Network function virtualization technology has long moved beyond the experimental phase to become a standard in the implementation of modern telecommunications networks. It is anticipated that in the near future all network services will be implemented in software based on cloud-native architecture. As a result, telecommunications service providers have started exploring containers and unikernels as alternative technologies to traditional virtual machines. This paper presents performance evaluation of a firewall service based on IncludeOS unikernels. It shows that IncludeOS unikernels achieve promising performance results compared to Ubuntu-based virtual machines and containers. The presented evaluation is based on a number of experiments and benchmarks performed to investigate how different parameters of a firewall service change depending on the number of firewall rules.
© 2024. The Author(s).