Performance Contracts for Software Network Functions

While software network functions (NFs) promise great flexibility and easy deployment of network services, they face the challenge of unpredictable performance. This lack of predictability poses a challenge to operators who need to provision network resources and exposes a new attack surface for adversaries seeking to degrade network performance. I will describe Bolt, a technique and tool for rigorously predicting the performance of the entire software stack of an NF, comprising the core NF logic, DPDK packet processing framework, and the NIC driver. Bolt takes as input the NF source code and generates a performance contract that provides a precise characterisation of the NF’s performance in the face of any workload the NF can encounter, whether typical, ideal or adversarial. Bolt combines hardware modelling with formal verification to statically derive rigorous bounds on various performance metrics, such as dynamic instruction count, memory accesses, and execution cycles. We demonstrate Bolt’s effectiveness on four realistic NF’s: a NAT, a Maglev-like load balancer, an LPM Router and a MAC bridge.

Rishabh Iyer is a Ph.D. student at EPFL working with Professor George Candea and Professor Katerina Argyraki. Before joining EPFL he received his B.Tech degree from IIT Bombay in 2017. His current research focuses on analysing the performance of software network functions.