References of "Mathy, Laurent"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailFlowConvertor: Enabling Portability of SDN Applications
Pan, Heng; Xie, Gaogang; Li, Zhenyu et al

in IEEE INFOCOM 2017 (2017)

Detailed reference viewed: 28 (1 ULg)
Full Text
Peer Reviewed
See detailSplitbox: Toward efficient private network function virtualization
Asghar, Hassan; Melis, Luca; Soldani, Cyril ULg et al

in Proceedings of the 2016 workshop on Hot topics in Middleboxes and Network Function Virtualization (2016)

Detailed reference viewed: 14 (1 ULg)
Full Text
Peer Reviewed
See detailAction computation for compositional software-defined networking
Pan, Heng; Xie, Gaogang; He, Peng et al

in IFIP Networking Conference (2016)

Detailed reference viewed: 50 (1 ULg)
Full Text
Peer Reviewed
See detailFast Userspace Packet Processing
Barbette, Tom ULg; Soldani, Cyril ULg; Mathy, Laurent ULg

in Proceedings of ANCS 2015 (2015, May 07)

In recent years, we have witnessed the emergence of high speed packet I/O frameworks, bringing unprecedented network performance to userspace. Using the Click modular router, we first review and ... [more ▼]

In recent years, we have witnessed the emergence of high speed packet I/O frameworks, bringing unprecedented network performance to userspace. Using the Click modular router, we first review and quantitatively compare several such packet I/O frameworks, showing their superiority to kernel-based forwarding. We then reconsider the issue of software packet processing, in the context of modern commodity hardware with hardware multi-queues, multi-core processors and non-uniform memory access. Through a combination of existing techniques and improvements of our own, we derive modern general principles for the design of software packet processors. Our implementation of a fast packet processor framework, integrating a faster Click with both Netmap and DPDK, exhibits up-to about 2.3x speed-up compared to other software implementations, when used as an IP router. [less ▲]

Detailed reference viewed: 1282 (57 ULg)
Full Text
Peer Reviewed
See detailGuarantee IP lookup performance with FIB explosion
Yang, Tong; Xie, Gaogang; Li, Yanbiao et al

in ACM SIGCOMM Computer Communication Review (2014)

Detailed reference viewed: 20 (1 ULg)
Full Text
Peer Reviewed
See detailMeta-algorithms for software-based packet classification
He, Peng; Xie, Gaogang; Salamatian, Kavé et al

in IEEE 22nd International Conference on Network Protocols (ICNP) 2014 (2014)

Detailed reference viewed: 12 (1 ULg)
Full Text
Peer Reviewed
See detailA Trie Merging Approach with Incremental Updates for Virtual Routers
Luo, LAYONG; Xie, Gaogang; Salamatian, Kavé et al

in Annual International Conference on Computer Communications (2013)

Virtual routers are increasingly being studied, as an important building block to enable network virtualization. In a virtual router platform, multiple virtual router instances coexist, each having its ... [more ▼]

Virtual routers are increasingly being studied, as an important building block to enable network virtualization. In a virtual router platform, multiple virtual router instances coexist, each having its own FIB (Forwarding Information Base). In this context, memory scalability and route updates are two major challenges. Existing approaches addressed one of these challenges but not both. In this paper, we present a trie merging approach, which compactly represents multiple FIBs by a merged trie and a table of next-hop-pointer arrays to achieve good memory scalability, while supporting fast incremental updates by avoiding the use of leaf pushing during merging. Experimental results show that storing the merged trie requires limited memory space, e.g., we only need 10MB memory space to store the merged trie for 14 full FIBs from IPv4 core routers, achieving a memory reduction by 87% when compared to the total size of the individual tries. We implement our approach in an SRAM (Static Random Access Memory)-based lookup pipeline. Using our approach, an on-chip SRAM-based lookup pipeline with 5 external stages is sufficient to store the 14 full IPv4 FIBs. Furthermore, our approach can guarantee a minimum update overhead of one write bubble per update, as well as a high lookup throughput of one lookup per clock cycle, which corresponds to a throughput of 251 million lookups per second in the implementation. [less ▲]

Detailed reference viewed: 68 (3 ULg)
Full Text
Peer Reviewed
See detailToward Predictable Performance in Decision Tree-based Packet Classification Algorithms
He, Peng; Guan, Hongtao; Mathy, Laurent ULg et al

in IEEE LANMAN 2013 (2013)

Detailed reference viewed: 49 (0 ULg)
Full Text
Peer Reviewed
See detailFlowOS: A Programmable Platform for Commodity Hardware Middleboxes
Abdul, Alim; Bezahaf, Mehdi; Mathy, Laurent ULg

in Proceedings of CFI 2013 (2013)

Detailed reference viewed: 101 (3 ULg)
Full Text
Peer Reviewed
See detailFlowOS: a Flow-Based Platform for Middleboxes
Abdul, Alim; Bezahaf, Mehdi; Mathy, Laurent ULg

in Proceedings of CoNEXT Workshops 2013 (2013)

Middleboxes are heavily used in the Internet to process the network tra c for a speci c purpose. As there is no open standards, these proprietary boxes are expensive and di - cult to upgrade. In this ... [more ▼]

Middleboxes are heavily used in the Internet to process the network tra c for a speci c purpose. As there is no open standards, these proprietary boxes are expensive and di - cult to upgrade. In this paper, we present a programmable platform for middleboxes called FlowOS to run on commod- ity hardware. It provides an elegant programming model for writing ow processing software, which hides the complexi- ties of low-level packet processing, process synchronisation, and inter-process communication. We show that FlowOS itself does not add any signi cant overhead to ows by pre- senting some preliminary test results. [less ▲]

Detailed reference viewed: 207 (2 ULg)
Full Text
Peer Reviewed
See detailScalable High-Performance Parallel Design for Network Intrusion Detection Systems on Many-Core Processors
Jiang, Hayang; Xie, Gaogang; Salamatian, Kavé et al

in Proceedings of ANCS 2013 (2013)

Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the relentless network link speed growth and increasing complexity of threats. Both hardware accelerated and parallel ... [more ▼]

Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the relentless network link speed growth and increasing complexity of threats. Both hardware accelerated and parallel software-based NIDS solutions, based on commodity multi-core and GPU processors, have been proposed to overcome these challenges. Network Intrusion Detection Systems (NIDSes) face significant challenges coming from the relentless network link speed growth and increasing complexity of threats. Both hardware accelerated and parallel software-based NIDS solutions, based on commodity multi-core and GPU processors, have been proposed to overcome these challenges. This work explores new parallel opportunities afforded by many-core processors for high performance, scalable and inexpensive NIDS. We exploit the huge many-core computational power by adopting a hybrid parallel architecture combining data and pipeline parallelism. We also design a hybrid load balancing scheme, using both ruleset and flow space partitioning. Furthermore, the proposed design leverages particular features of the processor to break the bottlenecks. We have integrated the open source NIDS Suricata into our proposed design and evaluated its performance with synthetic traffic. The prototype exhibits almost linear speedup and can handle up to 7.2 Gbps traffic with 100-bytes packets. [less ▲]

Detailed reference viewed: 92 (7 ULg)
Full Text
Peer Reviewed
See detailA Hybrid Hardware Architecture for High-speed IP Lookups and Fast Route Updates
Luo, Layong; Xie, Gaogang; Xie, Yingke et al

in IEEE/ACM Transactions on Networking (2013)

As network link rates are being pushed beyond 40 Gb/s, IP lookup in high-speed routers is moving to hardware. The ternary content addressable memory (TCAM)-based IP lookup engine and the static random ... [more ▼]

As network link rates are being pushed beyond 40 Gb/s, IP lookup in high-speed routers is moving to hardware. The ternary content addressable memory (TCAM)-based IP lookup engine and the static random access memory (SRAM)-based IP lookup pipeline are the two most common ways to achieve high throughput. However, route updates in both engines degrade lookup performance and may lead to packet drops. Moreover, there is a growing interest in virtual IP routers where more frequent updates happen. Finding solutions that achieve both fast lookup and low update overhead becomes critical. In this paper, we propose a hybrid IP lookup architecture to address this challenge. The architecture is based on an efficient trie partitioning scheme that divides the forwarding information base (FIB) into two prefix sets: a large disjoint leaf prefix set mapped into an external TCAM-based lookup engine and a small overlapping prefix set mapped into an on-chip SRAM-based lookup pipeline. Critical optimizations are developed on both IP lookup engines to reduce the update overhead. We show how to extend the proposed hybrid architecture to support virtual routers. Our implementation shows a throughput of 250 million lookups per second (equivalent to 128 Gb/s with 64-B packets). The update overhead is significantly lower than that of previous work, the memory consumption is reasonable, and the utilization ratio of most external TCAMs is up to 100%. [less ▲]

Detailed reference viewed: 62 (7 ULg)
Full Text
Peer Reviewed
See detailA Hybrid IP Lookup Architecture with Fast Updates
Luo, Layong; Xie, Gaogang; Xie, Yingke et al

in Annual International Conference on Computer Communications (2012, March)

As network link rates are being pushed beyond 40 Gbps, IP lookup in high-speed routers is moving to hardware. The TCAM (Ternary Content Addressable Memory)-based IP lookup engine and the SRAM (Static ... [more ▼]

As network link rates are being pushed beyond 40 Gbps, IP lookup in high-speed routers is moving to hardware. The TCAM (Ternary Content Addressable Memory)-based IP lookup engine and the SRAM (Static Random Access Memory)- based IP lookup pipeline are the two most common ways to achieve high throughput. However, route updates in both engines degrade lookup performance and may lead to packet drops. Moreover, there is a growing interest in virtual IP routers where more frequent updates happen. Finding solutions that achieve both fast lookup and low update overhead becomes critical. In this paper, we propose a hybrid IP lookup architecture to address this challenge. The architecture is based on an efficient trie partitioning scheme that divides the Forwarding Information Base (FIB) into two prefix sets: a large disjoint leaf prefix set mapped into an external TCAM-based lookup engine and a small overlapping prefix set mapped into an on-chip SRAM-based lookup pipeline. Critical optimizations are developed on both IP lookup engines to reduce the update overhead. We show how to extend the proposed hybrid architecture to support virtual routers. Our implementation shows a throughput of 250 million lookups per second (MLPS). The update overhead is significantly lower than that of previous work and the utilization ratio of most external TCAMs is up to 100%. [less ▲]

Detailed reference viewed: 109 (18 ULg)
Full Text
See detailEditorial for Computer Networks special issue on “Measurement-based optimization of P2P networking and applications”
Fu, Xiaoming; Chen, Yang; Leduc, Guy ULg et al

in Computer Networks (2012), 26(3), 1077-1079

Detailed reference viewed: 77 (14 ULg)
Peer Reviewed
See detailFlowOS: a pure flow-based vision of network traffic
Abdul, Alim; Bezahaf, Mehdi; Mathy, Laurent ULg

in Proceedings of ANCS 2012 (2012)

Detailed reference viewed: 39 (4 ULg)
Full Text
Peer Reviewed
See detailTowards TCAM-based Scalable Virtual Routers
Luo, Layong; Xie, Gaogang; Uhlig, Steve et al

in ACM CoNEXT 2012 Proceedings (2012)

Detailed reference viewed: 53 (10 ULg)
Full Text
Peer Reviewed
See detailTowards Large-Scale Network Virtualization
Papadimitriou, Panagiotis; Houidi, Ines; Louati, Wajdi et al

in Proceedings of WWIC 2012 (2012)

Most existing virtual network (VN) provisioning approaches assume a single administrative domain and therefore, VN deployments are limited to the geographic footprint of the substrate provider. To enable ... [more ▼]

Most existing virtual network (VN) provisioning approaches assume a single administrative domain and therefore, VN deployments are limited to the geographic footprint of the substrate provider. To enable wide-area VN provisioning, network virtualization architectures need to address the intricacies of inter-domain aspects, i.e., how to provi- sion VNs with limited control and knowledge of any aspect of the physical infrastructure. To this end, we present a framework for large-scale VN provisioning. We decompose VN provisioning into multiple steps to overcome the impli- cations of limited information on resource discovery and allocation. We present a new resource selection algorithm with simultaneous node and link mapping to assign resources within each domain. We use a signaling protocol that integrates resource reservations for virtual link setup with Quality-of-Service guarantees. Our experimental results show that small VNs can be provisioned within a few seconds. [less ▲]

Detailed reference viewed: 23 (2 ULg)
Full Text
Peer Reviewed
See detailImproved parallelism and scheduling in multi-core software routers
Egi, Norbert; Iannaccone, Gianluca; Manesh, Maziar et al

in Journal of Supercomputing (2011)

Recent technological advances in commodity server architectures, with multiple multi-core CPUs, integrated memory controllers, high-speed interconnects, and enhanced network interface cards, provide ... [more ▼]

Recent technological advances in commodity server architectures, with multiple multi-core CPUs, integrated memory controllers, high-speed interconnects, and enhanced network interface cards, provide substantial computational capacity, and thus an attractive platform for packet forwarding. However, to exploit this available capacity, we need a suitable software platform that allows effective parallel packet processing and resource management. In this paper, we at first introduce an improved forwarding architecture for software routers that enhances parallelism by exploiting hardware classification and multi-queue support, already available in recent commodity network interface cards. After evaluating the original scheduling algorithm of the widely-used Click modular router, we propose solutions for extending this scheduler for improved fairness, throughput, and more precise resource management. To illustrate the potential benefits of our proposal, we implement and evaluate a few key elements of our overall design. Finally, we discuss how our improved forwarding architecture and resource management might be applied in virtualized software routers. [less ▲]

Detailed reference viewed: 35 (3 ULg)
Full Text
Peer Reviewed
See detailBuilding virtual networks across multiple domains
Werle, C.; Bless, R.; Papadimitriou, P. et al

in Proceedings of the ACM SIGCOMM 2011 conference poster session (2011)

Detailed reference viewed: 24 (0 ULg)
Full Text
Peer Reviewed
See detailForwarding Path Architectures for Multicore Software Routers
Egi, Norbert; Greenhalgh, Adam; Handley, Mark et al

in ACM CoNEXT 2010 Workshop Proceedings (2010, November)

Multi-core CPUs, along with recent advances in memory and buses, render commodity hardware a strong candidate for building fexible and high-performance software routers. With a forwarding plane physically ... [more ▼]

Multi-core CPUs, along with recent advances in memory and buses, render commodity hardware a strong candidate for building fexible and high-performance software routers. With a forwarding plane physically composed of many packet processing components and operations, resource allocation in multi-core systems is not trivial. Indeed, packets crossing cache hierarchies degrade forwarding performance, since the bottleneck is main memory access. Therefore, forwarding path allocation and input/output processing become challenging, especially when states and data structures have to be shared among multiple cores. In this context, we investigate a set of input/output processing architectures, as well as resource allocation strategies for forwarding paths. For each packet processing operation, we uncover the gains and possible implications by either running different components concurrently or replicating the same components across different cores. [less ▲]

Detailed reference viewed: 34 (1 ULg)