Design chapter done
This commit is contained in:
Nico Schottelius
parent
002887533a
commit
a08f757e96
4 changed files with 51 additions and 41 deletions
|
|
@ -381,7 +381,7 @@ When translating, the checksum fields in the higher protocols need to be
|
|||
adjusted. The checksums for TCP and UDP is calculated not only over the pseudo
|
||||
headers, but also contain the payload of the packet. This is
|
||||
important, because some targets (like the NetPFGA) do not allow to
|
||||
access the payload.
|
||||
access the payload (see section \ref{design:netpfga}).
|
||||
\begin{figure}[h]
|
||||
\begin{verbatim}
|
||||
0 7 8 15 16 23 24 31
|
||||
|
|
@ -397,6 +397,16 @@ access the payload.
|
|||
\caption{IPv4 Pseudo Header}
|
||||
\label{fig:ipv4pseudoheader}
|
||||
\end{figure}
|
||||
The checksums for IPv4, TCP, UDP and ICMP6 are all based on the
|
||||
``Internet Checksum''~\cite{rfc791},~\cite{rfc1071}.
|
||||
Its calculation can be summarised as follows:
|
||||
\begin{quote}
|
||||
The checksum field is the 16-bit one's complement of the one's
|
||||
complement sum of all 16-bit words in the header. For purposes of
|
||||
computing the checksum, the value of the checksum field
|
||||
is zero.\footnote{Quote from Wikipedia~\cite{wikipedia:_ipv4}.}.
|
||||
\end{quote}
|
||||
|
||||
% ----------------------------------------------------------------------
|
||||
\section{\label{background:networkdesign}Network Designs}
|
||||
%% \begin{figure}[h]
|
||||
|
|
|
|||
|
|
@ -320,16 +320,7 @@ second option of using the differences is described in section
|
|||
\ref{design:netpfga}.
|
||||
% ok
|
||||
% ----------------------------------------------------------------------
|
||||
\section{\label{design:netpfga}NetFPGA - FIXME: relate things}
|
||||
While the P4-NetFPGA project ~\cite{netfpga:_p4_netpf_public_github}
|
||||
allows compiling P4 to the NetPFGA, the design slightly varies.
|
||||
In particular, the NetFPGA P4 compiler does not support reading
|
||||
the payload. For this reason it also does not support
|
||||
creating the checksum based on the payload.
|
||||
To support checksum modifications in NAT64 on the NetFPGA, the
|
||||
checksum was calculated on the netpfga using differences between
|
||||
the IPv6 and IPv4 headers. Figure \ref{fig:checksumbydiff} shows an
|
||||
excerpt of the code used for calculating checksums in the netpfga.
|
||||
\section{\label{design:netpfga}P4/NetFPGA}
|
||||
\begin{figure}[h]
|
||||
\begin{verbatim}
|
||||
action v4sum() {
|
||||
|
|
@ -366,55 +357,63 @@ action delta_tcp_from_v6_to_v4()
|
|||
|
||||
hdr.tcp.checksum = (bit<16>) tmp;
|
||||
}
|
||||
|
||||
\end{verbatim}
|
||||
\centering
|
||||
\caption{Calculating checksum based on header differences}
|
||||
\label{fig:checksumbydiff}
|
||||
\end{figure}
|
||||
The checksums for IPv4, TCP, UDP and ICMP6 are all based on the
|
||||
``Internet Checksum''~\cite{rfc791},~\cite{rfc1071}.
|
||||
Its calculation can be summarised as follows:
|
||||
\begin{quote}
|
||||
The checksum field is the 16-bit one's complement of the one's
|
||||
complement sum of all 16-bit words in the header. For purposes of
|
||||
computing the checksum, the value of the checksum field
|
||||
is zero.\footnote{Quote from Wikipedia~\cite{wikipedia:_ipv4}.}.
|
||||
\end{quote}
|
||||
As the calculation mainly depends on on (1-complement) sums, the
|
||||
checksums after translating the protocol can be corrected by
|
||||
subtracting the differences of the relevant fields. It is notable that
|
||||
not the full headers are used, but the pseudo headers (compare figures
|
||||
While the P4-NetFPGA project~\cite{netfpga:_p4_netpf_public_github}
|
||||
allows compiling P4 to the NetPFGA, the design slightly varies due to
|
||||
limitations in the available toolchain.
|
||||
In particular, the NetFPGA P4 compiler does not support reading
|
||||
the payload.\footnote{This feature could be implemented in theory, but
|
||||
isn't available at the moment, see~\cite{schottelius:_exter_p4_netpf}.}
|
||||
For this reason it also does not support
|
||||
creating the checksum based on the payload.
|
||||
To support checksum modifications in NAT64 on the NetFPGA, the
|
||||
checksum is calculated using differences between
|
||||
the IPv6 and IPv4 headers.
|
||||
|
||||
As the checksum calculation only depends on the 1-complement sums of
|
||||
headers and the payload (compare section \ref{background:checksums})
|
||||
and only headers are modified during NAT64 translations, the higher
|
||||
level protocol checksums can be corrected based on the sum of
|
||||
differences of both headers. Thus our P4/NetFPGA implementation first
|
||||
calculates the sum of the relevant IPv4 headers (\texttt{v4sum()}),
|
||||
the sum of the relevant IPv6 headers (\texttt{v6sum()})
|
||||
and then calculates the difference including a
|
||||
possible carry bit and adjusts the higher level protocol by this
|
||||
difference (\texttt{delta\_tcp\_from\_v6\_to\_v4()}).
|
||||
Figure \ref{fig:checksumbydiff} shows an
|
||||
excerpt of the code used for adjust the checksum when translating TCP
|
||||
from IPv6 to IPv4.
|
||||
It is notable that
|
||||
not the full headers are used, but only a ``pseudo header'' (compare figures
|
||||
\ref{fig:ipv6pseudoheader} and \ref{fig:ipv4pseudoheader}).
|
||||
To compensate the carry bit, our code uses 17 bit integers for
|
||||
correcting the carry.
|
||||
% FIXME: add note to python script / checksum diffing
|
||||
|
||||
|
||||
% ok
|
||||
% ----------------------------------------------------------------------
|
||||
\section{\label{design:benchmarks}Benchmarks}
|
||||
The benchmarks were performed on two hosts, a load generator and a
|
||||
nat64 translator. Both hosts were equipped with a dual port
|
||||
Intel X520 10 Gbit/s network card. Both hosts were connected using DAC
|
||||
without any equipment in between. TCP offloading was enabled in the
|
||||
X520 cards. Figure \ref{fig:softwarenat64design}
|
||||
shows the network setup.
|
||||
\begin{figure}[h]
|
||||
\includegraphics[scale=0.5]{softwarenat64design}
|
||||
\centering
|
||||
\caption{NAT64 in software benchmark}
|
||||
\caption{Benchmark design for NAT64 in software implementations}
|
||||
\label{fig:softwarenat64design}
|
||||
\end{figure}
|
||||
We use two hosts for performing benchmarks: a load generator and a
|
||||
NAT64 translator. Both hosts are equipped with a dual port
|
||||
Intel X520 10 Gbit/s network card. Both hosts are connected using DAC
|
||||
without any equipment in between. TCP offloading is enabled in the
|
||||
X520 cards. Figure \ref{fig:softwarenat64design}
|
||||
shows the network setup.
|
||||
When testing the NetPFGA/P4 performance, the X520 cards in the NAT64
|
||||
translator were diconnected and instead the NetPFGA ports were
|
||||
translator are disconnected and instead the NetPFGA ports are
|
||||
connected, as show in figure \ref{fig:netpfgadesign}. The load
|
||||
generator is equipped with a quad core CPU (Intel(R) Core(TM) i7-6700
|
||||
CPU @ 3.40GHz), enabled with hyperthreading and 16 GB RAM. The NAT64
|
||||
translator is also equipped with a quard core CPU (Intel(R) Core(TM)
|
||||
i7-4770 CPU @ 3.40GHz) and 16 GB RAM.
|
||||
|
||||
The first 10 seconds of the benchmark were excluded to avoid the TCP
|
||||
warm up phase.\footnote{iperf -O 10 parameter}
|
||||
The first 10 seconds of the benchmark are excluded to avoid the TCP
|
||||
warm up phase.\footnote{iperf -O 10 parameter, see section \ref{design:tests}.}
|
||||
\begin{figure}[h]
|
||||
\includegraphics[scale=0.5]{netpfgadesign}
|
||||
\centering
|
||||
|
|
|
|||
BIN
doc/Thesis.pdf
BIN
doc/Thesis.pdf
Binary file not shown.
|
|
@ -2580,6 +2580,7 @@ Linux package management, handling updates, etc.
|
|||
\printnomenclature
|
||||
\abbrev{ARP}{Address resolution protocol}
|
||||
\abbrev{ASIC}{Application-specific integrated circuit}
|
||||
\abbrev{DAC}{Direct attach cable}
|
||||
\abbrev{FGPA}{Field-programmable gate array}
|
||||
\abbrev{LPM}{Longes prefix matching}
|
||||
\abbrev{MTU}{Maximum transfer unit}
|
||||
|
|
|
|||
Loading…
Reference in a new issue