Stefan Schmid and Doug Shepherd
In IEE Workshop on Application Layer Active Networks: Techniques and
Deployment,
November 2000, London, UK.
Abstract
Most of today’s Active Network solutions either require profound low-level programming skills in order to program active nodes, or trade off network performance by moving active code execution into high-level execution environments in user space (or virtual machines). Examples for the former approach are Router Plugins [1] and LARA [2]. While these active network solutions try to maintain high performance and network throughput despite the active processing, other approaches, such as for example ANTS [3], Active Bridge [4], Pronto [5], Janos [6], focus on ease of programmability, safety and security instead.
This presentation introduces LARA++, which is the result of our continuous development of the Lancaster Active Router Architecture (LARA) [2], and demonstrates, how LARA++ circumvents performance degradation caused by conventional user-level programming without trading off its advantages, namely ease of programmability, safety and security.
LARA++ programmability enables network users (i.e. administrators, privileged users and/or even end-users) to dynamically extend the functionality of active nodes according to the “programmable switch” model [7]. Programmability is achieved by providing a flexible composition framework [8], which allows integration of small functional components, called Active Components (ACs), in the overall packet processing chain on the node (router). An active component could, for example, extend the network stack to support a new IP protocol option or assist mobile IP protocols to improve network handoff times as described in [9].
LARA++ supports user-level active programmability of network nodes based on standard programming tools (i.e. compilers, debuggers). More specifically, active components are implemented as standard user-level dynamic link libraries, which simply export a set of functions in order to initialise, activate and shutdown the component. When activated on the router, active components are loaded into the process space of a Processing Environment (PE), where the active code execution is carried out. Safety and security is ensured by restricting the active code to access only the specialised active programming interface provided by the LARA++ PE. All other system calls are strictly blocked through an alteration of the operating system call interface.
One of the main novelties in the LARA++ system design lies in the fast packet handling techniques supporting user-level active processing. High performance is achieved by avoiding expensive copy operations in order to pass data from the low-level system devices (i.e. network devices in kernel space) up into user space and vice versa. Active LARA++ components indicate the data packets of interest to the LARA++ node OS by means of packet filters, which are registered during component initialisation (or later when a filter change is required). Upon successful classification of a data packet, LARA++ maps the physical memory pages where the data was received by the network device directly into the virtual address space of the AC, thereby avoiding the expense of copying network data into the virtual memory of the execution environment (e.g. virtual machine) in user-space and back again. Upon completion of the active processing, the AC marks the packet ready to be sent by setting a pointer in the output queue. Consequently, the low-level LARA++ node OS un-maps the packet from the virtual memory of the processing environment and forwards it as usual.
The presentation entails a brief overview on the LARA++ active node architecture, describes its main design objectives, and discusses its advantages over current active node architectures. The main focus of the presentation shows how LARA++ preserves the ease of user-level active programmability without trading off the performance in the data path processing. As outlined above, we demonstrate how LARA++ intercepts link-level frames, classifies them according to the packet filters associated to an AC, memory maps them into the virtual address space of the user-level AC, and finally un-maps and forwards them onwards. Following the technical discussion on how LARA++ achieves high performance for the packet handling, we illustrate how LARA++ active components can be programmed and debugged by means of standard programming tools. We complete the presentation by discussing the safety and security model behind LARA++ active component processing.
References:
[1] D. Decasper et al., “Router Plugins: A Software Architecture for Next Generation Routers”, SIGCOMM ’98, Vancouver, CA, September 1998.
[2] R. Cardoe, et al., “LARA: A Prototype System for Supporting High Performance Active Networking”, In Proceedings of IWAN ’99, June 1999.
[3] D.UJ. Wetherall, J.V. Guttag and D.L. Tennenhouse, “ANTS: A Toolkit for Building and Dynamically Deploying Network Protocols”, IEEE OPENARCH ’98, San Francisco, CA, April 1998
[4] D. Scott, et al., “Active Bridging”, In Proceedings of SIGCOMM Conference, ACM, 1997.
[5] G. Hjálmtýsson, “The Pronto Platform - A Flexible Toolkit for Programming Networks using a Commodity Operating System”, IEEE OPENARCH ’00, Tel Aviv, Israel.
[6] “Janos: A Java-based Active Network Operating System”, http://www.cs.utah.edu/projects/ flux/janos/
[7] D.L. Tennenhouse et al., “A Survey of Active Network Research”, IEEE Communications, January 1997.
[8] S. Schmid, “LARA++ Design Specification”, Lancaster University DMRG Internal Report, MPG-00-03, January 2000.
[9] S. Schmid, J. Finney, A. Scott, D.W. Shepherd, "Component-based Active Networks for Mobile Multimedia Systems", in Proc. of Network and Operating Systems Support for Digital Audio and Video (NOSSDAV'2000), 26-28 June 2000, Chapel Hill, NC.