research-article

A policy-aware switching layer for data centers

Authors:

Dilip A. Joseph,

Arsalan Tavakoli,

Ion StoicaAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 38, Issue 4

Pages 51 - 62

https://doi.org/10.1145/1402946.1402966

Published: 17 August 2008 Publication History

Abstract

Data centers deploy a variety of middleboxes (e.g., firewalls, load balancers and SSL offloaders) to protect, manage and improve the performance of applications and services they run. Since existing networks provide limited support for middleboxes, administrators typically overload path selection mechanisms to coerce traffic through the desired sequences of middleboxes placed on the network path. These ad-hoc practices result in a data center network that is hard to configure and maintain, wastes middlebox resources, and cannot guarantee middlebox traversal under network churn.

To address these issues, we propose the policy-aware switching layer or PLayer, a new layer-2 for data centers consisting of inter-connected policy-aware switches or pswitches. Unmodified middleboxes are placed off the network path by plugging them into pswitches. Based on policies specified by administrators, pswitches explicitly forward different types of traffic through different sequences of middleboxes. Experiments using our prototype software pswitches suggest that the PLayer is flexible, uses middleboxes efficiently, and guarantees correct middlebox traversal under churn.

References

[1]

Architecture Brief: Using Cisco Catalyst 6500 and Cisco Nexus 7000 Series Switching Technology in Data Center Networks. http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/White_Paper_C17--449427.pdf.

[2]

BalanceNG: The Software Load Balancer. http://www.inlab.de/balanceng.

[3]

Beth Israel Deaconess Medical Center. Network Outage Information. http://home.caregroup.org/templatesnew/departments/BID/network_outage/.

[4]

BladeLogic Sets Standard for Data Center Automation and Provides Foundation for Utility Computing with Operations Manager Version 5. Business Wire, Sept 15, 2003. http://findarticles.com/p/articles/mi_m0EIN/is_2003_Sept_15/ai_107753392/pg_2.

[5]

Cisco Catalyst 6500 Series Switches Solution. http://www.cisco.com/en/US/products/sw/iosswrel/ps1830/products_feature_guide09186a008008790d.html.

[6]

Cisco Systems. Spanning Tree Protocol Problems and Related Design Considerations. http://www.cisco.com/warp/public/473/16.html.

[7]

Microsoft: Datacenter Growth Defies Moore's Law. InfoWorld. April 18, 2007. http://www.pcworld.com/article/id,130921/article.html.

[8]

Net-SNMP. http://net-snmp.sourceforge.net.

[9]

NetFPGA. http://netfpga.org.

[10]

nuttcp. http://linux.die.net/man/8/nuttcp.

[11]

Policy based routing. http://www.cisco.com/warp/public/732/Tech/plicy_wp.htm.

[12]

Ruby on Rails. http://www.rubyonrails.org.

[13]

The netfilter.org project. http://netfilter.org.

[14]

US Search Engine Rankings. September 2007. http://searchenginewatch.com/showPage.html?page=3627654.

[15]

Cisco Data Center Infrastructure 2.1 Design Guide, 2006.

[16]

M. Arregoces and M. Portolani, Data Center Fundamentals. Cisco Press, 2003.

Digital Library

[17]

R. Bajcsy et. al., Cyber defense technology networking and evaluation. Commun. ACM, 47(3):58--61, 2004. http://deterlab.net.

Digital Library

[18]

M. Caesar, D. Caldwell, N. Feamster, J. Rexford, A. Shaikh, and J. van der Merwe. Design and Implementation of a Routing Control Platform. In NSDI 2005.

Digital Library

[19]

D. Caldwell, A. Gilbert, J. Gottlieb, A. Greenberg, G. Hjalmtysson, and J. Rexford. The Cutting EDGE of IP Router Configuration. In HotNets 2003.

[20]

M. Casado, M. J. Freedman, J. Pettit, J. Luo, N. McKeown, and S. Shenker. Ethane: Taking Control of the Enterprise. In SIGCOMM 2007.

Digital Library

[21]

K. Elmeleegy, A. Cox, and T. Ng. On Count-to-Infinity Induced Forwarding Loops in Ethernet Networks. In Infocom 2006.

[22]

R. Gold, P. Gunningberg, and C. Tschudin. A Virtualized Link Layer with Support for Indirection. In FDNA 2004.

Digital Library

[23]

A. Greenberg, G. Hjalmtysson, D. A. Maltz, A. Myers, J. Rexford, G. Xie, H. Yan, J. Zhan, and H. Zhang. A Clean Slate 4D Approach to Network Control and Management, In ACM SIGCOMM Computer Communication Review. 35(5). October, 2005.

Digital Library

[24]

D. Joseph, A. Tavakoli, and I. Stoica. A Policy-aware Switching Layer for Data Centers. Technical report, EECS Dept., University of California at Berkeley, June 2008.

[25]

E. Kohler, R. Morris, B. Chen, J. Jannotti, and M. F. Kaashoek. The Click modular router. ACM Transactions on Computer Systems, 18(3):263--297, August 2000.

Digital Library

[26]

K. Lakshminarayanan. Design of a Resilient and Customizable Routing Architecture. PhD thesis, EECS Dept., University of California, Berkeley, 2007.

[27]

A. Mahimkar, J. Dange, V. Shmatikov, H. Vin, and Y. Zhang. dFence: Transparent Network-based Denial of Service Mitigation. In NSDI 2007.

Digital Library

[28]

D. Oppenheimer, A. Ganapathi, and D. Patterson. Why do Internet services fail, and what can be done about it. In USENIX Symposium on Internet Technologies and Systems, 2003.

Digital Library

[29]

V. Paxson. Bro: A system for detecting network intruders in real-time. Computer Networks, 31(23-24):2435--2463, 1999.

Digital Library

[30]

I. Stoica, D. Adkins, S. Zhuang, S. Shenker, and S. Surana. Internet Indirection Infrastructure. In SIGCOMM 2002.

Digital Library

[31]

I. Stoica, R. Morris, D. Karger, M. F. Kaashoek, and H. Balakrishnan. Chord: A Scalable Peer-to-peer Lookup Service for Internet Applications. In SIGCOMM 2001.

Digital Library

[32]

M. Walfish, J. Stribling, M. Krohn, H. Balakrishnan, R. Morris, and S. Shenker. Middleboxes No Longer Considered Harmful. In OSDI 2004.

Digital Library

[33]

Y. Zhang, L. Breslau, V. Paxson, and S. Shenker. On the Characteristics and Origins of Internet Flow Rates. In SIGCOMM 2002.

Digital Library

Cited By

Gonzalez CTang B(2024)AggVNF: Aggregate VNF Allocation and Migration in Dynamic Cloud Data Centers2024 IEEE 10th International Conference on Network Softwarization (NetSoft)10.1109/NetSoft60951.2024.10588942(73-81)Online publication date: 24-Jun-2024
https://doi.org/10.1109/NetSoft60951.2024.10588942
Harkous HHosn BHe MJarschel MPries RKellerer W(2023)Performance-Aware Orchestration of P4-Based Heterogeneous Cloud EnvironmentsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.326798320:4(4765-4778)Online publication date: 1-Dec-2023
https://dl.acm.org/doi/10.1109/TNSM.2023.3267983
Kosar T(2023)Towards Zero-Carbon Data Movement at the HPC and Cloud Data Centers2023 IEEE John Vincent Atanasoff International Symposium on Modern Computing (JVA)10.1109/JVA60410.2023.00019(54-55)Online publication date: 5-Jul-2023
https://doi.org/10.1109/JVA60410.2023.00019
Show More Cited By

Index Terms

A policy-aware switching layer for data centers
1. Networks
  1. Network architectures
  2. Network properties
    1. Network range
      1. Local area networks
      2. Wide area networks

Recommendations

A policy-aware switching layer for data centers
SIGCOMM '08: Proceedings of the ACM SIGCOMM 2008 conference on Data communication

Data centers deploy a variety of middleboxes (e.g., firewalls, load balancers and SSL offloaders) to protect, manage and improve the performance of applications and services they run. Since existing networks provide limited support for middleboxes, ...
Towards Economical Live Migration in Data Centers
Economics of Grids, Clouds, Systems, and Services
Abstract
Live migration of virtual machines (VMs) enables maintenance, load balancing, and power management in data centers. The cost of live migration on several key metrics combined with strict service-level objectives (SLOs), however, typically limits ...
Multi-objective virtual machine selection for migrating in virtualized data centers
ICPCA/SWS'12: Proceedings of the 2012 international conference on Pervasive Computing and the Networked World

With the increasing deployment of large-scale virtualized datacenters, using virtual machine (VM) migration technology to consolidate VMs is becoming very important for improving the efficiency of data center. The primary prerequisite for VM ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 38, Issue 4

October 2008

436 pages

ISSN:0146-4833

DOI:10.1145/1402946

Issue’s Table of Contents

SIGCOMM '08: Proceedings of the ACM SIGCOMM 2008 conference on Data communication
August 2008
452 pages
ISBN:9781605581750
DOI:10.1145/1402958
General Chairs:
Victor Bahl
Microsoft Research
,
David Wetherall
Intel Research & University of Washington
,
Program Chairs:
Stefan Savage
University of California, San Diego
,
Ion Stoica
University of California, Berkeley

Copyright © 2008 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 August 2008

Published in SIGCOMM-CCR Volume 38, Issue 4

Check for updates

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

202
Total Citations
View Citations
1,567
Total Downloads

Downloads (Last 12 months)179
Downloads (Last 6 weeks)36

Reflects downloads up to 15 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gonzalez CTang B(2024)AggVNF: Aggregate VNF Allocation and Migration in Dynamic Cloud Data Centers2024 IEEE 10th International Conference on Network Softwarization (NetSoft)10.1109/NetSoft60951.2024.10588942(73-81)Online publication date: 24-Jun-2024
https://doi.org/10.1109/NetSoft60951.2024.10588942
Harkous HHosn BHe MJarschel MPries RKellerer W(2023)Performance-Aware Orchestration of P4-Based Heterogeneous Cloud EnvironmentsIEEE Transactions on Network and Service Management10.1109/TNSM.2023.326798320:4(4765-4778)Online publication date: 1-Dec-2023
https://dl.acm.org/doi/10.1109/TNSM.2023.3267983
Kosar T(2023)Towards Zero-Carbon Data Movement at the HPC and Cloud Data Centers2023 IEEE John Vincent Atanasoff International Symposium on Modern Computing (JVA)10.1109/JVA60410.2023.00019(54-55)Online publication date: 5-Jul-2023
https://doi.org/10.1109/JVA60410.2023.00019
Gao LChen YTang B(2023)Service Function Chain Placement in Cloud Data Center Networks: A Cooperative Multi-agent Reinforcement Learning ApproachGame Theory for Networks10.1007/978-3-031-23141-4_22(291-309)Online publication date: 8-Jan-2023
https://doi.org/10.1007/978-3-031-23141-4_22
Yang DCheng DRang WWang Y(2022)Joint Optimization of MapReduce Scheduling and Network Policy in Hierarchical Data CentersIEEE Transactions on Cloud Computing10.1109/TCC.2019.296165310:1(461-473)Online publication date: 1-Jan-2022
https://doi.org/10.1109/TCC.2019.2961653
Zhong JChen S(2021)Efficient multi-category packet classification using TCAMComputer Communications10.1016/j.comcom.2020.12.027169(1-10)Online publication date: Mar-2021
https://doi.org/10.1016/j.comcom.2020.12.027
Wu HLi XScoglio CGruenbacher D(2021) Security inspection resource allocation in real time using SDN SECURITY AND PRIVACY10.1002/spy2.1744:6Online publication date: 13-Jun-2021
https://doi.org/10.1002/spy2.174
Zadkhosh EBahramgiri HSabaei M(2020)Toward manageable middleboxes in software‐defined networkingETRI Journal10.4218/etrij.2018-056542:2(186-195)Online publication date: Apr-2020
https://doi.org/10.4218/etrij.2018-0565
Chen XChen YHuang QZhou HZhang DWu CXing J(2020)FastScale: Fast Scaling Out of Network FunctionsIEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)10.1109/INFOCOMWKSHPS50562.2020.9162751(436-442)Online publication date: Jul-2020
https://doi.org/10.1109/INFOCOMWKSHPS50562.2020.9162751
Shen DLiu HWang RDong FLi F(2020)ParaGraph: Subgraph-Level Network Function Composition With Delay Balanced ParallelismIEEE Access10.1109/ACCESS.2020.30352298(199308-199322)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.3035229
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents