Srishti : Operating System Support for Network Devices

1 The external world is cognised through direct perception. So, all that is capable of being pointed out as this or that, or of being indicated by a name or a form is subsumed by the idea of "Creation", or Srishti. 2

Faculty: Tzi-cker Chiueh

Group Members:

As networked devices evolve towards supporting higher-level functionality beyond forwarding and simple protocol processing, there is a growing need for a structured approach to operating system design targeted specifically towards such devices. In the light of quantitative performance advantages that result by placing intelligence inside the network [5][6], and the need for incremental deployment of new functionality (e.g. in edge routers), the need for a structured design is further strengthened. Besides providing efficient low-level primitives for the basic tasks performed by a network device, a network device operating system must also provide appropriate abstractions and efficient system support for extensibility. A key concern is to be able to provide this extensibility safely, where safety encompasses memory protection and performance isolation to the core device functions from dynamically addded computation.

Srishti [1][2] is an attempt at fulfilling these goals. Srishti provides abstractions to compose and carry out computation on network flows, and provides efficient implementations of these abstractions. The key abstractions for composing computation are those of a flow and a stateful extension function. The key mechanisms for control flow are explicit, asynchronous control transfer and a function naming service that allows a function to map a function name to a function reference for invocation. Extensions functions are implemented as safe kernel extensions [3][4], which allows the programmable network device's core functionality to be protected from dynamically added extension functions, whereas at the same time the invocation performance is much better compared to address-space based protection.  To protect the performance of the core network device functions from runaway extensions, Srishti uses a CPU scheduler, and a pre-emption mechanism for kernel extensions.  The CPU scheduler in Srishti treats a flow as the basic schedulable entity, rather than a process, as in traditional general-purpose operating systems. Flows are also units of resource allocation (CPU, link and memory). Srishti exposes an API to share resources between flows though a simple access control mechanism.

An example programmable network device is the Suez cluster-based gigabit router that uses a cluster of general-purpose PCs and programmable network processors, connected by a gigabit/sec SAN to yield a scalable, programmable system. The design of Suez from general-purpose and off-the-shelf processors is an ideal platform for Srishti design and experimentation.

As an example application built on top of Srishti, we have experimented with Aggregate TCP Congestion Control (ATCP) [5]. In ATCP, a router placed at the edge of the network (e.g. the portal router of an intranet), maintains congestion control related state for flows passing through it, grouped by the destination subnet of these flows. This allows a new flow to start with a more informed estimate (called warm estimate) of network congestion on the path going to its destination subnet. ATCP doesn't require any changes to the end-system TCP implementations. However, it allows the congestion window of the sender to reach its warm estimate faster, by controlling the rate at which acknowledgments are sent to the sender, and through TCP's flow control mechanisms. In case the network congestion status is highly dynamic, ATCP also attempts to achieve a performance no worse than standard TCP. This is achieved by using a shadow congestion window that evolves according to standard TCP slow start, and by taking the envelope of the ATCP and TCP congestion window curves.
ATCP design and evaluation has been performed using the Berkeley ns-2 simulator. The results of the evaluation can be found in [5]. We are currently implementing ATCP as an application in Srishti.

Publications
 

  • [1] Tzi-Cker Chiueh, Prashant Pradhan, Operating System Support for Cluster-Based Internet Routers , in proceedings of HotOS'99. (ps.gz)
  • [2] Prashant Pradhan, Tzi-Cker Chiueh, A Computation Framework for an Extensible Network Router : Design, Implementation and Evaluation, ECSL Technical Report, April 2000. (ps.gz)
  • [3] Tzi-Cker Chiueh, Ganesh Venkitachalam, Prashant Pradhan, Intra-address Space Protection using Segmentation Hardware, in proceedings of HotOS'99. (ps.gz)
  • [4] Tzi-Cker Chiueh, Ganesh Venkitachalam, Prashant Pradhan, Integrating Segmentation and Paging Protection for Safe, Efficient and Transparent Software Extensions, in proceedings of ACM SOSP'99. (ps.gz)
  • [5] Prashant Pradhan, Tzi-Cker Chiueh, Anindya Neogi, Aggregate TCP Congestion Control Using Multiple Network Probing, in proceedings of IEEE ICDCS'2000. (ps.gz)
  • [6] G. Apostolopoulos, V. Peris, P. Pradhan, D. Saha, Design, Implementation and Evaluation of a Content-Based Switch, in proceedings of IEEE INFOCOM'2000. (ps.gz)

    • Code

    Code related to Srishti may be found here.
     

    Acknowledgement

    This research is supported by a USENIX Student Research Grant.


    1. "Hubble Snaps Family Portrait" : The Hubble telescope's infrared camera has peered into the Cone Nebula, revealing a stunning picture of six babies, Sun-like stars surrounding their mother, a bright, massive star. Known as NGC 2264 IRS, the massive star triggered the creation of these baby stars by releasing high-speed particles of dust and gas during its formative years. Photo courtesy "The HubbleSite", by The Space Telescope Science Institute.
    2. Cited from the "Aithareyopnishad", the tenth Upanishad, a text containing elaborations in prose and verse of the Indian Vedas.