Accelerating Network Functions using Reconfigurable Hardware. Design and Validation of High Throughput and Low Latency Network Functions at the Access Edge

Providing Internet access to billions of people worldwide is one of the main technical challenges in the current decade. The Internet access edge connects each residential and mobile subscriber to this network and ensures a certain Quality of Service (QoS). However, the implementation of access edge functionality challenges Internet service providers: First, a good QoS must be provided to the subscribers, for example, high throughput and low latency. Second, the quick rollout of new technologies and functionality demands flexible configuration and programming possibilities of the network components; for example, the support of novel, use-case-specific network protocols. The functionality scope of an Internet access edge requires the use of programming concepts, such as Network Functions Virtualization (NFV). The drawback of NFV-based network functions is a significantly lowered resource efficiency due to the execution as software, commonly resulting in a lowered QoS compared to rigid hardware solutions. The usage of programmable hardware accelerators, named NFV offloading, helps to improve the QoS and flexibility of network function implementations. In this thesis, we design network functions on programmable hardware to improve the QoS and flexibility. First, we introduce the host bypassing concept for improved integration of hardware accelerators in computer systems, for example, in 5G radio access networks. This novel concept bypasses the system’s main memory and enables direct connectivity between the accelerator and network interface card. Our evaluations show an improved throughput and significantly lowered latency jitter for the presented approach. Second, we analyze different programmable hardware technologies for hardware-accelerated Internet subscriber handling, including three P4-programmable platforms and FPGAs. Our results demonstrate that all approaches have excellent performance and are suitable for Internet access creation. We present a fully-fledged User Plane Function (UPF) designed upon these concepts and test it in an end-to-end 5G standalone network as part of this contribution. Third, we analyze and demonstrate the usability of Active Queue Management (AQM) algorithms on programmable hardware as an expansion to the access edge. We show the feasibility of the CoDel AQM algorithm and discuss the challenges and constraints to be considered when limited hardware is used. The results show significant improvements in the QoS when the AQM algorithm is deployed on hardware. Last, we focus on network function benchmarking, which is crucial for understanding the behavior of implementations and their optimization, e.g., Internet access creation. For this, we introduce the load generation and measurement framework P4STA, benefiting from flexible software-based load generation and hardware-assisted measuring. Utilizing programmable network switches, we achieve a nanosecond time accuracy while generating test loads up to the available Ethernet link speed

User Plane Hardware Acceleration in Access Networks: Experiences in Offloading Network Functions in Real 5G Deployments

Fulfilling the ambitious Quality of Service demands of today’s wireless networks, especially low latency, high bandwidths and availability, is a big challenge for researchers, network architects, and operators. Each networking component on the data path between the user equipment and the destination data network, e.g., the Internet, must provide the highest performance to meet these requirements. This work demonstrates how different network elements of the user plane, describing the whole path of user traffic, can be sped up with different hardware acceleration technologies. For that, we demonstrate how to build up a 5G standalone campus network for evaluation, working end-to-end with real user equipment and open-source software components. Further, we analyze the user-plane network functions of 5G networks from the radio access network to the core. Based on our real 5G setup, the practical evaluation of the analysis results shows up how the 5G user-plane hardware can be accelerated best

P4-CoDel: Experiences on Programmable Data Plane Hardware

Fixed buffer sizing in computer networks, especially the Internet, is a compromise between latency and bandwidth. A decision in favor of high bandwidth, implying larger buffers, subordinates the latency as a consequence of constantly filled buffers. This phenomenon is called Bufferbloat. Active Queue Management (AQM) algorithms such as CoDel or PIE, designed for the use on software based hosts, offer a flow agnostic remedy to Bufferbloat by controlling the queue filling and hence the latency through subtle packet drops. In previous work, we have shown that the data plane programming language P4 is powerful enough to implement the CoDel algorithm. While legacy software algorithms can be easily compiled onto almost any processing architecture, this is not generally true for AQM on programmable data plane hardware, i.e., programmable packet processors. In this work, we highlight corresponding challenges, demonstrate how to tackle them, and provide techniques enabling the implementation of such AQM algorithms on different high speed P4-programmable data plane hardware targets. In addition, we provide measurement results created on different P4-programmable data plane targets. The resulting latency measurements reveal the feasibility and the constraints to be considered to perform Active Queue Management within these devices. Finally, we release the source code and instructions to reproduce the results in this paper as open source to the research community

P4-CoDel:Experiences on Programmable Data Plane Hardware

Fixed buffer sizing in computer networks, especially the Internet, is a compromise between latency and bandwidth. A decision in favor of high bandwidth, implying larger buffers, subordinates the latency as a consequence of constantly filled buffers. This phenomenon is called Bufferbloat. Active Queue Management (AQM) algorithms such as CoDel or PIE, designed for the use on software based hosts, offer a flow agnostic remedy to Bufferbloat by controlling the queue filling and hence the latency through subtle packet drops. In previous work, we have shown that the data plane programming language P4 is powerful enough to implement the CoDel algorithm. While legacy software algorithms can be easily compiled onto almost any processing architecture, this is not generally true for AQM on programmable data plane hardware, i.e., programmable packet processors. In this work, we highlight corresponding challenges, demonstrate how to tackle them, and provide techniques enabling the implementation of such AQM algorithms on different high speed P4-programmable data plane hardware targets. In addition, we provide measurement results created on different P4-programmable data plane targets. The resulting latency measurements reveal the feasibility and the constraints to be considered to perform Active Queue Management within these devices. Finally, we release the source code and instructions to reproduce the results in this paper as open source to the research community

User Space Packet Schedulers: Towards Rapid Prototyping of Queue-Management Algorithms

Quality of Service indicators in computer networks reached tremendousimportance over the last years. Especially throughput and latency are directly influenced by the dimension of packet queues. Determining the optimal dimension based on the inevitable tradeoff between throughput and latency tends to be a hard, almost infeasible challenge. Several algorithms for Active Queue Management have been proposed to address this challenge over the last years. However, the deploymentand by that the development of such algorithms is challenging as they are usually located within the operation systems’ kernel or implemented in fixed hardware. In this work, we investigate how novel algorithms can be deployed in user space for rapid prototyping with tolerable effort. We provide core performance characteristics and highlight the viability and reasonability of this approach

Network Testing Utilizing Programmable Network Hardware

QoS requirements on modern network hardware, including switches and routers, require the ability to conduct precise measurements of the packet processing and forwarding of network elements. This requires tracing packet processing and detecting the loss of packets with high timing accuracy. Current approaches for network testing rely on special and purpose-built devices, which are costly and inflexible as these devices cannot be reconfigured to include new testing or monitoring functionality. In this article, we demonstrate the power behind novel programmable network switches to enable highly accurate and flexible testing and monitoring of network element functionality before and during deployment. While the cost of such switches is comparable to traditional commodity switches, their processing logic can be programmed to realize specific networking functionality. In the context of P4STA, an open source measurement framework previously presented by us, we show how the programmability of modern network switches helps to perform highly accurate and purpose-independent testing of network elements. In addition, we also highlight its ability to support reconfigurable monitoring tasks within the network after deployment

Leveraging PIFO Queues for Scheduling in Time-Sensitive Networks

Time-Sensitive Networking emerged as a convergent Ethernet-based real-time networking standard for industrial applications. To support real-time, jitter-free isochronous traffic the corresponding TSN mechanism denoted Time Aware Shaper requires special hardware support. In this work, we propose a path to building TSN networks on top of programmable switches. Specifically, we show here how to leverage a data structure amenable to programmable data planes known as Push-in First-out (PIFO) queue to support TSN traffic scheduling for isochronous real-time, as well as, best effort traffic

In-Network SYN Flooding DDoS Attack Detection Utilizing P4 Switches

With the rapid development of Internet applications, the demand for reliable online services similarly increases. However, Distributed Denial-of-Service (DDoS) attacks disrupt the accessibility and the availability of online services. Therefore, DDoS detection and mitigation are crucial tasks to achieve high service availability. In this paper, we propose a novel in-network detection scheme for SYN flooding, the most prevalent type of DDoS attacks. By relocating the attack detection from a centralized controller to programmable P4 switches, the detection time is reduced, and the workload is distributed in the network. Extending passive classification methods, we propose an active detection mechanism, identifying SYN flooding DDoS attacks by selective packet dropping. By this, we expect more accurate detections compared to the state-of-the-art under congested network conditions

Enhancing Flexibility for Dynamic Time-Sensitive Network Configurations

Today, Time-Sensitive Networks (TSN) deployments are rather static and limit to a great extend possibilities for dynamicity in real-time networking scenarios. Possible changes in the network configuration need to be accounted for already at the planning stage. Unforeseen changes mostly require complete re-configurations at the cost valuable network uptime. In order to better support dynamic reconfigurations of TSN deployments at run-time the project DynSDN aims to increase the online flexibility of TSN-mechanisms