Jennifer Rexford
Professor
Princeton University
Plenaries Session
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
This webinar explains why PISA chips are inevitable, provides overview of machine architecture of such switches, presents a brief primer on the P4 language with sample programs for a variety of networks and demonstrates a powerful network diagnostics application implemented in P4.
Programmability in SDNs is confined to the network control plane. The forwarding plane is still largely dictated by fixed-function switching chips. Our goal is to change that, and to allow programmers to define how packets are to be processed all the way down to the wire.
This is made possible by a new generation of high-performance forwarding chips. At the high-end, PISA (Protocol-Independent Switch Architecture) chips promise multi-Tb/s of packet processing. At the mid- and low-end of the performance spectrum, CPUs, GPUs, FPGAs, and NPUs already offer great flexibility with performance of a few tens to hundreds of Gb/s.
In addition to programmable forwarding chips, we also need a high-level language to dictate the forwarding behavior in a target independent fashion. "P4" (www.p4.org) is such a language. In P4, the programer declares how packets are to be processed, and a compiler generates a configuration for a PISA chip, or a programmable target in general. For example, the programmer might program the switch to be a top-of-rack switch, a firewall, or a load-balancer; and might add features to run automatic diagnostics and novel congestion control algorithms.
Protecting the Privacy of the Network – Using P4 to Prototype and Extend Netw...Open-NFP
o protect the privacy of sensitive application data, we encrypt it before sending it over networks. However, we do not treat sensitive information about the network in the same way. Instead, headers are sent in plain text and leak sensitive information about the network – especially valid host addresses, type of service markings. In our research, we are developing a protocol to also encrypt Layer 3 headers. Using P4, we are able to rapidly stand up and prototype our proposed solution in real code running across real devices. In this webinar, I will introduce our approach and how we used and extended P4 functionality to stand up a prototype.
Mark Matties
The Johns Hopkins University Applied Physics Lab
Mark Matties is the Chief Scientist in the Communication and Networking Systems group at JHU APL, where he develops and evaluates SDN solutions to improve network security and performance. He holds a B.S. in Chemistry and a Ph.D. in Polymer Science and has worked for over 20 years in computing, networking, and security.
P4 for Custom Identification, Flow Tagging, Monitoring and ControlOpen-NFP
This tutorial will show the use of P4 on an Agilio CX intelligent server adapter (ISA) to enable identification and custom tagging for the rerouting of elastic traffic within a telecoms data center for virtualized compute nodes. The identification is done using real time dynamic measurements of flows on the ISA. Real time dynamic measurement of flows on the ISA is critical for cloud centric service models and service automation. Enabling applications such as security, root cause analysis, big data analytics, and traffic engineering to adjust the depth and complexity of flow monitoring could enable a new wave of sophisticated features and opportunities. The purpose of the talk is to illustrate how these types of applications would benefit from a P4 framework through utilizing P4 interfaces for advanced and customized flow measurements.
Nic Viljoen
Software Engineer
Nic Viljoen is a Software Engineer at Netronome, focusing on the enablement of real time analytics at the compute node in the data plane using intelligent server adapters. He is currently collaborating with the CORD project at ON.Lab to apply this within the context of the next generation mobile edge network (MCORD). Nic spent four years at the University of Cambridge where he received his undergraduate degree and an MEng in Information Engineering, focusing on Causality and Machine Learning.
In this talk we discuss the mechanisms of utilizing the eBPF language to perform hardware accelerated network packet manipulation and filtering. P4 programs can be compiled into eBPF scripts for offload in the Linux kernel using the Traffic Classifier (TC) subsystem. We demonstrate how, using eBPF as an intermediate language, it has been possible to extend the TC to either Just In Time (JIT) compile eBPF code to x86 assembler for software offload or to IXP byte code for execution in a trusted hardware environment within the Netronome Agilio intelligent server adapter. We finish by encouraging the audience to experiment with their own eBPF applications within the TC hardware accelerated system. The TC kernel patches are available on the Linux Kernel Networking mailing list as a Request For Comment (RFC) contribution.
Dinan Gunawardena, Director, Software Engineering, Netronome
Dinan Gunawardena is a Software Director focusing on running the driver team at Netronome. Previously, Dinan founded a software startup and was a Senior Research Engineer within the Operating Systems and Networking Group at Microsoft Research for 12 years, shipping technology in several versions of Microsoft Windows and the Bing Search Engine. Dinan has received over 20 patents and is a Chartered Software Engineer. Dinan has a Masters in Computer Science from University of Cambridge and a M.B.A. from WBS.
Jakub Kicinski, Software Engineering, Netronome
Jakub Kicinski is a Software Engineer specializing in the Linux Kernel drivers for Netronome SmartNICs. Jakub has previously worked as an intern for Intel Corporation. Jakub is also a researcher with expertise in Linux kernel. Experience in application development on complex multi-CPU and FPGA platforms. He is interested in high-performance software exploiting hardware capabilities and is passionate about networking. Jakub has a Masters in Computer Science from Gdansk University of Technology.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/2IDXhIf.
Changhoon Kim talks about the new PISA ASICs which promises multi Tb/s of packet processing with uncompromised programmability, and P4, a new domain-specific high-level language designed for networking. He shows how PISA and P4 will change the way we design, build, and run not just our networks, but also distributed systems and applications. Filmed at qconsf.com.
Changhoon Kim is a Director of System Architecture at Barefoot Networks. Prior to Barefoot, he worked at Windows Azure, Microsoft’s cloud-service division, and led engineering and research projects on the architecture, performance, and management of datacenter networks.
Jennifer Rexford
Professor
Princeton University
Plenaries Session
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
This webinar explains why PISA chips are inevitable, provides overview of machine architecture of such switches, presents a brief primer on the P4 language with sample programs for a variety of networks and demonstrates a powerful network diagnostics application implemented in P4.
Programmability in SDNs is confined to the network control plane. The forwarding plane is still largely dictated by fixed-function switching chips. Our goal is to change that, and to allow programmers to define how packets are to be processed all the way down to the wire.
This is made possible by a new generation of high-performance forwarding chips. At the high-end, PISA (Protocol-Independent Switch Architecture) chips promise multi-Tb/s of packet processing. At the mid- and low-end of the performance spectrum, CPUs, GPUs, FPGAs, and NPUs already offer great flexibility with performance of a few tens to hundreds of Gb/s.
In addition to programmable forwarding chips, we also need a high-level language to dictate the forwarding behavior in a target independent fashion. "P4" (www.p4.org) is such a language. In P4, the programer declares how packets are to be processed, and a compiler generates a configuration for a PISA chip, or a programmable target in general. For example, the programmer might program the switch to be a top-of-rack switch, a firewall, or a load-balancer; and might add features to run automatic diagnostics and novel congestion control algorithms.
Protecting the Privacy of the Network – Using P4 to Prototype and Extend Netw...Open-NFP
o protect the privacy of sensitive application data, we encrypt it before sending it over networks. However, we do not treat sensitive information about the network in the same way. Instead, headers are sent in plain text and leak sensitive information about the network – especially valid host addresses, type of service markings. In our research, we are developing a protocol to also encrypt Layer 3 headers. Using P4, we are able to rapidly stand up and prototype our proposed solution in real code running across real devices. In this webinar, I will introduce our approach and how we used and extended P4 functionality to stand up a prototype.
Mark Matties
The Johns Hopkins University Applied Physics Lab
Mark Matties is the Chief Scientist in the Communication and Networking Systems group at JHU APL, where he develops and evaluates SDN solutions to improve network security and performance. He holds a B.S. in Chemistry and a Ph.D. in Polymer Science and has worked for over 20 years in computing, networking, and security.
P4 for Custom Identification, Flow Tagging, Monitoring and ControlOpen-NFP
This tutorial will show the use of P4 on an Agilio CX intelligent server adapter (ISA) to enable identification and custom tagging for the rerouting of elastic traffic within a telecoms data center for virtualized compute nodes. The identification is done using real time dynamic measurements of flows on the ISA. Real time dynamic measurement of flows on the ISA is critical for cloud centric service models and service automation. Enabling applications such as security, root cause analysis, big data analytics, and traffic engineering to adjust the depth and complexity of flow monitoring could enable a new wave of sophisticated features and opportunities. The purpose of the talk is to illustrate how these types of applications would benefit from a P4 framework through utilizing P4 interfaces for advanced and customized flow measurements.
Nic Viljoen
Software Engineer
Nic Viljoen is a Software Engineer at Netronome, focusing on the enablement of real time analytics at the compute node in the data plane using intelligent server adapters. He is currently collaborating with the CORD project at ON.Lab to apply this within the context of the next generation mobile edge network (MCORD). Nic spent four years at the University of Cambridge where he received his undergraduate degree and an MEng in Information Engineering, focusing on Causality and Machine Learning.
In this talk we discuss the mechanisms of utilizing the eBPF language to perform hardware accelerated network packet manipulation and filtering. P4 programs can be compiled into eBPF scripts for offload in the Linux kernel using the Traffic Classifier (TC) subsystem. We demonstrate how, using eBPF as an intermediate language, it has been possible to extend the TC to either Just In Time (JIT) compile eBPF code to x86 assembler for software offload or to IXP byte code for execution in a trusted hardware environment within the Netronome Agilio intelligent server adapter. We finish by encouraging the audience to experiment with their own eBPF applications within the TC hardware accelerated system. The TC kernel patches are available on the Linux Kernel Networking mailing list as a Request For Comment (RFC) contribution.
Dinan Gunawardena, Director, Software Engineering, Netronome
Dinan Gunawardena is a Software Director focusing on running the driver team at Netronome. Previously, Dinan founded a software startup and was a Senior Research Engineer within the Operating Systems and Networking Group at Microsoft Research for 12 years, shipping technology in several versions of Microsoft Windows and the Bing Search Engine. Dinan has received over 20 patents and is a Chartered Software Engineer. Dinan has a Masters in Computer Science from University of Cambridge and a M.B.A. from WBS.
Jakub Kicinski, Software Engineering, Netronome
Jakub Kicinski is a Software Engineer specializing in the Linux Kernel drivers for Netronome SmartNICs. Jakub has previously worked as an intern for Intel Corporation. Jakub is also a researcher with expertise in Linux kernel. Experience in application development on complex multi-CPU and FPGA platforms. He is interested in high-performance software exploiting hardware capabilities and is passionate about networking. Jakub has a Masters in Computer Science from Gdansk University of Technology.
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/2IDXhIf.
Changhoon Kim talks about the new PISA ASICs which promises multi Tb/s of packet processing with uncompromised programmability, and P4, a new domain-specific high-level language designed for networking. He shows how PISA and P4 will change the way we design, build, and run not just our networks, but also distributed systems and applications. Filmed at qconsf.com.
Changhoon Kim is a Director of System Architecture at Barefoot Networks. Prior to Barefoot, he worked at Windows Azure, Microsoft’s cloud-service division, and led engineering and research projects on the architecture, performance, and management of datacenter networks.
This work presents a P4 compiler backend targeting XDP, the eXpress Data Path. P4 is a domain-specific language describing how packets are processed by the data plane of a programmable network elements. XDP is designed for users who want programmability as well as performance.
https://github.com/williamtu/p4c-xdp/
Stacks and Layers: Integrating P4, C, OVS and OpenStackOpen-NFP
Smart Network Interface Cards (SmartNICs) are increasingly being deployed in cloud data centers to offload inline network processing tasks from server CPUs, thereby improving system throughput while freeing up server CPU cycles for application processing. The match/action and tunnel handling semantics of SmartNIC datapaths can be either expressed directly in the P4 language, be defined by virtual switching software like Open vSwitch (implementing the semantics of a specification like OpenFlow), or by using a combination of these. This presentation compares these approaches, considering aspects like the expressiveness and performance of the resulting datapath as well how these datapath variants can be integrated into existing cloud management systems (e.g. OpenStack).
Johann Tönsing
Chief Architect & SVP, Software, Netronome
Johann is a recognized industry expert in SDN, Linux-based networking technologies, network virtualization, security, and NFV. Johann has been an active contributing member and has been nominated to leadership roles in multiple standards bodies related to SDN and NFV. As Netronome’s Chief Architect, Johann leads all aspects of Netronome’s product design and development, with heavy emphasis on advanced and open server-based networking technologies where he also holds multiple patents. He holds a Masters of Engineering in Electronics.
Network Measurement with P4 and C on Netronome AgilioOpen-NFP
Network measurement has been playing a crucial role in network operations since it cannot only detect the anomalies, but also facilitate traffic engineering. With the recent development of P4 language, network measurement is one of the data plane applications that can benefit from the programmability enabled by P4. However, P4 does not support general purpose language structures such as for-loop, and the if-statement can only be used in its control block, and it has only a limited set of primitive actions. Hence, the current P4 has its limitations to support complicated measurement functions. In this webinar, we implement and evaluate the Count-Min sketch (used for heavy hitter detection) using the combination of P4 and C on a Netronome NFP NIC. We plan to demonstrate the flexibility and performance of the design and the C plug-in feature of Netronome NFP.
P4-based VNF and Micro-VNF Chaining for Servers With Intelligent Server AdaptersOpen-NFP
Commodity servers equipped with intelligent server adapters (ISAs) are being used as platforms for Network Functions Virtualization (NFV). The network traffic processing required by a specific use case is frequently expressed by forming a chain of Virtual Network Functions (VNFs). This demonstration illustrates that VNFs in the chain can be hosted on the server CPU or on the ISA. It furthermore illustrates that VNFs can be decomposed into components called Micro-VNFs, with the components again being hosted on the server CPU and/or the ISA. A P4 program (compiled to native code running on the ISA) defines the overall semantics of the datapath within an ISA equipped server and expresses how VNFs and Micro-VNFs should be composed within this platform. We show how mechanisms like tunnels and service headers programmed using P4 are employed to establish the VNF service chain across multiple network nodes.
David George
Lead Engineer, Netronome
David George is a lead engineer on the Netronome SDK team and is primarily responsible for Netronome's P4 data plane. He has previously been worked on the SDK simulator and x86 data plane components. He holds a Masters of Electrical Engineering from the University of Cape Town.
Transparent eBPF Offload: Playing Nice with the Linux KernelOpen-NFP
Netronome is developing transparent kernel acceleration based on XDP and BPF. This allows bytecode intended for kernel applications to be directly offloaded using the upstreamed nfp_bpf_jit. The talk will focus on the basics of getting an XDP environment up and running, a couple of use cases and a simple demo of Netronome’s BPF offload in action.
Nick McKeown
Professor
Stanford University
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
This presentation will cover the basics of performance testing. Configuring systems correctly is essential to characterizing the performance of SmartNICs. The configuration of BIOS, CPU allocation, OS and VM parameters will be covered. Also, choices of traffic generators and typical test topologies will be described.
Cilium - Fast IPv6 Container Networking with BPF and XDPThomas Graf
We present a new open source project which provides IPv6 networking for Linux Containers by generating programs for each individual container on the fly and then runs them as JITed BPF code in the kernel. By generating and compiling the code, the program is reduced to the minimally required feature set and then heavily optimised by the compiler as parameters become plain variables. The upcoming addition of the Express Data Plane (XDP) to the kernel will make this approach even more efficient as the programs will get invoked directly from the network driver.
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThomas Graf
The Linux packet filtering technology, iptables, has its roots in times when networking was relatively simple and network bandwidth was measured in mere megabits. Emerging technologies, such as distributed NAT, overlay networks and containers require enhanced functionality and additional flexibility. In parallel, the next generation of network cards with speeds of 40Gb and 100Gb will put additional pressure on performance.
In the upcoming Red Hat Enterprise Linux 7, a new dynamic firewall service, FirewallD, is planned to provide greater flexibility over iptables by eliminating service disruptions during rule updates, abstraction, and support for different network trust zones. Additionally, a new virtual machine-based packet filtering technology, nftables, addresses the functionality and flexibility requirements of modern network workloads.
In this session you’ll:
Deep dive into the newly introduced packet filtering capabilities of Red Hat Enterprise Linux 7 beta.
Learn best practices.
See the new set of configuration utilities that allow new optimization possibilities.
The Paxos protocol is the foundation for building many fault-tolerant distributed systems and services. Given the importance of Paxos, and performance improvements to the protocol would have a significant impact on data-center infrastructure. We argue that implementing Paxos in network devices would significantly improve its performance. This talk describes an implementation of Paxos in P4, as well as our on-going efforts to evaluate the implementation on Netronome intelligent server adapters. Implementing Paxos provides a critical use case for P4, and will help drive the requirements for data plane languages in general. In the long term, we imagine that consensus could someday be offered as a network service.
Huynh Tu Dang
Italian University of Switzerland
Huynh Tu Dang is a second-year Ph.D. student in the Faculty of Informatics at Università della Svizzera Italiana. His research focuses on fault-tolerant distributed systems and application of software-defined networking (SDN). Previously, he worked as a research assistant at Ho Chi Minh International University and was an intern at INRIA, Nice-Sophia Antipolis on BtrPlace project. He received his Bachelor's degree from the School of Computer Science and Engineering at Ho Chi Minh International University.
As containers are being deployed as part of multi tenant clusters, virtual multi layer switches become essential to interconnect containers while providing isolation guarantees. Assigning tenants their own private networks requires stateful network address translation (NAT) implemented in a scalable architecture to expose containers to public networks. Existing virtual switches integrated into the Linux kernel did not support stateful NAT so far. This presentation introduces a new virtual NAT service deployable as container built using existing kernel functionality such as network namespaces, routing rules and Netfilter to provide NAT services to existing virtual switches such as Open vSwitch and the Linux bridge but also the core L3 layer of Linux.
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)Thomas Graf
Open vSwitch (OVS) has long been a critical component of the Neutron's reference implementation, offering reliable and flexible virtual switching for cloud environments.
Being an early adopter of the OVS technology, Neutron's reference implementation made some compromises to stay within the early, stable featureset OVS exposed. In particular, Security Groups (SG) have been so far implemented by leveraging hybrid Linux Bridging and IPTables, which come at a significant performance overhead. However, thanks to recent developments and ongoing improvements within the OVS community, we are now able to implement feature-complete security groups directly within OVS.
In this talk we will summarize the existing Security Groups implementation in Neutron and compare its performance with the Open vSwitch-only approach. We hope this analysis will form the foundation of future improvements to the Neutron Open vSwitch reference design.
BKK16-409 VOSY Switch Port to ARMv8 Platforms and ODP IntegrationLinaro
Virtual Open Systems has developed VOSYSwitch, a high-performance user space networking virtual switch solution enabling NFV, based on the open source packet processing framework SnabbSwitch. In this talk, the experience of porting VOSYSwitch from x86 to ARMv8 will be shared, along with the integration of ODP as a driver layer for the available hardware resources. In addition to this presentation, a live demonstration will showcase chained VNFs connected through VOSYSwitch, where an OpenFastPath web server is implemented behind an ODP enabled packet filtering firewall. The targeted platforms are Freescale (NXP) LS2085A and Cavium's ThunderX.
Netronome's half-day tutorial on host data plane acceleration at ACM SIGCOMM 2018 introduced attendees to models for host data plane acceleration and provided an in-depth understanding of SmartNIC deployment models at hyperscale cloud vendors and telecom service providers.
Presenter Bio
Jaco Joubert is a Software Engineer at Netronome focusing on P4 and its applications on the Netronome SmartNIC. He recently started investigating network acceleration for Deep Learning on distributed systems. Prior to Netronome he worked on mobile application development and was a researcher at Telkom SA focusing on the mobile core after completing his Masters Degree in Computer, Electronic Engineering in 2014.
This presentation introduces Data Plane Development Kit overview and basics. It is a part of a Network Programming Series.
First, the presentation focuses on the network performance challenges on the modern systems by comparing modern CPUs with modern 10 Gbps ethernet links. Then it touches memory hierarchy and kernel bottlenecks.
The following part explains the main DPDK techniques, like polling, bursts, hugepages and multicore processing.
DPDK overview explains how is the DPDK application is being initialized and run, touches lockless queues (rte_ring), memory pools (rte_mempool), memory buffers (rte_mbuf), hashes (rte_hash), cuckoo hashing, longest prefix match library (rte_lpm), poll mode drivers (PMDs) and kernel NIC interface (KNI).
At the end, there are few DPDK performance tips.
Tags: access time, burst, cache, dpdk, driver, ethernet, hub, hugepage, ip, kernel, lcore, linux, memory, pmd, polling, rss, softswitch, switch, userspace, xeon
This presentation features a walk through the Linux kernel networking stack covering the essentials and recent developments a developer needs to know. Our starting point is the network card driver as it feeds a packet into the stack. We will follow the packet as it traverses through various subsystems such as packet filtering, routing, protocol stacks, and the socket layer. We will pause here and there to look into concepts such as segmentation offloading, TCP small queues, and low latency polling. We will cover APIs exposed by the kernel that go beyond use of write()/read() on sockets and will look into how they are implemented on the kernel side.
This work presents a P4 compiler backend targeting XDP, the eXpress Data Path. P4 is a domain-specific language describing how packets are processed by the data plane of a programmable network elements. XDP is designed for users who want programmability as well as performance.
https://github.com/williamtu/p4c-xdp/
Stacks and Layers: Integrating P4, C, OVS and OpenStackOpen-NFP
Smart Network Interface Cards (SmartNICs) are increasingly being deployed in cloud data centers to offload inline network processing tasks from server CPUs, thereby improving system throughput while freeing up server CPU cycles for application processing. The match/action and tunnel handling semantics of SmartNIC datapaths can be either expressed directly in the P4 language, be defined by virtual switching software like Open vSwitch (implementing the semantics of a specification like OpenFlow), or by using a combination of these. This presentation compares these approaches, considering aspects like the expressiveness and performance of the resulting datapath as well how these datapath variants can be integrated into existing cloud management systems (e.g. OpenStack).
Johann Tönsing
Chief Architect & SVP, Software, Netronome
Johann is a recognized industry expert in SDN, Linux-based networking technologies, network virtualization, security, and NFV. Johann has been an active contributing member and has been nominated to leadership roles in multiple standards bodies related to SDN and NFV. As Netronome’s Chief Architect, Johann leads all aspects of Netronome’s product design and development, with heavy emphasis on advanced and open server-based networking technologies where he also holds multiple patents. He holds a Masters of Engineering in Electronics.
Network Measurement with P4 and C on Netronome AgilioOpen-NFP
Network measurement has been playing a crucial role in network operations since it cannot only detect the anomalies, but also facilitate traffic engineering. With the recent development of P4 language, network measurement is one of the data plane applications that can benefit from the programmability enabled by P4. However, P4 does not support general purpose language structures such as for-loop, and the if-statement can only be used in its control block, and it has only a limited set of primitive actions. Hence, the current P4 has its limitations to support complicated measurement functions. In this webinar, we implement and evaluate the Count-Min sketch (used for heavy hitter detection) using the combination of P4 and C on a Netronome NFP NIC. We plan to demonstrate the flexibility and performance of the design and the C plug-in feature of Netronome NFP.
P4-based VNF and Micro-VNF Chaining for Servers With Intelligent Server AdaptersOpen-NFP
Commodity servers equipped with intelligent server adapters (ISAs) are being used as platforms for Network Functions Virtualization (NFV). The network traffic processing required by a specific use case is frequently expressed by forming a chain of Virtual Network Functions (VNFs). This demonstration illustrates that VNFs in the chain can be hosted on the server CPU or on the ISA. It furthermore illustrates that VNFs can be decomposed into components called Micro-VNFs, with the components again being hosted on the server CPU and/or the ISA. A P4 program (compiled to native code running on the ISA) defines the overall semantics of the datapath within an ISA equipped server and expresses how VNFs and Micro-VNFs should be composed within this platform. We show how mechanisms like tunnels and service headers programmed using P4 are employed to establish the VNF service chain across multiple network nodes.
David George
Lead Engineer, Netronome
David George is a lead engineer on the Netronome SDK team and is primarily responsible for Netronome's P4 data plane. He has previously been worked on the SDK simulator and x86 data plane components. He holds a Masters of Electrical Engineering from the University of Cape Town.
Transparent eBPF Offload: Playing Nice with the Linux KernelOpen-NFP
Netronome is developing transparent kernel acceleration based on XDP and BPF. This allows bytecode intended for kernel applications to be directly offloaded using the upstreamed nfp_bpf_jit. The talk will focus on the basics of getting an XDP environment up and running, a couple of use cases and a simple demo of Netronome’s BPF offload in action.
Nick McKeown
Professor
Stanford University
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
This presentation will cover the basics of performance testing. Configuring systems correctly is essential to characterizing the performance of SmartNICs. The configuration of BIOS, CPU allocation, OS and VM parameters will be covered. Also, choices of traffic generators and typical test topologies will be described.
Cilium - Fast IPv6 Container Networking with BPF and XDPThomas Graf
We present a new open source project which provides IPv6 networking for Linux Containers by generating programs for each individual container on the fly and then runs them as JITed BPF code in the kernel. By generating and compiling the code, the program is reduced to the minimally required feature set and then heavily optimised by the compiler as parameters become plain variables. The upcoming addition of the Express Data Plane (XDP) to the kernel will make this approach even more efficient as the programs will get invoked directly from the network driver.
The Next Generation Firewall for Red Hat Enterprise Linux 7 RCThomas Graf
The Linux packet filtering technology, iptables, has its roots in times when networking was relatively simple and network bandwidth was measured in mere megabits. Emerging technologies, such as distributed NAT, overlay networks and containers require enhanced functionality and additional flexibility. In parallel, the next generation of network cards with speeds of 40Gb and 100Gb will put additional pressure on performance.
In the upcoming Red Hat Enterprise Linux 7, a new dynamic firewall service, FirewallD, is planned to provide greater flexibility over iptables by eliminating service disruptions during rule updates, abstraction, and support for different network trust zones. Additionally, a new virtual machine-based packet filtering technology, nftables, addresses the functionality and flexibility requirements of modern network workloads.
In this session you’ll:
Deep dive into the newly introduced packet filtering capabilities of Red Hat Enterprise Linux 7 beta.
Learn best practices.
See the new set of configuration utilities that allow new optimization possibilities.
The Paxos protocol is the foundation for building many fault-tolerant distributed systems and services. Given the importance of Paxos, and performance improvements to the protocol would have a significant impact on data-center infrastructure. We argue that implementing Paxos in network devices would significantly improve its performance. This talk describes an implementation of Paxos in P4, as well as our on-going efforts to evaluate the implementation on Netronome intelligent server adapters. Implementing Paxos provides a critical use case for P4, and will help drive the requirements for data plane languages in general. In the long term, we imagine that consensus could someday be offered as a network service.
Huynh Tu Dang
Italian University of Switzerland
Huynh Tu Dang is a second-year Ph.D. student in the Faculty of Informatics at Università della Svizzera Italiana. His research focuses on fault-tolerant distributed systems and application of software-defined networking (SDN). Previously, he worked as a research assistant at Ho Chi Minh International University and was an intern at INRIA, Nice-Sophia Antipolis on BtrPlace project. He received his Bachelor's degree from the School of Computer Science and Engineering at Ho Chi Minh International University.
As containers are being deployed as part of multi tenant clusters, virtual multi layer switches become essential to interconnect containers while providing isolation guarantees. Assigning tenants their own private networks requires stateful network address translation (NAT) implemented in a scalable architecture to expose containers to public networks. Existing virtual switches integrated into the Linux kernel did not support stateful NAT so far. This presentation introduces a new virtual NAT service deployable as container built using existing kernel functionality such as network namespaces, routing rules and Netfilter to provide NAT services to existing virtual switches such as Open vSwitch and the Linux bridge but also the core L3 layer of Linux.
Taking Security Groups to Ludicrous Speed with OVS (OpenStack Summit 2015)Thomas Graf
Open vSwitch (OVS) has long been a critical component of the Neutron's reference implementation, offering reliable and flexible virtual switching for cloud environments.
Being an early adopter of the OVS technology, Neutron's reference implementation made some compromises to stay within the early, stable featureset OVS exposed. In particular, Security Groups (SG) have been so far implemented by leveraging hybrid Linux Bridging and IPTables, which come at a significant performance overhead. However, thanks to recent developments and ongoing improvements within the OVS community, we are now able to implement feature-complete security groups directly within OVS.
In this talk we will summarize the existing Security Groups implementation in Neutron and compare its performance with the Open vSwitch-only approach. We hope this analysis will form the foundation of future improvements to the Neutron Open vSwitch reference design.
BKK16-409 VOSY Switch Port to ARMv8 Platforms and ODP IntegrationLinaro
Virtual Open Systems has developed VOSYSwitch, a high-performance user space networking virtual switch solution enabling NFV, based on the open source packet processing framework SnabbSwitch. In this talk, the experience of porting VOSYSwitch from x86 to ARMv8 will be shared, along with the integration of ODP as a driver layer for the available hardware resources. In addition to this presentation, a live demonstration will showcase chained VNFs connected through VOSYSwitch, where an OpenFastPath web server is implemented behind an ODP enabled packet filtering firewall. The targeted platforms are Freescale (NXP) LS2085A and Cavium's ThunderX.
Netronome's half-day tutorial on host data plane acceleration at ACM SIGCOMM 2018 introduced attendees to models for host data plane acceleration and provided an in-depth understanding of SmartNIC deployment models at hyperscale cloud vendors and telecom service providers.
Presenter Bio
Jaco Joubert is a Software Engineer at Netronome focusing on P4 and its applications on the Netronome SmartNIC. He recently started investigating network acceleration for Deep Learning on distributed systems. Prior to Netronome he worked on mobile application development and was a researcher at Telkom SA focusing on the mobile core after completing his Masters Degree in Computer, Electronic Engineering in 2014.
This presentation introduces Data Plane Development Kit overview and basics. It is a part of a Network Programming Series.
First, the presentation focuses on the network performance challenges on the modern systems by comparing modern CPUs with modern 10 Gbps ethernet links. Then it touches memory hierarchy and kernel bottlenecks.
The following part explains the main DPDK techniques, like polling, bursts, hugepages and multicore processing.
DPDK overview explains how is the DPDK application is being initialized and run, touches lockless queues (rte_ring), memory pools (rte_mempool), memory buffers (rte_mbuf), hashes (rte_hash), cuckoo hashing, longest prefix match library (rte_lpm), poll mode drivers (PMDs) and kernel NIC interface (KNI).
At the end, there are few DPDK performance tips.
Tags: access time, burst, cache, dpdk, driver, ethernet, hub, hugepage, ip, kernel, lcore, linux, memory, pmd, polling, rss, softswitch, switch, userspace, xeon
This presentation features a walk through the Linux kernel networking stack covering the essentials and recent developments a developer needs to know. Our starting point is the network card driver as it feeds a packet into the stack. We will follow the packet as it traverses through various subsystems such as packet filtering, routing, protocol stacks, and the socket layer. We will pause here and there to look into concepts such as segmentation offloading, TCP small queues, and low latency polling. We will cover APIs exposed by the kernel that go beyond use of write()/read() on sockets and will look into how they are implemented on the kernel side.
Please see my blog:
http://autekroy.blogspot.tw/
This is my presentation PowerPoint for the introduction to performance arts course.
My apology for the viewers don't know Chinese.
The topic is "Musical - Roméo et Juliette."
下面是我在表演藝術概論的課程時所製作的上課報告投影片
這份主題是"音樂劇-羅密歐與茱麗葉"
A tutorial presentation based on hadoop.apache.org documentation.
I gave this presentation at Amirkabir University of Technology as Teaching Assistant of Cloud Computing course of Dr. Amir H. Payberah in spring semester 2015.
Apache Big Data 2016: Next Gen Big Data Analytics with Apache ApexApache Apex
Apache Apex is a next gen big data analytics platform. Originally developed at DataTorrent it comes with a powerful stream processing engine, rich set of functional building blocks and an easy to use API for the developer to build real-time and batch applications. Apex runs natively on YARN and HDFS and is used in production in various industries. You will learn about the Apex architecture, including its unique features for scalability, fault tolerance and processing guarantees, programming model and use cases.
http://apachebigdata2016.sched.org/event/6M0L/next-gen-big-data-analytics-with-apache-apex-thomas-weise-datatorrent
How to make data available for analytics ASAPMariaDB plc
There are many ways to import data into MariaDB ColumnStore, including command-line tools for importing files. However, a combination of bulk and streaming data adapters makes it easy to import data on demand, without having to wait for a scheduled job. MariaDB's Jens Röwekamp and Markus Mäkelä show all of the ways to import data, from manual imports to more advanced options such as C++, Java and Python data adapters, Apache Spark, change-data-capture streams and Apache Kafka message queues – all of which can be used to import data on demand so it’s available for analytics as fast as possible.
Create C++ Applications with the Persistent Memory Development KitIntel® Software
Persistent memory retains data after a program crash or power failure. This demonstration shows how to make your application aware of persistent memory using the Persistent Memory Development Kit and includes a C++ code sample walk-through.
Intro to Apache Apex - Next Gen Platform for Ingest and TransformApache Apex
Introduction to Apache Apex - The next generation native Hadoop platform. This talk will cover details about how Apache Apex can be used as a powerful and versatile platform for big data processing. Common usage of Apache Apex includes big data ingestion, streaming analytics, ETL, fast batch alerts, real-time actions, threat detection, etc.
Bio:
Pramod Immaneni is Apache Apex PMC member and senior architect at DataTorrent, where he works on Apache Apex and specializes in big data platform and applications. Prior to DataTorrent, he was a co-founder and CTO of Leaf Networks LLC, eventually acquired by Netgear Inc, where he built products in core networking space and was granted patents in peer-to-peer VPNs.
(Open) MPI, Parallel Computing, Life, the Universe, and EverythingJeff Squyres
This talk is a general discussion of the current state of Open MPI, and a deep dive on two new features:
1. The flexible process affinity system (I presented many of these slides at the Madrid EuroMPI'13 conference in September 2013).
2. The MPI-3 "MPI_T" tools interface.
I originally gave this talk at Lawrence Berkeley Labs on Thursday, November 7, 2013.
Presentations from the Cloudera Impala meetup on Aug 20 2013Cloudera, Inc.
Presentations from the Cloudera Impala meetup on Aug 20 2013:
- Nong Li on Parquet+Impala and UDF support
- Henry Robinson on performance tuning for Impala
Quantifying Container Runtime Performance: OSCON 2017 Open Container DayPhil Estes
A talk given at Open Container Day at O'Reilly's OSCON convention in Austin, Texas on May 9th, 2017. This talk describes an open source project, bucketbench, which can be used to compare performance, stability, and throughput of various container engines. Bucketbench currently supports docker, containerd, and runc, but can be extended to support any container runtime. This work was done in response to performance investigations by the Apache OpenWhisk team in using containers as the execution vehicle for functions in their "Functions-as-a-Service" runtime. Find out more about bucketbench here: https://github.com/estesp/bucketbench
2024.06.01 Introducing a competency framework for languag learning materials ...Sandy Millin
http://sandymillin.wordpress.com/iateflwebinar2024
Published classroom materials form the basis of syllabuses, drive teacher professional development, and have a potentially huge influence on learners, teachers and education systems. All teachers also create their own materials, whether a few sentences on a blackboard, a highly-structured fully-realised online course, or anything in between. Despite this, the knowledge and skills needed to create effective language learning materials are rarely part of teacher training, and are mostly learnt by trial and error.
Knowledge and skills frameworks, generally called competency frameworks, for ELT teachers, trainers and managers have existed for a few years now. However, until I created one for my MA dissertation, there wasn’t one drawing together what we need to know and do to be able to effectively produce language learning materials.
This webinar will introduce you to my framework, highlighting the key competencies I identified from my research. It will also show how anybody involved in language teaching (any language, not just English!), teacher training, managing schools or developing language learning materials can benefit from using the framework.
Model Attribute Check Company Auto PropertyCeline George
In Odoo, the multi-company feature allows you to manage multiple companies within a single Odoo database instance. Each company can have its own configurations while still sharing common resources such as products, customers, and suppliers.
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
This slide is special for master students (MIBS & MIFB) in UUM. Also useful for readers who are interested in the topic of contemporary Islamic banking.
Normal Labour/ Stages of Labour/ Mechanism of LabourWasim Ak
Normal labor is also termed spontaneous labor, defined as the natural physiological process through which the fetus, placenta, and membranes are expelled from the uterus through the birth canal at term (37 to 42 weeks
4. Introduction
• Protocol Independent
• P4 programs specify how a switch processes packets.
• Target Independent
• P4 is suitable for describing everything from high-
performance forwarding ASICs to software switches.
• Field Reconfigurable
• P4 allows network engineers to change the way their
switches process packets after they are deployed.
5. P4 is not
• SDN Software Switch
• OpenFlow or Protocol
• Network abstraction
• Won’t compile to OpenFlow or any southbound
message.
5
6. P4 can
But OpenFlow Switch can’t
• Parse or modify L5~ header (e.g. inner ethernet
header from VXLAN, DNS query data, DHCP
header…)
• Define new protocol parser
• Stateful switch (need newest version of OvS or
modified OF switch)
• Flexible match field and table size of any table.
• Define new actions for tables.
6
8. How to write P4?
1. Define headers and parsers (parser graph)
2. Define actions, match fields for table.
3. Design a control flow for your target.
8
10. Header
• Like “struct” from C/C++, but more flexible.
header_type eth_t {
fields {
dst : 48;
src : 48;
ethType : 16;
}
}
header eth_t eth;
10
11. Parser
• Parse(extract) a packet step by step.
• Eth ————> IPv4 ———>TCP
parser parser_eth {
extract(eth);
return select(eth.type) {
0x800: parser_ipv4;
default: ingress;
}
}
parser parser_ipv4 {
extract(ipv4);
return select(latest.proto) {
6: parser_tcp;
default: ingress;
}
}
11
type 0x0800 proto 6
12. Actions
• Like a function(but no return value).
• In one function, you can use one or more P4 API
(e.g. modify_field, add_header…)
• Can be executed in parallel (depends on
implementation of target)
12
13. action set_dst_mac_and_output(new_mac, outport) {
modify_field(eth.dst, new_mac);
modify_field(standard_metadata.egress_spec, outport)
}
• For example, if we want to set destination mac
address and output port.
Actions
13
14. Table
• Every table might contains different match field and actions.
• Each table might have different features
• Not just P4, Some vendors slice tables for different purpose, for example:
OFDPA from Broadcom
16. Add one Flow Entry
• Currently, ways to control a P4 target (bmv2):
• Use runtime command line interface
• ONOS test app for bmv2
p4cli> table_add first_table set_dst_mac_and_output
10.0.0.0/24 => 00:00:00:00:00:01 1
17. Control flow
• Also like a function, but no argument or return value
• Main control flow: ingress and egress
• In control flow, you can:
• apply packet to specific tables
• go to other control flows
• When ingress ends, data will be sent to queue or
buffer, then handle by egress control flow.
21. Register, Metadata
• Register
• Like global variable, store data
• Can be use for stateful dataplane design
• Metadata
• Like local variable, reset after one control flow ended.
• If we need to use register, we need to load register to
metadata.
22. Counter
• Counter
• Count bytes or packets
• Update when table match or action call
• Fixed size, will stop counting or reset to zero
(depends on program)
27. Workflow(bmv2)
• Write P4 program
• Generate json file by using p4c-bmv2
• Use json to start a bmv2 target (e.g.
simple_switch)
28. Use mininet
• from p4_mininet import P4Switch, P4Host
• Setup cls parameter for addSwitch and addHost.
29. Use mininet
• net.addSwitch('s1', cls=P4Switch,
sw_path=SW_PATH, json_path=JSON_PATH,
thrift_port=9091)
• sw_path: bmv2 target path
• json_path: json file generated by p4c-bm
• thrift_port: port number for runtime API
30. P4 thrift API
• Connect bmv2 target and runtime CLI or
Conroller (e.g. ONOS)
• You can use runtime_CLI.py from bmv2
repository.