Characterizing the impact of network latency on cloud-based applications’ performance

Businesses and individuals run increasing numbers of applications in the cloud. The performance of an application running in the cloud depends on the data center conditions and upon the resources committed to an application. Small network delays may lead to a significant performance degradation, which affects both the user’s cost and the service provider’s resource usage, power consumption and data center efficiency. In this work, we quantify the effect of network latency on several typical cloud workloads, varying in complexity and use cases. Our results show that different applications are affected by network latency to differing amounts. These insights into the effect of network latency on different applications have ramifications for workload placement and physical host sharing when trying to reach performance targets

P4DNS: In-Network DNS

In network computing offers an appealing scalability trajectory for network services, as application performance scales with network devices. Despite its potential, in-network computing may not be suitable for all applications, both due to paradigm assumptions and network-device limitations. As the users' demands from the Internet keep growing, any limitations on the scalability of network services such as DNS limits the scalability of end-to-end experience. In this paper we present P4DNS, an in-network DNS solution, exploring the span and limitations of implementing a realistic network service within a network device. P4DNS is a high performance DNS server, implemented in P4->NetFPGA and providing performance improvement compared with software-based solutions. We discuss the limitations of implementing in-network services using today's paradigms and the trade-offs between data and control planesLeverhulme Trust Isaac Newton Trus

INDDoS+: secure DDoS detection mechanism in programmable switches

Volumetric distributed Denial-of-Service (DDoS) attack is a key issue in modern telecommunication networks since it can exhaust the resources of legitimate users and cripple network services. Recently, with the emergence of high-throughput and low-latency programmable switches, DDoS detection mechanisms have been designed and implemented in an in-network manner, that is, DDoS detection executed directly within programmable switches. State-of-the-art works use advanced data structures to monitor the number of connections targeting destination hosts: if there is sudden increase of connections and the number exceeds a given threshold, the destination host is most likely under DDoS attack. However, while this approach is efficient in DDoS victims identification, it has inherent vulnerabilities in the detection mechanism that may lead to security issues. In this paper, we study two possible vulnerabilities in DDoS detection data structures, showing the possibilities to break DDoS detection mechanisms in programmable switches. To mitigate the constructed attacks, we propose a solution called INDDoS+. The results show that INDDoS+ is robust to attacks and can accurately detect DDoS attempts when limited hardware resources are assigned

Measuring Burstiness in Data Center Applications

Buffer sizing is a tricky task --- it depends on a large number of variables, ranging from congestion control to traffic engineering. Still, the most unpredictable contributors are the workloads running in the network. The link utilization and burstiness of these workloads dictate the buffer depth needed by a switch. But what is a burst? Do traditional definitions still apply in the age in which switches transfer terabits of data and billions of packets every second? Unless we assess bursts correctly, we are unlikely to size buffers appropriately. In this work, we present a measurement-led evaluation of the burstiness of different data center applications. We address the question of ``what is a burst?'' and assert that common techniques cannot answer this question in modern data centers. We quantify the change in burstiness of the studied applications across multiple vectors, including latency and network perspective, and generalize our results to the common case. Our observations can inform future buffer sizing efforts and guide switch configurations. Our dataset is openly available for the benefit of the community.Leverhulme Trust Isaac Newton Trus

From photons to big-data applications: terminating terabits

Computer architectures have entered a watershed as the quantity of network data generated by user applications exceeds the data-processing capacity of any individual computer end-system. It will become impossible to scale existing computer systems while a gap grows between the quantity of networked data and the capacity for per system data processing. Despite this, the growth in demand in both task variety and task complexity continues unabated. Networked computer systems provide a fertile environment in which new applications develop. As networked computer systems become akin to infrastructure, any limitation upon the growth in capacity and capabilities becomes an important constraint of concern to all computer users. Considering a networked computer system capable of processing terabits per second, as a benchmark for scalability, we critique the state of the art in commodity computing, and propose a wholesale reconsideration in the design of computer architectures and their attendant ecosystem. Our proposal seeks to reduce costs, save power and increase performance in a multi-scale approach that has potential application from nanoscale to data-centre-scale computers.This work was supported by the UK Engineering and Physical Sciences Research Council Internet Project EP/H040536/1. This work was supported by the Defense Advanced Research Projects Agency and the Air Force Research Laboratory, under contract FA8750-11-C-0249