PISCES: A Programmable, Protocol-Independent Software Switch - - PowerPoint PPT Presentation

pisces a programmable protocol independent software switch
SMART_READER_LITE
LIVE PREVIEW

PISCES: A Programmable, Protocol-Independent Software Switch - - PowerPoint PPT Presentation

Dec 23, 2023 1.03k likes •1.35k views

PISCES: A Programmable, Protocol-Independent Software Switch Muhammad Shahbaz, Sean Choi , Ben Pfaff, Changhoon Kim, Nick Feamster, Nick McKeown, and Jennifer Rexford Fixed Set of Protocols Fixed-Function Switch Chip Ethernet TCP HTTP UDP

slide-1
SLIDE 1

PISCES: A Programmable, Protocol-Independent Software Switch

Muhammad Shahbaz, Sean Choi, Ben Pfaff, Changhoon Kim, Nick Feamster, Nick McKeown, and Jennifer Rexford

slide-2
SLIDE 2

TCP IPv4 Ethernet UDP IPv6 BGP HTTP TLS

Fixed-Function Switch Chip Fixed Set of Protocols

2

slide-3
SLIDE 3
  • Ease of Adding new protocols
  • Ease of Removing unused protocols
  • Gain greater Visibility into the network
  • Perform network functions at the switch

3

slide-4
SLIDE 4

TCP IPv4 Ethernet

CUSTOM_P

IPv6 BGP HTTP TLS

Programmable Switching Chip Custom Protocols

4

slide-5
SLIDE 5

Software Switch

VM VM

Virtual Port Physical Port

5

slide-6
SLIDE 6

20 40 60 2010 2011 2012 2013 2014 2015 Millions

  • Approx. Number of Physical Ports vs. Virtual Ports in

Global Data Centers [1]

Phyical Ports Virtual Ports

[1] Martin Casado, VMWorld 2013

6

slide-7
SLIDE 7

Not really…

It should be EASY to program software switches!

7

slide-8
SLIDE 8

Fast Packet Forwarding

Software Switch

Kernel DPDK

8

slide-9
SLIDE 9

Packet Processing Logic

Software Switch

Kernel DPDK

Parser Match-Action Pipeline

Requires domain expertise in:

  • Network protocol design
  • Kernel development

Slow to release changes

Specialized APIs

9

slide-10
SLIDE 10

Software Switch

Kernel DPDK

Parser Match-Action Pipeline

To add TCP Flag in Open vSwitch… changed 20 files and 370 lines of code[1] Weeks of development and Test

[1] https://github.com/openvswitch/ovs/commit/dc235f7fbcff

10

slide-11
SLIDE 11

We can do this in 4 lines and within minutes with PISCES!

header_type tcp_t { fields { srcPort : 16; dstPort : 16; seqNo : 32; ackNo : 32; dataOffset : 4; res : 4; tcp_flags : 12; window : 16; checksum : 16; urgentPtr : 16; } } parser tcp { extract(tcp); set_metadata(flow.tcp_flags, tcp.tcp_flags); return ingress; } header_type flow_t { fields { ... tcp_flags_pad : 4; tcp_flags : 12; ... } } 11

slide-12
SLIDE 12

Kernel DPDK

Software Switch

Parser Match-Action Pipeline

12

slide-13
SLIDE 13

Kernel DPDK

Software Switch

Domain-Specific Language (DSL) Parser Match-Action Pipeline

Compile

Parser Match-Action Pipeline

TCP Header

header_type tcp_t { fields { srcPort : 16; dstPort : 16; seqNo : 32; ackNo : 32; dataOffset : 4; res : 4; window : 16; checksum : 16; urgentPtr : 16; } } parser tcp { extract(tcp); return ingress; } ... 13

slide-14
SLIDE 14

Kernel DPDK

Software Switch

Domain-Specific Language Parser Match-Action Pipeline

Compile

Parser Match-Action Pipeline Domain-Specific Language 2 Parser Match-Action Pipeline

Kernel DPDK

Switch 2

Parser Match-Action Pipeline

PISCES is a software switch that takes

  • a Domain-Specific Language input

and outputs a customized

  • a Software Switch Target

14

slide-15
SLIDE 15

Kernel DPDK

OVS Parser Match-Action Pipeline

Compile

Parser Match-Action Pipeline

[1] http://p4.org

P4 is an open-source language.[1] Easily defines

  • Packet headers and fields
  • Parser
  • Actions
  • Match-Action Tables

P4[1]

15

slide-16
SLIDE 16

Kernel DPDK

P4 Parser Match-Action Pipeline

Compile

Parser Match-Action Pipeline

Native OVS Packet Processing Logic 341 lines of P4 code 14,535 lines of C code

OVS

16

slide-17
SLIDE 17

Compiler P4 Program P.I. OVS

parse match action

OVS Executable

header_type tcp_t { fields { srcPort : 16; dstPort : 16; seqNo : 32; ackNo : 32; dataOffset : 4; res : 4; window : 16; checksum : 16; urgentPtr : 16; } } parser tcp { extract(tcp); return ingress; } ... header_type tcpv2_t { fields { srcPort : 16; dstPort : 16; seqNo : 32; ackNo : 32; dataOffset : 4; res : 4; tcp_flags : 8; window : 16; checksum : 16; urgentPtr : 16; } } parser tcpv2 { extract(tcpv2); set_metadata(flow.tcp_flags, tcpv2.tcp_flags); return ingress; } ... 17

PISCES

slide-18
SLIDE 18

Kernel DPDK

OVS P4 Parser Match-Action Pipeline Parser Match-Action Pipeline

Performance Overhead?

Compile

18

slide-19
SLIDE 19

8.29 13.62 19.00 25.71 13.43 23.35 33.17 43.00

5 10 15 20 25 30 35 40 45 50

64 128 192 256 Throughput (Gbps) Packet Size (Bytes) PISCES v0.1 OVS

Throughput on Eth + IPv4 + ACL benchmark application

Performance overhead of

~40%

19

slide-20
SLIDE 20

Packet Parser Ingress Match-Action Tables Packet Deparser Egress Checksum Verify Checksum Update

CPU Cycles per Packet

20

Cause for the Overhead

slide-21
SLIDE 21

Extra CPU cycles are consumed by

  • Checksum computation
  • Packet header editing mode

and more…

21

slide-22
SLIDE 22

Packet Parser Ingress Match-Action Pipeline Egress Checksum Verify Checksum Update

Checksum Verify ( version, ihl, diffserv, totalLen, identification, flags, fragOffset, ttl, protocol, hdrChecksum, srcAddr, dstAddr) Checksum Update ( version, ihl, diffserv, totalLen, identification, flags, fragOffset, ttl, protocol, hdrChecksum, srcAddr, dstAddr)

22

Checksum Inefficiencies

slide-23
SLIDE 23

Packet Parser Ingress

Decrement(ttl)

Egress Checksum Verify Checksum Update

Checksum Verify ( version, ihl, diffserv, totalLen, identification, flags, fragOffset, ttl, protocol, hdrChecksum, srcAddr, dstAddr) Incremental Checksum Update (ttl)

23

Checksum Inefficiencies

slide-24
SLIDE 24

Packet Parser Match-Action Tables Packet Deparser Ingress Egress Header Fields Ingress Packet Egress Packet Checksum Update Checksum Verify

Post-Pipeline Editing

24

slide-25
SLIDE 25

Packet Parser Ingress Egress Packet Ingress Packet Egress Match-Action Tables

Inline Editing

25

slide-26
SLIDE 26

Editing Mode Advantage Disadvantage

Post-Pipeline Packet header size is adjusted only once Extra copy of headers Inline No extra copy of headers Packet header size is adjusted multiple times

26

Editing Mode Advantage Disadvantage

Post-Pipeline Extra copy of headers Inline No extra copy of headers

slide-27
SLIDE 27

Packet Parser Ingress Match-Action Tables Packet Deparser Egress

PISCES automatically chooses between

  • Inline Editing
  • Post-pipeline Editing

Checksum Verify Checksum Update

27

slide-28
SLIDE 28

7.59 12.28 12.56 13.32 13.43

2 4 6 8 10 12 14 16

64 Throughput (Gbps) Packet Size (Bytes)

PISCES v0.1 Incremental Checksum Editing Mode Selection PISCES v1.0 Native OVS

Performance overhead of

< 2%

Throughput on Eth + IPv4 + ACL benchmark application

28

slide-29
SLIDE 29

28 18 20 1 1 1

5 10 15 20 25 30 Connection Label Tunnel OAM Flag TCP Flag

Number of Files Changed

Native OVS PISCES

411 170 370 5 6 4

50 100 150 200 250 300 350 400 450 Connection Label Tunnel OAM Flag TCP Flag

Lines of Code Changed

Native OVS PISCES

29

slide-30
SLIDE 30
  • A method to quickly develop and deploy packet

processing logic on a software switch

  • With hardly any performance cost!

30

Learn more and Try PISCES here: http://pisces.cs.princeton.edu