All bow to OpenSolaris CrossBow

Abd4llAEGOSUG

• Crossbow (The Name)• The Past• The Future is Present• Past is Full of Problems• CrossBow Architecture• Demo

Overview

• Crossbow was invented in 314 B.C in China

• They prevailed in middle ages when steel was used in them

• Crossbows are easier to learn and more effective than normal bows

• QoS mechanisms are the same as normal bows, requires long time to master.

CrossBow (The Name)

• Without QoS, life can turn into hell

• QoS mechanisms are

– Complex

– Come with a performance penalty

• The interrupt based delivery mechanism for inbound packets and the QoS are implemented by a separate layer

• Packets are already delivered to the host memory by means of interrupts before QoS takes place

•

The Past

• Crossbow

– Network Virtualization

– Resource Control

– Live Monitoring

• Networking Virtualization is essential in today's Virtual World

The Future is Present

Crossbow completes Network Virtualization

The Future is Present

• You can split physical NICs into multiple VNICs

• A VNIC: a virtual network device with the same data-link interface as a physical interface.

• VNICs can have their own resources “DMA channel, MAC, kernel threads and queues”

• Each VNIC is implicitly connected to a virtual switch that corresponds to the physical interface.

• Virtual Machines on the same host can communicate through Virtual Switches

• Interrupt driven packet delivery model precludes any kind of policy enforcement and fair sharing.

• Most of the time, the processing of a critical packet is interrupted to deal with the arrival of a non critical packet.

• The cost of dropping unwanted packets is too high

• Common queues and common threads make enforcing policies based on traffic type very difficult.

• Pseudo NICs has no way of knowing about the hardware capabilities of the real hardware

Past is Full of Problems

• Integrates network virtualization and resource control as part of the stack architecture.

• Pushes the classification of packets based on services, protocols or virtual machines as far below as possible.

– Rx/Tx Rings -> CPU -> Squeue

• Rx/Tx ring, its DMA channel, MSI-X interrupt, the Squeue, the CPU, and processing threads are unique for the service, protocol or virtual machine

• It can be assigned a VNIC in case of Virtual Machines

Crossbow's Architecture

• If classification has already been done by the NIC to a particular Rx ring the entire data link layer is bypassed unless in promiscuous

• In case, the NIC hardware does not have classification capability, soft rings are used in Data-link layer “Pseudo Hardware Layer”

• The entire layered architecture is built on function pointers known us 'upcall_func' and 'downcall_func'

• ss

Crossbow's Architecture

Our demo has a vmachine on which we wanna create a vnic for it, and put alimit on the total nic ssh traffic

Demo

• Create the vnic:root@A0059:~# dladm create-vnic -l e1000g0 f11-vnic1

• Assign the vnic to your vmachine

• Add the flow:root@A0059:~# flowadm add-flow -l e1000g0 -a

transport=TCP,local_port=22 ssh-policy

• Set maximum bandwidth:root@A0059:~# flowadm set-flowprop -p maxbw=50M ssh-policy

Demo

Thank you

Join Us

EGOSUGhttp://www.opensolaris.org/os/project/egosug/

Ahmed AbdallaAhmed Abdalla

http://www.Abd4llA.comhttp://www.Abd4llA.com

Abd4llA@AhmedAbdalla.netAbd4llA@AhmedAbdalla.net