NetBricks Aurojit Panda, Sangjin Han, Keon Jang, Melvin Walls, Sylvia Ratnasamy, Scott Shenker

Motivation •

Need to rewrite NFs for ZCSI, so consider a new programming model.

Motivation •

Need to rewrite NFs for ZCSI, so consider a new programming model.

•

Goals:

Motivation •

Need to rewrite NFs for ZCSI, so consider a new programming model.

•

Goals: •

Easy to develop NFs.

Motivation •

Need to rewrite NFs for ZCSI, so consider a new programming model.

•

Goals: •

Easy to develop NFs.

•

Performance comparable to what can be achieved today.

Motivation •

Need to rewrite NFs for ZCSI, so consider a new programming model.

•

Goals: •

Easy to develop NFs.

•

Performance comparable to what can be achieved today.

•

Generality allow a range of NFs to be efficiently expressed in framework.

Motivation •

Need to rewrite NFs for ZCSI, so consider a new programming model.

•

Goals:

•

•

Easy to develop NFs.

•

Performance comparable to what can be achieved today.

•

Generality allow a range of NFs to be efficiently expressed in framework.

Note: Considering NFs like IDSes, etc., not things expressible in P4 hardware.

Status Quo •

DPDK/Netmap/...: High-performance low-level library.

•

Click: Higher-level but does not provide performance.

•

Observation: NFs built using either approach exhibit common patterns •

However, it is not easy to generalize patterns for reuse.

Common Patterns +

Core 1

+ Core 2

+ + Input

Mux

Core 3 State

Processing

Core 4

Demux

Output

Common Patterns Must scale across cores.

+

Core 1

+ Core 2

+ + Input

Mux

Core 3 State

Processing

Core 4

Demux

Output

Common Patterns Split packets across cores for scaling +

Core 1

+ Core 2

+ + Input

Mux

Core 3 Counters

Counter

Core 4

Demux

Output

Common Patterns Split packets across cores for scaling +

Core 1

+ Core 2

Might even use + hardware for this. + Input

Mux

Core 3 Counters

Counter

Core 4

Demux

Output

Common Patterns Design data structure and algorithm to avoid cross-core access.

+

Core 1

+ Core 2

+ + Input

Mux

Core 3 Counters

Counter

Core 4

Demux

Output

Common Patterns Design data structure and algorithm to avoid cross-core access.

+

Core 1

+ Core 2

+ +

Core 3 Counters

Batch operations to get Inputperformance: Mux how to batch Counter depends on operation.

Core 4

Demux

Output

NetBricks Model •

•

Provide a fixed set of high-level abstractions. •

Implemented and optimized by framework, representing common patterns.

•

Responsible for performance and simplicity.

Many abstractions can be customized with user-defined function. •

Provides generality.

•

NF writers responsible for implementing and optimizing these functions.

NetBricks Abstractions Packet Processing Abstractions Parse/Deparse

Parse (or undo parsing for) a header from the packet.

Transform

Operate on the packet header and payload.

Filter

Drop packet whose header or payload meet some criterion. Byte Stream Processing Abstractions

Window

Use a sliding window to gather packet payload and call a function.

Packetize

Segment a byte array into a sequence of packets, Control Flow

Group By

Branch control flow between abstractions.

Shuffle

Indicate locality requirements when scaling NFs across cores.

Merge

Merge control from branches. State Abstractions

Bounded Consistency State

State store with tunable consistency specification. Schedulabe Abstractions

Invoke

Periodically execute a function.

Example: Maglev •

Maglev: Network load balancer from Google (NSDI’16).

•

Main contribution: a novel consistent hashing algorithm for load balancing. •

Most of the work in common optimization: batching, scaling cross core.

•

NetBricks implementation is 85 lines (55 of which is for lookup table).

•

Performance is comparable to Google’s reported performance •

NetBricks: 4Mpps/core, Reported: 2.5Mpps/core

Other NFs •

We have implemented a range of NFs in NetBricks including •

ACL based firewall.

•

NAT

•

Signature matching (emulating an IDS like Snort).

Future Work •

NetBricks shows that it is realistic to build NFs in a high-level framework.

•

Providing performance isolation and richer scheduling.

•

Building more NFs.

•

•

Currently considering building an EPC

•

Contact us if you have other suggestions.

Integrating with the other projects in E2.