[talks] Kelvin Zou will present his General Exam April 29th at 12pm in CS 401

Nicki Gotsis ngotsis at CS.Princeton.EDU
Thu Apr 23 13:58:38 EDT 2015

Kelvin Zou will present his General Exam April 29th at 12:00pm in CS 401.

His committee is as follows: Jen Rexford (Adviser), Mike Freedman, and Nick Feamster.

Everyone is invited to attend his talk, and those faculty wishing to remain for the oral exam following are welcome to do so.  His abstract and reading list follow below.

Middleboxes, or network functions are at once an abomination (a violation of the end-to-end argument) and a necessity (for deploying higher-level network services between endpoints). We may apply different types of network functions to certain traffic in a certain order (service chaining), and change the service chain dynamically (dynamic service chaining), to both enhance performance and improve security. Current techniques for (dynamic) service chaining rely on manipulating how the network switches route traffic. However, tweaking the routing configuration is clumsy and inefficient, mainly because the network switches have limited forwarding table size for fine-grained policies and high routing-update latencies, ad it requires the administrators to control the whole network.

Instead, we propose a NF-aware architecture that makes network functions an explicit part of the end-to-end path, and thus facilitates configuring and reconfiguring service chains. The key insight of the architecture is that an end-to-end session, which we call supersession, is split into subsessions between NFs,  and between an endpoint  and an NF. The supersession-subsession abstraction allows us to design a simple protocol for handling (dynamic) service chaining that offer richer order-preservation  semantics than routing solutions. For instance, when reconfiguring service chains for a certain supersession, the protocols can guarantee that any TCP byte sequence is processed either in the new  or in the old chain, but not in both. We implemented and evaluated the protocols in a Linux system that can host a wide range of network functions, and show that the reconfiguration is 10x faster than in routing-based solutions. We also show that the overhead incurred by the architecture is negligible and that flows can be processed at line speed by NF hosts in a 40 Gbps network.

Reading list:
Computer Networks, A system approach, Larry Peterson and Bruce Davie.

Improving TCP/IP Performance over Wireless Networks  (TCP proxy)
An End-to-End Approach to Host Mobility (TCP Migrate)
Serval: An End-Host Stack for Service-Centric Networking (Mobility protocol)
Middleboxes No Longer Considered Harmful (Middlebox protocol/architecture)
Design and Implementation of a Consolidated Middlebox Architecture
OpenNF: Enabling Innovation in Network Function Control
Split/Merge: System Support for Elastic Execution in Virtual Middleboxes
SIMPLE-fying Middlebox Policy Enforcement Using SDN
FlowTags: Enforcing Network-Wide Policies in the Presence of Dynamic Middlebox Actions

More information about the talks mailing list