Performance Monitoring with Hˆ2: Hybrid Kernel/eBPF data plane for SRv6 based Hybrid SDN

To read the full-text of this research, you can request a copy directly from the authors.


Segment Routing with IPv6 (SRv6) is a leading Hybrid SDN (HSDN) architecture, as it fully exploits standard IP routing and forwarding both in the control plane and in the data plane. In this paper we design, implement and evaluate a programmable data plane solution for Linux routers called HIKE (HybrId Kernel/eBPF forwarding), integrated in an HSDN/SRv6 architecture. HIKE integrates the conventional Linux kernel packet forwarding with custom designed eBPF/XDP (extended Berkeley Packet Filter/eXtreme Data Path) bypass to speed up performance of SRv6 software routers. Thus, in addition to the hybrid IP/SDN forwarding, we foster an additional hybrid approach inside a Linux forwarding engine combining eBPF/XDP and kernel based forwarding, taking the best from both worlds. Therefore, considering the two different conceptual levels of hybridization, we call our overall solution Hybrid squared or Hˆ2. We have applied the Hˆ2 solution to Performance Monitoring (PM) in Hybrid SDNs, and we show how our HIKE data plane architecture supports SRv6 networking and Performance Monitoring (in particular Loss Monitoring) allowing a significant increase in performance: our implementation results show a remarkable throughput improvement (5x) with respect to a conventional Linux based solution.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... Ĥ2 [18], proposed by Mayer et al., designs, implements and evaluates a programmable data plane solution for Linux routers that support Segment Routing [9] with IPv6 (SRv6) in hybrid IP/SDN networks. Additionally, the solution exploits extended Berkeley Packet Filter/eXtreme Data Path (eBPF/XDP) technologies [29] to speed up the performance of software-based SRv6 routers. ...
This Editorial summarizes the Special Issue entitled Challenges and Solutions for hybrid SDN (Chal. & sol. HSDN) published in Elsevier’s Computer Networks during 2021. We first provide the motivation and context for such a Special Issue, followed by a short explanation and classification of the articles accepted for publication, and concluded with some envisioned future research directions.
Full-text available
Software defined networking (SDN) with OpenFlow-enabled switches operate alongside traditional switches has become a matter of fact in ISP network paradigms which are known as a hybrid SDN (H-SDN) network. When the centralized controller of SDN introduced into an existing network, significant improvement in network use as well as reducing packet losses and delays are expected. However, monitoring such networks is the main concern for better traffic management decision making which can lead to a maximum throughput performance. There is, to our knowledge, only one actual article proposed for H-SDN monitoring scheme so far. Thus, this paper surveys several monitoring methods/techniques for both networks, then propose taxonomy criteria to evaluate the various monitoring methods. The survey includes discussing the design concepts, accuracy and limitations for each, eventually summarize the future research directions for integrated perspective of monitoring in H-SDN networks.
Conference Paper
Full-text available
The extended Berkeley Packet Filter (eBPF) is a recent technology available in the Linux kernel that enables flexible data processing. However, so far the eBPF was mainly used for monitoring tasks such as memory, CPU, page faults, traffic, and more, with a few examples of traditional network services, e.g., that modify the data in transit. In fact, the creation of complex network functions that go beyond simple proof-of-concept data plane applications has proven to be challenging due to the several limitations of this technology, but at the same time very promising due to some characteristics (e.g., dynamic recompilation of the source code) that are not available elsewhere. Based on our experience, this paper presents the most promising characteristics of this technology and the main encountered limitations, and we envision some solutions that can mitigate the latter. We also summarize the most important lessons learned while exploiting eBPF to create complex network functions and, finally, we provide a quantitative characterization of the most significant aspects of this technology.
Full-text available
This document describes a method to perform packet loss, delay, and jitter measurements on live traffic. This method is based on an Alternate-Marking (coloring) technique. A report is provided in order to explain an example and show the method applicability. This technology can be applied in various situations, as detailed in this document, and could be considered Passive or Hybrid depending on the application.
The fast evolution of high-speed networks has raised the need for accurate and scalable network measurement. Thus, in the last few years several new methods to collect network state information have been pursued by network operators and vendors across the board. This article focuses on the AM-PM approach, which allows accurate measurement of performance metrics, including packet loss and delay, using two bits or less in the header of each packet. This method was documented and recently published as an RFC by the IETF [RFC 8321]. This article provides an overview of AM-PM and how it can be applied in practice. The article also shares operational experience from a large-scale deployment and presents experimental results from an implementation of the AM-PM method.
Conference Paper
Programmable packet processing is increasingly implemented using kernel bypass techniques, where a userspace application takes complete control of the networking hardware to avoid expensive context switches between kernel and userspace. However, as the operating system is bypassed, so are its application isolation and security mechanisms; and well-tested configuration, deployment and management tools cease to function. To overcome this limitation, we present the design of a novel approach to programmable packet processing, called the eXpress Data Path (XDP). In XDP, the operating system kernel itself provides a safe execution environment for custom packet processing applications, executed in device driver context. XDP is part of the mainline Linux kernel and provides a fully integrated solution working in concert with the kernel's networking stack. Applications are written in higher level languages such as C and compiled into custom byte code which the kernel statically analyses for safety, and translates into native instructions. We show that XDP achieves single-core packet processing performance as high as 24 million packets per second, and illustrate the flexibility of the programming model through three example use cases: layer-3 routing, inline DDoS protection and layer-4 load balancing.
The SRv6 architecture (Segment Routing based on IPv6 data plane) is a promising solution to support services like Traffic Engineering, Service Function Chaining and Virtual Private Networks in IPv6 backbones and datacenters. The SRv6 architecture has interesting scalability properties as it reduces the amount of state information that needs to be configured in the nodes to support the network services. In this paper, we describe the advantages of complementing the SRv6 technology with an SDN based approach in backbone networks. We discuss the architecture of a SRv6 enabled network based on Linux nodes. In addition, we present the design and implementation of the Southbound API between the SDN controller and the SRv6 device. We have defined a data-model and four different implementations of the API, respectively based on gRPC, REST, NETCONF and remote Command Line Interface (CLI). Since it is important to support both the development and testing aspects we have realized an Intent based emulation system to build realistic and reproducible experiments. This collection of tools automate most of the configuration aspects relieving the experimenter from a significant effort. Finally, we have realized an evaluation of some performance aspects of our architecture and of the different variants of the Southbound APIs and we have analyzed the effects of the configuration updates in the SRv6 enabled nodes.
Hybrid software defined network (SDN) is a network where legacy routers and SDN routers coexist during the incremental deployment of SDNs. Existing SDN router placement methods mainly focus on maximizing the traffic engineering performance under a limited budget. Traffic engineering requires real-time link load information. However, the latency for collecting the global link load information can be prohibitively long in a wide area network due to the long IGP convergence time. Inspired by the sparsity of link load, we propose a novel compressive traffic monitoring method for collecting real-time load information of all links. In this method, the controller only needs to collect the load of a small subset of important links and then estimates the link load of the rest. The minimal number of SDN routers are placed to cover these important links. We use real-world topologies and traffic matrices to evaluate our method. Experiment results show that our method can quickly estimate the global link load at an error rate of 5% within sub-second. Compared with state-of-theart methods, our method has better adaptability to the dynamic traffic changes and can reduce the maximal link usage by 39%.
Conference Paper
Many versions of Unix provide facilities for user-level packetcapture, making possible the use of general purpose workstationsfor network monitoring. Because network monitorsrun as user-level processes, packets must be copied across thekernel/user-space protection boundary. This copying can beminimized by deploying a kernel agent called a packet filter,which discards unwanted packets as early as possible. Theoriginal Unix packet filter was designed around a stack-basedfilter evaluator...
Performance of IPv6 segment routing in Linux kernel
  • A Abdelsalam
A. Abdelsalam, et al., Performance of IPv6 segment routing in Linux kernel, 90 in: 1st Workshop on Segment Routing and Service Function Chaining (SR+SFC 91
Introducing cloudlab: Scientific infrastructure for advancing cloud architectures and applications
  • Ricci
Building hybrid virtual network functions with express data path
  • VanTu
Leveraging eBPF for programmable network functions with IPv6 segment routing
  • Xhonneux
Flexible failure detection and fast reroute using eBPF and SRv6
  • Xhonneux
Segment Routing Architecture
  • S Previdi
S. Previdi, et al., Segment Routing Architecture, IETF RFC 8402, RFC Editor, 20 2018, URL
Segment routing with the MPLS data plane
  • A Bashandy
A. Bashandy, et al., Segment routing with the MPLS data plane, 2019, RFC 8660.
  • Rfc Editor
RFC Editor, 2020,, URL https://tools.ietf. 27 org/html/rfc8754.
Internet 29 Engineering Task Force, 2020, Internet-Draft draft-matsushima-spring-srv6-30 deployment-status. Work in Progress
  • S Matsushima
S. Matsushima, et al., SRv6 Implementation and Deployment Status, Internet 29 Engineering Task Force, 2020, Internet-Draft draft-matsushima-spring-srv6-30 deployment-status. Work in Progress. URL matsushima-spring-srv6-deployment-status.
Internet-Draft draft-dukes-spring-sr-for-sdwan
  • Ing Task Force
ing Task Force, 2019, Internet-Draft draft-dukes-spring-sr-for-sdwan. Work in 35 Progress
Internet-Draft draft-ietf-44 spring-srv6-network-programming-16. Work in Progress
  • Programming
Programming, Internet Engineering Task Force, 2020, Internet-Draft draft-ietf-44 spring-srv6-network-programming-16. Work in Progress. URL https://datatracker. 45
SRv6-PM: Performance Monitoring of SRv6 Networks with a 50
  • P Loreti
P. Loreti, et al., SRv6-PM: Performance Monitoring of SRv6 Networks with a 50
Performance Measure-53 ment Using TWAMP Light for Segment Routing Networks
  • R Gandhi
  • C Filsfils
  • D Voyer
  • M Chen
  • B Janssens
R. Gandhi, C. Filsfils, D. Voyer, M. Chen, B. Janssens, Performance Measure-53 ment Using TWAMP Light for Segment Routing Networks, Internet Engineering 54
the CloudLab Team, Introducing cloudlab: Scientific infrastruc-85
  • R Ricci
  • E Eide
R. Ricci, E. Eide, the CloudLab Team, Introducing cloudlab: Scientific infrastruc-85
Internet-Draft draft-ietf-ippm-ioam-data-10
  • Gineering Task Force
gineering Task Force, 2020, Internet-Draft draft-ietf-ippm-ioam-data-10. Work in 102
The rise of eBPF for non-intrusive 119
  • C Cassagnes
  • L Trestioreanu
  • C Joly
  • R State
C. Cassagnes, L. Trestioreanu, C. Joly, R. State, The rise of eBPF for non-intrusive 119
Leveraging eBPF for programmable 122 network functions with IPv6 segment routing
  • M Xhonneux
  • F Duchene
  • O Bonaventure
M. Xhonneux, F. Duchene, O. Bonaventure, Leveraging eBPF for programmable 122 network functions with IPv6 segment routing, in: Proceedings of the 14th In-123
Flexible failure detection and fast reroute using 126
  • M Xhonneux
  • O Bonaventure
M. Xhonneux, O. Bonaventure, Flexible failure detection and fast reroute using 126