lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20181101115522.10b0dd0a@redhat.com>
Date:   Thu, 1 Nov 2018 11:55:44 +0100
From:   Jesper Dangaard Brouer <brouer@...hat.com>
To:     David Ahern <dsahern@...il.com>
Cc:     brouer@...hat.com,
        Paweł Staszewski <pstaszewski@...are.pl>,
        netdev <netdev@...r.kernel.org>, Yoel Caspersen <yoel@...knet.dk>
Subject: Re: Kernel 4.19 network performance - forwarding/routing normal
 users traffic

On Wed, 31 Oct 2018 21:37:16 -0600 David Ahern <dsahern@...il.com> wrote:

> This is mainly a forwarding use case? Seems so based on the perf report.
> I suspect forwarding with XDP would show pretty good improvement. 

Yes, significant performance improvements.

Notice Davids talk: "Leveraging Kernel Tables with XDP"
 http://vger.kernel.org/lpc-networking2018.html#session-1

It looks like that you are doing "pure" IP-routing, without any
iptables conntrack stuff (from your perf report data).  That will
actually be a really good use-case for accelerating this with XDP.

I want you to understand the philosophy behind how David and I want
people to leverage XDP.  Think of XDP as a software offload layer for
the kernel network stack. Setup and use Linux kernel network stack, but
accelerate parts of it with XDP, e.g. the route FIB lookup.

Sample code avail here:
 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/samples/bpf/xdp_fwd_kern.c

(I do warn, what we just found a bug/crash in setup+tairdown for the
mlx5 driver you are using, that we/mlx _will_ fix soon)


> You need the vlan changes I have queued up though.

I know Yoel will be very interested in those changes too! I've
convinced Yoel to write an XDP program for his Border Network Gateway
(BNG) production system[1], and his is a heavy VLAN user.  And the plan
is to Open Source this when he have-something-working.

[1] https://www.version2.dk/blog/software-router-del-5-linux-bng-1086060
-- 
Best regards,
  Jesper Dangaard Brouer
  MSc.CS, Principal Kernel Engineer at Red Hat
  LinkedIn: http://www.linkedin.com/in/brouer

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ