More Web Proxy on the site http://driver.im/

research-article

Free access

Rollback-Recovery for Middleboxes

Authors:

Justine Sherry,

Peter Xiang Gao,

Arvind Krishnamurthy,

Christian Maciocco,

Sylvia Ratnasamy,

Scott ShenkerAuthors Info & Claims

SIGCOMM '15: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication

Pages 227 - 240

https://doi.org/10.1145/2785956.2787501

Published: 17 August 2015 Publication History

Abstract

Network middleboxes must offer high availability, with automatic failover when a device fails. Achieving high availability is challenging because failover must correctly restore lost state (e.g., activity logs, port mappings) but must do so quickly (e.g., in less than typical transport timeout values to minimize disruption to applications) and with little overhead to failure-free operation (e.g., additional per-packet latencies of 10-100s of us). No existing middlebox design provides failover that is correct, fast to recover, and imposes little increased latency on failure-free operations. We present a new design for fault-tolerance in middleboxes that achieves these three goals. Our system, FTMB (for Fault-Tolerant MiddleBox), adopts the classical approach of "rollback recovery" in which a system uses information logged during normal operation to correctly reconstruct state after a failure. However, traditional rollback recovery cannot maintain high throughput given the frequent output rate of middleboxes. Hence, we design a novel solution to record middlebox state which relies on two mechanisms: (1) 'ordered logging', which provides lightweight logging of the information needed after recovery, and (2) a `parallel release' algorithm which, when coupled with ordered logging, ensures that recovery is always correct. We implement ordered logging and parallel release in Click and show that for our test applications our design adds only 30$\mu$s of latency to median per packet latencies. Our system introduces moderate throughput overheads (5-30%) and can reconstruct lost state in 40-275ms for practical systems.

Supplementary Material

WEBM File (p227-sherry.webm)

Download
169.30 MB

References

[1]

A Peek into Extended Page Tables. https://communities.intel.com/community/itpeernetwork/datastack/blog/2009/06/02/a-peek-into-extended-page-tables.

[2]

Alexa: Actionable Analytics for the Web. http://www.alexa.com/.

[3]

Clang Static Analyzer. http://clang-analyzer.llvm.org/.

[4]

Intel PRO/1000 Quad Port Bypass Server Adapters. http://www.intel.com/content/www/us/en/network-adapters/gigabit-network-adapters/pro-1000-qp.html.

[5]

LXC - Linux Containers. https://linuxcontainers.org/.

[6]

Remus PV domU Requirements. http://wiki.xen.org/wiki/Remus_PV_domU_requirements.

[7]

Riverbed Completes Acquisition of Mazu Networks. http://www.riverbed.com/about/news-articles/press-releases/riverbed-completes-acquisition-of-mazu-networks.html.

[8]

Snort IDS. https://www.snort.org/.

[9]

Squid: Optimising Web Delivery. http://www.squid-cache.org/.

[10]

The Bro Network Security Monitor. https://www.bro.org/.

[11]

VMWare vSphere. https://www.vmware.com/support/vsphere.

[12]

Vyatta. http://www.vyatta.com.

[13]

Wikipedia:seqlock. http://en.wikipedia.org/wiki/Seqlock.

[14]

Multi-Service Architecture and Framework Requirements. http://www.broadband-forum.org/technical/download/TR-058.pdf, 2003.

[15]

A. Akella, A. Anand, A. Balachandran, P. Chitnis, C. Muthukrishnan, R. Ramjee, and G. Varghese. EndRE: An End-System Redundancy Elimination Service for Enterprises. In Proc. USENIX NSDI, 2010.

Digital Library

[16]

G. Altekar and I. Stoica. ODR: Output-Deterministic Replay for Multicore Debugging. In Proc. ACM SOSP, 2009.

Digital Library

[17]

R. H. Arpaci-Dusseau and A. C. Arpaci-Dusseau. Operating Systems: Three Easy Pieces. Arpaci-Dusseau Books, 0.80 edition, May 2014.

[18]

T. C. Bressoud and F. B. Schneider. Hypervisor-based Fault Tolerance. In Proc. ACM SOSP, 1995.

Digital Library

[19]

C. Cadar, D. Dunbar, and D. R. Engler. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. In Proc. USENIX OSDI, 2008.

Digital Library

[20]

J. Chung, J. Seo, W. Baek, C. CaoMinh, A. McDonald, C. Kozyrakis, and K. Olukotun. Improving Software Concurrency with Hardware-assisted Memory Snapshot. In Proc. ACM SPAA, 2008.

Digital Library

[21]

E. G. Coffman, M. Elphick, and A. Shoshani. System Deadlocks. ACM Comput. Surv., 3(2):67--78, June 1971.

Digital Library

[22]

H. Cui, J. Simsa, Y.-H. Lin, H. Li, B. Blum, X. Xu, J. Yang, G. A. Gibson, and R. E. Bryant. Parrot: A Practical Runtime for Deterministic, Stable, and Reliable Threads. In Proc. ACM SOSP, 2013.

Digital Library

[23]

B. Cully, G. Lefebvre, D. Meyer, M. Feeley, N. Hutchinson, and A. Warfield. Remus: High Availability via Asynchronous Virtual Machine Replication. In Proc. USENIX NSDI, 2008.

Digital Library

[24]

D. Devecsery, M. Chow, X. Dou, J. Flinn, and P. M. Chen. Eidetic Systems. In Proc. USENIX OSDI, 2014.

Digital Library

[25]

J. Devietti, B. Lucia, L. Ceze, and M. Oskin. DMP: Deterministic Shared Memory Multiprocessing. In Proc. ACM ASPLOS, 2009.

Digital Library

[26]

Digital Corpora. 2009-M57-Patents packet trace. http://digitalcorpora.org/corp/nps/scenarios/2009-m57-patents/net/.

[27]

M. Dobrescu, N. Egi, K. Argyraki, B.-G. Chun, K. Fall, G. Iannaccone, A. Knies, M. Manesh, and S. Ratnasamy. RouteBricks: Exploiting Parallelism To Scale Software Routers. In Proc. ACM SOSP, 2009.

Digital Library

[28]

Y. Dong, W. Ye, Y. Jiang, I. Pratt, S. Ma, J. Li, and H. Guan. COLO: COarse-grained LOck-stepping Virtual Machines for Non-stop Service. In Proc. ACM SoCC, 2013.

Digital Library

[29]

G. W. Dunlap, D. G. Lucchetti, M. A. Fetterman, and P. M. Chen. Execution Replay of Multiprocessor Virtual Machines. In Proc. ACM SIGPLAN/SIGOPS VEE, 2008.

Digital Library

[30]

E. N. Elnozahy and W. Zwaenepoel. Manetho: Transparent roll back-recovery with low overhead, limited rollback, and fast output commit. IEEE Trans. Comput., 41(5):526--531, May 1992.

Digital Library

[31]

E. N. M. Elnozahy, L. Alvisi, Y.-M. Wang, and D. B. Johnson. A Survey of Rollback-Recovery Protocols in Message-passing Systems. ACM Comput. Surv., 34(3):375--408, Sept. 2002.

Digital Library

[32]

European Telecommunications Standards Institute. NFV Whitepaper. https://portal.etsi.org/NFV/NFV_White_Paper.pdf.

[33]

S. K. Fayazbakhsh, L. Chiang, V. Sekar, M. Yu, and J. C. Mogul. Enforcing Network-wide Policies in the Presence of Dynamic Middlebox Actions Using Flowtags. In Proc. USENIX NSDI, 2014.

Digital Library

[34]

M. Flajslik and M. Rosenblum. Network Interface Design for Low Latency Request-Response Protocols. In Proc. USENIX ATC, 2013.

Digital Library

[35]

A. Gember, R. Viswanathan, C. Prakash, R. Grandl, J. Khalid, S. Das, and A. Akella. OpenNF: Enabling Innovation in Network Function Control. In Proc. ACM SIGCOMM, 2014.

Digital Library

[36]

Z. Guo, X. Wang, J. Tang, X. Liu, Z. Xu, M. Wu, M. F. Kaashoek, and Z. Zhang. R2: An Application-Level Kernel for Record and Replay. In Proc. USENIX OSDI, 2008.

Digital Library

[37]

S. Han, K. Jang, K. Park, and S. Moon. PacketShader: a GPU-accelerated Software Router. In Proc. ACM SIGCOMM, 2010.

Digital Library

[38]

Intel. Data Plane Development Kit. http://dpdk.org/.

[39]

Intel. PCI-SIG SR-IOV Primer: An Introduction to SR-IOV Technology. http://www.intel.com/content/www/us/en/pci-express/pci-sig-sr-iov-primer-sr-iov-technology-paper.html.

[40]

R. Kohavi and R. Longbotham. Online experiments: Lessons learned. Computer, 40(9):103--105, 2007.

Digital Library

[41]

O. Laadan, N. Viennot, and J. Nieh. Transparent, Lightweight Application Execution Replay on Commodity Multiprocessor Operating Systems. In Proc. ACM SIGMETRICS, 2010.

Digital Library

[42]

L. Lamport. Time, clocks, and the ordering of events in a distributed system. Commun. ACM, 21(7):558--565, July 1978.

Digital Library

[43]

C. Lattner and V. Adve. LLVM: A Compilation Framework for Lifelong Program Analysis & Transformation. In Proc. IEEE CGO, 2004.

Digital Library

[44]

J. R. Lorch, A. Baumann, L. Glendenning, D. Meyer, and A. Warfield. Tardigrade: Leveraging Lightweight Virtual Machines to Easily and Efficiently Construct Fault-Tolerant Services. In Proc. USENIX NSDI.

Digital Library

[45]

J. Martins, M. Ahmed, C. Raiciu, V. Olteanu, M. Honda, R. Bifulco, and F. Huici. ClickOS and the Art of Network Function Virtualization. In Proc. USENIX NSDI, 2014.

Digital Library

[46]

R. Mittal, J. Sherry, S. Ratnasamy, and S. Shenker. Recursively Cautious Congestion Control. In Proc. USENIX NSDI, 2014.

Digital Library

[47]

A. Pesterev, J. Strauss, N. Zeldovich, and R. T. Morris. Improving Network Connection Locality on Multicore Systems. In Proc. ACM EuroSys, 2012.

Digital Library

[48]

R. Potharaju and N. Jain. Demystifying the Dark Side of the Middle: A Field Study of Middlebox Failures in Datacenters. In Proc. ACM IMC, 2013.

Digital Library

[49]

Z. A. Qazi, C.-C. Tu, L. Chiang, R. Miao, V. Sekar, and M. Yu. SIMPLE-fying Middlebox Policy Enforcement Using SDN. In Proc. ACM SIGCOMM, 2013.

Digital Library

[50]

S. Rajagopalan, D. Williams, and H. Jamjoom. Pico Replication: A High Availability Framework for Middleboxes. In Proc. ACM SoCC, 2013.

Digital Library

[51]

S. Rajagopalan, D. Williams, H. Jamjoom, and A. Warfield. Split/Merge: System Support for Elastic Execution in Virtual Middleboxes. In Proc. USENIX NSDI, 2013.

Digital Library

[52]

L. Rizzo. netmap: a Novel Framework for Fast Packet I/O. In Proc. USENIX ATC, 2012.

Digital Library

[53]

L. Rizzo and G. Lettieri. Vale: a Switched Ethernet for Virtual Machines. In Proc. ACM CoNEXT, 2012.

Digital Library

[54]

L. Rizzo, G. Lettieri, and V. Maffione. Speeding Up Packet I/O in Virtual Machines. In ACM/IEEE ANCS, pages 47--58, 2013.

Digital Library

[55]

R. Russell. virtio: Towards a De-facto Standard for Virtual I/O Devices. ACM OSR, 42(5):95--103, 2008.

Digital Library

[56]

S. Savage, M. Burrows, G. Nelson, P. Sobalvarro, and T. Anderson. Eraser: A Dynamic Data Race Detector for Multi-threaded Programs. In Proc. ACM SOSP, 1997.

Digital Library

[57]

F. B. Schneider. Implementing Fault-tolerant Services Using the State Machine Approach: A Tutorial. ACM Comput. Surv., 22(4):299--319, Dec. 1990.

Digital Library

[58]

V. Sekar, N. Egi, S. Ratnasamy, M. K. Reiter, and G. Shi. Design and Implementation of a Consolidated Middlebox Architecture. In Proc. USENIX NSDI, 2012.

Digital Library

[59]

J. Sherry, S. Hasan, C. Scott, A. Krishnamurthy, S. Ratnasamy, and V. Sekar. Making Middleboxes Someone Else's Problem: Network Processing as a Cloud Service. In Proc. ACM SIGCOMM, 2012.

Digital Library

[60]

R. Strom and S. Yemini. Optimistic Recovery in Distributed Systems. ACM Trans. Comput. Syst., 3(3):204--226, Aug. 1985.

Digital Library

[61]

K. Veeraraghavan, D. Lee, B. Wester, J. Ouyang, P. M. Chen, J. Flinn, and S. Narayanasamy. DoublePlay: Parallelizing Sequential Logging and Replay. In Proc. ACM ASPLOS, 2012.

Digital Library

[62]

Z. Wang, Z. Qian, Q. Xu, Z. Mao, and M. Zhang. An Untold Story of Middleboxes in Cellular Networks. In Proc. ACM SIGCOMM, 2011.

Digital Library

Cited By

Takahashi TSato TOki E(2024)Model for Jointly Determining Service Function Chain Routes and Update Scheduling with State ConsistencyIEICE Transactions on Communications10.23919/transcom.2023EBP3203E107-B:12(965-980)Online publication date: Dec-2024
https://doi.org/10.23919/transcom.2023EBP3203
Wang QALFahad SFornes JAnagnostopoulos CKolomvatsos K(2024)Resilient edge predictive analytics by enhancing local modelsOpen Computer Science10.1515/comp-2023-011614:1Online publication date: 13-May-2024
https://doi.org/10.1515/comp-2023-0116
Carvalho FFerreira RCunha ÍVieira MRamanathan M(2024)State Disaggregation for Dynamic Scaling of Network FunctionsIEEE/ACM Transactions on Networking10.1109/TNET.2023.328256232:1(81-95)Online publication date: Feb-2024
https://doi.org/10.1109/TNET.2023.3282562
Show More Cited By

Index Terms

Rollback-Recovery for Middleboxes
1. Computer systems organization
  1. Dependable and fault-tolerant systems and networks
    1. Availability
2. Networks
  1. Network components
    1. Middle boxes / network appliances

Recommendations

Rollback-Recovery for Middleboxes
SIGCOMM'15

Network middleboxes must offer high availability, with automatic failover when a device fails. Achieving high availability is challenging because failover must correctly restore lost state (e.g., activity logs, port mappings) but must do so quickly (...
Roll-Forward and Rollback Recovery: Performance-Reliability Trade-Off
Special issue on mobile computing

Performance and reliability trade-offs depend on the recovery scheme used in any fault-tolerant system. Gain in performance, using comparable resources, typically requires sacrifice in reliability, and vice-versa. Roll-forward schemes for duplex systems ...
Damage Assessment for Optimal Rollback Recovery

Conventional schemes of rollback recovery with checkpointing for concurrent processes have overlooked an important problem: contamination of checkpoints as a result of error propagation among the cooperating processes. Error propagation is unavoidable ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGCOMM '15: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication

August 2015

684 pages

ISBN:9781450335423

DOI:10.1145/2785956

General Chairs:
Steve Uhlig
Queen Mary University of London, UK
,
Olaf Maennel
Tallinn U. of Technology in Estonia, Estonia
,
Program Chairs:
Brad Karp
University College London, UK
,
Jitendra Padhye
Microsoft, USA

ACM SIGCOMM Computer Communication Review Volume 45, Issue 4
SIGCOMM'15
October 2015
659 pages
ISSN:0146-4833
DOI:10.1145/2829988
Editors:
Konstantina Papagiannaki
Telefonica Research, Barcelona, Spain
,
Katerina Argyraki
EPFL, Switzerland
,
Hitesh Ballani
Microsoft Research Cambridge, UK
,
Fabián Bustamante
Northwestern University, USA
,
Joseph Camp
SMU, USA
,
Augustin Chaintreau
Columbia University, USA
,
Phillipa Gill
Stony Brook University, USA
,
Marco Mellia
Politecnico di Torino, Italy
,
Bhaskaran Raman
IIT Bombay, India
,
Joel Sommers
Colgate University, USA
,
Aline Carneiro Viana
INRIA, France
Issue’s Table of Contents

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 August 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Best Student Paper

Author Tags

Qualifiers

Research-article

Funding Sources

Intel Research
NSF

Conference

SIGCOMM '15

Sponsor:

SIGCOMM

SIGCOMM '15: ACM SIGCOMM 2015 Conference

August 17 - 21, 2015

London, United Kingdom

Acceptance Rates

SIGCOMM '15 Paper Acceptance Rate 40 of 242 submissions, 17%;

Overall Acceptance Rate 462 of 3,389 submissions, 14%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

136
Total Citations
View Citations
1,221
Total Downloads

Downloads (Last 12 months)173
Downloads (Last 6 weeks)32

Reflects downloads up to 05 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Takahashi TSato TOki E(2024)Model for Jointly Determining Service Function Chain Routes and Update Scheduling with State ConsistencyIEICE Transactions on Communications10.23919/transcom.2023EBP3203E107-B:12(965-980)Online publication date: Dec-2024
https://doi.org/10.23919/transcom.2023EBP3203
Wang QALFahad SFornes JAnagnostopoulos CKolomvatsos K(2024)Resilient edge predictive analytics by enhancing local modelsOpen Computer Science10.1515/comp-2023-011614:1Online publication date: 13-May-2024
https://doi.org/10.1515/comp-2023-0116
Carvalho FFerreira RCunha ÍVieira MRamanathan M(2024)State Disaggregation for Dynamic Scaling of Network FunctionsIEEE/ACM Transactions on Networking10.1109/TNET.2023.328256232:1(81-95)Online publication date: Feb-2024
https://doi.org/10.1109/TNET.2023.3282562
Hill LRotsos CEdwards CHutchison D(2024)REMEDIATE: Improving Network and Middlebox Resilience With VirtualisationInternational Journal of Network Management10.1002/nem.231735:1Online publication date: 3-Dec-2024
https://doi.org/10.1002/nem.2317
Shahriyar MSaha GBhattacharjee BReaz R(2023)DEFT: Distributed, Elastic, and Fault-Tolerant State Management of Network Functions2023 19th International Conference on Network and Service Management (CNSM)10.23919/CNSM59352.2023.10327813(1-7)Online publication date: 30-Oct-2023
https://doi.org/10.23919/CNSM59352.2023.10327813
Carisimo EWang CWeaver MBustamante FBarford P(2023)A Hop Away from Everywhere: A View of the Intercontinental Long-haul InfrastructureProceedings of the ACM on Measurement and Analysis of Computing Systems10.1145/36267787:3(1-26)Online publication date: 7-Dec-2023
https://dl.acm.org/doi/10.1145/3626778
Parizotto RCoelho BNunes DHaque ISchaeffer-Filho A(2023)Offloading Machine Learning to Programmable Data Planes: A Systematic SurveyACM Computing Surveys10.1145/360515356:1(1-34)Online publication date: 26-Aug-2023
https://dl.acm.org/doi/10.1145/3605153
Shahinfar FMiano SSiracusano GBifulco RPanda AAntichi GBaumann ACrooks NSchwarzkopf M(2023)Automatic Kernel Offload Using BPFProceedings of the 19th Workshop on Hot Topics in Operating Systems10.1145/3593856.3595888(143-149)Online publication date: 22-Jun-2023
https://dl.acm.org/doi/10.1145/3593856.3595888
Lupu CAlbișoru ANichita RBlânzeanu DPogonaru MDeaconescu RRaiciu CFedorova ANarayanan DDi Luna GQuerzoni L(2023)Nephele: Extending Virtualization Environments for Cloning Unikernel-based VMsProceedings of the Eighteenth European Conference on Computer Systems10.1145/3552326.3587454(574-589)Online publication date: 8-May-2023
https://dl.acm.org/doi/10.1145/3552326.3587454
Alizadeh Noghani KKassler ATaheri JÖhlén PCurescu C(2023)Multiobjective Genetic Algorithm for Fast Service Function Chain ReconfigurationIEEE Transactions on Network and Service Management10.1109/TNSM.2022.319582020:3(3501-3522)Online publication date: Sep-2023
https://doi.org/10.1109/TNSM.2022.3195820
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents