Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
R-tree-based data migration and self-tuning strategies in shared-nothing spatial databases
Proceedings of the 9th ACM international symposium on Advances in geographic information systems
ClassBench: a packet classification benchmark
IEEE/ACM Transactions on Networking (TON)
The nature of data center traffic: measurements & analysis
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Scalable flow-based networking with DIFANE
Proceedings of the ACM SIGCOMM 2010 conference
ElasticTree: saving energy in data center networks
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
SPAIN: COTS data-center Ethernet for multipathing over arbitrary topologies
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
Hedera: dynamic flow scheduling for data center networks
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
CloudPolice: taking access control out of the network
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
Virtualizing the network forwarding plane
Proceedings of the Workshop on Programmable Routers for Extensible Services of Tomorrow
Sharing the data center network
Proceedings of the 8th USENIX conference on Networked systems design and implementation
NetLord: a scalable multi-tenant network architecture for virtualized datacenters
Proceedings of the ACM SIGCOMM 2011 conference
DevoFlow: scaling flow management for high-performance networks
Proceedings of the ACM SIGCOMM 2011 conference
FairCloud: sharing the network in cloud computing
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
MicroTE: fine grained traffic engineering for data centers
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Scalable rule management for data centers
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
Cloud operators increasingly need many fine-grained rules to better control individual network flows for various management tasks. While previous approaches have advocated placing rules either on hypervisors or switches, we argue that future data centers would benefit from leveraging rule processing capabilities at both for better scalability and performance. In this paper, we propose vCRIB, a virtualized Cloud Rule Information Base that allows operators to freely define different management policies without the need to consider underlying resource constraints. The challenge in our approach is the design of a vCRIB manager that automatically partitions and places rules at both hypervisors and switches to achieve a good trade-off between resource usage and performance.