Trystakc.cn was announced in OpenStack Summit San Diego 2012(www.slideshare.net/openstack/trystack-introfinalpdf
).It was a Non-profit OpenStack community projects.
By Stackers, for stackers.Experience the latest OpenStack features.
Welcoming contributions and feedback, Join the fun !
Ronnie Scott
Consulting CSE
Presented at the Cybera/CANARIE National Summit 2009, as part of the session "What's Next: Key Areas of Emerging Cyberinfrastructure."
This session explored some of the up-and-coming areas of cyberinfrastructure and why they are increasingly being considered as essential elements to innovative research and development.
Trystakc.cn was announced in OpenStack Summit San Diego 2012(www.slideshare.net/openstack/trystack-introfinalpdf
).It was a Non-profit OpenStack community projects.
By Stackers, for stackers.Experience the latest OpenStack features.
Welcoming contributions and feedback, Join the fun !
Ronnie Scott
Consulting CSE
Presented at the Cybera/CANARIE National Summit 2009, as part of the session "What's Next: Key Areas of Emerging Cyberinfrastructure."
This session explored some of the up-and-coming areas of cyberinfrastructure and why they are increasingly being considered as essential elements to innovative research and development.
Apresentações | Jantar Exclusivo Cisco e Netapp | 27 de Junho de 2012 | Spett...Softcorp
A Softcorp, em parceria com a NetApp e a Cisco, realizou um jantar especial sobre a tecnologia FlexPod™.
Durante o evento foi possível conhecer os benefícios da solução e tirar dúvidas técnicas, operacionais e consultivas com os especialistas das três empresas.
O momento também foi oportuno para trocar experiências com outros profissionais do setor.
Para descontrair, tivemos uma palestra com boas dicas sobre cortes de carne e os segredos do bom churrasqueiro para garantir o sucesso do churrasco.
Webinar NETGEAR - Novita' Switch Prosafe e alcuni criteri per la scelta correttaNetgear Italia
Oltre alla breve introduzione della gamma di soluzioni inclusiva delle ultime novità, si tratteranno gli elementi distintivi delle famiglie di prodotto ed i alcuni criteri per l'identificazione delle soluzioni corrette ed adeguate per la nostra rete.
Lego Cloud SAP Virtualization Week 2012Benoit Hudzia
This session will demonstrate that by extending KVM we can deliver none-disruptively the next level of IaaS platform modularization. We will first show instantaneous live migration of VM. Then we will introduce the memory aggregation concept, and finally how to achieve full operational flexibility by dis-aggregating the datacenter resource to its core elements.
Slawomir Janukowicz, Juniper Networks
Juniper Day, Praha, 13.5.2015
Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf (kliknutím na tlačitko v dolní liště snímků).
Apresentações | Jantar Exclusivo Cisco e Netapp | 27 de Junho de 2012 | Spett...Softcorp
A Softcorp, em parceria com a NetApp e a Cisco, realizou um jantar especial sobre a tecnologia FlexPod™.
Durante o evento foi possível conhecer os benefícios da solução e tirar dúvidas técnicas, operacionais e consultivas com os especialistas das três empresas.
O momento também foi oportuno para trocar experiências com outros profissionais do setor.
Para descontrair, tivemos uma palestra com boas dicas sobre cortes de carne e os segredos do bom churrasqueiro para garantir o sucesso do churrasco.
Webinar NETGEAR - Novita' Switch Prosafe e alcuni criteri per la scelta correttaNetgear Italia
Oltre alla breve introduzione della gamma di soluzioni inclusiva delle ultime novità, si tratteranno gli elementi distintivi delle famiglie di prodotto ed i alcuni criteri per l'identificazione delle soluzioni corrette ed adeguate per la nostra rete.
Lego Cloud SAP Virtualization Week 2012Benoit Hudzia
This session will demonstrate that by extending KVM we can deliver none-disruptively the next level of IaaS platform modularization. We will first show instantaneous live migration of VM. Then we will introduce the memory aggregation concept, and finally how to achieve full operational flexibility by dis-aggregating the datacenter resource to its core elements.
Slawomir Janukowicz, Juniper Networks
Juniper Day, Praha, 13.5.2015
Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf (kliknutím na tlačitko v dolní liště snímků).
Overview of the Domain Name System (DNS).
In the early days of the Internet, hosts had a fixed IP address.
Reaching a host required to know its numeric IP address.
With the growing number of hosts this scheme became quickly awkward and difficult to use.
DNS was introduced to give hosts human readable names that would be translated into a numeric IP addresses on the fly when a requesting host tried to reach another host.
To facilitate a distributed administration of the domain names, a hierarchic scheme was introduced where responsibility to manage domain names is delegated to organizations which can further delegate management of sub-domains.
Due to its importance in the operation of the Internet, domain name servers are usually operated redundantly. The databases of both servers are periodically synchronized.
This is the deck that I used at the January 2012 Hyper-V.nu event in Amsterdam, Netherlands. It focuses on the Build announced details on Windows Server 8 Hyper-V networking.
Networking is NOT Free: Lessons in Network DesignRandy Bias
An in-depth critique of the existing OpenStack networking approach, with a focus on how the Nova network controller is more of a hindrance than a help. Discusses the gap in Quantum's functionality required to close the gap, and alternative solutions. How can we make networking in OpenStack robust, high performance, and fault tolerant? What do typical large scale networks look like and what lessons can we learn from them? Is there an approach to networking we can take that is the same with a handful of servers as it is with hundreds of racks?
Software Defined Networking is seeing a lot of momentum these days. With server virtualization solving the virtual machines problem, and large scale object storage solving the distributed storage challenge, SDN is seen as key in virtual networking.
In this talk we don't try to define SDN but rather dive straight into what in our opinion is the core enabled of SDN: the virtual switch OVS.
OVS can help manage VLAN for guest network isolation, it can re-route any traffic at L2-L4 by keeping forwarding tables controlled by a remote controller (Openfow controller). We show these few OVS capabilities and highlight how they are used in CloudStack and Xen.
Xen Summit presentation of CloudStack and Software Defined Networks. OpenVswitch is the default bridge in Xen and supported in XenServer and Xen Cloud Platform
With uCPE/SD-WAN taking center stage in enabling software-defined Cloud services to enterprise branch offices globally, this session will provide a uCPE review from a solution, deployment and reference design standpoint.
Speaker: Sab Gosal, Segment Manager
Network Platforms Group (NPG), September 2018
This presentation was shown at the OpenStack Online Meetup session on August 28, 2014. It is an update to the 2013 sessions, and adds content on Services Plugin, Modular plugins, as well as an Outlook to some Juno features like DVR, HA and IPv6 Support
How to bi your operations with System Center 2012 R2 using Operations Manager...hypervnu
System Center Summer Night - How to bi your operations with System Center 2012 R2 using Operations Manager and Service Manager - Oskar Landman en Walter Eikenboom
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
7. Socket, NUMA, Core, K-Group
– Processor: One physical processor, which can consist Kernel Group (K-Group)
of one or more NUMA nodes. Today a physical
processor ≈ a socket, with multiple cores.
– Non-uniform memory architecture (NUMA) node:
A set of logical processors and cache that are close to
one another.
– Core: One processing unit, which can consist of one or
more logical processors.
– Logical processor (LP): One logical computing engine
from the perspective of the operating system,
application or driver. In effect, a logical processor is a
thread (think hyper threading).
– Kernel Group: A set of up to 64 logical processors.
8. Advanced Network Features (1)
Receive Side Scaling (RSS)
Receive Segment Coalescing (RSC)
Dynamic Virtual Machine Queuing (DVMQ)
Single Root I/O Virtualization (SR-IOV)
NIC TEAMING
RDMA/Multichannel support for virtual machines on SMB3.0
9. Receive Side Scaling (RSS)
– Windows Server 2012 scales RSS to the next generation of
servers & workloads
– Spreads interrupts across all available CPUs
– Even for those very large scale hosts
– RSS now works across K-Groups
– Even RSS is “Numa Aware” to optimize performance
– Now load balances UDP traffic across CPUs
– 40% to 100% more throughput (backups, file copies, web)
10. Node 0 Node 1 Node 2 Node 3
Queues
Incoming Packets RSS NIC with 8 Queues
RSS improves scalability on multiple processors / NUMA nodes by distributing TCP/UDP
receive traffic across the cores in ≠ nodes / K-Groups
11. Receive Segment Coalescing (RSC)
– Coalesces packets in the NIC so the stack processes
fewer headers
– Multiple packets belonging to a connection are coalesced by
the NIC to a larger packet (max of 64 K) and processed
within a single interrupt
– 10 - 20% improvement in throughput & CPU workload
Offload to NIC
– Enabled by default on all 10Gbps
12. Receive Segment Coalescing
Coalesced into larger buffer
NIC with RSC
Incoming Packets
RSC helps by coalescing multiple inbound packets into a
larger buffer or “packet” which reduces per packet CPU
costs as less headers need to be processed.
13. Dynamic Virtual Machine Queue (DVMQ)
VMQ is to virtualization what RSS is to native workloads.
It makes sure that Routing, Filtering etc. is done by the NIC in queues and
that the interrupts for those queues don’t get done by 1 processor (0).
Most inbox 10Gbps Ethernet adapters support this.
Enabled by default.
Network I/O path without VMQ Network I/O path with VMQ
14. Dynamic Virtual Machine Queue (DVMQ)
Root Partition Root Partition Root Partition
CPU CPU CPU CPU CPU CPU CPU CPU CPU CPU CPU CPU
0 1 2 3 0 1 2 3 0 1 2 3
Physical NIC Physical NIC Physical NIC
No VMQ Static VMQ Dynamic VMQ
Adaptive optimal performance across changing workloads
15. Single-Root I/O Virtualization (SR-IOV)
– Reduces CPU utilization for processing network traffic
– Reduces latency path Root Partition Virtual Machine
– Increases throughput Hyper-V Switch
Virtual NIC
– Requires: Routing
VLAN
• Chipset: Interrupt & DMA remapping Filtering VMBUS
• BIOS Support Data Copy
• CPU: Hardware virtualization, EPT or NPT Virtual Function
Physical NIC Physical NIC
SR-IOV
without SR-IOV
Network I/O path with SR-IOV
16. SR-IOV Enabling & Live Migration
Turn On IOV Live Migration Post Migration
Enable IOV (VM NIC Property) Switch back to Software path Reassign Virtual Function
Virtual Function is “Assigned” Remove VF from VM Assuming resources are
available
“NIC” automatically created Migrate as normal
Traffic flows through VF
Software path is not used
Virtual Machine
Network Stack
“NIC” VM has connectivity even if “NIC”
Switch not in IOV mode
IOV physical NIC not
Software NIC present Software NIC
Different NIC vendor
Software Switch Different NIC firmware Software Switch
(IOV Mode) (IOV Mode)
Virtual Function Virtual Function
Physical NIC Physical NIC
SR-IOV SR-IOV Physical NIC
17. NIC TEAMING
– Customers are dealing with
way to many issues.
– NIC vendors would like to
get rid of supporting this.
– Microsoft needs this to be
competitive & complete the
solution stack + reduce
support issues.
18. NIC Teaming
Hyper-V Extensible Switch
– Teaming modes:
• Switch dependent LBFO Admin GUI
• Switch independent Frame distribution/aggregation
Failure detection
– Load balancing: WMI Control protocol implementation
• Address Hash LBFO Provider
LBFO
• Hyper-Port Configuration DLL IOCTL
Port 1 Port 2 Port 3
– Hashing modes: Virtual miniport 1
• 4-tuple
IM MUX
• 2-tuple
Kernel mode
User mode
Protocol edge
• MAC address
– Active/Active & Active/Standby NIC 1 NIC 2 NIC 3
– Vendor Agnostic
Network switch
19. NIC TEAMING (LBFO)
VM (Guest Running Any OS) VM (Guest Running Windows Server 2012)
LBFO Teamed NIC
Hyper-V virtual switch
SR-IOV Not exposed Hyper-V virtual Hyper-V virtual
switch switch
LBFO Teamed NIC
SR-IOV NIC SR-IOV NIC SR-IOV NIC SR-IOV NIC
Parent NIC Teaming Guest NIC Teaming
20. NIC Teaming & QOS
• NIC Teaming, Hyper-V switch, QoS and actual performance |
part 1 – Theory
• NIC Teaming, Hyper-V switch, QoS and actual performance |
part 2 – Preparing the lab
• NIC Teaming, Hyper-V switch, QoS and actual performance |
part 3 – Performance
• NIC Teaming, Hyper-V switch, QoS and actual performance |
part 4 – Traffic classes
21. SMB Direct (SMB over RDMA)
What
SMB Client SMB Server
• Addresses congestion in network stack by offloading the stack to the
network adapter
Advantages Application
• Scalable, fast and efficient storage access
User
• High throughput, low latency & minimal CPU utilization
• Load balancing, automatic failover & bandwidth aggregation via SMB Kernel
Multichannel SMB Client SMB Server
Scenarios
• High performance remote file access for application Network w/ Network w/
servers like Hyper-V, SQL Server, IIS and HPC RDMA RDMA
NTFS
SCSI
• Used by File Server and Clustered Shared Volumes (CSV) for storage support support
communications within a cluster
Required hardware R-NIC R-NIC
• RDMA-capable network interface (R-NIC) Disk
• Three types: iWARP, RoCE & Infiniband
22. SMB Multichannel
Multiple connections per SMB session
Full Throughput
• Bandwidth aggregation with multiple NICs
• Multiple CPUs cores engaged when using Receive Side Scaling (RSS)
Automatic Failover
• SMB Multichannel implements end-to-end failure detection
• Leverages NIC teaming if present, but does not require it
Automatic Configuration
• SMB detects and uses multiple network paths
23. SMB Multichannel Single NIC Port
1 session, without Multichannel 1 session, with Multichannel
No failover No failover
Can’t use full 10Gbps Full 10Gbps available
Only one TCP/IP connection Multiple TCP/IP connections
Only one CPU core engaged Receive Side Scaling (RSS) helps
distribute load across CPU cores
SMB Client CPU utilization per core SMB Client CPU utilization per core
RSS RSS
NIC NIC
10GbE 10GbE
Switch Switch
10GbE 10GbE
NIC NIC
10GbE 10GbE
RSS RSS
Core 1 Core 2 Core 3 Core 4 Core 1 Core 2 Core 3 Core 4
SMB Server SMB Server
24. SMB Multichannel Multiple NIC Ports
1 session, without Multichannel 1 session, with Multichannel
No automatic failover Automatic NIC failover
Can’t use full bandwidth Combined NIC bandwidth available
Only one NIC engaged Multiple NICs engaged
Only one CPU core engaged Multiple CPU cores engaged
SMB Client 1 SMB Client 2 SMB Client 1 SMB Client 2
RSS RSS RSS RSS
NIC NIC NIC NIC NIC NIC NIC NIC
10GbE 10GbE 10GbE 10GbE 10GbE 10GbE 10GbE 10GbE
Switch Switch Switch Switch Switch Switch Switch Switch
10GbE 10GbE 10GbE 10GbE 10GbE 10GbE 10GbE 10GbE
NIC NIC NIC NIC NIC NIC NIC NIC
10GbE 10GbE 10GbE 10GbE 10GbE 10GbE 10GbE 10GbE
RSS RSS RSS RSS
SMB Server 1 SMB Server 2 SMB Server 1 SMB Server 2
25. SMB Multichannel & NIC Teaming
1 session, NIC Teaming without MC 1 session, NIC Teaming with MC
Automatic NIC failover Automatic NIC failover (faster with
Can’t use full bandwidth NIC Teaming)
Only one NIC engaged Combined NIC bandwidth available
Only one CPU core engaged Multiple NICs engaged
Multiple CPU cores engaged
SMB Client 1 SMB Client 2 SMB Client 1 SMB Client 2
RSS NIC Teaming RSS NIC Teaming RSS NIC Teaming RSS NIC Teaming
NIC NIC NIC NIC NIC NIC NIC NIC
10GbE 10GbE 1GbE 1GbE 10GbE 10GbE 1GbE 1GbE
Switch Switch Switch Switch Switch Switch Switch Switch
10GbE 10GbE 1GbE 1GbE 10GbE 10GbE 1GbE 1GbE
NIC NIC NIC NIC NIC NIC NIC NIC
10GbE 10GbE 1GbE 1GbE 10GbE 10GbE 1GbE 1GbE
RSS RSS RSS RSS
NIC Teaming NIC Teaming NIC Teaming NIC Teaming
SMB Server 2 SMB Server 2 SMB Server 1 SMB Server 2
26. SMB Direct & Multichannel
1 session, without Multichannel 1 session, with Multichannel
No automatic failover Automatic NIC failover
Can’t use full bandwidth Combined NIC bandwidth available
Only one NIC engaged Multiple NICs engaged
RDMA capability not used Multiple RDMA connections
SMB Client 1 SMB Client 2 SMB Client 1 SMB Client 2
R-NIC R-NIC R-NIC R-NIC R-NIC R-NIC R-NIC R-NIC
54GbIB 54GbIB 10GbE 10GbE 54GbIB 54GbIB 10GbE 10GbE
Switch Switch Switch Switch Switch Switch Switch Switch
54GbIB 54GbIB 10GbE 10GbE 54GbIB 54GbIB 10GbE 10GbE
R-NIC R-NIC R-NIC R-NIC R-NIC R-NIC R-NIC R-NIC
54GbIB 54GbIB 10GbE 10GbE 54GbIB 54GbIB 10GbE 10GbE
SMB Server 1 SMB Server 2 SMB Server 1 SMB Server 2
27. SMB Multichannel Auto Configuration
– Auto configuration looks at NIC type/speed => Same NICs are used for
RDMA/Multichannel (doesn’t mix 10Gbps/1Gbps, RDMA/non-RDMA)
– Let the algorithms work before you decide to intervene
– Choose adapters wisely for their function
SMB Client SMB Client SMB Client SMB Client
RSS
NIC NIC R-NIC R-NIC R-NIC NIC NIC NIC
10GbE 1GbE 10GbE 32GbIB 10GbE 1GbE 1GbE Wireless
Switch Switch Switch Switch Switch Switch Switch Switch
10GbE 1GbE 10GbE IB 10GbE 1GbE 1GbE Wireless
NIC NIC R-NIC R-NIC R-NIC NIC NIC NIC
10GbE 1GbE 10GbE 32GbIB 10GbE 1GbE 1GbE Wireless
RSS
SMB Server SMB Server SMB Server SMB Server
28. Networking Features Cheat Sheet
Metric Large Send Receive Receive Virtual Remote Single Root I/O
Offload Segment Side Scaling Machine DMA Virtualization
(LSO) Coalescing (RSS) Queues (RDMA) (SR-IOV)
(RSC) (VMQ)
Lower
Latency
Higher
Scalability
Higher
Throughput
Lower Path
Length
29. Advanced Network Features (2)
Consistent Device Naming
DCTCP/DCB/QOS
DHCP Guard/Router Guard/Port Mirroring
Port ACLs
IPSEC Task Offload for Virtual Machines (IPsecTOv2)
Network virtualization & Extensible Switch
32. DCTCP Requires Less Buffer Memory
1Gbps flow controlled by TCP 1Gbps flow controlled by DCTCP
Needs 400 to 600KB of memory Requires 30KB of memory
TCP saw tooth visible Smooth
33. Datacenter TCP (DCTCP)
– W2K12 deals with network congestion by reacting to
the degree & not merely the presence of congestion.
– DCTCP aims to achieve low latency, high burst tolerance and
high throughput, with small buffer switches.
– Requires Explicit Congestion Notification (ECN, RFC 3168)
capable switches.
– Algorithm enabled when it makes sense
(low round trip times, i.e. in the data center).
34. Datacenter TCP (DCTCP)
Running out of buffer in a
switch gets you in to stop/go
hell by getting a boatload of
green, orange & red lights
along your way
Big buffers mitigate this but
are very expensive
http://www.flickr.com/photos/mwichary/3321222807/ http://www.flickr.com/photos/bexross/2636921208/
35. Datacenter TCP (DCTP)
You want to be in a green wave
http://www.flickr.com/photos/highwaysagency/6281302040/
http://www.telegraph.co.uk/motoring/news/5149151/Motorists-to-be- Windows Server 2012 & ECN provides
given-green-traffic-lights-if-they-stick-to-speed-limit.html
network traffic control by default
36. Data Center Bridging (DCB)
– Prevents congestion in NIC & network by reserving
bandwidth for particular traffic types
– Windows 2012 provides support & control for DCB, tags
packets by traffic type
– Provides lossless transport for mission critical workloads
37. DCB is like a car pool lane …
http://www.flickr.com/photos/philopp/7332438786/
38. DCB Requirements
1. Enhanced Transmission Selection (IEEE 802.1Qaz)
2. Priority Flow Control (IEEE 802.1Qbb)
3. (Optional) Data Center Bridging Exchange protocol
4. (Not required) Congestion Notification (IEEE 802.1Qau)
39. Hyper-V Qos beyond the VM
Management OS VM 1 VM n
Live Migration
Storage
Hyper-V virtual switch
Management
Manage the Network Bandwidth LBFO Teamed NIC
with a Maximum (value) and/or a 10 GbE Phy NIC 10 GbE Phy NIC
Minimum (value or weight)
40. Hyper-V Qos beyond the VM
http://www.hyper-v.nu/archives/hvredevoort/2012/06/building-a-converged-fabric-with-windows-server-2012-powershell/
41. Default Flow per Virtual Switch
Customers may group a number of
VMs that each don’t have minimum Gold
VM1 VM2
bandwidth. They will be bucketized Tenant
into a default flow, which has
minimum weight allocation. This is to
? ? 10
prevent starvation.
Hyper-V Extensible Switch
1 Gbps
42. Maximum Bandwidth for Tenants
One common customer pain point is
WAN links are expensive Unified Remote Access
Gateway
Cap VM throughput to the Internet
to avoid bill shock <100Mb ∞
Hyper-V Extensible Switch
Internet Intranet
43. Bandwidth Network Management
• Manage the Network Bandwidth
with a Maximum and a
Minimum value
• SLAs for hosted Virtual Machines
• Control per VMs and not per
HOST
45. IPsec Task Offload
– IPsec is CPU intensive => Offload to NIC
– In demand due to compliance (SOX, HIPPA, etc.)
– IPsec is required & needed for secured operations
– Only available to host/parent workloads in W2K8R2
Now extended to virtual machines
Managed by the Hyper-V switch
46. Port ACL
Allow/Deny/Counter
MAC, IPv4 or IPv6 addresses
Wildcards allowed in IP addresses
ACLs are the basic building blocks of virtual switch security functions
Note: Counters are implemented as ACLs
• Counts packets to address/range
• Read via WMI/PowerShell
• Counters are tied into the resource metering you can do for charge/show back, planning etc.