diff --git a/doc/Background.tex b/doc/Background.tex index 18faab2..dc0d8de 100644 --- a/doc/Background.tex +++ b/doc/Background.tex @@ -381,7 +381,7 @@ When translating, the checksum fields in the higher protocols need to be adjusted. The checksums for TCP and UDP is calculated not only over the pseudo headers, but also contain the payload of the packet. This is important, because some targets (like the NetPFGA) do not allow to -access the payload. +access the payload (see section \ref{design:netpfga}). \begin{figure}[h] \begin{verbatim} 0 7 8 15 16 23 24 31 @@ -397,6 +397,16 @@ access the payload. \caption{IPv4 Pseudo Header} \label{fig:ipv4pseudoheader} \end{figure} +The checksums for IPv4, TCP, UDP and ICMP6 are all based on the +``Internet Checksum''~\cite{rfc791},~\cite{rfc1071}. +Its calculation can be summarised as follows: +\begin{quote} + The checksum field is the 16-bit one's complement of the one's + complement sum of all 16-bit words in the header. For purposes of + computing the checksum, the value of the checksum field + is zero.\footnote{Quote from Wikipedia~\cite{wikipedia:_ipv4}.}. +\end{quote} + % ---------------------------------------------------------------------- \section{\label{background:networkdesign}Network Designs} %% \begin{figure}[h] diff --git a/doc/Design.tex b/doc/Design.tex index 25ba593..fef5b06 100644 --- a/doc/Design.tex +++ b/doc/Design.tex @@ -320,16 +320,7 @@ second option of using the differences is described in section \ref{design:netpfga}. % ok % ---------------------------------------------------------------------- -\section{\label{design:netpfga}NetFPGA - FIXME: relate things} -While the P4-NetFPGA project ~\cite{netfpga:_p4_netpf_public_github} -allows compiling P4 to the NetPFGA, the design slightly varies. -In particular, the NetFPGA P4 compiler does not support reading -the payload. For this reason it also does not support -creating the checksum based on the payload. -To support checksum modifications in NAT64 on the NetFPGA, the -checksum was calculated on the netpfga using differences between -the IPv6 and IPv4 headers. Figure \ref{fig:checksumbydiff} shows an -excerpt of the code used for calculating checksums in the netpfga. +\section{\label{design:netpfga}P4/NetFPGA} \begin{figure}[h] \begin{verbatim} action v4sum() { @@ -366,55 +357,63 @@ action delta_tcp_from_v6_to_v4() hdr.tcp.checksum = (bit<16>) tmp; } - \end{verbatim} \centering \caption{Calculating checksum based on header differences} \label{fig:checksumbydiff} \end{figure} -The checksums for IPv4, TCP, UDP and ICMP6 are all based on the -``Internet Checksum''~\cite{rfc791},~\cite{rfc1071}. -Its calculation can be summarised as follows: -\begin{quote} - The checksum field is the 16-bit one's complement of the one's - complement sum of all 16-bit words in the header. For purposes of - computing the checksum, the value of the checksum field - is zero.\footnote{Quote from Wikipedia~\cite{wikipedia:_ipv4}.}. -\end{quote} -As the calculation mainly depends on on (1-complement) sums, the -checksums after translating the protocol can be corrected by -subtracting the differences of the relevant fields. It is notable that -not the full headers are used, but the pseudo headers (compare figures +While the P4-NetFPGA project~\cite{netfpga:_p4_netpf_public_github} +allows compiling P4 to the NetPFGA, the design slightly varies due to +limitations in the available toolchain. +In particular, the NetFPGA P4 compiler does not support reading +the payload.\footnote{This feature could be implemented in theory, but +isn't available at the moment, see~\cite{schottelius:_exter_p4_netpf}.} +For this reason it also does not support +creating the checksum based on the payload. +To support checksum modifications in NAT64 on the NetFPGA, the +checksum is calculated using differences between +the IPv6 and IPv4 headers. + +As the checksum calculation only depends on the 1-complement sums of +headers and the payload (compare section \ref{background:checksums}) +and only headers are modified during NAT64 translations, the higher +level protocol checksums can be corrected based on the sum of +differences of both headers. Thus our P4/NetFPGA implementation first +calculates the sum of the relevant IPv4 headers (\texttt{v4sum()}), +the sum of the relevant IPv6 headers (\texttt{v6sum()}) +and then calculates the difference including a +possible carry bit and adjusts the higher level protocol by this +difference (\texttt{delta\_tcp\_from\_v6\_to\_v4()}). +Figure \ref{fig:checksumbydiff} shows an +excerpt of the code used for adjust the checksum when translating TCP +from IPv6 to IPv4. +It is notable that +not the full headers are used, but only a ``pseudo header'' (compare figures \ref{fig:ipv6pseudoheader} and \ref{fig:ipv4pseudoheader}). -To compensate the carry bit, our code uses 17 bit integers for -correcting the carry. -% FIXME: add note to python script / checksum diffing - - +% ok % ---------------------------------------------------------------------- \section{\label{design:benchmarks}Benchmarks} -The benchmarks were performed on two hosts, a load generator and a -nat64 translator. Both hosts were equipped with a dual port -Intel X520 10 Gbit/s network card. Both hosts were connected using DAC -without any equipment in between. TCP offloading was enabled in the -X520 cards. Figure \ref{fig:softwarenat64design} -shows the network setup. \begin{figure}[h] \includegraphics[scale=0.5]{softwarenat64design} \centering - \caption{NAT64 in software benchmark} + \caption{Benchmark design for NAT64 in software implementations} \label{fig:softwarenat64design} \end{figure} +We use two hosts for performing benchmarks: a load generator and a +NAT64 translator. Both hosts are equipped with a dual port +Intel X520 10 Gbit/s network card. Both hosts are connected using DAC +without any equipment in between. TCP offloading is enabled in the +X520 cards. Figure \ref{fig:softwarenat64design} +shows the network setup. When testing the NetPFGA/P4 performance, the X520 cards in the NAT64 -translator were diconnected and instead the NetPFGA ports were +translator are disconnected and instead the NetPFGA ports are connected, as show in figure \ref{fig:netpfgadesign}. The load generator is equipped with a quad core CPU (Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz), enabled with hyperthreading and 16 GB RAM. The NAT64 translator is also equipped with a quard core CPU (Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz) and 16 GB RAM. - -The first 10 seconds of the benchmark were excluded to avoid the TCP -warm up phase.\footnote{iperf -O 10 parameter} +The first 10 seconds of the benchmark are excluded to avoid the TCP +warm up phase.\footnote{iperf -O 10 parameter, see section \ref{design:tests}.} \begin{figure}[h] \includegraphics[scale=0.5]{netpfgadesign} \centering diff --git a/doc/Thesis.pdf b/doc/Thesis.pdf index 4e3da3f..78d24a4 100644 Binary files a/doc/Thesis.pdf and b/doc/Thesis.pdf differ diff --git a/doc/appendix.tex b/doc/appendix.tex index 3945ab5..114a168 100644 --- a/doc/appendix.tex +++ b/doc/appendix.tex @@ -2580,6 +2580,7 @@ Linux package management, handling updates, etc. \printnomenclature \abbrev{ARP}{Address resolution protocol} \abbrev{ASIC}{Application-specific integrated circuit} +\abbrev{DAC}{Direct attach cable} \abbrev{FGPA}{Field-programmable gate array} \abbrev{LPM}{Longes prefix matching} \abbrev{MTU}{Maximum transfer unit}