A high-speed cheetah flow identification network function (CFINF)

Cheetah flows, which are high-rate flows, can cause increased packet delays and losses in other flows. Leveraging the flexibility offered by the NFV paradigm, our proposed Cheetah Flow Identification Network Function (CFINF) uses a novel method in which a new measure, short-duration flight rate, which is the rate of a flight of packets received over a fixed (short) time interval, is computed and compared against a threshold to identify cheetah flows from packets mirrored to the CFINF by a router. A Cheetah Flow Traffic Engineering System (CFTES) and SDN controller use the CFINF-identified cheetah flow identifiers to set filter rules in the router to isolate cheetah-flow packets. We evaluated the CFINF on a commodity ×86 processor based server. When using 10 cores, CFINF could handle a 1-min 10-Gbps real Center for Applied Internet Data Analysis (CAIDA) traffic trace that contained 1.5M flows and 38M packets. To improve efficiency, we ran CFINF in an 8-core configuration. However, there were packet drops (max. rate of 0.036%) with this configuration. When we added an optimization, i.e., flows with only small packets were filtered out, the median number of CFINF-dropped packets fell by 83%, with only 10% loss in accuracy of reported cheetahs.


For more information about Reservoir products or to purchase, please