@techreport{TD:101657,
	att_abstract={{Middleboxes are crucial for improving network security and performance, but only if the right traffic goes through the right middleboxes at the right time.  Existing traffic-steering techniques rely on a central controller to install fine-grained forwarding rules in the switches---at the expense of a large number of rules, a central point of failure, challenges in ensuring all packets of a session traverse the same middleboxes, and difficulties with middleboxes that modify the ``five tuple.''  The situation is even more challenging if the sequence of middleboxes (the ``service chain'') needs to change during the life of a session, e.g., to remove a load-balancer that is no longer needed, replace a middlebox undergoing maintenance, or add a packet scrubber when traffic looks suspicious.  We argue that a session-level protocol is a fundamentally better approach to traffic steering, while naturally supporting host mobility and multihoming in an integrated fashion.  Our Dysco protocol steers the packets of a TCP session through a service chain, and can dynamically reconfigure the chain for an ongoing session.  Dysco requires no changes to end-host and middlebox applications, host TCP stacks, or IP routing.  Dysco's distributed reconfiguration protocol handles the removal of proxies that terminate TCP connections, middleboxes that change the size of a byte stream, and concurrent requests to reconfigure different parts of a chain.  Through formal verification using Spin and experiments with our Linux-based prototype, we show that Dysco is provably correct, highly scalable, and able to reconfigure service chains across a range of middleboxes.
}},
	att_authors={pz2728},
	att_categories={},
	att_copyright={{ACM}},
	att_copyright_notice={{(c) ACM, 2017. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in SIGCOMM {{, 2017-08-21}}.
}},
	att_donotupload={},
	att_private={false},
	att_projects={},
	att_tags={},
	att_techdoc={true},
	att_techdoc_key={TD:101657},
	att_url={http://web1.research.att.com:81/techdocs_downloads/TD:101657_DS1_2017-09-21T19:16:02.729Z.pdf},
	author={Pamela Zave and X. Kelvin Zou and Ronaldo A. Ferreira and Jennifer Rexford},
	institution={{SIGCOMM}},
	month={August},
	title={{Dynamic Service Chaining with Dysco}},
	year=2017,
}