The document provides instructions for using DPDK and OVS-DPDK on Ubuntu 14.04 LTS. It begins by cloning the DPDK and OVS source code and checking out specific versions. It then builds DPDK and runs the testpmd application to verify basic packet forwarding. The document configures hugepages and binds NICs before starting testpmd. It provides output of the testpmd commands. Finally, it mentions setting up OVS-DPDK which involves the host and guest OS as well as Qemu and Fedora in a VM.
DPDK in depth
This document provides an overview of DPDK (Data Plane Development Kit):
1. DPDK is an open source project for data plane programming and network acceleration. It started at Intel in 2010 and is now maintained by the Linux Foundation.
2. DPDK provides poll mode drivers (PMDs), libraries, and sample applications for fast packet processing. It uses hugepages and avoids kernel involvement for high performance.
3. The document outlines several DPDK projects, libraries, PMDs, advantages and disadvantages, development process, and demonstrates a simple DPDK application (l2fwd) and the testpmd tool.
DPDK greatly improves packet processing performance and throughput by allowing applications to directly access hardware and bypass kernel involvement. It can improve performance by up to 10 times, allowing over 80 Mbps throughput on a single CPU or double that with two CPUs. This enables telecom and networking equipment manufacturers to develop products faster and with lower costs. DPDK achieves these gains through techniques like dedicated core affinity, userspace drivers, polling instead of interrupts, and lockless synchronization.
The document provides step-by-step instructions for building and running Intel DPDK sample applications on a test environment with 3 virtual machines connected by 10G NICs. It describes compiling and running the helloworld, L2 forwarding, and L3 forwarding applications, as well as using the pktgen tool for packet generation between VMs to test forwarding performance. Key steps include preparing the Linux kernel for DPDK, compiling applications, configuring ports and MAC addresses, and observing packet drops to identify performance bottlenecks.
1. DPDK achieves high throughput packet processing on commodity hardware by reducing kernel overhead through techniques like polling, huge pages, and userspace drivers.
2. In Linux, packet processing involves expensive operations like system calls, interrupts, and data copying between kernel and userspace. DPDK avoids these by doing all packet processing in userspace.
3. DPDK uses techniques like isolating cores for packet I/O threads, lockless ring buffers, and NUMA awareness to further optimize performance. It can achieve throughput of over 14 million packets per second on 10GbE interfaces.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
Linux offers an extensive selection of programmable and configurable networking components from traditional bridges, encryption, to container optimized layer 2/3 devices, link aggregation, tunneling, several classification and filtering languages all the way up to full SDN components. This talk will provide an overview of many Linux networking components covering the Linux bridge, IPVLAN, MACVLAN, MACVTAP, Bonding/Team, OVS, classification & queueing, tunnel types, hidden routing tricks, IPSec, VTI, VRF and many others.
Video: https://www.youtube.com/watch?v=JRFNIKUROPE . Talk for linux.conf.au 2017 (LCA2017) by Brendan Gregg, about Linux enhanced BPF (eBPF). Abstract:
A world of new capabilities is emerging for the Linux 4.x series, thanks to enhancements that have been included in Linux for to Berkeley Packet Filter (BPF): an in-kernel virtual machine that can execute user space-defined programs. It is finding uses for security auditing and enforcement, enhancing networking (including eXpress Data Path), and performance observability and troubleshooting. Many new open source tools that have been written in the past 12 months for performance analysis that use BPF. Tracing superpowers have finally arrived for Linux!
For its use with tracing, BPF provides the programmable capabilities to the existing tracing frameworks: kprobes, uprobes, and tracepoints. In particular, BPF allows timestamps to be recorded and compared from custom events, allowing latency to be studied in many new places: kernel and application internals. It also allows data to be efficiently summarized in-kernel, including as histograms. This has allowed dozens of new observability tools to be developed so far, including measuring latency distributions for file system I/O and run queue latency, printing details of storage device I/O and TCP retransmits, investigating blocked stack traces and memory leaks, and a whole lot more.
This talk will summarize BPF capabilities and use cases so far, and then focus on its use to enhance Linux tracing, especially with the open source bcc collection. bcc includes BPF versions of old classics, and many new tools, including execsnoop, opensnoop, funcccount, ext4slower, and more (many of which I developed). Perhaps you'd like to develop new tools, or use the existing tools to find performance wins large and small, especially when instrumenting areas that previously had zero visibility. I'll also summarize how we intend to use these new capabilities to enhance systems analysis at Netflix.
DPDK in depth
This document provides an overview of DPDK (Data Plane Development Kit):
1. DPDK is an open source project for data plane programming and network acceleration. It started at Intel in 2010 and is now maintained by the Linux Foundation.
2. DPDK provides poll mode drivers (PMDs), libraries, and sample applications for fast packet processing. It uses hugepages and avoids kernel involvement for high performance.
3. The document outlines several DPDK projects, libraries, PMDs, advantages and disadvantages, development process, and demonstrates a simple DPDK application (l2fwd) and the testpmd tool.
DPDK greatly improves packet processing performance and throughput by allowing applications to directly access hardware and bypass kernel involvement. It can improve performance by up to 10 times, allowing over 80 Mbps throughput on a single CPU or double that with two CPUs. This enables telecom and networking equipment manufacturers to develop products faster and with lower costs. DPDK achieves these gains through techniques like dedicated core affinity, userspace drivers, polling instead of interrupts, and lockless synchronization.
The document provides step-by-step instructions for building and running Intel DPDK sample applications on a test environment with 3 virtual machines connected by 10G NICs. It describes compiling and running the helloworld, L2 forwarding, and L3 forwarding applications, as well as using the pktgen tool for packet generation between VMs to test forwarding performance. Key steps include preparing the Linux kernel for DPDK, compiling applications, configuring ports and MAC addresses, and observing packet drops to identify performance bottlenecks.
1. DPDK achieves high throughput packet processing on commodity hardware by reducing kernel overhead through techniques like polling, huge pages, and userspace drivers.
2. In Linux, packet processing involves expensive operations like system calls, interrupts, and data copying between kernel and userspace. DPDK avoids these by doing all packet processing in userspace.
3. DPDK uses techniques like isolating cores for packet I/O threads, lockless ring buffers, and NUMA awareness to further optimize performance. It can achieve throughput of over 14 million packets per second on 10GbE interfaces.
In this session, we’ll review how previous efforts, including Netfilter, Berkley Packet Filter (BPF), Open vSwitch (OVS), and TC, approached the problem of extensibility. We’ll show you an open source solution available within the Red Hat Enterprise Linux kernel, where extending and merging some of the existing concepts leads to an extensible framework that satisfies the networking needs of datacenter and cloud virtualization.
Linux offers an extensive selection of programmable and configurable networking components from traditional bridges, encryption, to container optimized layer 2/3 devices, link aggregation, tunneling, several classification and filtering languages all the way up to full SDN components. This talk will provide an overview of many Linux networking components covering the Linux bridge, IPVLAN, MACVLAN, MACVTAP, Bonding/Team, OVS, classification & queueing, tunnel types, hidden routing tricks, IPSec, VTI, VRF and many others.
Video: https://www.youtube.com/watch?v=JRFNIKUROPE . Talk for linux.conf.au 2017 (LCA2017) by Brendan Gregg, about Linux enhanced BPF (eBPF). Abstract:
A world of new capabilities is emerging for the Linux 4.x series, thanks to enhancements that have been included in Linux for to Berkeley Packet Filter (BPF): an in-kernel virtual machine that can execute user space-defined programs. It is finding uses for security auditing and enforcement, enhancing networking (including eXpress Data Path), and performance observability and troubleshooting. Many new open source tools that have been written in the past 12 months for performance analysis that use BPF. Tracing superpowers have finally arrived for Linux!
For its use with tracing, BPF provides the programmable capabilities to the existing tracing frameworks: kprobes, uprobes, and tracepoints. In particular, BPF allows timestamps to be recorded and compared from custom events, allowing latency to be studied in many new places: kernel and application internals. It also allows data to be efficiently summarized in-kernel, including as histograms. This has allowed dozens of new observability tools to be developed so far, including measuring latency distributions for file system I/O and run queue latency, printing details of storage device I/O and TCP retransmits, investigating blocked stack traces and memory leaks, and a whole lot more.
This talk will summarize BPF capabilities and use cases so far, and then focus on its use to enhance Linux tracing, especially with the open source bcc collection. bcc includes BPF versions of old classics, and many new tools, including execsnoop, opensnoop, funcccount, ext4slower, and more (many of which I developed). Perhaps you'd like to develop new tools, or use the existing tools to find performance wins large and small, especially when instrumenting areas that previously had zero visibility. I'll also summarize how we intend to use these new capabilities to enhance systems analysis at Netflix.
SOSCON 2019.10.17
What are the methods for packet processing on Linux? And how fast are each packet processing methods? In this presentation, we will learn how to handle packets on Linux (User space, socket filter, netfilter, tc), and compare performance with analysis of where each packet processing is done in the network stack (hook point). Also, we will discuss packet processing using XDP, an in-kernel fast-path recently added to the Linux kernel. eXpress Data Path (XDP) is a high-performance programmable network data-path within the Linux kernel. The XDP is located at the lowest level of access through SW in the network stack, the point at which driver receives the packet. By using the eBPF infrastructure at this hook point, the network stack can be expanded without modifying the kernel.
Daniel T. Lee (Hoyeon Lee)
@danieltimlee
Daniel T. Lee currently works as Software Engineer at Kosslab and contributing to Linux kernel BPF project. He has interest in cloud, Linux networking, and tracing technologies, and likes to analyze the kernel's internal using BPF technology.
This document provides an agenda and overview for a hands-on lab on using DPDK in containers. It introduces Linux containers and how they use fewer system resources than VMs. It discusses how containers still use the kernel network stack, which is not ideal for SDN/NFV usages, and how DPDK can be used in containers to address this. The hands-on lab section guides users through building DPDK and Open vSwitch, configuring them to work with containers, and running packet generation and forwarding using testpmd and pktgen Docker containers connected via Open vSwitch.
- The document discusses Linux network stack monitoring and configuration. It begins with definitions of key concepts like RSS, RPS, RFS, LRO, GRO, DCA, XDP and BPF.
- It then provides an overview of how the network stack works from the hardware interrupts and driver level up through routing, TCP/IP and to the socket level.
- Monitoring tools like ethtool, ftrace and /proc/interrupts are described for viewing hardware statistics, software stack traces and interrupt information.
Performance Wins with BPF: Getting StartedBrendan Gregg
Keynote by Brendan Gregg for the eBPF summit, 2020. How to get started finding performance wins using the BPF (eBPF) technology. This short talk covers the quickest and easiest way to find performance wins using BPF observability tools on Linux.
Video: http://joyent.com/blog/linux-performance-analysis-and-tools-brendan-gregg-s-talk-at-scale-11x ; This talk for SCaLE11x covers system performance analysis methodologies and the Linux tools to support them, so that you can get the most out of your systems and solve performance issues quickly. This includes a wide variety of tools, including basics like top(1), advanced tools like perf, and new tools like the DTrace for Linux prototypes.
Linux Traffic Control allows administrators to control network traffic through mechanisms like shaping, scheduling, classifying, policing, dropping and marking. It uses components like queuing disciplines (qdiscs), classes, filters, and actions. The tc command can be used to configure these components by adding, changing or deleting traffic control settings on network interfaces.
This document provides an overview of Vector Packet Processing (VPP), an open source packet processing platform developed as part of the FD.io project. VPP is based on DPDK for high performance packet processing in userspace. It includes a full networking stack and can perform L2/L3 forwarding and routing at speeds of over 14 million packets per second on a single core. VPP processing is divided into individual nodes connected by a graph. Packets are passed between nodes as vectors to support batch processing. VPP supports both single and multicore modes using different threading models. It can be used to implement routers, switches, and other network functions and topologies.
FOSDEM15 SDN developer room talk
DPDK performance
How to not just do a demo with DPDK
The Intel DPDK provides a platform for building high performance Network Function Virtualization applications. But it is hard to get high performance unless certain design tradeoffs are made. This talk focuses on the lessons learned in creating the Brocade vRouter using DPDK. It covers some of the architecture, locking and low level issues that all have to be dealt with to achieve 80 Million packets per second forwarding.
BPF (Berkeley Packet Filter) allows for safe dynamic program injection into the Linux kernel. It provides an in-kernel virtual machine and instruction set for running custom programs. The BPF infrastructure includes a verifier that checks programs for safety, helper functions to access kernel APIs, and maps for inter-process communication. BPF has become a core kernel subsystem and is used for applications like XDP, tracing, networking, and more.
LinuxCon 2015 Linux Kernel Networking WalkthroughThomas Graf
This presentation features a walk through the Linux kernel networking stack for users and developers. It will cover insights into both, existing essential networking features and recent developments and will show how to use them properly. Our starting point is the network card driver as it feeds a packet into the stack. We will follow the packet as it traverses through various subsystems such as packet filtering, routing, protocol stacks, and the socket layer. We will pause here and there to look into concepts such as networking namespaces, segmentation offloading, TCP small queues, and low latency polling and will discuss how to configure them.
This document discusses how VXLAN works on Linux in 3 parts: (1) it explains the basic mechanism of VXLAN including packet encapsulation and ARP resolution, (2) it describes how OpenStack Neutron implements VXLAN using the OVS plugin and ML2 l2population driver, and (3) it discusses the Flannel implementation of VTEP using Linux kernel extensions and an etcd key-value store.
This document provides an overview of TCPDUMP including:
- Introducing TCPDUMP as a command line network packet analyzer that comes pre-installed on Unix systems.
- Explaining how to decipher data packets captured by TCPDUMP.
- Detailing basic and intermediate TCPDUMP command line options and usage including filtering, reading from and writing to files.
- Outlining steps for network hacking techniques like footprinting, scanning, and DDoS attacks.
USENIX LISA2021 talk by Brendan Gregg (https://www.youtube.com/watch?v=_5Z2AU7QTH4). This talk is a deep dive that describes how BPF (eBPF) works internally on Linux, and dissects some modern performance observability tools. Details covered include the kernel BPF implementation: the verifier, JIT compilation, and the BPF execution environment; the BPF instruction set; different event sources; and how BPF is used by user space, using bpftrace programs as an example. This includes showing how bpftrace is compiled to LLVM IR and then BPF bytecode, and how per-event data and aggregated map data are fetched from the kernel.
The Linux kernel is undergoing the most fundamental architecture evolution in history and is becoming a microkernel. Why is the Linux kernel evolving into a microkernel? The potentially biggest fundamental change ever happening to the Linux kernel. This talk covers how companies like Facebook and Google use BPF to patch 0-day exploits, how BPF will change the way features are added to the kernel forever, and how BPF is introducing a new type of application deployment method for the Linux kernel.
Introduce the basic concept of Open vSwitch. In this slide, we talked about how Linux kernel and networking stack worked together to forward and process the network packet and also compare those Linux networking stack functionality with Open vSwitch and Openflow.
At the end of this slide, we talk about the challenge to integrate the Open vSwitch with Kubernetes, what kind of the networking function we need to resolve and what is the benefit we can get from the Open Vswitch.
The document provides an introduction to Linux and device drivers. It discusses Linux directory structure, kernel components, kernel modules, character drivers, and registering drivers. Key topics include dynamically loading modules, major and minor numbers, private data, and communicating with hardware via I/O ports and memory mapping.
This document discusses how eBPF (extended Berkeley Packet Filter) can be used for kernel tracing. It provides an overview of BPF and eBPF, how eBPF programs are compiled and run in the kernel, the use of BPF maps, and how eBPF enables new possibilities for dynamic kernel instrumentation through techniques like Kprobes and ftrace.
This document discusses tracing in the Linux kernel. It describes various tracing mechanisms like ftrace, tracepoints, kprobes, perf, and eBPF. Ftrace allows tracing functions via compiler instrumentation or dynamically. Tracepoints define custom trace events that can be inserted at specific points. Kprobes and related probes like jprobes allow tracing kernel functions. Perf provides performance monitoring capabilities. eBPF enables custom tracing programs to be run efficiently in the kernel via just-in-time compilation. Tracing tools like perf, systemtap, and LTTng provide user interfaces.
Cilium - Fast IPv6 Container Networking with BPF and XDPThomas Graf
We present a new open source project which provides IPv6 networking for Linux Containers by generating programs for each individual container on the fly and then runs them as JITed BPF code in the kernel. By generating and compiling the code, the program is reduced to the minimally required feature set and then heavily optimised by the compiler as parameters become plain variables. The upcoming addition of the Express Data Plane (XDP) to the kernel will make this approach even more efficient as the programs will get invoked directly from the network driver.
OVS and DPDK - T.F. Herbert, K. Traynor, M. Grayharryvanhaaren
The document discusses DPDK and software dataplane acceleration for Open vSwitch. It provides an overview of the OVS architecture and its evolution to integrate with DPDK. It shares one user's experience of initial challenges in using DPDK/OVS and improvements over time. Suggestions are made to improve areas like debugging, testing, documentation and training to enhance the usability of DPDK/OVS. Performance tuning techniques like using multiple threads are also briefly covered.
The Gnocchi Experiment document summarizes the evolution of Ceilometer and the development of Gnocchi as a new time series storage service. Key points include:
Ceilometer started in 2012 to collect OpenStack metrics but became too complex trying to do everything. It was split into separate projects - Ceilometer for data gathering, Gnocchi for time series storage, Aodh for alarming, and Panko for events.
Gnocchi stores pre-aggregated metrics in time series with configurable archive policies to reduce data volume. It provides low-cost storage and fast retrieval of metrics compared to Ceilometer's legacy storage. The separation of services allows each to focus on their specific functionality.
SOSCON 2019.10.17
What are the methods for packet processing on Linux? And how fast are each packet processing methods? In this presentation, we will learn how to handle packets on Linux (User space, socket filter, netfilter, tc), and compare performance with analysis of where each packet processing is done in the network stack (hook point). Also, we will discuss packet processing using XDP, an in-kernel fast-path recently added to the Linux kernel. eXpress Data Path (XDP) is a high-performance programmable network data-path within the Linux kernel. The XDP is located at the lowest level of access through SW in the network stack, the point at which driver receives the packet. By using the eBPF infrastructure at this hook point, the network stack can be expanded without modifying the kernel.
Daniel T. Lee (Hoyeon Lee)
@danieltimlee
Daniel T. Lee currently works as Software Engineer at Kosslab and contributing to Linux kernel BPF project. He has interest in cloud, Linux networking, and tracing technologies, and likes to analyze the kernel's internal using BPF technology.
This document provides an agenda and overview for a hands-on lab on using DPDK in containers. It introduces Linux containers and how they use fewer system resources than VMs. It discusses how containers still use the kernel network stack, which is not ideal for SDN/NFV usages, and how DPDK can be used in containers to address this. The hands-on lab section guides users through building DPDK and Open vSwitch, configuring them to work with containers, and running packet generation and forwarding using testpmd and pktgen Docker containers connected via Open vSwitch.
- The document discusses Linux network stack monitoring and configuration. It begins with definitions of key concepts like RSS, RPS, RFS, LRO, GRO, DCA, XDP and BPF.
- It then provides an overview of how the network stack works from the hardware interrupts and driver level up through routing, TCP/IP and to the socket level.
- Monitoring tools like ethtool, ftrace and /proc/interrupts are described for viewing hardware statistics, software stack traces and interrupt information.
Performance Wins with BPF: Getting StartedBrendan Gregg
Keynote by Brendan Gregg for the eBPF summit, 2020. How to get started finding performance wins using the BPF (eBPF) technology. This short talk covers the quickest and easiest way to find performance wins using BPF observability tools on Linux.
Video: http://joyent.com/blog/linux-performance-analysis-and-tools-brendan-gregg-s-talk-at-scale-11x ; This talk for SCaLE11x covers system performance analysis methodologies and the Linux tools to support them, so that you can get the most out of your systems and solve performance issues quickly. This includes a wide variety of tools, including basics like top(1), advanced tools like perf, and new tools like the DTrace for Linux prototypes.
Linux Traffic Control allows administrators to control network traffic through mechanisms like shaping, scheduling, classifying, policing, dropping and marking. It uses components like queuing disciplines (qdiscs), classes, filters, and actions. The tc command can be used to configure these components by adding, changing or deleting traffic control settings on network interfaces.
This document provides an overview of Vector Packet Processing (VPP), an open source packet processing platform developed as part of the FD.io project. VPP is based on DPDK for high performance packet processing in userspace. It includes a full networking stack and can perform L2/L3 forwarding and routing at speeds of over 14 million packets per second on a single core. VPP processing is divided into individual nodes connected by a graph. Packets are passed between nodes as vectors to support batch processing. VPP supports both single and multicore modes using different threading models. It can be used to implement routers, switches, and other network functions and topologies.
FOSDEM15 SDN developer room talk
DPDK performance
How to not just do a demo with DPDK
The Intel DPDK provides a platform for building high performance Network Function Virtualization applications. But it is hard to get high performance unless certain design tradeoffs are made. This talk focuses on the lessons learned in creating the Brocade vRouter using DPDK. It covers some of the architecture, locking and low level issues that all have to be dealt with to achieve 80 Million packets per second forwarding.
BPF (Berkeley Packet Filter) allows for safe dynamic program injection into the Linux kernel. It provides an in-kernel virtual machine and instruction set for running custom programs. The BPF infrastructure includes a verifier that checks programs for safety, helper functions to access kernel APIs, and maps for inter-process communication. BPF has become a core kernel subsystem and is used for applications like XDP, tracing, networking, and more.
LinuxCon 2015 Linux Kernel Networking WalkthroughThomas Graf
This presentation features a walk through the Linux kernel networking stack for users and developers. It will cover insights into both, existing essential networking features and recent developments and will show how to use them properly. Our starting point is the network card driver as it feeds a packet into the stack. We will follow the packet as it traverses through various subsystems such as packet filtering, routing, protocol stacks, and the socket layer. We will pause here and there to look into concepts such as networking namespaces, segmentation offloading, TCP small queues, and low latency polling and will discuss how to configure them.
This document discusses how VXLAN works on Linux in 3 parts: (1) it explains the basic mechanism of VXLAN including packet encapsulation and ARP resolution, (2) it describes how OpenStack Neutron implements VXLAN using the OVS plugin and ML2 l2population driver, and (3) it discusses the Flannel implementation of VTEP using Linux kernel extensions and an etcd key-value store.
This document provides an overview of TCPDUMP including:
- Introducing TCPDUMP as a command line network packet analyzer that comes pre-installed on Unix systems.
- Explaining how to decipher data packets captured by TCPDUMP.
- Detailing basic and intermediate TCPDUMP command line options and usage including filtering, reading from and writing to files.
- Outlining steps for network hacking techniques like footprinting, scanning, and DDoS attacks.
USENIX LISA2021 talk by Brendan Gregg (https://www.youtube.com/watch?v=_5Z2AU7QTH4). This talk is a deep dive that describes how BPF (eBPF) works internally on Linux, and dissects some modern performance observability tools. Details covered include the kernel BPF implementation: the verifier, JIT compilation, and the BPF execution environment; the BPF instruction set; different event sources; and how BPF is used by user space, using bpftrace programs as an example. This includes showing how bpftrace is compiled to LLVM IR and then BPF bytecode, and how per-event data and aggregated map data are fetched from the kernel.
The Linux kernel is undergoing the most fundamental architecture evolution in history and is becoming a microkernel. Why is the Linux kernel evolving into a microkernel? The potentially biggest fundamental change ever happening to the Linux kernel. This talk covers how companies like Facebook and Google use BPF to patch 0-day exploits, how BPF will change the way features are added to the kernel forever, and how BPF is introducing a new type of application deployment method for the Linux kernel.
Introduce the basic concept of Open vSwitch. In this slide, we talked about how Linux kernel and networking stack worked together to forward and process the network packet and also compare those Linux networking stack functionality with Open vSwitch and Openflow.
At the end of this slide, we talk about the challenge to integrate the Open vSwitch with Kubernetes, what kind of the networking function we need to resolve and what is the benefit we can get from the Open Vswitch.
The document provides an introduction to Linux and device drivers. It discusses Linux directory structure, kernel components, kernel modules, character drivers, and registering drivers. Key topics include dynamically loading modules, major and minor numbers, private data, and communicating with hardware via I/O ports and memory mapping.
This document discusses how eBPF (extended Berkeley Packet Filter) can be used for kernel tracing. It provides an overview of BPF and eBPF, how eBPF programs are compiled and run in the kernel, the use of BPF maps, and how eBPF enables new possibilities for dynamic kernel instrumentation through techniques like Kprobes and ftrace.
This document discusses tracing in the Linux kernel. It describes various tracing mechanisms like ftrace, tracepoints, kprobes, perf, and eBPF. Ftrace allows tracing functions via compiler instrumentation or dynamically. Tracepoints define custom trace events that can be inserted at specific points. Kprobes and related probes like jprobes allow tracing kernel functions. Perf provides performance monitoring capabilities. eBPF enables custom tracing programs to be run efficiently in the kernel via just-in-time compilation. Tracing tools like perf, systemtap, and LTTng provide user interfaces.
Cilium - Fast IPv6 Container Networking with BPF and XDPThomas Graf
We present a new open source project which provides IPv6 networking for Linux Containers by generating programs for each individual container on the fly and then runs them as JITed BPF code in the kernel. By generating and compiling the code, the program is reduced to the minimally required feature set and then heavily optimised by the compiler as parameters become plain variables. The upcoming addition of the Express Data Plane (XDP) to the kernel will make this approach even more efficient as the programs will get invoked directly from the network driver.
OVS and DPDK - T.F. Herbert, K. Traynor, M. Grayharryvanhaaren
The document discusses DPDK and software dataplane acceleration for Open vSwitch. It provides an overview of the OVS architecture and its evolution to integrate with DPDK. It shares one user's experience of initial challenges in using DPDK/OVS and improvements over time. Suggestions are made to improve areas like debugging, testing, documentation and training to enhance the usability of DPDK/OVS. Performance tuning techniques like using multiple threads are also briefly covered.
The Gnocchi Experiment document summarizes the evolution of Ceilometer and the development of Gnocchi as a new time series storage service. Key points include:
Ceilometer started in 2012 to collect OpenStack metrics but became too complex trying to do everything. It was split into separate projects - Ceilometer for data gathering, Gnocchi for time series storage, Aodh for alarming, and Panko for events.
Gnocchi stores pre-aggregated metrics in time series with configurable archive policies to reduce data volume. It provides low-cost storage and fast retrieval of metrics compared to Ceilometer's legacy storage. The separation of services allows each to focus on their specific functionality.
The document summarizes optimisation opportunities and testing results for Gnocchi v3 compared to v2. It discusses improvements to coordination and scheduling to minimize contention, performance improvements for large datasets, a new storage format to reduce operations and disk size, and benchmark results showing processing time reductions of up to 23% and write throughput increases.
Gnocchi stores aggregated metrics data in a time series format, compressing it to reduce storage needs compared to Ceilometer. It requires defining archive policies to specify the resolution at which metrics are captured and aggregated. While Ceilometer shows individual datapoints, Gnocchi shows pre-aggregated statistics and metadata for resources.
This document analyzes the performance of OpenVSwitch (OVS) using various tools. Key findings include:
- DPDK-based OVS achieves 9.9 Gbps throughput for a single flow on one core, far surpassing standard and Linux bridge OVS.
- Latency is lowest for direct NIC-NIC communication and increases for OVS and VM-based setups.
- The OVS kernel flow cache supports up to 200,000 flows but throughput degrades by 5% at 2,048 flows due to misses.
- Removing IPTables modules improves VM-OVS-VM throughput by up to 15%, and enabling VXLAN offload provides an additional 25
DPDK is a set of drivers and libraries that allow applications to bypass the Linux kernel and access network interface cards directly for very high performance packet processing. It is commonly used for software routers, switches, and other network applications. DPDK can achieve over 11 times higher packet forwarding rates than applications using the Linux kernel network stack alone. While it provides best-in-class performance, DPDK also has disadvantages like reduced security and isolation from standard Linux services.
Devconf2017 - Can VMs networking benefit from DPDKMaxime Coquelin
DPDK brings high-performance/low-latency virtualization networking capabilities thanks to its Vhost/Virtio support. The session will first introduce DPDK and its Vhost/Virtio implementations, exposing to the audience examples of possible uses, and challenges that need to be addressed to achieve high-performance, functionality and reliability. Then, Vhost/Virtio improvements introduced in last DPDK release will be covered, such as receive path optimizations, Virtio's indirect descriptors support, or transmit zero copy to name a few. The speakers will explain which problems they aim to address, how they address them, mentioning their limitations.
Finally, the speakers, who are active DPDK's Virtio/Vhost contributors, will expose what new developments are in the pipe to tackle the remaining challenges.
The session will be presented so that DPDK developers and users find useful information on current developments and status. People not familiar with DPDK may find a overview, get and share ideas with other projects.
Gnocchi aims to solve problems with Ceilometer's heavyweight storage model by using a lighter-weight time-series model without metadata. Key approaches include eagerly pre-aggregating metric data according to per-metric retention policies rather than global policies. Gnocchi separates storage for resources and time-series data and uses a pluggable driver model that can leverage existing time-series databases. This allows it to support use cases like cross-metric aggregation for alarming while addressing Ceilometer's adoption issues related to storage footprint and query performance.
This presentation covers the basics about OpenvSwitch and its components. OpenvSwitch is a Open Source implementation of OpenFlow by the Nicira team.
It also also talks about OpenvSwitch and its role in OpenStack Networking
The document discusses exploiting a buffer overflow vulnerability in Internet Explorer's VML implementation (MS06-055) to execute arbitrary code. It describes overwriting the structured exception handler to gain control of the instruction pointer, using heap spraying to load a buffer in memory, and having the instruction pointer jump to the buffer to execute shellcode and spawn a command shell. Metasploit is introduced as an open-source framework for developing exploits.
This document provides an overview of the Linux kernel, including its history, structure, build process, installation, updating, and customization. It discusses getting the kernel source code, configuring and building the kernel, installing modules and the kernel, applying updates via patches, and determining the correct driver for PCI devices by matching the vendor and device IDs. The key steps are to find the PCI IDs, search for the IDs in kernel headers to identify the driver, search the kernel makefiles and configuration to enable that driver for compilation.
This document provides an overview of a presentation on Linux networking. The agenda includes topics like ARP, interface manipulation, network troubleshooting, routing, network bonding, network namespaces, kernel network parameters, and interview questions. It notes that the presentation will demonstrate over 30 commands related to networking and that there are often multiple ways to solve exercises. It encourages asking questions to aid learning.
General Purpose Computing using Graphics HardwareDaniel Blezek
This document summarizes general purpose computing using graphics hardware. It discusses how graphics processing units (GPUs) are massively parallel processors that are well-suited for computational problems. GPUs provide much higher floating point performance than CPUs for cheaper due to their large number of cores with shared instruction units that can hide memory access latency. The document provides examples of biomedical applications that have been accelerated using GPUs, and gives an overview of GPU architecture and programming.
Embedded Recipes 2019 - Introduction to JTAG debuggingAnne Nicolas
This talk introduces JTAG debugging capabilities, both for debugging hardware and software. Marek first explains what the JTAG stands for and explains the operation of the JTAG state machine. This is followed by an introduction to free software JTAG tools, OpenOCD and urJTAG. Marek shortly explains how to debug software using those tools and how that ties into the JTAG state machine. However, JTAG was designed for testing hardware. Marek explains what boundary scan testing (BST) is, what are BSDL files and their format, and practically demonstrates how to blink an LED using BST and only free software tools.
Marek Vasut
This presentation introduces Data Plane Development Kit overview and basics. It is a part of a Network Programming Series.
First, the presentation focuses on the network performance challenges on the modern systems by comparing modern CPUs with modern 10 Gbps ethernet links. Then it touches memory hierarchy and kernel bottlenecks.
The following part explains the main DPDK techniques, like polling, bursts, hugepages and multicore processing.
DPDK overview explains how is the DPDK application is being initialized and run, touches lockless queues (rte_ring), memory pools (rte_mempool), memory buffers (rte_mbuf), hashes (rte_hash), cuckoo hashing, longest prefix match library (rte_lpm), poll mode drivers (PMDs) and kernel NIC interface (KNI).
At the end, there are few DPDK performance tips.
Tags: access time, burst, cache, dpdk, driver, ethernet, hub, hugepage, ip, kernel, lcore, linux, memory, pmd, polling, rss, softswitch, switch, userspace, xeon
The document discusses various techniques for debugging Linux kernel modules and device drivers, including:
1) Using printk statements to output debugging messages from within the kernel.
2) Examining the interaction between kernel and userspace using strace to see system calls.
3) Adding entries to /proc filesystem for additional output.
4) Enabling kernel debugging with kgdb or hardware debuggers.
5) Common error types like kernel panics and oops messages that indicate issues.
Troubleshooting Linux Kernel Modules And Device DriversSatpal Parmar
The document discusses various techniques for debugging Linux kernel modules and device drivers, including:
1) Using printk statements to output debug messages from kernel space.
2) Watching system calls with strace to debug interactions between user and kernel space.
3) Adding /proc file system entries and write functions to dynamically modify driver values at runtime.
4) Enabling source-level debugging with tools like kgdb to debug at the level of C source code.
This document discusses SCAN, VIP, and HAIP in Oracle RAC environments. It provides details on:
- VIP - a virtual IP address that is not statically linked to a single node, allowing for faster failovers. Each node has a VIP.
- SCAN - a single virtual IP and listener that provides load balancing and high availability. SCAN acts as an abstraction layer so client connect strings do not need to change.
- HAIP - high availability IP addresses that allow clusterware and the database to use plumbed IP addresses for private interconnect traffic via solutions like bonding and trunking.
A quick tutorial on what debuggers are and how to use them. We present a debugging example using GDB. At the end of this tutorial, you will be able to work your way through a crash and analyze the cause of the error responsible for the crash.
This document discusses simulating a CPU using Python. It describes the Epiphany manycore chip architecture, which has 16-64 simple cores that each have 32kB of RAM. The Revelation simulator of the Epiphany was written in RPython (statically typed Python) and has around 1,000 lines of code. It uses the Pydgin framework to generate instruction set simulators from simple architecture descriptions. The document outlines how to test the simulator by writing unit tests against individual instructions and integration tests against compiled ELF files, and compares traces with an existing reference simulator to check for differences.
This document provides an overview of common Linux networking commands such as ifconfig, route, traceroute, nslookup, arp, dig, and netstat that are used to configure network interfaces, display routing tables, trace network routes, lookup domain names, manage address resolution, query DNS servers, and view network statistics. It also discusses how to use ifconfig to assign IP addresses to interfaces, route to view routing tables, arp to manage the address resolution cache, and dig for more powerful DNS lookups than nslookup.
Nadav Markus goes over the path from a simple crash POC provided by Google Project Zero (for CVE-2015-7547), to a fully weaponized exploit.
He explores how an attacker can utilize the behavior of the Linux kernel in order to bypass ASLR, allowing an attacker to remotely execute code on vulnerable targets.
You may have hoped to retire before IPv6 became a reality, but unfortunately the IPv4 address exhaustion came too fast. For the rest of us, we’re going to bite off a small piece of the 15-year old IPv6 pie and talk about how to get started!
• Address format refresher
• IPv4 and IPv6 protocol comparison
• IPv6 neighbor discovery and auto-configuration
• Current migration and coexistence strategies
• ICMPv6, DHCPv6, and DNSv6
• How to get started at home
The document describes the Device Tree format used on ARM systems to describe hardware configurations to the Linux kernel. It defines the Device Tree in files with a .dts extension that are compiled to a binary .dtb blob. The Tree defines hardware using a tree of nodes and properties. It allows the kernel to be hardware-agnostic by obtaining configuration from the Device Tree rather than being compiled with board-specific code.
You have one of those fruity *Pi arm boards and cheep sensor from China? Some buttons and LEDs? Do I really need to learn whole new scripting language and few web technologies to read my temperature, blink a led or toggle a relay? No, because your Linux kernel already has drivers for them and all you need is device tree and cat.
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
The Microsoft 365 Migration Tutorial For Beginner.pptxoperationspcvita
This presentation will help you understand the power of Microsoft 365. However, we have mentioned every productivity app included in Office 365. Additionally, we have suggested the migration situation related to Office 365 and how we can help you.
You can also read: https://www.systoolsgroup.com/updates/office-365-tenant-to-tenant-migration-step-by-step-complete-guide/
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
Connector Corner: Seamlessly power UiPath Apps, GenAI with prebuilt connectorsDianaGray10
Join us to learn how UiPath Apps can directly and easily interact with prebuilt connectors via Integration Service--including Salesforce, ServiceNow, Open GenAI, and more.
The best part is you can achieve this without building a custom workflow! Say goodbye to the hassle of using separate automations to call APIs. By seamlessly integrating within App Studio, you can now easily streamline your workflow, while gaining direct access to our Connector Catalog of popular applications.
We’ll discuss and demo the benefits of UiPath Apps and connectors including:
Creating a compelling user experience for any software, without the limitations of APIs.
Accelerating the app creation process, saving time and effort
Enjoying high-performance CRUD (create, read, update, delete) operations, for
seamless data management.
Speakers:
Russell Alfeche, Technology Leader, RPA at qBotic and UiPath MVP
Charlie Greenberg, host
What is an RPA CoE? Session 1 – CoE VisionDianaGray10
In the first session, we will review the organization's vision and how this has an impact on the COE Structure.
Topics covered:
• The role of a steering committee
• How do the organization’s priorities determine CoE Structure?
Speaker:
Chris Bolin, Senior Intelligent Automation Architect Anika Systems
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
The n00bs guide to ovs dpdk
1. The n00bs' guide to
DPDK and OVS-DPDK
Mark Gray (mark.d.gray@intel.com)
Intel
2. Disclaimers
This presentation is targeted
towards beginners who have never
used DPDK or OVS-DPDK.
Text may be small if you are at the
back, please feel free to move to
the front! Or go to
http://goo.gl/21ixdy
Methodology is correct at this
time but things change quickly!
If you want to try this then
check the versions!
6. /fosdem # cd dpdk/
/fosdem/dpdk # git checkout v2.0.0
Note: checking out 'v2.0.0'.
You are in 'detached HEAD' state. You can look around,
make experimental
changes and commit them, and you can discard any commits
you make in this
state without impacting any branches by performing another
checkout.
If you want to create a new branch to retain commits you
create, you may
do so (now or later) by using -b with the checkout command
again. Example:
git checkout -b new_branch_name
HEAD is now at 493db80... version: 2.0.0
/fosdem/dpdk #
12. /fosdem/dpdk # export RTE_SDK=`pwd`
/fosdem/dpdk # export RTE_TARGET=x86_64-native-linuxapp-g
cc
/fosdem/dpdk # cd app/test-pmd/
/fosdem/dpdk/app/test-pmd # make
CC testpmd.o
CC parameters.o
CC cmdline.o
<SNIP>
23. /fosdem/dpdk/app/test-pmd # ./testpmd -c 0xF -n 4 -- -i --
forward-mode=io --portmask=0x3 --nb-cores=2
EAL: Detected lcore 0 as core 0 on socket 0
EAL: Detected lcore 1 as core 1 on socket 0
EAL: Detected lcore 2 as core 2 on socket 0
EAL: Detected lcore 3 as core 3 on socket 0
EAL: Detected lcore 4 as core 4 on socket 0
EAL: Detected lcore 5 as core 8 on socket 0
EAL: Detected lcore 6 as core 9 on socket 0
<SNIP>
EAL: Detected lcore 13 as core 3 on socket 1
EAL: Detected lcore 14 as core 4 on socket 1
EAL: Detected lcore 15 as core 8 on socket 1
EAL: Detected lcore 16 as core 9 on socket 1
EAL: Detected lcore 17 as core 10 on socket 1
EAL: Detected lcore 18 as core 11 on socket 1
EAL: Detected lcore 19 as core 12 on socket 1
EAL: Support maximum 128 logical core(s) by configuration.
EAL: Detected 20 lcore(s)
24. <SNIP>
EAL: Setting up memory...
EAL: Ask a virtual area of 0x200000 bytes
EAL: Virtual area found at 0x7f62e8000000 (size =
0x200000)
EAL: Ask a virtual area of 0x5400000 bytes
EAL: Virtual area found at 0x7f62e2a00000 (size =
0x5400000)
EAL: Ask a virtual area of 0x800000 bytes
EAL: Virtual area found at 0x7f62e2000000 (size =
<SNIP>
EAL: PCI device 0000:05:00.0 on NUMA socket 0
EAL: probe driver: 8086:10fb rte_ixgbe_pmd
EAL: Not managed by a supported kernel driver, skipped
<SNIP>
EAL: PCI device 0000:81:00.0 on NUMA socket 1
EAL: probe driver: 8086:1572 rte_i40e_pmd
EAL: PCI memory mapped at 0x7f6261df0000
25. <SNIP>
EAL: Setting up memory...
EAL: Ask a virtual area of 0x200000 bytes
EAL: Virtual area found at 0x7f62e8000000 (size =
0x200000)
EAL: Ask a virtual area of 0x5400000 bytes
EAL: Virtual area found at 0x7f62e2a00000 (size =
0x5400000)
EAL: Ask a virtual area of 0x800000 bytes
EAL: Virtual area found at 0x7f62e2000000 (size =
<SNIP>
EAL: PCI device 0000:05:00.0 on NUMA socket 0
EAL: probe driver: 8086:10fb rte_ixgbe_pmd
EAL: Not managed by a supported kernel driver, skipped
<SNIP>
EAL: PCI device 0000:81:00.0 on NUMA socket 1
EAL: probe driver: 8086:1572 rte_i40e_pmd
EAL: PCI memory mapped at 0x7f6261df0000
26. <SNIP>
EAL: Setting up memory...
EAL: Ask a virtual area of 0x200000 bytes
EAL: Virtual area found at 0x7f62e8000000 (size =
0x200000)
EAL: Ask a virtual area of 0x5400000 bytes
EAL: Virtual area found at 0x7f62e2a00000 (size =
0x5400000)
EAL: Ask a virtual area of 0x800000 bytes
EAL: Virtual area found at 0x7f62e2000000 (size =
<SNIP>
EAL: PCI device 0000:05:00.0 on NUMA socket 0
EAL: probe driver: 8086:10fb rte_ixgbe_pmd
EAL: Not managed by a supported kernel driver, skipped
<SNIP>
EAL: PCI device 0000:81:00.0 on NUMA socket 1
EAL: probe driver: 8086:1572 rte_i40e_pmd
EAL: PCI memory mapped at 0x7f6261df0000
27. <SNIP>
Port 1: 00:00:00:00:01:01
Checking link statuses...
Port 0 Link Up - speed 10000 Mbps - full-duplex
Port 1 Link Up - speed 10000 Mbps - full-duplex
Done
testpmd>
28. <SNIP>
Port 1: 00:00:00:00:01:01
Checking link statuses...
Port 0 Link Up - speed 10000 Mbps - full-duplex
Port 1 Link Up - speed 10000 Mbps - full-duplex
Done
testpmd> help
Help is available for the following sections:
help control : Start and stop forwarding.
help display : Displaying port, stats and config
information.
help config : Configuration information.
help ports : Configuring ports.
help registers : Reading and setting port registers.
help filters : Filters configuration help.
help all : All of the above sections.
29. testpmd> help control
Control forwarding:
-------------------
start
Start packet forwarding with current configuration.
start tx_first
Start packet forwarding with current config after
sending one burst of packets.
stop
Stop packet forwarding, and display accumulated
statistics.
quit
Quit to prompt.
40. /fosdem/ovs # ./configure --with-dpdk=$DPDK_BUILD
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking how to create a pax tar archive... gnutar
checking for style of include used by make... GNU
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether gcc accepts -g... yes
checking for gcc option to accept ISO C89... none needed
checking whether gcc understands -c and -o together.
<SNIP>
48. /fosdem/ovs # /usr/local/sbin/ovs-vswitchd --dpdk -c 0x1 -n 4
--socket-mem 1024,0 -- unix:/usr/local/var/run/openvswitch/db
.sock --log-file=/tmp/vswitchd.log --pidfile --detach
2016-01-25T10:24:14Z|00001|dpdk|INFO|No -vhost_sock_dir provided
/usr/local/var/run/openvswitch
EAL: Detected lcore 0 as core 0 on socket 0
EAL: Detected lcore 1 as core 1 on socket 0
EAL: Detected lcore 2 as core 2 on socket 0
<SNIP>
EAL: Support maximum 128 logical core(s) by configuration.
EAL: Detected 20 lcore(s)
<SNIP>
49. EAL: Setting up memory...
EAL: Ask a virtual area of 0x200000 bytes
EAL: Virtual area found at 0x7f89cba00000 (size = 0x200000)
EAL: Ask a virtual area of 0x2e000000 bytes
EAL: Virtual area found at 0x7f899d800000 (size = 0x2e000000)
EAL: Ask a virtual area of 0x200000 bytes
EAL: Virtual area found at 0x7f899d400000 (size = 0x200000)
EAL: Ask a virtual area of 0x200000 bytes
EAL: Virtual area found at 0x7f899d000000 (size = 0x200000)
EAL: Ask a virtual area of 0x1cfc00000 bytes
EAL: Virtual area found at 0x7f87cd200000 (size = 0x1cfc00000)
EAL: Ask a virtual area of 0x600000 bytes
EAL: Virtual area found at 0x7f87cca00000 (size = 0x600000)
EAL: Ask a virtual area of 0x1000000 bytes
EAL: Virtual area found at 0x7f87cb800000 (size = 0x1000000)
EAL: Ask a virtual area of 0x200000 bytes
EAL: Virtual area found at 0x7f87cb400000 (size = 0x200000)
EAL: Ask a virtual area of 0x400000 bytes
EAL: Virtual area found at 0x7f87cae00000 (size = 0x400000)
EAL: Ask a virtual area of 0x400000 bytes
EAL: Virtual area found at 0x7f87ca800000 (size = 0x400000)
EAL: Ask a virtual area of 0x200000 bytes
EAL: Virtual area found at 0x7f87ca400000 (size = 0x200000)
50. <SNIP>
EAL: PCI device 0000:05:00.0 on NUMA socket 0
EAL: probe driver: 8086:10fb rte_ixgbe_pmd
EAL: PCI memory mapped at 0x7f89cbc00000
EAL: PCI memory mapped at 0x7f89cbc80000
PMD: eth_ixgbe_dev_init(): MAC: 2, PHY: 17, SFP+: 5
PMD: eth_ixgbe_dev_init(): port 0 vendorID=0x8086 deviceID=0x10fb
EAL: PCI device 0000:05:00.1 on NUMA socket 0
EAL: probe driver: 8086:10fb rte_ixgbe_pmd
EAL: PCI memory mapped at 0x7f89cbc84000
EAL: PCI memory mapped at 0x7f89cbd04000
PMD: eth_ixgbe_dev_init(): MAC: 2, PHY: 17, SFP+: 6
PMD: eth_ixgbe_dev_init(): port 1 vendorID=0x8086 deviceID=0x10fb
EAL: PCI device 0000:07:00.0 on NUMA socket 0
EAL: probe driver: 8086:1572 rte_i40e_pmd
EAL: Not managed by a supported kernel driver, skipped
<SNIP>
Zone 3: name:<rte_eth_dev_data>, phys:0x87802080, len:0x1f400, vi
socket_id:0, flags:0
2016-01-25T10:24:22Z|00002|vlog|INFO|opened log file /tmp/vswitch
2016-01-25T10:24:22Z|00003|ovs_numa|INFO|Discovered 10 CPU cores
60. lzo support no
snappy support no
bzip2 support no
NUMA host support no
/fosdem/qemu-2.3.1 #
/fosdem/qemu-2.3.1 #
/fosdem/qemu-2.3.1 # make
GEN x86_64-softmmu/config-devices.mak.tmp
GEN x86_64-softmmu/config-devices.mak
GEN config-all-devices.mak
GEN config-host.h
(cd /fosdem/qemu-2.3.1/pixman; autoreconf -v --install)
autoreconf: Entering directory `.'
autoreconf: configure.ac: not using Gettext
autoreconf: running: aclocal
autoreconf: configure.ac: tracing
autoreconf: running: libtoolize --copy
libtoolize: putting auxiliary files in `.'.
libtoolize: copying file `./ltmain.sh‘
<SNIP>
61. CPP optionrom/linuxboot.asm
AS optionrom/linuxboot.o
Building optionrom/linuxboot.img
Building optionrom/linuxboot.raw
Signing optionrom/linuxboot.bin
CPP optionrom/kvmvapic.asm
AS optionrom/kvmvapic.o
Building optionrom/kvmvapic.img
Building optionrom/kvmvapic.raw
Signing optionrom/kvmvapic.bin
/fosdem/qemu-2.3.1 #
/fosdem/qemu-2.3.1 # make install
make all-recursive
Making all in pixman
make[3]: Nothing to be done for `all'.
Making all in demos
make[3]: Nothing to be done for `all'.
Making all in test
make[3]: Nothing to be done for `all'.
LEX convert-dtsv0-lexer.lex.c
make[1]: flex: Command not found
BISON dtc-parser.tab.c
make[1]: bison: Command not found
88. /fosdem # tail -n 20 /tmp/vswitchd.log
2016-01-25T17:08:42.519Z|00353|dpdk(vhost_thread2)|INFO|vHost Dev
'/usr/local/var/run/openvswitch/vhost-user-1' (1) has been remove
2016-01-25T17:08:42.588Z|00354|dpdk(vhost_thread2)|INFO|vHost Dev
'/usr/local/var/run/openvswitch/vhost-user-0' (0) has been added
2016-01-25T17:08:42.588Z|00355|dpdk(vhost_thread2)|INFO|vHost Dev
'/usr/local/var/run/openvswitch/vhost-user-1' (1) has been added
2016-01-25T17:09:29.370Z|00356|timeval(vhost_thread2)|WARN|Unreas
interval (1ms user, 0ms system)
2016-01-25T17:09:29.370Z|00357|timeval(vhost_thread2)|WARN|faults
2016-01-25T17:09:29.370Z|00358|timeval(vhost_thread2)|WARN|contex
0 involuntary
2016-01-25T17:09:29.370Z|00359|coverage(vhost_thread2)|INFO|Skipp
event coverage for hash=072331f0
2016-01-25T17:09:29.371Z|00360|dpdk(vhost_thread2)|INFO|vHost Dev
'/usr/local/var/run/openvswitch/vhost-user-0' (0) has been remove
2016-01-25T17:09:29.372Z|00361|dpdk(vhost_thread2)|INFO|vHost Dev
'/usr/local/var/run/openvswitch/vhost-user-1' (1) has been remove
2016-01-25T17:09:29.441Z|00362|dpdk(vhost_thread2)|INFO|vHost Dev
'/usr/local/var/run/openvswitch/vhost-user-0' (0) has been added
2016-01-25T17:09:29.442Z|00363|dpdk(vhost_thread2)|INFO|vHost Dev
'/usr/local/var/run/openvswitch/vhost-user-1' (1) has been added
2016-01-25T17:11:09.739Z|00071|connmgr|INFO|br0<->unix: 1 flow_mo
Editor's Notes
DPDK tags releases on its ‘master’ branch
DPDK is a set of libraries to enable fast packet processing. The libraries can be built for a number of targets (specified by the T argument). In this example, we are building for x86_64 on Linux with gcc. However, there are a number of supported architectures (e.g. power pc, arm, etc), compilers (e.g. clang, icc, etc) and operating systems (e.g. FreeBSD).
When a target is built, DPDK creates a directory with the target name and places the libraries and header files in this directory. It also creates a .config file. This can be modified in order to change how the library is built. For example, you can add more debug output.
In order to build OVS against DPDK, the .config file should be modified by setting CONFIG_RTE_BUILD_COMBINE_LIBS to ‘y’. When this is set, DPDK will be built as a single library (libdpdk.a) rather than as many constituent libraries
The library needs to be rebuilt after changing the config
As DPDK runs entirely in userspace, it bypasses the kernel. Therefore, in order to use a network device, a userspace driver needs to be developed (poll mode driver).
Vfio and UIO are two frameworks that allow a user to use a userspace device driver.
The VFIO driver is an IOMMU/device agnostic framework for exposing direct device access to userspace, in a secure, IOMMU protected environment. In other words, this allows safe, non-privileged, userspace drivers.
sudo ./tools/dpdk_nic_bind.py --b vfio-pci 0000:81:00.0 0000:81:00.1
Any NICs that are to be used by DPDK must be bound to a “DPDK-compatible driver”.
When using virtual memory all virtual addresses need to be translated into physical addresses. These translations are expensive, therefore, the TLB caches these look ups. A miss in the TLB is very costly. All DPDK memory is backed by hugepages which requires less address transalations. This is done to minimize costly TLB misses.
This a typical command line for a DPDK application. It has two sections separated by ‘—’. The first section is made up of DPDK-specific parameters used to configure the DPDK environment (the EAL). The second section is made up of application-specific parameters.
This a typical command line for a DPDK application. It has two sections separated by ‘—’. The first section is made up of DPDK-specific parameters used to configure the DPDK environment (the EAL). The second section is made up of application-specific parameters.
Everything that I am presenting can be done automatically using software such as openstack and odl but for the purpose of this presentation, I will set everything up from scratch
OVS is configured using a database. Before we starting using OVS we need to start the database service. This step is the same for both the DPDK and non-DPDK datapath.
Creating a vhost-user port creates a socket on the host system. One side of the socket is owned by OVS and the other by the virtual machines. This socket is used for signalling and configuration. Data traffic is actually transmitted over a ring whose memory located in the VMs RAM.