Design chapter done
This commit is contained in:
parent
002887533a
commit
a08f757e96
|
@ -381,7 +381,7 @@ When translating, the checksum fields in the higher protocols need to be
|
||||||
adjusted. The checksums for TCP and UDP is calculated not only over the pseudo
|
adjusted. The checksums for TCP and UDP is calculated not only over the pseudo
|
||||||
headers, but also contain the payload of the packet. This is
|
headers, but also contain the payload of the packet. This is
|
||||||
important, because some targets (like the NetPFGA) do not allow to
|
important, because some targets (like the NetPFGA) do not allow to
|
||||||
access the payload.
|
access the payload (see section \ref{design:netpfga}).
|
||||||
\begin{figure}[h]
|
\begin{figure}[h]
|
||||||
\begin{verbatim}
|
\begin{verbatim}
|
||||||
0 7 8 15 16 23 24 31
|
0 7 8 15 16 23 24 31
|
||||||
|
@ -397,6 +397,16 @@ access the payload.
|
||||||
\caption{IPv4 Pseudo Header}
|
\caption{IPv4 Pseudo Header}
|
||||||
\label{fig:ipv4pseudoheader}
|
\label{fig:ipv4pseudoheader}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
|
The checksums for IPv4, TCP, UDP and ICMP6 are all based on the
|
||||||
|
``Internet Checksum''~\cite{rfc791},~\cite{rfc1071}.
|
||||||
|
Its calculation can be summarised as follows:
|
||||||
|
\begin{quote}
|
||||||
|
The checksum field is the 16-bit one's complement of the one's
|
||||||
|
complement sum of all 16-bit words in the header. For purposes of
|
||||||
|
computing the checksum, the value of the checksum field
|
||||||
|
is zero.\footnote{Quote from Wikipedia~\cite{wikipedia:_ipv4}.}.
|
||||||
|
\end{quote}
|
||||||
|
|
||||||
% ----------------------------------------------------------------------
|
% ----------------------------------------------------------------------
|
||||||
\section{\label{background:networkdesign}Network Designs}
|
\section{\label{background:networkdesign}Network Designs}
|
||||||
%% \begin{figure}[h]
|
%% \begin{figure}[h]
|
||||||
|
|
|
@ -320,16 +320,7 @@ second option of using the differences is described in section
|
||||||
\ref{design:netpfga}.
|
\ref{design:netpfga}.
|
||||||
% ok
|
% ok
|
||||||
% ----------------------------------------------------------------------
|
% ----------------------------------------------------------------------
|
||||||
\section{\label{design:netpfga}NetFPGA - FIXME: relate things}
|
\section{\label{design:netpfga}P4/NetFPGA}
|
||||||
While the P4-NetFPGA project ~\cite{netfpga:_p4_netpf_public_github}
|
|
||||||
allows compiling P4 to the NetPFGA, the design slightly varies.
|
|
||||||
In particular, the NetFPGA P4 compiler does not support reading
|
|
||||||
the payload. For this reason it also does not support
|
|
||||||
creating the checksum based on the payload.
|
|
||||||
To support checksum modifications in NAT64 on the NetFPGA, the
|
|
||||||
checksum was calculated on the netpfga using differences between
|
|
||||||
the IPv6 and IPv4 headers. Figure \ref{fig:checksumbydiff} shows an
|
|
||||||
excerpt of the code used for calculating checksums in the netpfga.
|
|
||||||
\begin{figure}[h]
|
\begin{figure}[h]
|
||||||
\begin{verbatim}
|
\begin{verbatim}
|
||||||
action v4sum() {
|
action v4sum() {
|
||||||
|
@ -366,55 +357,63 @@ action delta_tcp_from_v6_to_v4()
|
||||||
|
|
||||||
hdr.tcp.checksum = (bit<16>) tmp;
|
hdr.tcp.checksum = (bit<16>) tmp;
|
||||||
}
|
}
|
||||||
|
|
||||||
\end{verbatim}
|
\end{verbatim}
|
||||||
\centering
|
\centering
|
||||||
\caption{Calculating checksum based on header differences}
|
\caption{Calculating checksum based on header differences}
|
||||||
\label{fig:checksumbydiff}
|
\label{fig:checksumbydiff}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
The checksums for IPv4, TCP, UDP and ICMP6 are all based on the
|
While the P4-NetFPGA project~\cite{netfpga:_p4_netpf_public_github}
|
||||||
``Internet Checksum''~\cite{rfc791},~\cite{rfc1071}.
|
allows compiling P4 to the NetPFGA, the design slightly varies due to
|
||||||
Its calculation can be summarised as follows:
|
limitations in the available toolchain.
|
||||||
\begin{quote}
|
In particular, the NetFPGA P4 compiler does not support reading
|
||||||
The checksum field is the 16-bit one's complement of the one's
|
the payload.\footnote{This feature could be implemented in theory, but
|
||||||
complement sum of all 16-bit words in the header. For purposes of
|
isn't available at the moment, see~\cite{schottelius:_exter_p4_netpf}.}
|
||||||
computing the checksum, the value of the checksum field
|
For this reason it also does not support
|
||||||
is zero.\footnote{Quote from Wikipedia~\cite{wikipedia:_ipv4}.}.
|
creating the checksum based on the payload.
|
||||||
\end{quote}
|
To support checksum modifications in NAT64 on the NetFPGA, the
|
||||||
As the calculation mainly depends on on (1-complement) sums, the
|
checksum is calculated using differences between
|
||||||
checksums after translating the protocol can be corrected by
|
the IPv6 and IPv4 headers.
|
||||||
subtracting the differences of the relevant fields. It is notable that
|
|
||||||
not the full headers are used, but the pseudo headers (compare figures
|
As the checksum calculation only depends on the 1-complement sums of
|
||||||
|
headers and the payload (compare section \ref{background:checksums})
|
||||||
|
and only headers are modified during NAT64 translations, the higher
|
||||||
|
level protocol checksums can be corrected based on the sum of
|
||||||
|
differences of both headers. Thus our P4/NetFPGA implementation first
|
||||||
|
calculates the sum of the relevant IPv4 headers (\texttt{v4sum()}),
|
||||||
|
the sum of the relevant IPv6 headers (\texttt{v6sum()})
|
||||||
|
and then calculates the difference including a
|
||||||
|
possible carry bit and adjusts the higher level protocol by this
|
||||||
|
difference (\texttt{delta\_tcp\_from\_v6\_to\_v4()}).
|
||||||
|
Figure \ref{fig:checksumbydiff} shows an
|
||||||
|
excerpt of the code used for adjust the checksum when translating TCP
|
||||||
|
from IPv6 to IPv4.
|
||||||
|
It is notable that
|
||||||
|
not the full headers are used, but only a ``pseudo header'' (compare figures
|
||||||
\ref{fig:ipv6pseudoheader} and \ref{fig:ipv4pseudoheader}).
|
\ref{fig:ipv6pseudoheader} and \ref{fig:ipv4pseudoheader}).
|
||||||
To compensate the carry bit, our code uses 17 bit integers for
|
% ok
|
||||||
correcting the carry.
|
|
||||||
% FIXME: add note to python script / checksum diffing
|
|
||||||
|
|
||||||
|
|
||||||
% ----------------------------------------------------------------------
|
% ----------------------------------------------------------------------
|
||||||
\section{\label{design:benchmarks}Benchmarks}
|
\section{\label{design:benchmarks}Benchmarks}
|
||||||
The benchmarks were performed on two hosts, a load generator and a
|
|
||||||
nat64 translator. Both hosts were equipped with a dual port
|
|
||||||
Intel X520 10 Gbit/s network card. Both hosts were connected using DAC
|
|
||||||
without any equipment in between. TCP offloading was enabled in the
|
|
||||||
X520 cards. Figure \ref{fig:softwarenat64design}
|
|
||||||
shows the network setup.
|
|
||||||
\begin{figure}[h]
|
\begin{figure}[h]
|
||||||
\includegraphics[scale=0.5]{softwarenat64design}
|
\includegraphics[scale=0.5]{softwarenat64design}
|
||||||
\centering
|
\centering
|
||||||
\caption{NAT64 in software benchmark}
|
\caption{Benchmark design for NAT64 in software implementations}
|
||||||
\label{fig:softwarenat64design}
|
\label{fig:softwarenat64design}
|
||||||
\end{figure}
|
\end{figure}
|
||||||
|
We use two hosts for performing benchmarks: a load generator and a
|
||||||
|
NAT64 translator. Both hosts are equipped with a dual port
|
||||||
|
Intel X520 10 Gbit/s network card. Both hosts are connected using DAC
|
||||||
|
without any equipment in between. TCP offloading is enabled in the
|
||||||
|
X520 cards. Figure \ref{fig:softwarenat64design}
|
||||||
|
shows the network setup.
|
||||||
When testing the NetPFGA/P4 performance, the X520 cards in the NAT64
|
When testing the NetPFGA/P4 performance, the X520 cards in the NAT64
|
||||||
translator were diconnected and instead the NetPFGA ports were
|
translator are disconnected and instead the NetPFGA ports are
|
||||||
connected, as show in figure \ref{fig:netpfgadesign}. The load
|
connected, as show in figure \ref{fig:netpfgadesign}. The load
|
||||||
generator is equipped with a quad core CPU (Intel(R) Core(TM) i7-6700
|
generator is equipped with a quad core CPU (Intel(R) Core(TM) i7-6700
|
||||||
CPU @ 3.40GHz), enabled with hyperthreading and 16 GB RAM. The NAT64
|
CPU @ 3.40GHz), enabled with hyperthreading and 16 GB RAM. The NAT64
|
||||||
translator is also equipped with a quard core CPU (Intel(R) Core(TM)
|
translator is also equipped with a quard core CPU (Intel(R) Core(TM)
|
||||||
i7-4770 CPU @ 3.40GHz) and 16 GB RAM.
|
i7-4770 CPU @ 3.40GHz) and 16 GB RAM.
|
||||||
|
The first 10 seconds of the benchmark are excluded to avoid the TCP
|
||||||
The first 10 seconds of the benchmark were excluded to avoid the TCP
|
warm up phase.\footnote{iperf -O 10 parameter, see section \ref{design:tests}.}
|
||||||
warm up phase.\footnote{iperf -O 10 parameter}
|
|
||||||
\begin{figure}[h]
|
\begin{figure}[h]
|
||||||
\includegraphics[scale=0.5]{netpfgadesign}
|
\includegraphics[scale=0.5]{netpfgadesign}
|
||||||
\centering
|
\centering
|
||||||
|
|
BIN
doc/Thesis.pdf
BIN
doc/Thesis.pdf
Binary file not shown.
|
@ -2580,6 +2580,7 @@ Linux package management, handling updates, etc.
|
||||||
\printnomenclature
|
\printnomenclature
|
||||||
\abbrev{ARP}{Address resolution protocol}
|
\abbrev{ARP}{Address resolution protocol}
|
||||||
\abbrev{ASIC}{Application-specific integrated circuit}
|
\abbrev{ASIC}{Application-specific integrated circuit}
|
||||||
|
\abbrev{DAC}{Direct attach cable}
|
||||||
\abbrev{FGPA}{Field-programmable gate array}
|
\abbrev{FGPA}{Field-programmable gate array}
|
||||||
\abbrev{LPM}{Longes prefix matching}
|
\abbrev{LPM}{Longes prefix matching}
|
||||||
\abbrev{MTU}{Maximum transfer unit}
|
\abbrev{MTU}{Maximum transfer unit}
|
||||||
|
|
Loading…
Reference in New Issue