Making middleboxes someone else's problem-Reference-Cited by-同舟云学术

Making middleboxes someone else's problem

Published:2012-09-24 Issue:4 Volume:42 Page:13-24
ISSN:0146-4833
Container-title:ACM SIGCOMM Computer Communication Review
language:en
Short-container-title:SIGCOMM Comput. Commun. Rev.

Author:

Sherry Justine¹,Hasan Shaddi¹,Scott Colin¹,Krishnamurthy Arvind²,Ratnasamy Sylvia¹,Sekar Vyas³

Affiliation:

1. UC Berkeley, Berkeley, CA, USA

2. University of Washington, Seattle, WA, USA

3. Intel Labs, Berkeley, CA, USA

Abstract

Modern enterprises almost ubiquitously deploy middlebox processing services to improve security and performance in their networks. Despite this, we find that today's middlebox infrastructure is expensive, complex to manage, and creates new failure modes for the networks that use them. Given the promise of cloud computing to decrease costs, ease management, and provide elasticity and fault-tolerance, we argue that middlebox processing can benefit from outsourcing the cloud. Arriving at a feasible implementation, however, is challenging due to the need to achieve functional equivalence with traditional middlebox deployments without sacrificing performance or increasing network complexity. In this paper, we motivate, design, and implement APLOMB, a practical service for outsourcing enterprise middlebox processing to the cloud. Our discussion of APLOMB is data-driven, guided by a survey of 57 enterprise networks, the first large-scale academic study of middlebox deployment. We show that APLOMB solves real problems faced by network administrators, can outsource over 90% of middlebox hardware in a typical large enterprise network, and, in a case study of a real enterprise, imposes an average latency penalty of 1.1ms and median bandwidth inflation of 3.8%.

Publisher

Association for Computing Machinery (ACM)

Subject

Computer Networks and Communications,Software

Link

https://dl.acm.org/doi/pdf/10.1145/2377677.2377680

Reference47 articles.

1. Amazon Direct Connect. http://aws.amazon.com/directconnect/. Amazon Direct Connect. http://aws.amazon.com/directconnect/.

2. Amazon Route 53. http://aws.amazon.com/route53. Amazon Route 53. http://aws.amazon.com/route53.

3. Amazon Virtual Private Cloud. http://aws.amazon.com/vpc/. Amazon Virtual Private Cloud. http://aws.amazon.com/vpc/.

4. Amazon Web Services launches Brazil datacenters for its cloud computing platform. http://phx.corporate-ir.net/phoenix.zhtml?c= 176060&p=irol-newsArticle&ID=1639908. Amazon Web Services launches Brazil datacenters for its cloud computing platform. http://phx.corporate-ir.net/phoenix.zhtml?c= 176060&p=irol-newsArticle&ID=1639908.

5. Aryaka WAN Optimization. http://www.aryaka.com. Aryaka WAN Optimization. http://www.aryaka.com.

Cited by 315 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Intelligent and Resource-Conserving Service Function Chain (SFC) Embedding;Journal of Network and Systems Management;2023-09-01

2. NFCache: Fine-grained and Flexible Offloading of Network Functions to Programmable Switches;Proceedings of the 52nd International Conference on Parallel Processing Workshops;2023-08-07

3. Customizable Mapping of Virtualized Network Services in Multi-datacenter Environments Based on Genetic Metaheuristics;Journal of Network and Systems Management;2023-08-01

4. Serpens: A High Performance FaaS Platform for Network Functions;IEEE Transactions on Parallel and Distributed Systems;2023-08

5. Yarrpbox: Detecting Middleboxes at Internet-Scale;Proceedings of the ACM on Networking;2023-06-30