research-article

Free access

Don't call them middleboxes, call them middlepipes

Authors:

Upendra SharmaAuthors Info & Claims

HotSDN '14: Proceedings of the third workshop on Hot topics in software defined networking

Pages 19 - 24

https://doi.org/10.1145/2620728.2620760

Published: 22 August 2014 Publication History

Abstract

As interest grows in introducing network functions---middleboxes---to Platform as a Service (PaaS) clouds, it is tempting to treat them as normal PaaS services. However, the PaaS service abstraction lacks sufficient support for middlebox services. For example, network functions may require proximity to data sources for efficient snooping or request rewriting, or access to raw packets rather than application-level requests. Instead, we propose a new network function abstraction to PaaS clouds called middlepipes. True to PaaS philosophy, middlepipes are sufficiently high level for application developers to forget about details like packets vs. requests and data source proximity. Middlepipes can be chained together to cooperatively interpose on traffic between applications and services. Furthermore, they can generate callbacks into applications; in this paper, we describe the middlepipe PaaS architecture in the context of a "circuit breaker" network function.

References

[1]

Amazon Web Services. http://aws.amazon.com/.

[2]

Cloud Foundry. http://docs.cloudfoundry.org.

[3]

Graphite - Scalable Realtime Graphing. http://graphite.wikidot.com/.

[4]

Heroku: Cloud Application Platform. https://www.heroku.com/.

[5]

Hystrix: Latency and Fault Tolerance for Distributed Systems. https://github.com/Netflix/Hystrix.

[6]

IBM Codename: BlueMix. https://ace.ng.bluemix.net/.

[7]

Netfilter. http://www.netfilter.org/.

[8]

netfilter: libnetfilter-queue. http://www.iptables.org/projects/libnetfilter_queue/index.html.

[9]

Netflix Open Source Software. http://netflix.github.io/#repo.

[10]

Windows Azure Platform. https://www.windowsazure.com/en-us/.

[11]

Zuul. https://github.com/Netflix/zuul/wiki.

[12]

Google AppEngine. https://developers.google.com/appengine/, Nov. 2012.

[13]

ETSI Network Function Virtualisation (NFV); Use Cases.

[14]

Anand, A., Gupta, A., Akella, A., Seshan, S., and Shenker, S. Packet caches on routers: The implications of universal redundant traffic elimination. SIGCOMM Comput. Commun. Rev. 38, 4 (Aug. 2008), 219--230.

Digital Library

[15]

Benson, T., Akella, A., Shaikh, A., and Sahu, S. Cloudnaas: A cloud networking platform for enterprise applications. In Proc. of ACM SoCC (Cascais, Portugal, Oct. 2011).

Digital Library

[16]

Dixon, C., Krishnamurthy, A., and Anderson, T. An end to the middle. In Proc. of USENIX HotOS (Monte Verità, Switzerland, May 2009).

Digital Library

[17]

Handley, M., Paxson, V., and Kreibich, C. Network Intrusion Detection: Evasion, Traffic Normalization, and End-to-End Protocol Semantics. In Proceedings of the 10th conference on USENIX Security Symposium (2001).

Digital Library

[18]

Joseph, D., and Stoica, I. Modeling middleboxes. Network, IEEE 22, 5 (September 2008), 20--25.

Digital Library

[19]

Rajagopalan, S., Williams, D., Jamjoom, H., and Warfield, A. Split/Merge: System Support for Elastic Execution in Virtual Middleboxes. In Proc. of USENIX NSDI (Lombard, IL, Apr. 2013).

Digital Library

[20]

Roesch, M. Snort - Lightweight Intrusion Detection for Networks. In Proc. of USENIX LISA (Nov. 1999).

Digital Library

[21]

Sekar, V., Egi, N., Ratnasamy, S., Reiter, M. K., and Shi, G. Design and Implementation of a Consolidated Middlebox Architecture. In Proc. of USENIX NSDI (San Jose, CA, Apr. 2012).

Digital Library

[22]

Sherry, J., Hasan, S., Scott, C., Krishnamurthy, A., Ratnasamy, S., and Sekar, V. Making middleboxes someone else's problem: Network processing as a cloud service. In Proc. of ACM SIGCOMM (New York, NY, USA, 2012), SIGCOMM '12, ACM, pp. 13--24.

Digital Library

Cited By

ALASALI TDAKKAK O(2023)EXPLORING THE LANDSCAPE OF SDN-BASED DDOS DEFENSE: A HOLISTIC EXAMINATION OF DETECTION AND MITIGATION APPROACHES, RESEARCH GAPS AND PROMISING AVENUES FOR FUTURE EXPLORATIONInternational Journal of Advanced Natural Sciences and Engineering Researches10.59287/ijanser.7267:4(327-349)Online publication date: 22-May-2023
https://doi.org/10.59287/ijanser.726
Islam MAl-Mukhtar MKhan MHossain M(2023)A Survey on SDN and SDCN Traffic Measurement: Existing Approaches and Research ChallengesEng10.3390/eng40200634:2(1071-1115)Online publication date: 6-Apr-2023
https://doi.org/10.3390/eng4020063
Hassan MGregory MLi S(2023)Multi-Domain Federation Utilizing Software Defined Networking—A ReviewIEEE Access10.1109/ACCESS.2023.324268711(19202-19227)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3242687
Show More Cited By

Index Terms

Don't call them middleboxes, call them middlepipes
1. Networks
  1. Network architectures

Recommendations

Making middleboxes someone else's problem: network processing as a cloud service
Special october issue SIGCOMM '12

Modern enterprises almost ubiquitously deploy middlebox processing services to improve security and performance in their networks. Despite this, we find that today's middlebox infrastructure is expensive, complex to manage, and creates new failure modes ...
OpenANFV: accelerating network function virtualization with a consolidated framework in openstack
SIGCOMM '14: Proceedings of the 2014 ACM conference on SIGCOMM

The resources of dedicated accelerators (e.g. FPGA) are still required to bridge the gap between software-based Middleboxs(MBs) and the commodity hardware. To consolidate various hardware resources in an elastic, programmable and reconfigurable manner, ...
SP 800-145. The NIST Definition of Cloud Computing

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

HotSDN '14: Proceedings of the third workshop on Hot topics in software defined networking

August 2014

252 pages

ISBN:9781450329897

DOI:10.1145/2620728

Program Chairs:
Aditya Akella
University of Wisconsin-Madison, USA
,
Albert Greenberg
Microsoft, USA

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 August 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIGCOMM'14

Sponsor:

SIGCOMM

SIGCOMM'14: ACM SIGCOMM 2014 Conference

August 22, 2014

Illinois, Chicago, USA

Acceptance Rates

HotSDN '14 Paper Acceptance Rate 50 of 114 submissions, 44%;

Overall Acceptance Rate 88 of 198 submissions, 44%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

20
Total Citations
View Citations
1,647
Total Downloads

Downloads (Last 12 months)94
Downloads (Last 6 weeks)14

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

ALASALI TDAKKAK O(2023)EXPLORING THE LANDSCAPE OF SDN-BASED DDOS DEFENSE: A HOLISTIC EXAMINATION OF DETECTION AND MITIGATION APPROACHES, RESEARCH GAPS AND PROMISING AVENUES FOR FUTURE EXPLORATIONInternational Journal of Advanced Natural Sciences and Engineering Researches10.59287/ijanser.7267:4(327-349)Online publication date: 22-May-2023
https://doi.org/10.59287/ijanser.726
Islam MAl-Mukhtar MKhan MHossain M(2023)A Survey on SDN and SDCN Traffic Measurement: Existing Approaches and Research ChallengesEng10.3390/eng40200634:2(1071-1115)Online publication date: 6-Apr-2023
https://doi.org/10.3390/eng4020063
Hassan MGregory MLi S(2023)Multi-Domain Federation Utilizing Software Defined Networking—A ReviewIEEE Access10.1109/ACCESS.2023.324268711(19202-19227)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3242687
Huang HLi PGuo SLiang WWang K(2020)Near-Optimal Deployment of Service Chains by Exploiting Correlations Between Network FunctionsIEEE Transactions on Cloud Computing10.1109/TCC.2017.27801658:2(585-596)Online publication date: 1-Apr-2020
https://doi.org/10.1109/TCC.2017.2780165
Singh JBehal S(2020)Detection and mitigation of DDoS attacks in SDN: A comprehensive review, research challenges and future directionsComputer Science Review10.1016/j.cosrev.2020.10027937(100279)Online publication date: Aug-2020
https://doi.org/10.1016/j.cosrev.2020.100279
Jain VYatri VKanchan Kapoor C(2019)Software defined networking: State-of-the-artJournal of High Speed Networks10.3233/JHS-19060125:1(1-40)Online publication date: 19-Feb-2019
https://doi.org/10.3233/JHS-190601
Sah DKumar DShivalingagowda CJayasree P(2019)5G Applications and Architectures5G Enabled Secure Wireless Networks10.1007/978-3-030-03508-2_2(45-68)Online publication date: 6-Feb-2019
https://doi.org/10.1007/978-3-030-03508-2_2
Moravejosharieh AWatts MSong Y(2018)Bandwidth Reservation Approach to Improve Quality of Service in Software-Defined Networking: A Performance Analysis2018 15th International Joint Conference on Computer Science and Software Engineering (JCSSE)10.1109/JCSSE.2018.8457339(1-6)Online publication date: Jul-2018
https://doi.org/10.1109/JCSSE.2018.8457339
Nascimento Ede Macedo DMoreno Ede Bona LCapretz M(2018)Evaluation of Cache for Bandwidth Optimization in ICN Through Software-Defined Networks2018 IEEE Symposium on Computers and Communications (ISCC)10.1109/ISCC.2018.8538498(00656-00661)Online publication date: Jun-2018
https://doi.org/10.1109/ISCC.2018.8538498
Nguyen T(2018)The Challenges in ML-Based Security for SDN2018 2nd Cyber Security in Networking Conference (CSNet)10.1109/CSNET.2018.8602680(1-9)Online publication date: Oct-2018
https://doi.org/10.1109/CSNET.2018.8602680
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten