OpenFlow is an amazingly expressive dataplane programming language, but this expressiveness comes at a severe performance price as switches must do excessive packet classification in the fast path. The prevalent OpenFlow software switch architecture is therefore built on flow caching, but this imposes intricate limitations on the workloads that can be supported efficiently and may even open the door to malicious cache overflow attacks. In this paper we argue that instead of enforcing the same universal flow cache semantics to all OpenFlow applications and optimize for the common case, a switch should rather automatically specialize its dataplane piecemeal with respect to the configured workload. We introduce ESWITCH, a novel switch architecture that uses on-the-fly template-based code generation to compile any OpenFlow pipeline into efficient machine code, which can then be readily used as fast path. We present a proofof-concept prototype and we demonstrate on illustrative use cases that ESWITCH yields a simpler architecture, superior packet processing speed, improved latency and CPU scalability, and predictable performance. Our prototype can easily scale beyond 100 Gbps on a single Intel blade even with complex OpenFlow pipelines.
Abstract-Up to not so long ago, Loop-Free Alternates (LFA) was the only viable option for providing fast protection in pure IP and MPLS/LDP networks. Unfortunately, LFA cannot provide protection for all possible failure cases in general. Recently, the IETF has initiated the Remote Loop-Free Alternates (rLFA) technique, as a simple extension to LFA, to boost the fraction of failure cases covered by fast protection. Before further standardization and deployment, however, it is crucial to determine to what extent rLFA can improve the level of protection in a general IP network, as well as to find optimization methods to tweak a network for 100% rLFA coverage. In this paper, we take the first steps towards this goal by solving these problems in the special, but practically relevant, case when each network link is of unit cost. We also provide preliminary numerical evaluations conducted on real IP network topologies, which suggest that rLFA significantly improves the level of protection, and most networks need only 2 − 3 new links to be added to attain 100% failure case coverage.
Abstract-Recently, major vendors have introduced new router platforms to the market that support fast IP-level failure protection out of the box. The implementations are based on the IP Fast ReRoute-Loop Free Alternates (LFA) standard. LFA is simple, unobtrusive, and easily deployable. This simplicity, however, comes at a severe price, in that LFA usually cannot protect all possible failure scenarios. In this paper, we give new graph theoretical tools for analyzing LFA failure case coverage and we seek ways for improvement. In particular, we investigate how to optimize IGP link costs to maximize the number of protected failure scenarios, we show that this problem is NPcomplete even in a very restricted formulation, and we give exact and approximate algorithms to solve it. Our simulation studies show that a deliberate selection of IGP costs can bring many networks close to complete LFA-based protection.
Abstract-With the soar of Software Defined Networking planning a network service becomes harder of a task than ever before. Selecting traditional network elements that provide the best value for money given the performance requirements and the allocated budget is not the only option today: one might also take the software solution on generic hardware alternative. The problem is that the set of available solutions and the possible combinations of software and hardware components in this nowadays' alternative is frustratingly vast while the decision maker lacks any clear benchmarking comparison between the existing options. Our solution presented in this paper provides an answer to this critical need: we propose a benchmarking tool that allows the user to measure the important performance metrics of any network function realized on any hardware and software combination, and then to compare the results on a web interface with those of all the setups collected in our database.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.