research-article

Programming slick network functions

Authors:

Theophilus Benson,

Dave LevinAuthors Info & Claims

SOSR '15: Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research

Article No.: 14, Pages 1 - 13

https://doi.org/10.1145/2774993.2774998

Published: 17 June 2015 Publication History

Abstract

Current approaches to in-network traffic processing involve the deployment of monolithic middleboxes in virtual machines. These approaches make it difficult to reuse functionality across different packet processing elements and also do not use available in-network processing resources efficiently. We present Slick, a framework for programming network functions that allows a programmer to write a single high-level control program that specifies custom packet processing on precise subsets of traffic. The Slick runtime coordinates the placement of fine-grained packet processing elements (e.g., firewalls, load balancers) and steers traffic through sequences of these element instances. A Slick program merely dictates what processing should be performed on specific traffic flows, without requiring the programmer to specify where in the network specific processing elements are instantiated or how traffic should be routed through them. In contrast to previous work, Slick handles both the placement of fine-grained elements and the steering of traffic through specific sequences of element instances, allowing for more efficient use of network resources than solutions that solve each problem in isolation.

References

[1]

M. Al-Fares, A. Loukissas, and A. Vahdat. A scalable, commodity, data center network architecture. In ACM SIGCOMM Conference, 2008. (Cited on page 8.)

Digital Library

[2]

E. Al-shaer, W. Marrero, A. El-atawy, and K. Elbadawi. Network Configuration in A Box: Towards End-to-End Verification of Network Reachability and Security. In IEEE ICNP, Princeton, NJ, 2009. (Cited on page 11.)

[3]

J. Anderson, R. Braud, R. Kapoor, G. Porter, and A. Vahdat. xOMB: Extensible Open Middleboxes with Commodity Servers. In Proc. ANCS, 2012. (Cited on page 2.)

Digital Library

[4]

T. Benson, A. Akella, and D. Maltz. Network traffic characteristics of data centers in the wild. In ACM SIGCOMM Internet Measurement Conference, Melbourne, Australia, Nov. 2010. (Cited on page 8.)

Digital Library

[5]

B. Carpenter. Middleboxes: Taxonomy and Issues. Internet Engineering Task Force, Feb. 2002. RFC 3234. (Cited on page 2.)

Digital Library

[6]

Control groups. https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt. (Cited on page 11.)

[7]

M. Charikar, Y. Naamad, J. Rexford, and K. Zou. Multi-Commodity Flow with In-Network Processing. Technical report, Princeton University, 2014. http://www.cs.princeton.edu/~jrex/papers/mopt14.pdf. (Cited on page 2.)

[8]

C. Dixon, H. Uppal, V. Brajkovic, D. Brandon, T. Anderson, and A. Krishnamurthy. ETTM: A Scalable Fault Tolerant Network Manager. In Proc. 8th USENIX NSDI, Boston, MA, Apr. 2011. (Cited on page 2.)

Digital Library

[9]

Enter the Andromeda zone - Google Cloud Platform latest networking stack. http://goo.gl/u59Iw1. (Cited on page 1.)

[10]

ETSI Network Function Virtualization. http://www.etsi.org/technologies-clusters/technologies/nfv. (Cited on pages 1 and 2.)

[11]

S. K. Fayaz, Y. Tobioka, S. Chaki, and V. Sekar. BUZZ: Testing Context-Dependent Policies in Stateful Data Planes. Technical Report CMU-CyLab-14-013, Carnegie Mellon University, 2014. (Cited on page 11.)

[12]

S. K. Fayazbakhsh, L. Chiang, V. Sekar, M. Yu, and J. C. Mogul. Enforcing Network-wide Policies in the Presence of Dynamic Middlebox Actions Using Flowtags. In Proc. 11th USENIX NSDI, Seattle, WA, Apr. 2014. (Cited on page 2.)

Digital Library

[13]

S. K. Fayazbakhsh, V. Sekar, M. Yu, and J. C. Mogul. FlowTags: Enforcing network-wide policies in the presence of dynamic middlebox actions. In Proc. ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, Hong Kong, China, Aug. 2013. (Cited on page 7.)

Digital Library

[14]

N. Foster, R. Harrison, M. Freedman, C. Monsanto, J. Rexford, A. Story, and D. Walker. Frenetic: A network programming language. In International Conference on Functional Programming, Sept. 2011. (Cited on page 2.)

Digital Library

[15]

A. Gember, R. Grandl, A. Anand, T. Benson, and A. Akella. Stratos: Virtual Middleboxes as First-Class Entities. Technical Report TR1771, University of Wisconsin-Madison, June 2012. (Cited on pages 1 and 2.)

[16]

A. Gember, P. Prabhu, Z. Ghadiyali, and A. Akella. Toward software-defined middlebox networking. In Proceedings of the 11th ACM Workshop on Hot Topics in Networks, pages 7--12. ACM, 2012. (Cited on page 1.)

Digital Library

[17]

A. Gember-Jacobson, R. Viswanathan, C. Prakash, R. Grandl, J. Khalid, S. Das, and A. Akella. OpenNF: Enabling innovation in network function control. In ACM SIGCOMM, pages 163--174, Chicago, IL, 2014. ACM. (Cited on page 2.)

Digital Library

[18]

G. Gibb, A. Covington, T. Yabe, and N. McKeown. OpenPipes: Prototyping high-speed networking systems, Aug. 2009. SIGCOMM 2009 Demo Session. (Cited on pages 1 and 2.)

[19]

N. Handigol, B. Heller, V. Jeyakumar, B. Lantz, and N. McKeown. Reproducible Network Experiments Using Container-based Emulation. In Proc. ACM SIGCOMM CoNext Conference, 2012. (Cited on page 8.)

Digital Library

[20]

A. Jain, J. M. Hellerstein, S. Ratnasamy, and D. Wetherall. A wakeup call for Internet monitoring systems: The case for distributed triggers. In Proc. 3nd ACM Workshop on Hot Topics in Networks (Hotnets-III), San Diego, CA, Nov. 2004. (Cited on page 2.)

[21]

X. Jin, E. L. Li, L. Vanbever, and J. Rexford. SoftCell: Scalable and flexible cellular core network architecture. In Proc. 9th International Conference on emerging Networking EXperiments and Technologies (CoNEXT), Dec. 2013. (Cited on pages 1 and 2.)

Digital Library

[22]

D. Joseph and I. Stoica. Modeling Middleboxes. IEEE Network, 22(5): 20--25, 2008. (Cited on page 2.)

Digital Library

[23]

D. A. Joseph, A. Tavakoli, and I. Stoica. A Policy-aware Switching Layer for Data Centers. In ACM SIGCOMM Conference, 2008. (Cited on pages 1 and 2.)

Digital Library

[24]

P. Kazemian, M. Chang, H. Zeng, G. Varghese, N. McKeown, and S. Whyte. Real time network policy checking using header space analysis. In Proc. 10th USENIX NSDI, Lombard, IL, Apr. 2013. (Cited on page 11.)

Digital Library

[25]

A. Khurshid, X. Zou, W. Zhou, M. Caesar, and B. Godfrey. Veriflow: Verifying network-wide invariants in real time. In Proc. 10th USENIX NSDI, Lombard, IL, Apr. 2013. (Cited on page 11.)

Digital Library

[26]

H. Kim, T. Benson, A. Akella, and N. Feamster. Understanding the evolution of network configuration: A tale of two campuses. In ACM SIGCOMM Internet Measurement Conference, Berlin, Germany, 2011. (Cited on page 8.)

Digital Library

[27]

H. Kim, J. Reich, A. Gupta, M. Shahbaz, N. Feamster, and R. Clark. Kinetic: Verifiable dynamic network control. In Proc. 12th USENIX NSDI, Oakland, CA, May 2015. (Cited on page 2.)

Digital Library

[28]

E. Kohler, R. Morris, B. Chen, J. Jannotti, and M. F. Kaashoek. The Click modular router. ACM Transactions on Computer Systems, 18(3): 263--297, Aug. 2000. (Cited on pages 1, 2 and 3.)

Digital Library

[29]

L. E. Li, V. Liaghat, H. Zhao, M. Hajiaghayi, D. Li, G. T. Wilfong, Y. R. Yang, and C. Guo. PACE: Policy-Aware Application Cloud Embedding. In IEEE INFOCOM, Turin, Italy, 2013. (Cited on pages 1 and 3.)

[30]

F. Linton. A set of measures of centrality based upon betweenness. Sociometry, 40: 35--41, 1977. (Cited on page 6.)

[31]

Linux Containers. https://linuxcontainers.org/. (Cited on page 11.)

[32]

A. Madhavapeddy, R. Mortier, C. Rotsos, D. Scott, B. Singh, T. Gazagnaire, S. Smith, S. Hand, and J. Crowcroft. Unikernels: library operating systems for the cloud. In Proc. 18th International Conf. on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Houston, TX, Mar. 2013. (Cited on page 11.)

Digital Library

[33]

J. Martins, M. Ahmed, C. Raiciu, V. Olteanu, M. Honda, R. Bifulco, and F. Huici. Clickos and the art of network function virtualization. In 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI 14), pages 459--473, Seattle, WA, Apr. 2014. USENIX Association. (Cited on pages 1 and 11.)

Digital Library

[34]

N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner. OpenFlow: Enabling innovation in campus networks. ACM Computer Communications Review, Apr. 2008. (Cited on page 2.)

Digital Library

[35]

C. Monsanto, N. Foster, R. Harrison, and D. Walker. A Compiler and Run-time System for Network Programming Languages. In ACM POPL, pages 217--230, Philadelphia, USA, Jan. 2012. (Cited on page 2.)

Digital Library

[36]

A. Panda, O. Lahav, K. Argyraki, M. Sagiv, and S. Shenker. Verifying Isolation Properties in the Presence of Middleboxes. http://arxiv.org/abs/1409.7687, 2014. (Cited on page 11.)

[37]

V. Paxson. Bro: a System for Detecting Network Intruders in Real-Time. Computer Networks, 31(23-24): 2435--2463, 1999. (Cited on page 3.)

Digital Library

[38]

POX: An OpenFlow controller. http://www.noxrepo.org/pox/about-pox/. (Cited on page 7.)

[39]

Z. Qazi, C.-C. Tu, L. Chiang, R. Miao, V. Sekar, and M. Yu. SIMPLE-fying Middlebox Policy Enforcement using SDN. In ACM SIGCOMM Conference, 2013. (Cited on pages 2 and 7.)

Digital Library

[40]

S. Rajagopalan, D. Williams, H. Jamjoom, and A. Warfield. Split/Merge: System Support for Elastic Execution in Virtual Middleboxes. In USENIX Symposium on Networked Systems Design and Implementation, Lombard, Illinois, 2013. (Cited on page 2.)

Digital Library

[41]

V. Sekar, N. Egi, S. Ratnasamy, M. K. Reiter, and G. Shi. Design and implementation of a consolidated middlebox architecture. In Proc. 9th USENIX NSDI, San Jose, CA, Apr. 2012. (Cited on pages 1, 2 and 9.)

Digital Library

[42]

Service Function Chaining Problem Statement(IETF Draft RFC). http://goo.gl/cQMV6k. (Cited on page 7.)

[43]

SFC: Service Function Chaining. https://datatracker.ietf.org/wg/sfc/charter/. (Cited on page 2.)

[44]

J. Sherry, S. Hasan, C. Scott, A. Krishnamurthy, S. Ratnasamy, and V. Sekar. Making middleboxes someone elseś problem: Network processing as a cloud service. In Proc. ACM SIGCOMM, Helsinki, Finland, Aug. 2012. (Cited on pages 1 and 2.)

Digital Library

[45]

S. Shin, P. A. Porras, V. Yegneswaran, M. W. Fong, G. Gu, and M. Tyson. Fresco: Modular composable security services for software-defined networks. In Proc. NDSS, 2013. (Cited on page 2.)

[46]

Snort intrusion detection system. https://www.snort.org/. (Cited on page 3.)

[47]

R. Soule, S. Basu, P. J. Marandi, F. Pedone, R. Kleinberg, E. G. Sirer, and N. Foster. Merlin:a language for provisioning network resources. In Proc. CoNEXT, Dec. 2014. (Cited on page 2.)

Digital Library

[48]

A. Voellmy, J. Wang, Y. R. Yang, B. Ford, and P. Hudak. Maple:simplifying sdn programming using algorithmic policies. In ACM SIGCOMM Conference, 2013. (Cited on page 2.)

Digital Library

[49]

Z. Wang, Z. Qian, Q. Xu, Z. Mao, and M. Zhang. An untold story of middleboxes in cellular networks. In Proc. ACM SIGCOMM, Toronto, Ontario, Canada, Aug. 2011. (Cited on pages 1 and 2.)

Digital Library

[50]

Y. Zhang, N. Beheshti, L. Beliveau, G. Lefebvre, R. Misra, R. Patney, E. Rubow, R. Subrahmaniam, R. Manghirmalani, M. Shirazipour, C. Truchan, and M. Tatipamula. StEERING: A Software-Defined Networking for Inline Service Chaining. In IEEE ICNP, Goettingen, Germany, 2013. IEEE. (Cited on page 2.)

Cited By

Yang PChang TCai L(2024)DDR: A Deadline-Driven Routing Protocol for Delay Guaranteed ServiceIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621415(941-950)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621415
Blöcher MNedderhut NChuprikov PKhalili REugster PWang L(2024)Train Once Apply Anywhere: Effective Scheduling for Network Function Chains Running on FUMESIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621125(661-670)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621125
Chen S(2024)Choate: Toward High-Level, Cross-Layer SDN ProgrammingNetwork Simulation and Evaluation10.1007/978-981-97-4522-7_7(102-117)Online publication date: 2-Aug-2024
https://doi.org/10.1007/978-981-97-4522-7_7
Show More Cited By

Index Terms

Programming slick network functions
1. Networks
  1. Network architectures

Recommendations

Empowering networking research and experimentation through Software-Defined Networking

Software-Defined Networking (SDN) is an evolving network architecture influenced by the increasing popularity in the deployment of Network Virtualization, cloud computing technologies, and the network ossification trend. It represents a new approach to ...
Performance-aware placement and chaining scheme for virtualized network functions: a particle swarm optimization approach
Abstract
Network functions virtualization (NFV) is a new concept that has received the attention of both researchers and network providers. NFV decouples network functions from specialized hardware devices and virtualizes these network functions as ...
Dynamic VNF Placement to Manage User Traffic Flow in Software-Defined Wireless Networks
Abstract
In a Software-Defined Wireless Network (SDWN), Network Function Virtualization (NFV) technology enables implementation of network services using software. These softwarized network services running on NFV nodes, i.e., commercial servers with NFV ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SOSR '15: Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research

June 2015

226 pages

ISBN:9781450334518

DOI:10.1145/2774993

Program Chairs:
Jennifer Rexford
Princeton
,
Amin Vahdat
Google

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication
ONS: Open Networking Summit

In-Cooperation

USENIX Assoc: USENIX Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 June 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

DARPA through the U.S. Navy SPAWAR
NSF

Conference

SOSR 2015

Sponsor:

SIGCOMM
ONS

SOSR 2015: ACM SIGCOMM Symposium on SDN Research

June 17 - 18, 2015

California, Santa Clara

Acceptance Rates

SOSR '15 Paper Acceptance Rate 7 of 43 submissions, 16%;

Overall Acceptance Rate 7 of 43 submissions, 16%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

64
Total Citations
View Citations
773
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)3

Reflects downloads up to 14 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Yang PChang TCai L(2024)DDR: A Deadline-Driven Routing Protocol for Delay Guaranteed ServiceIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621415(941-950)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621415
Blöcher MNedderhut NChuprikov PKhalili REugster PWang L(2024)Train Once Apply Anywhere: Effective Scheduling for Network Function Chains Running on FUMESIEEE INFOCOM 2024 - IEEE Conference on Computer Communications10.1109/INFOCOM52122.2024.10621125(661-670)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOM52122.2024.10621125
Chen S(2024)Choate: Toward High-Level, Cross-Layer SDN ProgrammingNetwork Simulation and Evaluation10.1007/978-981-97-4522-7_7(102-117)Online publication date: 2-Aug-2024
https://doi.org/10.1007/978-981-97-4522-7_7
Jose MLazri KFrancois JFestor O(2023)Stateful InREC: Stateful In-Network Real Number Computation With Recursive FunctionsIEEE Transactions on Network and Service Management10.1109/TNSM.2022.319800820:1(830-845)Online publication date: Mar-2023
https://doi.org/10.1109/TNSM.2022.3198008
Xu LZhang YChinprutthiwong PGu G(2023)Automatic Synthesis of Network Security Services: A First Step2023 32nd International Conference on Computer Communications and Networks (ICCCN)10.1109/ICCCN58024.2023.10230115(1-10)Online publication date: Jul-2023
https://doi.org/10.1109/ICCCN58024.2023.10230115
Adoga HPezaros D(2022)Network Function Virtualization and Service Function Chaining Frameworks: A Comprehensive Review of Requirements, Objectives, Implementations, and Open Research ChallengesFuture Internet10.3390/fi1402005914:2(59)Online publication date: 15-Feb-2022
https://doi.org/10.3390/fi14020059
Huang YChou J(2022)A Survey of NFV Network Acceleration from ETSI PerspectiveElectronics10.3390/electronics1109145711:9(1457)Online publication date: 2-May-2022
https://doi.org/10.3390/electronics11091457
Chen RZhao J(2022)Scalable and Flexible Traffic Steering for Service Function ChainsIEEE Transactions on Network and Service Management10.1109/TNSM.2022.314313919:3(2048-2062)Online publication date: Sep-2022
https://doi.org/10.1109/TNSM.2022.3143139
Xu HXi PZhao GLiu JQian CHuang L(2022)SAFE-ME: Scalable and Flexible Policy Enforcement in Middlebox NetworksIEEE/ACM Transactions on Networking10.1109/TNET.2022.316716930:5(2246-2261)Online publication date: Oct-2022
https://doi.org/10.1109/TNET.2022.3167169
Kaur KMangat VKumar K(2022)A review on Virtualized Infrastructure Managers with management and orchestration features in NFV architectureComputer Networks10.1016/j.comnet.2022.109281217(109281)Online publication date: Nov-2022
https://doi.org/10.1016/j.comnet.2022.109281
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents