Ändra sökning
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Performance, Isolation and Service Guarantees in Virtualized Network Functions
KTH, Skolan för informations- och kommunikationsteknik (ICT), Kommunikationssystem, CoS, Network Systems Laboratory (NS Lab).ORCID-id: 0000-0003-0932-1831
2017 (Engelska)Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
Abstract [en]

A network is generally a collection of different hardware-based network devices carrying out various network functions, (NF). These NF implementations are special purpose and expensive. Network function virtualization (NFV) is an alternative which uses software-based implementation of NFs in inexpensive commodity servers. However, it is challenging to achieve high networking performance due to bottlenecks in software, particularly in a virtualized environment where NFs are implemented inside the virtual machines (VM). The performance isolation is yet another challenge, which means that the load on one VM should not affect the performance of other VMs. However, it is difficult to provide performance isolation due to resource contention in a commodity server. Furthermore, different NFs may require different service guarantees which are difficult to ensure due to the non-deterministic performance behavior of a commodity server.

In this thesis we investigate how the challenges of performance, isolation and service guarantees can be addressed for virtual routers (VR), as an example of a virtualized NF. It is argued that the forwarding path of a VR can be modified in an efficient manner in order to improve the forwarding performance. When it comes to performance isolation, poor isolation is observed due to shared network queues and CPU sharing among VRs. We propose a design with SR-IOV, which allows reserving a network queue and CPU core for each VR. As a result, the resource contention is reduced and strong performance isolation is achieved. Finally, it is investigated how average throughput and bounded packet delay can be guaranteed to VRs. We argue that a classic rate-controlled service discipline can be adapted in a virtual environment to achieve service guarantees. We demonstrate that firm service guarantees can be achieved with little overhead of adding token bucket regulator in the forwarding path of a VR.

Ort, förlag, år, upplaga, sidor
KTH Royal Institute of Technology, 2017. , s. 59
Nyckelord [en]
NFV, virtual router, service guarantee, scheduling, rate control
Nationell ämneskategori
Telekommunikation
Forskningsämne
Datalogi
Identifikatorer
URN: urn:nbn:se:kth:diva-206830ISBN: 978-91-7729-380-4 (tryckt)OAI: oai:DiVA.org:kth-206830DiVA, id: diva2:1094245
Disputation
2017-06-14, Sal C, kistagången 16, Kista, 13:00 (Engelska)
Opponent
Handledare
Anmärkning

QC 20170511

Tillgänglig från: 2017-05-11 Skapad: 2017-05-09 Senast uppdaterad: 2018-04-20Bibliografiskt granskad
Delarbeten
1. Performance Evaluation of Open Virtual Routers
Öppna denna publikation i ny flik eller fönster >>Performance Evaluation of Open Virtual Routers
2010 (Engelska)Ingår i: 2010 IEEE GLOBECOM WORKSHOPS, IEEE , 2010, s. 288-293Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

A major challenge in network virtualization is to virtualize the components constituting the network, in particular the routers. In the work presented here, we focus on how to use open source Linux software in combination with commodity hardware to build open virtual routers. A general approach in open router virtualization is to run multiple virtual operating systems in parallel on the same PC hardware. This means that overhead in terms of additional packet processing is introduced along the data path through the router. In this paper, we investigate these performance penalties and suggest how best to combine software modules to form an open virtual router.

Ort, förlag, år, upplaga, sidor
IEEE, 2010
Nyckelord
network virtualizatoin, virtual router, SoftIRQ, NAPI
Nationell ämneskategori
Telekommunikation
Forskningsämne
Datalogi
Identifikatorer
urn:nbn:se:kth:diva-35638 (URN)10.1109/GLOCOMW.2010.5700328 (DOI)000291611300055 ()2-s2.0-79951865927 (Scopus ID)978-1-4244-8865-0 (ISBN)
Konferens
IEEE GLOBECOM Workshop on Future Internet, Miami, USA, 2010
Anmärkning

QC 20110704

Tillgänglig från: 2011-07-04 Skapad: 2011-07-04 Senast uppdaterad: 2017-05-10Bibliografiskt granskad
2. Data Plane Optimizations in Open Virtual Routers
Öppna denna publikation i ny flik eller fönster >>Data Plane Optimizations in Open Virtual Routers
2011 (Engelska)Ingår i: IFIP Networking 2011, Springer Verlag, Heidelberg , 2011, s. 379-392Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

A major challenge in network virtualization is to virtualize the components constituting the network, in particular the routers. In the work presented here, we focus on how to use open source Linux software in combination with commodity hardware to build open virtual routers. A general approach in open router virtualization is to run multiple virtual instances in parallel on the same PC hardware. This means that virtual components are combined in the router’s data plane, which can result in performance penalty. In this paper, we investigate the impact of the design of virtual network devices on router performance in Linux namespace environment. We identify performance bottlenecks along the packet data path. We suggest design changes to improve performance. In particular, we investigate modifications of the ―macvlan‖ device, and analyze the performance improvements in terms of packet forwarding. We also investigate how the number of virtual routers and virtual devices within a physical machine influence performance.

Ort, förlag, år, upplaga, sidor
Springer Verlag, Heidelberg, 2011
Nyckelord
network virtualization, virtual router, SoftIRQ, NAPI, Softnet API
Nationell ämneskategori
Kommunikationssystem
Identifikatorer
urn:nbn:se:kth:diva-49616 (URN)10.1007/978-3-642-20757-0_30 (DOI)2-s2.0-79956037282 (Scopus ID)978-3-642-20756-3 (ISBN)
Konferens
10th International IFIP TC 6 Networking Conference Valencia, Spain, May 2011
Anmärkning
QC 20120109Tillgänglig från: 2012-01-09 Skapad: 2011-11-28 Senast uppdaterad: 2017-05-09Bibliografiskt granskad
3. PC-based Router Virtualization with Hardware Support
Öppna denna publikation i ny flik eller fönster >>PC-based Router Virtualization with Hardware Support
2012 (Engelska)Ingår i: Proceedings - International Conference on Advanced Information Networking and Applications, AINA, IEEE Computer Society, 2012, s. 573-580Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

In this paper we focus on how to use open source Linux software in combination with PC hardware to build high speed virtual routers. Router virtualization means that multiple virtual router instances will run in parallel on the same hardware. To enable this, virtual components are combined in the router's data plane. This can result in performance penalties. Furthermore, an overloaded virtual router can affect the performance of other virtual routers running in parallel. Achieving high performance and strong performance isolation in a virtualized environment is challenging. We investigate how hardware can help to achieve these goals in the Linux Namespaces environment. We propose a forwarding architecture for virtual routers based on multi-core hardware where virtual routers can run in parallel on different CPU cores. This reduces resource contention among virtual routers and results in improved performance and isolation. To enable this architecture, we find that hardware based I/O virtualization support is essential. We demonstrate this by making a comparison with a software based I/O virtualization approach. We also show that hardware assisted virtual routers can achieve better aggregate throughput than a non-virtualized router on a multi-core platform.

Ort, förlag, år, upplaga, sidor
IEEE Computer Society, 2012
Serie
International Conference on Advanced Information Networking and Applications. Proceedings, ISSN 1550-445X ; 2012
Nyckelord
I/O virtualization, RSS, SoftIRQ, SR-IOV, virtual router, Aggregate throughput, CPU cores, Data planes, Hardware supports, Hardware-assisted, Multi core, Multi-core platforms, Namespaces, Open sources, PC hardware, PC-based routers, Performance penalties, Resource contention, Running-in, Software-based, Virtual components, Virtualizations, Virtualized environment, Computer operating systems, Hardware, Java programming language, Open systems, Routers, Virtual reality, Computer architecture
Nationell ämneskategori
Telekommunikation
Identifikatorer
urn:nbn:se:kth:diva-100061 (URN)10.1109/AINA.2012.96 (DOI)000309071500079 ()2-s2.0-84860735290 (Scopus ID)
Konferens
26th IEEE International Conference on Advanced Information Networking and Applications, AINA 2012; Fukuoka; Japan 26 March 2012 through 29 March 2012
Forskningsfinansiär
ICT - The Next Generation
Anmärkning

QC 20150708

Tillgänglig från: 2012-08-03 Skapad: 2012-08-03 Senast uppdaterad: 2017-05-11Bibliografiskt granskad
4. KVM vs. LXC: Comparing Performance and Isolation of Hardware-assisted Virtual Routers
Öppna denna publikation i ny flik eller fönster >>KVM vs. LXC: Comparing Performance and Isolation of Hardware-assisted Virtual Routers
2013 (Engelska)Ingår i: American Journal of Networks and Communications, ISSN 2326-893X, Vol. 2, nr 4, s. 88-96Artikel i tidskrift (Refereegranskat) Published
Abstract [en]

Concerns have been raised about the performance of PC-based virtual routers as they do packet processing in software. Furthermore, it becomes challenging to maintain isolation among virtual routers due to resource contention in a shared environment. Hardware vendors recognize this issue and PC hardware with virtualization support (SR-IOV and Intel-VTd) has been introduced in recent years. In this paper, we investigate how such hardware features can be integrated with two different virtualization technologies (LXC and KVM) to enhance performance and isolation of virtual routers on shared environments. We compare LXC and KVM and our results indicate that KVM in combination with hardware support can provide better trade-offs between performance and isolation. We notice that KVM has slightly lower throughput, but has superior isolation properties by providing more explicit control of CPU resources. We demonstrate that KVM allows defining a CPU share for a virtual router, something that is difficult to achieve in LXC, where packet forwarding is done in a kernel shared by all virtual routers.

Nyckelord
Network Virtualization, Virtual Router (VR), SR-IOV, Virtual Function (VF), SoftIRQ, NAPI
Nationell ämneskategori
Datorsystem
Identifikatorer
urn:nbn:se:kth:diva-136604 (URN)10.11648/j.ajnc.20130204.11 (DOI)
Anmärkning

QC 20140303

Tillgänglig från: 2013-12-06 Skapad: 2013-12-06 Senast uppdaterad: 2017-05-11Bibliografiskt granskad
5. Resilient Communication through Multihoming for Remote Healthcare Applications
Öppna denna publikation i ny flik eller fönster >>Resilient Communication through Multihoming for Remote Healthcare Applications
2013 (Engelska)Ingår i: 2013 IEEE Global Communications Conference (GLOBECOM), IEEE , 2013, s. 1335-1341Konferensbidrag, Publicerat paper (Refereegranskat)
Abstract [en]

Advancements in today's technologies make it possible to offer competitive home-based healthcare services using software routers based on open source software combined with Commodity-Off-The-Shelf (COTS) hardware. In this paper, we propose resilient communication through multihoming for remote healthcare applications. The solution is based on Bidirectional Forwarding Detection (BFD) for fast failure detection and a customized rerouting operation. We investigate the tradeoff between short reaction times for rerouting and low probability of false alarms. This is challenging to achieve under high traffic loads since the load affects the BFD session which is formed to monitor the bidirectional forwarding capabilities. We propose a simple mechanism that provides fast failover and meanwhile maintains a very low probability of generating false alarms and unwanted rerouting decisions. The mechanism is based on allocation of system resources for processing BFD control messages, and we demonstrate through empirical results that BFD then can be used in software routers to provide average failover times within 200 ms.

Ort, förlag, år, upplaga, sidor
IEEE, 2013
Nyckelord
Errors, Health care, Open source software, Software engineering, Commodity off the shelves, Control messages, Failure detection, Health care application, Home-based healthcares, Resilient communications, Short reaction time, System resources
Nationell ämneskategori
Kommunikationssystem
Identifikatorer
urn:nbn:se:kth:diva-136364 (URN)10.1109/GLOCOM.2013.6831259 (DOI)2-s2.0-84904123229 (Scopus ID)978-147991353-4 (ISBN)
Konferens
2013 IEEE Global Communications Conference, GLOBECOM 2013; Atlanta, GA; United States; 9 December 2013 through 13 December 2013
Anmärkning

QC 20140416

Tillgänglig från: 2013-12-04 Skapad: 2013-12-04 Senast uppdaterad: 2017-05-09Bibliografiskt granskad
6. Towards Performance Guarantees for Virtualized Network Functions
Öppna denna publikation i ny flik eller fönster >>Towards Performance Guarantees for Virtualized Network Functions
2017 (Engelska)Artikel i tidskrift (Refereegranskat) Submitted
Abstract [en]

The trend of consolidating network functions from specialized hardware to software running on virtualization servers brings significant advantages for reducing costs and simplifying service deployment.  However, virtualization techniques have significant limitations when it comes to networking as there is no support for guaranteeing that network functions meet their service requirements. In this paper, we present a design for providing service guarantees to virtualized network functions based on rate control. The design is a combination of rate regulation through token bucket filters and the regular scheduling mechanisms in operating systems.  It has the attractive property that traffic profiles are maintained throughout a series of network functions, which makes it well suited for service function chaining.

We discuss implementation alternatives for the design, and demonstrated how it can be implemented on two virtualization platforms: LXC containers and with the KVM hypervisor. To evaluate the design, we conduct experiments where we measure throughput and latency using IP forwarders as virtual network functions. Two significant factors for performance are investigated: the design of token buckets and the packet clustering effect that comes from scheduling. We implement a token bucket filter at the network device level, which is found to give better performance than the regular token bucket in Linux traffic control. The clustering effect adds burstiness, which in turn increases latency and limits the traffic profiles that can be supported. The effect is significant with KVM, but not with LXC. Finally, we demonstrate how performance guarantees are achieved for multiple virtual routers under different scenarios.

Nationell ämneskategori
Telekommunikation
Forskningsämne
Datalogi
Identifikatorer
urn:nbn:se:kth:diva-206862 (URN)
Anmärkning

QC 20170510

Tillgänglig från: 2017-05-09 Skapad: 2017-05-09 Senast uppdaterad: 2017-05-10Bibliografiskt granskad

Open Access i DiVA

fulltext(1626 kB)254 nedladdningar
Filinformation
Filnamn FULLTEXT02.pdfFilstorlek 1626 kBChecksumma SHA-512
99f280f3ea85b8ba6980012009a7dd9d7c65dc6c74e7bcdb9f4c15f9a7c1fb0ac295cd6275321b97b43edfa2010ba7d742cff90d642030199dde69290f4d1fee
Typ fulltextMimetyp application/pdf
Errata(39 kB)16 nedladdningar
Filinformation
Filnamn ERRATA01.pdfFilstorlek 39 kBChecksumma SHA-512
d04b5f74e69edabd0fb1090726c95d85ff09ad0b5e12e6df74a9f31b5923d904b455b91919d0c45d73264a2785239637838088fc61af9a2763b6d1a34b39b56b
Typ errataMimetyp application/pdf

Sök vidare i DiVA

Av författaren/redaktören
Rathore, Muhammad Siraj
Av organisationen
Network Systems Laboratory (NS Lab)
Telekommunikation

Sök vidare utanför DiVA

GoogleGoogle Scholar
Totalt: 263 nedladdningar
Antalet nedladdningar är summan av nedladdningar för alla fulltexter. Det kan inkludera t.ex tidigare versioner som nu inte längre är tillgängliga.

isbn
urn-nbn

Altmetricpoäng

isbn
urn-nbn
Totalt: 4556 träffar
RefereraExporteraLänk till posten
Permanent länk

Direktlänk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf