• Corpus ID: 10817903

mOS: A Reusable Networking Stack for Flow Monitoring Middleboxes

@inproceedings{Jamshed2017mOSAR,
  title={mOS: A Reusable Networking Stack for Flow Monitoring Middleboxes},
  author={Muhammad Asim Jamshed and YoungGyoun Moon and Donghwi Kim and Dongsu Han and KyoungSoo Park},
  booktitle={NSDI},
  year={2017}
}
Stateful middleboxes, such as intrusion detection systems and application-level firewalls, have provided key functionalities in operating modern IP networks. However, designing an efficient middlebox is challenging due to the lack of networking stack abstraction for TCP flow processing. Thus, middlebox developers often write the complex flow management logic from scratch, which is not only prone to errors, but also wastes efforts for similar functionalities across applications. This paper… 
Microboxes: high performance NFV with customizable, asynchronous TCP stacks and dynamic subscriptions
TLDR
The proposed Microboxes is a novel service chaining abstraction designed to support transport- and application-layer middle-boxes, or even end-system like services, and can double throughput by consolidating stack operations and provide a 51% throughput gain by customizing TCP processing to the appropriate level.
Traffic-Aware Deployment of Interdependent NFV Middleboxes in Software-Defined Networks
TLDR
The optimal placement challenge of NFV middleboxes is addressed by considering middlebox traffic changing effects and dependency relations, as well as considering routing in an NFV network.
A Verified Session Protocol for Dynamic Service Chaining
TLDR
The Dysco protocol steers the packets of a TCP session through a service chain, and can dynamically reconfigure the chain for an ongoing session, and is provably correct, highly scalable, and able to reconfigure service chains across a range of middleboxes.
A Case for Spraying Packets in Software Middleboxes
TLDR
The system, Sprayer, solves the fundamental problems of per-flow solutions and addresses the new challenges of handling shared flow state that come with packet spraying and seamlessly uses the entire capacity, even when there is a single flow.
Programming Network Stack for Middleboxes with Rubik
TLDR
This work proposes Rubik, a language that greatly facilitates the task of middlebox stack programming, different from existing hand-written approaches, and offers various high-level constructs for relieving the operators from dealing with massive native code, so that they can focus on specifying their processing intents.
Building a chain of high-speed VNFs in no time: Invited Paper
TLDR
This work designs a system able to run a pipeline of VNFs with a high level of parallelism to handle many flows, and gives rise to a user-space software NFV data-plane enabling easy implementation of middlebox functionalities, as well as the deployment of complex scenarios.
OpenNetVM: A Platform for High Performance NFV Service Chains
TLDR
Improvements made to OpenNetVM since its initial open source release two years ago are presented, including new functionality such as more efficient service chaining and a TCP stack to allow integrated deployments of middleboxes and end host applications.
Per-Packet Load Balancing for Multi-Core Middleboxes
TLDR
This work shows that middleboxes can benefit from per-packet load balancing and provide a design and implementation that can run in existing hardware.
mmb: flexible high-speed userspace middleboxes
Nowadays, Internet actors have to deal with a strong increase in Internet traffic at many levels. One of their main challenge is building high-speed and efficient networking solutions. In such a
A New Approach to Network Function Virtualization
TLDR
This thesis argues that the current deployment strategy which relies on operators to ensure that network functions are configured to correctly implement policies, and then deploys these network functions as virtual machines, connected by virtual switches are ill- suited to NFV workload and proposes an alternative NFV framework based on the use of static techniques such as type checking and formal verification.
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 67 REFERENCES
Stateless Network Functions
TLDR
This paper proposes that network functions should be similarly redesigned to be stateless, and describes how stateless network functions can leverage recent advances in low-latency network systems to achieve acceptable performance.
DFC: Accelerating String Pattern Matching for Network Applications
TLDR
An efficient multi-pattern string matching algorithm, called DFC, which significantly reduces the number of memory accesses and cache misses by using small and cache-friendly data structures and avoids instruction pipeline stalls by minimizing sequential data dependency.
ModNet: A Modular Approach to Network Stack Extension
TLDR
ModNet is introduced, a lightweight kernel mechanism that allows demanding applications better customization of the TCP stack, while preserving existing network interfaces for unmodified applications, and is demonstrated by implementing a range of network server enhancements for demanding environments.
CliMB: Enabling Network Function Composition with Click Middleboxes
TLDR
CliMB provides a full-fledged modular TCP layer supporting TCP options, congestion control, both blocking and nonblocking I/O, as well as socket and zero-copy APIs to applications, and any TCP network function may now be realized in Click using a modular L2-L7 design.
netmap: A Novel Framework for Fast Packet I/O
  • L. Rizzo
  • Computer Science
    USENIX Annual Technical Conference
  • 2012
TLDR
The novelty in the proposal is not only that it exceeds the performance of most of previous work, but also that it provides an architecture that is tightly integrated with existing operating system primitives, not tied to specific hardware, and easy to use and maintain.
ClickOS and the Art of Network Function Virtualization
TLDR
This work introduces ClickOS, a high-performance, virtualized software middlebox platform, and implements a wide range of middleboxes including a firewall, a carrier-grade NAT and a load balancer and shows that ClickOS can handle packets in the millions per second.
mTCP: a Highly Scalable User-level TCP Stack for Multicore Systems
TLDR
mTCP is presented, a high-performance user-level TCP stack for multicore systems that addresses the inefficiencies from the ground up--from packet I/O and TCP connection management to the application interface and improves the performance of various popular applications.
Programming slick network functions
TLDR
Slick, a framework for programming network functions that allows a programmer to write a single high-level control program that specifies custom packet processing on precise subsets of traffic, allowing for more efficient use of network resources than solutions that solve each problem in isolation.
IX: A Protected Dataplane Operating System for High Throughput and Low Latency
TLDR
IX is presented, a dataplane operating system that provides high I/O performance, while maintaining the key advantage of strong protection offered by existing kernels, and outperforms Linux and state-of-the-art, user-space network stacks significantly in both throughput and end-to-end latency.
Design and Implementation of a Consolidated Middlebox Architecture
TLDR
CoMb is presented, a new architecture for middlebox deployments that systematically explores opportunities for consolidation, both at the level of building individual middleboxes and in managing a network of middleboxes.
...
1
2
3
4
5
...