lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 19 Dec 2019 08:32:09 -0800
From:   John Fastabend <john.fastabend@...il.com>
To:     Petr Machata <petrm@...lanox.com>,
        John Fastabend <john.fastabend@...il.com>
Cc:     "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        David Miller <davem@...emloft.net>,
        Roopa Prabhu <roopa@...ulusnetworks.com>,
        Jakub Kicinski <jakub.kicinski@...ronome.com>,
        Roman Mashak <mrv@...atatu.com>,
        Ido Schimmel <idosch@...lanox.com>,
        Jiri Pirko <jiri@...nulli.us>
Subject: Re: [PATCH net-next mlxsw v2 00/10] Add a new Qdisc, ETS

Petr Machata wrote:
> 
> John Fastabend <john.fastabend@...il.com> writes:
> 
> > Petr Machata wrote:
> >> The IEEE standard 802.1Qaz (and 802.1Q-2014) specifies four principal
> >> transmission selection algorithms: strict priority, credit-based shaper,
> >> ETS (bandwidth sharing), and vendor-specific. All these have their
> >> corresponding knobs in DCB. But DCB does not have interfaces to configure
> >> RED and ECN, unlike Qdiscs.
> >
> > So the idea here (way back when I did this years ago) is that marking ECN
> > traffic was not paticularly CPU intensive on any metrics I came up with.
> > And I don't recall anyone ever wanting to do RED here. The configuration
> > I usually recommended was to use mqprio + SO_PRIORITY + fq per qdisc. Then
> > once we got the BPF egress hook we replaced SO_PRIORITY configurations with
> > the more dynamic BPF action to set it. There was never a compelling perf
> > reason to offload red/ecn.
> >
> > But these use cases were edge nodes. I believe this series is mostly about
> > control path and maybe some light control traffic? This is for switches
> > not for edge nodes right? I'm guessing because I don't see any performance
> > analaysis on why this is useful, intuitively it makes sense if there is
> > a small CPU sitting on a 48 port 10gbps box or something like that.
> 
> Yes.
> 
> Our particular use case is a switch that has throughput in Tbps. There
> simply isn't enough bandwidth to even get all this traffic to the CPU,
> let alone process it on the CPU. You need to offload, or it doesn't make
> sense. 48 x 10Gbps with a small CPU is like that as well, yeah.

Got it so I suspect primary usage will be offload then at least for
the initial usage.

> 
> From what I hear, RED / ECN was not used very widely in these sorts of
> deployments, rather the deal was to have more bandwidth than you need
> and not worry about QoS. This is changing, and people experiment with
> this stuff more. So there is interest in strict vs. DWRR TCs, shapers,
> and RED / ECN.
> 
> >> In the Qdisc land, strict priority is implemented by PRIO. Credit-based
> >> transmission selection algorithm can then be modeled by having e.g. TBF or
> >> CBS Qdisc below some of the PRIO bands. ETS would then be modeled by
> >> placing a DRR Qdisc under the last PRIO band.
> >>
> >> The problem with this approach is that DRR on its own, as well as the
> >> combination of PRIO and DRR, are tricky to configure and tricky to offload
> >> to 802.1Qaz-compliant hardware. This is due to several reasons:
> >
> > I would argue the trick to configure part could be hid behind tooling to
> > simplify setup. The more annoying part is it was stuck behind the qdisc
> > lock. I was hoping this would implement a lockless ETS qdisc seeing we
> > have the infra to do lockless qdiscs now. But seems not. I guess software
> > perf analysis might show prio+drr and ets here are about the same performance
> > wise.
> 
> Pretty sure. It's the same algorithm, and I would guess that the one
> extra virtual call will not throw it off.

Yeah small in comparison to other performance issues I would guess.

> 
> > offload is tricky with stacked qdiscs though ;)
> 
> Offload and configuration both.
> 
> Of course there could be a script to somehow generate and parse the
> configuration on the front end, and some sort of library to consolidate
> on the driver side, but it's far cleaner and easier to understand for
> all involved if it's a Qdisc. Qdiscs are tricky, but people still
> understand them well in comparison.

At one point I wrote an app to sit on top of the tc netlink interface
and create common (at least for the customers at the time) setups. But
that tool is probably lost to history at this point.

I don't think its paticularly difficult to build this type of tool
on top of the API but also not against a new qdisc like this that
folds in a more concrete usage and aligns with a spec. And Dave
already merged it so good to see ;)

[...]

> >> The chosen interface makes the overall system both reasonably easy to
> >> configure, and reasonably easy to offload. The extra code to support ETS in
> >> mlxsw (which already supports PRIO) is about 150 lines, of which perhaps 20
> >> lines is bona fide new business logic.
> >
> > Sorry maybe obvious question but I couldn't sort it out. When the qdisc is
> > offloaded if packets are sent via software stack do they also hit the sw
> > side qdisc enqueue logic? Or did I miss something in the graft logic that
> > then skips adding the qdisc to software side? For example taprio has dequeue
> > logic for both offload and software cases but I don't see that here.
> 
> You mean the graft logic in the driver? All that stuff is in there just
> to figure out how to configure the device. SW datapath packets are
> still handled as usual.

Got it just wasn't clear to me when viewing it from the software + smartnic
use case. So is there a bug or maybe just missing feature, where if I
offloaded this on a NIC that both software and hardware would do the ETS
algorithm? How about on the switch would traffic from the CPU be both ETS 
classified in software and in hardware? Or maybe CPU uses different interface
without offload on?

> 
> There even is a selftest for the SW datapath that uses veth pairs to
> implement interconnect and TBF to throttle it (so that the scheduling
> kicks in).

+1

> 
> >>
> >> Credit-based shaping transmission selection algorithm can be configured by
> >> adding a CBS Qdisc under one of the strict bands (e.g. TBF can be used to a
> >> similar effect as well). As a non-work-conserving Qdisc, CBS can't be
> >> hooked under the ETS bands. This is detected and handled identically to DRR
> >> Qdisc at runtime. Note that offloading CBS is not subject of this patchset.
> >
> > Any performance data showing how accurate we get on software side? The
> > advantage of hardware always to me seemed to be precision in the WRR algorithm.
> 
> Quantum is specified as a number of bytes allowed to dequeue before a
> queue loses the medium. Over time, the amount of traffic dequeued from
> individual queues should average out to be the quanta your specified. At
> any point in time, size of the packets matters: if I push 1000B packets
> into a 10000B-quantum queue, it will use 100% of its allocation. If they
> are 800B packets, there will be some waste (and it will compensate next
> round).
> 
> As far as the Qdisc is defined, the SW side is as accurate as possible
> under given traffic patterns. For HW, we translate to %, and rounding
> might lead to artifacts. You kinda get the same deal with DCB, where
> there's no way to split 100% among 8 TCs perfectly fairly.
> 
> > Also data showing how much overhead we get hit with from basic mq case
> > would help me understand if this is even useful for software or just a
> > exercise in building some offload logic.
> 
> So the Qdisc is written to do something reasonable in the SW datapath.
> In that respect it's as useful as PRIO and DRR are. Not sure that as a
> switch operator you really want to handle this much traffic on the CPU
> though.

I was more thinking of using it in the smart nic case.

> 
> > FWIW I like the idea I meant to write an ETS sw qdisc for years with
> > the expectation that it could get close enough to hardware offload case
> > for most use cases, all but those that really need <5% tolerance or something.

Anyways thanks for the answers clears it up on my side. One remaining
question is if software does send packets if they get both classified
via software and hardware. Might be worth thinking about fixing if
that is the case or probably more likely switch knows not to do
this.

Thanks,
John

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ