Self-configuring Software-defined Overlay Bypass for Seamless Inter- and Intra-cloud Virtual Networking

Many techniques have been proposed to provide, transparently, the abstraction of a layer-2 virtual network environment within a provider, e.g. by leveraging Software-Defined Networking (SDN). However, cloud providers often constrain layer-2 communication across instances; furthermore, SDN integration and layer-2 messaging between distinct domains distributed across the Internet is not possible, hindering the ability for tenants to deploy their virtual networks across providers. In contrast, overlay networks provide a flexible foundation for inter-cloud virtual private networking (VPN), by tunneling virtual network traffic through private, authenticated end-to-end overlay links. However, overlays inherently incur network virtualization overheads, including header encapsulation and user/kernel boundary crossing. This paper proposes a novel system -- VIAS (VIrtualization Acceleration over SDN) -- that delivers the flexibility of overlays for inter-cloud virtual private networking, while transparently applying SDN techniques (available in existing OpenFlow hardware or software switches) to selectively bypass overlay tunneling and achieve near-native performance for TCP/UDP flows within a provider. Architecturally, VIAS is unique in how it integrates SDN and overlay controllers in a distributed fashion to coordinate the management of virtual network links and flows. The approach is self-organizing, whereby overlay nodes can detect that peer endpoints are in the same network and program bypass flows between OpenFlow switches. While generally applicable, VIAS in particular applies to nested VMs/containers across cloud providers, supporting seamless communication within and across providers. VIAS has been implemented as an extension to an existing virtual network overlay platform (IP-over-P2P, IPOP) by integrating OpenFlow controller functionality with distributed overlay controllers. We evaluate the performance of VIAS in realistic cloud environments using an implementation based on IPOP, the RYU SDN framework, Open vSwitch, and LXC containers across various cloud environment including Amazon, Google compute engine, and CloudLab.