MiddleNet: A Unified, High-Performance NFV and Middlebox Framework with eBPF and DPDK
Traditional network resident functions (e.g., firewalls, network address translation) and middleboxes (caches, load balancers) have moved from purpose-built appliances to software-based components. However, L2/L3 network functions (NFs) are being implemented on Network Function Virtualization (NFV)...
Gespeichert in:
| Hauptverfasser: | , , , |
|---|---|
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | |
| container_start_page | |
| container_title | |
| container_volume | |
| creator | Qi, Shixiong Zeng, Ziteng Monis, Leslie Ramakrishnan, K. K |
| description | Traditional network resident functions (e.g., firewalls, network address
translation) and middleboxes (caches, load balancers) have moved from
purpose-built appliances to software-based components. However, L2/L3 network
functions (NFs) are being implemented on Network Function Virtualization (NFV)
platforms that extensively exploit kernel-bypass technology. They often use
DPDK for zero-copy delivery and high performance. On the other hand, L4/L7
middleboxes, which have a greater emphasis on functionality, take advantage of
a full-fledged kernel-based system.
L2/L3 NFs and L4/L7 middleboxes continue to be handled by distinct platforms
on different nodes. This paper proposes MiddleNet that develops a unified
network resident function framework that supports L2/L3 NFs and L4/L7
middleboxes. MiddleNet supports function chains that are essential in both NFV
and middlebox environments. MiddleNet uses the Data Plane Development Kit
(DPDK) library for zero-copy packet delivery without interrupt-based
processing, to enable the "bump-in-the-wire" L2/L3 processing performance
required of NFV. To support L4/L7 middlebox functionality, MiddleNet utilizes a
consolidated, kernel-based protocol stack for processing, avoiding a dedicated
protocol stack for each function. MiddleNet fully exploits the event-driven
capabilities of the extended Berkeley Packet Filter (eBPF) and seamlessly
integrates it with shared memory for high-performance communication in L4/L7
middlebox function chains. The overheads for MiddleNet in L4/L7 are strictly
load-proportional, without needing the dedicated CPU cores of DPDK-based
approaches. MiddleNet supports flow-dependent packet processing by leveraging
Single Root I/O Virtualization (SR-IOV) to dynamically select the packet
processing needed (Layers 2 - 7). Our experimental results show that MiddleNet
achieves high performance in such a unified environment. |
| doi_str_mv | 10.48550/arxiv.2303.04404 |
| format | Article |
| fullrecord | <record><control><sourceid>arxiv_GOX</sourceid><recordid>TN_cdi_arxiv_primary_2303_04404</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2303_04404</sourcerecordid><originalsourceid>FETCH-LOGICAL-a674-ecb246165a593e43bac1a8c46573168c52b7b7d5335fbf471eff43adc00394c23</originalsourceid><addsrcrecordid>eNotz7FOwzAUhWEvDKjwAEz4AUhwcq-TlK20hCJKydCyRtf2NbVoGmQqWt4ekTKd5deRPiGuMpVipbW6pXgM32kOClKFqPBcrF-Cc1te8v5OTuR6F3xgdyPn4X2TNBx9HzvaWZbL-k3SzslTbvqjrCN1fOjjhzyE_UbyfVMPxayZPV-IM0_bL77835FY1Q-r6TxZvD4-TSeLhIoSE7YmxyIrNOkxMIIhm1FlsdAlZEVldW5KUzoNoL3xWGbsPQI5qxSM0eYwEten28HVfsbQUfxp_3zt4INfQBFIzg</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>MiddleNet: A Unified, High-Performance NFV and Middlebox Framework with eBPF and DPDK</title><source>arXiv.org</source><creator>Qi, Shixiong ; Zeng, Ziteng ; Monis, Leslie ; Ramakrishnan, K. K</creator><creatorcontrib>Qi, Shixiong ; Zeng, Ziteng ; Monis, Leslie ; Ramakrishnan, K. K</creatorcontrib><description>Traditional network resident functions (e.g., firewalls, network address
translation) and middleboxes (caches, load balancers) have moved from
purpose-built appliances to software-based components. However, L2/L3 network
functions (NFs) are being implemented on Network Function Virtualization (NFV)
platforms that extensively exploit kernel-bypass technology. They often use
DPDK for zero-copy delivery and high performance. On the other hand, L4/L7
middleboxes, which have a greater emphasis on functionality, take advantage of
a full-fledged kernel-based system.
L2/L3 NFs and L4/L7 middleboxes continue to be handled by distinct platforms
on different nodes. This paper proposes MiddleNet that develops a unified
network resident function framework that supports L2/L3 NFs and L4/L7
middleboxes. MiddleNet supports function chains that are essential in both NFV
and middlebox environments. MiddleNet uses the Data Plane Development Kit
(DPDK) library for zero-copy packet delivery without interrupt-based
processing, to enable the "bump-in-the-wire" L2/L3 processing performance
required of NFV. To support L4/L7 middlebox functionality, MiddleNet utilizes a
consolidated, kernel-based protocol stack for processing, avoiding a dedicated
protocol stack for each function. MiddleNet fully exploits the event-driven
capabilities of the extended Berkeley Packet Filter (eBPF) and seamlessly
integrates it with shared memory for high-performance communication in L4/L7
middlebox function chains. The overheads for MiddleNet in L4/L7 are strictly
load-proportional, without needing the dedicated CPU cores of DPDK-based
approaches. MiddleNet supports flow-dependent packet processing by leveraging
Single Root I/O Virtualization (SR-IOV) to dynamically select the packet
processing needed (Layers 2 - 7). Our experimental results show that MiddleNet
achieves high performance in such a unified environment.</description><identifier>DOI: 10.48550/arxiv.2303.04404</identifier><language>eng</language><subject>Computer Science - Networking and Internet Architecture</subject><creationdate>2023-03</creationdate><rights>http://creativecommons.org/licenses/by-sa/4.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,780,885</link.rule.ids><linktorsrc>$$Uhttps://arxiv.org/abs/2303.04404$$EView_record_in_Cornell_University$$FView_record_in_$$GCornell_University$$Hfree_for_read</linktorsrc><backlink>$$Uhttps://doi.org/10.48550/arXiv.2303.04404$$DView paper in arXiv$$Hfree_for_read</backlink></links><search><creatorcontrib>Qi, Shixiong</creatorcontrib><creatorcontrib>Zeng, Ziteng</creatorcontrib><creatorcontrib>Monis, Leslie</creatorcontrib><creatorcontrib>Ramakrishnan, K. K</creatorcontrib><title>MiddleNet: A Unified, High-Performance NFV and Middlebox Framework with eBPF and DPDK</title><description>Traditional network resident functions (e.g., firewalls, network address
translation) and middleboxes (caches, load balancers) have moved from
purpose-built appliances to software-based components. However, L2/L3 network
functions (NFs) are being implemented on Network Function Virtualization (NFV)
platforms that extensively exploit kernel-bypass technology. They often use
DPDK for zero-copy delivery and high performance. On the other hand, L4/L7
middleboxes, which have a greater emphasis on functionality, take advantage of
a full-fledged kernel-based system.
L2/L3 NFs and L4/L7 middleboxes continue to be handled by distinct platforms
on different nodes. This paper proposes MiddleNet that develops a unified
network resident function framework that supports L2/L3 NFs and L4/L7
middleboxes. MiddleNet supports function chains that are essential in both NFV
and middlebox environments. MiddleNet uses the Data Plane Development Kit
(DPDK) library for zero-copy packet delivery without interrupt-based
processing, to enable the "bump-in-the-wire" L2/L3 processing performance
required of NFV. To support L4/L7 middlebox functionality, MiddleNet utilizes a
consolidated, kernel-based protocol stack for processing, avoiding a dedicated
protocol stack for each function. MiddleNet fully exploits the event-driven
capabilities of the extended Berkeley Packet Filter (eBPF) and seamlessly
integrates it with shared memory for high-performance communication in L4/L7
middlebox function chains. The overheads for MiddleNet in L4/L7 are strictly
load-proportional, without needing the dedicated CPU cores of DPDK-based
approaches. MiddleNet supports flow-dependent packet processing by leveraging
Single Root I/O Virtualization (SR-IOV) to dynamically select the packet
processing needed (Layers 2 - 7). Our experimental results show that MiddleNet
achieves high performance in such a unified environment.</description><subject>Computer Science - Networking and Internet Architecture</subject><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><sourceid>GOX</sourceid><recordid>eNotz7FOwzAUhWEvDKjwAEz4AUhwcq-TlK20hCJKydCyRtf2NbVoGmQqWt4ekTKd5deRPiGuMpVipbW6pXgM32kOClKFqPBcrF-Cc1te8v5OTuR6F3xgdyPn4X2TNBx9HzvaWZbL-k3SzslTbvqjrCN1fOjjhzyE_UbyfVMPxayZPV-IM0_bL77835FY1Q-r6TxZvD4-TSeLhIoSE7YmxyIrNOkxMIIhm1FlsdAlZEVldW5KUzoNoL3xWGbsPQI5qxSM0eYwEten28HVfsbQUfxp_3zt4INfQBFIzg</recordid><startdate>20230308</startdate><enddate>20230308</enddate><creator>Qi, Shixiong</creator><creator>Zeng, Ziteng</creator><creator>Monis, Leslie</creator><creator>Ramakrishnan, K. K</creator><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20230308</creationdate><title>MiddleNet: A Unified, High-Performance NFV and Middlebox Framework with eBPF and DPDK</title><author>Qi, Shixiong ; Zeng, Ziteng ; Monis, Leslie ; Ramakrishnan, K. K</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a674-ecb246165a593e43bac1a8c46573168c52b7b7d5335fbf471eff43adc00394c23</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Computer Science - Networking and Internet Architecture</topic><toplevel>online_resources</toplevel><creatorcontrib>Qi, Shixiong</creatorcontrib><creatorcontrib>Zeng, Ziteng</creatorcontrib><creatorcontrib>Monis, Leslie</creatorcontrib><creatorcontrib>Ramakrishnan, K. K</creatorcontrib><collection>arXiv Computer Science</collection><collection>arXiv.org</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Qi, Shixiong</au><au>Zeng, Ziteng</au><au>Monis, Leslie</au><au>Ramakrishnan, K. K</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>MiddleNet: A Unified, High-Performance NFV and Middlebox Framework with eBPF and DPDK</atitle><date>2023-03-08</date><risdate>2023</risdate><abstract>Traditional network resident functions (e.g., firewalls, network address
translation) and middleboxes (caches, load balancers) have moved from
purpose-built appliances to software-based components. However, L2/L3 network
functions (NFs) are being implemented on Network Function Virtualization (NFV)
platforms that extensively exploit kernel-bypass technology. They often use
DPDK for zero-copy delivery and high performance. On the other hand, L4/L7
middleboxes, which have a greater emphasis on functionality, take advantage of
a full-fledged kernel-based system.
L2/L3 NFs and L4/L7 middleboxes continue to be handled by distinct platforms
on different nodes. This paper proposes MiddleNet that develops a unified
network resident function framework that supports L2/L3 NFs and L4/L7
middleboxes. MiddleNet supports function chains that are essential in both NFV
and middlebox environments. MiddleNet uses the Data Plane Development Kit
(DPDK) library for zero-copy packet delivery without interrupt-based
processing, to enable the "bump-in-the-wire" L2/L3 processing performance
required of NFV. To support L4/L7 middlebox functionality, MiddleNet utilizes a
consolidated, kernel-based protocol stack for processing, avoiding a dedicated
protocol stack for each function. MiddleNet fully exploits the event-driven
capabilities of the extended Berkeley Packet Filter (eBPF) and seamlessly
integrates it with shared memory for high-performance communication in L4/L7
middlebox function chains. The overheads for MiddleNet in L4/L7 are strictly
load-proportional, without needing the dedicated CPU cores of DPDK-based
approaches. MiddleNet supports flow-dependent packet processing by leveraging
Single Root I/O Virtualization (SR-IOV) to dynamically select the packet
processing needed (Layers 2 - 7). Our experimental results show that MiddleNet
achieves high performance in such a unified environment.</abstract><doi>10.48550/arxiv.2303.04404</doi><oa>free_for_read</oa></addata></record> |
| fulltext | fulltext_linktorsrc |
| identifier | DOI: 10.48550/arxiv.2303.04404 |
| ispartof | |
| issn | |
| language | eng |
| recordid | cdi_arxiv_primary_2303_04404 |
| source | arXiv.org |
| subjects | Computer Science - Networking and Internet Architecture |
| title | MiddleNet: A Unified, High-Performance NFV and Middlebox Framework with eBPF and DPDK |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-12T00%3A29%3A46IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-arxiv_GOX&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=MiddleNet:%20A%20Unified,%20High-Performance%20NFV%20and%20Middlebox%20Framework%20with%20eBPF%20and%20DPDK&rft.au=Qi,%20Shixiong&rft.date=2023-03-08&rft_id=info:doi/10.48550/arxiv.2303.04404&rft_dat=%3Carxiv_GOX%3E2303_04404%3C/arxiv_GOX%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |