{"title":"A new index of hidden workload for firewall rule processing on virtual machine","authors":"Dai Suzuki, Satoshi Imai, T. Katagiri","doi":"10.1109/ICCNC.2017.7876203","DOIUrl":null,"url":null,"abstract":"Network Functions Virtualization (NFV) is a technology for running software-based functions on commodity hardware, which can lead to cost savings and flexible functionality. However, due to the software processing of network functions, the performance of Virtualized Network Functions (VNFs) is considerably degraded in relation to the types of VNFs and the configuration of VNF applications. Therefore, for a practical NFV system, grasping the accurate workload of VNF applications and managing the VNF performance are important. This paper focuses on analysis of a virtual firewall as a representative VNF. We first reveal new insights about the performance characteristics of the virtual firewall through preliminary experiments. Furthermore, we propose a method for estimating the hidden workload of the virtual firewall by using the number of rules in an Access Control List (ACL) and the traffic volume for each rule. Finally, we show the effectiveness of the proposed methods.","PeriodicalId":135028,"journal":{"name":"2017 International Conference on Computing, Networking and Communications (ICNC)","volume":"294 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Computing, Networking and Communications (ICNC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCNC.2017.7876203","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Network Functions Virtualization (NFV) is a technology for running software-based functions on commodity hardware, which can lead to cost savings and flexible functionality. However, due to the software processing of network functions, the performance of Virtualized Network Functions (VNFs) is considerably degraded in relation to the types of VNFs and the configuration of VNF applications. Therefore, for a practical NFV system, grasping the accurate workload of VNF applications and managing the VNF performance are important. This paper focuses on analysis of a virtual firewall as a representative VNF. We first reveal new insights about the performance characteristics of the virtual firewall through preliminary experiments. Furthermore, we propose a method for estimating the hidden workload of the virtual firewall by using the number of rules in an Access Control List (ACL) and the traffic volume for each rule. Finally, we show the effectiveness of the proposed methods.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
