Danhua Guo,Guangdeng Liao,Laxmi N. Bhuyan,Bin Liu,Jianxun Jason Ding

DOI: https://doi.org/10.1145/1477942.1477952

2008-01-01

Abstract:ABSTRACTL7-filter is a significant component in Linux's QoS framework that classifies network traffic based on application layer data. It enables subsequent distribution of network resources in respect to the priority of applications. Considerable research has been reported to deploy multi-core architectures for computationally intensive applications. Unfortunately, the proliferation of multi-core architectures has not helped fast packet processing due to: 1) the lack of efficient parallelism in legacy network programs, and 2) the non-trivial configuration for scalable utilization on multi-core servers. In this paper, we propose a highly scalable parallelized L7-filter system architecture with affinity-based scheduling on a multi-core server. We start with an analytical study of the system architecture based on an offline design. Similar to Receive Side Scaling (RSS) in the NIC, we develop a model to explore the connection level parallelism in L7-filter and propose an affinity-based scheduler to optimize system scalability. Performance results show that our optimized L7-filter has superior scalability over the naive multithreaded version. It improves system performance by about 50% when all the cores are deployed.

Danhua Guo,Guangdeng Liao,Laxmi N. Bhuyan,Bin Liu

DOI: https://doi.org/10.1145/1882486.1882497

2009-01-01

Abstract:Ubiquitous multi-core-based web servers and edge routers are increasingly popular in deploying computationally intensive Deep Packet Inspection (DPI) programs. Previous work has shown the benefits of connection locality-based scheduling on multi-core servers to improve L7-filter performance. However, we show that highly threaded hierarchical multi-core processors, such as the Sun Niagara 2 processor, accumulate imbalanced workload at each resource layer. This workload imbalance potentially offsets the benefits from connection locality. In addition, connection-locality-based load balance fails to work when network traffic is unevenly distributed. In this paper, we propose an adaptive hash-based multilayer scheduler for a highly threaded hierarchical Sun Niagara 2 server. Our scheduler maintains connection locality and adaptively adjusts the scheduling to balance the real time workload. The original Highest Random Weight (HRW) hash guarantees the connection locality but only balances the workload over the number of different connections. We enhance the original single layer HRW into a hierarchical "hash tree" scheduler to balance the connection workload in accordance with the hierarchical processor architecture. We then optimize our multilayer scheduler to adaptively adjust scheduling decisions based on service time at each level, further improving the system load balance. Our scheduler is shown to increase the system throughput by 59.2% compared to the previously proposed connection locality optimization.

Junchang Wang,Haipeng Cheng,Bei Hua,Xinan Tang

DOI: https://doi.org/10.1145/1542275.1542307

2009-01-01

Abstract:The industry wide shift to multi-core architectures arouses great interests in parallelizing sequential applications. However, it I S very difficult to parallelize fine-grained applications for multicore architectures due to insufficient hardware support of fast communication and synchronization. Fortunately, network applications can be decomposed into pipelined structures that are amenable to streaming based parallel processing. To realize the potential of pipelining on multi-core architectures, it requires reevaluating the basic tradeoffs in parallel processing, including the ones between load balance and data locality and between general lock mechanisms and special lock-free data structures. This paper presents the practice of building a high-performance multi-core based network processing platform in which connection-affinity and lock-free design principles are applied effectively for better data locality and faster core-to-core synchronization and communication.We parallelize a complete Layer 2 to Layer 7 (L2-L7) network processing system on an Intel Core 2 Quad processor, including a TCP/IP stack based on Libnids (L2-L4) and a port-independent protocol identification engine by deep packet inspection (L7+). Furthermore, we develop a compiling method to transform sequential network applications to parallel ones to enable those applications to run on multi-core architectures. Our experience suggests that (1) fine-grained pipelining can be a good software solution for parallelizing network applications on multi-core architectures if connection-affinity and lock-free are used as the first design principles; (2) a delicate partitioning scheme is required to map pipelined structures onto specific multi-core architecture; (3) an automatic parallelization approach can work if domain knowledge is considered in the parallelizing process. Our multi-core based network processing platform can deliver not only 6Gbps processing speed for large packet sizes but also more challenging 2Gbps speed for smaller packets.

Chuan Xu -,Weiren Shi -,Qingyu Xiong -

DOI: https://doi.org/10.4156/jcit.vol6.issue4.27

2011-01-01

Journal of Convergence Information Technology

Abstract:Recently, it is becoming increasingly difficult to implement effective systems for real-time network monitoring for large variety of applications including accounting, traffic identification and abnormal detection. The current solutions have to resort to custom capturing hardware that usually comes with high cost, and software-based capturing solutions, such as libpcap, cannot cope with 10Gbps link rates. In this article, we propose an architecture customized for parallel execution of packet analysis using commodity multi-core processor which now broadly implemented in personal computer. On our approach, the packets are dispatched with similar properties to same core and partitioned into several parts, which allows threads maintained in each core for concurrent execution. Numerical results based on real Campus network traffic data are presented to demonstrate the good performance and effectiveness of our system.

Jiamin Cao,Ying Liu,Yu Zhou,Lin He,Chen Sun,Yangyang Wang,Mingwei Xu

DOI: https://doi.org/10.1109/tpds.2021.3136575

IF: 5.3

2022-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:As one of the most critical cloud services, Bare-metal Servers introduce stringent performance requirements on data center networks (DCN). Stateful packet filter is an integral DCN component of ensuring connection security for bare-metal servers. However, the off-the-shelf hardware-based and software-based stateful packet filters either are prohibitively costly for cloud DCNs or introduce significant performance bottlenecks. In this paper, we present CoFilter, which employs cheap programmable switches to accelerate the stateful packet filter for bare-metal servers. CoFilter consists of two key designs. First, to support complex stateful packet filtering logic in programmability-limited switching ASICs, CoFilter partitions the stateful packet filtering logic between programmable ASICs and switch CPU. Most packets are directly processed in switching ASICs to achieve high performance, while only a small number of packets go to switch CPU for connection tracking. Second, to track massive connections with constrained hardware memory, CoFilter employs hash to compress connection states and provides an efficient settlement for hash collisions. We build a prototype of CoFilter and evaluate it on the Tofino switch under various data center traffic traces with real-world flow distribution. The evaluation shows that CoFilter largely outperforms NetFilter, i.e., forwarding packets at line rate (13x throughput of NetFilter), keeping packet delay at 1us, and freeing a significant quantity of CPU cores. Furthermore, CoFilter presents great scalability and accommodates over ten million connections with only 16MB SRAM.

Fei He,Yaxuan Qi,Yibo Xue,Jun Li

2008-01-01

Abstract:Load scheduling is critical to the performance of parallel processing network devices. With the rapid development of multi-core technology, efficient load scheduling scheme optimized for multi-core network processors becomes increasingly important and motivates intensive research today. In this paper, we study the relationship between two canonical scheduling schemes, packet-level scheduler and flow-level scheduler, and find out that scheduling at flow-slice level can further exploit parallelism while preserving per-flow packet-order. An adaptive load scheduling scheme at flow-slice level is proposed and evaluated. The experiment results show that this scheme can achieve better balance of workload than that of flow-level scheme, while keeping high cache utilization rate in typical system configurations.

Jiamin Cao,Ying Liu,Yu Zhou,Lin He,Chen Sun,Yangyang Wang,Mingwei Xu

DOI: https://doi.org/10.1109/tpds.2021.3136575

IF: 5.3

2022-09-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:As one of the most critical cloud services, Bare-Metal Servers (BMS) introduce stringent performance requirements on data center networks (DCN). Stateful packet filter is an integral DCN component of ensuring connection security for BMS. However, the off-the-shelf stateful packet filters either are costly for cloud DCNs or introduce significant performance bottlenecks. In this article, we present CoFilter, which leverages low-cost programmable switches to accelerate the stateful packet filter for BMS. CoFilter uses (1) stateful process partition to enable complex stateful packet filtering logic on programmability-limited switching ASICs, (2) state compression to track tens of millions of connections with constrained hardware memory, and (3) per-tenant packet rate limit and tenant-aware flow migration to achieve efficient performance isolation among different tenants. Overall, CoFilter implements a high-performance stateful packet filter via the co-design of programmable switching ASIC and CPU. We evaluate CoFilter under various data center traffic traces with real-world flow distributions. The evaluation results show that CoFilter remarkably outperforms NetFilter, i.e., forwarding packets at line rate (13x throughput of NetFilter), keeping packet delay within 1us, and freeing a significant quantity of CPU cores, with rather small memory usage, i.e., accommodating over $10^7$107 connections with only 16MB SRAM.

computer science, theory & methods,engineering, electrical & electronic

Yu Zhang,Binxing Fang,Yongzheng Zhang

DOI: https://doi.org/10.1016/j.comcom.2010.04.026

IF: 5.047

2010-01-01

Computer Communications

Abstract:Identifying frequent items in high-speed network is important for a variety of network applications ranging from traffic engineering to anomaly detection such as detection of denial of service attacks. To deal with high packet arrival rate, it is desirable that such systems are able to support very high update throughput. The advent of multi-core processors calls for efficient parallel designs which can effectively utilize the parallelism of the multi-cores. In this paper, we address the problem of parallelizing weighted frequency counting in the context of multi-core processors. We discuss the challenges in designing an efficient parallel system. Our evaluation and analysis reveals that the naive fine-grained lock design results in excessive overhead and wait, which in turn leads to severe performance degradation in multi-core architectures. Based on our analysis, we propose a novel method: precision integrated method (PRIM). PRIM makes use of the temporal imprecision concept to significantly reduce the merge overhead at the cost of relatively large memory space used. Both the theoretical analysis and real traffic experiments demonstrate that PRIM delivers almost linear speedup.

Yaxuan Qi,Bo Xu,Fei He,Baohua Yang,Jianming Yu,Jun Li

DOI: https://doi.org/10.1145/1323548.1323552

2007-01-01

Abstract:There is a growing interest in designing high-performance network devices to perform packet processing at flow level. Applications such as stateful access control, deep inspection and flow-based load balancing all require efficient flow-level packet processing. In this paper, we present a design of high-performance flow-level packet processing system based on multi-core network processors. Main contribution of this paper includes: a) A high performance flow classification algorithm optimized for network processors; b) An efficient flow state management scheme leveraging memory hierarchy to support large number of concurrent flows; c) Two hardware-optimized order-preserving strategies that preserve internal and external per-flow packet order. Experimental results show that: a) The proposed flow classification algorithm, AggreCuts, outperforms the well-known HiCuts algorithm in terms of classification rate and memory usage; b) The presented SigHash scheme can manage over 10M concurrent flow states on the Intel IXP2850 NP with extremely low collision rate; c) The performance of internal packet order-preserving scheme using SRAM queue-array is about 70% of that of external packet order-preserving scheme realized by ordered-thread execution.

Beibei Wu,Yang Xu,Bin Liu,Hong Lü,Xiaojun Wang

DOI: https://doi.org/10.1109/hpsr.2005.1503279

2005-01-01

Abstract:In most Network Processors (NP), multiple CPU cores are employed to exploit packet level parallelism, where high processing resource utilization and within-flow packet order preservation are two fundamental design targets. However, while many researches are only focused on the first one, the second has not been solved perfectly. In this paper, a high-speed architecture is proposed to handle both of the two issues simultaneously, where a centralized state controller with hardware flow chains is employed to schedule the CPU cores fairly and to transmit the packets orderly. We also introduce Local Memory to increase CPU utilization as well as to store packets that can't be sent out immediately due to flow constraints. We implement the NP prototype with an FPGA, upon which a series of experiments are carried out, and the results indicate that it can achieve both of the two goals perfectly.

Xiaoyi Shi,Yifan Li,Chengjun Jia,Xiaohe Hu,Jun Li

DOI: https://doi.org/10.1109/INFOCOMWKSHPS57453.2023.10225882

2023-01-01

Abstract:Layer-7 load balancing is an essential pillar in modern enterprise infrastructure. It is inefficient to scale software layer-7 load balancing which requires hundreds of servers to meet the large-scale service requirements of 1 Tbps throughput and 1M concurrent requests. This paper presents L7LB with a novel fast path and slow path co-design architecture running on a heterogeneous programmable server-switch. L7LB is efficient by offloading most packets' forwarding onto the Tbps bandwidth switch chip, with few CPU cores processing application connections. The preliminary prototype demonstrates the layer-7 load balancing functionality and shows that L7LB can meet the large-scale service requirements.

Jilong Kuang,Laxmi N. Bhuyan,Haiyong Xie,Danhua Guo

DOI: https://doi.org/10.1109/ANCS.2011.15

2011-01-01

Abstract:We study a streaming network application-video transcoding to be executed on a multi-core server. It is important for the scheduler to minimize the total processing time and preserve good video quality in an energy-efficient manner. However, the performance of existing scheduling schemes is largely limited by ineffective use of the multi-core architecture characteristic and undifferentiated transcoding cost in terms of energy consumption. In this paper, we identify three key factors that collectively play important roles in affecting transcoding performance: memory access (M), core/cache topology (C) and transcoding format cost (C), or MC2 for short. Based on MC2, we propose E-AHRW, an Energy-efficient Adaptive Highest Random Weight hash scheduler by extending the HRW scheduler proposed for packet scheduling on a homogeneous multiprocessor. E-AHRW achieves stream locality and load balancing at both stream and packet (frame) level by adaptively adjusting the hashing decision according to real-time weighted queue length of each processing unit (PU). Based on E-AHRW, we also design, implement and evaluate a hash-tree scheduler to further reduce the computation cost and achieve more effective load balancing on multi-core architectures. Through implementation on an Intel Xeon server and evaluations on realistic workload, we demonstrate that E-AHRW improves throughput, energy efficiency and video quality due to better load balancing, lower L2 cache miss rate and negligible scheduling overhead.

Xiaoqiang Li,Hong An,Gu Liu,Wenting Han,Mu Xu,Wei Zhou,Qi Li

DOI: https://doi.org/10.1109/ispa.2011.23

2011-01-01

Abstract:Many applications meet certain programming patterns like pipeline, fork-join, do-all etc. While tools such as OS threads and OpenMP allow programmers only to express task or data parallelism, special support for programming patterns is distinctly lacking. Intel threading building blocks (TBB) is developed to address this problem, but its scheduler is general and not optimized for any of its parallel algorithms which include pipeline specially. In this paper, we provide a non-blocking framework for pipeline application on multi-core platform. We target linear pipeline in which each filter has one entrance and one exit. We design a novel work-stealing scheduler optimized specially for pipeline application: first, priority based stealing, priority is calculated for each filter in pipeline so that a worker can find the optimal "victim" easily when it needs to steal, second, multiple tasks can be stolen at a time so that much stealing time is reduced. A non-block queue is used to store intermediate result to reduce lock overhead and increase scalability. We apply our framework to four case studies, including text filter, two fish, ferret, ded up. And our framework reduces execution time of TBB by 72% in best case and 20% on average on an 8 core machine.

Yongdong Zhang,Chenggang Yan,Feng Dai,Yike Ma

DOI: https://doi.org/10.1109/tmm.2012.2190391

IF: 7.3

2012-01-01

IEEE Transactions on Multimedia

Abstract:The H. 264/AVC deblocking filter is becoming the performance bottleneck of H. 264/AVC parallelization on many-core platform. Efficient parallelization of the deblocking filter on a many-core platform is challenging, because the deblocking filter has complicated data dependencies, which provide insufficient parallelism for so many cores. Furthermore, parallelization may have significant synchronization and load imbalance overhead. At present, research on the parallelizing deblocking filter on a many-core platform is rare and focuses on data-level parallelization. In this paper, we propose a three-step framework considering task-level segmentation and data-level parallelization to efficiently parallelize the deblocking filter. First, we review the entire deblocking filter process in 4 4 block edge-level and divide it into two parts: 1) boundary strength computation (BSC) and 2) edge discrimination and filtering (EDF), which increases the parallelism. Then, we apply the Markov empirical transition probability matrix and Huffman tree (METPMHT) to the BSC, which alleviate the load imbalance problem. Finally, we use an independent pixel connected area parallelization (IPCAP) for the EDF, which increases the parallelism and reduces the synchronization. In experiments, we apply our parallel method to the deblocking filter of the H. 264/AVC reference software JM15.1 on the Tile64 platform without any Tile64 platform-based optimizations. Compared to the well-known 2D-wavefront method, the proposed method achieves on average 14.85, 17.83, and 10.60 times speed-up for QCIF, CIF, and HD videos using 62 cores, respectively.

Yf Zheng,Sm He,St Sun,W Gao

DOI: https://doi.org/10.1109/PCCC.2005.1460512

2005-01-01

Abstract:Input Queued switches have been well studied in the recent past. A scheduling algorithm is required to schedule the transfer of packet through the switch fabric (e.g. crossbar) at every time slot. The Maximum Weight Matching (MWM) algorithm is known to deliver 100% throughput under any admissible traffic. However, MWM is not practical for its high computational complexity O(N-3).In this paper, we study a class of approximation algorithms to MWM from the point of view of local search. Notably we observe that: (a) Local search is well suitable for parallel computation. (b) Each line card of high performance router has at least one processor. Based on the two important observations, a parallelized greedy scheduling algorithm is proposed. The proposed algorithm is proved to be rate stable under any admissible traffic. Simulation results show that our algorithm outperforms other randomized approximations to MWM.

Pengcheng He,JinLin Wang,Haojiang Deng,Wu Zhang

DOI: https://doi.org/10.1109/ICFCC.2010.5497642

2010-01-01

Abstract:Previous work has shown that processor affinity is one effective way to improve the performance of SMP systems. A detailed analysis of cache characteristics on network processor is carried out. The result shows that network packet processing can also use cache affinity to gain performance improvements by reduce the miss rate of instruction cache and data cache. A schedule algorithm for multi-core network processor taking both load balancing and packet affinity into account is proposed, called BLA. BLA try to schedule packets from the same flow to the same core while keeping work load balanced between cores. The result shows that, BLA can reduce the number of missed cache access by 13%, while the load difference between cores is controlled within 2%. ©2010 IEEE.

Da-Wei WANG,Pei-lin HONG,Jin-Sheng LI,Hai-Jun YANG

DOI: https://doi.org/10.3321/j.issn:0254-4164.2001.06.007

2001-01-01

Chinese Journal of Computers

Abstract:High speed and multimedia are two trends of the future network. While today's computer networks support only best-effort service, future packet switching integrated service networks will have to support real-time communication services that allow clients to transport information with performance guarantees expressed in terms of delay, delay jitter, throughput, and loss rate. To provide reliable end-to-end quality of service guarantees to the network users, it is necessary to introduce per-flow queuing scheduling algorithms to networks nodes. The Generalized Processor Sharing (GPS) discipline is proven to have desirable properties which is the basis for supporting both the guaranteed service traffic and the best-effort service traffic. Among all the packet approximation algorithms of GPS, WFQ, also known as Packet Generalized Processor Sharing (PGPS), has been considered to be the best one in terms of accuracy. WF2Q+ is an improved algorithm of WFQ, which has the most excellent performance and can be easily implemented at the same time. But the complexity of WF2Q+ implementing structure and sorting operations make it very difficult to be implemented in a high-speed environment. By observing the traffic on the Internet, we can easily find the statistical characteristics of the Internet traffic. In this paper, we provide a high-speed hardware implementation of WF2Q+ algorithm based on statistical shift registering sorting architectures. By making full use of the statistic information of each queue, high-speed and complete sorting operations in sense of statistics can be implemented with less hardware resource. We also implemented our designs on the Field Programmable Gate Array (FPGA) chips by using VHDL hardware description language. According to the implementation results of FPGA, this architecture is fully capable of OC-48 (2.4Gbps) operation in high-speed IP routers. Our simulation results also proved that the scheduling effect of the algorithm we implemented is almost the same as the standard WF2Q+ algorithm.

Lothar Braun,Cornelius Diekmann,Nils Kammenhuber,Georg Carle

DOI: https://doi.org/10.48550/arXiv.1604.02322

2016-04-08

Networking and Internet Architecture

Abstract:Many current traffic monitoring systems employ deep packet inspection (DPI) in order to analyze network traffic. These systems include intrusion detection systems, software for network traffic accounting, traffic classification, or systems for monitoring service-level agreements. Traffic volumes and link speeds of current enterprise and ISP networks transform the process of inspecting traffic payload into a challenging task. In this paper we propose a novel adaptive sampling algorithm that selects the maximum number of packets from the network that the DPI system is able to consume. Our algorithm adapts its sampling rate according to the network traffic currently observed, and the number of packets that a monitoring application is able to process. It can be used in conjunction with current multicore-aware network traffic analysis setups, which allow for exploiting current multi-core hardware. We show the applicability of our algorithm with live-tests on a heavily used 10G link with real network monitoring tools.

Lei Shi,Yue Zhang,Jianming Yu,Bo Xu,Bin Liu,Jun Li

DOI: https://doi.org/10.1109/INFCOM.2007.163

2007-01-01

Abstract:Next-generation high-end network processors (NP) must address demands from both diversified applications and ever-increasing traffic pressure. One major challenge is to design an extraordinary scalable architecture. In this paper, it is argued that such an objective can only be sufficed by introducing highly paralleled structure, namely the paralleled processing-engine cluster (PPC). We demonstrate this point from the trade-off among aspects such as performance, programmability and flexibility. However, PPC natively suffers from several critical issues on load-balancing, intra-flow packet ordering and memory contention. After investigating several existing approaches, we present novel solutions for each issue according to the balance between performance and coast. Through intensive analysis and comprehensive simulations, it is shown that the shortest queue first scheduling with class-based prediction (SQF-C) performs nearly optimally, while the hardware based per-flow ordering mechanism resolves packet out-of-order independently with the load-balancing issue, inducting little throughput degradation. Implementing the unified solution, it is capable to design a PPC supporting up to OC-768c line rate. Real implementation is also carried out in our THNPU-1 prototype to verify the conclusions.

Derong Liu,Ming'e Jing,Yuwen Wang,Zhiyi Yu,Xiaoyang Zeng,Dian Zhou

DOI: https://doi.org/10.1109/ICSICT.2012.6467881

2012-01-01

Abstract:This paper proposes a pipeline-based scheduling algorithm to improve the throughput for heterogeneous multi-core processors. The algorithm decreases the communication and idle time by assigning most parent-child task pairs on the same processor, and balances the work time of processors through a balance condition. The experimental results show that, on average, this algorithm with the above two techniques achieves 113.99% improvement in throughput compared to some existing algorithms.