Quick NAT: High performance NAT system on commodity platforms

TL;DR

Quick NAT is a high-performance NAT system designed for commodity platforms, utilizing DPDK, multi-core processing, lock-free hash tables, and hash search to significantly enhance throughput for IPv4 address translation.

Contribution

The paper introduces a novel NAT system that combines DPDK, parallel processing, and efficient data structures to achieve high throughput on standard hardware.

Findings

Significantly improved NAT throughput on commodity hardware.

Reduced latency and CPU utilization in NAT processing.

Demonstrated effectiveness of combined techniques in real-world scenarios.

Abstract

NAT gateway is an important network system in today's IPv4 network when translating a private IPv4 address to a public address. However, traditional NAT system based on Linux Netfilter cannot achieve high network throughput to meet modern requirements such as data centers. To address this challenge, we improve the network performance of NAT system by three ways. First, we leverage DPDK to enable polling and zero-copy delivery, so as to reduce the cost of interrupt and packet copies. Second, we enable multiple CPU cores to process in parallel and use lock-free hash table to minimize the contention between CPU cores. Third, we use hash search instead of sequential search when looking up the NAT rule table. Evaluation shows that our Quick NAT system significantly improves the performance of NAT on commodity platforms.