CliMB: Enabling Network Function Composition with Click Middleboxes

Click has significant advantages for middlebox development, including modularity, extensibility, and reprogrammability. Despite these features, Click still has no native TCP support and only uses nonblocking I/O, preventing its applicability to middleboxes that require access to L7 data and blocking I/O. We bridge this gap by introducing Click middleboxes (CliMB). CliMB provides a full-fledged modular TCP layer supporting congestion control, TCP options, both blocking and nonblocking I/O, as well as socket and zero-copy APIs to applications. As a result, any TCP network function may now be realized in Click. As proof of concept, we develop a zero-copy SOCKS proxy server using CliMB that shows up to 4x gains compared to an equivalent implementation using the Linux in-kernel network stack.