Top Banner
1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona http://www.cs.princeton.edu/nsg/
25
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

1

Liquid SoftwareLarry Peterson

Princeton University

John HartmanUniversity of Arizona

http://www.cs.princeton.edu/nsg/

Page 2: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

2

Goals

• Build a High-Performance Active Router– no penalty for passive packets– pay only for the extensibility you need

• Demonstrate “Active Search” Application– Universal Search Interface (USI)– programmable query + aggregation in network

Page 3: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

3

Project Roadmap

Scout

NetTV/NetCAM

IP Router

Web Server

Firewall

Joust

NodeOS

Active Search

Next Generation Router

TimeQ1/99

Page 4: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

4

Scout OS• Targeted at Network Appliances

– network-attached devices, proxies, …

• Configurable– specialized for a particular appliance

• Path Abstraction– encapsulates I/O flow through the system

• Status– runs on Alpha and Pentium processors– currently distributing version 2.0

Page 5: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

5

NetTV

VGA

WIMP

MPEG

RTP UDP

IP

ETH

3COMKBD

NetTV• End-to-End Paths

- best effort - realtime

• Cycle Scheduler

- based on WFQ - steal to meet deadlines

Page 6: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

6

IP Router

Best-effortControlled-load

RSVP

DeviceDriver0

IP

Eth Eth

DeviceDriver1

• Link Schedulers - RED - RIO (DiffServ) - WFQ

Page 7: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

7

Web Server

• Resource Accounting– all cycles & memory– minimal overhead

• Protection Domains– isolate untrusted code– at any module boundary

• Policy– protect against denial of service– limit resource usage

SCSI

FS

HTTP

TCP

IP

ETH

Page 8: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

8

Proxy Firewall

TCP

IP

TCP

IP

Net1 Net2

HTTP Proxy

Page 9: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

9

Splicing Optimization

Net1 Net2

IP++

Page 10: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

10

Firewall PerformanceT

hro

ug

hp

ut

(pp

s)

1-byte TCP segments

05,000

10,00015,00020,00025,00030,00035,00040,00045,000

TISFirewall

WithProxy

Spliced IPRouter

Page 11: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

11

Firewall Performance (cont)

1460-byte TCP segments

05,000

10,00015,00020,00025,00030,00035,00040,00045,000

TISFirewall

WithProxy

Spliced IPRouter

Th

rou

gh

pu

t (p

ps)

Page 12: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

12

Joust

NFS

RPC

UDP

TCP

DNSWIMP

VGA KBD

IP

ARP

ETH

JVM

• Status - supports JDK 1.1.x - runs on Scout, Linux, Solaris, Irix

• Toba Compiler - WAT: Java-to-C - JIT: on x86

Page 13: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

13

0

200

400

600

800

1000

1200

1400

1600

1800

2000

Joust Toba/Linux JDK/Linux

ANTS

Java

OS

Joust PerformanceR

ou

nd

Tri

p L

aten

cy (

Mic

rose

con

ds)

Page 14: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

14

NodeOS• Multiplex Node Resources• Features

– optimized to forward packets

– fine-grained (per-flow) multiplexing

– permit cut-through flows– access to OS/HW-specific

features• Status

– draft interface spec– prototype implementation

Scout

Joust

NodeOS API

ANTS PLAN JANE . . .ExecutionEnvironments

NodeOS

Page 15: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

15

Next Generation Router

• Extensible

• Scalable

• Open

• Commodity Components

• Performance

• Robust

Page 16: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

16

Rest of the Internet My Network

Edge Routers

RR

Assumption Boundary

UntrustedReliable

High LatencyHigh BW

High PowerDiffServ

TrustedFlakyLow LatencyLow BWLow PowerIntServ

Page 17: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

17

Scalable Servers

R...

.

.

.

.

.

.

Client(s)

Server Nodes

Balance LoadCache DataProtocol TranslationPartition Data Stream

Page 18: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

18

Router as LAN

R

R

Authenticate UsersFilter PacketsIntrusion Detection

Page 19: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

19

Active Networks

Page 20: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

20

Traditional Routers

+ extensible+ open– low throughput– not scalable

+ high throughput– not extensible– limited scalability– closed

Line card(forwarding buffering)

Line card(forwarding buffering)

Lin

e ca

rd(f

orw

ardi

ng

buff

erin

g)

Lin

e ca

rd(f

orw

ardi

ng

buff

erin

g)

CPUBuffer

memory

Routing softwarew/ COTS OS

Routing softwarew/ COTS OS

NI

asli

ne c

ard

NI

asli

ne c

ard

NI

asli

ne c

ard

...

RoutingCPU

Buffermemory

Routing softwarew/ router OS

Routing softwarew/ router OS

Page 21: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

21

Key Ideas

• Closer integration of...– processing cycles – switching bandwidth

• Implement hierarchy of…– classification mechanisms– processing paths

Page 22: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

22

Hardware Architecture

200GbpsCrossbarSwitch

KatmaiCPU

MEM

NI withuP...

NI withuP

KatmaiCPU

MEM

NI withuP...

NI withuP

KatmaiCPU

MEM

NI withuP...

NI withuP

KatmaiCPU

MEM

NI withuP...

NI withuP

KatmaiCPU

MEM

NI withuP...

NI withuP

KatmaiCPU

MEM

NI withuP...

NI withuP

Page 23: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

23

Scalable Router

200Gbpscrossbarswitch

Kat

mai

CP

U

ME

M

NI

wit

huP . . .

NI

wit

huP

Kat

mai

CP

U

ME

M

NI

wit

huP . . .

NI

wit

huP

200Gbpscrossbarswitch

Kat

mai

CP

U

ME

M

NI

wit

huP. . .

NI

wit

huP

Kat

mai

CP

U

ME

M

NI

wit

huP. . .

NI

wit

huP

. . .

Kat

mai

CP

U

ME

M

NI

wit

huP . . .

NI

wit

huP

Kat

mai

CP

U

ME

M

NI

wit

huP . . .

NI

wit

huP

200Gbpscrossbarswitch

. . .

. . .. . .K

atm

aiC

PU

ME

M

NI

wit

huP

. . .N

I w

ith

uP

Kat

mai

CP

U

ME

M

NI

wit

huP

. . .N

I w

ith

uP

200Gbpscrossbarswitch

. . . . . .

Page 24: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

24

Hierarchy of Paths

Output Port

Slow/Programmable

Fast/FixedHardware

JIT

Input Port

Hardware

.

.

.

Hardware +

JITEE (user space)

Kernel

Line Card

Page 25: 1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona

25

Challenges• Refine Architecture

– balance hardware configuration– partition functionality

• Interfaces– hardware/OS– EE/OS (NodeOS Interface)

• Scheduling and Resource Allocation– cycle and link bandwidth– multi-switch channels– protect against denial-of-service attacks