Warrens : decentralized connectionless tunnels for edge container networks
- Author
- Tom Goethals (UGent) , Mays Al-Naday, Bruno Volckaert (UGent) and Filip De Turck (UGent)
- Organization
- Abstract
- In recent years, workload containerisation has been extended to the edge, bringing with it the need for flexible overlay networking. However, current container networking solutions are generally designed for the cloud, aimed at relatively static clusters with centralized generation of container subnet addresses and assigning them to nodes. Added to that existing tunneling solutions, such as Virtual Private Networks (VPN), also have centralized components. Conversely, the network edge is geo-dispersed and has a volatile topology,with edge nodes typically hidden behind routers, in private networks. To enable large-scale networking at the edge, there is need for decentralized self-management of container network addresses and overlay tunnels. This manuscript presents Warrens, a framework for fully decentralized and self-organizing cloud-edge container networks. Warrens enables communication between edge nodes in different private networks by enabling connectionless tunnels, supported by decentralized self-assignment of container IP addresses, with the assignment scheme minimizing address conflict to a negligible level. Warrens has been implemented in two variants using kernel-level eBPF for processing speed, and user-level Golang for wider compatibility. Warrens is shown to be highly scalable compared to a typical VPN solution, and performance evaluations demonstrate it can handle a full network load on both x64 devices and a Raspberry Pi with approximate to 0.5% to 5% total CPU load, depending on traffic direction and protocols used.
- Keywords
- Containers, Peer-to-peer computing, Virtual private networks, Tunneling, Routing, Cloud computing, IP networks, Edge computing, container networking, decentralization
Downloads
-
(...).pdf
- full text (Published version)
- |
- UGent only
- |
- |
- 3.84 MB
-
8636 acc.pdf
- full text (Accepted manuscript)
- |
- open access
- |
- |
- 724.55 KB
Citation
Please use this url to cite or link to this publication: http://hdl.handle.net/1854/LU-01J84T0JWEFB0KN49X8PF3QGWJ
- MLA
- Goethals, Tom, et al. “Warrens : Decentralized Connectionless Tunnels for Edge Container Networks.” IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, vol. 21, no. 4, 2024, pp. 4282–96, doi:10.1109/TNSM.2024.3417703.
- APA
- Goethals, T., Al-Naday, M., Volckaert, B., & De Turck, F. (2024). Warrens : decentralized connectionless tunnels for edge container networks. IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 21(4), 4282–4296. https://doi.org/10.1109/TNSM.2024.3417703
- Chicago author-date
- Goethals, Tom, Mays Al-Naday, Bruno Volckaert, and Filip De Turck. 2024. “Warrens : Decentralized Connectionless Tunnels for Edge Container Networks.” IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT 21 (4): 4282–96. https://doi.org/10.1109/TNSM.2024.3417703.
- Chicago author-date (all authors)
- Goethals, Tom, Mays Al-Naday, Bruno Volckaert, and Filip De Turck. 2024. “Warrens : Decentralized Connectionless Tunnels for Edge Container Networks.” IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT 21 (4): 4282–4296. doi:10.1109/TNSM.2024.3417703.
- Vancouver
- 1.Goethals T, Al-Naday M, Volckaert B, De Turck F. Warrens : decentralized connectionless tunnels for edge container networks. IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT. 2024;21(4):4282–96.
- IEEE
- [1]T. Goethals, M. Al-Naday, B. Volckaert, and F. De Turck, “Warrens : decentralized connectionless tunnels for edge container networks,” IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, vol. 21, no. 4, pp. 4282–4296, 2024.
@article{01J84T0JWEFB0KN49X8PF3QGWJ,
abstract = {{In recent years, workload containerisation has been extended to the edge, bringing with it the need for flexible overlay networking. However, current container networking solutions are generally designed for the cloud, aimed at relatively static clusters with centralized generation of container subnet addresses and assigning them to nodes. Added to that existing tunneling solutions, such as Virtual Private Networks (VPN), also have centralized components. Conversely, the network edge is geo-dispersed and has a volatile topology,with edge nodes typically hidden behind routers, in private networks. To enable large-scale networking at the edge, there is need for decentralized self-management of container network addresses and overlay tunnels. This manuscript presents Warrens, a framework for fully decentralized and self-organizing cloud-edge container networks. Warrens enables communication between edge nodes in different private networks by enabling connectionless tunnels, supported by decentralized self-assignment of container IP addresses, with the assignment scheme minimizing address conflict to a negligible level. Warrens has been implemented in two variants using kernel-level eBPF for processing speed, and user-level Golang for wider compatibility. Warrens is shown to be highly scalable compared to a typical VPN solution, and performance evaluations demonstrate it can handle a full network load on both x64 devices and a Raspberry Pi with approximate to 0.5% to 5% total CPU load, depending on traffic direction and protocols used.}},
author = {{Goethals, Tom and Al-Naday, Mays and Volckaert, Bruno and De Turck, Filip}},
issn = {{1932-4537}},
journal = {{IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT}},
keywords = {{Containers,Peer-to-peer computing,Virtual private networks,Tunneling,Routing,Cloud computing,IP networks,Edge computing,container networking,decentralization}},
language = {{eng}},
number = {{4}},
pages = {{4282--4296}},
title = {{Warrens : decentralized connectionless tunnels for edge container networks}},
url = {{http://doi.org/10.1109/TNSM.2024.3417703}},
volume = {{21}},
year = {{2024}},
}
- Altmetric
- View in Altmetric
- Web of Science
- Times cited: