热门城市
- 快召唤伙伴们来围观吧
- 微博 QQ QQ空间 贴吧
- 视频嵌入链接 文档嵌入链接
- 复制
- 微信扫一扫分享
- 已成功复制到剪贴板
Linux Network Programming with P4
express data path(xdp)是一个新的内核特性,旨在提供尽可能靠近设备硬件的快速数据包处理。XDP建立在扩展伯克利包过滤器(ebpf)之上,并允许用户编写一个类c的包处理程序,可以附加到设备驱动程序的接收队列。当设备观察到传入数据包时,触发用户定义的xdp程序以在数据包有效负载,尽早做出决定将数据包传递到处理管道。p4是一种特定于域的语言,描述包是如何由可编程网络元件的数据平面,包括网络接口卡、设备和虚拟交换机。它提供了允许程序员表达现有和未来的抽象协议格式,不将其耦合到任何特定的数据平面知识。该语言被显式地设计为协议不可知的。p4程序员可以编写自己的协议并加载p4程序进入P4功能的网络元素。作为高级网络语言,p4支持多种编译器后端,还具有表示ebpf和xdp程序的能力。
我们介绍了p4c-xdp,这是p4编译器的一个新后端。P4C-XDP杠杆以高性能软件数据平面为目标的xdp。后端从给定的p4程序生成符合ebpf的c表示它被传递给clang和llvm以生成字节码。使用传统的ebpf内核钩子程序可以加载到设备驱动程序中的ebpf虚拟机。内核验证器保证生成代码的安全性。任何数据包接收/发送到此设备驱动程序现在触发执行加载的p4程序。
展开查看详情
1 .Linux Network Programming with P4 Linux Plumbers 2018 Fabian Ruffy, William Tu, Mihai Budiu VMware Inc. and University of British Columbia
2 .Outline • Introduction to P4 • XDP and the P4 Compiler Fabian • Testing • Example • Performance Results William • Discussion 2
3 .What is P4? • High-level programming language for network data planes • Allows for protocol flexibility • Specifies a packet processing pipeline • Compiled and loaded into target platform • Open and standardized P4: Programming Protocol-Independent Packet Processors Pat Bosshart, Dan Daly, Glen Gibb, Martin Izzard, Nick McKeown, Jennifer Rexford, Cole Schlesinger, Dan Talayco, Amin Vahdat, George Varghese, David Walker ACM SIGCOMM Computer Communications Review (CCR). Volume 44, Issue #3 (July 2014) 3
4 .P4 Essentials • C-like, strongly typed language • Type and memory-safe (no pointers) • Bounded execution (no loops) • Statically allocated (no malloc, no recursion) • Spec: http://github.com/p4lang/p4-spec • Reference compiler implementation: http://github.com/p4lang/p4c (Apache 2 license) 4
5 .P4 Software Workflow P4 Compiler P4 Architecture Model Target Supplied 5
6 .P4 Software Workflow User-supplied P4 Program P4 Compiler P4 Architecture Model Target Supplied 5
7 .P4 Software Workflow User-supplied P4 Program P4 Compiler P4 Architecture Model Target Supplied 5
8 .P4 Software Workflow User-supplied P4 Program P4 Compiler P4 Architecture Target-specific Model configuration binary Target Supplied 5
9 .P4 Software Workflow User-supplied P4 Program P4 Compiler P4 Architecture Target-specific Extern configuration Load Tables Data Plane Model objects binary Target Supplied 5
10 .P4 Software Workflow User-supplied Control Plane P4 Program P4 Compiler P4 Architecture Target-specific Extern configuration Load Tables Data Plane Model objects binary Target Supplied 5
11 .P4 Software Workflow User-supplied Control Plane RUNTIME P4 Program P4 Compiler Add/remove Extern Packet-in/out table entries control CPU port P4 Architecture Target-specific Extern configuration Load Tables Data Plane Model objects binary Target Supplied 5
12 .P416 generic data-plane model os_lib.p4 switch_lib.p4 npu_lib.p4 nic_lib.p4 The networking stack of the OS program.p4 6
13 .P4 and XDP 7
14 .eBPF/XDP • Virtual machine running in the Linux kernel User space Kernel socket • Provides: space • The ability to write restricted C and run it in the kernel IP/routing • A set of kernel hook points invoking the eBPF program Bridge hook • Extensible, safe and fast • Alternative to user-space networking Your tc Program driver eBPF hook point Hardware Example of TC+eBPF 8
15 .eBPF/XDP • Virtual machine running in the Linux kernel User space Kernel socket • Provides: space • The ability to write restricted C and run it in the kernel IP/routing • A set of kernel hook points invoking the eBPF program Bridge hook • Extensible, safe and fast • Alternative to user-space networking Your tc Program driver eBPF hook point Hardware A programmable data plane in the Linux kernel! Example of TC+eBPF 8
16 . P4 vs eBPF/XDP Feature P4 eBPF/XDP Level High Low Safe Yes Yes Safety Type system Verifier Loops In parsers Tail calls (dynamic limit) Resources Statically allocated Statically allocated Policies Tables (match+action) Maps (tables) Extern helpers Target-specific Hook-specific Control-plane API Synthesized by compiler eBPF maps 9
17 .The P4 eBPF backends • p4c-ebpf is part of the open-source distribution • http://github.com/p4lang/p4c/backends/ebpf • p4c-xdp is a separate open-source project • http://github.com/vmware/p4c-xdp • Extension of the p4c compiler • Reuses much of the code • Not production-ready • Needs more work p4c-xdp • Known bugs and limitations p4c-ebpf • Generated not efficient yet 10
18 .Generating XDP code 11
19 .P416 -> C -> eBPF/XDP • Generates stylized C • No tail calls yet, all data on stack • eBPF tables control/data-plane communication • Can do filtering, forwarding, encapsulation • Relies on Linux TC for forwarding • We plan on switching to libbpf 12
20 .The XDP Switching Model Control-plane API Drop/Forward/Pass Input port EBPF tables packet in packet out Match+ Parser Deparser Action headers headers XDP Data Plane 13
21 . Flow app.p4 User space BPF system call Kernel space exe Match-Action tables Data Plane XDP driver Hardware 14
22 . Flow app.p4 p4c-xdp app.c User space BPF system call Kernel space exe Match-Action tables Data Plane XDP driver Hardware 14
23 . Flow app.p4 p4c-xdp app.c Clang + User space LLVM BPF system call Kernel space app.o Verifier exe Match-Action tables Data Plane XDP driver Hardware 14
24 . Flow control-plane.c app.p4 p4c-xdp app.h Control-plane API app.c Clang + User space LLVM BPF system call Kernel space app.o Verifier exe Match-Action tables Data Plane XDP driver Hardware 14
25 .Testing P4-XDP code 15
26 .Test Frameworks • User-space testing • Isolates specification from implementation • Validates correctness of generated code • User-space wrappers around eBPF tables and APIs • Reads and writes packets from capture files • Kernel-space testing • Loads eBPF program into kernel • I/O connected to virtual interfaces • Writes capture files to interfaces in user-space • Records output using tcpdump 16
27 . Five Testing Stages test.p4 test.stf 17
28 . Five Testing Stages 1 compile test.p4 p4 2 parse test.stf stf 17
29 . Five Testing Stages 1 compile test.p4 p4 runtime source 2 parse test.stf stf input0.pcap expect0.pcap input1.pcap expect1.pcap …. …. 17
3秒后跳转登录页面
去登陆
