Network Functions Virtualization (NFV) promises programmability and cost savings by replacing hardware middleboxes with more flexible Virtual Network Functions (VNFs) on commodity servers. But, the current virtualization technologies do not fully isolate the system resources like Last Level Cache (LLC) and Memory Bandwidth (MB); therefore, co-location of VNFs on the same commodity server causes interference effects which might severely impact the performance of VNFs in terms of throughput, latency, etc. Contention at LLC is one of the root causes of this performance degradation and it is addressed by LLC resource partitioning. But, it remains unexplored the impact of both LLC and MB on VNF performance. In this work, we investigate the importance of MB partitioning along with LLC partitioning to achieve performance isolation in NFV-based systems. Allocating these system resources among co-located VNFs to meet Service Level Agreements (SLAs) is challenging due to the dynamic nature of traffic and varying functionality of VNFs. In this work, we formulate the resource allocation problem as an Integer Linear Programming (ILP) for maximizing the number of accepted VNF requests with SLA guarantees. Since the problem is NP-hard, we present a polynomial time -approximation scheme. Further, we propose a heuristic approach named NFVPermit, a resource manager for NFV-based systems that tries to ensure performance isolation among co-located VNFs based on their current traffic rates and SLA requirements. Through extensive experiments, we show how NFVPermit outperforms state-of-the-art and baseline approaches.
Read full abstract