1 / 15

The Middlebox Manifesto: Enabling Innovation in Middlebox Deployment

The Middlebox Manifesto: Enabling Innovation in Middlebox Deployment. Sylvia Ratnasamy. Michael Reiter. Norbert Egi Guangyu Shi. Vyas Sekar. Growing literature on network innovation. Build programmable elements using commodity hardware. C entralized management

gwyn
Télécharger la présentation

The Middlebox Manifesto: Enabling Innovation in Middlebox Deployment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Middlebox Manifesto:Enabling Innovation in Middlebox Deployment Sylvia Ratnasamy Michael Reiter Norbert EgiGuangyu Shi Vyas Sekar

  2. Growing literature on network innovation Build programmable elements using commodity hardware Centralized management with open interfaces e.g., 4D, NOX/OpenFlow, RCP e.g., PacketShader, RouterBricks, ServerSwitch, SwitchBlade

  3. Most innovation today: Middleboxes! Data from a large enterprise: >80K users across tens of sites Just network security ~ 6 billion $ (2010)  10 billion $ (2016)

  4. Middleboxes are valuable, but have many painpoints 1. Device Sprawl, High CapEx 2. High OpEx e.g., separate management teams need manual tuning 3. Inflexible, difficult to extend  need for new boxes! ? “consumerization”

  5. The Middlebox Manifesto • Most network innovation occurs via middleboxes • Not by changes to routers or switches • Suffer similar, and maybe more, pain points • Significant capital and operating expenses • Narrow, closed management interfaces • Difficult to extend • Surprisingly MIA in the innovation discussion

  6. The Middlebox Manifesto • Most network innovation occurs via middleboxes • Not via routers or switches • Suffer almost same, if not more, pain points • Too many of them • Narrow, closed interfaces & difficult to extend • Significant capital and operating expenses • Surprisingly MIA in the innovation discussion How to build? How to manage?

  7. Our vision: Enabling innovation in middlebox deployments 3. Logically centralized open management APIs Network-Wide Management Direct control, expressive 1. Software-centric implementations 2.Consolidated physical platform Easy to deploy, extend Reduce sprawl

  8. Our vision: Enabling innovation in middlebox deployments 3. Logically centralized open management APIs Network-Wide Management Direct control, expressive In a general context, ideas aren’t especially new! But, middleboxes raise new opportunities and challenges 1. Software-centric implementations 2.Consolidated physical platform Easy to deploy, extend Reduce sprawl

  9. New Efficiency Opportunities • “Software-centric”, “extensible” sounds nice .. • But, usually very resource inefficient • Compared to “specialized” solutions • New efficiency avenues, at least for middleboxes • Multiplexing • Reuse • Spatial distribution

  10. Opportunity 1: Multiplexing Benefits Multiplexing benefit = 1 - Peak_Sum / Sum_Peak = 28%

  11. Opportunity 2: Reusing Modules VPN Web Mail IDS Proxy Firewall Protocol Parsers Session Management How much traffic overlap? > 60 % Contribution of reusable modules? 18 – 54 %

  12. New Challenges Heterogeneity Complex processing Policy constraints Network-wide Management Extensible functions Standalone functions Protocol Session

  13. Challenges in Management Policy dependencies? e.g. IDS < Proxy Is it tractable? e.g., reuse What is a minimal interface? Network-wide Management Extensible functions Standalone functions Protocol Session

  14. Challenges in Single-box Design Performance, Isolation? Primitives? Extensible functions Standalone functions Protocol Session Accelerators?

  15. Conclusions • Most network innovation occurs via middleboxes • Little presence in the innovation discussion! • Our vision: • Software-based, consolidated • Logically unified, open managementAPIs • New opportunities • Multiplexing, reuse, and spatial distribution • Practical challenges: Management + Platform

More Related