filmov
tv
P4-uBPF: Extending Open vSwitch packet processing pipeline at runtime using P4
Показать описание
Speaker: Tomasz Osiński, Orange Labs
Data plane programmability and the P4 language have become the next step in the evolution of Software-Defined Networking enabling programming of protocol-independent packet parsers and packet processing pipeline for network devices. Recently, the PISCES solution demonstrated the feasibility of a protocol-independent software switch using P4 as the programming language and Open vSwitch as the target switch. However, PISCES requires re-compilation every time the P4 program is changed and in some situations the hypervisor switch needs to be upgraded and/or customized at runtime in order to support new protocol headers, encapsulation techniques or even implement middlebox-like network functions. In this talk I would like to present the runtime programming of extensions for Open vSwitch using the P4 language. The solution is based on the Oko switch, the extension to Open vSwitch, which allows to inject user-space BPF programs acting as stateful packet filter. We have enhanced the Oko switch with support for programmable actions (packet modifications, tunneling), new APIs to control BPF maps, the P4-to-uBPF compiler with support for stateful P4 objects (registers) and the P4Runtime-based abstraction layer. In the presentation I will describe the design and implementation of the solution. Moreover, the presentation will include discussion about implementation problems that we faced and performance optimizations that we applied to the P4 compiler. To sum up, our contribution to Open vSwitch allows to dynamically reconfigure Open vSwitch's packet processing pipeline using the high-level domain-specific language (DSL) such as P4 and protocol-independent SDN control protocol such as P4Runtime.
Moreover, our enhancements enable running stateful, middlebox-like network functions inside Open vSwitch. This feature can be used by tenants to offload part of packet processing functionalities from virtual machines to the virtual networking layer. Therefore, based on our contribution we also would like to revive the idea of Topology Service Injection for OpenStack - the Neutron plugin to inject middlebox-like functions into the OpenStack network infrastructure. With the use of the P4 language and P4-capable Open vSwitch the Topology Service Injection plugin would not be limited by the features provided by the OpenFlow architecture. Thus, we also would like to propose a new, P4-based design of Topology Service Injection plugin for OpenStack, which would support more powerful data plane applications that can be injected into the networking layer.
Data plane programmability and the P4 language have become the next step in the evolution of Software-Defined Networking enabling programming of protocol-independent packet parsers and packet processing pipeline for network devices. Recently, the PISCES solution demonstrated the feasibility of a protocol-independent software switch using P4 as the programming language and Open vSwitch as the target switch. However, PISCES requires re-compilation every time the P4 program is changed and in some situations the hypervisor switch needs to be upgraded and/or customized at runtime in order to support new protocol headers, encapsulation techniques or even implement middlebox-like network functions. In this talk I would like to present the runtime programming of extensions for Open vSwitch using the P4 language. The solution is based on the Oko switch, the extension to Open vSwitch, which allows to inject user-space BPF programs acting as stateful packet filter. We have enhanced the Oko switch with support for programmable actions (packet modifications, tunneling), new APIs to control BPF maps, the P4-to-uBPF compiler with support for stateful P4 objects (registers) and the P4Runtime-based abstraction layer. In the presentation I will describe the design and implementation of the solution. Moreover, the presentation will include discussion about implementation problems that we faced and performance optimizations that we applied to the P4 compiler. To sum up, our contribution to Open vSwitch allows to dynamically reconfigure Open vSwitch's packet processing pipeline using the high-level domain-specific language (DSL) such as P4 and protocol-independent SDN control protocol such as P4Runtime.
Moreover, our enhancements enable running stateful, middlebox-like network functions inside Open vSwitch. This feature can be used by tenants to offload part of packet processing functionalities from virtual machines to the virtual networking layer. Therefore, based on our contribution we also would like to revive the idea of Topology Service Injection for OpenStack - the Neutron plugin to inject middlebox-like functions into the OpenStack network infrastructure. With the use of the P4 language and P4-capable Open vSwitch the Topology Service Injection plugin would not be limited by the features provided by the OpenFlow architecture. Thus, we also would like to propose a new, P4-based design of Topology Service Injection plugin for OpenStack, which would support more powerful data plane applications that can be injected into the networking layer.
0:24:13
0:21:37
0:23:37
0:21:23
0:33:29
0:01:51
0:48:59
0:42:01
0:14:39
0:09:00
0:10:52
0:34:39
0:25:57
0:21:54
0:00:21
0:28:44
0:13:18
1:02:12
0:29:59
0:12:16
1:52:01
0:27:30
0:05:13
0:42:15