Embedded Computational Elements in Extensible Routers (Thesis)

Report ID: TR-665-02
Author: Karlin, Scott C.
Date: 2002-10-00
Pages: 162
Download Formats: |Postscript|
Abstract:

The demand to extend the set of services, such as network address translation, firewalls, proxies, and virtual private networks, that are supported by Internet-connected devices represents an opportunity to extend the traditional domain of Internet routers beyond simple packet forwarding. An important characteristic is the ability for end-users to install custom services on their routers. Routers with this characteristic are extensible. Due to their critical position in the Internet topology, routers must be robust---when presented with unanticipated workloads, they must allocate their resources across the services they support according to administrator-established policies to ensure that each service gets the resources it needs.

By their nature, hardware-based routers with physically isolated control and data planes are robust but not readily extensible without a redesign while software-based routers may be extensible but are not robust without extensive regression testing; it is difficult to be simultaneously robust and extensible. The most common approach for router vendors is to favor robustness, and support new services on a case-by-case basis. Allowing the end-user to develop and install router services dooms this case-by-case approach to extensibility.

Emerging hardware in the form of intelligent, multi-port line cards that have their own embedded processing capabilities, based on either microprocessors or network processors, suggests that one can build cost-effective PC-based routers that lie in the design space between purely hardware- and software-based. However, the increased diversity of configurations makes both extensibility and robustness challenging. We do not want to require developers to re-implement services for every possible hardware configuration. How do we map the desired services onto the hardware to preserve robustness?

In this thesis we demonstrate that one can build a router from PC-based components, including programmable line cards, that is simultaneously extensible and robust. To show this, we describe an architecture, called VERA, that supports extensibility through an explicit interface and robustness through isolation of services; we present techniques to implement this architecture on a PC-based router; and we characterize and analyze the problem of mapping the services to the various, heterogeneous processors comprising the router to preserve robustness.