Approximation algorithms for bin packing: a survey
Approximation algorithms for NP-hard problems
A PTAS for the multiple knapsack problem
SODA '00 Proceedings of the eleventh annual ACM-SIAM symposium on Discrete algorithms
Implementing a distributed firewall
Proceedings of the 7th ACM conference on Computer and communications security
R-tree-based data migration and self-tuning strategies in shared-nothing spatial databases
Proceedings of the 9th ACM international symposium on Advances in geographic information systems
Packet classification using multidimensional cutting
Proceedings of the 2003 conference on Applications, technologies, architectures, and protocols for computer communications
ClassBench: a packet classification benchmark
IEEE/ACM Transactions on Networking (TON)
Practical declarative network management
Proceedings of the 1st ACM workshop on Research on enterprise networking
Rethinking enterprise network control
IEEE/ACM Transactions on Networking (TON)
The nature of data center traffic: measurements & analysis
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
EffiCuts: optimizing packet classification for memory and throughput
Proceedings of the ACM SIGCOMM 2010 conference
Scalable flow-based networking with DIFANE
Proceedings of the ACM SIGCOMM 2010 conference
ElasticTree: saving energy in data center networks
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
Hedera: dynamic flow scheduling for data center networks
NSDI'10 Proceedings of the 7th USENIX conference on Networked systems design and implementation
CloudPolice: taking access control out of the network
Hotnets-IX Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks
Network traffic characteristics of data centers in the wild
IMC '10 Proceedings of the 10th ACM SIGCOMM conference on Internet measurement
Virtualizing the network forwarding plane
Proceedings of the Workshop on Programmable Routers for Extensible Services of Tomorrow
Onix: a distributed control platform for large-scale production networks
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Sharing the data center network
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Sharing-aware algorithms for virtual machine colocation
Proceedings of the twenty-third annual ACM symposium on Parallelism in algorithms and architectures
NetLord: a scalable multi-tenant network architecture for virtualized datacenters
Proceedings of the ACM SIGCOMM 2011 conference
DevoFlow: scaling flow management for high-performance networks
Proceedings of the ACM SIGCOMM 2011 conference
FairCloud: sharing the network in cloud computing
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
MicroTE: fine grained traffic engineering for data centers
Proceedings of the Seventh COnference on emerging Networking EXperiments and Technologies
Procera: a language for high-level reactive network control
Proceedings of the first workshop on Hot topics in software defined networks
vCRIB: virtualized rule management in the cloud
HotCloud'12 Proceedings of the 4th USENIX conference on Hot Topics in Cloud Ccomputing
FasTrak: enabling express lanes in multi-tenant data centers
Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
Bullet trains: a study of NIC burst behavior at microsecond timescales
Proceedings of the ninth ACM conference on Emerging networking experiments and technologies
SENIC: scalable NIC for end-host rate limiting
NSDI'14 Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation
| Hi-index | 0.00 |
Cloud operators increasingly need more and more fine-grained rules to better control individual network flows for various traffic management policies. In this paper, we explore automated rule management in the context of a system called vCRIB (a virtual Cloud Rule Information Base), which provides the abstraction of a centralized rule repository. The challenge in our approach is the design of algorithms that automatically off-load rule processing to overcome resource constraints on hypervisors and/or switches, while minimizing redirection traffic overhead and responding to system dynamics. vCRIB contains novel algorithms for finding feasible rule placements and adapting traffic overhead induced by rule placement in the face of traffic changes and VM migration. We demonstrate that vCRIB can find feasible rule placements with less than 10% traffic overhead even in cases where the traffic-optimal rule placement may be infeasible with respect to hypervisor CPU or memory constraints.