P4SC: A High Performance and Flexible Framework for Service Function Chain

Dong Zhang,Chunming Wu,Yi Yang,Haifeng Zhou,Xiang Chen,Yuxin Chen,Xiaoyan Hong,Qun Huang,Hongyan Liu

doi:10.1109/access.2019.2950446

Abstract

Network function virtualization allows network functions to be implemented and managed flexibly as a service function chain (SFC) in the data plane to process flows. However, software-based SFCs lead to poor performance compared to proprietary middleboxes. Moreover, existing solutions tackling performance issues suffer from the development complexity incurred by hardware details. To address these problems, we leverage both the high performance of P4-capable devices and the high flexibility of P4 language. In this paper, we present a P4 Service Chaining framework (P4SC), which tackles multiple challenges for P4 to support the SFC implementation. P4SC provides a suite of primitives allowing efficient SFC expression, and a converter and a generator converting input SFC requests to the corresponding P4 program. Here, an algorithm based on longest common subsequence (LCS) is used to allow simultaneously implementing multiple SFCs. Moreover, P4SC offers a runtime manager for flexible SFC management at runtime. It also provides an automatic integration mechanism to integrate P4-based NFs into P4SC. We implement a P4SC prototype, which supports three types of P4-capable devices. The experimental results show that P4SC outperforms state of the arts with orders-of-magnitude SFC performance improvement while maintains high flexibility.

Highlights

Network functions (NFs), e.g., network address translator (NAT) and intrusion detection system (IDS), are traditionally deployed as proprietary hardware middleboxes
Compared to the methods of using naive P4 language and DPDK, P4 Service Chaining framework (P4SC) reduces the required lines of code (LoC) to develop service function chain (SFC) by two orders of magnitude. (Section V-B)
SUPPORT FOR NETWORK SERVICE HEADER In this experiment, we demonstrate that P4SC outperforms another network function virtualization (NFV) framework, Berkeley extensible software switch (BESS) [28], by providing highperformance SFC implementation for network service header (NSH) [29]

Summary

Introduction

Network functions (NFs), e.g., network address translator (NAT) and intrusion detection system (IDS), are traditionally deployed as proprietary hardware middleboxes Such middleboxes incur high financial cost and lack of flexibility for network management [1]. NFV often realizes a particular sequence of NFs, commonly referred as a service function chain (SFC) [3], with virtualization and container techniques.

Methods

Results

Conclusion