Traditionally, network hardware, i.e. switches inside the network and Network Interface Cards (NICs) at the end hosts, have been fixed-function ASICs, performing simple stateless packet processing. Stateful packet processing, on the other hand, was mostly implemented in software in the higher layers of the network stack at the end hosts. Today, with link speeds increasing to 100Gbps and beyond, the CPU cost of software packet processing is becoming prohibitive. That, together with the need for network-enforced reliability, security, and efficiency, are forcing more complex, stateful packet processing functionality to be implemented in hardware in network switches and NICs. Moreover, there is an increasing need for programmable network hardware, as opposed to fixed-function ASICs, to enable networks to adapt to the rapidly evolving requirements of online services.

Designing programmable network hardware with support for stateful packet processing at high-speed is notoriously difficult. At today’s link speeds, network switches and NICs should transmit a packet every few nanoseconds. However, stateful packet processing reduces opportunities for parallel computation by creating dependencies between operations across packets, and supporting programmability reduces opportunities for protocol-specific optimizations, both making it challenging to keep up with line-rate. Moreover, the need for high speed has kept the programming interfaces of current programmable network hardware quite low-level and only suitable for specifying the behavior of a single device. Thus, programming collections of stateful network devices to realize a local or network-wide functionality efficiently and correctly is known to be extremely difficult and error-prone. This thesis focuses on the design and programming of high-speed stateful network hardware, both at the end hosts and inside the network.

At the end host, the transport layer is the most complicated and stateful component of the network stack that is pushed into the NIC’s hardware and is currently implemented as a fixed-function ASIC. We propose Tonic, a programmable hardware architecture for running transport protocols at 100Gbps. At such speed, the transport layer must generate a data segment every few nanoseconds using only a few kilobits of per-flow state, due to the limited memory on the NIC. The per-flow state can potentially be updated by multiple concurrent transport events every few nanoseconds, making it challenging to process them at line rate. As a result, we decompose transport-protocol functionality into operations that must affect the transmission of each packet and those that can safely run at microsecond timescales, hence enabling optimizations for the former. Moreover, by identifying common patterns across transport protocols, we offer programmers a simple API while further optimizing Tonic’s design. Experiments with our FPGA-based prototype show that Tonic can support a wide range of transport protocols and meet timing for 100 Gbps of back-to-back 128-byte packets.

To facilitate network-wide stateful packet processing, we propose SNAP, a programming language that abstracts the entire network as “one big stateful switch”. Using SNAP, network operators can develop programs that contain reads and writes to global, persistent arrays, to implement a broad range of in-network applications, from stateful firewalls to fine-grained traffic monitoring. The SNAP compiler takes care of distribution, placement, and optimization of access to these stateful arrays. More specifically, the compiler discovers read/write dependencies between arrays and translates one-big-switch programs into an efficient internal representation based on a variant of binary decision diagrams. This internal representation is used to construct a mixed-integer linear program, which jointly optimizes the placement of state and the routing of traffic across the underlying physical topology. The internal representation is also used to derive the primitive stateful operations required in programmable switches to support SNAP’s network-wide abstractions.

All in all, Tonic’s modular interface and SNAP’s one-big-stateful-switch abstraction relieve programmers from dealing with the low-level details of stateful programming of high-speed network hardware throughout the entire network.