SlideShare a Scribd company logo

P4 Introduction

Netronome
Netronome

Netronome's half-day tutorial on host data plane acceleration at ACM SIGCOMM 2018 introduced attendees to models for host data plane acceleration and provided an in-depth understanding of SmartNIC deployment models at hyperscale cloud vendors and telecom service providers. Presenter Bio Jaco Joubert is a Software Engineer at Netronome focusing on P4 and its applications on the Netronome SmartNIC. He recently started investigating network acceleration for Deep Learning on distributed systems. Prior to Netronome he worked on mobile application development and was a researcher at Telkom SA focusing on the mobile core after completing his Masters Degree in Computer, Electronic Engineering in 2014.

Technology
1 of 31
Download to read offline
© 2018 NETRONOME SYSTEMS, INC. Jaco Joubert SIGCOMM 2018 P4 Introduction
© 2018 NETRONOME SYSTEMS, INC. 2 Agenda ▶  Introduction ▶  Learning Goals ▶  Agilio SmartNIC ▶  Process to Develop Code ▶  P4/C Examples •  P4 INT •  P4/C Stateful Firewall ▶  SmartNIC P4 Performance ▶  Demo Setup •  P4 INT •  P4C -> XDP ▶  Introduction to P4 •  P4-16 Code ▶  Learn More
© 2018 NETRONOME SYSTEMS, INC. 3 Learning Goals ▶  Overview of the Netronome P4 SDK capabilities ▶  Integrated Development Environment •  Elements - Projects, Files •  Workflows - Editing, Debugging ▶  Introduction to P4-16 ▶  P4 Constructs •  Parsing, Matching, Actions ▶  Simple Switch Architecture Overview ▶  P4C-XDP Architecture Overview ▶  Live Demo: See It Run •  Q&A
© 2018 NETRONOME SYSTEMS, INC. 4 Agilio® CX SmartNICs Agilio® Software Solutions Agilio® SmartNIC ▶  1x 10/40GbE ▶  2x 10/40/25GbE ▶  Fully Programmable •  Micro-C •  P4 •  P4 + Sandbox C ▶  Software Development Kit (SDK) •  Programmer Studio (IDE) •  Runtime Environment (Server Side) •  Command Line Tools
© 2018 NETRONOME SYSTEMS, INC. 5 P4 Introduction ▶  The 4 Ps of P4: •  Protocol Independent Packet Processing Programming •  Programmer defines packet formats and processing algorithms ▶  Target Independence •  No knowledge of low-level hardware organization is required •  Compiler compiles the program for the target device •  Architecture dependent - e.g. v1model.p4, p4c-xdp.p4, psa.p4 ▶  Consistent Control Plane Interface •  Control Plane APIs are automatically generated by the compiler ▶  Reconfigurability •  Data Plane program can be changed in the field ▶  Community-driven Design •  http://p4.org
© 2018 NETRONOME SYSTEMS, INC. 6 P4 SDK Development Process your_app.p4 p4c Compiler Intermediate Representation (IR) Target Specific Compiler Firmware your_sandbox.c Server Develop on a PC Download to a Server ●  Develop P4 and C code in the SDK ●  Download it to the card ●  Run the code ●  Generate test packets ●  Observe the functionality ●  Monitor the results Function Calls in P4 Actions
© 2018 NETRONOME SYSTEMS, INC. 7 P4C-XDP Development Process your_app.p4 p4c Compiler Intermediate Representation (IR) p4c-xdp backend your_app.o Server ip link set dev $INTERFACE xdp obj your_app.o Credit: https://github.com/vmware/p4c-xdp
© 2018 NETRONOME SYSTEMS, INC. 8 P4C-XDP Backend Compile Process XDP Offloading
© 2018 NETRONOME SYSTEMS, INC. 9 Some P4/C Examples ▶  In-Band Network Telemetry •  Add headers at each hop •  Take timestamps •  Calculate latencies •  Gather stats •  Remove headers and forward unchanged packet ▶  Stateful Firewall •  Closer look in next slides ▶  Load Balancing •  Load balance based on hash calculated ▶  VLAN •  Encap/Decap Headers
© 2018 NETRONOME SYSTEMS, INC. 10 Packet Stacked Headers Drop Modified/ Redirected Packet P4 Constructs Control Blocks Match/Action (Defines Architecture) Defined Headers DeparserParser
© 2018 NETRONOME SYSTEMS, INC. 11 Simple Switch Model (v1model.p4) Defined Headers Packet Stacked Headers Drop Modified/ Redirected Packet Drop Clone E2E E2I I2I Verify Checksum Parser Deparser Update Checksum Egress Control Match/ Action Ingress Control Match/ Action
© 2018 NETRONOME SYSTEMS, INC. 12 XDP Model (p4c-xdp.p4) Defined Headers Packet Drop Modified/ Redirected Packet Parser Ingress Control Match/Action Deparser
© 2018 NETRONOME SYSTEMS, INC. 13 Develop for a Model Model Template package V1Switch<H, M>(Parser<H, M> p, VerifyChecksum<H, M> vr, Ingress<H, M> ig, Egress<H, M> eg, ComputeChecksum<H, M> ck, Deparser<H> dep ); Implementation: #inlcude “v1model.p4” package V1Switch(MyParser(), MyVerifyChecksum(), MyIngress(), MyEgress(), MyComputeChecksum(), MyDeparser() ) main;
© 2018 NETRONOME SYSTEMS, INC. 14 Headers and Metadata header ethernet_t { bit<48> dstAddr; bit<48> srcAddr; bit<16> etherType; } header meta_t { bit<8> ioam_cnt; bit<1> decapped; /* set when decapsulation is done */ bit<1> is_transit; /* is the packet treated as just transit */ bit<32> device_id; /* retrieved from a p4 register */ } struct headers_t { ethernet_t ethernet; ipv4_t ipv4; udp_t udp; } struct metadata_t { meta_t meta; intrinsic_metadata_t intrinsic_metadata; }
© 2018 NETRONOME SYSTEMS, INC. 15 Parser parser MyParser(packet_in packet, out headers_t hd, inout metadata_t meta, inout standard_metadata_t standard_metadata) { state start { packet.extract(hd.ethernet); transition select(hd.ethernet.etherType) { ETHERTYPE_IPV4: parse_ipv4; default: accept; } } }
© 2018 NETRONOME SYSTEMS, INC. 16 Checksums control MyVerifyChecksum( inout headers_t hdr, inout metadata_t meta) { apply { } } control MyComputeChecksum( inout headers_t hdr, inout metadata_t meta) { apply { } }
© 2018 NETRONOME SYSTEMS, INC. 17 control MyIngress(inout headers_t hdr, inout metadata_t meta, inout standard_metadata_t standard_metadata) { // Tables // Actions apply { // ‘Fixed’ logic and apply tables if(hdr.ipv4.isValid()) { table_name.apply() } } } Control Blocks ▶  Tables - Match/Actions •  Define behavior framework •  Configurable behavior during runtime •  Add Rules ▶  if, else, else if •  ‘Fixed’ logic
© 2018 NETRONOME SYSTEMS, INC. 18 Tables and Actions action do_forward(bit<16> espec, bit<1> is_transit, bit<32> device_id) { meta.meta.device_id = device_id; standard_metadata.egress_spec = espec; meta.meta.is_transit = is_transit; } table tbl_forward { key = { standard_metadata.ingress_port : exact; } actions = { do_forward; } }
© 2018 NETRONOME SYSTEMS, INC. 19 Deparse control MyDeparser(packet_out packet, in headers_t hdr) { apply { packet.emit(hdr.ethernet); packet.emit(hdr.ipv4); packet.emit(hdr.udp); packet.emit(hdr.tcp); } }
© 2018 NETRONOME SYSTEMS, INC. 20 Internal Network External Network (Internet) Controller P4 Firewall on Netronome SmartNIC Timeout Polling Firewall Setup
© 2018 NETRONOME SYSTEMS, INC. 21 Firewall Sequence Diagram External Pkts (Drop) 1st Outgoing Pkt Internal Network External Network (Internet)Controller SmartNIC Update State for bidirectional flow Forward Packet Bidirectional traffic allowed
© 2018 NETRONOME SYSTEMS, INC. 22 Timeouts Internal Network External Network (Internet)Controller SmartNIC Controller Pkt (every T seconds) No pkts sent for longer than T Clear State for Inactive Flows External Pkts (Drop)
© 2018 NETRONOME SYSTEMS, INC. 23 P4/C Firewall Features ▶  Stateful Forwarding on the Data Plane ▶  Sandbox C Function Calls in P4 •  Primitive Actions •  Hashtable implementation in Micro-C •  Assigning and Managing Public Ports •  Updating state •  Dynamically clearing state for inactive flows on timeouts ▶  Network Address Translation in P4 ▶  Python Controller •  Assign available public IPs used for NAT •  Set timeout interval •  Send timeout packets to trigger Micro-C timeout function on the SmartNIC ▶  Re-Calculate Checksums in P4
© 2018 NETRONOME SYSTEMS, INC. 24 P4/C Firewall Performance
© 2018 NETRONOME SYSTEMS, INC. 25 P4 - INT Encap/Decap Traffic Gen P4 - INT Latency Measurements Snort Snort Snort SnortSnort... ... Demo Setup Netronome SmartNIC Netronome SmartNIC Today’s Demo: P4 In-Band Network Telemetry (INT) SnortSnort
© 2018 NETRONOME SYSTEMS, INC. 26 P4 INT - Snort Latency Measurements Latencyperhop(ns)
© 2018 NETRONOME SYSTEMS, INC. 27 P4→XDP Load Balancer Backend Servers Internet Clients action load_balance_action() { hd.ipv4.hdrChecksum = ebpf_ipv4_checksum(parameters); hd.custom_meta.load_balance_hash = hd.ipv4.hdrChecksum % 4; } table forward_table() { key = { hd.custom_meta.load_balance_hash : exact; hd.ipv4.protocol : exact; } actions = { forward_action; } }
© 2018 NETRONOME SYSTEMS, INC. 28 P4→XDP Load Balancer Backend Servers Internet Clients Example Rules: (0,TCP_PROTOCOL) : forward_action(172.16.0.1); (1,TCP_PROTOCOL) : forward_action(172.16.0.2); (2,TCP_PROTOCOL) : forward_action(172.16.0.3); (3,TCP_PROTOCOL) : forward_action(172.16.0.4); (0,UDP_PROTOCOL) : forward_action(192.168.0.1); (1,UDP_PROTOCOL) : forward_action(192.168.0.2); (2,UDP_PROTOCOL) : forward_action(192.168.0.3); (3,UDP_PROTOCOL) : forward_action(192.168.0.4); key = { hd.custom_meta.load_balance_hash : exact; hd.ipv4.protocol : exact; }
© 2018 NETRONOME SYSTEMS, INC. 29 Adding Custom Headers - Demo Original Packet: 15:00:43.044709 IP 10.0.0.1.3000 > 10.0.0.100.4000: 0x0000: ffff ffff ffff ffff ffff ffff 0800 4500 0x0010: 002c 0001 0000 4011 665c 0a00 0001 0a00 0x0020: 0064 0bb8 0fa0 0018 97c1 0001 0203 0405 0x0030: 0607 0809 0a0b 0c0d 0e0f Packet Returned: 15:00:43.044892 IP 10.0.0.1.3000 > 10.0.0.100.4000: 0x0000: ffff ffff ffff ffff ffff ffff 0800 4500 0x0010: 002c 0001 0000 4011 665c 0a00 0001 0a00 0x0020: 0064 0bb8 0fa0 cafe babe dead beef 0018 0x0030: 97c1 0001 0203 0405 0607 0809 0a0b 0c0d 0x0040: 0e0f 0000 action addHeader() { hdr.custom_header.custom_protocol = 0xCAFEBABE; hdr.custom_header.custom_field = 0xDEADBEEF; hdr.custom_header.setValid(); } control Deparser(in Headers hdrs, packet_out packet) { apply { packet.emit(hdrs.ethernet); packet.emit(hdrs.ipv4); packet.emit(hdrs.udp); packet.emit(hdrs.custom_header); } }
© 2018 NETRONOME SYSTEMS, INC. 30 Where to learn more? ▶  Open-NFP.org •  Worldwide community-driven organization. •  Collaborative research in the area of network function processing in server networking hardware. •  Academic and data center networking communities to conduct cutting-edge research and development in the areas of server-based networking datapath offload and acceleration techniques. ▶  github.com/open-nfpsw ▶  github.com/vmware/p4c-xdp ▶  netronome.com/documents/143/UG_Getting_Started_with_eBPF_Offload.pdf ▶  p4.org
© 2018 NETRONOME SYSTEMS, INC. Thank You

Recommended

Cilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPCilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDP
Thomas Graf
 
Ovs dpdk hwoffload way to full offload
Ovs dpdk hwoffload way to full offloadOvs dpdk hwoffload way to full offload
Ovs dpdk hwoffload way to full offload
Kevin Traynor
 
Linux Kernel vs DPDK: HTTP Performance Showdown
Linux Kernel vs DPDK: HTTP Performance ShowdownLinux Kernel vs DPDK: HTTP Performance Showdown
Linux Kernel vs DPDK: HTTP Performance Showdown
ScyllaDB
 
Running Apache Spark on Kubernetes: Best Practices and Pitfalls
Running Apache Spark on Kubernetes: Best Practices and PitfallsRunning Apache Spark on Kubernetes: Best Practices and Pitfalls
Running Apache Spark on Kubernetes: Best Practices and Pitfalls
Databricks
 
Open vSwitch Offload: Conntrack and the Upstream Kernel
Open vSwitch Offload: Conntrack and the Upstream KernelOpen vSwitch Offload: Conntrack and the Upstream Kernel
Open vSwitch Offload: Conntrack and the Upstream Kernel
Netronome
 
eBPF maps 101
eBPF maps 101eBPF maps 101
eBPF maps 101
SUSE Labs Taipei
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.
Naoto MATSUMOTO
 
Open vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATOpen vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NAT
Thomas Graf
 

Recommended

Cilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPCilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDP
Thomas Graf
 
Ovs dpdk hwoffload way to full offload
Ovs dpdk hwoffload way to full offloadOvs dpdk hwoffload way to full offload
Ovs dpdk hwoffload way to full offload
Kevin Traynor
 
Linux Kernel vs DPDK: HTTP Performance Showdown
Linux Kernel vs DPDK: HTTP Performance ShowdownLinux Kernel vs DPDK: HTTP Performance Showdown
Linux Kernel vs DPDK: HTTP Performance Showdown
ScyllaDB
 
Running Apache Spark on Kubernetes: Best Practices and Pitfalls
Running Apache Spark on Kubernetes: Best Practices and PitfallsRunning Apache Spark on Kubernetes: Best Practices and Pitfalls
Running Apache Spark on Kubernetes: Best Practices and Pitfalls
Databricks
 
Open vSwitch Offload: Conntrack and the Upstream Kernel
Open vSwitch Offload: Conntrack and the Upstream KernelOpen vSwitch Offload: Conntrack and the Upstream Kernel
Open vSwitch Offload: Conntrack and the Upstream Kernel
Netronome
 
eBPF maps 101
eBPF maps 101eBPF maps 101
eBPF maps 101
SUSE Labs Taipei
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.
Naoto MATSUMOTO
 
Open vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NATOpen vSwitch - Stateful Connection Tracking & Stateful NAT
Open vSwitch - Stateful Connection Tracking & Stateful NAT
Thomas Graf
 
DPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet ProcessingDPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet Processing
Michelle Holley
 
Mikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveMikrotik Bridge Deep Dive
Mikrotik Bridge Deep Dive
GLC Networks
 
YugabyteDB - Distributed SQL Database on Kubernetes
YugabyteDB - Distributed SQL Database on KubernetesYugabyteDB - Distributed SQL Database on Kubernetes
YugabyteDB - Distributed SQL Database on Kubernetes
DoKC
 
High-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uringHigh-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uring
ScyllaDB
 
Debug dpdk process bottleneck & painpoints
Debug dpdk process bottleneck & painpointsDebug dpdk process bottleneck & painpoints
Debug dpdk process bottleneck & painpoints
Vipin Varghese
 
Graph Databases at Netflix
Graph Databases at NetflixGraph Databases at Netflix
Graph Databases at Netflix
Ioannis Papapanagiotou
 
Kubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveKubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep Dive
Michal Rostecki
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
Denys Haryachyy
 
Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDK
Kernel TLV
 
Apache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitter
Apache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitterApache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitter
Apache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitter
Apache Zeppelin
 
Replacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with CiliumReplacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with Cilium
Michal Rostecki
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
Daniel T. Lee
 
Cilium - Network security for microservices
Cilium - Network security for microservicesCilium - Network security for microservices
Cilium - Network security for microservices
Thomas Graf
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
Michelle Holley
 
VXLAN and FRRouting
VXLAN and FRRoutingVXLAN and FRRouting
VXLAN and FRRouting
Faisal Reza
 
RDMA programming design and case studies – for better performance distributed...
RDMA programming design and case studies – for better performance distributed...RDMA programming design and case studies – for better performance distributed...
RDMA programming design and case studies – for better performance distributed...
NTT Software Innovation Center
 
OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7
GLC Networks
 
Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applications
Vipin Varghese
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)
Andriy Berestovskyy
 
Using eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in CiliumUsing eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in Cilium
ScyllaDB
 
Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2
eucariot
 
P4_tutorial.pdf
P4_tutorial.pdfP4_tutorial.pdf
P4_tutorial.pdf
PramodhN3
 

More Related Content

What's hot

DPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet ProcessingDPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet Processing
Michelle Holley
 
Mikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveMikrotik Bridge Deep Dive
Mikrotik Bridge Deep Dive
GLC Networks
 
YugabyteDB - Distributed SQL Database on Kubernetes
YugabyteDB - Distributed SQL Database on KubernetesYugabyteDB - Distributed SQL Database on Kubernetes
YugabyteDB - Distributed SQL Database on Kubernetes
DoKC
 
High-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uringHigh-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uring
ScyllaDB
 
Debug dpdk process bottleneck & painpoints
Debug dpdk process bottleneck & painpointsDebug dpdk process bottleneck & painpoints
Debug dpdk process bottleneck & painpoints
Vipin Varghese
 
Graph Databases at Netflix
Graph Databases at NetflixGraph Databases at Netflix
Graph Databases at Netflix
Ioannis Papapanagiotou
 
Kubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveKubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep Dive
Michal Rostecki
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
Denys Haryachyy
 
Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDK
Kernel TLV
 
Apache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitter
Apache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitterApache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitter
Apache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitter
Apache Zeppelin
 
Replacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with CiliumReplacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with Cilium
Michal Rostecki
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
Daniel T. Lee
 
Cilium - Network security for microservices
Cilium - Network security for microservicesCilium - Network security for microservices
Cilium - Network security for microservices
Thomas Graf
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
Michelle Holley
 
VXLAN and FRRouting
VXLAN and FRRoutingVXLAN and FRRouting
VXLAN and FRRouting
Faisal Reza
 
RDMA programming design and case studies – for better performance distributed...
RDMA programming design and case studies – for better performance distributed...RDMA programming design and case studies – for better performance distributed...
RDMA programming design and case studies – for better performance distributed...
NTT Software Innovation Center
 
OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7
GLC Networks
 
Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applications
Vipin Varghese
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)
Andriy Berestovskyy
 
Using eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in CiliumUsing eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in Cilium
ScyllaDB
 

What's hot (20)

DPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet ProcessingDPDK: Multi Architecture High Performance Packet Processing
DPDK: Multi Architecture High Performance Packet Processing
 
Mikrotik Bridge Deep Dive
Mikrotik Bridge Deep DiveMikrotik Bridge Deep Dive
Mikrotik Bridge Deep Dive
 
YugabyteDB - Distributed SQL Database on Kubernetes
YugabyteDB - Distributed SQL Database on KubernetesYugabyteDB - Distributed SQL Database on Kubernetes
YugabyteDB - Distributed SQL Database on Kubernetes
 
High-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uringHigh-Performance Networking Using eBPF, XDP, and io_uring
High-Performance Networking Using eBPF, XDP, and io_uring
 
Debug dpdk process bottleneck & painpoints
Debug dpdk process bottleneck & painpointsDebug dpdk process bottleneck & painpoints
Debug dpdk process bottleneck & painpoints
 
Graph Databases at Netflix
Graph Databases at NetflixGraph Databases at Netflix
Graph Databases at Netflix
 
Kubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep DiveKubernetes Networking with Cilium - Deep Dive
Kubernetes Networking with Cilium - Deep Dive
 
Understanding DPDK
Understanding DPDKUnderstanding DPDK
Understanding DPDK
 
Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDK
 
Apache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitter
Apache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitterApache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitter
Apache Zeppelin on Kubernetes with Spark and Kafka - meetup @twitter
 
Replacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with CiliumReplacing iptables with eBPF in Kubernetes with Cilium
Replacing iptables with eBPF in Kubernetes with Cilium
 
Faster packet processing in Linux: XDP
Faster packet processing in Linux: XDPFaster packet processing in Linux: XDP
Faster packet processing in Linux: XDP
 
Cilium - Network security for microservices
Cilium - Network security for microservicesCilium - Network security for microservices
Cilium - Network security for microservices
 
DPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet ProcessingDPDK & Layer 4 Packet Processing
DPDK & Layer 4 Packet Processing
 
VXLAN and FRRouting
VXLAN and FRRoutingVXLAN and FRRouting
VXLAN and FRRouting
 
RDMA programming design and case studies – for better performance distributed...
RDMA programming design and case studies – for better performance distributed...RDMA programming design and case studies – for better performance distributed...
RDMA programming design and case studies – for better performance distributed...
 
OSPF On Router OS7
OSPF On Router OS7OSPF On Router OS7
OSPF On Router OS7
 
Dpdk applications
Dpdk applicationsDpdk applications
Dpdk applications
 
Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)Network Programming: Data Plane Development Kit (DPDK)
Network Programming: Data Plane Development Kit (DPDK)
 
Using eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in CiliumUsing eBPF for High-Performance Networking in Cilium
Using eBPF for High-Performance Networking in Cilium
 

Similar to P4 Introduction

Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2
eucariot
 
P4_tutorial.pdf
P4_tutorial.pdfP4_tutorial.pdf
P4_tutorial.pdf
PramodhN3
 
Host Data Plane Acceleration: SmartNIC Deployment Models
Host Data Plane Acceleration: SmartNIC Deployment ModelsHost Data Plane Acceleration: SmartNIC Deployment Models
Host Data Plane Acceleration: SmartNIC Deployment Models
Netronome
 
eBPF/XDP
eBPF/XDP eBPF/XDP
eBPF/XDP
Netronome
 
Scaling Prometheus Metrics in Kubernetes with Telegraf | Chris Goller | Influ...
Scaling Prometheus Metrics in Kubernetes with Telegraf | Chris Goller | Influ...Scaling Prometheus Metrics in Kubernetes with Telegraf | Chris Goller | Influ...
Scaling Prometheus Metrics in Kubernetes with Telegraf | Chris Goller | Influ...
InfluxData
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
Freddy Buenaño
 
Accelerated .NET Memory Dump Analysis training public slides
Accelerated .NET Memory Dump Analysis training public slidesAccelerated .NET Memory Dump Analysis training public slides
Accelerated .NET Memory Dump Analysis training public slides
Dmitry Vostokov
 
How to Introduce Telemetry Streaming (gNMI) in Your Network with SNMP with Te...
How to Introduce Telemetry Streaming (gNMI) in Your Network with SNMP with Te...How to Introduce Telemetry Streaming (gNMI) in Your Network with SNMP with Te...
How to Introduce Telemetry Streaming (gNMI) in Your Network with SNMP with Te...
InfluxData
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
Rogue Wave Software
 
Introduction to Programmable Networks by Clarence Anslem, Intel
Introduction to Programmable Networks by Clarence Anslem, IntelIntroduction to Programmable Networks by Clarence Anslem, Intel
Introduction to Programmable Networks by Clarence Anslem, Intel
MyNOG
 
Accelerating SDN/NFV with transparent offloading architecture
Accelerating SDN/NFV with transparent offloading architectureAccelerating SDN/NFV with transparent offloading architecture
Accelerating SDN/NFV with transparent offloading architecture
Open Networking Summits
 
Debugging Planning Issues Using Calcite's Built-in Loggers
Debugging Planning Issues Using Calcite's Built-in LoggersDebugging Planning Issues Using Calcite's Built-in Loggers
Debugging Planning Issues Using Calcite's Built-in Loggers
Stamatis Zampetakis
 
OSMC 2018 | Why we recommend PMM to our clients by Matthias Crauwels
OSMC 2018 | Why we recommend PMM to our clients by Matthias CrauwelsOSMC 2018 | Why we recommend PMM to our clients by Matthias Crauwels
OSMC 2018 | Why we recommend PMM to our clients by Matthias Crauwels
NETWAYS
 
Closed-Loop Platform Automation by Tong Zhong and Emma Collins
Closed-Loop Platform Automation by Tong Zhong and Emma CollinsClosed-Loop Platform Automation by Tong Zhong and Emma Collins
Closed-Loop Platform Automation by Tong Zhong and Emma Collins
Liz Warner
 
Closed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma CollinsClosed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma Collins
Liz Warner
 
Viavi_TeraVM Core Emulator.pptx
Viavi_TeraVM Core Emulator.pptxViavi_TeraVM Core Emulator.pptx
Viavi_TeraVM Core Emulator.pptx
mani723
 
Poc exadata 2018
Poc exadata 2018Poc exadata 2018
Poc exadata 2018
Jacques Kostic
 
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Puppet
 
OCP U.S. Summit 2017 Presentation
OCP U.S. Summit 2017 PresentationOCP U.S. Summit 2017 Presentation
OCP U.S. Summit 2017 Presentation
Netronome
 
Android 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation reportAndroid 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation report
hidenorly
 

Similar to P4 Introduction (20)

Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2
 
P4_tutorial.pdf
P4_tutorial.pdfP4_tutorial.pdf
P4_tutorial.pdf
 
Host Data Plane Acceleration: SmartNIC Deployment Models
Host Data Plane Acceleration: SmartNIC Deployment ModelsHost Data Plane Acceleration: SmartNIC Deployment Models
Host Data Plane Acceleration: SmartNIC Deployment Models
 
eBPF/XDP
eBPF/XDP eBPF/XDP
eBPF/XDP
 
Scaling Prometheus Metrics in Kubernetes with Telegraf | Chris Goller | Influ...
Scaling Prometheus Metrics in Kubernetes with Telegraf | Chris Goller | Influ...Scaling Prometheus Metrics in Kubernetes with Telegraf | Chris Goller | Influ...
Scaling Prometheus Metrics in Kubernetes with Telegraf | Chris Goller | Influ...
 
26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules26.1.7 lab snort and firewall rules
26.1.7 lab snort and firewall rules
 
Accelerated .NET Memory Dump Analysis training public slides
Accelerated .NET Memory Dump Analysis training public slidesAccelerated .NET Memory Dump Analysis training public slides
Accelerated .NET Memory Dump Analysis training public slides
 
How to Introduce Telemetry Streaming (gNMI) in Your Network with SNMP with Te...
How to Introduce Telemetry Streaming (gNMI) in Your Network with SNMP with Te...How to Introduce Telemetry Streaming (gNMI) in Your Network with SNMP with Te...
How to Introduce Telemetry Streaming (gNMI) in Your Network with SNMP with Te...
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
 
Introduction to Programmable Networks by Clarence Anslem, Intel
Introduction to Programmable Networks by Clarence Anslem, IntelIntroduction to Programmable Networks by Clarence Anslem, Intel
Introduction to Programmable Networks by Clarence Anslem, Intel
 
Accelerating SDN/NFV with transparent offloading architecture
Accelerating SDN/NFV with transparent offloading architectureAccelerating SDN/NFV with transparent offloading architecture
Accelerating SDN/NFV with transparent offloading architecture
 
Debugging Planning Issues Using Calcite's Built-in Loggers
Debugging Planning Issues Using Calcite's Built-in LoggersDebugging Planning Issues Using Calcite's Built-in Loggers
Debugging Planning Issues Using Calcite's Built-in Loggers
 
OSMC 2018 | Why we recommend PMM to our clients by Matthias Crauwels
OSMC 2018 | Why we recommend PMM to our clients by Matthias CrauwelsOSMC 2018 | Why we recommend PMM to our clients by Matthias Crauwels
OSMC 2018 | Why we recommend PMM to our clients by Matthias Crauwels
 
Closed-Loop Platform Automation by Tong Zhong and Emma Collins
Closed-Loop Platform Automation by Tong Zhong and Emma CollinsClosed-Loop Platform Automation by Tong Zhong and Emma Collins
Closed-Loop Platform Automation by Tong Zhong and Emma Collins
 
Closed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma CollinsClosed Loop Platform Automation - Tong Zhong & Emma Collins
Closed Loop Platform Automation - Tong Zhong & Emma Collins
 
Viavi_TeraVM Core Emulator.pptx
Viavi_TeraVM Core Emulator.pptxViavi_TeraVM Core Emulator.pptx
Viavi_TeraVM Core Emulator.pptx
 
Poc exadata 2018
Poc exadata 2018Poc exadata 2018
Poc exadata 2018
 
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
Exploring the Final Frontier of Data Center Orchestration: Network Elements -...
 
OCP U.S. Summit 2017 Presentation
OCP U.S. Summit 2017 PresentationOCP U.S. Summit 2017 Presentation
OCP U.S. Summit 2017 Presentation
 
Android 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation reportAndroid 5.0 Lollipop platform change investigation report
Android 5.0 Lollipop platform change investigation report
 

More from Netronome

Disaggregation a Primer: Optimizing design for Edge Cloud & Bare Metal applic...
Disaggregation a Primer: Optimizing design for Edge Cloud & Bare Metal applic...Disaggregation a Primer: Optimizing design for Edge Cloud & Bare Metal applic...
Disaggregation a Primer: Optimizing design for Edge Cloud & Bare Metal applic...
Netronome
 
LFSMM AF XDP Queue I-DS
LFSMM AF XDP Queue I-DSLFSMM AF XDP Queue I-DS
LFSMM AF XDP Queue I-DS
Netronome
 
LFSMM Verifier Optimizations and 1 M Instructions
LFSMM Verifier Optimizations and 1 M InstructionsLFSMM Verifier Optimizations and 1 M Instructions
LFSMM Verifier Optimizations and 1 M Instructions
Netronome
 
Using Network Acceleration for an Optimized Edge Cloud Server Architecture
Using Network Acceleration for an Optimized Edge Cloud Server ArchitectureUsing Network Acceleration for an Optimized Edge Cloud Server Architecture
Using Network Acceleration for an Optimized Edge Cloud Server Architecture
Netronome
 
Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports
Netronome
 
Quality of Service Ingress Rate Limiting and OVS Hardware Offloads
Quality of Service Ingress Rate Limiting and OVS Hardware OffloadsQuality of Service Ingress Rate Limiting and OVS Hardware Offloads
Quality of Service Ingress Rate Limiting and OVS Hardware Offloads
Netronome
 
ODSA Sub-Project Launch
ODSA Sub-Project Launch ODSA Sub-Project Launch
ODSA Sub-Project Launch
Netronome
 
Flexible and Scalable Domain-Specific Architectures
Flexible and Scalable Domain-Specific ArchitecturesFlexible and Scalable Domain-Specific Architectures
Flexible and Scalable Domain-Specific Architectures
Netronome
 
Unifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPFUnifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPF
Netronome
 
Massively Parallel RISC-V Processing with Transactional Memory
Massively Parallel RISC-V Processing with Transactional MemoryMassively Parallel RISC-V Processing with Transactional Memory
Massively Parallel RISC-V Processing with Transactional Memory
Netronome
 
Offloading Linux LAG Devices Via Open vSwitch and TC
Offloading Linux LAG Devices Via Open vSwitch and TCOffloading Linux LAG Devices Via Open vSwitch and TC
Offloading Linux LAG Devices Via Open vSwitch and TC
Netronome
 
eBPF Debugging Infrastructure - Current Techniques
eBPF Debugging Infrastructure - Current TechniqueseBPF Debugging Infrastructure - Current Techniques
eBPF Debugging Infrastructure - Current Techniques
Netronome
 
Efficient JIT to 32-bit Arches
Efficient JIT to 32-bit ArchesEfficient JIT to 32-bit Arches
Efficient JIT to 32-bit Arches
Netronome
 
eBPF & Switch Abstractions
eBPF & Switch AbstractionseBPF & Switch Abstractions
eBPF & Switch Abstractions
Netronome
 
eBPF Tooling and Debugging Infrastructure
eBPF Tooling and Debugging InfrastructureeBPF Tooling and Debugging Infrastructure
eBPF Tooling and Debugging Infrastructure
Netronome
 
BPF Hardware Offload Deep Dive
BPF Hardware Offload Deep DiveBPF Hardware Offload Deep Dive
BPF Hardware Offload Deep Dive
Netronome
 
Demystify eBPF JIT Compiler
Demystify eBPF JIT CompilerDemystify eBPF JIT Compiler
Demystify eBPF JIT Compiler
Netronome
 
The Power of SmartNICs
The Power of SmartNICsThe Power of SmartNICs
The Power of SmartNICs
Netronome
 
DPDK Support for New HW Offloads
DPDK Support for New HW OffloadsDPDK Support for New HW Offloads
DPDK Support for New HW Offloads
Netronome
 
Comprehensive XDP Off‌load-handling the Edge Cases
Comprehensive XDP Off‌load-handling the Edge CasesComprehensive XDP Off‌load-handling the Edge Cases
Comprehensive XDP Off‌load-handling the Edge Cases
Netronome
 

More from Netronome (20)

Disaggregation a Primer: Optimizing design for Edge Cloud & Bare Metal applic...
Disaggregation a Primer: Optimizing design for Edge Cloud & Bare Metal applic...Disaggregation a Primer: Optimizing design for Edge Cloud & Bare Metal applic...
Disaggregation a Primer: Optimizing design for Edge Cloud & Bare Metal applic...
 
LFSMM AF XDP Queue I-DS
LFSMM AF XDP Queue I-DSLFSMM AF XDP Queue I-DS
LFSMM AF XDP Queue I-DS
 
LFSMM Verifier Optimizations and 1 M Instructions
LFSMM Verifier Optimizations and 1 M InstructionsLFSMM Verifier Optimizations and 1 M Instructions
LFSMM Verifier Optimizations and 1 M Instructions
 
Using Network Acceleration for an Optimized Edge Cloud Server Architecture
Using Network Acceleration for an Optimized Edge Cloud Server ArchitectureUsing Network Acceleration for an Optimized Edge Cloud Server Architecture
Using Network Acceleration for an Optimized Edge Cloud Server Architecture
 
Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports Offloading TC Rules on OVS Internal Ports
Offloading TC Rules on OVS Internal Ports
 
Quality of Service Ingress Rate Limiting and OVS Hardware Offloads
Quality of Service Ingress Rate Limiting and OVS Hardware OffloadsQuality of Service Ingress Rate Limiting and OVS Hardware Offloads
Quality of Service Ingress Rate Limiting and OVS Hardware Offloads
 
ODSA Sub-Project Launch
ODSA Sub-Project Launch ODSA Sub-Project Launch
ODSA Sub-Project Launch
 
Flexible and Scalable Domain-Specific Architectures
Flexible and Scalable Domain-Specific ArchitecturesFlexible and Scalable Domain-Specific Architectures
Flexible and Scalable Domain-Specific Architectures
 
Unifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPFUnifying Network Filtering Rules for the Linux Kernel with eBPF
Unifying Network Filtering Rules for the Linux Kernel with eBPF
 
Massively Parallel RISC-V Processing with Transactional Memory
Massively Parallel RISC-V Processing with Transactional MemoryMassively Parallel RISC-V Processing with Transactional Memory
Massively Parallel RISC-V Processing with Transactional Memory
 
Offloading Linux LAG Devices Via Open vSwitch and TC
Offloading Linux LAG Devices Via Open vSwitch and TCOffloading Linux LAG Devices Via Open vSwitch and TC
Offloading Linux LAG Devices Via Open vSwitch and TC
 
eBPF Debugging Infrastructure - Current Techniques
eBPF Debugging Infrastructure - Current TechniqueseBPF Debugging Infrastructure - Current Techniques
eBPF Debugging Infrastructure - Current Techniques
 
Efficient JIT to 32-bit Arches
Efficient JIT to 32-bit ArchesEfficient JIT to 32-bit Arches
Efficient JIT to 32-bit Arches
 
eBPF & Switch Abstractions
eBPF & Switch AbstractionseBPF & Switch Abstractions
eBPF & Switch Abstractions
 
eBPF Tooling and Debugging Infrastructure
eBPF Tooling and Debugging InfrastructureeBPF Tooling and Debugging Infrastructure
eBPF Tooling and Debugging Infrastructure
 
BPF Hardware Offload Deep Dive
BPF Hardware Offload Deep DiveBPF Hardware Offload Deep Dive
BPF Hardware Offload Deep Dive
 
Demystify eBPF JIT Compiler
Demystify eBPF JIT CompilerDemystify eBPF JIT Compiler
Demystify eBPF JIT Compiler
 
The Power of SmartNICs
The Power of SmartNICsThe Power of SmartNICs
The Power of SmartNICs
 
DPDK Support for New HW Offloads
DPDK Support for New HW OffloadsDPDK Support for New HW Offloads
DPDK Support for New HW Offloads
 
Comprehensive XDP Off‌load-handling the Edge Cases
Comprehensive XDP Off‌load-handling the Edge CasesComprehensive XDP Off‌load-handling the Edge Cases
Comprehensive XDP Off‌load-handling the Edge Cases
 

Recently uploaded

Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
Paul Groth
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 

Recently uploaded (20)

Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 

P4 Introduction

  • 1. © 2018 NETRONOME SYSTEMS, INC. Jaco Joubert SIGCOMM 2018 P4 Introduction
  • 2. © 2018 NETRONOME SYSTEMS, INC. 2 Agenda ▶  Introduction ▶  Learning Goals ▶  Agilio SmartNIC ▶  Process to Develop Code ▶  P4/C Examples •  P4 INT •  P4/C Stateful Firewall ▶  SmartNIC P4 Performance ▶  Demo Setup •  P4 INT •  P4C -> XDP ▶  Introduction to P4 •  P4-16 Code ▶  Learn More
  • 3. © 2018 NETRONOME SYSTEMS, INC. 3 Learning Goals ▶  Overview of the Netronome P4 SDK capabilities ▶  Integrated Development Environment •  Elements - Projects, Files •  Workflows - Editing, Debugging ▶  Introduction to P4-16 ▶  P4 Constructs •  Parsing, Matching, Actions ▶  Simple Switch Architecture Overview ▶  P4C-XDP Architecture Overview ▶  Live Demo: See It Run •  Q&A
  • 4. © 2018 NETRONOME SYSTEMS, INC. 4 Agilio® CX SmartNICs Agilio® Software Solutions Agilio® SmartNIC ▶  1x 10/40GbE ▶  2x 10/40/25GbE ▶  Fully Programmable •  Micro-C •  P4 •  P4 + Sandbox C ▶  Software Development Kit (SDK) •  Programmer Studio (IDE) •  Runtime Environment (Server Side) •  Command Line Tools
  • 5. © 2018 NETRONOME SYSTEMS, INC. 5 P4 Introduction ▶  The 4 Ps of P4: •  Protocol Independent Packet Processing Programming •  Programmer defines packet formats and processing algorithms ▶  Target Independence •  No knowledge of low-level hardware organization is required •  Compiler compiles the program for the target device •  Architecture dependent - e.g. v1model.p4, p4c-xdp.p4, psa.p4 ▶  Consistent Control Plane Interface •  Control Plane APIs are automatically generated by the compiler ▶  Reconfigurability •  Data Plane program can be changed in the field ▶  Community-driven Design •  http://p4.org
  • 6. © 2018 NETRONOME SYSTEMS, INC. 6 P4 SDK Development Process your_app.p4 p4c Compiler Intermediate Representation (IR) Target Specific Compiler Firmware your_sandbox.c Server Develop on a PC Download to a Server ●  Develop P4 and C code in the SDK ●  Download it to the card ●  Run the code ●  Generate test packets ●  Observe the functionality ●  Monitor the results Function Calls in P4 Actions
  • 7. © 2018 NETRONOME SYSTEMS, INC. 7 P4C-XDP Development Process your_app.p4 p4c Compiler Intermediate Representation (IR) p4c-xdp backend your_app.o Server ip link set dev $INTERFACE xdp obj your_app.o Credit: https://github.com/vmware/p4c-xdp
  • 8. © 2018 NETRONOME SYSTEMS, INC. 8 P4C-XDP Backend Compile Process XDP Offloading
  • 9. © 2018 NETRONOME SYSTEMS, INC. 9 Some P4/C Examples ▶  In-Band Network Telemetry •  Add headers at each hop •  Take timestamps •  Calculate latencies •  Gather stats •  Remove headers and forward unchanged packet ▶  Stateful Firewall •  Closer look in next slides ▶  Load Balancing •  Load balance based on hash calculated ▶  VLAN •  Encap/Decap Headers
  • 10. © 2018 NETRONOME SYSTEMS, INC. 10 Packet Stacked Headers Drop Modified/ Redirected Packet P4 Constructs Control Blocks Match/Action (Defines Architecture) Defined Headers DeparserParser
  • 11. © 2018 NETRONOME SYSTEMS, INC. 11 Simple Switch Model (v1model.p4) Defined Headers Packet Stacked Headers Drop Modified/ Redirected Packet Drop Clone E2E E2I I2I Verify Checksum Parser Deparser Update Checksum Egress Control Match/ Action Ingress Control Match/ Action
  • 12. © 2018 NETRONOME SYSTEMS, INC. 12 XDP Model (p4c-xdp.p4) Defined Headers Packet Drop Modified/ Redirected Packet Parser Ingress Control Match/Action Deparser
  • 13. © 2018 NETRONOME SYSTEMS, INC. 13 Develop for a Model Model Template package V1Switch<H, M>(Parser<H, M> p, VerifyChecksum<H, M> vr, Ingress<H, M> ig, Egress<H, M> eg, ComputeChecksum<H, M> ck, Deparser<H> dep ); Implementation: #inlcude “v1model.p4” package V1Switch(MyParser(), MyVerifyChecksum(), MyIngress(), MyEgress(), MyComputeChecksum(), MyDeparser() ) main;
  • 14. © 2018 NETRONOME SYSTEMS, INC. 14 Headers and Metadata header ethernet_t { bit<48> dstAddr; bit<48> srcAddr; bit<16> etherType; } header meta_t { bit<8> ioam_cnt; bit<1> decapped; /* set when decapsulation is done */ bit<1> is_transit; /* is the packet treated as just transit */ bit<32> device_id; /* retrieved from a p4 register */ } struct headers_t { ethernet_t ethernet; ipv4_t ipv4; udp_t udp; } struct metadata_t { meta_t meta; intrinsic_metadata_t intrinsic_metadata; }
  • 15. © 2018 NETRONOME SYSTEMS, INC. 15 Parser parser MyParser(packet_in packet, out headers_t hd, inout metadata_t meta, inout standard_metadata_t standard_metadata) { state start { packet.extract(hd.ethernet); transition select(hd.ethernet.etherType) { ETHERTYPE_IPV4: parse_ipv4; default: accept; } } }
  • 16. © 2018 NETRONOME SYSTEMS, INC. 16 Checksums control MyVerifyChecksum( inout headers_t hdr, inout metadata_t meta) { apply { } } control MyComputeChecksum( inout headers_t hdr, inout metadata_t meta) { apply { } }
  • 17. © 2018 NETRONOME SYSTEMS, INC. 17 control MyIngress(inout headers_t hdr, inout metadata_t meta, inout standard_metadata_t standard_metadata) { // Tables // Actions apply { // ‘Fixed’ logic and apply tables if(hdr.ipv4.isValid()) { table_name.apply() } } } Control Blocks ▶  Tables - Match/Actions •  Define behavior framework •  Configurable behavior during runtime •  Add Rules ▶  if, else, else if •  ‘Fixed’ logic
  • 18. © 2018 NETRONOME SYSTEMS, INC. 18 Tables and Actions action do_forward(bit<16> espec, bit<1> is_transit, bit<32> device_id) { meta.meta.device_id = device_id; standard_metadata.egress_spec = espec; meta.meta.is_transit = is_transit; } table tbl_forward { key = { standard_metadata.ingress_port : exact; } actions = { do_forward; } }
  • 19. © 2018 NETRONOME SYSTEMS, INC. 19 Deparse control MyDeparser(packet_out packet, in headers_t hdr) { apply { packet.emit(hdr.ethernet); packet.emit(hdr.ipv4); packet.emit(hdr.udp); packet.emit(hdr.tcp); } }
  • 20. © 2018 NETRONOME SYSTEMS, INC. 20 Internal Network External Network (Internet) Controller P4 Firewall on Netronome SmartNIC Timeout Polling Firewall Setup
  • 21. © 2018 NETRONOME SYSTEMS, INC. 21 Firewall Sequence Diagram External Pkts (Drop) 1st Outgoing Pkt Internal Network External Network (Internet)Controller SmartNIC Update State for bidirectional flow Forward Packet Bidirectional traffic allowed
  • 22. © 2018 NETRONOME SYSTEMS, INC. 22 Timeouts Internal Network External Network (Internet)Controller SmartNIC Controller Pkt (every T seconds) No pkts sent for longer than T Clear State for Inactive Flows External Pkts (Drop)
  • 23. © 2018 NETRONOME SYSTEMS, INC. 23 P4/C Firewall Features ▶  Stateful Forwarding on the Data Plane ▶  Sandbox C Function Calls in P4 •  Primitive Actions •  Hashtable implementation in Micro-C •  Assigning and Managing Public Ports •  Updating state •  Dynamically clearing state for inactive flows on timeouts ▶  Network Address Translation in P4 ▶  Python Controller •  Assign available public IPs used for NAT •  Set timeout interval •  Send timeout packets to trigger Micro-C timeout function on the SmartNIC ▶  Re-Calculate Checksums in P4
  • 24. © 2018 NETRONOME SYSTEMS, INC. 24 P4/C Firewall Performance
  • 25. © 2018 NETRONOME SYSTEMS, INC. 25 P4 - INT Encap/Decap Traffic Gen P4 - INT Latency Measurements Snort Snort Snort SnortSnort... ... Demo Setup Netronome SmartNIC Netronome SmartNIC Today’s Demo: P4 In-Band Network Telemetry (INT) SnortSnort
  • 26. © 2018 NETRONOME SYSTEMS, INC. 26 P4 INT - Snort Latency Measurements Latencyperhop(ns)
  • 27. © 2018 NETRONOME SYSTEMS, INC. 27 P4→XDP Load Balancer Backend Servers Internet Clients action load_balance_action() { hd.ipv4.hdrChecksum = ebpf_ipv4_checksum(parameters); hd.custom_meta.load_balance_hash = hd.ipv4.hdrChecksum % 4; } table forward_table() { key = { hd.custom_meta.load_balance_hash : exact; hd.ipv4.protocol : exact; } actions = { forward_action; } }
  • 28. © 2018 NETRONOME SYSTEMS, INC. 28 P4→XDP Load Balancer Backend Servers Internet Clients Example Rules: (0,TCP_PROTOCOL) : forward_action(172.16.0.1); (1,TCP_PROTOCOL) : forward_action(172.16.0.2); (2,TCP_PROTOCOL) : forward_action(172.16.0.3); (3,TCP_PROTOCOL) : forward_action(172.16.0.4); (0,UDP_PROTOCOL) : forward_action(192.168.0.1); (1,UDP_PROTOCOL) : forward_action(192.168.0.2); (2,UDP_PROTOCOL) : forward_action(192.168.0.3); (3,UDP_PROTOCOL) : forward_action(192.168.0.4); key = { hd.custom_meta.load_balance_hash : exact; hd.ipv4.protocol : exact; }
  • 29. © 2018 NETRONOME SYSTEMS, INC. 29 Adding Custom Headers - Demo Original Packet: 15:00:43.044709 IP 10.0.0.1.3000 > 10.0.0.100.4000: 0x0000: ffff ffff ffff ffff ffff ffff 0800 4500 0x0010: 002c 0001 0000 4011 665c 0a00 0001 0a00 0x0020: 0064 0bb8 0fa0 0018 97c1 0001 0203 0405 0x0030: 0607 0809 0a0b 0c0d 0e0f Packet Returned: 15:00:43.044892 IP 10.0.0.1.3000 > 10.0.0.100.4000: 0x0000: ffff ffff ffff ffff ffff ffff 0800 4500 0x0010: 002c 0001 0000 4011 665c 0a00 0001 0a00 0x0020: 0064 0bb8 0fa0 cafe babe dead beef 0018 0x0030: 97c1 0001 0203 0405 0607 0809 0a0b 0c0d 0x0040: 0e0f 0000 action addHeader() { hdr.custom_header.custom_protocol = 0xCAFEBABE; hdr.custom_header.custom_field = 0xDEADBEEF; hdr.custom_header.setValid(); } control Deparser(in Headers hdrs, packet_out packet) { apply { packet.emit(hdrs.ethernet); packet.emit(hdrs.ipv4); packet.emit(hdrs.udp); packet.emit(hdrs.custom_header); } }
  • 30. © 2018 NETRONOME SYSTEMS, INC. 30 Where to learn more? ▶  Open-NFP.org •  Worldwide community-driven organization. •  Collaborative research in the area of network function processing in server networking hardware. •  Academic and data center networking communities to conduct cutting-edge research and development in the areas of server-based networking datapath offload and acceleration techniques. ▶  github.com/open-nfpsw ▶  github.com/vmware/p4c-xdp ▶  netronome.com/documents/143/UG_Getting_Started_with_eBPF_Offload.pdf ▶  p4.org
  • 31. © 2018 NETRONOME SYSTEMS, INC. Thank You