|
Project NEon is the investigation of a paradigm shift away from special purpose network appliances
to an integrated way to architect, operate, and manage data plane network services.
We were interested in evaluating the benefits of data flow management and enforcement
inside the data center edge.
Starting in the early 1990.s, network service functions that had traditionally been performed
within servers moved into special purpose network appliances (e.g., firewalls and load balancers).
The main driving force behind this trend was the need to place these functions inline into
the data plane and operate these services at line rates. This technical solution has served as
a sound business model for network appliance vendors during the last decade. However, as
this approach became more prevalent and network speeds increased, its performance and
manageability limits became apparent, too.
The NEon architecture strictly divides the control plane, an instance of which is called the control
plane policy manager, and the data plane, instances of which are called programmable
rule enforcement devices. The control plane policy manager and programmable rule enforcement
devices are separated through standard interfaces and protocols that are still being
defined by standards bodies such as the Network Processor Forum (NPF) and the Internet
Engineering Task Force (IETF.) Our prototypes generated valuable lessons, including the validation
of the standard APIs and the IETF ForCES (Forwarding and Control Element Separation)
protocol under consideration.
|
