Skip to content (access key 's')
Logo of Technion
Logo of CS Department
Logo of CS4People

The Taub Faculty of Computer Science Events and Talks

Multitenant In-Network Acceleration with SwitchVM
event speaker icon
Sajy Khashab (M.Sc. Thesis Seminar)
event date icon
Wednesday, 06.09.2023, 11:30
event location icon
Zoom Lecture: 97991655601 and Taub 401
event speaker icon
Advisor: Prof. Mark Silberstein
In-Network Computing is a concept of acceleration of applications by offloading some computation to run on network devices. Recently enabled by the emergence of data-plane programmable PISA switches, in-network computing was shown to offer dramatic performance boosts in a variety of applications such as load balancers, coordination protocols, aggregation and more. However, existing switches lack the essential support for multitenancy, limiting the benefits only to data center operators.

We propose a practical approach to implementing multitenancy on programmable network switches to make in-network acceleration accessible to cloud users. We introduce a Switch Virtual Machine (SwitchVM), that is deployed on the switches and offers an expressive instruction set and program state abstractions. Tenant programs, called data-plane filters (DPFs), are loaded on a per-packet basis and are executed on top of SwitchVM in a per-tenant sandbox with memory, network and state isolation policies controlled by network operators. The packets that trigger DPF execution include the code to execute or a reference to the DPFs deployed in the switch. DPFs are Turing-complete, may maintain state in the packet and in switch virtual memory, may form a dynamic chain, and may steer packets to desired destinations, all while enforcing the operator’s policies.

We demonstrate that this idea is practical by prototyping SwitchVM in P4 on Intel Tofino switches. We describe a variety of use cases that SwitchVM supports, and implement three complex applications from prior works – Key-Value Store cache, Load-aware load balancer and Paxos accelerator. We also show that SwitchVM provides strong performance isolation, zero-overhead runtime programmability, may hold two orders of magnitude more in-switch programs than existing techniques, and may support up to thirty thousand concurrent tenants each with its private state.

Joint work with Alon Rachelbach and Prof. Mark Silberstein. Paper will appear in NSDI '24.