SNAP: Stateful Network-Wide Abstractions for Packet Processing

Early programming languages for software-defined networking (SDN) were built on top of the simple match-action paradigm offered by OpenFlow 1.0. However, emerging hardware and software switches offer much more sophisticated support for persistent state in the data plane, without involving a central controller. Nevertheless, managing stateful, distributed systems efficiently and correctly is known to be one of the most challenging programming problems. To simplify this new SDN problem, we introduce SNAP. SNAP offers a simpler "centralized" stateful programming model, by allowing programmers to develop programs on top of one big switch rather than many. These programs may contain reads and writes to global, persistent arrays, and as a result, programmers can implement a broad range of applications, from stateful firewalls to fine-grained traffic monitoring. The SNAP compiler relieves programmers of having to worry about how to distribute, place, and optimize access to these stateful arrays by doing it all for them. More specifically, the compiler discovers read/write dependencies between arrays and translates one-big-switch programs into an efficient internal representation based on a novel variant of binary decision diagrams. This internal representation is used to construct a mixed-integer linear program, which jointly optimizes the placement of state and the routing of traffic across the underlying physical topology. We have implemented a prototype compiler and applied it to about 20 SNAP programs over various topologies to demonstrate our techniques' scalability

Metronome: adaptive and precise intermittent packet retrieval in DPDK

DPDK (Data Plane Development Kit) is arguably today's most employed framework for software packet processing. Its impressive performance however comes at the cost of precious CPU resources, dedicated to continuously poll the NICs. To face this issue, this paper presents Metronome, an approach devised to replace the continuous DPDK polling with a sleep&wake intermittent mode. Metronome revolves around two main innovations. First, we design a microseconds time-scale sleep function, named hr_sleep(), which outperforms Linux' nanosleep() of more than one order of magnitude in terms of precision when running threads with common time-sharing priorities. Then, we design, model, and assess an efficient multi-thread operation which guarantees service continuity and improved robustness against preemptive thread executions, like in common CPU-sharing scenarios, meanwhile providing controlled latency and high polling efficiency by dynamically adapting to the measured traffic load

Stateful Programming of High-Speed Network Hardware

Modern networks need to operate at speeds as high as 100Gbps while running sophisticated algorithms and protocols to provide strict performance, security and reliability guarantees. Moreover, they need to flexibly adapt to the rapidly evolving requirements of online services. Thus, emerging network hardware devices, i.e. switches inside the network and Network Interface Cards (NICs) at the end hosts, are high-speed and programmable, with on-chip memory accessible on a per-packet basis to support stateful packet processing. However, the programming interfaces of these devices are quite low-level, tied to each device's architecture, and only suitable for programming a single device. Thus, programming collections of stateful network devices to realize a local or network-wide functionality efficiently and correctly is extremely difficult and error-prone. This dissertation focuses on the design and implementation of high-level programming abstractions for stateful programming of high-speed network hardware, both at the end hosts and inside the network. At the end host, we focus on the transport layer, the most complicated, constantly-evolving, and stateful component of the network stack. Transport-layer algorithms maintain state across packets to decide what data segments to transmit and when, and are notoriously difficult to implement on programmable NICs at high-speed. We propose Tonic, a hardware architecture for transport algorithms that can support 100Gbps for 128-byte packets while being programmable with a simple API. In designing Tonic, we exploit common patterns across transport algorithms to create efficient fixed-function reusable hardware modules, thus significantly reducing the functionality programmers must specify. To facilitate network-wide stateful programming, we propose SNAP, a programming language that abstracts the entire network as "one big stateful switch". Using SNAP, operators can program using persistent arrays on one big switch without deciding how to distribute and access them in the network's switches. The SNAP compiler discovers read/write dependencies between arrays, translates one-big-switch programs into an efficient internal representation based on binary decision diagrams, and uses it to jointly optimize array placement and routing across the network. All in all, Tonic's modular interface and SNAP's one-big-stateful-switch abstraction relieve programmers from the low-level details of stateful programming of high-speed network hardware throughout the entire network

Stateful Programming of High-Speed Network Hardware

Modern networks need to operate at speeds as high as 100Gbps while running sophisticated algorithms and protocols to provide strict performance, security and reliability guarantees. Moreover, they need to flexibly adapt to the rapidly evolving requirements of online services. Thus, emerging network hardware devices, i.e. switches inside the network and Network Interface Cards (NICs) at the end hosts, are high-speed and programmable, with on-chip memory accessible on a per-packet basis to support stateful packet processing. However, the programming interfaces of these devices are quite low-level, tied to each device's architecture, and only suitable for programming a single device. Thus, programming collections of stateful network devices to realize a local or network-wide functionality efficiently and correctly is extremely difficult and error-prone. This dissertation focuses on the design and implementation of high-level programming abstractions for stateful programming of high-speed network hardware, both at the end hosts and inside the network. At the end host, we focus on the transport layer, the most complicated, constantly-evolving, and stateful component of the network stack. Transport-layer algorithms maintain state across packets to decide what data segments to transmit and when, and are notoriously difficult to implement on programmable NICs at high-speed. We propose Tonic, a hardware architecture for transport algorithms that can support 100Gbps for 128-byte packets while being programmable with a simple API. In designing Tonic, we exploit common patterns across transport algorithms to create efficient fixed-function reusable hardware modules, thus significantly reducing the functionality programmers must specify. To facilitate network-wide stateful programming, we propose SNAP, a programming language that abstracts the entire network as "one big stateful switch". Using SNAP, operators can program using persistent arrays on one big switch without deciding how to distribute and access them in the network's switches. The SNAP compiler discovers read/write dependencies between arrays, translates one-big-switch programs into an efficient internal representation based on binary decision diagrams, and uses it to jointly optimize array placement and routing across the network. All in all, Tonic's modular interface and SNAP's one-big-stateful-switch abstraction relieve programmers from the low-level details of stateful programming of high-speed network hardware throughout the entire network

DBVal: Validating P4 Data Plane Runtime Behavior

The P4 software ecosystem to operate programmable data planes is increasingly becoming complex. The packet-processing behavior is defined by several components: the P4 program, the compiler that maps P4 programs to resource-constrained switch pipeline, the control-plane program that installs rules, and the switch software agents that configure the data plane. Bugs in any one or more of these components would potentially introduce packet-processing errors in the data plane. Prior work verifies P4 programs before deployment and found many program bugs. But bugs can happen in other components after the program deployment and may not be found during testing and only manifest themselves in production. In this work, our goal is to detect packet-processing errors induced by bugs that are not caught (or are difficult to catch) before the P4 program deployment. Our key idea is to let P4 programmers specify the intended packet-processing behavior and validate the actual packet-processing behavior against the intended behavior at runtime. We obtain intended behavior from the P4 programmers in the form of assertions, where each assertion specifies which tables and actions should be applied and in what order on a certain subset of traffic. Next, the assertions are compiled and translated to P4 implementation such that the implementation efficiently tracks the packet execution path, that is, the set of tables applied and actions executed, and then validates the tracked behavior at line rate. We show that our techniques can be used to effectively detect bugs that are difficult, if not impossible, to catch with existing techniques for testing and verifying programmable data planes. © 2021 ACM