Cadeia-Aberta: In-kernel SFC Architecture Using eBPF
Abstract
RFC 7665 proposes a reference architecture for Service Function Chaining (SFC) that splits all SFC functionality into a set of specialized elements. However, this approach relies on the underlying network infrastructure and requires communication between Service Functions (SF) and SFC elements. In this work, we propose Cadeia-Aberta: an architecture in which SFC elements are implemented transparently inside SFs kernel using Extended Berkeley Packet Filters (eBPF). A proof-of-concept prototype demonstrates that this approach allows direct communication between SFs and reduces communication overhead.
Keywords:
Network Function Virtualization, Service Function Chaining, Programmable Data Planes, eBPF
References
Abdelsalam, A., Clad, F., Filsfils, C., Salsano, S., Siracusano, G., and Veltri, L. (2017). Implementation of virtual network function chaining through segment routing in a linux-based NFV infrastructure. In 2017 IEEE Conference on Network Softwarization: Softwarization Sustaining a Hyper-Connected World: en Route to 5G, NetSoft 2017, pages 1–5. IEEE.
Ahmed, Z., Alizai, M. H., and Syed, A. A. (2018). Inkev: In-kernel distributed network virtualization for dcn. SIGCOMM Comput. Commun. Rev., 46(3):4:1– 4:6.
Bertrone, M., Miano, S., Risso, F., and Tumolo, M. (2018). Accelerating linux security with ebpf iptables. In Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos, SIGCOMM ’18, pages 108–110, New York, NY, USA. ACM.
Castanho, M. S., Dominicini, C. K., Villac¸a, R. S., Martinello, M., and Ribeiro, M. R. N. (2018). Phantomsfc: A fully virtualized and agnostic service function chaining architecture. In Computers and Communications (ISCC), 2018 IEEE Symposium on. IEEE.
Duchene, F., Jadin, M., and Bonaventure, O. (2018). Exploring various use cases for ipv6 segment routing. In Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos, SIGCOMM ’18, pages 129–131, New York, NY, USA. ACM.
Farinacci, D., Li, T., Hanks, S., Meyer, D., and Traina, P. (2000). Generic routing encapsulation (GRE). RFC 2784, IETF.
Gross, J., Ganga, I., and Sridhar, T. (2018). Geneve: Generic network virtualization encapsulation. Internet Draft, Work in progress, IETF.
Halpern, J. and Pignataro, C. (2015). Service function chaining (SFC) architecture. RFC 7665, IETF.
Jouet, S., Cziva, R., and Pezaros, D. P. (2015). Arbitrary packet matching in openflow. In 2015 IEEE 16th International Conference on High Performance Switching and Routing (HPSR), pages 1–6.
Kicinski, J. and Viljoen, N. (2016). ebpf hardware offload to smartnics: cls bpf and xdp. Proceedings of netdev, 1.
Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, L., Sridhar, T., Bursell, M., and Wright, C. (2014). Virtual extensible local area network (VXLAN): A framework for overlaying virtualized layer 2 networks over layer 3 networks. RFC 7348, IETF.
McCanne, S. and Jacobson, V. (1993). The bsd packet filter: A new architecture for user-level packet capture. In Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings, USENIX’93, pages 2–2, Berkeley, CA, USA. USENIX Association.
Miano, S., Bertrone, M., Risso, F., Tumolo, M., Bernal, M. V., and Tumolo, M. (2018). Creating Complex Network Services with eBPF: Experience and Lessons Learned. High Performance Switching and Routing (HPSR). IEEE, pages 1–8.
Mijumbi, R., Serrat, J., Gorricho, J. L., Bouten, N., De Turck, F., and Boutaba, R. (2016). Network function virtualization: State-of-the-art and research challenges. IEEE Communications Surveys and Tutorials, 18(1):236–262.
Orebaugh, A., Ramirez, G., and Beale, J. (2006). Wireshark & Ethereal network protocol analyzer toolkit. Elsevier.
Pacífico, R. D., Coelho, G. R., Vieira, M. A., and Nacif, J. A. (2018). Roteador sdn em hardware independente de protocolo com análise, casamento e ações dinâmicas. In Simpósio Brasileiro de Redes de Computadores (SBRC), volume 36.
Pfaff, B., Pettit, J., Koponen, T., Jackson, E. J., Zhou, A., Rajahalme, J., Gross, J., Wang, A., Stringer, J., Shelar, P., Amidon, K., and Casado, M. (2015). The design and implementation of open vswitch. In Proceedings of the 12th USENIX Conference on Networked Systems Design and Implementation, NSDI’15, pages 117– 130, Berkeley, CA, USA. USENIX Association.
Qazi, Z. A., Tu, C.-C., Chiang, L., Miao, R., Sekar, V., and Yu, M. (2013). SIMPLE-fying middlebox policy enforcement using SDN. ACM SIGCOMM Computer Communication Review, 43(4):27–38.
Quinn, P., Elzur, U., and Pignataro, C. (2018). Network service header (NSH). RFC 8300, IETF.
Quinn, P. and Nadeau, T. (2015). Problem statement for service function chaining. RFC 7498, IETF.
Tu, C., Stringer, J., and Pettit, J. (2017). Building an extensible open vswitch datapath. SIGOPS Oper. Syst. Rev., 51(1):72–77.
Xhonneux, M., Duchene, F., and Bonaventure, O. (2018). Leveraging ebpf for programmable network functions with ipv6 segment routing. In Proceedings of the 14th International Conference on Emerging Networking EXperiments and Technologies, CoNEXT ’18, pages 67–72, New York, NY, USA. ACM.
Ahmed, Z., Alizai, M. H., and Syed, A. A. (2018). Inkev: In-kernel distributed network virtualization for dcn. SIGCOMM Comput. Commun. Rev., 46(3):4:1– 4:6.
Bertrone, M., Miano, S., Risso, F., and Tumolo, M. (2018). Accelerating linux security with ebpf iptables. In Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos, SIGCOMM ’18, pages 108–110, New York, NY, USA. ACM.
Castanho, M. S., Dominicini, C. K., Villac¸a, R. S., Martinello, M., and Ribeiro, M. R. N. (2018). Phantomsfc: A fully virtualized and agnostic service function chaining architecture. In Computers and Communications (ISCC), 2018 IEEE Symposium on. IEEE.
Duchene, F., Jadin, M., and Bonaventure, O. (2018). Exploring various use cases for ipv6 segment routing. In Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos, SIGCOMM ’18, pages 129–131, New York, NY, USA. ACM.
Farinacci, D., Li, T., Hanks, S., Meyer, D., and Traina, P. (2000). Generic routing encapsulation (GRE). RFC 2784, IETF.
Gross, J., Ganga, I., and Sridhar, T. (2018). Geneve: Generic network virtualization encapsulation. Internet Draft, Work in progress, IETF.
Halpern, J. and Pignataro, C. (2015). Service function chaining (SFC) architecture. RFC 7665, IETF.
Jouet, S., Cziva, R., and Pezaros, D. P. (2015). Arbitrary packet matching in openflow. In 2015 IEEE 16th International Conference on High Performance Switching and Routing (HPSR), pages 1–6.
Kicinski, J. and Viljoen, N. (2016). ebpf hardware offload to smartnics: cls bpf and xdp. Proceedings of netdev, 1.
Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger, L., Sridhar, T., Bursell, M., and Wright, C. (2014). Virtual extensible local area network (VXLAN): A framework for overlaying virtualized layer 2 networks over layer 3 networks. RFC 7348, IETF.
McCanne, S. and Jacobson, V. (1993). The bsd packet filter: A new architecture for user-level packet capture. In Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings, USENIX’93, pages 2–2, Berkeley, CA, USA. USENIX Association.
Miano, S., Bertrone, M., Risso, F., Tumolo, M., Bernal, M. V., and Tumolo, M. (2018). Creating Complex Network Services with eBPF: Experience and Lessons Learned. High Performance Switching and Routing (HPSR). IEEE, pages 1–8.
Mijumbi, R., Serrat, J., Gorricho, J. L., Bouten, N., De Turck, F., and Boutaba, R. (2016). Network function virtualization: State-of-the-art and research challenges. IEEE Communications Surveys and Tutorials, 18(1):236–262.
Orebaugh, A., Ramirez, G., and Beale, J. (2006). Wireshark & Ethereal network protocol analyzer toolkit. Elsevier.
Pacífico, R. D., Coelho, G. R., Vieira, M. A., and Nacif, J. A. (2018). Roteador sdn em hardware independente de protocolo com análise, casamento e ações dinâmicas. In Simpósio Brasileiro de Redes de Computadores (SBRC), volume 36.
Pfaff, B., Pettit, J., Koponen, T., Jackson, E. J., Zhou, A., Rajahalme, J., Gross, J., Wang, A., Stringer, J., Shelar, P., Amidon, K., and Casado, M. (2015). The design and implementation of open vswitch. In Proceedings of the 12th USENIX Conference on Networked Systems Design and Implementation, NSDI’15, pages 117– 130, Berkeley, CA, USA. USENIX Association.
Qazi, Z. A., Tu, C.-C., Chiang, L., Miao, R., Sekar, V., and Yu, M. (2013). SIMPLE-fying middlebox policy enforcement using SDN. ACM SIGCOMM Computer Communication Review, 43(4):27–38.
Quinn, P., Elzur, U., and Pignataro, C. (2018). Network service header (NSH). RFC 8300, IETF.
Quinn, P. and Nadeau, T. (2015). Problem statement for service function chaining. RFC 7498, IETF.
Tu, C., Stringer, J., and Pettit, J. (2017). Building an extensible open vswitch datapath. SIGOPS Oper. Syst. Rev., 51(1):72–77.
Xhonneux, M., Duchene, F., and Bonaventure, O. (2018). Leveraging ebpf for programmable network functions with ipv6 segment routing. In Proceedings of the 14th International Conference on Emerging Networking EXperiments and Technologies, CoNEXT ’18, pages 67–72, New York, NY, USA. ACM.
Published
2019-05-06
How to Cite
CASTANHO, Matheus S.; DOMINICINI, Cristina K.; VIEIRA, Marcos A. M..
Cadeia-Aberta: In-kernel SFC Architecture Using eBPF. In: BRAZILIAN SYMPOSIUM ON COMPUTER NETWORKS AND DISTRIBUTED SYSTEMS (SBRC), 37. , 2019, Gramado.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2019
.
p. 763-776.
ISSN 2177-9384.
DOI: https://doi.org/10.5753/sbrc.2019.7401.
