Roman A. Pletka

Write amplification analysis in flash-based solid state drives

Write amplification is a critical factor limiting the random write performance and write endurance in storage devices based on NAND-flash memories such as solid-state drives (SSD). The impact of garbage collection on write amplification is influenced by the level of over-provisioning and the choice of reclaiming policy. In this paper, we present a novel probabilistic model of write amplification for log-structured flash-based SSDs. Specifically, we quantify the impact of over-provisioning on write amplification analytically and by simulation assuming workloads of uniformly-distributed random short writes. Moreover, we propose modified versions of the greedy garbage-collection reclaiming policy and compare their performance. Finally, we analytically evaluate the benefits of separating static and dynamic data in reducing write amplification, and how to address endurance with proper wear leveling.

Cryptographic Security for a High-Performance Distributed File System

Storage systems are increasingly subject to attacks. Cryptographic file systems mitigate the danger of exposing data by using encryption and integrity protection methods and guarantee end-to-end security for their clients. This paper describes a generic design for cryptographic file systems and its realization in a distributed storage-area network (SAN) file system. Key management is integrated with the meta-data service of the SAN file system. The implementation supports file encryption as well as integrity protection through hash trees. Both techniques have been implemented in the client file system driver. Benchmarks demonstrate that the overhead is noticeable for some artificially constructed use cases, but that it is very small for typical file system applications.

Bringing efficient advanced queries to distributed hash tables

Interest in distributed storage is fueled by demand for reliability and resilience combined with ubiquitous availability. Peer-to-peer (P2P) storage networks are known for their decentralized control, self-organization, and adaptation. Advanced searching for documents and resources remains an open problem. The flooding approach favored by some P2P networks is inefficient in resource usage, but more scalable and resource-efficient solutions based on distributed hash tables (DHT) lack in query expressiveness and flexibility. In this paper, we address this issue and introduce new efficient, scalable, and completely distributed methods that strive to keep resource consumption by queries and index information as low as possible. We describe how to improve the handling of multiple subqueries combined through Boolean set operators. The need for these operators is intensified by applications to go beyond simple exact keyword matches. We discuss, optimize, and analyze appropriate extensions to support range and prefix matching in DHT.

Creating advanced functions on network processors: experience and perspectives

In this article we present five case studies of advanced networking functions that detail how a network processor (NP) can provide high performance and also the necessary flexibility compared with ASIC. We first review the basic NP system architectures, and describe the IBM PowerNP architecture from the data plane as well as the control plane point of view. We introduce models for the programmers views of NP that facilitate a global understanding of NP software programming. Then, for each case study, we present results from prototypes as well as general considerations that apply to a wider range of system architectures. Specifically, we investigate the suitability of NP for QoS (active queue management and traffic engineering), header processing (GPRS tunneling protocol), intelligent forwarding (load balancing without flow disruption), payload processing (code interpretation and just-in-time compilation in active networks), and protocol stack termination (SCTP). Finally, we summarize the key features as revealed by each case study, and conclude with remarks on the future of NP.

Bandwidth allocation for non-responsive flows with active queue management

This paper addresses the problem of configuring active queue management systems (e.g. WRED and RIO) for service level specifications in internetworks. In particular, we focus on assured forwarding (AF) for non-responsive flows in differentiated services networks. The difficulty is to determine the correct queue level thresholds that will result in correct drop rates for various AF precedence levels under any combination of offered loads. A new active queue management scheme based on a control algorithm is proposed that senses not only queue levels but also rates of queue levels changes and per flow bit rates to converge automatically to an optimal set of transmit fractions. The scheme has been implemented and tested on a network processor. Results show that the new active queue management scheme protects assured aggregated flow rates during periods of congestion. For non-responsive traffic the buffer occupancy level remains low during 250% offered load.

A comparison of secure multi-tenancy architectures for filesystem storage clouds

A filesystem-level storage cloud offers network-filesystem access to multiple customers at low cost over the Internet. In this paper, we investigate two alternative architectures for achieving multi-tenancy securely and efficiently in such storage cloud services. They isolate customers in virtual machines at the hypervisor level and through mandatory access-control checks in one shared operating-system kernel, respectively. We compare and discuss the practical security guarantees of these architectures. We have implemented both approaches and compare them using performance measurements we obtained.

The Role of Network Processors in Active Networks

Network processors (NPs) implement a balance between hardware and software that addresses the demand of performance and programmability in active networks (AN). We argue that this makes them an important player in the implementation and deployment of ANs. Besides a general introduction into the relationship of NPs and ANs, we describe the power of this combination in a framework for secure and safe capsule-based active code. We also describe the advantages of offloading AN control point functionality into the NP and how to execute active code in the data path efficiently. Furthermore, the paper reports on experiences about implementing active networking concepts on the IBM PowerNP network processor.

PURPLE: predictive active queue management utilizing congestion information

Active queue management (AQM) is an attempt to find a delicate balance between two antagonistic Internet queuing requirements: first, buffer space should be maximized to accommodate the possibly huge transient bursts; second, buffer occupation should be minimum so as not to introduce unnecessary end-to-end delays. Traditional AQM mechanisms have been built on heuristics to achieve this balance, and have mostly done so quite well, but often require manual tuning or have resulted in slow convergence. In contrast, the PURPLE approach predicts the impact of its own actions on the behavior of reactive protocols and thus on the short-term future traffic without keeping pre-flow state. PURPLE allows much faster convergence of the main AQM parameters, at least towards a local optimum, thereby smoothing and minimizing both congestion feedback and queue occupancy. To improve the quality of the prediction, we also passively monitor (using lightweight operations) information pertaining to the amount of congestion elsewhere in the network, for example, as seen by flows traversing this router.

Towards High-Performance Active Networking

Network processors have been developed to ease the implementation of new network protocols in high-speed routers. Being embedded in network interface cards, they enable extended packet processing at link speed as is required, for instance, for active network nodes. Active network nodes start using network processors for extended packet processing close to the link. The control and configuration of high-performance active network nodes with network processors such that new services can benefit from the additional processing capacity offered is nontrivial since the complexity to configure a node while providing sufficient level of abstraction is hard to master. In this paper, we present PromethOS NP which is a modular and flexible router architecture that provides a framework for dynamic service extension by plugins with integrated support of network processors, namely the IBM PowerNP 4GS3 network processor. We briefly introduce the PowerNP architecture in order to show how our active networking framework maps onto this network processor and provide results from performance measurements. Owing to architectural similarities of network processors, we believe that our considerations are also valid for other network processors.

Closed-loop congestion control for mixed responsive and non-responsive traffic

Todays known and widely used active queue management (AQM) schemes do not differentiate between packets from responsive (e.g., TCP sessions) and non-responsive traffic (e.g., UDP). This results in further widening the gap of unfair advantage already inherent to non-responsive traffic, as the responsive sender can significantly reduce its future transmit rate as a result of the congestion signals. As a simple work-around, responsive and non-responsive traffic are often assigned distinct AQM parameters. This approach, however, requires tuning for each traffic class that potentially depends on the current or expected offered load. In other words, responsiveness and TCP friendliness cannot be estimated easily - not at least due to short-lived TCP sessions. We propose a closed-loop congestion control (CLCC) scheme on top of an existing AQM scheme to achieve fair bandwidth distribution among concurrent responsive and non-responsive traffic. The new scheme has the advantage that it does not need to estimate the level of responsiveness of traffic. We analyze our scheme on top of an existing rate-based AQM scheme known to approximate max-min fairness, and, by means of simulations, show that our extension significantly improves fair bandwidth allocation for responsive and non-responsive traffic. The simulation results have been verified with a prototype implementation on the IBM PowerNP 4GS3 network processor.