Galleon: Reshaping the Square Peg of NFV

TL;DR

Galleon demonstrates that NFV can be effectively implemented using existing cloud and hardware mechanisms, achieving high performance, scalability, and isolation without requiring custom solutions.

Contribution

The paper introduces Galleon, a system that enables high-performance NFV deployment in cloud environments using standard mechanisms, challenging the need for custom approaches.

Findings

Galleon achieves up to twice the performance per core compared to existing solutions.

NFV can be practically deployed in conventional cloud environments with standard mechanisms.

Performance, scalability, and isolation are attainable without custom hardware or software modifications.

Abstract

Software is often used for Network Functions (NFs) -- such as firewalls, NAT, deep packet inspection, and encryption -- that are applied to traffic in the network. The community has hoped that NFV would enable rapid development of new NFs and leverage commodity computing infrastructure. However, the challenge for researchers and operators has been to align the square peg of high-speed packet processing with the round hole of cloud computing infrastructures and abstractions, all while delivering performance, scalability, and isolation. Past work has led to the belief that NFV is different enough that it requires novel, custom approaches that deviate from today's norms. To the contrary, we show that we can achieve performance, scalability, and isolation in NFV judiciously using mechanisms and abstractions of FaaS, the Linux kernel, NIC hardware, and OpenFlow switches. As such, with our system Galleon, NFV can be practically-deployable today in conventional cloud environments while delivering up to double the performance per core compared to the state of the art.