udp encapsulation in linux netdev0 1 conference february
play

UDP Encapsulation in Linux netdev0.1 Conference February 16, 2015 - PowerPoint PPT Presentation

Aug 30, 2022 •152 likes •597 views

UDP Encapsulation in Linux netdev0.1 Conference February 16, 2015 Tom Herbert <therbert@google.com> Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada Topics UDP encapsulation Common offloads Foo over UDP (FOU)

  1. UDP Encapsulation in Linux netdev0.1 Conference February 16, 2015 Tom Herbert <therbert@google.com> Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  2. Topics ● UDP encapsulation ● Common offloads ● Foo over UDP (FOU) ● Generic UDP Encapsulation (GUE) Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  3. Basic idea of UDP encap ● Put network packets into UDP payload ● Two general methods ○ No encapsulation header: protocol of packet is inferred from port number ○ Encapsulation header: extra header between UDP header and packet. Protocol and other data can be there. For example: Data IP TCP Data UDP GUE IP TCP Data Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada ETH IP UDP GUE IP TCP Data

  4. VM encap example Application Application 1 1 2 2 Guest kernel Guest kernel Encapsulation Decapsulation Host kernel Host kernel Encapsulator Decapsulator 3 3 IP IP 4 4 NIC driver NIC driver 4 Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  5. UDP encap popularity ● UDP works with existing HW infrastructure ○ RSS in NICs, ECMP in switches ○ Checksum offload ● Used in nearly all encap, NV data protocols ○ VXLAN, LISP, MPLS, GUE, Geneve, NSH, L2TP ● Likelihood UDP based encapsulation becomes ubiquitous ○ In time most packets in DC could be UDP! Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  6. Offloads ● Load balancing ● Checksum offload ● Segmentation offload Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  7. Load balancing ● For ECMP, RSS, LAG port selection ● Probably all switches can 5-tuple over UDP/IP packets ● Solution: use source port to represent hash of inner flow ○ ~14 bits of entropy ○ udp_src_flow_port function Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  8. TX Checksum offload ● NETIF_HW_CSUM ○ Initialize checksum to pseudo header csum ○ Input to device start and offset ○ HW checksums from start to end of packet and writes result at offset ● NETIF_IP_CSUM ○ HW can only checksum with certain protocol hdrs ○ Typically UDP/IP and TCP/IP ○ HW handle pseudo hdr csum also Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  9. RX Checksum offload ● CHECKSUM_COMPLETE ○ HW returns checksum calculation across whole packet ○ Host uses returned value to validate checksum(s) in the packet ● CHECKSUM_UNNECESSARY ○ HW verfies and returns “checksum okay” ○ Protocol specific, HW needs to parse packet ○ csum_level allows HW to checksum within encapsulation, multiple checksums Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  10. Checksum offload for encapsulation ● Need to offload inner checksum like TCP ● UDP also has it’s own checksum, this makes things interesting! Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  11. The MIGHTHY UDP Checksum for Encaps ● Want set to zero for “performance” (particularly switch vendors), but... ● UDP checksum is required for IPv6, and… ● UDP checksum covers more of packet than inner checksum, but... ● RFC6935, RFC6936, and a lot more requirements in encapsulation protocol drafts to allow it, but… ● UDP checksum is actually a good idea for both v4 and v6 when you’re using Linux Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada hosts to do encapsulation, let me explain...

  12. Leveraging UDP checksum offload ● Probably every deployed NIC supports simple UDP checksum for TX and RX ● Only new NICs support offload of encapsulated checksums ● Solution: Enable UDP checksum for encap and use it to offload inner checksums ○ Receive: checksum-unnecessary conversion ○ Transmit: remote checksum offload Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  13. Checksum unnecessary conversion ● Device returns “checksum unnecessary” for non-zero outer UDP checksum ● Complete checksum of packet starting from the UDP header is ~pseudo_hdr_csum ● So convert checksum unnecessary to checksum complete ● Inner checksum(s) verified using checksum complete ● No checksum computation on host! Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  14. Remote checksum offload ● Defer TX checksum offload to remote ● Encapsulation header with start and offset data referring to inner checksum ● Offload outer UDP checksum and send ● At receive ○ Do what device does: determine checksum from start to end of packet and write to offset ○ Aleady have complete checksum so we can easily find this ○ Write checksum into packet, validate like normal ● No checksum calculation in host Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  15. Segmentation offload ● Stack operates on bigger than MTU sized packets ● Offloads in receive and transmit Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  16. Transmit segmentation offload ● Split big TCP packet into small ones ● GSO (stack), TSO (HW) ● For each created packet ○ Copy headers from big one ○ Adjust lengths, checksums, sequence number that must be set per packet Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  17. GSO for UDP encapsulation ● UDP GSO function calls skb_udp_tunnel_segment ● Call GSO segment for next layer: gso_inner_segment ● Adjust UDP length and checksum per packet ● For encapsulation header, just copy those bytes* *Assuming encapsulation header does not have fields that must be set per packet Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  18. Receive segmentation offload ● Build large TCP packet from small ones ● GRO operation is to match packets to same flow for coalesing ● GRO (stack), LRO (HW) Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  19. GRO for UDP encapsulation ● UDP GRO receive path (udp_gro_receive) ● Encapsulation specific GRO functions ○ Call GRO function per port ○ Facility to register offloads per port ○ Call GRO receive for next protocol Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  20. FOU and GUE FOU and GUE encapsulating IP Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  21. Foo over UDP ● Packets of IP protocol over UDP ● Destination port maps to IP protocol ○ e.g. IP (IPIP), IPv6, (sit), GRE, ESP, etc ○ Example: IPIP on port 5555 Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  22. FOU support ● Logically, a header inserted to facilitate transport ● fou.c implements RX. ○ encap_rcv in socket ○ Remove UDP and reinject IP packet as protocol associated with port ● Ip tunnel implements FOU for IPIP, SIT, GRE ○ Insert UDP header between IP and payload ○ Source port from flow_hash Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  23. FOU example ● Set up receive ip fou add port 5555 ipproto 4 ● Set up transmit ip link add name tun1 type ipip \ remote 192.168.1.1 \ local 192.168.1.2 \ ttl 225 \ encap fou \ encap-sport auto \ encap-dport 5555 Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada ● fou.c implements RX. ○ encap_rcv in socket ○ Remove UDP and reinject IP packet as protocol associated with port ● Ip tunnel implements FOU for IPIP, SIT, GRE ○ Insert UDP header between IP and payload ○ Source port from flow_hash

  24. IP in FOU transmit IP TCP Data Start with a plain TCP/IP packet sent on tun1 Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  25. IP in FOU transmit IP IP TCP Data Logically prepend IP header Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  26. IP in FOU transmit IP protocol is 4 for IPIP IP IP TCP Data This is IPIP encapsulation Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  27. IP in FOU transmit UDP port set to hassh value for inner IP/TCP UDP destination port set to 5555 for IP/UDP headers UDP IP IP TCP Data Insert UDP header Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  28. IP in FOU transmit IP UDP IP TCP Data IP packet with encapsulation Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  29. IP in FOU transmit ETH IP UDP IP TCP Data Add Ethernet header and send Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  30. IP in FOU receive IP UDP IP TCP Data Receiver processes UDP packet based on destination port Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  31. IP in FOU receive Adjust transport header offset in sk_buff IP IP TCP Data UDP Remove UDP header Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  32. IP in FOU receive IP IP TCP Data Now have original IPIP packet. Reinject this into kernel, next protocol to prcess is 4 Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  33. Generic UDP encapsulation (GUE) ● Extensible and generic encapsulation proto ● Encapsulation header for carrying packets of IP protocol ● Type field, header length, 8 bit IP protocol ● 16 bit flags and optional fields indicated by them. More can be defined in extension ● Private/extension flag Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

  34. GUE headers UDP and GUE headers Proceedings of netdev 0.1, Feb 14-17, 2015, Ottawa, On, Canada

Recommend

Linux You Can Drive My Car Embedded Linux Conference

Linux You Can Drive My Car Embedded Linux Conference

Linux You Can Drive My Car Embedded Linux Conference 2017 Walt Miner ( @VStarWalt ) Community Manager, AGL , The Linux FoundaGon

721 views • 55 slides
KauNetEm Deterministic Network Emulation in Linux . Per Hurtig, Johan Garcia February 12, 2016

KauNetEm Deterministic Network Emulation in Linux . Per Hurtig, Johan Garcia February 12, 2016

Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) KauNetEm Deterministic Network Emulation in Linux . Per Hurtig, Johan Garcia February 12, 2016 netdevconf 1.1, February 10-12,

528 views • 39 slides
i p s e t Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February

i p s e t Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February

i p s e t Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) a t o o l f o r f a s t e r , m o r e e ffj c i e n t fj r e w a l l i n g w i t

863 views • 37 slides
What can Vulkan * do for you? Jason Ekstrand - Embedded Linux Conference - February 22, 2017 What

What can Vulkan * do for you? Jason Ekstrand - Embedded Linux Conference - February 22, 2017 What

What can Vulkan * do for you? Jason Ekstrand - Embedded Linux Conference - February 22, 2017 What is the Vulkan * API? Vulkan is a new 3-D rendering and compute api from Khronos, the same cross-industry group that maintains OpenGL Redesigned

896 views • 27 slides
Virtual Memory and Linux Alan Ott Embedded Linux Conference April 4-6, 2016 About the Presenter

Virtual Memory and Linux Alan Ott Embedded Linux Conference April 4-6, 2016 About the Presenter

Virtual Memory and Linux Alan Ott Embedded Linux Conference April 4-6, 2016 About the Presenter Linux Architect at SoftIron 64-bit ARM servers and data center appliences Linux Kernel Firmware Userspace Training USB

1.05k views • 71 slides
Encapsulation and Tunneling encapsulation describes the process of placing an IP datagram inside a

Encapsulation and Tunneling encapsulation describes the process of placing an IP datagram inside a

slide 1 gaius Encapsulation and Tunneling encapsulation describes the process of placing an IP datagram inside a network packet or frame encapsulation refers to how the network interface uses packet switching hardware two machines

499 views • 27 slides
Development in the Civil Infrastructure Platform Yoshitake Kobayashi Embedded Linux Conference,

Development in the Civil Infrastructure Platform Yoshitake Kobayashi Embedded Linux Conference,

SLTS Kernel and Base-Layer Development in the Civil Infrastructure Platform Yoshitake Kobayashi Embedded Linux Conference, Portland, February 21-23, 2017 1 Our Civilization is Run by Linux 2

619 views • 43 slides
The Development And Operation Of The BNFL Magnox Encapsulation Plant International Conference

The Development And Operation Of The BNFL Magnox Encapsulation Plant International Conference

The Development And Operation Of The BNFL Magnox Encapsulation Plant International Conference on Stabilisation/ Solidification Treatment and Remediation - 12-13 April 2005 - Cambridge NJ Bowmer, IH Godfrey, EJ Butcher Date: 11/ 02/ 05

470 views • 18 slides
Introduction to Linux Francisco Salavert Torres February 29th, 2016 1 What is GNU/Linux?

Introduction to Linux Francisco Salavert Torres February 29th, 2016 1 What is GNU/Linux?

Introduction to Linux Francisco Salavert Torres February 29th, 2016 1 What is GNU/Linux? GNU/Linux to simplify Linux, is a free Operating System (OS). By Operating System, we mean the suite of programs and libraries which

662 views • 27 slides
Suricata IDPS and Linux kernel . Leblond, G. Longo Stamus Networks February 10, 2016 .

Suricata IDPS and Linux kernel . Leblond, G. Longo Stamus Networks February 10, 2016 .

Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) Suricata IDPS and Linux kernel . Leblond, G. Longo Stamus Networks February 10, 2016 . Leblond, G. Longo (Stamus Networks)

941 views • 46 slides
The future of X.Org on non-GNU/Linux systems Matthieu Herrb OpenBSD/X.Org February 2, 2013

The future of X.Org on non-GNU/Linux systems Matthieu Herrb OpenBSD/X.Org February 2, 2013

The future of X.Org on non-GNU/Linux systems Matthieu Herrb OpenBSD/X.Org February 2, 2013 Introduction X has always been multi-platform XFree86 was started on SVr4 and FreeBSD, ported on Linux later. GNU/Linux/Freedesktop is now dominating

319 views • 18 slides
Linux Support for USB 3.0 Sarah Sharp Linux Plumbers Conference Why USB 3.0? 480Mb/s is too

Linux Support for USB 3.0 Sarah Sharp Linux Plumbers Conference Why USB 3.0? 480Mb/s is too

Linux Support for USB 3.0 Sarah Sharp Linux Plumbers Conference Why USB 3.0? 480Mb/s is too slow USB 2.0 sucks power Inefficient host controller design Polling and broadcast messages Many devices don't support auto-suspend

718 views • 33 slides
Bluetooth on modern Linux Szymon Janc szymon.janc@codecoup.pl Embedded Linux Conference, San

Bluetooth on modern Linux Szymon Janc szymon.janc@codecoup.pl Embedded Linux Conference, San

Bluetooth on modern Linux Szymon Janc szymon.janc@codecoup.pl Embedded Linux Conference, San Diego, 2016 Agenda Introduction Bluetooth technology recap Linux Bluetooth stack architecture Linux kernel BlueZ 5

743 views • 28 slides
Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system distributions that use the Linux

562 views • 53 slides
Linux Audio: Origins &amp; Futures Paul Davis Linux Audio Systems Linux Plumbers Conference,

Linux Audio: Origins &amp; Futures Paul Davis Linux Audio Systems Linux Plumbers Conference,

Linux Audio: Origins &amp; Futures Paul Davis Linux Audio Systems Linux Plumbers Conference, 2009 Introduction Who am I Why am I here What is good about Linux audio support? What is bad about it? How did it get this way?

1.17k views • 68 slides
Encapsulation grouping of subprograms and the data Encapsulation they manipulate

Encapsulation grouping of subprograms and the data Encapsulation they manipulate

Encapsulation grouping of subprograms and the data Encapsulation they manipulate Information hiding abstract data types type definition is hidden from the user variables of the type can be declared variables of the type

1.02k views • 15 slides
Memory Barriers in the Linux Kernel Semantics and Practices Embedded Linux Conference April

Memory Barriers in the Linux Kernel Semantics and Practices Embedded Linux Conference April

Memory Barriers in the Linux Kernel Semantics and Practices Embedded Linux Conference April 2016. San Diego, CA. Davidlohr Bueso &lt;dave@stgolabs.net&gt; SUSE Labs. Agenda 1. Introduction Reordering Examples Underlying need for

773 views • 54 slides
GCC/Clang Optimizations for Embedded Linux Khem Raj, Comcast Embedded Linux Conference &amp;

GCC/Clang Optimizations for Embedded Linux Khem Raj, Comcast Embedded Linux Conference &amp;

GCC/Clang Optimizations for Embedded Linux Khem Raj, Comcast Embedded Linux Conference &amp; OpenIOT summit Portland, OR Introduction To Clang Native compiler FrontEnd to LLVM Infrastructure Supports C/C++ and Objective-C The

517 views • 20 slides
Quantifying the Encapsulation of Implemented Software Architectures @ericbouwers @avandeursen

Quantifying the Encapsulation of Implemented Software Architectures @ericbouwers @avandeursen

Quantifying the Encapsulation of Implemented Software Architectures @ericbouwers @avandeursen @jstvssr an implemented software architecture What is encapsulation? When applied correctly, the process of encapsulation ensures that the

755 views • 19 slides
TOMOYO Linux A Lightweight and Manageable Security System for PC and Embedded Linux

TOMOYO Linux A Lightweight and Manageable Security System for PC and Embedded Linux

CE Linux Forum Worldwide Embedded Linux Conference 2007 April 17-19, 2007 TOMOYO Linux A Lightweight and Manageable Security System for PC and Embedded Linux http://tomoyo.sourceforge.jp/ Toshiharu Harada Tetsuo Handa NTT DATA

654 views • 47 slides
Why C++? a better C type safe, e.g., I/O streams better support for ADTs, encapsulation

Why C++? a better C type safe, e.g., I/O streams better support for ADTs, encapsulation

Why C++? a better C type safe, e.g., I/O streams better support for ADTs, encapsulation object-oriented programming add inheritance to encapsulation OO isnt a silver bullet, but it helps in dealing with the complexity of

412 views • 15 slides
Why C++? a better C type safe, e.g., I/O streams better support for ADTs, encapsulation

Why C++? a better C type safe, e.g., I/O streams better support for ADTs, encapsulation

Why C++? a better C type safe, e.g., I/O streams better support for ADTs, encapsulation object-oriented programming add inheritance to encapsulation OO isnt a silver bullet, but it helps in dealing with the complexity of

375 views • 10 slides
Plug and Play Multiseat Linux Plumbers Conference 2009 BoF Session Bernie Thompson About the

Plug and Play Multiseat Linux Plumbers Conference 2009 BoF Session Bernie Thompson About the

Plug and Play Multiseat Linux Plumbers Conference 2009 BoF Session Bernie Thompson About the speaker Linux vs. NT and OS/2 (Issue 1 LJ, 1994) S3's graphics driver guy on-site at Msft Cosource &amp; Applix Linux Division

685 views • 21 slides
Groking the Linux SPI Subsystem Embedded Linux Conference 2017 Matt Porter Obligatory geek

Groking the Linux SPI Subsystem Embedded Linux Conference 2017 Matt Porter Obligatory geek

Groking the Linux SPI Subsystem Embedded Linux Conference 2017 Matt Porter Obligatory geek reference deobfuscation grok ( /grk/ ) verb to understand intuitively or by empathy, to establish rapport with. Overview What is SPI? SPI

938 views • 47 slides

More recommend