Outline • Introduction • Application Partitioning • Generic Networking Equipment Introduction to Network Processors • Network Processor Focus • Network Processor Challenges • Fitting the Architecture to the Problem Space Guest Lecture at UC Berkeley, 07Mar2002 Chuck Narad, Principal System Architect Intel Network Processor Division Introduction to Network Processors Introduction to Network Processors 1 2 3/7/2002 3/7/2002 What is a Network Processor? Introduction • Terminology emerged in the industry 1997-1998 • Overview of networking applications and processing – Many startups competing for the network building-block market systems that are tuned to address them • Broad variety of products are presented as an NP • Network Process ing vs. Network Process ors • Some amount of integration and some amount of • Discussion of Network Processors must be driven by what networking applications do programmability – Moving data from here to there: Switching, Routing, • Generally some characteristics that enable efficient Aggregation/Disaggregation, Bridging etc. processing of network headers in cells or packets – Providing services: Security, Monitoring, Traffic Shaping etc. • Sometimes support for higher-level flow management • Value proposition of NP’s: • Wide spectrum of capabilities and target markets – Improve TTM and to reduce investment by turning a silicon design problem into a programming problem – Provide flexibility and field upgradability in networking equipment Introduction to Network Processors Introduction to Network Processors 3 4 3/7/2002 3/7/2002 Motivations for using a Network Processor What Can an NP Be Used For? • “Flexibility of a fully programmable processor with • Highly dependent on user’s application: performance approaching that of a custom ASIC.” • Faster time to market (no ASIC lead time) • Integrated uP + system controller + “acceleration” – Instead you get software development time • Fast forwarding engine with access to a “slow-path” • Field upgradability leading to longer lifetime for control agent products in the field • A smart DMA engine – Ability to adapt deployed equipment to evolving and • An intelligent NIC emerging standards and new application spaces • Enables multiple products using common hardware • A highly integrated set of components to replace a bunch of ASICs and the blade control uP • Allows the network equipment vendors to focus on their value-add Introduction to Network Processors Introduction to Network Processors 5 6 3/7/2002 3/7/2002 1
Common Features in NPs NP Architectural Challenges • Application-specific architecture • Pool of multithreaded forwarding engines • Yet, covering a very broad space with varied (and ill- • Integrated or attached GP uP defined) requirements and no useful benchmarks • High Bandwidth and High Capacity Memories • The Swiss Army Knife challenge – Embedded and external SRAM and DRAM – Versatile but does a bad job at everything • Integrated media interface or media bus • Need to understand the environment • Interface to a switching fabric or backplane • Need to understand network protocols • Interface to a “host” control processor • Need to understand networking applications • Have to provide solutions before the actual problem • Interface to coprocessors is defined – Decompose into the things you can know – Flows, bandwidths, “Life-of-Packet” scenarios, specific common functions Introduction to Network Processors Introduction to Network Processors 7 8 3/7/2002 3/7/2002 Network Application Partitioning • Network processing is partitioned into planes – Forwarding Plane: Data movement, protocol conversion, etc – Control Plane: Flow management, (de)fragmentation, protocol stacks and signaling stacks, statistics gathering, Problem Spaces Addressed by NP’s management interface, routing protocols, spanning tree etc. • Control Plane is sometimes divided into Connection and Management Planes – Connections/second is a driving metric – Often connection management is handled closer to the data plane to improve performance-critical connection setup/teardown – Control processing is often distributed and hierarchical Introduction to Network Processors Introduction to Network Processors 9 10 3/7/2002 3/7/2002 Generic Networking Equipment Network Processor Focus Line Card Line Card LC Control LC Control LC Control LC Control Line Card Line Card • The NP is generally aimed at Forwarding Plane tasks Processor Processor Processor Processor – Data shovel Ingress FP FP FP FP – Light Touch: Framing, SAR’ing, Classification and Lookups, Media Media Media Media Mappings (port, path, tag, flow, etc.) Processing Processing Processing Processing – High Throughput – Queuing and Scheduling Fabric or Fabric or Control Control – Backplane encapsulation and decapsulation Control Control Backplane Backplane Processor Processor • Packets requiring heavier work are offloaded to Processor Processor Control Plane or Coprocessor • NP’s usually provide a forwarding plane closely FP FP FP FP Media Media Media Media coupled with a uP. Processing Processing Processing Processing Egress – The microprocessor may implement the entire control plane – May handle a portion of it locally (e.g. flow setup) and have LC Control LC Control LC Control LC Control an external host which provides the higher-level control Processor Processor Processor Processor Line Card Line Card Line Card Line Card plane Introduction to Network Processors Introduction to Network Processors 11 12 3/7/2002 3/7/2002 2
L3-L7 Application Examples Oversimplified Categorization of Applications • Some or all packets require involvement of a GPP – Handles exceptions, manages connections, or handles higher layer processing • Examples of L3 processing: Payload Inspection Payload Inspection Real Time Real Time – IP Fragment reassembly, IP filtering, MPOA, LANE, Multicast Packet Inspection Complexity Virus Scanning Virus Scanning Forwarding, Virtual Private Networks (IPSEC) Virtual Private Network Virtual Private Network TCP Header TCP Header Application Processing Complexity • Examples of L4 processing: Firewall Firewall – Proxying, Port Mapping (NAT), TCP stream following, stream IP Header IP Header Load Balancing Load Balancing reassembly, content-based routing,QoS/CoS, Rate Shaping, Ethernet Ethernet Network Monitoring Network Monitoring Load balancing (LB) Header Header • Examples of L5-L7 processing: Quality of Service Quality of Service Routing Routing – Content-based load balancing (CBLB), RMON-2, traffic Switching Switching engineering, accounting, Intrusion Detection, Virus Detection • Many/most higher-layer functions implicitly include forwarding (routing). Introduction to Network Processors Introduction to Network Processors 13 14 3/7/2002 3/7/2002 Categorizing Application Types and Needs More Detailed Application Characteristics • Applications can: Application Data State Compute CP – be high- or low-touch on packet data touch touch touch – be high- or low-touch on application state Switching Low Low/Med Low/Med Low – span a spectrum of compute needs from low-compute to very Routing Low Low/Med Low/Med Low compute-intensive QoS Low/Med Low/Med Low/Med Low • Some applications are high touch for a percentage of packets: StatefulFirewall Low/Med Low/Med Low-High Med/High – where one or more packets require high {packet, state} touch and Proxy Firewall Med/high Med Med High relatively high compute to establish flow state, and Load Balancing Med Med/High Low/Med Med/High – subsequent packets in that flow require simple forwarding CB Load Balance High Med/High Low/Med High • The simplest of L4 applications can be high-touch or -compute VPN High Med High – TCP/UDP checksums require touch of entire packet Virus Detection High High High High • Some modern MAC’s do this per datagram frag for you, minor math to combine IDS High High High High – IP fragment reassembly, TCP flow assembly require creation and management of flow state, and copies or linked lists of buffers in order to do processing on streams of packets rather than per-pkt Introduction to Network Processors Introduction to Network Processors 15 16 3/7/2002 3/7/2002 Basic Paradigm of Forwarding Plane Processing Canonical Network Processing Flow • Examine header(s) • Do lookup(s) Buffer & Descriptor Recovery – e.g. bridging tables, IPv4 LPM, flow identification table • Select and Execute Actions Classification Results Packet – Packet (or cell) modifications … Modifications, RX – Application State modifications (tables, counters, flow records) Inspect Steer Connections, – Queuing Queuing, etc – Possibly heavy lifting such as connection management, crypto, Lookups RegEx string search… • Transmit may also include scheduling/shaping Tables State Schedule Modifications • Since ingress and egress are typically on different Application State blades, “TX” and “RX” may be to/from the fabric • Housekeeping: Buffers and descriptors must be TX Reports to Admin portion allocated and recovered for each frame Introduction to Network Processors Introduction to Network Processors 17 18 3/7/2002 3/7/2002 3
Recommend
More recommend
