making the linux tcp stack more extensible with ebpf
play

Making the Linux TCP stack more extensible with eBPF Viet-Hoang - PowerPoint PPT Presentation

Nov 02, 2022 •27 likes •307 views

Making the Linux TCP stack more extensible with eBPF Viet-Hoang Tran, Olivier Bonaventure (INL, UCLouvain) Supporting new TCP option The standard way to extend TCP But implementation? requires kernel changes Supporting new TCP option is hard

  1. Making the Linux TCP stack more extensible with eBPF Viet-Hoang Tran, Olivier Bonaventure (INL, UCLouvain)

  2. Supporting new TCP option The standard way to extend TCP But implementation? requires kernel changes

  3. Supporting new TCP option is hard True for just experiment More with deployment: upstreaming patches?

  4. Stand on the shoulders of giants... Based on TCP-BPF by Lawrence Brakmo TCP-BPF (since 4.13) already has: ● Hooks at different phases of a TCP connection or when connection state changes ● Read & write to many fields of tcp_sock ● Indirect access with bpf_getsockopt, bpf_setsockopt ● ...

  5. Add new option: 2 steps TCP Layer IP Layer tcp_write_xmit() ... tcp_send_ack() tcp_transmit_skb() tcp_options_write() tcp_retransmit() BPF VM ... adjust tcp_options_size write new option One more thing: update current MSS

  6. Parse new option IP Layer TCP layer tcp_v4_rcv() ... ip_rcv() tcp_parse_options() tcp_v6_rcv() pass new option BPF VM TCP-BPF program processes new option

  7. Overhead Disable hooks by default ● iperf3 transfer over 10 Gbps link ● trigger on every packet Average Throughput (Gbps) Sender's CPU usage (%) Receiver's CPU usage (%)

  8. Extreme (and unrealistic) benchmark over loopback interface trigger on every packet Average Throughput (Gbps) RTT (usecs)

  9. Use cases

  10. User Timeout Option TCP User Timeout (UTO): max time waiting for the ACK of transmitted data before resetting the connection RFC 5482: TCP option to announce/request this value

  11. Congestion Control Request Option Receiver requests the sender to use a desired CC algorithm for the connection E.g. Clients prefer low latency over throughput Two sides shared the list of CC beforehand

  12. Initial CWND option When the receivers know more about the network bottleneck.

  13. Delayed ACK Option Motivation: Too many ACKs or too few ACKs is not good. → The need to know remote’s ACK delay strategy … or to request the desired configuration This option carries two values: Delack timeout: relatively as a fraction of RTT Segs count: Number of received segs before sending an ACK

  14. What about the middleboxes? RFC 6994: “Shared Use of Experimental TCP Options” (PROPOSED STANDARD) Network operators “should” support (or fix it otherwise)

  15. Code Status Caveats ● Option size <= 4 Bytes, extensible to 16 Bytes ● Decouple from cgroup-v2?

  16. Making the Linux TCP stack more extensible with eBPF

  17. Making the Linux MPTCP stack more extensible with eBPF

  18. Path Manager Which path to create/remove? Which address to announce? → Should be controlled by application / user ? ? 18 Slide from Netdev0x12. Smartphone and WiFi icons by Blurred203 and Antü Plasma under CC-by-sa, others from Tango project, public domain

  19. Supporting user-defined Path Managers (PM) Netlink-based PM framework + Available in mptcp-trunk branch (out-of-tree) + Control plane in uspace + Clean layering Issues: ‐ Under high load, netlink messages may be lost ‐ Need separated facilities to support: - set/getsockopt (e.g. access subflow-level info) - TCP state change notification - policy to refuse the establishment of a subflow

  20. What if eBPF-based approach + Performance + Built-in support for TCP state tracking + Easy to apply custom policy on subflow establishment - Restricted by current eBPF limits - Less layering separation? - BPF program can be called from different contexts → Locking is trickier

  21. Our prototype New TCP-BPF callbacks To track events: To store local/remote addresses and subflows: BPF maps helper function To open a subflow:

  22. New TCP-BPF callbacks to track events No more than 3 arguments ● MPTCP Session created ● MPTCP Session established ● MPTCP Session closed (e.g. fallback to regular TCP) ● Subflow established ● Subflow closed ● Remote IP address added/removed

  23. Extend TCP-BPF context Extend struct bpf_sock_ops with mirrored fields from struct sock: mptcp_loc_token mptcp_rem_token mptcp_loc_key mptcp_rem_key mptcp_flags

  24. Open subflows via helper function: mptcp_open_subflow () ● (bpf_sock, srcIP+port, dstIP+port) as input ● if a field of tuple is unset: use existing or kernel-assigned IP/port ● extract meta_sk and other mptcp info from bpf_sock But usually, we are in softirq context: cannot open subflow directly → Schedule into workqueue instead → subflow is actually opened later

  25. Examples Two minimal PMs were implemented as BPF programs: ndiffports PM: ~20 LoCs fullmesh PM: ~200 LoCs

  26. Open issues Handle events of local IP address changed: Need to send events to each BPF program in each cgroup Remove subflows: (already done automatically in kernel when receiving a REMOVE_ADDR option) Store the subflows? or query on-demand? Dual-stack support: would be similar to bpf_bind()? Multiple PMs? e.g. each PM per netns

  27. Wrap up More details in our paper Git repository: https://github.com/hoang-tranviet/tcp-options-bpf hoang.tran[.at.]uclouvain.be

  28. Backup slides

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

New (and Exciting!) Developments in Linux Tracing Elena Zannoni (elena.zannoni@oracle.com) Linux

New (and Exciting!) Developments in Linux Tracing Elena Zannoni (elena.zannoni@oracle.com) Linux

&lt;Insert Picture Here&gt; New (and Exciting!) Developments in Linux Tracing Elena Zannoni (elena.zannoni@oracle.com) Linux Engineering, Oracle America Linuxcon Japan 2015 Overview BPF eBPF eBPF main concepts and elements eBPF

601 views • 42 slides
Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018 William Tu, Joe Stringer, Yifeng Sun, Yi-Hung Wei VMware Inc. and Cilium.io 1 Outline Introduction and Motivation OVS-eBPF Project

612 views • 45 slides
Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018

Bri Bring nging ng the the Power r of eB eBPF to to Open vSwitch ch Linux Plumber 2018 William Tu, Joe Stringer, Yifeng Sun, Yi-Hung Wei VMware Inc. and Cilium.io 1 Outline Introduction and Motivation OVS-eBPF Project

429 views • 39 slides
Linux tc and eBPF. Daniel Borkmann &lt;daniel@iogearbox.net&gt; Noiro Networks / Cisco Systems

Linux tc and eBPF. Daniel Borkmann &lt;daniel@iogearbox.net&gt; Noiro Networks / Cisco Systems

Linux tc and eBPF. Daniel Borkmann &lt;daniel@iogearbox.net&gt; Noiro Networks / Cisco Systems fosdem16, January 31, 2016 Daniel Borkmann tc and cls bpf with eBPF January 31, 2016 1 / 16 Background, history. BPF origins as a generic, fast

326 views • 16 slides
Beyond per-CPU atomics and rseq syscall: subset of eBPF bytecode for the do_on_cpu syscall

Beyond per-CPU atomics and rseq syscall: subset of eBPF bytecode for the do_on_cpu syscall

Linux Plumbers Conference 2019 eBPF conf Beyond per-CPU atomics and rseq syscall: subset of eBPF bytecode for the do_on_cpu syscall mathieu.desnoyers@efcios.com Restartable Sequences (RSEQ) in a nutshell System call registering

457 views • 9 slides
Design and implementation of a DECT stack for Linux Patrick McHardy &lt;kaber@trash.net&gt;

Design and implementation of a DECT stack for Linux Patrick McHardy &lt;kaber@trash.net&gt;

Design and implementation of a DECT stack for Linux Patrick McHardy &lt;kaber@trash.net&gt; Linux Kongress 2010, Nrnberg http://dect.osmocom.org/ About This presentation will present a DECT stack for Linux, containing all components

1.31k views • 94 slides
Unifying network filtering rules for the Linux kernel with eBPF Quentin Monnet

Unifying network filtering rules for the Linux kernel with eBPF Quentin Monnet

FOSDEM19 Brussels, 2019-02-02 Unifying network filtering rules for the Linux kernel with eBPF Quentin Monnet &lt;quentin.monnet@netronome.com&gt; @qeole Outline Several network filtering mechanisms in the Linux kernel What are they,

415 views • 22 slides
Th The Ne e Next L Linux S x Super erpower er: eBPF eBPF Prime mer Sasha Goldshtein CTO,

Th The Ne e Next L Linux S x Super erpower er: eBPF eBPF Prime mer Sasha Goldshtein CTO,

Europe 2016 @goldshtn h7ps://s.sashag.n Th The Ne e Next L Linux S x Super erpower er: eBPF eBPF Prime mer Sasha Goldshtein CTO, Sela Group @goldshtn Europe 2016 @goldshtn h7ps://s.sashag.n Europe 2016 @goldshtn h7ps://s.sashag.n

248 views • 24 slides
Performance Implications of Packet Filtering with Linux eBPF Dominik Scholz , Daniel Raumer, Paul

Performance Implications of Packet Filtering with Linux eBPF Dominik Scholz , Daniel Raumer, Paul

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Performance Implications of Packet Filtering with Linux eBPF Dominik Scholz , Daniel Raumer, Paul Emmerich, Alexander Kurtz, Krzysztof Lesiak

721 views • 29 slides
Introduction to GPUs and to the Linux Graphics Stack Martin Peres CC By-SA 3.0 Nouveau

Introduction to GPUs and to the Linux Graphics Stack Martin Peres CC By-SA 3.0 Nouveau

I - Hardware : Anatomy of a GPU II - Host : The Linux graphics stack Attributions Introduction to GPUs and to the Linux Graphics Stack Martin Peres CC By-SA 3.0 Nouveau developer Ph.D. student at LaBRI November 26, 2012 1 / 36 I -

1.01k views • 36 slides
Performance Analysis Superpowers with Linux eBPF Brendan Gregg Senior Performance Architect Jun

Performance Analysis Superpowers with Linux eBPF Brendan Gregg Senior Performance Architect Jun

Performance Analysis Superpowers with Linux eBPF Brendan Gregg Senior Performance Architect Jun 2017 Efficiently trace TCP sessions with PID, bytes, and dura:on using tcplife # /usr/share/bcc/tools/tcplife PID COMM LADDR LPORT

655 views • 54 slides
Security Monitoring with eBPF ALEX MAESTRETTI - MANAGER, SIRT BRENDAN GREGG - Sr ARCHITECT,

Security Monitoring with eBPF ALEX MAESTRETTI - MANAGER, SIRT BRENDAN GREGG - Sr ARCHITECT,

Security Monitoring with eBPF ALEX MAESTRETTI - MANAGER, SIRT BRENDAN GREGG - Sr ARCHITECT, PERFORMANCE The Brief. Extended Berkley Packet Filter (eBPF) is a new Linux feature which allows safe and efficient monitoring of kernel functions.

593 views • 27 slides
Native IP Stack For Zephyr OS Zephyr is a trademark of the Linux Foundation. *Other names and

Native IP Stack For Zephyr OS Zephyr is a trademark of the Linux Foundation. *Other names and

Native IP Stack For Zephyr OS Zephyr is a trademark of the Linux Foundation. *Other names and brands may be claimed as the property of others. Why a native IP stack? Features missing in current Contiki based uIP stack No dual IPv6 &amp;

225 views • 11 slides
Buffer Overflow Attacks IA32 Linux Stack Higher Addresses Virtual Address Space Heap Data

Buffer Overflow Attacks IA32 Linux Stack Higher Addresses Virtual Address Space Heap Data

Buffer Overflow Attacks IA32 Linux Stack Higher Addresses Virtual Address Space Heap Data Text Lower Addresses Stack and Base Pointers Stack is made up of stack frames Stack frames contain: parameters, local variables, return

604 views • 45 slides
eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding Whack-a-mole Motivation - Why

eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding Whack-a-mole Motivation - Why

eBPF Offload to Hardware: cls_bpf and XDP Motivation - Avoiding Whack-a-mole Motivation - Why eBPF? Target architecture (NFP based NIC) RX Path Flow of eBPF Packet The Flow Processing Core (Fully Programmable) Mapping eBPF -&gt; NFP

668 views • 24 slides
Bufferbloat mitigation in the Linux WiFi stack status and ongoing work Toke

Bufferbloat mitigation in the Linux WiFi stack status and ongoing work Toke

Bufferbloat mitigation in the Linux WiFi stack status and ongoing work Toke Hiland-Jrgensen LLC 2019 Lund, Sweden, May 2019 1 Outline Background: Bufferbloat mitigation in Linux Fixing bloat in the WiFi stack Airtime

637 views • 29 slides
TCP Theory Mark Handley Professor of Networked Systems UCL Computer Science Dept. What is TCP?

TCP Theory Mark Handley Professor of Networked Systems UCL Computer Science Dept. What is TCP?

TCP Theory Mark Handley Professor of Networked Systems UCL Computer Science Dept. What is TCP? Transmission Control Protocol Standardized in 1981 in RFC 793 Tweaked endlessly ever since. Provides a reliable bytestream abstraction

912 views • 39 slides
COMN guest lecture March 2013 Informatics Networking: where are we and how did we get here?

COMN guest lecture March 2013 Informatics Networking: where are we and how did we get here?

COMN guest lecture March 2013 Informatics Networking: where are we and how did we get here? George Ross gdmr@inf.ed.ac.uk

509 views • 30 slides
Chapter 4 The Medium Access Control Sublayer 1 The Channel Allocation Problem Static

Chapter 4 The Medium Access Control Sublayer 1 The Channel Allocation Problem Static

Chapter 4 The Medium Access Control Sublayer 1 The Channel Allocation Problem Static Channel Allocation in LANs and MANs Dynamic Channel Allocation in LANs and MANs 2 Dynamic Channel Allocation in LANs and MANs 1. Station Model.

1.04k views • 64 slides
Instrumented Environments Andreas Butz, butz@ifi.lmu.de, www.mimuc.de Fri, 12:15-13:45,

Instrumented Environments Andreas Butz, butz@ifi.lmu.de, www.mimuc.de Fri, 12:15-13:45,

Instrumented Environments Andreas Butz, butz@ifi.lmu.de, www.mimuc.de Fri, 12:15-13:45, Theresienstr. 39, Room E 045 23. Mai 06 LMU Mnchen, Medieninformatik, Instrumented Environments, SS 2006, Andreas Butz 1 Topics today Networking

821 views • 28 slides
Reverse Engineering TCP/ IP Reverse Engineering TCP/ IP Steven Low EAS, Caltech Joint work

Reverse Engineering TCP/ IP Reverse Engineering TCP/ IP Steven Low EAS, Caltech Joint work

Reverse Engineering TCP/ IP Reverse Engineering TCP/ IP Steven Low EAS, Caltech Joint work with: Li J W Li, J. Wang, Pongsajapan, Tan, Tang, M. Wang P j T T M W Outline Background Layering as optimization decomposition L

932 views • 47 slides
TCP/IP Use in Wireless Sensor Networks Livio Sgier Roadmap Introduction and Motivation

TCP/IP Use in Wireless Sensor Networks Livio Sgier Roadmap Introduction and Motivation

TCP/IP Use in Wireless Sensor Networks Livio Sgier Roadmap Introduction and Motivation TCP/IP in General TCP/IP in Wireless Sensor Networks Summary and Conclusion Page 2 Roadmap Introduction and Motivation TCP/IP in

245 views • 23 slides
IT Security Evaluation Why do we need security evaluation To provide a basis for specifying

IT Security Evaluation Why do we need security evaluation To provide a basis for specifying

IT Security Evaluation Why do we need security evaluation To provide a basis for specifying security expectations To verify that a computer product/system fulfills the requirements imposed on it To establish a metric for the degree

535 views • 19 slides
Your First Guide to secure Linux August 12, 2010 Toshiharu Harada haradats@nttdata.co.jp

Your First Guide to secure Linux August 12, 2010 Toshiharu Harada haradats@nttdata.co.jp

Your First Guide to secure Linux August 12, 2010 Toshiharu Harada haradats@nttdata.co.jp NTT DATA CORPORATION Abstract There are two types of people in the world. Those who are security

872 views • 84 slides

More recommend