Stateless network functions
Newly virtualized network functions (like firewalls, routers, and intrusion detection systems) should be easy to consume. Despite recent efforts to improve their elasticity and high availability, network functions continue to maintain important flow state, requiring traditional development and deployment life cycles. At the same time, many cloud-scale applications are being rearchitected to be stateless by cleanly pushing application state into dedicated caches or backend stores. This state separation is enabling these applications to be more agile and support the so-called continuous deployment model. In this paper, we propose that network functions should be similarly redesigned to be stateless. Drawing insights from different classes of network functions, we describe how stateless network functions can leverage recent advances in low-latency network systems to achieve acceptable performance. Our Click-based prototype integrates with RAMCloud; using NAT as an example network function, we demonstrate that we are able to create stateless network functions that maintain the desired performance.