References of "Barbette, Tom"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailMetron: NFV Service Chains at the True Speed of the Underlying Hardware
Katsikas, Georgios P.; Barbette, Tom ULiege; Kostic, Dejan et al

in Proceedings of the 15th USENIX Symposium on Networked Systems Design and Implementation (2019)

In this paper we present Metron, a Network Functions Virtualization (NFV) platform that achieves high resource utilization by jointly exploiting the underlying network and commodity servers’ resources ... [more ▼]

In this paper we present Metron, a Network Functions Virtualization (NFV) platform that achieves high resource utilization by jointly exploiting the underlying network and commodity servers’ resources. This synergy allows Metron to: (i) offload part of the packet processing logic to the network, (ii) use smart tagging to setup and exploit the affinity of traffic classes, and (iii) use tag-based hardware dispatching to carry out the remaining packet processing at the speed of the servers’ fastest cache(s), with zero inter-core communication. Metron also introduces a novel resource allocation scheme that minimizes the resource allocation overhead for large-scale NFV deployments. With commodity hardware assistance, Metron deeply inspects traffic at 40 Gbps and realizes stateful network functions at the speed of a 100 GbE network card on a single server. Metron has 2.75-6.5x better efficiency than OpenBox, a state of the art NFV system, while ensuring key requirements such as elasticity, fine-grained load balancing, and flexible traffic steering. [less ▲]

Detailed reference viewed: 72 (10 ULiège)
Full Text
See detailArchitecture for programmable network infrastructure
Barbette, Tom ULiege

Doctoral thesis (2018)

Software networking promises a more flexible network infrastructure, poised to leverage the computational power available in datacenters. Virtual Net- work Functions (VNF) can now run on commodity ... [more ▼]

Software networking promises a more flexible network infrastructure, poised to leverage the computational power available in datacenters. Virtual Net- work Functions (VNF) can now run on commodity hardware in datacenters instead of using specialized equipment disposed along the network path. VNFs applications like stateful firewalls, carrier-grade NAT or deep packet inspection that are found “in-the-middle”, and therefore often categorized as middleboxes, are now software functions that can be migrated to reduce costs, consolidate the processing or scale easily. But if not carefully implemented, VNFs won’t achieve high-speed and will barely sustain rates of even small networks and therefore fail to fulfil their promise. As of today, out-of-the-box solutions are far from efficient and cannot handle high rates, especially when combined in a single host, as multiple case studies will show in this thesis. We start by reviewing the current obstacles to high-speed software net- working. We leverage current commodity hardware to achieve what seemed impossible to do in software not long ago and made software solutions be- lieved unworthy and untrusted by network operators. Our work paves the way for building a proper software framework for a programmable network infrastructure that can be used to quickly implement network functions. We built FastClick, a faster version of the Click Modular Router, that allows fast packet processing thanks to a careful integration of fast I/O frame- works and a deep study of interactions of their features. FastClick proposes a revised, easier to use execution model that hides multi-queueing and sim- plifies multithreading using a thread traversal analysis of the configuration. We propose tailored network-specific multi-threaded algorithms that enable parallel high-speed networking. We build a new retro-compatible batching implementation, and avoid system calls “left over” by previous work. We then build MiddleClick, an NFV dataplane built on top of FastClick. It combines VNFs along a service chain to use a common subsystem that implements shared features such as classification and session handling, but makes sure no feature is applied that isn’t absolutely needed by one of the VNFs. E.g., the classification is optimized to be minimal and only needs to be done once for all VNFs. E.g., if no VNF needs TCP reconstruction, that reconstruction won’t happen. We propose an algorithm to enable a per-session, per-VNF “scratchpad”. Only the minimal amount of state is declared and accessible in predictable locations using a per-VNF offset into the “scratchpad” for fast lookups across the chain. MiddleClick also offers new flow abstractions and ways to handle sessions that enable fast and easy development of new middlebox functions that can handle many flows in parallel. Cooperation, consolidation and using the hardware in an appropriate way may not always be enough. This thesis finally explores how to use classi- fication hardware such as smart NICs and SDN switches to accelerate the processing of the combined service chain, removing the need for software classification. While this work mostly relies on known high-level NFV dataplane principles and proposes a few new ones, it is one of the most low-level work in the field, leading to precise implementation considerations yielding very high performance results. Both FastClick and MiddleClick are available as Open Source projects and constitute an important contribution to the state of the art. Multiple leading edge use cases are built to show how the prototype can be used to build fast and efficient solutions quickly. [less ▲]

Detailed reference viewed: 394 (24 ULiège)
Full Text
See detailBuilding a chain of high-speed VNFs in no time
Barbette, Tom ULiege; Soldani, Cyril ULiege; Gaillard, Romain et al

in Proceedings of the 2018 IEEE 19th International Conference on High Performance Switching and Routing (2018, June 18)

To cope with the growing performance needs of appliances in datacenters or the network edge, current middlebox functionalities such as firewalls, NAT, DPI, content-aware optimizers or load-balancers are ... [more ▼]

To cope with the growing performance needs of appliances in datacenters or the network edge, current middlebox functionalities such as firewalls, NAT, DPI, content-aware optimizers or load-balancers are often implemented on multiple (perhaps virtual) machines. In this work, we design a system able to run a pipeline of VNFs with a high level of parallelism to handle many flows. We provide the user facilities to define the traffic class of interest for the VNF, a definition of session to group the packets such as the TCP 4-tuples, and the amount of space per sessions. The system will then synthesize the classification and build a unique, efficient flow table. We build an abstract view of flows and use it to implement support for seamless inspection and modification of the content of any flow (such as TCP or HTTP), automatically reflecting a consistent view, across layers, of flows modified on-the-fly. Our prototype gives rise to a user-space software NFV dataplane enabling easy implementation of middlebox functionalities, as well as the deployment of complex scenarios. Our prototype implementation is able to handle our testbed limit of ~ 34 Gbps of HTTP requests (for 8-KB files) through a service chain of multiples stateful VNFs, on a single Xeon core. [less ▲]

Detailed reference viewed: 45 (4 ULiège)
Full Text
Peer Reviewed
See detailA low-level dive into building a high-speed NFV dataplane for service chaining
Barbette, Tom ULiege; Soldani, Cyril ULiege; Gaillard, Romain et al

Poster (2018, April 24)

To cope with the growing performance needs of security appliances in datacenters or the network edge, current middlebox functionalities such as stateful firewalls, NATs, DPI, content-aware optimizers or ... [more ▼]

To cope with the growing performance needs of security appliances in datacenters or the network edge, current middlebox functionalities such as stateful firewalls, NATs, DPI, content-aware optimizers or load-balancers are self-contained software. They avoid OS services as those are not tailored for NFV and use most of the time RAW sockets, or specific I/O frameworks (DPDK, Netmap, ...) to receive raw packets. In this work, we present a system specifically designed to run a pipeline of VNFs. The system combines the classification and sessions needs of the VNFs. We build an abstract view of flows and use it to implement support for seamless inspection and modification of the content of any flows (such as TCP or HTTP), automatically reflecting a consistent view, across layers, of flows modified on-the-fly. This brings together the advantage of reusing software components with the performance provided by state-of-the-art high-speed NFV frameworks that force reimplementing protocol specifics in each application. We show unique considerations about factorizing session management and multi-protocol support for high-speed in-the-middle inspection and modification of flows. The system also offers automatic, session-aware parallelism to handle a large number of flows. [less ▲]

Detailed reference viewed: 170 (12 ULiège)
Full Text
See detailPlatform for programmable heterogeneous virtual middleboxes
Barbette, Tom ULiege

Speech/Talk (2016)

Detailed reference viewed: 30 (6 ULiège)
Full Text
Peer Reviewed
See detailFast Userspace Packet Processing
Barbette, Tom ULiege; Soldani, Cyril ULiege; Mathy, Laurent ULiege

in Proceedings of ANCS 2015 (2015, May 07)

In recent years, we have witnessed the emergence of high speed packet I/O frameworks, bringing unprecedented network performance to userspace. Using the Click modular router, we first review and ... [more ▼]

In recent years, we have witnessed the emergence of high speed packet I/O frameworks, bringing unprecedented network performance to userspace. Using the Click modular router, we first review and quantitatively compare several such packet I/O frameworks, showing their superiority to kernel-based forwarding. We then reconsider the issue of software packet processing, in the context of modern commodity hardware with hardware multi-queues, multi-core processors and non-uniform memory access. Through a combination of existing techniques and improvements of our own, we derive modern general principles for the design of software packet processors. Our implementation of a fast packet processor framework, integrating a faster Click with both Netmap and DPDK, exhibits up-to about 2.3x speed-up compared to other software implementations, when used as an IP router. [less ▲]

Detailed reference viewed: 2323 (66 ULiège)
Full Text
See detailImplémentation d'un Système de Contrôle Domotique
Barbette, Tom ULiege

Master's dissertation (2013)

This paper presents the realization, the context, and the prospects of an automa- tion control interface. The interface is flexible, capable of adapt to all energy and all types of meters. It has been ... [more ▼]

This paper presents the realization, the context, and the prospects of an automa- tion control interface. The interface is flexible, capable of adapt to all energy and all types of meters. It has been designed for easy use, guiding the user by steps in the configuration of the interface, while allowing a relatively precise definition of the energy envelope of the house. It also responds to performance issues, allowing it to be used on computers but also smartphones and tablets. By combining these characteristics, the interface differs from what is currently being done in this area. This work is also considering some research perspectives related to the interface, such as the use of information provided by the various smart devices in the house to compute approximated consumption data, rather than using real meters, which are often expensive. [less ▲]

Detailed reference viewed: 454 (27 ULiège)