Large-scale networks contain a massive amount and variety of appliances, usually referred to as network functions (NFs) or middleboxes. These appliances are usually extremely expensive, hard to manage, to scale and to provision, and allow no multi-tenancy. Moreover, as packet processing by NFs is often complex, they play a major role in the overall network performance.

We have developed a framework named OpenBox, that effectively decouples the control plane of NFs from their data plane. Similarly to SDN solutions that address only the network’s forwarding plane (e.g., switching, routing), OpenBox provides a framework for network-wide deployment and management of NFs. OpenBox consists of three logic compo- nents. First, user-defined OpenBox Applications provide NF specifications through OpenBox north-bound APIs. Unlike Network Function Virtualization (NFV), in which NFs are implemented purely in software, our north-bound API allows using specific hardware (e.g., TCAM) to accel- erate operations. Second, a logically-centralized OpenBox Controller is able to merge logic of multiple NFs, possibly from multiple tenants, and to use a network-wide view to efficiently deploy and scale NFs across the network data plane. Finally, OpenBox Instances constitute OpenBox’s data plane and are implemented either purely in software or contain specific hardware support.

A key feature of OpenBox is that it allows the logic of various NFs to be merged, so that packet is only processed once. In practice, different NFs carry out similar processing steps on the same packet, and our experiments indeed show a 86-90% improvement of the network throughput and a 35-50% reduction in processing latency. Moreover, OpenBox readily supports smart NF placement, NF scaling, and multi-tenancy through its controller.

Our preliminary paper on OpenBox was presented in ACM SIGCOMM HotMiddleboxes 2015, London, UK.

The full paper has been accepted to ACM SIGCOMM 2016, to be held on August 2016.