research-article

Free access

Enabling fast, dynamic network processing with clickOS

Authors:

Felipe HuiciAuthors Info & Claims

HotSDN '13: Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking

Pages 67 - 72

https://doi.org/10.1145/2491185.2491195

Published: 16 August 2013 Publication History

Abstract

Middleboxes are both crucial to today's networks and ubiquitous, but embed knowledge of today's protocols and applications to the detriment of those of tomorrow, making the network harder to evolve. SDNs seek to make it easier to extend the network with new functionality, but most of the research effort has focused on the network's control plane, that is, how packets are switched are routed through a SDN.

Given the pervasiveness and importance of middleboxes, we believe that a fully programmable network should also be able to dynamically instantiate and quickly move middlebox functionality. In this paper we shift focus towards making the data plane more programmable by introducing ClickOS, a tiny, Xen-based virtual machine that can run a wide range of middleboxes. ClickOS is small (5MB when running), can be instantiated in very small times (roughly 30 milliseconds) and can fill up a 10Gb pipe while concurrently running 128 vms on a low-cost commodity server.

References

[1]

P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebauer, I. Pratt, and A. Warfield. Xen and the Art of Virtualization. In Proc. ACM SOSP, 2003, New York, NY, USA, 2003. ACM.

Digital Library

[2]

Cisco. Cisco Cloud Services Router 1000v Data Sheet. http://www.cisco.com/en/US/prod/collateral/routers/ps12558/ps12559/data_sheet_c78-705395.html, July 2012.

[3]

Click Modular Router. Click Elements. http://read.cs.ucla.edu/click/click, March 2013.

[4]

M. Dobrescu, N. Egi, K. Argyraki, B.-G. Chun, K. Fall, G. Iannaccone, A. Knies, M. Manesh, and S. Ratnasamy. Routebricks: exploiting parallelism to scale software routers. In Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, SOSP '09, pages 15--28, New York, NY, USA, 2009. ACM.

Digital Library

[5]

Erlang on Xen. Erlang on Xen. http://erlangonxen.org/, July 2012.

[6]

M. Honda, Y. Nishida, C. Raiciu, A. Greenhalgh, M. Handley, and H. Tokuda. Is it still possible to extend tcp? In Proc. ACM IMC, 2011.

Digital Library

[7]

A. Kivity, Y. Kamay, K. Laor, U. Lublin, and A. Liguori. Kvm: The linux virtual machine monitor. In Proc. of the Linux Symposium, 2007.

[8]

E. Kohler, R. Morris, B. Chen, J. Jannotti, and M. F. Kaashoek. The click modular router. ACM Transactions on Computer Systems, August 2000, 2000.

Digital Library

[9]

G. Liao, D. Guo, L. Bhuyan, and S. R. King. Software techniques to improve virtualized i/o performance on multi-core systems. In Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, ANCS '08, pages 161--170, New York, NY, USA, 2008. ACM.

Digital Library

[10]

Luigi Rizzo. VALE, a Virtual Local Ethernet. http://info.iet.unipi.it/~luigi/vale/, July 2012.

[11]

A. Madhavapeddy, R. Mortier, C. Rotsos, D. Scott, B. S. T. Gazagnaire, S. Smith, S. Hand, and J. Crowcroft. Unikernels: Library operating systems for the cloud. In Proc. of Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2013.

Digital Library

[12]

A. Madhavapeddy, R. Mortier, R. Sohan, T. Gazagnaire, S. Hand, T. Deegan, D. McAuley, and J. Crowcroft. Turning down the lamp: software specialisation for the cloud. In Proceedings of the 2nd USENIX conference on Hot topics in cloud computing, HotCloud'10, pages 11{11, Berkeley, CA, USA, 2010. USENIX Association.

Digital Library

[13]

K. Mansley, G. Law, D. Riddoch, G. Barzini, N. Turton, and S. Pope. Getting 10 gb/s from xen: safe and fast device access from unprivileged domains. In Proceedings of the 2007 conference on Parallel processing, Euro-Par'07, pages 224--233, Berlin, Heidelberg, 2008. Springer-Verlag.

Digital Library

[14]

Minix3. Minix3. http://www.minix3.org/, July 2012.

[15]

MIT Parallel and Distributed Operating Systems Group. MIT Exokernel Operating System. http://pdos.csail.mit.edu/exo.html, March 2013.

[16]

Open vSwitch. Production Quality, Multilayer Open Virtual Switch. http://openvswitch.org/, March 2013.

[17]

OpenVZ. Welcome to OpenVZ Wiki. http://wiki.openvz.org/Main_Page, July 2012.

[18]

K. K. Ram, J. R. Santos, Y. Turner, A. L. Cox, and S. Rixner. Achieving 10 gb/s using safe and transparent network interface virtualization. In Proc. ACM VEE, 2009, VEE '09, 2009.

Digital Library

[19]

K. K. Ram, J. R. Santos, Y. Turner, A. L. Cox, and S. Rixner. Achieving 10 gb/s using safe and transparent network interface virtualization. In Proceedings of the 2009 ACM SIGPLAN/SIGOPS international conference on Virtual execution environments, VEE '09, pages 61{70, New York, NY, USA, 2009. ACM.

Digital Library

[20]

L. Rizzo. netmap: A novel framework for fast packet i/o. In Proc. USENIX Annual Technical Conference, 2012.

Digital Library

[21]

L. Rizzo, M. Carbone, and G. Catalli. Transparent acceleration of software packet forwarding using netmap. In A. G. Greenberg and K. Sohraby, editors, INFOCOM, pages 2471--2479. IEEE, 2012.

[22]

J. R. Santos, Y. Turner, G. Janakiraman, and I. Pratt. Bridging the gap between software and hardware techniques for i/o virtualization. In USENIX 2008 Annual Technical Conference on Annual Technical Conference, ATC'08, pages 29--42, Berkeley, CA, USA, 2008. USENIX Association.

Digital Library

[23]

J. Sherry, S. Hasan, C. Scott, A. Krishnamurthy, S. Ratsanamy, and V. Sekarl. Making middleboxes someone else's problem: Network processing as a cloud service. In Proc. ACM SIGCOMM, 2012.

Digital Library

[24]

U. Steinberg and B. Kauer. Nova: a microhypervisor-based secure virtualization architecture. In Proceedings of the 5th European conference on Computer systems, EuroSys '10, pages 209--222, New York, NY, USA, 2010. ACM.

Digital Library

[25]

VMware. VMware Virtualization Software for Desktops, Servers and Virtual Machines for Public and Private Cloud Solutions. http://www.vmware.com, July 2012.

[26]

Vyatta. The Open Source Networking Community. http://www.vyatta.org/, July 2012.

[27]

A. Whitaker, M. Shaw, and S. D. Gribble. Scale and performance in the denali isolation kernel. SIGOPS Oper. Syst. Rev., 36(SI):195--209, Dec. 2002.

Digital Library

[28]

Wikipedia. L4 microkernel family. http://en.wikipedia.org/wiki/L4_microkernel_family, July 2012.

Cited By

Gain GSoldani CHuici FMathy LGavrilovska AAltınbüken DBinnig C(2022)Want more unikernels?Proceedings of the 13th Symposium on Cloud Computing10.1145/3542929.3563473(510-525)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3542929.3563473
Munikar MLei JLu HRao J(2022)Prism: Streamlined Packet Processing for Containers with Flow Prioritization2022 IEEE 42nd International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS54860.2022.00040(336-346)Online publication date: Jul-2022
https://doi.org/10.1109/ICDCS54860.2022.00040
Rahouti MXiong KXin YJagatheesaperumal SAyyash MShaheed M(2022)SDN Security Review: Threat Taxonomy, Implications, and Open ChallengesIEEE Access10.1109/ACCESS.2022.316897210(45820-45854)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3168972
Show More Cited By

Index Terms

Enabling fast, dynamic network processing with clickOS
1. Networks
  1. Network protocols

Recommendations

My VM is Lighter (and Safer) than your Container
SOSP '17: Proceedings of the 26th Symposium on Operating Systems Principles

Containers are in great demand because they are lightweight when compared to virtual machines. On the downside, containers offer weaker isolation than VMs, to the point where people run containers in virtual machines to achieve proper isolation. In this ...
Transparently bridging semantic gap in CPU management for virtualized environments

Consolidated environments are progressively accommodating diverse and unpredictable workloads in conjunction with virtual desktop infrastructure and cloud computing. Unpredictable workloads, however, aggravate the semantic gap between the virtual ...
A Technical Review for Efficient Virtual Machine Migration
CUBE '13: Proceedings of the 2013 International Conference on Cloud & Ubiquitous Computing & Emerging Technologies

This paper presents the recent technical research survey on the efficient live migration of virtual machines. Virtual machine migration is required for many reasons like load balancing, energy reduction, dynamic resizing, and to increase availability. ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

HotSDN '13: Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking

August 2013

182 pages

ISBN:9781450321785

DOI:10.1145/2491185

Program Chairs:
Nate Foster
Cornell University
,
Rob Sherwood
Big Switch Networks

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 August 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIGCOMM'13

Sponsor:

SIGCOMM

SIGCOMM'13: ACM SIGCOMM 2013 Conference

August 16, 2013

Hong Kong, China

Acceptance Rates

HotSDN '13 Paper Acceptance Rate 38 of 84 submissions, 45%;

Overall Acceptance Rate 88 of 198 submissions, 44%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

39
Total Citations
View Citations
732
Total Downloads

Downloads (Last 12 months)125
Downloads (Last 6 weeks)17

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gain GSoldani CHuici FMathy LGavrilovska AAltınbüken DBinnig C(2022)Want more unikernels?Proceedings of the 13th Symposium on Cloud Computing10.1145/3542929.3563473(510-525)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3542929.3563473
Munikar MLei JLu HRao J(2022)Prism: Streamlined Packet Processing for Containers with Flow Prioritization2022 IEEE 42nd International Conference on Distributed Computing Systems (ICDCS)10.1109/ICDCS54860.2022.00040(336-346)Online publication date: Jul-2022
https://doi.org/10.1109/ICDCS54860.2022.00040
Rahouti MXiong KXin YJagatheesaperumal SAyyash MShaheed M(2022)SDN Security Review: Threat Taxonomy, Implications, and Open ChallengesIEEE Access10.1109/ACCESS.2022.316897210(45820-45854)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3168972
Kuenzer SBădoiu VLefeuvre HSanthanam SJung AGain GSoldani CLupu CTeodorescu ŞRăducanu CBanu CMathy LDeaconescu RRaiciu CHuici FBarbalace ABhatotia PAlvisi LCadar C(2021)UnikraftProceedings of the Sixteenth European Conference on Computer Systems10.1145/3447786.3456248(376-394)Online publication date: 21-Apr-2021
https://dl.acm.org/doi/10.1145/3447786.3456248
Al-Surmi IRaddwan BAl-Baltah I(2021)Next Generation Mobile Core Resource Orchestration: Comprehensive Survey, Challenges and PerspectivesWireless Personal Communications10.1007/s11277-021-08517-wOnline publication date: 22-May-2021
https://doi.org/10.1007/s11277-021-08517-w
Patwardhan AJayarama DLimaye NVidhale SParekh ZHarfoush K(2020)SDN Security: Information Disclosure and Flow Table Overflow Attacks2019 IEEE Global Communications Conference (GLOBECOM)10.1109/GLOBECOM38437.2019.9014048(1-6)Online publication date: 17-Jun-2020
https://dl.acm.org/doi/10.1109/GLOBECOM38437.2019.9014048
Bonati LPolese MD’Oro SBasagni SMelodia T(2020)Open, Programmable, and Virtualized 5G Networks: State-of-the-Art and the Road AheadComputer Networks10.1016/j.comnet.2020.107516182(107516)Online publication date: Dec-2020
https://doi.org/10.1016/j.comnet.2020.107516
Fingler HAkshintala ARossbach C(2019)USETLProceedings of the 10th ACM SIGOPS Asia-Pacific Workshop on Systems10.1145/3343737.3343750(23-30)Online publication date: 19-Aug-2019
https://dl.acm.org/doi/10.1145/3343737.3343750
Nikoue JButakov SMalik Y(2019)Security Evaluation Methodology for Software Defined Network Solutions2019 International Conference on Platform Technology and Service (PlatCon)10.1109/PlatCon.2019.8669405(1-6)Online publication date: Jan-2019
https://doi.org/10.1109/PlatCon.2019.8669405
Doan TPajevic LBajpai VOtt J(2019)Tracing the Path to YouTubeIEEE Communications Magazine10.1109/MCOM.2018.180013257:1(80-86)Online publication date: 1-Jan-2019
https://dl.acm.org/doi/10.1109/MCOM.2018.1800132
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten