SlideShare a Scribd company logo
A PoC implementation
of a RINA interior
router using P4
Sergio Fernandez (i2CAT)
Eduard Grasa (i2CAT)
Steve Bunch (TRIA Network Systems)
Motivation: what?
2
A High performance RINA router
implementation
At a reasonable cost (in terms of
development effort and required
hardware)
Motivation: why?
3
•  Increase RINA credibility and decrease perceived adoption risk
•  “Great theory, nice prototype but… where is the router?”
•  Support new use experimental / PoC use cases beyond existing pure
software prototypes
•  Campus Networks, Datacenter Fabrics, 5G network backhaul, etc.
•  Understand limitations in current network programmability approaches
Potential approaches
4
High performance packet I/O
frameworks
NETMAP
•  Software-based, flexible: you can
do anything
•  Limited performance (15 Mpps per
core)
FPGA-based
•  Hardware acceleration,
high performance. Still
flexible
•  Limited hardware choices,
complex development
Programmable ASICs
•  Hardware acceleration,
hardware choice, # of
interfaces
•  W i l l i t b e f l e x i b l e
enough?
Our contributions
5
•  Initial analysis of P4 capabilities relevant to the implementation of a
RINA router
•  Prototype implementation of a RINA interior router data plane using a P4
software target (BMv2)
•  Next steps:
•  Do it in hardware! (Barefoot Tofino ASIC)
•  Check feasibility of border router, what are the tradeoffs?
Use cases
6
•  Decrypt (optional, depends on policy)
•  Parse EFCP header
•  Check CRC
•  Check forwarding function, select outer port
•  Schedule PDU
•  Recompute CRC
•  Encode EFCP header
•  Encrypt (optional)
•  Interior router functions +
•  Remove / add headers
•  Generate control PDUs
•  For flow control
•  For rtx control (optional, depends on policy)
•  Timers
P4 basics: components
7
•  P4: Language for expressing how packets are processed by the data
plane of a programmable forwarding element
•  P4 Runtime: Platform for loading different pipelines, add/remove entries
from dataplane tables and read/write PDUs from/to dataplane
P4 basics: pipeline architectures
8
•  P416: Language supports different architectures (specified by ASIC
vendor). Architecture defines the building blocks that can be present in the
pipeline, and the supported packet workflows
•  Example: V1Model: Simple architecture used by P4 software targets
P4 language limitations
9
•  No support for loops
•  Can be workarounded via resubmit and recirculate primitives, performance penalty
•  No support for timers at the data plane, nor for encryption
•  Unless defined in a vendor-specific hardware module
•  Packet scheduler cannot be programmed
•  No support for fragmentation or reassembly
•  No built-in support for generating new PDUs
•  May be workarounded via clone and recirculation/resubmission
Use cases
10
•  Decrypt (optional, depends on policy)
•  Parse EFCP header
•  Check CRC
•  Check forwarding function, select outer port
•  Schedule PDU (but not programmable!)
•  Recompute CRC
•  Encode EFCP header
•  Encrypt (optional)
•  Interior router functions +
•  Remove / add headers
•  Generate control PDUs
•  For flow control
•  For rtx control (optional, depends on policy)
•  Timers
RINA interior router: basic design
11
•  Target control plane: Management agent and layer management components of the IPC
Processes, communicating to the data plane via P4Runtime API
•  Target data plane: Data transfer components of the IPC Process.
Data plane implementation: RINA interior router P4 pipeline
12
•  Based on the BMv2 simple_switch software target (V1model, P416)
•  Can process EFCP over Ethernet (with or without VLANs) and IP over
Ethernet (with or without VLANs) -> IP for legacy support
•  Dataplane implementation straightforward, P4 file only has 462 LOC
Control plane: Verify P4Runtime API
13
•  Simple Python script that attacks
the P4Runtime API to:
•  Load the hybrid EFCP/IP
pipeline
•  Populate the EFCP and IP
match action tables
•  Rx packets from the
dataplane and Tx packets
to the dataplane
….
sh.setup(
device_id=1,
grpc_addr='10.0.2.15:50001',
election_id=(0, 1), # (high, low)
config=sh.FwdPipeConfig('p4src/build/p4info.txt', 'p4src/build/bmv2.json')
)
#TABLE ENTRIES
te = sh.TableEntry('MyIngress.efcp_lpm')(action = 'MyIngress.efcp_forward')
te.match['hdr.efcp.dstAddr'] = ('1')
te.action['dstAddr'] = ('00:00:00:00:00:01')
te.action['port'] = ('1')
te.action['vlan_id'] = ('0')
te.insert()
…
connection = sh.client
while True:
print("Waiting for recive something")
packet = connection.stream_in_q.get()
print("Packet received!:" + str(packet))
connection.stream_out_q.put(packet)
sh.teardown()
Testing: Stratum and Mininet
14
•  Validated interior router behaviour using Mininet and Python programs to
generated and receive EFCP PDUs (hosts and router are containers)
•  Minimal performance test (though BMv2 is just a testing tool, not designed
for performance at all) -> up to 1 Gbps throughput (8 CPUs, 15 GB RAM)
Conclusions right now
15
•  Interior router -> no problem
•  Without encryption! And need to check in real hardware
•  Border router might be doable (as a prototype), but maybe too constrained
•  No fragmentation / reassembly
•  Timers only with speficic hardware support (no generic implementation)
•  Is packet cloning + recirculation a viable way to generate control packets?
•  P4 community very responsive
•  All or questions were answered quickly (in less than one week, usually in 1 or 2 days),
interest in supporting our use case
•  Understand limitations in current network programmability approaches
Thank you!
Questions?
Research Roadmap 2020 - 2025 16

More Related Content

What's hot

2. RINA overview - TF workshop
2. RINA overview - TF workshop2. RINA overview - TF workshop
2. RINA overview - TF workshop
ARCFIRE ICT
 
Rlite software-architecture (1)
Rlite software-architecture (1)Rlite software-architecture (1)
Rlite software-architecture (1)
ARCFIRE ICT
 
PRISTINE @ FIA Athens 2014
PRISTINE @ FIA Athens 2014PRISTINE @ FIA Athens 2014
PRISTINE @ FIA Athens 2014
ICT PRISTINE
 
The hague rina-workshop-intro-eduard
The hague rina-workshop-intro-eduardThe hague rina-workshop-intro-eduard
The hague rina-workshop-intro-eduard
ICT PRISTINE
 
The hague rina-workshop-mobility-eduard
The hague rina-workshop-mobility-eduardThe hague rina-workshop-mobility-eduard
The hague rina-workshop-mobility-eduard
ICT PRISTINE
 
4. Clearwater on rina
4. Clearwater on rina4. Clearwater on rina
4. Clearwater on rina
ARCFIRE ICT
 
The hageu rina-workshop-security-peter
The hageu rina-workshop-security-peterThe hageu rina-workshop-security-peter
The hageu rina-workshop-security-peter
ICT PRISTINE
 
3. RINA use cases, results, benefits
3. RINA use cases, results, benefits3. RINA use cases, results, benefits
3. RINA use cases, results, benefits
ARCFIRE ICT
 
One of the Ways How to Make RIB Distributed
One of the Ways How to Make RIB DistributedOne of the Ways How to Make RIB Distributed
One of the Ways How to Make RIB Distributed
ARCFIRE ICT
 
LF_DPDK17_Abstract APIs for DPDK and ODP
LF_DPDK17_Abstract APIs for DPDK and ODPLF_DPDK17_Abstract APIs for DPDK and ODP
LF_DPDK17_Abstract APIs for DPDK and ODP
LF_DPDK
 
The hague rina-workshop-nfv-diego
The hague rina-workshop-nfv-diegoThe hague rina-workshop-nfv-diego
The hague rina-workshop-nfv-diego
ICT PRISTINE
 
Pristine rina-sdk-icc-2016
Pristine rina-sdk-icc-2016Pristine rina-sdk-icc-2016
Pristine rina-sdk-icc-2016
ICT PRISTINE
 
Rina sdn-2016 mobility
Rina sdn-2016 mobilityRina sdn-2016 mobility
Rina sdn-2016 mobility
ARCFIRE ICT
 
Intro RINA
Intro RINAIntro RINA
Intro RINA
ARCFIRE ICT
 
Eucnc rina-tutorial
Eucnc rina-tutorialEucnc rina-tutorial
Eucnc rina-tutorial
ICT PRISTINE
 
The hague rina-workshop-interop-deployment_vincenzo
The hague rina-workshop-interop-deployment_vincenzoThe hague rina-workshop-interop-deployment_vincenzo
The hague rina-workshop-interop-deployment_vincenzo
ICT PRISTINE
 
RINA research results - NGP forum - SDN World Congress 2017
RINA research results - NGP forum - SDN World Congress 2017RINA research results - NGP forum - SDN World Congress 2017
RINA research results - NGP forum - SDN World Congress 2017
ARCFIRE ICT
 
RINA as a Clean-Slate Approach to Software Networks
RINA as a Clean-Slate Approach to Software Networks RINA as a Clean-Slate Approach to Software Networks
RINA as a Clean-Slate Approach to Software Networks
ICT PRISTINE
 
Using IO Visor to Secure Microservices Running on CloudFoundry [OpenStack Sum...
Using IO Visor to Secure Microservices Running on CloudFoundry [OpenStack Sum...Using IO Visor to Secure Microservices Running on CloudFoundry [OpenStack Sum...
Using IO Visor to Secure Microservices Running on CloudFoundry [OpenStack Sum...
IO Visor Project
 
Advanced network experiments in FED4FIRE
Advanced network experiments in FED4FIREAdvanced network experiments in FED4FIRE
Advanced network experiments in FED4FIRE
ARCFIRE ICT
 

What's hot (20)

2. RINA overview - TF workshop
2. RINA overview - TF workshop2. RINA overview - TF workshop
2. RINA overview - TF workshop
 
Rlite software-architecture (1)
Rlite software-architecture (1)Rlite software-architecture (1)
Rlite software-architecture (1)
 
PRISTINE @ FIA Athens 2014
PRISTINE @ FIA Athens 2014PRISTINE @ FIA Athens 2014
PRISTINE @ FIA Athens 2014
 
The hague rina-workshop-intro-eduard
The hague rina-workshop-intro-eduardThe hague rina-workshop-intro-eduard
The hague rina-workshop-intro-eduard
 
The hague rina-workshop-mobility-eduard
The hague rina-workshop-mobility-eduardThe hague rina-workshop-mobility-eduard
The hague rina-workshop-mobility-eduard
 
4. Clearwater on rina
4. Clearwater on rina4. Clearwater on rina
4. Clearwater on rina
 
The hageu rina-workshop-security-peter
The hageu rina-workshop-security-peterThe hageu rina-workshop-security-peter
The hageu rina-workshop-security-peter
 
3. RINA use cases, results, benefits
3. RINA use cases, results, benefits3. RINA use cases, results, benefits
3. RINA use cases, results, benefits
 
One of the Ways How to Make RIB Distributed
One of the Ways How to Make RIB DistributedOne of the Ways How to Make RIB Distributed
One of the Ways How to Make RIB Distributed
 
LF_DPDK17_Abstract APIs for DPDK and ODP
LF_DPDK17_Abstract APIs for DPDK and ODPLF_DPDK17_Abstract APIs for DPDK and ODP
LF_DPDK17_Abstract APIs for DPDK and ODP
 
The hague rina-workshop-nfv-diego
The hague rina-workshop-nfv-diegoThe hague rina-workshop-nfv-diego
The hague rina-workshop-nfv-diego
 
Pristine rina-sdk-icc-2016
Pristine rina-sdk-icc-2016Pristine rina-sdk-icc-2016
Pristine rina-sdk-icc-2016
 
Rina sdn-2016 mobility
Rina sdn-2016 mobilityRina sdn-2016 mobility
Rina sdn-2016 mobility
 
Intro RINA
Intro RINAIntro RINA
Intro RINA
 
Eucnc rina-tutorial
Eucnc rina-tutorialEucnc rina-tutorial
Eucnc rina-tutorial
 
The hague rina-workshop-interop-deployment_vincenzo
The hague rina-workshop-interop-deployment_vincenzoThe hague rina-workshop-interop-deployment_vincenzo
The hague rina-workshop-interop-deployment_vincenzo
 
RINA research results - NGP forum - SDN World Congress 2017
RINA research results - NGP forum - SDN World Congress 2017RINA research results - NGP forum - SDN World Congress 2017
RINA research results - NGP forum - SDN World Congress 2017
 
RINA as a Clean-Slate Approach to Software Networks
RINA as a Clean-Slate Approach to Software Networks RINA as a Clean-Slate Approach to Software Networks
RINA as a Clean-Slate Approach to Software Networks
 
Using IO Visor to Secure Microservices Running on CloudFoundry [OpenStack Sum...
Using IO Visor to Secure Microservices Running on CloudFoundry [OpenStack Sum...Using IO Visor to Secure Microservices Running on CloudFoundry [OpenStack Sum...
Using IO Visor to Secure Microservices Running on CloudFoundry [OpenStack Sum...
 
Advanced network experiments in FED4FIRE
Advanced network experiments in FED4FIREAdvanced network experiments in FED4FIRE
Advanced network experiments in FED4FIRE
 

Similar to Rina p4 rina workshop

Install FD.IO VPP On Intel(r) Architecture & Test with Trex*
Install FD.IO VPP On Intel(r) Architecture & Test with Trex*Install FD.IO VPP On Intel(r) Architecture & Test with Trex*
Install FD.IO VPP On Intel(r) Architecture & Test with Trex*
Michelle Holley
 
OSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable SwitchOSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable Switch
Chun Ming Ou
 
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017
Cheng-Chun William Tu
 
BKK16-103 OpenCSD - Open for Business!
BKK16-103 OpenCSD - Open for Business!BKK16-103 OpenCSD - Open for Business!
BKK16-103 OpenCSD - Open for Business!
Linaro
 
[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4
Open Networking Summits
 
Software Network Data Plane - Satisfying the need for speed - FD.io - VPP and...
Software Network Data Plane - Satisfying the need for speed - FD.io - VPP and...Software Network Data Plane - Satisfying the need for speed - FD.io - VPP and...
Software Network Data Plane - Satisfying the need for speed - FD.io - VPP and...
Haidee McMahon
 
2016 NCTU P4 Workshop
2016 NCTU P4 Workshop2016 NCTU P4 Workshop
2016 NCTU P4 Workshop
Yi Tseng
 
DPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith WilesDPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith Wiles
Jim St. Leger
 
eBPF Basics
eBPF BasicseBPF Basics
eBPF Basics
Michael Kehoe
 
6 open capi_meetup_in_japan_final
6 open capi_meetup_in_japan_final6 open capi_meetup_in_japan_final
6 open capi_meetup_in_japan_final
Yutaka Kawai
 
Introduction to Programmable Networks by Clarence Anslem, Intel
Introduction to Programmable Networks by Clarence Anslem, IntelIntroduction to Programmable Networks by Clarence Anslem, Intel
Introduction to Programmable Networks by Clarence Anslem, Intel
MyNOG
 
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
Junho Suh
 
Using a Field Programmable Gate Array to Accelerate Application Performance
Using a Field Programmable Gate Array to Accelerate Application PerformanceUsing a Field Programmable Gate Array to Accelerate Application Performance
Using a Field Programmable Gate Array to Accelerate Application Performance
Odinot Stanislas
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Samsung Open Source Group
 
Cilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPCilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDP
Thomas Graf
 
LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2
Linaro
 
Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2
eucariot
 
P4_tutorial.pdf
P4_tutorial.pdfP4_tutorial.pdf
P4_tutorial.pdf
PramodhN3
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CanSecWest
 
The power of linux advanced tracer [POUG18]
The power of linux advanced tracer [POUG18]The power of linux advanced tracer [POUG18]
The power of linux advanced tracer [POUG18]
Mahmoud Hatem
 

Similar to Rina p4 rina workshop (20)

Install FD.IO VPP On Intel(r) Architecture & Test with Trex*
Install FD.IO VPP On Intel(r) Architecture & Test with Trex*Install FD.IO VPP On Intel(r) Architecture & Test with Trex*
Install FD.IO VPP On Intel(r) Architecture & Test with Trex*
 
OSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable SwitchOSN days 2019 - Open Networking and Programmable Switch
OSN days 2019 - Open Networking and Programmable Switch
 
Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017Compiling P4 to XDP, IOVISOR Summit 2017
Compiling P4 to XDP, IOVISOR Summit 2017
 
BKK16-103 OpenCSD - Open for Business!
BKK16-103 OpenCSD - Open for Business!BKK16-103 OpenCSD - Open for Business!
BKK16-103 OpenCSD - Open for Business!
 
[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4[Webinar Slides] Programming the Network Dataplane in P4
[Webinar Slides] Programming the Network Dataplane in P4
 
Software Network Data Plane - Satisfying the need for speed - FD.io - VPP and...
Software Network Data Plane - Satisfying the need for speed - FD.io - VPP and...Software Network Data Plane - Satisfying the need for speed - FD.io - VPP and...
Software Network Data Plane - Satisfying the need for speed - FD.io - VPP and...
 
2016 NCTU P4 Workshop
2016 NCTU P4 Workshop2016 NCTU P4 Workshop
2016 NCTU P4 Workshop
 
DPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith WilesDPDK Summit 2015 - Intel - Keith Wiles
DPDK Summit 2015 - Intel - Keith Wiles
 
eBPF Basics
eBPF BasicseBPF Basics
eBPF Basics
 
6 open capi_meetup_in_japan_final
6 open capi_meetup_in_japan_final6 open capi_meetup_in_japan_final
6 open capi_meetup_in_japan_final
 
Introduction to Programmable Networks by Clarence Anslem, Intel
Introduction to Programmable Networks by Clarence Anslem, IntelIntroduction to Programmable Networks by Clarence Anslem, Intel
Introduction to Programmable Networks by Clarence Anslem, Intel
 
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
From Fixed-Function to Programmable Switching Chip for Network Packet Broker ...
 
Using a Field Programmable Gate Array to Accelerate Application Performance
Using a Field Programmable Gate Array to Accelerate Application PerformanceUsing a Field Programmable Gate Array to Accelerate Application Performance
Using a Field Programmable Gate Array to Accelerate Application Performance
 
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux DeviceAdding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
Adding IEEE 802.15.4 and 6LoWPAN to an Embedded Linux Device
 
Cilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDPCilium - Fast IPv6 Container Networking with BPF and XDP
Cilium - Fast IPv6 Container Networking with BPF and XDP
 
LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2LCU14 310- Cisco ODP v2
LCU14 310- Cisco ODP v2
 
Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2Linkmeup v076(2019-06).2
Linkmeup v076(2019-06).2
 
P4_tutorial.pdf
P4_tutorial.pdfP4_tutorial.pdf
P4_tutorial.pdf
 
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
CSW2017Richard Johnson_harnessing intel processor trace on windows for vulner...
 
The power of linux advanced tracer [POUG18]
The power of linux advanced tracer [POUG18]The power of linux advanced tracer [POUG18]
The power of linux advanced tracer [POUG18]
 

More from Eduard Grasa

Vtc keynote201110
Vtc keynote201110Vtc keynote201110
Vtc keynote201110
Eduard Grasa
 
Rin armenia icin 2020
Rin armenia  icin 2020Rin armenia  icin 2020
Rin armenia icin 2020
Eduard Grasa
 
Rizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptxRizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptx
Eduard Grasa
 
1. perf mgmt
1. perf mgmt1. perf mgmt
1. perf mgmt
Eduard Grasa
 
2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie
Eduard Grasa
 
Icin 2020 rinarmenia
Icin 2020 rinarmeniaIcin 2020 rinarmenia
Icin 2020 rinarmenia
Eduard Grasa
 

More from Eduard Grasa (6)

Vtc keynote201110
Vtc keynote201110Vtc keynote201110
Vtc keynote201110
 
Rin armenia icin 2020
Rin armenia  icin 2020Rin armenia  icin 2020
Rin armenia icin 2020
 
Rizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptxRizinski daychitkushevrina2020.pptx
Rizinski daychitkushevrina2020.pptx
 
1. perf mgmt
1. perf mgmt1. perf mgmt
1. perf mgmt
 
2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie2 s tic-rina-2020-presentatie
2 s tic-rina-2020-presentatie
 
Icin 2020 rinarmenia
Icin 2020 rinarmeniaIcin 2020 rinarmenia
Icin 2020 rinarmenia
 

Recently uploaded

一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
thezot
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
APNIC
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
3a0sd7z3
 
cyber crime.pptx..........................
cyber crime.pptx..........................cyber crime.pptx..........................
cyber crime.pptx..........................
GNAMBIKARAO
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
3a0sd7z3
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
Tarandeep Singh
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
APNIC
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
Donato Onofri
 
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
dtagbe
 
How to make a complaint to the police for Social Media Fraud.pdf
How to make a complaint to the police for Social Media Fraud.pdfHow to make a complaint to the police for Social Media Fraud.pdf
How to make a complaint to the police for Social Media Fraud.pdf
Infosec train
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
rtunex8r
 

Recently uploaded (11)

一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
一比一原版新西兰林肯大学毕业证(Lincoln毕业证书)学历如何办理
 
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...Securing BGP: Operational Strategies and Best Practices for Network Defenders...
Securing BGP: Operational Strategies and Best Practices for Network Defenders...
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
 
cyber crime.pptx..........................
cyber crime.pptx..........................cyber crime.pptx..........................
cyber crime.pptx..........................
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
 
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
 
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
一比一原版(uc毕业证书)加拿大卡尔加里大学毕业证如何办理
 
How to make a complaint to the police for Social Media Fraud.pdf
How to make a complaint to the police for Social Media Fraud.pdfHow to make a complaint to the police for Social Media Fraud.pdf
How to make a complaint to the police for Social Media Fraud.pdf
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
 

Rina p4 rina workshop

  • 1. A PoC implementation of a RINA interior router using P4 Sergio Fernandez (i2CAT) Eduard Grasa (i2CAT) Steve Bunch (TRIA Network Systems)
  • 2. Motivation: what? 2 A High performance RINA router implementation At a reasonable cost (in terms of development effort and required hardware)
  • 3. Motivation: why? 3 •  Increase RINA credibility and decrease perceived adoption risk •  “Great theory, nice prototype but… where is the router?” •  Support new use experimental / PoC use cases beyond existing pure software prototypes •  Campus Networks, Datacenter Fabrics, 5G network backhaul, etc. •  Understand limitations in current network programmability approaches
  • 4. Potential approaches 4 High performance packet I/O frameworks NETMAP •  Software-based, flexible: you can do anything •  Limited performance (15 Mpps per core) FPGA-based •  Hardware acceleration, high performance. Still flexible •  Limited hardware choices, complex development Programmable ASICs •  Hardware acceleration, hardware choice, # of interfaces •  W i l l i t b e f l e x i b l e enough?
  • 5. Our contributions 5 •  Initial analysis of P4 capabilities relevant to the implementation of a RINA router •  Prototype implementation of a RINA interior router data plane using a P4 software target (BMv2) •  Next steps: •  Do it in hardware! (Barefoot Tofino ASIC) •  Check feasibility of border router, what are the tradeoffs?
  • 6. Use cases 6 •  Decrypt (optional, depends on policy) •  Parse EFCP header •  Check CRC •  Check forwarding function, select outer port •  Schedule PDU •  Recompute CRC •  Encode EFCP header •  Encrypt (optional) •  Interior router functions + •  Remove / add headers •  Generate control PDUs •  For flow control •  For rtx control (optional, depends on policy) •  Timers
  • 7. P4 basics: components 7 •  P4: Language for expressing how packets are processed by the data plane of a programmable forwarding element •  P4 Runtime: Platform for loading different pipelines, add/remove entries from dataplane tables and read/write PDUs from/to dataplane
  • 8. P4 basics: pipeline architectures 8 •  P416: Language supports different architectures (specified by ASIC vendor). Architecture defines the building blocks that can be present in the pipeline, and the supported packet workflows •  Example: V1Model: Simple architecture used by P4 software targets
  • 9. P4 language limitations 9 •  No support for loops •  Can be workarounded via resubmit and recirculate primitives, performance penalty •  No support for timers at the data plane, nor for encryption •  Unless defined in a vendor-specific hardware module •  Packet scheduler cannot be programmed •  No support for fragmentation or reassembly •  No built-in support for generating new PDUs •  May be workarounded via clone and recirculation/resubmission
  • 10. Use cases 10 •  Decrypt (optional, depends on policy) •  Parse EFCP header •  Check CRC •  Check forwarding function, select outer port •  Schedule PDU (but not programmable!) •  Recompute CRC •  Encode EFCP header •  Encrypt (optional) •  Interior router functions + •  Remove / add headers •  Generate control PDUs •  For flow control •  For rtx control (optional, depends on policy) •  Timers
  • 11. RINA interior router: basic design 11 •  Target control plane: Management agent and layer management components of the IPC Processes, communicating to the data plane via P4Runtime API •  Target data plane: Data transfer components of the IPC Process.
  • 12. Data plane implementation: RINA interior router P4 pipeline 12 •  Based on the BMv2 simple_switch software target (V1model, P416) •  Can process EFCP over Ethernet (with or without VLANs) and IP over Ethernet (with or without VLANs) -> IP for legacy support •  Dataplane implementation straightforward, P4 file only has 462 LOC
  • 13. Control plane: Verify P4Runtime API 13 •  Simple Python script that attacks the P4Runtime API to: •  Load the hybrid EFCP/IP pipeline •  Populate the EFCP and IP match action tables •  Rx packets from the dataplane and Tx packets to the dataplane …. sh.setup( device_id=1, grpc_addr='10.0.2.15:50001', election_id=(0, 1), # (high, low) config=sh.FwdPipeConfig('p4src/build/p4info.txt', 'p4src/build/bmv2.json') ) #TABLE ENTRIES te = sh.TableEntry('MyIngress.efcp_lpm')(action = 'MyIngress.efcp_forward') te.match['hdr.efcp.dstAddr'] = ('1') te.action['dstAddr'] = ('00:00:00:00:00:01') te.action['port'] = ('1') te.action['vlan_id'] = ('0') te.insert() … connection = sh.client while True: print("Waiting for recive something") packet = connection.stream_in_q.get() print("Packet received!:" + str(packet)) connection.stream_out_q.put(packet) sh.teardown()
  • 14. Testing: Stratum and Mininet 14 •  Validated interior router behaviour using Mininet and Python programs to generated and receive EFCP PDUs (hosts and router are containers) •  Minimal performance test (though BMv2 is just a testing tool, not designed for performance at all) -> up to 1 Gbps throughput (8 CPUs, 15 GB RAM)
  • 15. Conclusions right now 15 •  Interior router -> no problem •  Without encryption! And need to check in real hardware •  Border router might be doable (as a prototype), but maybe too constrained •  No fragmentation / reassembly •  Timers only with speficic hardware support (no generic implementation) •  Is packet cloning + recirculation a viable way to generate control packets? •  P4 community very responsive •  All or questions were answered quickly (in less than one week, usually in 1 or 2 days), interest in supporting our use case •  Understand limitations in current network programmability approaches