A kernel-space POF virtual switch

https://doi.org/10.1016/j.compeleceng.2016.04.022Get rights and content

Abstract

Protocol Oblivious Forwarding (POF) aims at providing a standard southbound interface for sustainable Software Defined Networking (SDN) evolvement. It overcomes the limitations of popular OpenFlow protocols (an existing widely-adopted southbound interface), through the enhancement of SDN forwarding plane. This paper pioneers the design and implementation of a Kernel-space POF Virtual Switch (K_POFVS) on Linux platform. K_POFVS can improve the packet processing speed, through fast packet forwarding and the capability of adding/deleting/modifying protocol fields in kernel space. In addition, it is able to enhance flow table matching speed, by separating the mask table (consisting of flow entry masks used to figure out the matching field) and the flow table under a caching mechanism. Furthermore, K_POFVS can achieve efficient communication between the kernel space and the user space, via extending the netlink communication between them. Experimental results show that K_POFVS can provide much better performance than existing user-space POF virtual switches, in terms of packet forwarding delay, packet processing delay and packet transmission rate.

Introduction

The Software Defined Networking (SDN) [1] is an emerging network architecture. It significantly reduces the diversity of hardware devices in the network through separating the control plane and the forwarding plane [2], thereby reducing the network complexity and capital expenditure (CAPEX). The logically centralized controller in SDN can facilitate the network management, and, thus can reduce the network operational expenditure (OPEX). In addition, SDN is a promising architecture to foster the protocol innovations due to the shortened development and deployment lifecycle. The open SDN southbound interface breaks the traditional closed network equipment, facilitating users to dynamically adjust the network configuration according to their instant needs [3]. Among the many SDN reference architectures, OpenFlow as a popular southbound interface has been widely recognized by both academia and industry [4]. However, it faces several challenges with the development of OpenFlow. For example, the number of matching fields are increased from 12 to 41 as the introduction of new versions, and more matching fields would be needed for emerging and new applications [5]; several versions of OpenFlow protocols are not compatible with the others. The root cause of these problems is that OpenFlow cannot recognize the fields of unknown protocols, since it is a protocol-dependent southbound interface [6].

Protocol Oblivious Forwarding (POF) is an enhancement to OpenFlow-based SDN forwarding plane, which does not need to understand specific packet format. Thus, new network protocols and services can be supported without modifying the network device code [7]. To achieve this purpose, POF leverages {offset, length} data structure to define the protocol field based on its Flow Instruction Set (FIS). The combination of different instructions can perform parsing, editing and forwarding actions of data packets. FIS enables forwarding rules and forwarding device independent, improving the extensibility of forwarding plane, which truly realizes the separation of control plane and data forwarding plane [8]. With POF, users are able to quickly deploy customized applications in real-world networking environment and do not have to upgrade the hardware equipment.

Network Virtualization (NV) has become a popular topic in recent years, including a broad set of technologies like Virtual Local Area Networks (VLANs) [9]. The virtual switch is an important branch of NV, which connects the physical host and virtual machines. It also provides a large number of virtual network ports for virtual machines. The virtual switch can solve the link redundancy problem of traditional networks, reducing the hardware cost and improving the utilization of network resources. The Open vSwitch (OVS), a virtual switch of OpenFlow, is the main software equipment of the forwarding plane for OpenFlow-based SDN deployment, in particular in the NV environment [10]. The OVS supports flexible forwarding strategy, improves the link and port utilization, simplifies the operation and maintenance complexity, shortens the design lifecycle and reduces the hardware cost. However, the limitations of OpenFlow also apply to OVS, resulting in the explosion of the number of matching fields in the flow table of OVS which can cause the network overload issues [11]. In addition, different versions of OpenFlow protocols have different flow table structures, increasing the maintenance cost of control plane in OVS.

The virtual switch of POF performs the data packet forwarding through FIS, so that it does not need to be aware of network protocols and forwarding processes. The existing POF virtual switch developed in the user space would produce several issues on the system performance, e.g., the increase in the time overhead when performing system function invocations. The kernel-space POF virtual switch is able to improve the system performance; however, its design possesses several challenges, including the function set partitioning problem, the contradiction between the high-speed flow table matching in the kernel space and the high communication cost between the user space and the kernel space, and the communication methods between the user space and the kernel space. These problems are essential in the design of a high-performance kernel space virtual switch for POF.

This paper targets at these challenging problems and pioneers the design and implementation of a Kernel-space POF Virtual Switch (K_POFVS) on Linux platform based on POF FIS. K_POFVS is able to provide the fast packet forwarding and the capability of adding/deleting/modifying protocol fields in the kernel space, improving the data packet processing speed. It can separate the mask table and the flow table based on a caching mechanism, enhancing the speed of flow table matching. Furthermore, K_POFVS extends the Net-link communication between the kernel space and the user space, achieving an efficient communication between them. A test environment is established in Ubuntu 14.04 Linux platform to evaluate the performance of the developed K_POFVS. Experimental results show that K_POFVS can provide much better performance than existing POF virtual switches developed in the user space, in terms of packet forwarding delay, packet processing delay and packet transmission rate.

The rest of this paper is organized as follows. Section 2 introduces the related work on virtual switches. Section 3 presents the design and implementation of K_POFVS. The performance experiments and comparisons of K_POFVS are given in Section 4. Finally, Section 5 concludes this study.

Section snippets

Related work

The virtual switch provides layer 2 network access and part of the layer 3 network functions for virtual machines. These functions can provide a large number of virtual network ports and high-speed online interfaces, so as to reduce the cost of equipment, improve the flexibility of network configuration, and enhance the utilization of network resources. The virtual switch can be implemented in the form of either hardware, e.g., Virtual Ethernet Port Aggregator (VEPA) technology [12] or

POF overview

POF can support any new protocols without modifying the code of forwarding devices. The protocol filed is defined using the data structure of {offset, length}, where the offset indicates the relative offset of the protocol field, and the length indicates the length of the protocol field.

Fig. 1 shows the reply packet of ARP protocol processing based on the POF architecture, where {96, 16} represents the Type field, {160, 16} denotes the op-code of ARP, and {304, 32} is the destination IP

Performance measurement and analysis

Extensive experimental results are conducted to evaluate the performance of the developed K_POFVS. In particular, we compare the performance of K_POFVS with that of the existing U_POFVS in terms of several key performance metrics to show its relative merits.

The experimental environment in a PC is depicted in Fig. 5, with the system configuration shown in Table 1. The developed K_POFVS and the existing U_POFVS are installed in the virtual switch. The virtual switch establishes bridge br0, and

Conclusions

Protocol Oblivious Forwarding (POF) can readily extend the application scenarios of OpenFlow-based SDN architecture. It provides a stable and future-proof forwarding plane, truly realizing the separation of control plane and data forwarding plane. POF does not need to understand the packet format in the forwarding plane, and can support any existing and emerging protocols. Due to the important role of virtual switch, this paper has designed and implemented a Kernel-space POF Virtual Switch

Acknowledgements

This work is partially supported by the National Program on Key Basic Research Project of China (973 Program) under Grant No. 2012CB315803, the Strategic Priority Research Program of the Chinese Academy of Sciences under grant No. XDA06010306, the National Natural Science Foundation of China under Grant No. 61303241, and the University of Exeter's Innovation Platform – Link Fund under Award No. LF207.

Xiaoxiao Li is a graduate student at Institute of Information Engineering, Chinese academy of sciences. She received the bachelor's degree in Software Engineering from Sichuan University, China, in 2009. Her research interests include protocol oblivious forwarding and future Internet architecture.

References (22)

  • N. Mckeown et al.

    OpenFlow: enabling innovation in campus networks

    ACM SIGCOMM Comput Commun Rev

    (2008)
  • D. Kreutz et al.

    Software-defined networking: a comprehensive survey

    Proc IEEE

    (2014)
  • B.A.A. Nunes et al.

    A survey of software-defined networking: Past, present, and future of programmable networks

    IEEE Commun Surv Tut

    (2014)
  • HuF. et al.

    A survey on software-defined network and openflow: from concept to implementation

    IEEE Commun Surv Tut

    (2014)
  • LiH. et al.

    Radio access network virtualization for the social Internet of Things

    IEEE Cloud Comput

    (2015)
  • SongH.

    Protocol-oblivious forwarding: unleash the power of SDN through a future-proof forwarding plane

  • YuJ. et al.

    Forwarding programming in protocol-oblivious instruction set

  • SongH. et al.

    Unified POF programming for diversified SDN data plane

    Eprint Arxiv

    (2014)
  • N.M. Mosharaf Kabir Chowdhury et al.

    A survey of network virtualization

    Comput Netw

    (2010)
  • B. Han et al.

    Network function virtualization: Challenges and opportunities for innovations

    IEEE Commun Mag

    (2015)
  • M. Jarschel et al.

    Modeling and performance evaluation of an OpenFlow architecture

  • Cited by (4)

    Xiaoxiao Li is a graduate student at Institute of Information Engineering, Chinese academy of sciences. She received the bachelor's degree in Software Engineering from Sichuan University, China, in 2009. Her research interests include protocol oblivious forwarding and future Internet architecture.

    Yulei Wu is a Lecturer in Computer Science at the University of Exeter. He received his Ph.D. degree in Computing and Mathematics from the University of Bradford, UK, in 2010. His current research focuses on Future Internet Architecture, Wireless Networks and Mobile Computing, Cloud Computing, Big Data for Networking, and Performance Modelling and Analysis.

    Yuepeng E received his Ph.D. degree in computer software and theory at the Graduate University of Chinese Academy of Sciences, China, in 2012. He is now an Associate Professor and his research interests include future network architecture and network testbeds.

    Jingguo Ge received a Ph.D. degree in computer system architecture from the Institute of Computing Technology at the Chinese Academy of Sciences in 2003. His research focuses on future network architectures and protocols, wireless networks, and mobile computing.

    Hongbo Zheng received the M.S. degree in Computer Application Technology from Beijing Institute of Technology, China, in 2001. He worked in Telecom industry to develop IP routers, Ethernet and ATM switches before joining Institute of Information Engineering, Chinese Academy of Science early 2015. His current research interests include Software Defined Networking, Protocol Oblivious Forwarding, future Internet Architecture and Security.

    Chunjing Han is a senior engineer at Institute of Information Engineering, Chinese academy of sciences (CAS). She received her master degree in Computer Software and Theory from CNIC, CAS in 2005. Her research interests include future Internet and Internet measurement.

    Honglei Lv is a senior engineer at Institute of Information Engineering, Chinese academy of sciences (CAS). She received her master degree in Computer Applications from CNIC, CAS in 2007. Her current research interests include future Internet and Internet measurement.

    View full text