att_abstract={{Middleboxes are crucial for improving network security and performance, but only if the right traffic goes through the right middleboxes at the right time.  Existing traffic-steering techniques rely on a central controller to install fine-grained forwarding rules in the switches---at the expense of a large number of rules, a central point of failure, challenges in ensuring all packets of a session traverse the same middleboxes, and difficulties with middleboxes that modify the ``five tuple.''  The situation is even more challenging if the sequence of middleboxes (the ``service chain'') needs to change during the life of a session, e.g., to remove a load-balancer that is no longer needed, replace a middlebox undergoing maintenance, or add a packet scrubber when traffic looks suspicious.  We argue that a session-level protocol is a fundamentally better approach to traffic steering, while naturally supporting host mobility and multihoming in an integrated fashion.  Our Dysco protocol steers the packets of a TCP session through a service chain, and can dynamically reconfigure the chain for an ongoing session.  Dysco requires no changes to end-host and middlebox applications, host TCP stacks, or IP routing.  Dysco's distributed reconfiguration protocol handles the removal of proxies that terminate TCP connections, middleboxes that change the size of a byte stream, and concurrent requests to reconfigure different parts of a chain.  Through formal verification using Spin and experiments with our Linux-based prototype, we show that Dysco is provably correct, highly scalable, and able to reconfigure service chains across a range of middleboxes.
	att_copyright_notice={{(c) ACM, 2017. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in SIGCOMM {{, 2017-08-21}}.
	author={Pamela Zave and X. Kelvin Zou and Ronaldo A. Ferreira and Jennifer Rexford},
	title={{Dynamic Service Chaining with Dysco}},