Ben Pfaff | Stanford University (original) (raw)
Papers by Ben Pfaff
Page 1. IMPROVING VIRTUAL HARDWARE INTERFACES A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPU... more Page 1. IMPROVING VIRTUAL HARDWARE INTERFACES A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES OF STANFORD UNIVERSITY ...
8:30 am Discussion on Soundness 9:15 am break 9:30 am Research presentations The Soundness of Bug... more 8:30 am Discussion on Soundness 9:15 am break 9:30 am Research presentations The Soundness of Bugs is What Matters, Patrice
As sensitive data lifetime (i.e. propagation and duration in memory) increases, so does the risk ... more As sensitive data lifetime (i.e. propagation and duration in memory) increases, so does the risk of exposure. Unfortunately, this issue has been largely overlooked in the design of most of today’s operating systems, libraries, languages, etc. As a result, applications are likely to leave the sensitive data they handle (passwords, financial and military information, etc.) scattered widely over memory, leaked to disk, etc. and left there for an indeterminate period of time. This greatly increases the impact of a system compromise. Dealing with data lifetime issues is currently left to application developers, who largely overlook them. Security-aware developers who attempt to address them (e.g. cryptographic library writers) are stymied by the limitations of the operating systems, languages, etc. they rely on. We argue that data lifetime is a systems issue which must be recognized and addressed at all layers of the software stack. 1
Open vSwitch is a high-performance multi-layer virtual switch that serves as a flexible foundatio... more Open vSwitch is a high-performance multi-layer virtual switch that serves as a flexible foundation for building virtualized, stateless Layer 2 and 3 network services in multitenant datacenters. As workloads become more sophisticated, providing tenants with virtualized middlebox services is an increasingly important and recurring theme, yet it remains difficult to integrate these stateful services efficiently into Open vSwitch and its OpenFlow forwarding model: middleboxes perform complex operations that depend on internal state and inspection of packet payloads - functionality which is impossible to express in OpenFlow. In this paper, we present SoftFlow, an extension of Open vSwitch that seamlessly integrates middlebox functionality while maintaining the familiar OpenFlow forwarding model and performing significantly better than alternative techniques for middlebox integration.
2 Document processors 1 2.1 TEX . . . . . . . . . . . . . . . . . . . 2 2.1.1 LTEX . . . . . . . ... more 2 Document processors 1 2.1 TEX . . . . . . . . . . . . . . . . . . . 2 2.1.1 LTEX . . . . . . . . . . . . . . 2 2.1.2 Texinfo . . . . . . . . . . . . . 2 2.2 nroff . . . . . . . . . . . . . . . . . . 3 2.3 SGML . . . . . . . . . . . . . . . . . . 3 2.3.1 HTML . . . . . . . . . . . . . . 3 2.3.2 Docbook . . . . . . . . . . . . . 4 2.3.3 Linuxdoc . . . . . . . . . . . . 4 2.3.4 Debiandoc . . . . . . . . . . . . 4
We describe the design and implementation of Open vSwitch, a multi-layer, open source virtual swi... more We describe the design and implementation of Open vSwitch, a multi-layer, open source virtual switch for all major hypervisor platforms. Open vSwitch was designed de novo for networking in virtual environments, resulting in major design departures from traditional software switching architectures. We detail the advanced flow classification and caching techniques that Open vSwitch uses to optimize its operations and conserve hypervisor resources. We evaluate Open vSwitch performance, drawing from our deployment experiences over the past seven years of using and improving Open vSwitch.
Proceedings of the 2021 ACM SIGCOMM 2021 Conference, 2021
ACM SIGOPS Operating Systems Review, 2018
VMware NSX virtualizes network functionality in a manner anal- ogous to how hypervisors virtualiz... more VMware NSX virtualizes network functionality in a manner anal- ogous to how hypervisors virtualize compute resources. To do this, NSX must faithfully recreate virtual versions of network compo- nents, such as switches, routers, and firewalls. As this functionality becomes commoditized, NSX must move "up the stack" to provide more advanced features, such as load-balancers, IDS/IPS (intrusion detection and prevention systems), and DPI (deep packet inspec- tion) for classification. NSX is designed to work in all types of deployments-even those without any other VMware software. It integrates with ESXi, Linux KVM, and Hyper-V hypervisors; it is even being made to work on systems without a hypervisor, such as containers and third- party clouds. Each of these platforms has its own native forwarding plane. For the best user experience, all of the forwarding planes should provide the same behavior, but the disparate implemen- tations make this difficult in practice. As network fun...
ACM SIGGROUP Bulletin, 2000
This paper overviews a Web-based collaborative system called TeamSCOPE that has been designed to ... more This paper overviews a Web-based collaborative system called TeamSCOPE that has been designed to support awareness needs of globally distributed teams. Four types of awareness needs of virtual teams are defined and the awareness support features of TeamSCOPE are described. The use of TeamSCOPE in a project involving a number of globally distributed engineering design teams is outlined, and evaluation results are provided. Findings illustrate how group process interacts with technology to create design challenges in the support of virtual team awareness needs.
File systems, RAID systems, and applications that require data consistency, among others, assure ... more File systems, RAID systems, and applications that require data consistency, among others, assure data integrity by carefully forcing valuable data to stable storage. Unfortunately, verifying that a system can recover from a crash to a valid state at any program counter is very difficult. Previous techniques for finding data integrity bugs have been heavyweight, requiring extensive effort for each OS and file system to be checked. We demonstrate a lightweight, flexible, easyto-apply technique by developing a tool called Explode and show how we used it to find 25 serious bugs in eight Linux file systems, Linux software RAID 5, Linux NFS, and three version control systems.
In this paper, we describe a collaborative system specifically designed to address problems faced... more In this paper, we describe a collaborative system specifically designed to address problems faced by distributed (or virtual) teams. TeamSCOPE (Team Software for a Collaborative Project Environment) is a web-based work environment that has emerged from a research project studying the communication needs of internationally distributed engineering design teams. The paper begins by outlining some of the needs of virtual teams. An integrative framework that focuses on facilitation of group members ’ awareness of group activities, communications and resources is proposed. These needs and awareness requirements are then translated into a set of collaborative system design goals which have guided the implementation of TeamSCOPE. The features of TeamSCOPE are briefly reviewed, and some preliminary observations from early users are provided. We conclude by noting some of the new features planned for TeamSCOPE based on our early trials.
ACM SIGCOMM Computer Communication Review
Software-defined networking (SDN) is a well-known example of a research idea that has been reduce... more Software-defined networking (SDN) is a well-known example of a research idea that has been reduced to practice in numerous settings. Network virtualization has been successfully developed commercially using SDN techniques. This paper describes our experience in developing production-ready, multi-vendor implementations of a complex network virtualization system. Having struggled with a traditional network protocol approach (based on OpenFlow) to achieving interoperability among vendors, we adopted a new approach. We focused first on defining the control information content and then used a generic database protocol to synchronize state between the elements. Within less than nine months of starting the design, we had achieved basic interoperability between our network virtualization controller and the hardware switches of six vendors. This was a qualitative improvement on our decidedly mixed experience using OpenFlow. We found a number of benefits to the database approach, such as spee...
ABSTRACT The move to virtualization has created a new network access layer residing on hosts that... more ABSTRACT The move to virtualization has created a new network access layer residing on hosts that connects the various VMs. Virtualized deployment environments impose re-quirements on networking for which traditional models are not well suited. They also provide ...
In this paper, we describe a collaborative system specifically designed to address problems faced... more In this paper, we describe a collaborative system specifically designed to address problems faced by distributed (or virtual) teams. TeamSCOPE (Team Software for a Collaborative Project Environment) is a web-based work environment that has emerged from a research project studying the communication needs of internationally distributed engineering design teams. The paper begins by outlining some of the needs of virtual teams. An integrative framework that focuses on facilitation of group members' awareness of group activities, communications and resources is proposed. These needs and awareness requirements are then translated into a set of collaborative system design goals which have guided the implementation of TeamSCOPE. The features of TeamSCOPE are briefly reviewed, and some preliminary observations from early users are provided. We conclude by noting some of the new features planned for TeamSCOPE based on our early trials.
Page 1. IMPROVING VIRTUAL HARDWARE INTERFACES A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPU... more Page 1. IMPROVING VIRTUAL HARDWARE INTERFACES A DISSERTATION SUBMITTED TO THE DEPARTMENT OF COMPUTER SCIENCE AND THE COMMITTEE ON GRADUATE STUDIES OF STANFORD UNIVERSITY ...
8:30 am Discussion on Soundness 9:15 am break 9:30 am Research presentations The Soundness of Bug... more 8:30 am Discussion on Soundness 9:15 am break 9:30 am Research presentations The Soundness of Bugs is What Matters, Patrice
As sensitive data lifetime (i.e. propagation and duration in memory) increases, so does the risk ... more As sensitive data lifetime (i.e. propagation and duration in memory) increases, so does the risk of exposure. Unfortunately, this issue has been largely overlooked in the design of most of today’s operating systems, libraries, languages, etc. As a result, applications are likely to leave the sensitive data they handle (passwords, financial and military information, etc.) scattered widely over memory, leaked to disk, etc. and left there for an indeterminate period of time. This greatly increases the impact of a system compromise. Dealing with data lifetime issues is currently left to application developers, who largely overlook them. Security-aware developers who attempt to address them (e.g. cryptographic library writers) are stymied by the limitations of the operating systems, languages, etc. they rely on. We argue that data lifetime is a systems issue which must be recognized and addressed at all layers of the software stack. 1
Open vSwitch is a high-performance multi-layer virtual switch that serves as a flexible foundatio... more Open vSwitch is a high-performance multi-layer virtual switch that serves as a flexible foundation for building virtualized, stateless Layer 2 and 3 network services in multitenant datacenters. As workloads become more sophisticated, providing tenants with virtualized middlebox services is an increasingly important and recurring theme, yet it remains difficult to integrate these stateful services efficiently into Open vSwitch and its OpenFlow forwarding model: middleboxes perform complex operations that depend on internal state and inspection of packet payloads - functionality which is impossible to express in OpenFlow. In this paper, we present SoftFlow, an extension of Open vSwitch that seamlessly integrates middlebox functionality while maintaining the familiar OpenFlow forwarding model and performing significantly better than alternative techniques for middlebox integration.
2 Document processors 1 2.1 TEX . . . . . . . . . . . . . . . . . . . 2 2.1.1 LTEX . . . . . . . ... more 2 Document processors 1 2.1 TEX . . . . . . . . . . . . . . . . . . . 2 2.1.1 LTEX . . . . . . . . . . . . . . 2 2.1.2 Texinfo . . . . . . . . . . . . . 2 2.2 nroff . . . . . . . . . . . . . . . . . . 3 2.3 SGML . . . . . . . . . . . . . . . . . . 3 2.3.1 HTML . . . . . . . . . . . . . . 3 2.3.2 Docbook . . . . . . . . . . . . . 4 2.3.3 Linuxdoc . . . . . . . . . . . . 4 2.3.4 Debiandoc . . . . . . . . . . . . 4
We describe the design and implementation of Open vSwitch, a multi-layer, open source virtual swi... more We describe the design and implementation of Open vSwitch, a multi-layer, open source virtual switch for all major hypervisor platforms. Open vSwitch was designed de novo for networking in virtual environments, resulting in major design departures from traditional software switching architectures. We detail the advanced flow classification and caching techniques that Open vSwitch uses to optimize its operations and conserve hypervisor resources. We evaluate Open vSwitch performance, drawing from our deployment experiences over the past seven years of using and improving Open vSwitch.
Proceedings of the 2021 ACM SIGCOMM 2021 Conference, 2021
ACM SIGOPS Operating Systems Review, 2018
VMware NSX virtualizes network functionality in a manner anal- ogous to how hypervisors virtualiz... more VMware NSX virtualizes network functionality in a manner anal- ogous to how hypervisors virtualize compute resources. To do this, NSX must faithfully recreate virtual versions of network compo- nents, such as switches, routers, and firewalls. As this functionality becomes commoditized, NSX must move "up the stack" to provide more advanced features, such as load-balancers, IDS/IPS (intrusion detection and prevention systems), and DPI (deep packet inspec- tion) for classification. NSX is designed to work in all types of deployments-even those without any other VMware software. It integrates with ESXi, Linux KVM, and Hyper-V hypervisors; it is even being made to work on systems without a hypervisor, such as containers and third- party clouds. Each of these platforms has its own native forwarding plane. For the best user experience, all of the forwarding planes should provide the same behavior, but the disparate implemen- tations make this difficult in practice. As network fun...
ACM SIGGROUP Bulletin, 2000
This paper overviews a Web-based collaborative system called TeamSCOPE that has been designed to ... more This paper overviews a Web-based collaborative system called TeamSCOPE that has been designed to support awareness needs of globally distributed teams. Four types of awareness needs of virtual teams are defined and the awareness support features of TeamSCOPE are described. The use of TeamSCOPE in a project involving a number of globally distributed engineering design teams is outlined, and evaluation results are provided. Findings illustrate how group process interacts with technology to create design challenges in the support of virtual team awareness needs.
File systems, RAID systems, and applications that require data consistency, among others, assure ... more File systems, RAID systems, and applications that require data consistency, among others, assure data integrity by carefully forcing valuable data to stable storage. Unfortunately, verifying that a system can recover from a crash to a valid state at any program counter is very difficult. Previous techniques for finding data integrity bugs have been heavyweight, requiring extensive effort for each OS and file system to be checked. We demonstrate a lightweight, flexible, easyto-apply technique by developing a tool called Explode and show how we used it to find 25 serious bugs in eight Linux file systems, Linux software RAID 5, Linux NFS, and three version control systems.
In this paper, we describe a collaborative system specifically designed to address problems faced... more In this paper, we describe a collaborative system specifically designed to address problems faced by distributed (or virtual) teams. TeamSCOPE (Team Software for a Collaborative Project Environment) is a web-based work environment that has emerged from a research project studying the communication needs of internationally distributed engineering design teams. The paper begins by outlining some of the needs of virtual teams. An integrative framework that focuses on facilitation of group members ’ awareness of group activities, communications and resources is proposed. These needs and awareness requirements are then translated into a set of collaborative system design goals which have guided the implementation of TeamSCOPE. The features of TeamSCOPE are briefly reviewed, and some preliminary observations from early users are provided. We conclude by noting some of the new features planned for TeamSCOPE based on our early trials.
ACM SIGCOMM Computer Communication Review
Software-defined networking (SDN) is a well-known example of a research idea that has been reduce... more Software-defined networking (SDN) is a well-known example of a research idea that has been reduced to practice in numerous settings. Network virtualization has been successfully developed commercially using SDN techniques. This paper describes our experience in developing production-ready, multi-vendor implementations of a complex network virtualization system. Having struggled with a traditional network protocol approach (based on OpenFlow) to achieving interoperability among vendors, we adopted a new approach. We focused first on defining the control information content and then used a generic database protocol to synchronize state between the elements. Within less than nine months of starting the design, we had achieved basic interoperability between our network virtualization controller and the hardware switches of six vendors. This was a qualitative improvement on our decidedly mixed experience using OpenFlow. We found a number of benefits to the database approach, such as spee...
ABSTRACT The move to virtualization has created a new network access layer residing on hosts that... more ABSTRACT The move to virtualization has created a new network access layer residing on hosts that connects the various VMs. Virtualized deployment environments impose re-quirements on networking for which traditional models are not well suited. They also provide ...
In this paper, we describe a collaborative system specifically designed to address problems faced... more In this paper, we describe a collaborative system specifically designed to address problems faced by distributed (or virtual) teams. TeamSCOPE (Team Software for a Collaborative Project Environment) is a web-based work environment that has emerged from a research project studying the communication needs of internationally distributed engineering design teams. The paper begins by outlining some of the needs of virtual teams. An integrative framework that focuses on facilitation of group members' awareness of group activities, communications and resources is proposed. These needs and awareness requirements are then translated into a set of collaborative system design goals which have guided the implementation of TeamSCOPE. The features of TeamSCOPE are briefly reviewed, and some preliminary observations from early users are provided. We conclude by noting some of the new features planned for TeamSCOPE based on our early trials.