control and forwarding plane separation on an open source
play

Control and forwarding plane separation on an open-source router - PowerPoint PPT Presentation

Jan 26, 2023 •201 likes •1.07k views

Control and forwarding plane separation on an open-source router Linux Kongress 2010-09-23 in N rnberg Robert Olsson, Uppsala University Olof Hagsand, KTH More than 10 year in production at Uppsala University Stockholm Stockholm

  1. Control and forwarding plane separation on an open-source router Linux Kongress 2010-09-23 in N ürnberg Robert Olsson, Uppsala University Olof Hagsand, KTH

  2. More than 10 year in production at Uppsala University Stockholm Stockholm ISP/SUNET AS1653 UU- 1 UU- 2 Full Internet routing 2 * XEON 5630 via EBGP/IBGP TYAN 7025 4 *10g ixgbe sfp+ LR/SR AS 2834 L- green L- red IPv4/IPv6 Local BGP peering OSPF Interneral In Uppsala UU-Net DMZ Now at 10g towards ISP, SFP+ 850 nm, 1310nm

  3. Motivation  Separate control-plane from forwarding plane A la IETF FORCES  Control-plane: sshd, bgp, stats, etc on CPU core 0  Forwarding-plane: Bulk forwarding on core1,..,coreN  This leads to robustness of service against overload and DOS attacks, etc  Enabled by: multi-core CPUs NIC hw classifiers Fast Buses (QPI/PCI-E gen2)

  4. Control-plane separation on a multi-core Control- CE (core0) Element Control traffic Incoming FE 1 (core1) Outgoing traffic traffic Classifier FE 2 (core2) Forwarding- Forwarding ... Elements traffic FE N (coreN) Router

  5. Hi-End Hardware XEON 2 x E5630 TYAN S7025 Motherboard Intel 82599

  6. Block hardware structure DDR3 DDR3 QPI CPU0 CPU1 DDR3 Quad-core Quad-core DDR3 DDR3 DDR3 QPI QPI PCI-E Gen.2 x16 PCI-E Gen.2 x16 QPI IOH IOH PCI-E Gen.2 x16 PCI-E Gen.2 x16 Tylersburg Tylersburg PCI-E Gen.2 x4 PCI-E Gen.2 x8 ESI More I/O devices

  7. Hi-End Hardware/Latency

  8. Hardware - NIC Intel 10g board Chipset 82599 with SFP+ Open chip specs. Thanks Intel!

  9. Classification in the Intel 82599 The classification in the Intel 82599 consists of several steps, each is programmable. This includes: - RSS (Receiver-side scaling): hashing of headers and load-balancing - N-tuples : explicit packet header matches - Flow-director : implicit matching of individual flows.

  10. Routing daemons Packet forwarding is done in Linux kernel Routing protocols is run in user-space daemons Currently tested versions of quagga Bgp, OSPF both IPv4, iPv6 Cisco API

  11. Experiment 1: flow separation external source - Bulk forwarding data from source to sink (10Gb/s mixed packet lengths): mixed flow and packet lengths - Netperf's TCP transactions emulated control data from a separate host - Study latency of TCP transactions Bulk data source router sink TCP transactions host

  12. N-tuple or Flowdirector ethtool -K eth0 ntuple on ethtool -U eth0 flow-type tcp4 src-ip 0x0a0a0a01 src-ip-mask 0xFFFFFFFF dst-ip 0 dst-ip-mask 0 src-port 0 src-port-mask 0 dst-port 0 dst-port-mask 0 vlan 0 vlan-mask 0 user-def 0 user-def-mask 0 action 0 ethtool -u eth0 N-tuple is supported by SUN Niu and Intel ixgbe driver. Actions are: 1) queue 2) drop But we were lazy and patched ixgbe for ssh and BGP to use CPU0

  13. N-tuple or Flowdirector Even more lazy... we found the flow-director was implicitly programmed by outgoing flows. So both incoming and outgoing would use the same queue. So if we set affinity for BGP, sshd etc we could avoid the N-tuple filters Example: taskset -c 0 /usr/bin/sshd Neat....

  14. RSS is still using CPU0 So we both got our “selected traffic” Plus the bulk traffic from RSS We just want RSS to use “other” CPU's

  15. Patching RSS Just a one-liner... diff --git a/drivers/net/ixgbe/ixgbe_main.c b/drivers/net/ixgbe/ixgbe_main.c index 1b1419c..08bbd85 100644 --- a/drivers/net/ixgbe/ixgbe_main.c +++ b/drivers/net/ixgbe/ixgbe_main.c @@ -2379,10 +2379,10 @@ static void ixgbe_configure_rx(struct ixgbe_adapter *adapter) mrqc = ixgbe_setup_mrqc(adapter); if (adapter->flags & IXGBE_FLAG_RSS_ENABLED) { - /* Fill out redirection table */ - for (i = 0, j = 0; i < 128; i++, j++) { + /* Fill out redirection table but skip index 0 */ + for (i = 0, j = 1; i < 128; i++, j++) { if (j == adapter->ring_feature[RING_F_RSS].indices) - j = 0; + j = 1; /* reta = 4-byte sliding window of * 0x00..(indices-1)(indices-1)00..etc. */ reta = (reta << 8) | (j * 0x11);

  16. Patching RSS 2 0 1 3 4 5 6 7 CPU- core Number 0 196830 200860 186922 191866 186876 190106 190412 of packets No traffic to CPU core 0 still RSS gives fairness between other cores

  17. Transaction Performance netperf TCP_RR On “router” taskset -c 0 netserver

  18. Don't let forwarded packets program the flowdirector A new one-liner patch.... @@ -5555,6 +5555,11 @@ static void ixgbe_atr(struct ixgbe_adapter *adapter, struct sk_buff *skb, u32 src_ipv4_addr, dst_ipv4_addr; u8 l4type = 0; + if(!skb->sk) { + /* ignore nonlocal traffic */ + return; + } + /* check if we're UDP or TCP */ if (iph->protocol == IPPROTO_TCP) { th = tcp_hdr(skb);

  19. Instrumenting the flow-director ethtool -S eth0 | grep fdir

  20. Flow-director stats/1 fdir_maxlen: 0 fdir_maxhash: 0 fdir_free: 8191 fdir_coll: 0 fdir_match: 195 fdir_miss: 573632813 <--- Bulk forwarded data from RSS fdir_ustat_add: 1 <--- Old ssh session fdir_ustat_remove: 0 fdir_fstat_add: 6 fdir_fstat_remove: 0 fdir_maxlen: 0 → ustat user stats → fstat failed stats

  21. Flow-director stats/2 fdir_maxhash: 0 fdir_free: 8190 fdir_coll: 0 fdir_match: 196 fdir_miss: 630653401 fdir_ustat_add: 2 <--- New ssh session fdir_ustat_remove: 0 fdir_fstat_add: 6 fdir_fstat_remove: 0

  22. Flow-director stats/3 fdir_maxlen: 0 fdir_maxhash: 0 fdir_free: 8190 fdir_coll: 0 fdir_match: 206 <--- ssh packets are matched fdir_miss: 645067311 fdir_ustat_add: 2 fdir_ustat_remove: 0 fdir_fstat_add: 6 fdir_fstat_remove: 0

  23. Flow-director stats/4 fdir_maxlen: 0 fdir_maxhash: 0 fdir_free: 32768 <-- Now incresed 32k fdir_coll: 0 fdir_match: 0 fdir_miss: 196502463 fdir_ustat_add: 0 fdir_ustat_remove: 0 fdir_fstat_add: 0 fdir_fstat_remove: 0

  24. Flow-director stats/5 fdir_maxlen: 0 fdir_maxhash: 0 fdir_free: 32764 fdir_coll: 0 fdir_match: 948 <-- netperf TCP_RR fdir_miss: 529004675 fdir_ustat_add: 4 fdir_ustat_remove: 0 fdir_fstat_add: 44 fdir_fstat_remove: 0

  25. Transaction latency using flow separation

  26. Experiment 1 results  Baseline (no background traffic) gives 30000 transactions per second  With background traffic using RSS over all cores gives increase in transaction latency reducing transactions per second to ~5000  The RSS patch (dont forward traffic on core 0) brings the transaction latency back to (almost) the same case as the baseline  In all cases the control traffic is bound to core 0

  27. Experiment 2: Flow separation in-line traffic - Inline control within bulk data (on same incoming interface) - Study latency of TCP transactions - Work in progress TCP transactions Bulk data source router sink

  28. Results in-line 6000 18 16 5000 14 4000 12 10 3000 8 Vanilla Vanilla With With 2000 6 Separation Separ 4 1000 2 0 0 Flow Mix 64 byte 64 byte Transaction latency wo/w RSS path Zoom in of 64 byte packets Flow mix and 64 byte packets

  29. Classifier small packet problem Seems we drop a lot packets before they are classified DCB (Data Center Bridging) has a lot of features to prioritize different type of traffic. But only for IEEE 802.1Q VMDq2 suggested by Peter Waskiewicz Jr at Intel

  30. Experiment 3: Transmit limits Investigate hardware limits by transmitting as much as possible from all cores simultaneously. DDR3 DDR3 QPI CPU0 CPU1 DDR3 Quad-core Quad-core DDR3 DDR3 DDR3 QPI QPI PCI-E Gen.2 x16 PCI-E Gen.2 x16 QPI IOH IOH PCI-E Gen.2 x16 PCI-E Gen.2 x16 Tylersburg Tylersburg PCI-E Gen.2 x4 PCI-E Gen.2 x8 ESI More I/O devices

  31. pktgen/setup eth0 eth1 eth2 eth3 eth4 eth5 eth6 eth7 eth8 eth9 Inter- face CPU- 0 1 2 3 4 5 6 7 12 13 core Mem 0 0 0 0 1 1 1 1 1 1 node eth4, eth5 on x4 slot

  32. Setup QPI CPU0 CPU1 Memory node 0 Quad-core Quad-core Memory node1 QPI QPI eth0 eth6 eth1 QPI eth7 IOH IOH Tylersburg Tylersburg eth2 eth8 eth3 eth9 eth4 eth5

  33. TX w. 10 * 10g ports 93Gb/s “Optimal”

  34. Conclusions We have shown traffic separation in a high-end multi-core PC with  classifier NICs by assigning one CPU core as control and the other as forwarding cores. Our method: - Interrupt affinity to bind control traffic to core 0 - Modified RSS to spread forwarding traffic over all except core 0 - Modified the flow-director implementation slightly by only letting local (control) traffic populate the flowdir table. There are remaining issues with packet drops in in-line separation  We have shown 93Gb/s simplex transmission bandwidth on a fully  equipped PC platform

  35. That's all Questions?

  36. Rwanda example

  37. Lagos next

  38. Low-Power Development Some ideas Power consumption SuperMicro X7SPA @ 16.5 Volt with picoPSU Watt Test ------------------- 1.98 Power-Off 13.53 Idle 14.35 1 core 15.51 2 Core 15.84 3 Core 16.50 4 Core Routing Performance about 500.000 packet/sec in optimal setup.

  39. Example herjulf.se 14 Watt by 55Ah battery bifrost/USB + lowpower disk

  40. Running on battery

  41. SuperCapacitors

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Information Model of Control-Plane and User-Plane separation BNG Michael Wang (Huawei) Jie Chen

Information Model of Control-Plane and User-Plane separation BNG Michael Wang (Huawei) Jie Chen

Information Model of Control-Plane and User-Plane separation BNG Michael Wang (Huawei) Jie Chen (Huawei) Rong Gu (China Mobile) IETF I2RS WG, March 2017, Chicago draft-wcg-i2rs-cu-separation-info-model-00 IETF98@Chicago Background BNG

377 views • 8 slides
OCP: Wedge switch (open-source design) Switch chip! 3

OCP: Wedge switch (open-source design) Switch chip! 3

Programming the Forwarding Plane Nick McKeown Stanford University Programming the Forwarding Plane Why is there a blackbox in my whitebox? Nick McKeown Stanford University OCP: Wedge

953 views • 51 slides
SCTP TML update Forwarding and Control Element Separation WG Kentaro Ogawa

SCTP TML update Forwarding and Control Element Separation WG Kentaro Ogawa

SCTP TML update Forwarding and Control Element Separation WG Kentaro Ogawa &lt;ogawa.kentaro@lab.ntt.co.jp&gt; Jamal Hadi Salim &lt;hadi@mojatatu.com&gt; March 2009 IETF ForCES WG 1 General status Version 2 of draft released January 2009

506 views • 6 slides
Horizontal Vertically integrated Open interfaces Closed, proprietary Rapid innovation Slow

Horizontal Vertically integrated Open interfaces Closed, proprietary Rapid innovation Slow

Forwarding Plane Correctness Nick McKeown Stanford University App App App App App App App App App App App Specialized Open Interface Applications Windows

855 views • 59 slides
Chapter 4: outline 4.1 Overview of Network 4.4 Generalized Forwarding layer and SDN data

Chapter 4: outline 4.1 Overview of Network 4.4 Generalized Forwarding layer and SDN data

Chapter 4: outline 4.1 Overview of Network 4.4 Generalized Forwarding layer and SDN data plane match control plane t l l action 4.2 What s inside a OpenFlow examples of match-plus-action router 4.3 IP: Internet

674 views • 30 slides
An open source mapping library for the Locator/ID Separation Protocol (LISP) Research Project 2

An open source mapping library for the Locator/ID Separation Protocol (LISP) Research Project 2

An open source mapping library for the Locator/ID Separation Protocol (LISP) Research Project 2 Marek Kuczy nski System And Network Engineering University of Amsterdam June 30, 2011 Marek Kuczy nski www.OS3.nl An open source mapping

413 views • 18 slides
Muen Design Inzemamul Haque 25 Nov 2016 Introduction Muen is an open-source separation

Muen Design Inzemamul Haque 25 Nov 2016 Introduction Muen is an open-source separation

Muen Design Inzemamul Haque 25 Nov 2016 Introduction Muen is an open-source separation kernel for x86 platform Uses Intel hardware support for virtualization What Muen does? Takes a policy as input and works according to it

622 views • 32 slides
Robust Software Defined Networks Ravi Manghirmalani Ramesh Subrahmaniam Controller Offload

Robust Software Defined Networks Ravi Manghirmalani Ramesh Subrahmaniam Controller Offload

Experiences in Realizing Large Robust Software Defined Networks Ravi Manghirmalani Ramesh Subrahmaniam Controller Offload SDN mandates a split of control and forwarding plane The control and forwarding planes communicate through a TCP

810 views • 25 slides
Hardware switches - the open-source approach Ji Prko jiri@resnulli.us Red Hat 1 Scope of

Hardware switches - the open-source approach Ji Prko jiri@resnulli.us Red Hat 1 Scope of

Hardware switches - the open-source approach Ji Prko jiri@resnulli.us Red Hat 1 Scope of talk Open-source Linux support for various switch and switch-ish chips. Including L2, L3, flow-based forwarding TOR (Top-of-rack

488 views • 15 slides
Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane

Network Layer: Control Plane Goal: understand principles behind network control plane traditional (intra-domain) routing algorithms SDN controllers and their instantiation, implementation in the Internet: OSPF, RIP, OpenFlow, ODL

1.31k views • 75 slides
1 Background | Problems | Challenges | Design | Evaluation | Summary Control Plane Applications

1 Background | Problems | Challenges | Design | Evaluation | Summary Control Plane Applications

SPEED Resource-Ef+icient and High-Performance Deployment for Data Plane Programs Xiang Chen , Hongyan Liu, Qun Huang, Peiqiao Wang, Dong Zhang, Haifeng Zhou, Chunming Wu Control Plane Applications Monitor Security Routing Data Plane

826 views • 45 slides
The Forwarding Plane: An Old New Frontier of Networking Research CS244, Spring 2019 Changhoon

The Forwarding Plane: An Old New Frontier of Networking Research CS244, Spring 2019 Changhoon

The Forwarding Plane: An Old New Frontier of Networking Research CS244, Spring 2019 Changhoon Kim chang@barefootnetworks.com 2 What is SDN in plain English? Ideally at the level for college freshmen Because, if you cant, you are

595 views • 58 slides
Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source

Make Money With Open Source What is Open Source? Community Free software vs. open source Licenses: GPL vs. LGPL vs. MIT/Apache Foundations: Linux, Apache, Eclipse, Similar: Open Data, Open Hardware, Open Knowledge, ... Advantages of OS

508 views • 13 slides
Virtualization for NFV/Data Plane SDN Bob Lantz Open Networking Laboratory ONS 2016 Talk

Virtualization for NFV/Data Plane SDN Bob Lantz Open Networking Laboratory ONS 2016 Talk

Virtualization for NFV/Data Plane SDN Bob Lantz Open Networking Laboratory ONS 2016 Talk Outline - What is NFV? - One Way to Do It - A Better Way - Control Plane NFV/SDN - Data Plane SDN - VM Configuration - Container Configuration -

363 views • 17 slides
Internet Control Plane Security Yongdae Kim KAIST Two Planes Data Plane: Actual data

Internet Control Plane Security Yongdae Kim KAIST Two Planes Data Plane: Actual data

Internet Control Plane Security Yongdae Kim KAIST Two Planes Data Plane: Actual data delivery Control Plane To support data delivery (efficiently, reliably, and etc.) Routing information exchange In some sense, every protocol

396 views • 39 slides
NFD Development Progress Beichuan Zhang The University Of Arizona NFD: NDN Forwarding Daemon A

NFD Development Progress Beichuan Zhang The University Of Arizona NFD: NDN Forwarding Daemon A

NFD Development Progress Beichuan Zhang The University Of Arizona NFD: NDN Forwarding Daemon A year ago, we made the first public release Open source (GPL3+) New flexible packet format based on TLV Modular and extensible design

570 views • 25 slides
Building a Program from Streams Tim Williams | October 2018 Sponsored by What is a stream? A

Building a Program from Streams Tim Williams | October 2018 Sponsored by What is a stream? A

Building a Program from Streams Tim Williams | October 2018 Sponsored by What is a stream? A potentially infinite sequence of data elements, processed incre- mentally rather than as a whole. An abstraction that offers an alternative to

624 views • 30 slides
Testing web apps with traffic control with Weave Scope Alban Crequy FOSDEM 2017-02-05

Testing web apps with traffic control with Weave Scope Alban Crequy FOSDEM 2017-02-05

Testing web apps with traffic control with Weave Scope Alban Crequy FOSDEM 2017-02-05 alban@kinvolk.io Alban Crequy Contributor to rkt Working on Weave Scope and eBPF In 2014, worked on traffic control for multimedia

221 views • 9 slides
Principles of Software Construction: I/O and reflection Josh Bloch Charlie Garrod School of

Principles of Software Construction: I/O and reflection Josh Bloch Charlie Garrod School of

Principles of Software Construction: I/O and reflection Josh Bloch Charlie Garrod School of Computer Science 15-214 1 Administrivia Homework 4c due tonight Homework 5 coming out tomorrow Midterm next Thursday in class Midterm

592 views • 28 slides
Higher Order Combinators for Join Patterns using STM Satnam Singh, Microsoft TRANSACT 2006

Higher Order Combinators for Join Patterns using STM Satnam Singh, Microsoft TRANSACT 2006

Higher Order Combinators for Join Patterns using STM Satnam Singh, Microsoft TRANSACT 2006 Overview Specifically: encoding an existing concurrency idiom with STM very straightforward nothing clever More generally: what kind of

249 views • 24 slides
Multi-field -attractor in fundamental theory Yusuke Yamada (Stanford Univ.) collaborators: R.

Multi-field -attractor in fundamental theory Yusuke Yamada (Stanford Univ.) collaborators: R.

Multi-field -attractor in fundamental theory Yusuke Yamada (Stanford Univ.) collaborators: R. Kallosh, A. Linde, D. Roest, A. Westphal, T. Wrase Outline &lt;latexit

596 views • 21 slides
Two weight L 2 inequality for the Hilbert transform Eric T. Sawyer reporting on joint work with

Two weight L 2 inequality for the Hilbert transform Eric T. Sawyer reporting on joint work with

Two weight L 2 inequality for the Hilbert transform Eric T. Sawyer reporting on joint work with Michael T. Lacey Chun-Yen Shen Ignacio Uriarte-Tuero Abel Symposium Oslo, Norway August 24 2012 Two weight L 2 inequality E. Sawyer (McMaster

1.67k views • 138 slides
A data acquisition system for the Cerenkov Telescope Array Julien HOULES, Dirk HOFFMANN

A data acquisition system for the Cerenkov Telescope Array Julien HOULES, Dirk HOFFMANN

A data acquisition system for the Cerenkov Telescope Array Julien HOULES, Dirk HOFFMANN CPPM/IN2P3/CNRS And the CPPM CTA group Contact : houles@cppm.in2p3.fr Camera server Global architecture Telescope N Telescope 2 Telescope 1 Camera

801 views • 39 slides
Advanced CUDA: GPU Memory Systems John E. Stone Theoretical and Computational Biophysics Group

Advanced CUDA: GPU Memory Systems John E. Stone Theoretical and Computational Biophysics Group

Advanced CUDA: GPU Memory Systems John E. Stone Theoretical and Computational Biophysics Group Beckman Institute for Advanced Science and Technology University of Illinois at Urbana-Champaign http://www.ks.uiuc.edu/Research/gpu/ GPGPU2:

851 views • 30 slides

More recommend