Are you an EPFL student looking for a semester project?
Work with us on data science and visualisation projects, and deploy your project as an app on top of Graph Search.
Cloud providers typically implement abstractions for net- work virtualization on the server, within the operating sys- tem that hosts the tenant virtual machines or containers. Despite being flexible and convenient, this approach has funda- mental problems: incompatibility with bare-metal support, unnecessary performance overhead, and susceptibility to hypervisor breakouts. To solve these, we propose to offload the implementation of network-virtualization abstractions to the top-of-rack switch (ToR). To show that this is feasible and beneficial, we present VNToR, a ToR that takes over the implementation of the security-group abstraction. Our prototype combines commodity switching hardware with a custom software stack and is integrated in OpenStack Neutron. We show that VNToR can store tens of thousands of access rules, adapts to traffic-pattern changes in less than a millisecond, and significantly outperforms the state of the art.
Anastasia Ailamaki, Angelos Christos Anadiotis, Raja Appuswamy, Hillel Avni
, , , ,
Yves Perriard, Alexis Boegli, Pooneh Mohaghegh, Rabia Saeed