Customizing Data-plane Processing in Edge Routers Fulvio Risso and Ivano Cerrato Department of Computer and Control Engineering Politecnico di Torino Torino, 10129, Italy Email: {fulvio.risso, ivano.cerrato}@polito.it Abstract—While OpenFlow enables the customization of the control plane of a router, currently no solutions are available for the customization of the data plane. This paper presents a prototype that offers to third parties (even end-users) the possibility to install their own applications on the data plane of a router, particularly the ones operating at the edge of the network. This paper presents the motivation of the idea, the reason why we use OpenFlow even if it does not seem appropriate for the data plane, the architecture and the implementation of our prototype, and a first characterization of the system running in our lab. Keywords-Openflow; Software Defined Networking; Data plane processing. I. I NTRODUCTION OpenFlow [1] offers the possibility to customize the be- havior of the control plane of the network. In fact, its original idea addressed the necessity to use real networks (instead of “toy” networks or simulations) to make experiments, enabling the deployment of many “virtual” networks on the same physical infrastructure. So far, less work has been done on the customization of the data plane of the network, which includes the applications that operate on (all) the traffic flowing through a network device, such as forwarding and bridging, network address translation, firewall, intrusion prevention systems, parental controls, etc. The necessity to customize data plane processing is a very known problem for many entities, starting from end users that may be willing to inspect their traffic to/from the Internet, Network Service Providers (NSPs) that may need to optimize the network traffic, or content providers that would like to offer personalized services to end users. The possibility to install customized data plane applications on edge routers may bring more intelligence in the network and enable new features at lower costs, while core routers are expected to stay unmodified and keep forwarding data as fast as they can. For instance, we foresee that future routers will greatly improve their capabilities in terms of general purpose processing, and that they will include both traditional network linecards (e.g., expansion blades with network interfaces) and new processing linecards with dif- ferent computing components (e.g., CPUs, GPUs, possibly specialized hardware component for network processing such as TCAMs, lookup tables, security accelerators, etc.), which can be used by our data plane applications. Obviously, computing components must be coupled with a huge amount of memory and an high speed interconnect used to transfer packets from one component to another. This way, our current data plane applications (which are often packaged as dedicated appliances) may evolve into a set of software images installed on the new router, which is being asked to provide a set of open primitives for supporting third-party software, instead of being locked with the software provided by the router manufacturer. In the end, this will result in lower capital and operating costs for the hardware, higher flexibility and scalability, and (potentially) more available services as new actors will be enabled to install their software on the routers. This work focuses on the customization of the data plane of a network device and is based on two pillars. First, we of- fer the possibility to install data plane applications that can inspect and (potentially) modify the traffic in transit. Second, our network applications are under the direct control of multiple actors (e.g., end users, Network Service Providers, content providers). Those actors can install and manage their data plane applications operating on their network traffic (i.e., their slice of the network), without impacting on the services requested by other actors. While the necessity of data plane customization seems clear, the idea to enable multiple actors to operate on data plane of the network usually raises some objections, as the most natural scenario consists in limiting this possibility to the router manufacturers or, at most, to NSPs. How- ever, the authors are deeply convinced that only the active participation of new actors may bring a breath of fresh air in the networking world. For instance, end users, with their imagination, are the ones that drove the innovation in the PC and smartphone markets with the creation of many unexpected applications, and we expect them to be the ones that will contribute most to network evolution. In this respect, we envision for NSPs the possibility to evolve in infrastructure providers (a sort of Network IaaS), offering to multiple actors a pipe that transports bits (the network) and a programmable platform where those bits can be processed and even modified in transit. This paper focuses on this new vision of a network edge node that supports custom data plane applications under the