K. Ohnishi, Daisuke Kotani, Hirofumi Ichihara, Yohei Kanemaru, Y. Okabe
{"title":"Acila:在云数据中心网络中附加工作负载的身份,实现高效的数据包分类","authors":"K. Ohnishi, Daisuke Kotani, Hirofumi Ichihara, Yohei Kanemaru, Y. Okabe","doi":"10.1145/3527974.3545726","DOIUrl":null,"url":null,"abstract":"IP addresses and port numbers (network based identifiers) are major identifiers for network devices to identify systems and roles of hosts exchanging packets for access control lists, priority control, etc. However, in modern system design on cloud, such as microservice architecture, network based identifiers are inefficient to identify systems and roles of hosts because VMs and containers (workloads), which elastically change due to autoscaling and deployment of new codes, have only network based identifiers based on servers where workloads are running. We propose a new system, Acila, to classify packets based on the identity of a workload at network devices, by marking packets with necessary information extracted from the identity that is usually stored in cloud controllers. We implement Acila and show that packet filtering and priority control work with Acila, and entries for them with Acila is more efficient than network based identifiers approach, with little overhead on performance.","PeriodicalId":294749,"journal":{"name":"Proceedings of the ACM SIGCOMM Workshop on Future of Internet Routing & Addressing","volume":"208 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Acila: attaching identities of workloads for efficient packet classification in a cloud data center network\",\"authors\":\"K. Ohnishi, Daisuke Kotani, Hirofumi Ichihara, Yohei Kanemaru, Y. Okabe\",\"doi\":\"10.1145/3527974.3545726\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"IP addresses and port numbers (network based identifiers) are major identifiers for network devices to identify systems and roles of hosts exchanging packets for access control lists, priority control, etc. However, in modern system design on cloud, such as microservice architecture, network based identifiers are inefficient to identify systems and roles of hosts because VMs and containers (workloads), which elastically change due to autoscaling and deployment of new codes, have only network based identifiers based on servers where workloads are running. We propose a new system, Acila, to classify packets based on the identity of a workload at network devices, by marking packets with necessary information extracted from the identity that is usually stored in cloud controllers. We implement Acila and show that packet filtering and priority control work with Acila, and entries for them with Acila is more efficient than network based identifiers approach, with little overhead on performance.\",\"PeriodicalId\":294749,\"journal\":{\"name\":\"Proceedings of the ACM SIGCOMM Workshop on Future of Internet Routing & Addressing\",\"volume\":\"208 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-09-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the ACM SIGCOMM Workshop on Future of Internet Routing & Addressing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3527974.3545726\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the ACM SIGCOMM Workshop on Future of Internet Routing & Addressing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3527974.3545726","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Acila: attaching identities of workloads for efficient packet classification in a cloud data center network
IP addresses and port numbers (network based identifiers) are major identifiers for network devices to identify systems and roles of hosts exchanging packets for access control lists, priority control, etc. However, in modern system design on cloud, such as microservice architecture, network based identifiers are inefficient to identify systems and roles of hosts because VMs and containers (workloads), which elastically change due to autoscaling and deployment of new codes, have only network based identifiers based on servers where workloads are running. We propose a new system, Acila, to classify packets based on the identity of a workload at network devices, by marking packets with necessary information extracted from the identity that is usually stored in cloud controllers. We implement Acila and show that packet filtering and priority control work with Acila, and entries for them with Acila is more efficient than network based identifiers approach, with little overhead on performance.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
