Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
System support for bandwidth management and content adaptation in internet applications
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Optimizing network virtualization in Xen
ATEC '06 Proceedings of the annual conference on USENIX '06 Annual Technical Conference
OpenFlow: enabling innovation in campus networks
ACM SIGCOMM Computer Communication Review
NOX: towards an operating system for networks
ACM SIGCOMM Computer Communication Review
A scalable, commodity data center network architecture
Proceedings of the ACM SIGCOMM 2008 conference on Data communication
Bridging the gap between software and hardware techniques for I/O virtualization
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
VL2: a scalable and flexible data center network
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Crossbow: from hardware virtualized NICs to virtualized networks
Proceedings of the 1st ACM workshop on Virtualized infrastructure systems and architectures
Adaptive Routing in Data Center Bridges
HOTI '09 Proceedings of the 2009 17th IEEE Symposium on High Performance Interconnects
SR-IOV networking in Xen: architecture, design and implementation
WIOV'08 Proceedings of the First conference on I/O virtualization
CloudPolice: taking access control out of the network
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
SecondNet: a data center network virtualization architecture with bandwidth guarantees
Proceedings of the 6th International COnference
Exploring potential vulnerabilities in data center network
Proceedings of the ACM CoNEXT Student Workshop
Topology switching for data center networks
Hot-ICE'11 Proceedings of the 11th USENIX conference on Hot topics in management of internet, cloud, and enterprise networks and services
Sharing the data center network
Proceedings of the 8th USENIX conference on Networked systems design and implementation
NetLord: a scalable multi-tenant network architecture for virtualized datacenters
Proceedings of the ACM SIGCOMM 2011 conference
The TCP outcast problem: exposing unfairness in data center networks
NSDI'12 Proceedings of the 9th USENIX conference on Networked Systems Design and Implementation
Netshare and stochastic netshare: predictable bandwidth allocation for data centers
ACM SIGCOMM Computer Communication Review
A game based approach for sharing the data center network
ISNN'12 Proceedings of the 9th international conference on Advances in Neural Networks - Volume Part I
What we talk about when we talk about cloud network performance
ACM SIGCOMM Computer Communication Review
Resource-freeing attacks: improve your cloud performance (at your neighbor's expense)
Proceedings of the 2012 ACM conference on Computer and communications security
Coflow: a networking abstraction for cluster applications
Proceedings of the 11th ACM Workshop on Hot Topics in Networks
More for your money: exploiting performance heterogeneity in public clouds
Proceedings of the Third ACM Symposium on Cloud Computing
MAPLE: a scalable architecture for maintaining packet latency measurements
Proceedings of the 2012 ACM conference on Internet measurement conference
International Journal of Web and Grid Services
Scalable, optimal flow routing in datacenters via local link balancing
Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
Network support for resource disaggregation in next-generation datacenters
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
Managing the network with Merlin
Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks
SR-IOV based Virtual Network Sharing
Proceedings of the Second International Conference on Innovative Computing and Cloud Computing
Group-based memory oversubscription for virtualized clouds
Journal of Parallel and Distributed Computing
SENIC: scalable NIC for end-host rate limiting
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
While today's virtual datacenters have hypervisor based mechanisms to partition compute resources between the tenants co-located on an end host, they provide little control over how tenants shore the network. This opens cloud applications to interference from other tenants, resulting in unpredictable performance and exposure to denial of service attacks. This paper explores the design space for achieving performance isolation between tenants. We find that existing schemes for enterprise datacenters suffer from at least one of these problems: they cannot keep up with the numbers of tenants and the VM churn observed in cloud datacenters; they impose static bandwidth limits to obtain isolation at the cost of network utilization; they require switch and/or NIC modifications; they cannot tolerate malicious tenants and compromised hypervisors. We propose Seawall, an edge-based solution, that achieves max-min fairness across tenant VMs by sending traffic through congestion-controlled, hypervisor-to-hypervisor tunnels.