Vntor: Network Virtualization At The Top-Of-Rack Switch
SoCC '16: ACM Symposium on Cloud Computing Santa Clara CA USA October, 2016(2016)
摘要
Cloud providers typically implement abstractions for network virtualization on the server, within the operating system that hosts the tenant virtual machines or containers. Despite being flexible and convenient, this approach has fundamental problems: incompatibility with bare-metal support, unnecessary performance overhead, and susceptibility to hypervisor breakouts. To solve these, we propose to offload the implementation of network-virtualization abstractions to the top-of-rack switch (ToR). To show that this is feasible and beneficial, we present VNToR, a ToR that takes over the implementation of the security-group abstraction. Our prototype combines commodity switching hardware with a custom software stack and is integrated in OpenStack Neutron. We show that VNToR can store tens of thousands of access rules, adapts to traffic-pattern changes in less than a millisecond, and significantly outperforms the state of the art.
更多查看译文
关键词
Network virtualization,security groups,SR-IOV,top-of-rack switch
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络