NDN-NIC: Name-based Filtering on Network Interface Card Junxiao - - PowerPoint PPT Presentation

ndn nic name based filtering on network interface card
SMART_READER_LITE
LIVE PREVIEW

NDN-NIC: Name-based Filtering on Network Interface Card Junxiao - - PowerPoint PPT Presentation

Nov 13, 2023 504 likes •713 views

NDN-NIC: Name-based Filtering on Network Interface Card Junxiao Shi, Teng Liang, Beichuan Zhang (University of Arizona) HaoWu, Bin Liu (Tsinghua University) Communication over shared media Each device hears all signals transmitted within

slide-1
SLIDE 1

NDN-NIC: Name-based Filtering on Network Interface Card

Junxiao Shi, Teng Liang, Beichuan Zhang (University of Arizona) HaoWu, Bin Liu (Tsinghua University)

slide-2
SLIDE 2

Communication over shared media

  • Each device hears all signals transmitted within range,

and needs to processes them.

  • Accept interested packets, discard those of no interest.
  • E.g., traditional Ethernet, and most wireless communication.
  • In current systems, this is done at the network

interface card (NIC) to save cycles and power of the main system.

  • Compare the L2 destination address with the host’s own

address.

2 sender intended recipient

  • ther device
slide-3
SLIDE 3

NDN over shared media

  • Can take advantage of the broadcast nature
  • Consumer doesn’t need to specify the L2 destination

address; any receiver with the content can reply.

  • Especially useful in wireless mobile networks.
  • But implementing it in current systems means all

packets are delivered to the main CPU for filtering.

  • Looking up PIT/CS/FIB before dropping unwanted packets.
  • Can we design a NIC that can filter NDN packets based
  • n their names?

3

slide-4
SLIDE 4

NDN NIC

  • Goal: filtering packets based on names.
  • Requirements:
  • No false negatives
  • Interests that match CS/PIT/FIB must be admitted.
  • Data that match PIT must be admitted.
  • Can have false positives but the fewer the better
  • Support regular end-hosts with small amount of memory.
  • 100s of thousands of names vs. 10s KB memory.
  • Idea: put names into Bloom filters on NIC.
  • Incoming packets are admitted if they find a match in the BFs.
  • Challenge: with limited memory, choose which names

to go into the filters to satisfy the requirements.

4

slide-5
SLIDE 5

Name Matching

  • The naïve approach is to store all names from CS/PIT/FIB in BF,

but it’s actually more complicated than that.

  • Some names should not be stored in the BF. E.g., the default route in

FIB, and PIT entries forwarded to local producers.

  • NDN has two types of packets, and name matching is more

than exact match.

5

slide-6
SLIDE 6

Name Matching and Bloom Filters

  • FIB:
  • /A/B can match interest name /A/B, /A/B/C, or longer.
  • Store /A/B in BF
  • Filtering interests by looking up all prefixes of the interest name.
  • CS:
  • /A/B/C/D can match interests /A, /A/B, /A/B/C, and /A/B/C/D.
  • Store /A/B/C/D and all its prefixes in BF.
  • Filtering interests by looking up the interest name.
  • PIT:
  • /A/B/C matches Data with same or longer names, e.g., /A/B/C/D.
  • Store /A/B/C and all prefixes.
  • Filtering Data by looking up Data name and all its prefixes.
  • Need three different Bloom Filters with different contents and

different filtering procedures.

6

slide-7
SLIDE 7

Name Removal From the Filters

  • When CS/PIT/FIB are updated, the Bloom Filters may also need

to be updated, otherwise will lead to false negatives or false positives.

  • Name addition is easy for BF, but name removal needs counting

Bloom filters, which increases memory usage.

  • Maintain counting Bloom filters in the driver, only store BFs in

NIC.

7

slide-8
SLIDE 8

NDN-NIC Architecture

8

BF-FIB BF-PIT BF-CS PIT CS FIB NDN applications packet filtering logic MAC & PHY NDN-NIC hardware NFD NDN-NIC driver CBF-FIB CBF-PIT CBF-CS update algorithm

slide-9
SLIDE 9

Reducing False Positives

  • The more names added to a Bloom filter, the higher its false

positive rate.

  • E.g., a 8KB BF with optimal hash functions, false positive 4.3% with 10K

names, but 54% with 50K names.

  • BF-CS is the primary optimization target
  • A regular host usually has a small FIB and a relatively small PIT.
  • But it can cache many Data objects in the CS, and all those names and

their prefixes need to go into BF-CS.

  • The idea is to introduce a shorter prefix in the BF to replace

multiple CS names.

9

slide-10
SLIDE 10

The Basic CS Algorithm

  • Skip a CS name if it is already covered by a FIB entry.
  • Doesn’t introduce any new false positive.

10 /A /A/B /A/B/Y /A/B/X FIB entry: /A/B These Interest names can match /A/B in BF-FIB, so they don't need to be added to BF-CS. This name is still needed in BF-CS.

slide-11
SLIDE 11

When Basic CS will be effective?

  • Basic CS is effective when the CS caches many Data from local

producer applications, because those Data names are covered by FIB entries registered by local applications.

  • i.e., content producers
  • If most cached Data came from the network, their names aren't

under FIB prefixes, and Basic CS will not work well.

  • i.e., content consumers.

11

slide-12
SLIDE 12

The Active CS Algorithm

  • Create a new prefix in BF-FIB so we can remove multiple names

in BF-CS.

  • Reduce BF false positives since names are fewer.
  • But introduce prefix match false positive, e.g., /A/B/Z will be admitted.

12 /A /A/B /A/B/Y /A/B/X BF-FIB entry: /A/B Can remove these from BF-CS. Add this to BF-FIB.

slide-13
SLIDE 13

Active CS

  • Goal of Active CS is to minimize overall false positives.
  • Bloom filter false positives can be estimated based.
  • But prefix match false positives depends on traffic pattern.
  • We don't calculate prefix match false positives. Instead, Active

CS tries to keep Bloom filter false positives between two thresholds.

  • Aggregate if BF false positive is high.
  • De-aggregate if BF false positive is low.

13

slide-14
SLIDE 14

Evaluation

  • Collect NFS traces in a department network.
  • Use the NFS requests and replies to derive NDN interest

names and packet timing, and use that to drive the emulation of NDN file access in mini-NDN.

  • Record the interest and data packets, their timing, and table

changes in NFD.

  • Simulate and compare direct mapping, basic CS and active CS

with different paramters:

  • How many packets are rejected by NDN-NIC?
  • How many packets are accepted but eventually dropped in NFD (false

positives)?

  • The overhead?

14

slide-15
SLIDE 15

Packets accepted by NIC

5,000,000 10,000,000 15,000,000 20,000,000 25,000,000 30,000,000 35,000,000 regular NIC 4096 16384 65536 262144 1048576 Admitted packets BF-CS size (bits) 15 16KB of Bloom filters can filter out 92% of all received packets. Regular NIC accepts all packets, but more than 98% are dropped by software. (65536-bit BF-FIB and 256-bit BF-PIT; Direct Mapping; two hash functions)

slide-16
SLIDE 16

Compare different CS algorithms

16

  • Improvement by basic CS is limited.
  • Active CS helps more.
slide-17
SLIDE 17

When to use Active CS?

0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 4096 16384 65536 262144 1048576 # nametree node access (% of regular NIC) BF-CS size (bits) Direct Mapping Active CS 17 (65536-bit BF-FIB and 256-bit BF-PIT) But it's not so good with large BFs. Active CS is much better than DM with small BFs.

slide-18
SLIDE 18

Summary

  • On shared media, filter packets in the NIC to save cycles and

power of the main system.

  • Can be made effective using small amount of memory.
  • Active CS algorithm: tradeoff between two types of false positives.
  • Future Work
  • Feasibility in hardware implementation: overhead and cost, update

dynamics and the implications.

18

slide-19
SLIDE 19

Q & A

19