MiddleNet: A Unified, High-Performance NFV and Middlebox Framework with eBPF and DPDK

Shixiong Qi, Ziteng Zeng, Leslie Monis, K. K. Ramakrishnan

Research output: Contribution to journalArticlepeer-review

6 Scopus citations

Abstract

Traditional network resident functions (e.g., firewalls, network address translation) and middleboxes (caches, load balancers) have moved from purpose-built appliances to software-based components. However, L2/L3 network functions (NFs) are being implemented on Network Function Virtualization (NFV) platforms that extensively exploit kernel-bypass technology. They often use DPDK for zero-copy delivery and high performance. On the other hand, L4/L7 middleboxes, which have a greater emphasis on functionality, take advantage of a full-fledged kernel-based system. L2/L3 NFs and L4/L7 middleboxes continue to be handled by distinct platforms on different nodes. This paper proposes MiddleNet that develops a unified network resident function framework that supports L2/L3 NFs and L4/L7 middleboxes. MiddleNet supports function chains that are essential in both NFV and middlebox environments. MiddleNet uses the Data Plane Development Kit (DPDK) library for zero-copy packet delivery without interrupt-based processing, to enable the 'bump-in-the-wire' L2/L3 processing performance required of NFV. To support L4/L7 middlebox functionality, MiddleNet utilizes a consolidated, kernel-based protocol stack for processing, avoiding a dedicated protocol stack for each function. MiddleNet fully exploits the event-driven capabilities of the extended Berkeley Packet Filter (eBPF) and seamlessly integrates it with shared memory for high-performance communication in L4/L7 middlebox function chains. The overheads for MiddleNet in L4/L7 are strictly load-proportional, without needing the dedicated CPU cores of DPDK-based approaches. MiddleNet supports flow-dependent packet processing by leveraging Single Root I/O Virtualization (SR-IOV) to dynamically select the packet processing needed (Layers 2 - 7). Our experimental results show that MiddleNet achieves high performance in such a unified environment.

Original languageEnglish
Article number3256891
Pages (from-to)3950-3967
Number of pages18
JournalIEEE Transactions on Network and Service Management
Volume20
Issue number4
DOIs
StatePublished - Dec 1 2023

Bibliographical note

Publisher Copyright:
© 2004-2012 IEEE.

Keywords

  • DPDK
  • eBPF
  • Middleboxes
  • NFV
  • service function chains

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Fingerprint

Dive into the research topics of 'MiddleNet: A Unified, High-Performance NFV and Middlebox Framework with eBPF and DPDK'. Together they form a unique fingerprint.

Cite this