• Corpus ID: 237562907

Acila: Attaching Identities of Workloads for Efficient Packet Classification in a Cloud Data Center Network

  title={Acila: Attaching Identities of Workloads for Efficient Packet Classification in a Cloud Data Center Network},
  author={Ken-ichi Ohnishi and Daisuke Kotani and Hirofumi Ichihara and Yohei Kanemaru and Yasuo Okabe},
IP addresses and port numbers (network based identifiers hereafter) in packets are two major identifiers for network devices to identify systems and roles of hosts sending and receiving packets for access control lists, priority control, etc. However, in modern system design on cloud, such as microservices architecture, network based identifiers are inefficient for network devices to identify systems and roles of hosts. This is because, due to autoscaling and automatic deployment of new… 


Slim: OS Kernel Support for a Low-Overhead Container Overlay Network
Slim is designed and implemented, a low-overhead container overlay network that implements network virtualization by manipulating connection-level metadata and maintains compatibility with today’s containerized applications.
CloudNaaS: a cloud networking platform for enterprise applications
An OpenFlow-based prototype of CloudNaaS is evaluated and it is found that it can be used to instantiate a variety of network functions in the cloud, and that its performance is robust even in the face of large numbers of provisioned services and link/device failures.
Host Identity Protocol (HIP): Connectivity, Mobility, Multi-Homing, Security, and Privacy over IPv4 and IPv6 Networks
An in-depth look at HIP is provided, discussing its architecture, design, benefits, potential drawbacks, and ongoing work.
A scalable, commodity data center network architecture
This paper shows how to leverage largely commodity Ethernet switches to support the full aggregate bandwidth of clusters consisting of tens of thousands of elements and argues that appropriately architected and interconnected commodity switches may deliver more performance at less cost than available from today's higher-end solutions.
Creating Complex Network Services with eBPF: Experience and Lessons Learned
The most promising characteristics of this technology and the main encountered limitations are presented, and some solutions that can mitigate the latter are envisioned.
Implementation of Quality of Service (QoS) in Multi Protocol Label Switching (MPLS) networks
This paper presents the QoS benefits of Diff-Serv aware MPLS networks when simulating the network using J-Sim, and outputs such as throughput and packet drops will be discussed in this paper.
eZTrust: Network-Independent Zero-Trust Perimeterization for Microservices
The proposed eZTrust allows data center tenants to express access control policies based on fine-grained workload identities, and enables data center operators to enforce such policies reliably and efficiently in a purely network-independent fashion.
P4: programming protocol-independent packet processors
This paper proposes P4 as a strawman proposal for how OpenFlow should evolve in the future, and describes how to use P4 to configure a switch to add a new hierarchical label.
The Locator/ID Separation Protocol (LISP)
This draft describes a simple, incremental, network-based protocol to implement separation of Internet addresses into Endpoint Identifiers (EIDs) and Routing Locators (RLOCs). This mechanism requires
Running BGP in Data Centers at Scale
Facebook’s BGP-based data center routing design is presented and it is demonstrated how this design provides Facebook with flexible control over routing and keeps the network reliable.