Design and Implementation of a Data Plane for
- Slides: 20
Design and Implementation of a Data Plane for the Open. Box Framework Pavel Lazar March 2016 This research was supported by the European Research Council under the European Union’s Seventh Framework Programme (FP 7/2007 -2013)/ERC Grant agreement no 259085.
Outline • • Open. Box Background The Open. Box Framework OBI Design Challenges OBI Architecture OBI Implementation Performance Future Work Summary
Background - The problem Network Functions (Middleboxes: - High cost - Limited and separate management - Limited provisioning and scalability - No multi-tenancy - Limited functionality and limited innovation - Similar processing steps, no re-use
Background - The Open. Box solution • Bring Software-Defined Control to the middlebox. • Decouple network function control from their data plane • Unifies data plane of multiple network functions. Open. Box Controller SDN Controller OBI OBI
Firewall: Drop Read Packets Header Classifier Regex Classifier IPS Output Read Packets Alert Read Packets Header Classifier Alert (Firewall) Regex Classifier Header Classifier Alert (IPS) Alert (Firewall) Drop Regex Classifier Alert Output
The Open. Box Framework Open. Box Applications NB API Open. Box Controller Control Plane Data Plane Open. Box Protocol Open. Box Service Instances
OBI Design challenges OBC Open. Box Protocol OBI Input Traffic Output Traffic
OBI Design challenges OBC Open. Box Protocol Message Handling Configuration Builder Generic Manager Control Input Traffic Execution Engine Output Traffic
OBI Architecture
OBI Architecture – Generic Manager
OBI Architecture – Execution Engine
OBI Implementation - Generic Manager
OBI Implementation –Set Graph Flow Example 1 10 2 3 4 5 6 7 9 8
OBI Execution Engine - Click • Element is the basic building block • Router: Elements connected by edges • Describes possible packet flows
OBI Execution Engine – Click package Open. Box Package Chatter. Message String. Classifier Push. Message String. Matcher Regex. Classifier Regex. Matcher Group. Regex. Matcher Network. Direction. Swap Multi. Counter Network. Header. Fields. Rewriter Auto. Mark. IPHeader
Open. Box Processing Graph to Click Configuration Header New Payload Classifier From. Device Discard To. Device From. Device Auto. Mark Ip. Header Regex. Classifier Counter Discard Content Multi. Counter Classifier New Click Classifier elements Regex. Classifier To. Device
Performance – Packet Processing • Firewall – 4560 header rules: – Throughput: 840 Mbps, – Latency: 48 us • IPS – Snort rules (Header + Payload): – Throughput: 454 Mbps – Latency: 76 us
Performance – Time Measurements • Startup time: 2. 1 seconds • Set Processing Graph*: 1250 ms • Global Stats: < 2 ms • Read Handler: 8 ms • Log message: < 2 ms
Possible Future Work • • • Implement additional blocks Add more elements Improve data flow between OBIs Add Execution Engine optimization inside the Configuration. Builder Implement Click packet processing improvement researches Or even, replace Click with a different engine (HW)
Summary • • • Helped implementing the Open. Box Protocol Designed an Open. Box Instance architecture. Implemented an OBI to be used within the Open. Box project. Used Click as the Execution Engine. Easy to improve and add features
Data plane control plane and management plane
Design and implementation of data plane
Forwarding equivalence class (fec)
Mapping between s plane and z plane
Plane stress plane strain
Network security design and implementation
User interface design and implementation
Cobit 2019 foundation exam questions
Accessible learning experience design and implementation
Azure deployment planning services
Pearson physics
Channel design and implementation
Advanced compiler design and implementation
Database system design implementation and management
Distributed shared memory
Host-target development
System design implementation and operation
I kp
Database systems design implementation and management
Implementation design principles
Fspos
