CunhaMagnos Martinellohttp://lattes.cnpq.br/2889299231798319Matheus Salgueiro Castanho2022-04-11T20:14:29Z2022-04-11T20:14:29Z2020-03-27http://hdl.handle.net/1843/40984https://orcid.org/ 0000-0003-3412-0062The development and adoption of Network Function Virtualization (NFV) has allowed great improvements in the way network services are deployed and managed by service providers. It has enabled the design of infrastructures more capable of responding to quick changes in demand due to the dynamic nature of traffic, while also providing reduction in management costs. In this setting, it is often required to compose different Service Functions (SF) in a sequential manner to create complex network services that operate on incoming traffic. Several approaches to handle this interconnection, also called Service Function Chaining (SFC), have been proposed in recent years, including high-performance implementations used in production systems. However, a careful analysis of these proposals shows that the separation of concerns between the service and data planes has not been among the main design objectives. As a consequence, the existing SFC architectures are tailor-made for specific environments and platforms, often relying on specialized or modified network devices, either in software or in hardware. This work proposes a new SFC architecture called Chaining-Box. It is based on a simple idea: integrating all functionality needed to provide SFC into each SF as a set of processing stages. This is done in a fully transparent manner, requiring little to no support from the underlying infrastructure and without any modifications to functions. The stages are implemented as BPF programs running inside a Linux kernel to provide all SFC actions as the packets traverse the kernel stack. Chaining-Box in detail, presenting its design and discussing how it compares to other existing SFC implementations, highlighting its advantages and also the disadvantages. An experimental analysis is also presented to demonstrate its applicability and the performance of the prototype implemented.O desenvolvimento e a adoção da Virtualização de Funções de Rede (NFV) permitiu grandes avanços na forma como serviços de rede são implantados e gerenciados. Isso possibilitou o projeto de infraestruturas mais capazes de responder a rápidas variações de demanda causada pela natureza dinâmica do tráfego de rede, ao mesmo tempo que reduziu o custo de manutenção. Nesses cenários, há a necessidade de composição de diferentes funções de rede de maneira sequencial para criar serviços de rede mais complexos para operarem sobre o tráfego de entrada. Diversas abordagens para lidar com essa interconexão, também chamada de encadeamento de funções de rede (SFC), têm sido propostas nos últimos anos, incluindo implementações de alto desempenho usadas em ambientes de produção. Porém, uma análise cuidadosa dessas propostas evidencia que a separação entre os planos de serviço e de dados não tem estado entre os principais objetivos de projeto. Como consequência, as arquiteturas de SFC existentes são feitas sob medida para ambientes e plataformas específicas, frequentemente dependendo de dispositivos de rede especializados ou modificados, seja em software ou hardware. Este trabalho propõe uma nova arquitetura de SFC denominada Chaining-Box. Ela é baseada em uma ideia simples: integrar toda a funcionalidade necessária para habilitar SFC em cada função de rede na forma de estágios de processamento. Isso é feito de forma completamente transparente, exigindo pouco ou nenhum suporte da infrastrutura de rede e sem modificar as funções. Os estágios são implementados como programas BPF rodando dentro do kernel do Linux e provêm todas as ações de SFC enquanto os pacotes atravessam a pilha de rede. Chaining-Box é descrita em detalhes, apresentando o seu projeto e comparando-a a outras implementações de SFC, destacando tanto suas vantagens quanto suas desvantagens. Uma análise experimental também é apresentada para demonstrar a aplicabilidade da arquitetura e o desempenho do protótipo implementado.CNPq - Conselho Nacional de Desenvolvimento Científico e TecnológicoengUniversidade Federal de Minas GeraisPrograma de Pós-Graduação em Ciência da ComputaçãoUFMGBrasilICX - DEPARTAMENTO DE CIÊNCIA DA COMPUTAÇÃOhttp://creativecommons.org/licenses/by-sa/3.0/pt/info:eu-repo/semantics/openAccessComputação - TesesVirtualização de funções de rede - TesesRedes programáveis - TesesEncadeamento de funções de rede - TesesService function chainingNetwork function virtualizationProgrammable networksChaining-box: a transparent SFC architecture leveraging BPFChaining-Box: uma arquitetura de encadeamento de funções de rede transparente usando BPFinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisreponame:Repositório Institucional da UFMGinstname:Universidade Federal de Minas Gerais (UFMG)instacron:UFMGORIGINALdissertacao-MatheusCastanho-v1.7.pdfdissertacao-MatheusCastanho-v1.7.pdfapplication/pdf1455453https://repositorio.ufmg.br/bitstream/1843/40984/6/dissertacao-MatheusCastanho-v1.7.pdfeee49ff5c9d1b51b5672a4eaf0faf58bMD56LICENSElicense.txtlicense.txttext/plain; charset=utf-82118https://repositorio.ufmg.br/bitstream/1843/40984/7/license.txtcda590c95a0b51b4d15f60c9642ca272MD57CC-LICENSElicense_rdflicense_rdfapplication/rdf+xml; charset=utf-81031https://repositorio.ufmg.br/bitstream/1843/40984/2/license_rdf5dda753f5b57b1020a56e348e443aa73MD521843/409842022-04-11 17:14:30.573oai:repositorio.ufmg.br:1843/40984TElDRU7Dh0EgREUgRElTVFJJQlVJw4fDg08gTsODTy1FWENMVVNJVkEgRE8gUkVQT1NJVMOTUklPIElOU1RJVFVDSU9OQUwgREEgVUZNRwoKQ29tIGEgYXByZXNlbnRhw6fDo28gZGVzdGEgbGljZW7Dp2EsIHZvY8OqIChvIGF1dG9yIChlcykgb3UgbyB0aXR1bGFyIGRvcyBkaXJlaXRvcyBkZSBhdXRvcikgY29uY2VkZSBhbyBSZXBvc2l0w7NyaW8gSW5zdGl0dWNpb25hbCBkYSBVRk1HIChSSS1VRk1HKSBvIGRpcmVpdG8gbsOjbyBleGNsdXNpdm8gZSBpcnJldm9nw6F2ZWwgZGUgcmVwcm9kdXppciBlL291IGRpc3RyaWJ1aXIgYSBzdWEgcHVibGljYcOnw6NvIChpbmNsdWluZG8gbyByZXN1bW8pIHBvciB0b2RvIG8gbXVuZG8gbm8gZm9ybWF0byBpbXByZXNzbyBlIGVsZXRyw7RuaWNvIGUgZW0gcXVhbHF1ZXIgbWVpbywgaW5jbHVpbmRvIG9zIGZvcm1hdG9zIMOhdWRpbyBvdSB2w61kZW8uCgpWb2PDqiBkZWNsYXJhIHF1ZSBjb25oZWNlIGEgcG9sw610aWNhIGRlIGNvcHlyaWdodCBkYSBlZGl0b3JhIGRvIHNldSBkb2N1bWVudG8gZSBxdWUgY29uaGVjZSBlIGFjZWl0YSBhcyBEaXJldHJpemVzIGRvIFJJLVVGTUcuCgpWb2PDqiBjb25jb3JkYSBxdWUgbyBSZXBvc2l0w7NyaW8gSW5zdGl0dWNpb25hbCBkYSBVRk1HIHBvZGUsIHNlbSBhbHRlcmFyIG8gY29udGXDumRvLCB0cmFuc3BvciBhIHN1YSBwdWJsaWNhw6fDo28gcGFyYSBxdWFscXVlciBtZWlvIG91IGZvcm1hdG8gcGFyYSBmaW5zIGRlIHByZXNlcnZhw6fDo28uCgpWb2PDqiB0YW1iw6ltIGNvbmNvcmRhIHF1ZSBvIFJlcG9zaXTDs3JpbyBJbnN0aXR1Y2lvbmFsIGRhIFVGTUcgcG9kZSBtYW50ZXIgbWFpcyBkZSB1bWEgY8OzcGlhIGRlIHN1YSBwdWJsaWNhw6fDo28gcGFyYSBmaW5zIGRlIHNlZ3VyYW7Dp2EsIGJhY2stdXAgZSBwcmVzZXJ2YcOnw6NvLgoKVm9jw6ogZGVjbGFyYSBxdWUgYSBzdWEgcHVibGljYcOnw6NvIMOpIG9yaWdpbmFsIGUgcXVlIHZvY8OqIHRlbSBvIHBvZGVyIGRlIGNvbmNlZGVyIG9zIGRpcmVpdG9zIGNvbnRpZG9zIG5lc3RhIGxpY2Vuw6dhLiBWb2PDqiB0YW1iw6ltIGRlY2xhcmEgcXVlIG8gZGVww7NzaXRvIGRlIHN1YSBwdWJsaWNhw6fDo28gbsOjbywgcXVlIHNlamEgZGUgc2V1IGNvbmhlY2ltZW50bywgaW5mcmluZ2UgZGlyZWl0b3MgYXV0b3JhaXMgZGUgbmluZ3XDqW0uCgpDYXNvIGEgc3VhIHB1YmxpY2HDp8OjbyBjb250ZW5oYSBtYXRlcmlhbCBxdWUgdm9jw6ogbsOjbyBwb3NzdWkgYSB0aXR1bGFyaWRhZGUgZG9zIGRpcmVpdG9zIGF1dG9yYWlzLCB2b2PDqiBkZWNsYXJhIHF1ZSBvYnRldmUgYSBwZXJtaXNzw6NvIGlycmVzdHJpdGEgZG8gZGV0ZW50b3IgZG9zIGRpcmVpdG9zIGF1dG9yYWlzIHBhcmEgY29uY2VkZXIgYW8gUmVwb3NpdMOzcmlvIEluc3RpdHVjaW9uYWwgZGEgVUZNRyBvcyBkaXJlaXRvcyBhcHJlc2VudGFkb3MgbmVzdGEgbGljZW7Dp2EsIGUgcXVlIGVzc2UgbWF0ZXJpYWwgZGUgcHJvcHJpZWRhZGUgZGUgdGVyY2Vpcm9zIGVzdMOhIGNsYXJhbWVudGUgaWRlbnRpZmljYWRvIGUgcmVjb25oZWNpZG8gbm8gdGV4dG8gb3Ugbm8gY29udGXDumRvIGRhIHB1YmxpY2HDp8OjbyBvcmEgZGVwb3NpdGFkYS4KCkNBU08gQSBQVUJMSUNBw4fDg08gT1JBIERFUE9TSVRBREEgVEVOSEEgU0lETyBSRVNVTFRBRE8gREUgVU0gUEFUUk9Dw41OSU8gT1UgQVBPSU8gREUgVU1BIEFHw4pOQ0lBIERFIEZPTUVOVE8gT1UgT1VUUk8gT1JHQU5JU01PLCBWT0PDiiBERUNMQVJBIFFVRSBSRVNQRUlUT1UgVE9ET1MgRSBRVUFJU1FVRVIgRElSRUlUT1MgREUgUkVWSVPDg08gQ09NTyBUQU1Cw4lNIEFTIERFTUFJUyBPQlJJR0HDh8OVRVMgRVhJR0lEQVMgUE9SIENPTlRSQVRPIE9VIEFDT1JETy4KCk8gUmVwb3NpdMOzcmlvIEluc3RpdHVjaW9uYWwgZGEgVUZNRyBzZSBjb21wcm9tZXRlIGEgaWRlbnRpZmljYXIgY2xhcmFtZW50ZSBvIHNldSBub21lKHMpIG91IG8ocykgbm9tZXMocykgZG8ocykgZGV0ZW50b3IoZXMpIGRvcyBkaXJlaXRvcyBhdXRvcmFpcyBkYSBwdWJsaWNhw6fDo28sIGUgbsOjbyBmYXLDoSBxdWFscXVlciBhbHRlcmHDp8OjbywgYWzDqW0gZGFxdWVsYXMgY29uY2VkaWRhcyBwb3IgZXN0YSBsaWNlbsOnYS4KRepositório de PublicaçõesPUBhttps://repositorio.ufmg.br/oaiopendoar:2022-04-11T20:14:30Repositório Institucional da UFMG - Universidade Federal de Minas Gerais (UFMG)false
dc.title.pt_BR.fl_str_mv	Chaining-box: a transparent SFC architecture leveraging BPF
dc.title.alternative.pt_BR.fl_str_mv	Chaining-Box: uma arquitetura de encadeamento de funções de rede transparente usando BPF
title	Chaining-box: a transparent SFC architecture leveraging BPF
spellingShingle	Chaining-box: a transparent SFC architecture leveraging BPF Matheus Salgueiro Castanho Service function chaining Network function virtualization Programmable networks Computação - Teses Virtualização de funções de rede - Teses Redes programáveis - Teses Encadeamento de funções de rede - Teses
title_short	Chaining-box: a transparent SFC architecture leveraging BPF
title_full	Chaining-box: a transparent SFC architecture leveraging BPF
title_fullStr	Chaining-box: a transparent SFC architecture leveraging BPF
title_full_unstemmed	Chaining-box: a transparent SFC architecture leveraging BPF
title_sort	Chaining-box: a transparent SFC architecture leveraging BPF
author	Matheus Salgueiro Castanho
author_facet	Matheus Salgueiro Castanho
author_role	author
dc.contributor.advisor1.fl_str_mv	Marcos Augusto Menezes Vieira
dc.contributor.advisor1Lattes.fl_str_mv	http://lattes.cnpq.br/9763065820419680
dc.contributor.advisor-co1.fl_str_mv	Cristina Klippel Dominicini
dc.contributor.referee1.fl_str_mv	Daniel Fernandes Macedo
dc.contributor.referee2.fl_str_mv	Ítalo Fernando Scotá Cunha
dc.contributor.referee3.fl_str_mv	Magnos Martinello
dc.contributor.authorLattes.fl_str_mv	http://lattes.cnpq.br/2889299231798319
dc.contributor.author.fl_str_mv	Matheus Salgueiro Castanho
contributor_str_mv	Marcos Augusto Menezes Vieira Cristina Klippel Dominicini Daniel Fernandes Macedo Ítalo Fernando Scotá Cunha Magnos Martinello
dc.subject.por.fl_str_mv	Service function chaining Network function virtualization Programmable networks
topic	Service function chaining Network function virtualization Programmable networks Computação - Teses Virtualização de funções de rede - Teses Redes programáveis - Teses Encadeamento de funções de rede - Teses
dc.subject.other.pt_BR.fl_str_mv	Computação - Teses Virtualização de funções de rede - Teses Redes programáveis - Teses Encadeamento de funções de rede - Teses
description	The development and adoption of Network Function Virtualization (NFV) has allowed great improvements in the way network services are deployed and managed by service providers. It has enabled the design of infrastructures more capable of responding to quick changes in demand due to the dynamic nature of traffic, while also providing reduction in management costs. In this setting, it is often required to compose different Service Functions (SF) in a sequential manner to create complex network services that operate on incoming traffic. Several approaches to handle this interconnection, also called Service Function Chaining (SFC), have been proposed in recent years, including high-performance implementations used in production systems. However, a careful analysis of these proposals shows that the separation of concerns between the service and data planes has not been among the main design objectives. As a consequence, the existing SFC architectures are tailor-made for specific environments and platforms, often relying on specialized or modified network devices, either in software or in hardware. This work proposes a new SFC architecture called Chaining-Box. It is based on a simple idea: integrating all functionality needed to provide SFC into each SF as a set of processing stages. This is done in a fully transparent manner, requiring little to no support from the underlying infrastructure and without any modifications to functions. The stages are implemented as BPF programs running inside a Linux kernel to provide all SFC actions as the packets traverse the kernel stack. Chaining-Box in detail, presenting its design and discussing how it compares to other existing SFC implementations, highlighting its advantages and also the disadvantages. An experimental analysis is also presented to demonstrate its applicability and the performance of the prototype implemented.
publishDate	2020
dc.date.issued.fl_str_mv	2020-03-27
dc.date.accessioned.fl_str_mv	2022-04-11T20:14:29Z
dc.date.available.fl_str_mv	2022-04-11T20:14:29Z
dc.type.status.fl_str_mv	info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv	info:eu-repo/semantics/masterThesis
format	masterThesis
status_str	publishedVersion
dc.identifier.uri.fl_str_mv	http://hdl.handle.net/1843/40984
dc.identifier.orcid.pt_BR.fl_str_mv	https://orcid.org/ 0000-0003-3412-0062
url	http://hdl.handle.net/1843/40984 https://orcid.org/ 0000-0003-3412-0062
dc.language.iso.fl_str_mv	eng
language	eng
dc.rights.driver.fl_str_mv	http://creativecommons.org/licenses/by-sa/3.0/pt/ info:eu-repo/semantics/openAccess
rights_invalid_str_mv	http://creativecommons.org/licenses/by-sa/3.0/pt/
eu_rights_str_mv	openAccess
dc.publisher.none.fl_str_mv	Universidade Federal de Minas Gerais
dc.publisher.program.fl_str_mv	Programa de Pós-Graduação em Ciência da Computação
dc.publisher.initials.fl_str_mv	UFMG
dc.publisher.country.fl_str_mv	Brasil
dc.publisher.department.fl_str_mv	ICX - DEPARTAMENTO DE CIÊNCIA DA COMPUTAÇÃO
publisher.none.fl_str_mv	Universidade Federal de Minas Gerais
dc.source.none.fl_str_mv	reponame:Repositório Institucional da UFMG instname:Universidade Federal de Minas Gerais (UFMG) instacron:UFMG
instname_str	Universidade Federal de Minas Gerais (UFMG)
instacron_str	UFMG
institution	UFMG
reponame_str	Repositório Institucional da UFMG
collection	Repositório Institucional da UFMG
bitstream.url.fl_str_mv	https://repositorio.ufmg.br/bitstream/1843/40984/6/dissertacao-MatheusCastanho-v1.7.pdf https://repositorio.ufmg.br/bitstream/1843/40984/7/license.txt https://repositorio.ufmg.br/bitstream/1843/40984/2/license_rdf
bitstream.checksum.fl_str_mv	eee49ff5c9d1b51b5672a4eaf0faf58b cda590c95a0b51b4d15f60c9642ca272 5dda753f5b57b1020a56e348e443aa73
bitstream.checksumAlgorithm.fl_str_mv	MD5 MD5 MD5
repository.name.fl_str_mv	Repositório Institucional da UFMG - Universidade Federal de Minas Gerais (UFMG)
repository.mail.fl_str_mv
_version_	1801676917967945728

Chaining-box: a transparent SFC architecture leveraging BPF

Registros relacionados