Heavy and lightweight dynamic network services: challenges and experiments for

designing intelligent solutions in evolvable next generation networks

Laurent Lefèvre

INRIA / LIP (UMR CNRS, INRIA, ENS, UCB)laurent.lefevre@inria.fr

WAGEN Workshop - Jiuzhaigou - April 8, 2005-

Challenges Active networks : programmable network

equipments which allow deployment of heterogeneous services in data plan (heavy services) In control / management plans (lightweight services)

How to urbanize networks with autonomous dynamic services ?

How to efficiently manage such heterogeneous services for providing efficient solutions inside the network ?

Patterns Robustness

Best effort services Garanted services

Personnalized Generic services Dedicated services (application, user, stream…)

TTL One-usage service Persistant services

Roadmap

Urbanization of dynamic network services Lightweight network functionalities Cluster-based network equipments Load balancing strategies for

heterogeneous services

Where to map dynamic autonomous network services?

Urbanization is an open problem Mixes networking aspects with service

composition Access networks Peering points Front end of clusters LAN ?

Service on data path

Proxy mode Dynamic deployment

Replicated network service

Same service replicated on several network equipments

On the fly deployment with data streams

Distributed network autonomous service

Service composition Allow pipelined approach Dealing with fault tolerance / load

balancing

Unique service out of the data path

Dedicated equipment (legacy solution) Requires intelligent forwarding

Distributed service outside the data path

Requires sensors to evaluate cost of multiple fwd operations

Proposing a generic active environment able to handle heterogeneous services : The Tamanoir project

Supporting requirements of current networks (Gbits)

Tamanoir Architecture : adapted for heterogeneous services

Resources consuming services : distributed storage, streams adaptation, on the fly compression, cryptography…

Services deployment / linked with middleware : reliable multicast…

Middle services : content based routing, QoS...

Light network services : packet marking, QoS…

NIC (Programmable)

Kernel

Execution

environment

Distributed resources

Active service deployment

From application / middleware From TAN From network service Broker

Tamanoir Active Node (TAN)Execution environment

Performance evaluation of middle services

Solution / Problem Simple Java service in user space can

support up to 450 Mbits ! (we eat the ants ! )

A stand-alone active node is not enough to fully support and apply active service to Gbit streams

Need to put lightweight network functionalities close to the network

Explore kernel services

Kernel support for active node

NIC (Programmable)

Kernel

Execution

environment

Distributed resources

Kernel Support

• Module inside Linux kernel : using netfilter

• Filtering ANEP packets• Allowing packet to cross the active node through the kernel space• Efficiently put ANEP packets inside the service in user space

Netfilter Protocols define hooks on the packet way

inside IP stack Associate hooks and personalized

applications /services

1

52

43Routing

Routing

Local process

NF_IP_POST_ROUTINGNF_IP_FORWARD

NF_IP_LOCAL_OUTNF_IP_LOCAL_IN

Communication between active service and OS module

A Tamanoir active service : a java part + kernel module Message control / parameters

Performance evaluation

Solution / Problem

Kernel active services greatly reduce latency for transient packets

Only applicable to lightweight network functionalities (state, CPU consumption..)

Reduce portability of active services What about CPU consuming services ?

Cluster-based active node

NIC (Programmable)

Kernel

Execution

environment

Distributed resources

Tamanoir architecture : on a cluster

Pushing performances

Improving performances of active nodes : using clustering technology

Linux Virtual Server Strategies :

Round robin Least connected

Performance evaluation

Solution / Problem We support a full Gbit streams with a small

cluster based Tamanoir active node ! We need more resources for CPU consuming

active services How to balance workload between internal

nodes of an active node without knowing length of streams and needed services ?

Feedback stream based load balancing policy (FBSb)

Needs dynamic strategies for heterogeneous deployment

FBSb Front-end machine with

updated “weight” table (CPU and memory consumption of back-end machines)

Back-end machines with feedback agents and sensors

Experiments Heavy service (3-DES encryption) : this service

makes an intensive use of CPU (1 stream calling this service saturates a CPU, in our test implementation);

Medium service (stateful traffic analysis) : this service uses the CPU in a less intensive way, but its impact is not transparent (3-4 streams calling this service saturate a CPU, in our test implementation).

Experiments 200: composed by 1 stream calling a service of

encryption and 11 streams calling for a traffic analysis with different delays of arrival of 1 second (201), 2 seconds (202) and 5 seconds (205).

300: composed by 4 streams calling a service of encryption and 8 streams calling for traffic analysis. with different delays of arrival of 0 second (300), 1 second (301) and 2 seconds (302).

Experiments : FBSb, RR, LCFBSb FBSb FBSb RR RR RR LC LC LC

Test MAX AVG MIN MAX AVG MIN MAX AVG MIN

201 38.2 20.2 15.9 43.2 20.1 15.5 38.5 20.3 15.4

202 33.3 20 15.7 37.4 20.1 15.4 36.4 20.1 15.4

205 32.9 19.4 15.5 38.8 19.6 15.4 37.3 19.6 15.4

300 52 24.1 16.1 93.6 26 15.4 64.6 25.5 16.3

301 50.8 24.6 15.4 90.3 26.9 16.1 64 25.6 15.4

302 50.9 23.2 15.3 92.9 25.5 15.9 57.8 25 15.6

RR and LC : efficient if homogeneous dynamic services FBSb : efficient when heterogeneous deployment

Conclusions and future works

We propose a gigabit supporting software based active node using kernel module deployment and cluster

Providing load balancing support inside cluster-based active equipments is a mandatory aspect for performances

Research could also benefit for network processors technology / programmable network interface cards

Deployment of large scale active/programmable platform based on emulation : French Grid5000 project

http://www.ens-lyon.fr/LIP/RESO/Software/Tamanoir