pisces: a programmable, protocol-independent software switch
TRANSCRIPT
![Page 1: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/1.jpg)
PISCES: A P4-Enabled OVSMuhammad Shahbaz, Cian Ferriter
Princeton, Intel
P4
![Page 2: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/2.jpg)
PISCES: A P4-Enabled OVS
PISCESvSwitch
P4
OVS
![Page 3: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/3.jpg)
Fast Packet IO (or Forwarding)KernelDPDK
Internal Architecture of OVS
OVS
![Page 4: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/4.jpg)
Internal Architecture of OVS
OVS
Packet Processing Logic
Kernel
Parser Match-Action PipelineComplex APIs
DPDK
![Page 5: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/5.jpg)
Kernel
Parser Match-Action Pipeline
DPDK
OVS
Internal Architecture of OVS
![Page 6: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/6.jpg)
Kernel
Parser Match-Action Pipeline
DPDK
OVS
Internal Architecture of OVS
![Page 7: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/7.jpg)
Internal Architecture of OVS
Kernel
Parser Match-Action Pipeline
DPDK
OVS
![Page 8: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/8.jpg)
Road to Protocol Independence
Kernel
Parser Match-Action Pipeline
DPDK
OVS
Domain-Specific Language
Parser Match-Action Pipeline
Compile
![Page 9: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/9.jpg)
Road to Protocol Independence
Kernel
Parser Match-Action Pipeline
DPDK
OVS
Parser Match-Action Pipeline
Compile
P4 is an open-source language.[1]
Describes different aspects of a packet processor:- Packet headers and fields- Metadata- Parser - Actions- Match-Action Tables (MATs)- Control Flow
P4[1]
[1] http://www.p4.org
![Page 10: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/10.jpg)
Road to Protocol Independence
Kernel
Parser Match-Action Pipeline
DPDK
OVS
P4[1]
Parser Match-Action Pipeline
[1] http://www.p4.org
Native OVS
341 lines of code
14,535 lines of code
Compile
![Page 11: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/11.jpg)
Road to Protocol Independence
KernelDPDK
OVS
P4[1]
[1] http://www.p4.org
OVS Forwarding Model
Compile
P4 Forwarding Model
Performance Overhead!
![Page 12: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/12.jpg)
P4 Forwarding Model
PacketParser Match-Action
Tables
PacketDeparser
Ingress Egress
HeaderFields
(Post-Pipeline Editing)
ChecksumVerify
ChecksumUpdate
![Page 13: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/13.jpg)
OVS Forwarding Model
PacketParser
Ingress Match-ActionCache
Egress
Miss
Match-ActionTables
Flow Rule
Slow-path
Fast-path
![Page 14: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/14.jpg)
OVS Forwarding Model
PacketParser
Ingress Match-ActionCache
EgressMatch-ActionTables
Hit
Egress
Slow-path
Fast-path
![Page 15: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/15.jpg)
OVS Forwarding Model
PacketParser
Ingress Match-ActionCache
EgressMatch-ActionTables
Egress
(Inline Editing)
Slow-path
Fast-path
![Page 16: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/16.jpg)
PISCES Forwarding Model (Modified OVS)
PacketParser
Ingress Match-ActionCache
Match-ActionTables
PacketDeparser
Egress
• Supports both editing modes:- Inline Editing- Post-pipeline Editing
ChecksumVerify
ChecksumUpdate
Slow-path
Fast-path
![Page 17: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/17.jpg)
PISCES: Compiling P4 to OVS
Packet
Parser Match-Action
Tables
Packet
Deparser
Ingress Egress
Packet
Parser
Ingress Match-Action
Cache
Match-Action
Tables
Egress
P4
modified
OVS
Checksum
Verify
Checksum
Update
Checksum
VerifyChecksum
UpdatePacket
Depraser
![Page 18: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/18.jpg)
PISCES Forwarding Model (Modified OVS)
PacketParser
Ingress PacketDeparser
EgressChecksum
VerifyChecksum
Update
Match-ActionTables
Match-ActionCache
Slow-path
Fast-path
![Page 19: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/19.jpg)
PISCES Forwarding Model (Modified OVS)
PacketParser
Ingress
Megaflow Cache
PacketDeparser
EgressChecksum
VerifyChecksum
UpdateMicroflow Cache
Match-ActionTables
Slow-path
Fast-path
![Page 20: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/20.jpg)
PISCES Forwarding Model (Modified OVS)
PacketParser
Ingress
Megaflow Cache
PacketDeparser
EgressChecksum
VerifyChecksum
Update
Match-ActionTables
Slow-path
Fast-path
![Page 21: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/21.jpg)
Naïve Compilation from P4 to OVS (L2L3-ACL)
0
10
20
30
40
50
64 128 192 256
Thro
ugh
pu
t (G
bp
s)
Packet Size (Bytes)
Naïve OVS Performance overhead of
~ 40%
![Page 22: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/22.jpg)
Causes of Performance Overhead
Packet
Parser
IngressMegaflow Cache
Match-Action
Tables
Packet
Deparser
EgressChecksum
VerifyChecksum
Update
CPU Cycles per Packet
Cache Misses
![Page 23: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/23.jpg)
Cause: CPU Cycles per Packet
76.5
209.5
379.5
43.6
197.5
132.5
0
100
200
300
400
Parser Cache: Match Cache: Actions
L2L3-ACL (CPU Cycles for a 64 Byte Packet)
Naïve OVS
7.6
13.5
0
5
10
15
Throughput (Gbps)
![Page 24: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/24.jpg)
Factors affecting CPU Cycles per Packet
a. Extra copy of headers
b. Fully-specified Checksum
c. Parsing unused header fields
and more …
![Page 25: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/25.jpg)
76.5
209.5
379.5
29.3
130.8
43.6
197.5
132.5
0
100
200
300
400
Parser Cache: Match Cache: Actions
L2L3-ACL (CPU Cycles for a 64 Byte Packet)
Naïve Inline Inc. Chksm Parsr Spcl Act Spcl Act Coalcng OVS
7.6
13.3 13.5
0
5
10
15
Throughput (Gbps)
Different Optimizations for L2L3-ACL
![Page 26: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/26.jpg)
0
10
20
30
40
50
64 128 192 256
Thro
ugh
pu
t (G
bp
s)
Packet Size (Bytes)
Naïve Optimized OVS
Optimized Compilation from P4 to OVS (L2L3-ACL)
Performance overhead of
< 2%
![Page 27: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/27.jpg)
Cause: Cache Misses
PacketParser
Ingress Match-ActionCache
Match-ActionTables
PacketDeparser
EgressChecksum
VerifyChecksum
Update
Cache Misses
• 3500+ Cycles (50x Cache hit) • Throughput < 1 Mpps
![Page 28: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/28.jpg)
Factors affecting Cache Misses
a. Entropy of packet header fields
b. Stateful operations in the match-action cache (or fast path).
![Page 29: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/29.jpg)
PISCES Forwarding Model (Modified OVS)
PacketParser
Ingress
Megaflow Cache
PacketDeparser
EgressChecksum
VerifyChecksum
UpdateMicroflow Cache
Match-ActionTables
Slow-path
Fast-path
![Page 30: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/30.jpg)
PISCES Forwarding Model (Modified OVS)
Microflow Cache
![Page 31: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/31.jpg)
Internals of the Microflow Cache
Packet in Extract
FieldsHash Fields
P4 File
PacketoutPerform
Lookup
Miss
Hit
Microflow Cache
to MegaflowCache
![Page 32: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/32.jpg)
7.7286.464
Thro
ugh
pu
t (G
bp
s)
Phy-Phy, L3 Router Case, 64B
OVS PISCES
Performance with the Microflow Cache
![Page 33: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/33.jpg)
Cause of Performance Degradation
Cacheline 64 Bytes
0 Metadata
1 MetadataEthernet Header
2 IPv4 (1st 16Bytes) IPv4 + L4 Proto Empty
Simplified “flow” Structure
![Page 34: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/34.jpg)
7.728 8.198Th
rou
ghp
ut (
Gb
ps)
Phy-Phy, L3 Router Case, 64B
OVS PISCES
Performance with the Microflow Cache
![Page 35: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/35.jpg)
Varying the Number of Hash Fields
8.682
8.198T
hro
ugh
pu
t (G
bp
s)
L2 Address (2 Fields) Five Tuple (5 Fields)
![Page 36: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/36.jpg)
Questions?
![Page 37: PISCES: A Programmable, Protocol-Independent Software Switch](https://reader031.vdocuments.us/reader031/viewer/2022030319/5849598b1a28aba93a8dd1ff/html5/thumbnails/37.jpg)
Disclaimers
Intel does not control or audit third-party benchmark data or the web sites referenced in this document. You should visit the referenced web site and confirm whether referenced data are accurate.
Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software or service activation. Performance varies depending on system configuration. No computer system can be absolutely secure. Check with your system manufacturer or retailer or learn more at [intel.com].