Software Switch Research Articles

The Influence of Price, Product Quality, and Content Marketing, on Purchasing Decisions in Tiktok Shop E-Commerce (Case Study on Wiraraja University Students, Sumenep)

TikTok launched the TikTok Shop feature so that it can continue its mission to make its users happy by making shopping easy without the need to switch software. This research aims to determine the contribution of price, product quality and content marketing to purchasing decisions at the TikTok Shop (case study of Wiraraja University students. To answer this problem, the type of research used is a quantitative method with 80 respondents taken, sampling technique using purposive sampling by distributing questionnaires. The data analysis techniques used are descriptive statistical tests, research instrument tests (validity and reliability tests), classical assumption tests (normality, heteroscedasticity, multicollinearity and linearity tests), multiple linear regression equation tests and hypothesis tests (t test). , F test, coefficient of determination). The results of this research show that product quality and content marketing influence purchasing decisions at TikTok Shop according to the t test which states that partially product quality and marketing content have a significant influence on purchasing decisions, while price partially has no influence on purchasing decisions.

SP-DG: A programmable packet-level scheduling for queuing delay guarantees in time-critical networks

Time-critical applications, such as remote surgery, virtual reality, and automatic driving, impose stringent requirements for minimizing delay and jitter. The queuing delay at forwarding nodes significantly affects application traffic. To tackle this challenge, Time-Sensitive Networking (TSN) techniques have been proposed to ensure deterministic queuing delay. However, existing deterministic solutions, including the Time-Aware Shaper (TAS) and the Cyclic Queuing and Forwarding (CQF) model, encounter limitations due to their reliance on precise synchronization and dedicated forwarding plane devices. In this paper, we present a novel solution: the Strict Priority queuing model with a queuing Delay Guarantees (SP-DG), specifically designed for programmable forwarding planes. This model introduces an upper bound on the queuing delay for packets at each switch, effectively characterizing their distinct queuing delay requirements. By utilizing exponential smoothing to predict traffic intensity, packets are intelligently scheduled to appropriate queues based on their upper-bound queuing delay requirements. Our Netbench simulation and P4 software switch experiments demonstrate that the proposed SP-DG algorithm, compared to the state-of-the-art SP-based queue scheduling algorithms, achieves superior performance in delay-bounded queue scheduling.

Slideflow: deep learning for digital histopathology with real-time whole-slide visualization

Deep learning methods have emerged as powerful tools for analyzing histopathological images, but current methods are often specialized for specific domains and software environments, and few open-source options exist for deploying models in an interactive interface. Experimenting with different deep learning approaches typically requires switching software libraries and reprocessing data, reducing the feasibility and practicality of experimenting with new architectures. We developed a flexible deep learning library for histopathology called Slideflow, a package which supports a broad array of deep learning methods for digital pathology and includes a fast whole-slide interface for deploying trained models. Slideflow includes unique tools for whole-slide image data processing, efficient stain normalization and augmentation, weakly-supervised whole-slide classification, uncertainty quantification, feature generation, feature space analysis, and explainability. Whole-slide image processing is highly optimized, enabling whole-slide tile extraction at 40x magnification in 2.5 s per slide. The framework-agnostic data processing pipeline enables rapid experimentation with new methods built with either Tensorflow or PyTorch, and the graphical user interface supports real-time visualization of slides, predictions, heatmaps, and feature space characteristics on a variety of hardware devices, including ARM-based devices such as the Raspberry Pi.

Finding recently persistent flows in high-speed packet streams based on cuckoo filter

In high-speed networks, flow-level traffic measurement is an essential tool to understand how network bandwidth is consumed and support the detection of anomalous traffic. While many prior work focuses on tracking the frequent flows (a.k.a. heavy hitters), in this paper, we put more focus on tracking the persistent flows, which jointly consider the frequency, duration and regularity of the packet arrival events of a flow. Although this more generalized metric called persistence has been defined before, it is still unknown how to use limited memory on data plane to monitor the top-k persistent flows in a recent time interval. In this paper, we propose an algorithm named PFD-DW built upon cuckoo filter (an improved version of hash table with better memory efficiency), to monitor the top-k persistent flows under the time-decaying window. It can be regarded as a variant of cuckoo filter, which transforms each bucket into a bucket-level min-heap. Its advantage is that, when the table is full and a packet of a new flow arrives, it can select the least persistent flow along the cuckoo kicking path as the victim of flow replacement. We deliberately avoid the scanning of the entire table to keep the high time efficiency. Based on real-world network traffic traces, we evaluate the performance of our DAKP-CF, a degraded version of PFD-DW that only considers each flow’s packet arrival frequency. The results show that it outperforms the existing algorithms for the top-k frequent flow identification task. It provides nearly 98% identification accuracy with roughly 50% less memory cost. We also evaluate our PFD-DW algorithm for the more generalized task of identifying the recently persistent flows. It provides 93% identification rate of top-3000 persistent flows using only 576KB memory, while attaining 1.5% persistence estimation error. Its memory cost is reduced by 97% than another proposed solution PFD-SW under sliding time window. We have also developed a prototype of PFD-DW, based on the Fd.io VPP software switch accelerated by Intel DPDK.

Dapper: Deploying Service Function Chains in the Programmable Data Plane Via Deep Reinforcement Learning

Network functions perform specific packet processing on network traffic. To meet operators' needs, forming service function chains (SFCs) is a fundamental technique used in today's ISPs and datacenter networks. Implementing SFCs in the programmable data plane with high throughput and low latency is a new approach to satisfy demands of ever-growing network traffic. Previous works have proposed different solutions to solve the problem, but they all inevitably have to make trade-offs between running time and performance. For example, an ILP (Integer Linear Programming) can optimize cost but suffers from long running time in large-scale network topologies. Heuristic algorithms depend strongly on manual designs and usually have a performance gap with the optimal solution. In this paper, we propose <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Dapper</i> , a framework for deploying SFCs in the programmable data plane using DRL (Deep Reinforcement Learning) with graph convolutional network. In order to expand the searching space to prevent the optimal value from being missed, <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Dapper</i> allows the RL (Reinforcement Learning) agent to simultaneously extract features from both the substrate network and the hardware pipeline, and exploit a graph convolutional network to enhance performance. Moreover, a mask mechanism is also designed to accelerate <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Dapper</i> and improve its scalability. <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Dapper</i> has been implemented and extensively evaluated on both P4 hardware switches (equipped with Intel Tofino ASIC) and software switches (i.e., bmv2). Experimental results show that <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Dapper</i> can automatically generate deployment solutions in a few seconds of running time after training. They also demonstrate that <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Dapper</i> reduces hardware stage usage and the latency of SFCs by up to 17.8% and 50 <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$\sim$</tex-math></inline-formula> 73% respectively on average when compared with heuristics.

Compiling Service Function Chains via Fine-Grained Composition in the Programmable Data Plane

Service function chains (SFCs) are fundamental services in today's datacenters and ISP networks. Explosive volume of network traffic creates high demands for low latency and high performance. The emergence of programmable data planes has offered a new way to overcome the problem. However, limited by pipeline constraints in hardware architecture, implementing multiple network functions on programmable data planes is challenging. Besides, considering various types of network functions, e.g., stateful network functions, a general model is essential for abstracting distinct network functions. In this article, we propose <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">pSFC</i> which provides a fine-grained SFCs deployment scheme in programmable data planes. Control flow graph (CFG) is proposed to abstract and analyze various network functions. Then we model pipeline constraints in the hardware architecture using an ILP (Integer Linear Programming), and model the SFCs deployment in the substrate network as a one big switch (OBS) problem. To reduce deployment cost, <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">pSFC</i> first composes multiple SFCs to a compound CFG for eliminating redundant logics within SFCs, further decomposes the compound CFG based on the resource limitation per stage, and finally maps the OBS into the substrate network. We have implemented <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">pSFC</i> in both bmv2 software switch and P4 hardware switch (i.e., Intel Tofino ASIC). Evaluation results show that <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">pSFC</i> reduces switch costs by 45.7% and decreases average latency by 22% without compromising throughput.

P4 and NetFPGA-Based Secure In-Network Computing Architecture for AI-Enabled Industrial Internet of Things

This article proposes a secure in-network computing system based on a simple reduced instruction set architecture, which can be used for processing artificial intelligence and machine learning models in network devices, in an AI-based Industrial Internet of Things (IoT) system. The architecture exploits the capabilities of upcoming generations of packet processing pipelines in programmable network switches. This instruction set enables processing of data at multiple terabits-per-second, which is beyond the processing power of current servers. Instructions for regular expressions, basic arithmetic, and logical operations are defined as a proof of concept. A packet containing both instruction and data blocks is presented as an input to the pipeline by bundling both the function and its arguments into the packet. The primary challenge in opening up network switches for executing a user-defined code is security. In this context, this article presents a secure execution model (SEM), which provides additional levels of security by deliberately disallowing memory allocation and modifications to persistent state of the network switch. Furthermore, real-life use cases are presented in this article to demonstrate the utility of the proposed instruction set architecture, as also applicable to IoT data processing. This instruction set is implemented in the programming protocol-independent packet processors language, verified on a mininet-based software switch and demonstrated on Xilinx NetFPGA SUME boards. The performance results show line rate packet processing with zero packet loss, at 10 Gb/s, and average packet latency of 3.66 <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">${\mu }\text{s}$ </tex-math></inline-formula> .

Switching Software Pays Dividends

Devon-based toolmaker Tooltech reaps rewards of investing in new CAM software; and Tennant Company brings automated tooling process to light with software switch; plus, products in brief

Модели компьютерных атак на программно-конфигурируемые сети

SDN technology in the near future will allow to introduce aspects of the openness of the code of the network component of the cloud infrastructure, which is considered the most favorable basis for the development and implementation of a wide range of applications. It is based on the implementation of network devices and their functions not in separate network equipment, but on any network host using the OpenvSwitch software switch. This approach allows you to use almost any computing device in the network as a switch/router. At the same time, the use of new technologies entails the emergence of new destabilizing factors on them, in which cyber attacks occupy a special place. Possible results of cyberattacks on SDN are blocking of the SDN controller, Open Flow control and monitoring channel, introduction of false information about the SDN network user receiving network services, violation of established regulations for collecting, processing and transmitting information to SDN, failures and failures in SDN operation, as well as compromise of transmitted or received information. The purpose of the work is to apply an integrated approach to the study of new approaches to building data transmission networks in the conditions of computer attacks, obtaining probabilistic and temporal characteristics of computer attacks characteristic of software-configurable networks, which in turn makes it possible to determine the most dangerous computer attacks, the elements subject to them, as well as to set requirements for a system that provides protection against the most likely impacts. Methods used: the method of topological transformation of stochastic networks used in modeling allows us to obtain parameters with a given completeness and reliability. The difference is no more 5% between the values obtained in the simulation and analytical models confirm their adequacy. The implementation of a large number of real devices in the simulation model, as well as the use of several means of collecting network statistics, allows achieving the required completeness of modeling. Significant detailing of the stages of computer attacks in the method of topological transformation of stochastic networks contributes to obtaining computational expressions that accurately describe the probabilistic-temporal characteristics of the system. The scientific novelty of the results obtained is determined by the use of the method of topological transformation of stochastic networks (TPSS) for analytical modeling of cyberattacks on SDN. Result: the presented model allows us to obtain probabilistic and temporal characteristics of computer attacks characteristic of a software-configurable network. The basis of the proposed model is a simulation model, the main purpose of which is the most accurate reproduction of the processes of a real system. The obtained values of the probabilistic-temporal characteristics of computer attacks allow us to accurately determine the most dangerous types of them, as well as the most likely places of manifestation. Practical significance: the presented method is universal and can be applied in the state system for detecting, preventing and eliminating the consequences of computer attacks when solving tasks related to ensuring public safety.

Latency control in service chaining using P4-based data plane programmability

Service chaining is becoming one of the most considered service deployment frameworks in the context of Network Function Virtualization (NFV) in edge and data center environments, conveniently supported by automatic connectivity configurations offered by Software Defined Networking (SDN). Current research on the topic is focusing on how to guarantee Quality of Service (QoS) in terms of guaranteed end-to-end latency for time critical services. Indeed, latency issues may depend on intra-server virtualization inefficiencies, leading to Virtual Network Function (VNF) delivery delays, or by congestion events occurring at intermediate network elements connecting VNFs. Latency control requires stateful information such as flow delay measurements at a per-packet level, typically not available at traditional SDN switches or inside the VNF. This paper proposes the adoption of SDN data plane programmability exploiting the P4 language and presents two P4 pipeline solutions, suitable for both intra-rack and inter-rack service chain deployments, to automatically check the path latency experienced by selected high priority flows, also resorting to the recent in-band telemetry applications. The programmable pipelines enforce proactive in-network functions, such as priority change or drop actions, in order to guarantee a bound SFC segment latency delivery, including both the network and the segment VNFs. The proposed solutions are implemented and evaluated in a network testbed employing programmable software switches showing their effectiveness in guaranteeing the configured end-to-end latency, and the limited effort in terms of additional processing at the P4 switch. The evaluation is carried out using the reference P4 software switch, i.e., BMv2. The aim is to validate the full P4 capabilities and the code feasibility in terms of scalability, load and resource impact and added intra-switch latency. The experimental results show the proposed approach scales with the number of forwarded flows and achieves per-segment latency control enforcement in both congested and non-congested scenarios with a very limited impact on the switch extra-latency, exploiting finer per-packet tuning of drop and priority change simply applicable through flow entry configuration. Applicability analysis on hardware switches guaranteeing line rate performance are provided.

MultiSec: A Multi-Protocol Security Forwarding Mechanism Based on Programmable Data Plane

With the development of network technology, various network protocols different from TCP/IP have emerged. The heterogeneous integrated network has been proposed to realize the interconnection between heterogeneous networks running different protocols. However, current protocol conversion mechanisms often can only handle a few pre-defined protocols and do not support the flexible expansion of new protocols, which cannot meet the needs of the efficient convergence of different heterogeneous networks. Addirionally, due to the lack of security mechanisms, data in the core network is confronted with the risk of stealing and tampering. Our aim is to provide a protocol-extensible protocol conversion and secure transmission integration mechanism, MultiSec, for heterogeneous converged networks. First, based on the programmable data plane, the parser is reconfigured to realize multi-protocol parsing. Furthermore, the encryption mechanism implemented in the P4 extern is proposed and unified to the data plane together with the protocol conversion mechanism. Finally, the MultiSec prototype is implemented on a programmable software switch and accelerated by a dedicated encryption card. Experiments show that MultiSec successfully realizes multi-protocol conversion and data encryption, and the system performance is significantly improved with the help of an encryption card.

IeHDDP: An Integrated Solution for Topology Discovery and Automatic In-Band Control Channel Establishment for Hybrid SDN Environments

In-Band enhanced Hybrid Domain Discovery Protocol (ieHDDP) is a novel integral approach for hybrid Software-Defined Networking (SDN) environments that simultaneously provides a topology discovery service and an autonomous control channel configuration in the band. This contribution is particularly relevant since, to the best of our knowledge, it is the first all-in-one proposal for SDN capable of collecting the entire topology information (type of devices, links, etc.) and establishing in-band control channels at once in hybrid SDN environments (composed by SDN/no-SDN, wired/wireless devices), even with isolated SDN devices. ieHDDP facilitates the integration of heterogeneous networks, for example, in 5G/6G scenarios, and the deployment of SDN devices by using a simple exploration mechanism to gather all the required topological information and learn the necessary routes between the control and data planes at the same time. ieHDDP has been implemented in a well-known SDN software switch and evaluated in a comprehensive set of randomized topologies, acknowledging that ieHDDP is scalable in representative scenarios.

Study on Emerging Applications on Data Plane and Optimization Possibilities

By programming both the data plane and the control plane, network operators can adapt their networks to their needs. Thanks to research over the past decade, this concept has more formulized and more technologically feasible. However, since control plane programmability came first, it has already been successfully implemented in the real network and is beginning to pay off. Today, the data plane programmability is evolving very rapidly to reach this level, attracting the attention of researchers and developers: Designing data plane languages, application development on it, formulizing software switches and architecture that can run data plane codes and the applications, increasing performance of software switch, and so on. As the control plane and data plane become more open, many new innovations and technologies are emerging, but some experts warn that consumers may be confused as to which of the many technologies to choose. This is a testament to how much innovation is emerging in the network. This paper outlines some emerging applications on the data plane and offers opportunities for further improvement and optimization. Our observations show that most of the implementations are done in a test environment and have not been tested well enough in terms of performance, but there are many interesting works, for example, previous control plane solutions are being implemented in the data plane.

COMPARATIVE EVALUATION OF PUASSON'S AND SELF-SIMILAR TRAFFIC OF TELECOMMUNICATIONS NETWORKS

The question of estimation and choice of a way of management of a telecommunication network in the conditions of considerable loading for various structures of traffic is considered. The requirements to the characteristics of the software switch for the simplest and self-similar input streams are analyzed and formulated. The expediency of increasing the number of independent parallel channels of the software switch with the organization of the general queue to several input ports is caused.&#x0D; The concept of the network management system is proposed, which consists in the use of a two-level model of the autonomous segment with a four-level model of the network as a whole. It is shown that the transition from centralized management to management of autonomous segments allows to increase the reliability of management systems and reduce the amount of service traffic.

Batch-scheduling Data Flow Graphs with Service-level Objectives on Multicore Systems

Data flow graphs are a popular program representation in machine learning, big data analytics, signal processing, and, increasingly, networking, where graph nodes correspond to processing primitives and graph edges describe control flow. To improve CPU cache locality and exploit data-level parallelism, nodes usually process data in batches. Batchy is a scheduler for data flow graph based packet processing engines, which uses controlled queuing to reconstruct fragmented batches inside a data flow graph in accordance with strict Service-Level Objectives (SLOs). Earlier work showed that Batchy yields up to 10x performance improvement in real-life use cases, thanks to maximally exploiting batch processing gains. Batchy, however, is fundamentally restricted to single-threaded execution. In this paper, we generalize Batchy to parallel execution on multiple CPU cores. We extend the analytical model to the parallel setting and present a primal decomposition framework, where each core runs an unmodified Batchy controller to schedule batch-processing on a subset of the data flow graph, orchestrated by a master controller that distributes the delay-SLOs across the cores using subgradient search. Evaluations on a real software switch provide experimental evidence that our decomposition framework produces 2.5x performance improvement while accurately satisfying delay SLOs that are otherwise not feasible with single-core Batchy.

Dynamic Cluster-Based Flow Management for Software Defined Networks

Software-defined network (SDN) allows traffic engineering and flow management by decoupling the control and data planes. SDN has attracted a lot of attention recently because of its centralized control, flow programmability and flexible resource management. However, to support centralized control, flow programmability and flexible resource management, most of the advanced SDN designs require per-flow management, which would easily make the flow table of a software switch overflow and incur undesired processing overhead when a network scales up. To overcome such huge traffic demands, we propose a <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">cluster-based macro-flow management</i> framework to balance the trade-off between customized services and management costs. The key idea of our design is to group similar flows into a cluster and replace per-flow management with per-cluster management. To achieve this goal, we cluster flows with consideration of the similarity of their traffic patterns. To adapt to varying traffic load, we further propose a hierarchical cluster merging scheme to dynamically merge clusters and make the best tradeoff between flow entry saving and routing performance guarantee. Our evaluation demonstrates that the proposed cluster-based flow management framework can significantly reduce the flow table usage, while producing minimum negative impact on routing performance.

PHeavy: Predicting Heavy Flows in the Programmable Data Plane

Since heavy flows account for a significant fraction of network traffic, being able to predict heavy flows has benefited many network management applications for mitigating link congestion, scheduling of network capacity, exposing network attacks and so on. Existing machine learning based predictors are largely implemented on the control plane of Software Defined Networking (SDN) paradigm. As a result, frequent communication between the control and data planes can cause unnecessary overhead and additional delay in decision making. In this paper, we present <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">pHeavy</i> , a machine learning based scheme for predicting heavy flows directly on the programmable data plane, thus eliminating network overhead and latency to SDN controller. Considering the scarce memory and limited computation capability in the programmable data plane, <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">pHeavy</i> includes a packet processing pipeline which deploys pre-trained decision tree models for in-network prediction. We have implemented <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">pHeavy</i> in both bmv2 software switch and P4 hardware switch (i.e., Barefoot Tofino). Evaluation results demonstrate that <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">pHeavy</i> has achieved 85% and 98% accuracy after receiving the first 5 and 20 packets of a flow respectively, while being able to reduce the size of decision tree by 5.4x on average. More importantly, <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">pHeavy</i> can predict heavy flows at line rate on the P4 hardware switch.

Softwarized IP Multicast in the Cloud

In this article, we revisit the problem of how to provide &#x201C;native&#x201D; IP multicast support to enterprise distributed applications in today&#x0027;s clouds, without touching either the application implementation or the underlying network hardware. We propose SDM, Software-Defined IP Multicast, to explore the idea of performing Multicast-to-Unicast (M2U) and Unicast-to-Multicast (U2M) translations at the virtualized network edge. At the data plane, with novel architecture designs, SDM achieves efficient M2U and U2M translations by only using Open vSwitch (OVS), an OpenFlow-compatible open-source software switch widely deployed in modern clouds. At the control plane, SDM dynamically adopts multicast trees respecting the join and leave of receivers with flexible cost-based algorithms. SDM is very easy to deploy and use, as its required features are already supported by off-the-shelf OVS software (version 2 2.3) and the OpenFlow protocol (version 2 1.1). Performance evaluations of its control-plane algorithms also imply that SDM is flexible to construct through-put and latency/height optimized multicast trees respecting task requirements.

NETWORK INTERACTION IN VIRTUALIZED ENVIRONMENTS AND FEATURES OF VIRTUAL STAND DEVELOPMENT

This article describes a virtual bench developed by the authors for studying network interaction in virtualization and containerization environments. The functional diagrams of the two modules of the stand are presented, as well as the exact characteristics of the software and hardware used in the work. The study of network interaction is carried out in a certain complex of proprietary and free software, which distinguishes it from previous studies. To build a virtual stand, the VMWare system was used, with the help of which 2 stand modules were created. The hypothesis of the research is that installed DPDK libraries on hosts and VMs and containers, as well as configuring OvS will increase network performance, which includes bandwidth and latency parameters. Network research is carried out in two modes of operation using the software switch Open vSwitch and DPDK libraries. The results of the study and the authors recommendations are given at the end of the work. Also, the key features of configuring virtual machines, containers and software switch, which are the main objects of research, were described. Further research on the topic involves defining a set of best practices for configuring all components of the network infrastructure (including the number of numa nodes, cpu pinning topology and the amount of huge pages), and making recommendations for choosing the main parameters of VMs and containers.

Diagnostic and troubleshooting of OpenFlow‐enabled switches using kernel and userspace traces

SummaryAlthough software‐defined networking (SDN) provides a flexible way to provision and control networks, it also makes network debugging and troubleshooting more complex. In SDN, the network is fully managed by software programs that increase flexibility and sophistication but are prone to bugs. Pinpointing those bugs is challenging because they can occur at multiple locations, such as the forwarding plane, the controller OS, and the network services running on top of the controller. Compared to functional bugs, performance bugs are particularly irritating due to their non‐failure semantics. They can lead to performance loss (reduced throughput, increased latency, and wasted resources) while maintaining the network connectivity. The literature reports several tools and techniques to diagnose SDN bugs, but, unfortunately, they are mostly ineffective against performance bugs. In this paper, we propose a novel monitoring and diagnostic framework capable of diagnosing performance bugs in the SDN data plane. The proposed tool works within Open vSwitch (OVS), a popular software switch, albeit it can easily be adapted to any OpenFlow switch. Tracing techniques are used to collect low‐level performance data from monitored switches. Our tool derives adapted performance metrics from kernel and userspace traces, and then displays them in time‐synchronized graphical views. These views provide valuable insights into OVS operation. They also enable practitioners to discover performance‐related issues and analyze their root causes. A few use cases are presented to demonstrate the efficiency of our tool in optimizing OVS performance and diagnosing its performance bugs.