IP tunneling is a technology for packet encapsulation, which encapsulates the original packets in the payload of IP packets.It has been widely used in the field of network virtualization, overlay network, heterogeneous network and so on.Software Defined Networking (SDN) is a new network management architecture, which extracts the control and management logic from the device, thus promoting the innovation of the network.SDN provides open and unified APIs, which greatly enhances the network management efficiency.The establishment and management of tunnels is an important requirement of many applications in SDN.However, as a significant southbound interface, OpenFlow only supports tag-based tunneling (e.g., MPLS), but does not primitively support the establishment of IP tunnels.As a result, OpenFlow has many restrictions on network application, function and scalability in terms of tunneling.To solve the problem, data plane which supports OpenFlow usually adopts the approach of traditional configurations, which provides various of vendor-dependent configure commands and programmable APIs, rather than a unified standard interface.But these commands or APIs are different on different targets.Therefore, IP tunneling is not actually simplified in SDN, suffering from maintenance difficulty, management complexity, and low flexibility.Inspired by the Match-Action Table programming models in OpenFlow, we argue that expressing tunneling logic with the MAT model could improve the programmability and flexibility.We propose a mechanism of IP tunneling based on Match-Action Table in SDN, called MAT tunnel.The MAT tunnel can encapsulate and decapsulate directly by real-time installing flow rules instead of manually configuring tunnel ports.We extend the Match and Action Fields in OpenFlow so that the controllers can install flow entries about MAT tunnel on the switches.We also provide RESTful API on controllers for network applications and administrators, which makes it easier to create or remove the MAT tunnel.In addition, we introduce an ARP proxy on the controller to deal with the problem of layer 3 connectivity between MAT tunnel endpoints and traditional gateways.This paper implements the MAT tunnel prototype based on Open vSwitch and Floodlight controller, including VxLAN and GRE tunnels.In our implementation, the first packet of a new flow will be sent to user space, and the following packets of the flow will just be handled in kernel, not going through user space, which can improve the performance.And then, we further enhance the data plane performance of the MAT tunnel using DPDK.This paper also constructs a simulation network environment based on a real ISP topology from the topology zoo dataset.Comparing traditional tunnels, we find that the MAT tunnel can reduce the average delay by 10 percent, which can be further reduced by about 20% with DPDK.In addition, to evaluate the efficiency of MAT tunnels, we conduct tests in which we switch flow traffic between two different paths by MAT tunnels.This tunnel path switching tests show that the MAT tunnel can significantly decrease the maximum jitter by 3 orders of magnitude and reduce the throughput loss by 50%.These results indicate that the MAT tunnel can effectively reduce the cost of creation and revocation of IP tunnels.%当前基于IP层的隧道技术在网络虚拟化、构建覆盖网络、连接异构网络等方面有着广泛的应用,但是这些传统IP隧道在管理配置方面存在不易维护、管理复杂、效率低等问题.软件定义网络是一种新型网络管控体系结构,它将网络的控制和管理逻辑从网络设备中抽离出来,并提供了开放统一的编程接口,从而大大提升了网络的管理效率.但作为软件定义网络的重要标准,OpenFlow原生并不支持IP隧道的建立,因此在SDN网络中建立隧道依然依赖于传统的配置方式.该文采用SDN中数据平面的匹配动作表编程模型,提出了一种新的IP隧道机制——MAT隧道.MAT隧道可以通过下发流表规则对隧道报文直接进行封装和解封,不再通过配置隧道端口的方式.该文基于开源软件交换机Open vSwitch和开源控制器Floodlight完成了MAT隧道原型的实现,并利用DPDK对于其性能做了一定优化.该文还根据真实拓扑搭建了仿真环境,对MAT隧道与Open vSwitch原有的隧道进行了对比评估,结果显示MAT隧道可以将隧道的平均时延降低10%左右,而采用DPDK加速后可以进一步降低20%左右.而通过隧道进行路径切换的测试表明,MAT隧道将隧道切换过程中的最大抖动降低3个数量级,同时将对吞吐量的影响降低50%.
展开▼
