High-Performance State Machines for Software Packet Processing - - PowerPoint PPT Presentation

high performance state machines for software packet
SMART_READER_LITE
LIVE PREVIEW

High-Performance State Machines for Software Packet Processing - - PowerPoint PPT Presentation

May 22, 2023 567 likes •738 views

Chair of Network Architectures and Services Department of Informatics Technical University of Munich High-Performance State Machines for Software Packet Processing Systems Dominik Schffmann, B. Sc. 9.4.2018 Chair of Network Architectures

slide-1
SLIDE 1

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

High-Performance State Machines for Software Packet Processing Systems

Dominik Schöffmann, B. Sc.

9.4.2018 Chair of Network Architectures and Services Department of Informatics Technical University of Munich

slide-2
SLIDE 2

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

Contents

Goals Approach Evaluation Bibliography

  • D. Schöffmann

– MoonState 2

slide-3
SLIDE 3

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

Mission Statement

“Build a state machine framework for MoonGen”

  • D. Schöffmann

– MoonState 3

slide-4
SLIDE 4

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

Goals

Abstract:

  • Fast
  • Flexible
  • Easy to use
  • Integration into MoonGen [1]

Example use case:

  • DTLS as VPN
  • D. Schöffmann

– MoonState 4

slide-5
SLIDE 5

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

VPN Solutions

UDP VPNs:

  • OpenVPN: uses TLS, not DTLS
  • AnyConnect: uses pre-release DTLS
  • IPsec: doesn’t use DTLS at all

Solution: AstraeusVPN: Easy DTLS VPN for this thesis (also: custom protocol)

  • D. Schöffmann

– MoonState 5

slide-6
SLIDE 6

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

Overview

NIC RSS Core Core MoonGen MoonGen MoonState Packet Identifier State Table State void* ID Function Table Function

  • D. Schöffmann

– MoonState 6

slide-7
SLIDE 7

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

Features

  • Server mode
  • Client mode
  • Connection Pools
  • Per-Connection data storage
  • Timeouts
  • As much thread-local as possible
  • Easily extensible function interface
  • D. Schöffmann

– MoonState 7

slide-8
SLIDE 8

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

Hiccups

  • Crypto is expensive
  • Invest into good hash function (for hashtable)
  • Timeouts are complex
  • OpenSSL interface was insufficient
  • D. Schöffmann

– MoonState 8

slide-9
SLIDE 9

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

Per function overhead

Astr PubKey Astr PSK Astr No Crypt 1000 2000 3000 4000 5000 168840 Cycles per packet Crypto Hashtable Memory TX RX

  • D. Schöffmann

– MoonState 9

slide-10
SLIDE 10

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

State Table Size Benchmark

0.2 0.4 0.6 0.8 1 1.2 1.4 1.6 ·107 500 1,000 1,500 State Table Size Cycles per Packet setup run

  • D. Schöffmann

– MoonState 10

slide-11
SLIDE 11

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

State Table Size Benchmark

0.2 0.4 0.6 0.8 1 1.2 1.4 1.6 ·107 500 1,000 1,500 State Table Size Cycles per Packet setup run

  • D. Schöffmann

– MoonState 11

slide-12
SLIDE 12

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

State Table Size Benchmark

211 213 215 217 219 221 223 500 1,000 1,500 State Table Size Cycles per Packet approx setup run

  • D. Schöffmann

– MoonState 12

slide-13
SLIDE 13

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

State Table Size Benchmark

1,000 2,000 3,000 setup run 1,000 2,000 3,000 Cycles per Packet setup run 211 213 215 217 219 221 223 1,000 2,000 3,000 State Table Size setup run Std Sparse Dense

  • D. Schöffmann

– MoonState 13

slide-14
SLIDE 14

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

Memory Accesses

20 40 60 80 100 120 1,000 2,000 3,000 Number of Memory Accesses Cycles per Packet setup run

  • D. Schöffmann

– MoonState 14

slide-15
SLIDE 15

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

TODO

  • More benchmarks
  • Analyse existing data
  • Investigate memory allocation
  • Investigate different CPUs
  • D. Schöffmann

– MoonState 15

slide-16
SLIDE 16

Chair of Network Architectures and Services Department of Informatics Technical University of Munich

[1] P . Emmerich, S. Gallenmüller, D. Raumer, F. Wohlfart, and G. Carle. MoonGen: A Scriptable High-Speed Packet Generator. In Internet Measurement Conference 2015 (IMC’15), Tokyo, Japan, Oct. 2015.

  • D. Schöffmann

– MoonState 16