A Policy-aware Switching Layer for Data Centers

By: 
Dilip A. Joseph, Arsalan Tavakoli, and Ion Stoica
Appears in: 
CCR October 2008

Data centers deploy a variety of middleboxes (e.g., firewalls, load balancers and SSL offloaders) to protect, manage and improve the performance of applications and services they run. Since existing networks provide limited support for middleboxes, administrators typically overload path selection mechanisms to coerce traffic through the desired sequences of middleboxes placed on the network path. These ad-hoc practices result in a data center network that is hard to con gure and maintain, wastes middlebox resources, and cannot guarantee middlebox traversal under network churn.

To address these issues, we propose the policy-aware switching layer or PLayer, a new layer-2 for data centers consisting of inter-connected policy-aware switches or pswitches. Unmodified middleboxes are placed off the network path by plugging them into pswitches. Based on policies specified by administrators, pswitches explicitly forward different types of traffic through different sequences of middleboxes. Experiments using our prototype software pswitches suggest that the PLayer is flexible, uses middleboxes efficiently, and guarantees correct middlebox traversal under churn.