| Middleboxes carry important data processing functions in data center networks,such as network protocol processing and network security functions.Most traditional middleboxes use specialized hardware.However,with the rapid change of applica-tion requirements and the expansion of the system scale,specialized hardware based system has the disadvantages of high costs and poor scalability.Software-defined mid-dleboxes tries to solve the problem of platform dependence and poor scalability caused by specialized hardware by decoupling the software and hardware.Network function virtualization(NFV)further realizes the design of software-defined middleboxes by utilizing IT virtualization technologies(virtual machines,containers,etc.)to transfer network functions from specialized hardware to general software running on commer-cial servers.However,as network bandwidth requirements increase to 25Gbps and 100Gbps,software-based NFV has two limitations,including low network throughput and highly variable network latency.This paper proposes to use FPGA as acceleration devices to address the perfor-mance issues of NFV.However,we have to address three challenges when designing FPGA-based accelerator,including programmability,code versatility,and system scal-ability.Conventionally,FPGA are programmed with Verilog/VHDL hardware descrip-tion languages(HDLs).They have two disadvantages:1)They are difficult to learn for the software developers;2)The low level abstraction of HDLs results in poor code versatility.Finally,it is challenging to design a distributed system using FPGA.This paper presents OpenFunction,an FPGA-based,scalable,high-performance software-defined middleboxes system.OpenFunction addresses the above challenges in three steps.First,we propose the OpenFunction language as data plane abstraction,reducing the difficulties in programming middlebox applications.Second,we design a centralized controller to achieve unified control of middleboxes.Third,OpenFunction provides a tool chain to help simplify the implementation of middlebox applications.Finally,we design a service chain scheduling algorithm for FPGA resources to achieve load balance of the system,which supports both offline scheduling and online schedul-ing.Our prototype middlebox applications(NAT,TCP/IP checksum,IPsec,etc.)show that they can achieve low latency(<1us)and 10 Gbps line rate at any packet size on the platform of NetFPGA-SUME and commercial servers. |
PDF Full Text Request