Summary:
This paper introduced PLayer, a policy aware switching layer for data centers which enables an efficient and flexible deployment of middle-boxes in data centers. Currently data centers need to install different kind of middle boxes such as firewalls and SSL offloaders implicitly on the path which flows are traversing through in an ad-hoc fashion. This approach is not flexible, mostly can not guarantee the usage of middle box and require heavy manual configurations.
PLayer addresses this problem by separating policy from reachability and further using off-path middle boxes. This architecture is based on an interconnected layer of policy aware switches (pswitches). Middle boxes are connected to pswithces (off-path) and every pswitch forwards frames according to specified policies by administrators. Administrators can specify high level policies specifying the sequence of services a traffic need to traverse through. PLayer translates this policy onto rules which are implemented by pswitches. Rule tables at the pswitches are managed from a centeralized structure which is also responsible for monitoring middle boxes and updating pswitches of their status.
The paper goes on to a detailed description of pswitch routers, the policy specification and guarantees under churn. It is possible to gradually upgrade the current data centers with the PLayer structure and there is no need for one time major restructuring which is a big advantage.
Critique:
The PLayer definitely enables much more flexible and sophisticated usage of middle-boxes. The authors argue that usage of off-path middle boxes will not be much of a problem since the DC environment is a very low latency and high bandwidth one. I wonder if the latency increase and overhead is really as insignificant as the authors claim. I would vote for keeping a shorter version of this paper in the syllabus.
This paper introduced PLayer, a policy aware switching layer for data centers which enables an efficient and flexible deployment of middle-boxes in data centers. Currently data centers need to install different kind of middle boxes such as firewalls and SSL offloaders implicitly on the path which flows are traversing through in an ad-hoc fashion. This approach is not flexible, mostly can not guarantee the usage of middle box and require heavy manual configurations.
PLayer addresses this problem by separating policy from reachability and further using off-path middle boxes. This architecture is based on an interconnected layer of policy aware switches (pswitches). Middle boxes are connected to pswithces (off-path) and every pswitch forwards frames according to specified policies by administrators. Administrators can specify high level policies specifying the sequence of services a traffic need to traverse through. PLayer translates this policy onto rules which are implemented by pswitches. Rule tables at the pswitches are managed from a centeralized structure which is also responsible for monitoring middle boxes and updating pswitches of their status.
The paper goes on to a detailed description of pswitch routers, the policy specification and guarantees under churn. It is possible to gradually upgrade the current data centers with the PLayer structure and there is no need for one time major restructuring which is a big advantage.
Critique:
The PLayer definitely enables much more flexible and sophisticated usage of middle-boxes. The authors argue that usage of off-path middle boxes will not be much of a problem since the DC environment is a very low latency and high bandwidth one. I wonder if the latency increase and overhead is really as insignificant as the authors claim. I would vote for keeping a shorter version of this paper in the syllabus.
No comments:
Post a Comment