Enabling low‐latency service function chains by merging duplicate match operations

Abstract

Service function chains (SFCs) built by network functions (NFs) are usually required to be low-latency, especially in some tight latency scenarios such as Distributed Denial of Service (DDoS) defense. However, different NFs in SFCs are likely to perform identical operations of matching specific packet header fields (e.g., source IP address). Such a processing redundancy inevitably increases the overall end-to-end processing latency of SFCs, which in turn affects network management applications in their decision-making process of handling short-lived network events (e.g., microbursts). To address this problem, in this paper, we propose a novel NFV framework, DMO, that aims to eliminate those identical and redundant match operations among different NFs in input SFCs while maintaining the original SFC semantics of packet processing. To achieve this goal, our design proposes a semantic-preserving mechanism that merges duplicate match operations between different NFs and also preserves original SFC semantics. Also, to avoid potential conflicts among NF rules at runtime, DMO further offers another mechanism that resolves unnecessary conflicts among different NF rules by assigning reasonable priorities to these rules. We have implemented a prototype of DMO. Our experiments indicate that DMO achieves 26.7%–67.3% latency reduction for real-world SFCs.