fault tolerant service function chaining
play

Fault Tolerant Service Function Chaining M. GHAZNAVI, E. JALALPOUR, - PowerPoint PPT Presentation

Sep 24, 2022 •151 likes •408 views

Fault Tolerant Service Function Chaining M. GHAZNAVI, E. JALALPOUR, B. WONG, R. BOUTABA, A. MASHTIZADEH UN UNIV IVERSITY ITY OF F WATE TERLOO Middleboxes and Service Function Chains Firewall IDS NAT Internet 1 Middlebox Failures 100

  1. Fault Tolerant Service Function Chaining M. GHAZNAVI, E. JALALPOUR, B. WONG, R. BOUTABA, A. MASHTIZADEH UN UNIV IVERSITY ITY OF F WATE TERLOO

  2. Middleboxes and Service Function Chains Firewall IDS NAT Internet 1

  3. Middlebox Failures 100 Percent Contribution 81 High Severity Incidents 75 Population 50 43 36 25 20 11 3 2 1 0 L2 Switches L3 Routers Middleboxes Others Demystifying the dark side of the middle: A field study of middlebox failures in datacenters IMC 2013 2

  4. Middlebox Fault Tolerance Alice ✕ NAT Internet Bob NAT 3

  5. Consistent State Replication Alice Bob ⬄ Bing Alice ⬄ Apple NAT Internet Bob NAT Bob ⬄ Bing Alice ⬄ Apple 4

  6. Consistent State Replication Alice Bob ⬄ Bing Alice ⬄ Apple NAT Internet Bob NAT Bob ⬄ Bing 5

  7. Previous Approaches EXTERNALIZED STATE SNAPSHOT BASED StatelessNF , NSDI 2017 Pico Replication , SoCC 2013 CHC , NSDI 2019 FTMB , SIGCOMM 2015 REINFORCE , CoNEXT 2018 6

  8. Externalized State Approach NAT Internet Read/Write State Fault Tolerant Data Store 7

  9. Snapshot Based Approaches Alice Bob ⬄ Bing Alice ⬄ Apple NAT Internet Bob NAT Primary state Bob ⬄ Bing Replicated state Alice ⬄ Apple 8

  10. Snapshot Based Approaches for a Chain High Latency FW IDS NAT Internet Low Throughput NAT FW IDPS Primary state Replicated state 9

  11. Our Approach Fault Tolerant F I I ’ N F ’ … Firewall IDS NAT Primary state Replicated state 10

  12. Goals Consistent state replication to tolerate ! middlebox failures Minimizing performance overhead during normal operation Minimizing disruption during middlebox failures 11

  13. Fault Tolerant Chaining (FTC) In-chain replication ◦ Replicates a chain’s state instead of the state of individual middleboxes ◦ Each middlebox’s state replicated to subsequent ! middlebox servers Transactional packet processing ◦ Simplifies the development of multi-threaded middleboxes ◦ Improves scalability and performance Data dependency vectors ◦ Enables concurrent state replication 12

  14. Normal Operation m 1 m 2 m 3 1 2 2 3 r 3 Buffer Forw. r 1 r 2 13

  15. Normal Operation m 1 m 2 m 3 1 1 2 2 3 r 3 Buffer Forw. r 1 r 2 14

  16. Normal Operation m 1 m 2 m 3 3 1 1 2 2 3 r 3 Buffer Forw. r 1 r 2 15

  17. Failure Recovery ✕ m 1 m 2 m 3 1 3 1 1 2 2 2 3 Forw. Buffer r 1 r 2 r 3 m 2 Primary state 2 r ’2 Replicated state 16

  18. Transactional Packet Processing Existing approaches ◦ Single thread or batched packet processing ◦ FTMB: multi threaded packet processing ◦ Tracking state changes in granularity of each state variable read/write ◦ Frequent periodic state snapshots Our approach ◦ Packet transaction model for concurrent packet processing ◦ Using isolation property to tracking state changes in granularity of packet transactions 17

  19. Data Dependency Vectors Tracking data changes instead of thread operations Enabling different number of threads at the middlebox and replicas ◦ Fail over to smaller machine ◦ Scale up to a larger machine Middlebox Product Throughput CPU Core HP VSR1001 268 Mbps 1 IPSec HP VSR1008 926 Mbps 8 STEELHEAD CCX770M 10 Mbps 2 WAN Optimizer STEELHEAD CCX1555M 50 Mbps 4 Barracuda Level 1 100 Mbps 1 WAF Barracuda Level 5 200 Mbps 2 18

  20. Data Dependency Vectors Example W(1) Middlebox 1 Middlebox’s dependency vector: ⟨ 0,x,x ⟩ ⟨ 1,3,4 ⟩ ⟨ 0,3,4 ⟩ 1 2 ⟨ 2,3,5 ⟩ 2 ⟨ 0,x,x ⟩ ⟨ 1,x,4 ⟩ R(1), W(3) ✓ ⟨ 0,x,x ⟩ ≥ ⟨ 1,x,4 ⟩ ⟨ 0,3,4 ⟩ Replica’s dependency vector: 4 Replica ⟨ 1,3,4 ⟩ ⟨ 1,3,4 ⟩ ⟨ 0,3,4 ⟩ ⟨ 0,3,4 ⟩ ⟨ 2,3,5 ⟩ ⟨ 0,3,4 ⟩ 4 5 hold 3 5 ⟨ 1,3,4 ⟩ ≥ ≥ ⟨ 0,3,4 ⟩ ⟨ 1,x,4 ⟩ ⟨ 1,x,4 ⟩ ⟨ 1,x,4 ⟩ ✓ ? 19

  21. Evaluation METHOD ENVIRONMENTS Comparing FTC with: A cluster of 12 servers ◦ 40 Gbps network NF , N on- F ault tolerant system ◦ Ideal performance SAVI Cloud environment ◦ A virtual network of OVS switches FTMB (SIGCOMM 2015) ◦ State logging + Snapshots MoonGen and pktGen traffic generators ◦ UDP traffic FTMB + Snapshot (SIGCOMM 2015) ◦ Packet size: 256 B ◦ State logging + Snapshots 20

  22. Fault Tolerant NATs 2x higher NF FTC FTMB throughput 10 Throughput (Mpps) 8 6 4 2 0 1 2 4 8 Threads 21

  23. Fault Tolerant Chains – Throughput NF FTC FTMB FTMB+Snapshot 10 3.5x higher 1.8x higher Throughput (Mpps) throughput throughput 8 6 39% drop due 4 to snapshots 2 0 2 3 4 5 Chain Length 22

  24. Fault Tolerant Chains – Latency NF FTC FTMB 1 . 0 0 . 8 Packets (CDF) 0 . 6 0 . 4 0 . 2 0 . 0 40 60 80 100 120 140 160 180 Latency (µs) 23

  25. Conclusion Keep operation of a chain of middleboxes online after ! middleboxes fail ◦ In-chain replication ◦ Transactional packet processing ◦ Data dependency vectors 24

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault

Lecture 10: Fault Tolerance Fault Tolerant Concurrent Computing The main principles of fault tolerant programming are: Fault Detection - Knowing that a fault exists Fault Recovery - having atomic instructions that can be rolled back in

361 views • 18 slides
Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the

EDA421/DIT171 - Parallel and Distributed Real-Time Systems, Chalmers/GU, 2011/2012 Lecture #14 Updated May 2, 2012 Fault-tolerant techniques Fault-tolerant techniques What causes component faults? What are the effects if the

374 views • 9 slides
FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09,

FAULT-TOLERANT CONTROL Is it possible? JAN MACIEJOWSKI Fault- tolerant control. DPS09, Gdask Canonical Control Engineering Problem Disturbance Controlled output Set-point Filter Controller Plant Sensor Noise This problem is

639 views • 29 slides
Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and

1 Adaptive Fault Tolerant Systems: Adaptive Fault Tolerant Systems: Reflective Design and Validation Reflective Design and Validation Marc-Olivier Killijian Dependable Computing and Fault Tolerance Research Group Toulouse - France 2

865 views • 50 slides
Provi viding ing Fault lt-tol tolerant erant Execution n of Web-servi service ce ba

Provi viding ing Fault lt-tol tolerant erant Execution n of Web-servi service ce ba

Platzhalter fr Bild, Bild auf Titelfolie hinter das Logo einsetzen Provi viding ing Fault lt-tol tolerant erant Execution n of Web-servi service ce ba based sed Workf kflows ows wi within Cl Clouds hl , Tobias Distler, Rdiger

468 views • 35 slides
Named Function Networking Service chaining, big picture, division of labor boundaries IRTF ICNRG

Named Function Networking Service chaining, big picture, division of labor boundaries IRTF ICNRG

Named Function Networking Service chaining, big picture, division of labor boundaries IRTF ICNRG interim meeting, Boston, Jan 13+14, 2015 Christian Tschudin, University of Basel Named Function Networking Session overview Part I Service

553 views • 21 slides
Service Function Chaining (SFC) and Network Slicing in Backhaul and Metro Networks in Support of

Service Function Chaining (SFC) and Network Slicing in Backhaul and Metro Networks in Support of

Service Function Chaining (SFC) and Network Slicing in Backhaul and Metro Networks in Support of 5G Adrian Farrel : Old Dog Consulting The research leading to these results has received funding from the European Commission for the

294 views • 16 slides
Overview Introduction and basic concept ECE 753: FAULT-TOLERANT Fault model and fault

Overview Introduction and basic concept ECE 753: FAULT-TOLERANT Fault model and fault

4/1/2014 Overview Introduction and basic concept ECE 753: FAULT-TOLERANT Fault model and fault coverage COMPUTING Checkpointing and backward error recovery (rollback) Kewal K.Saluja General principles General principles

259 views • 3 slides
Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent

Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent

Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent Monitoring Networks Networks Heterogeneous Intelligent Monitoring Jing Deng Department of Computer Science University of North Carolina at

335 views • 18 slides
A Fault-Tolerant Alternative to Lockstep Triple Modular Redundancy Andrew L. Baldwin, BS 09,

A Fault-Tolerant Alternative to Lockstep Triple Modular Redundancy Andrew L. Baldwin, BS 09,

A Fault-Tolerant Alternative to Lockstep Triple Modular Redundancy Andrew L. Baldwin, BS 09, MS 12 W. Robert Daasch, Professor Integrated Circuits Design and Test Laboratory Problem Statement In a fault tolerant system containing

478 views • 35 slides
Overview ECE 753: FAULT-TOLERANT Fault Modeling COMPUTING References Introduction

Overview ECE 753: FAULT-TOLERANT Fault Modeling COMPUTING References Introduction

1/21/2014 Overview ECE 753: FAULT-TOLERANT Fault Modeling COMPUTING References Introduction Kewal K.Saluja Kewal K Saluja Fault models at different levels (HW) Department of Electrical and Computer Engineering Error

304 views • 5 slides
4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design

4/22/2009 Designing highly available systems Incorporate elements of fault-tolerant design Replication, TMR Distributed Systems Fully fault tolerant system will offer non-stop availability Clusters You cant achieve this! Problem:

458 views • 11 slides
Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural

Verification and Validation of a Verification and Validation of a Fault- -Tolerant Architectural Abstraction Tolerant Architectural Abstraction Fault Patrick H. S. Brito - Unicamp, Brazil Rogrio de Lemos - University of Kent, UK Eliane

381 views • 21 slides
REVIEW OF FAULT TOLERANT TECHNIQUES FOR DIFFERENT TYPES OF GRAPHS BY- HATEM NASSRAT TARAK

REVIEW OF FAULT TOLERANT TECHNIQUES FOR DIFFERENT TYPES OF GRAPHS BY- HATEM NASSRAT TARAK

REVIEW OF FAULT TOLERANT TECHNIQUES FOR DIFFERENT TYPES OF GRAPHS BY- HATEM NASSRAT TARAK SHINGNE Outline General view of Fault Tolerance Ft-Design approaches Trees Meshes & Hypercubes conclusion Introduction Fault

584 views • 44 slides
Circumventing Impossibility Partial Synchrony Circumventing Impossibility Consensus is an

Circumventing Impossibility Partial Synchrony Circumventing Impossibility Consensus is an

Circumventing Impossibility Partial Synchrony Circumventing Impossibility Consensus is an important building block for fault-tolerant computing Universal: any deterministic fault-tolerant service can be implemented on top of it

349 views • 12 slides
Idealised Fault Tolerant Idealised Fault Tolerant Architectural Element Architectural Element

Idealised Fault Tolerant Idealised Fault Tolerant Architectural Element Architectural Element

Idealised Fault Tolerant Idealised Fault Tolerant Architectural Element Architectural Element Rog rio rio de Lemos de Lemos Rog University of Kent, UK University of Kent, UK Motivation architectural fault tolerance; iFTE

350 views • 16 slides
Newton never dies It only gets new hardware Paul Guyot Worldwide Newton Conference 2004

Newton never dies It only gets new hardware Paul Guyot Worldwide Newton Conference 2004

Newton never dies It only gets new hardware Paul Guyot Worldwide Newton Conference 2004 Introduction Introduction (i) Decreasing, limited supply of hardware What is so great about the Newton cannot be found in other PDAs and Operating

448 views • 29 slides
New TRIUMF Director Nigel Lockyer May 2007 - May 2012 From Penn State, A former head of CDF

New TRIUMF Director Nigel Lockyer May 2007 - May 2012 From Penn State, A former head of CDF

New TRIUMF Director Nigel Lockyer May 2007 - May 2012 From Penn State, A former head of CDF Network & Computing Services Corrie Kost - retirement June 30th Kelvin Raywood - Corries replacement Scienti fi c Computing Support Chris

514 views • 27 slides
Learning MySQL 5.7 Jervin Real Percona Live 2017 1 / 21 Agenda 1. Background 2. New Features

Learning MySQL 5.7 Jervin Real Percona Live 2017 1 / 21 Agenda 1. Background 2. New Features

Learning MySQL 5.7 Jervin Real Percona Live 2017 1 / 21 Agenda 1. Background 2. New Features 3. Upgrading to 5.7 2 / 21 Background and Current State 3 / 21 Background and Current State In Comparison, MySQL 5.7 is: Percona Server 5.7

329 views • 21 slides
Sandboxing & Virtualization: Modern Tools for Combating Malware Anup K. Ghosh, PhD Founder

Sandboxing & Virtualization: Modern Tools for Combating Malware Anup K. Ghosh, PhD Founder

Sandboxing & Virtualization: Modern Tools for Combating Malware Anup K. Ghosh, PhD Founder anup@invincea.com www.invincea.com Research Professor Center for Secure Information Systems George Mason University May 2010 The User IS the

479 views • 20 slides
(Computer Science @ CMU) Presenter: Devesh Kumar Singh Background Storage Devices

(Computer Science @ CMU) Presenter: Devesh Kumar Singh Background Storage Devices

Authors : Joy Arulraj, Matthew Peron, Andrew Pavlo (Computer Science @ CMU) Presenter: Devesh Kumar Singh Background Storage Devices Write Ahead Protocol Write Behind Protocol Evaluation Durability of updates: Persist

721 views • 30 slides
Disks and RAID 50 Years Old! 13th September 1956 The IBM RAMAC 350 80000 times more

Disks and RAID 50 Years Old! 13th September 1956 The IBM RAMAC 350 80000 times more

Disks and RAID 50 Years Old! 13th September 1956 The IBM RAMAC 350 80000 times more data on the 8GB 1-inch drive in his right hand than on the 24-inch RAMAC one in his left What does the disk look like? Some parameters 2-30

638 views • 44 slides
Intro to Load-Balancing Tomcat with httpd and mod_jk Christopher Schultz Chief Technology

Intro to Load-Balancing Tomcat with httpd and mod_jk Christopher Schultz Chief Technology

Intro to Load-Balancing Tomcat with httpd and mod_jk Christopher Schultz Chief Technology Offjcer Total Child Health, Inc. * Slides available on the Linux Foundation / ApacheCon2015 web site and at http://people.apache.org/~schultz/ApacheCon

1.04k views • 69 slides
CDx: A Family of Real-time Java Benchmarks Tomas Kalibera, Jeff Hagelberg, Filip Pizlo, Ales

CDx: A Family of Real-time Java Benchmarks Tomas Kalibera, Jeff Hagelberg, Filip Pizlo, Ales

CDx: A Family of Real-time Java Benchmarks Tomas Kalibera, Jeff Hagelberg, Filip Pizlo, Ales Plsek, Ben Titzer, Jan Vitek Purdue University Real-time Java Applications Shipboard computing US Navy DDG1000 Destroyer ( 5 mio lines of code,

571 views • 22 slides

More recommend