Ke-Yao ZHANG,Jun BI,Yang-Yang WANG

DOI: https://doi.org/10.11897/SP.J.1016.2019.00282

2019-01-01

Abstract:IP tunneling is a technology for packet encapsulation, which encapsulates the original packets in the payload of IP packets.It has been widely used in the field of network virtualization, overlay network, heterogeneous network and so on.Software Defined Networking (SDN) is a new network management architecture, which extracts the control and management logic from the device, thus promoting the innovation of the network.SDN provides open and unified APIs, which greatly enhances the network management efficiency.The establishment and management of tunnels is an important requirement of many applications in SDN.However, as a significant southbound interface, OpenFlow only supports tag-based tunneling (e.g., MPLS), but does not primitively support the establishment of IP tunnels.As a result, OpenFlow has many restrictions on network application, function and scalability in terms of tunneling.To solve the problem, data plane which supports OpenFlow usually adopts the approach of traditional configurations, which provides various of vendor-dependent configure commands and programmable APIs, rather than a unified standard interface.But these commands or APIs are different on different targets.Therefore, IP tunneling is not actually simplified in SDN, suffering from maintenance difficulty, management complexity, and low flexibility.Inspired by the Match-Action Table programming models in OpenFlow, we argue that expressing tunneling logic with the MAT model could improve the programmability and flexibility.We propose a mechanism of IP tunneling based on Match-Action Table in SDN, called MAT tunnel.The MAT tunnel can encapsulate and decapsulate directly by real-time installing flow rules instead of manually configuring tunnel ports.We extend the Match and Action Fields in OpenFlow so that the controllers can install flow entries about MAT tunnel on the switches.We also provide RESTful API on controllers for network applications and administrators, which makes it easier to create or remove the MAT tunnel.In addition, we introduce an ARP proxy on the controller to deal with the problem of layer 3 connectivity between MAT tunnel endpoints and traditional gateways.This paper implements the MAT tunnel prototype based on Open vSwitch and Floodlight controller, including VxLAN and GRE tunnels.In our implementation, the first packet of a new flow will be sent to user space, and the following packets of the flow will just be handled in kernel, not going through user space, which can improve the performance.And then, we further enhance the data plane performance of the MAT tunnel using DPDK.This paper also constructs a simulation network environment based on a real ISP topology from the topology zoo dataset.Comparing traditional tunnels, we find that the MAT tunnel can reduce the average delay by 10 percent, which can be further reduced by about 20％ with DPDK.In addition, to evaluate the efficiency of MAT tunnels, we conduct tests in which we switch flow traffic between two different paths by MAT tunnels.This tunnel path switching tests show that the MAT tunnel can significantly decrease the maximum jitter by 3 orders of magnitude and reduce the throughput loss by 50％.These results indicate that the MAT tunnel can effectively reduce the cost of creation and revocation of IP tunnels.