Network Policy Enforcement with Commodity Multiqueue NICs for Multi-Tenant Data Centers

Gyuyeong Kim, Wonjun Lee

Research output: Contribution to journalArticlepeer-review


Data centers are the fundamental component in the Internet of Things (IoT) system architecture. Data center servers where IoT services are co-located require hierarchical network policy enforcement to ensure fair bandwidth sharing among tenants and to prioritize latency-sensitive traffic within a tenant simultaneously. Meanwhile, emerging Network Interface Cards (NICs) in servers make use of multiple hardware queues to drive increasing line-rates. Unfortunately, multiqueue NICs make it hard to enforce hierarchical policies because the NIC packet scheduler dequeues packets in a static round-robin fashion for per-flow fairness. In this paper, we enable hierarchical network policy enforcement with existing commodity multiqueue NICs. We design TONIC, a multiqueue NIC packet scheduling solution that approximates hierarchical packet scheduling by manipulating the packet dequeueing sequence of the NIC scheduler through dynamic packet enqueueing decisions. Specifically, TONIC leverages multiple hardware queues and the doubleended queue structure of qdiscs to express different tenant weights and application priorities without hardware modifications. We implement a TONIC prototype as a Linux kernel module and evaluate it on a testbed with commodity multiqueue NICs. Our experiment results show that TONIC can enforce hierarchical policies consisting of weighted fair sharing and traffic prioritization while maintaining robustness to various network conditions.

Original languageEnglish
JournalIEEE Internet of Things Journal
Publication statusAccepted/In press - 2021


  • Data center networks
  • Data centers
  • Hardware
  • Internet of Things
  • IoT system architecture
  • Linux
  • Network interface cards.
  • Scheduling algorithms
  • Servers
  • Throughput

ASJC Scopus subject areas

  • Signal Processing
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications


Dive into the research topics of 'Network Policy Enforcement with Commodity Multiqueue NICs for Multi-Tenant Data Centers'. Together they form a unique fingerprint.

Cite this