2. Overview
• Crossbow (The Name)
• The Past
• The Future is Present
• Past is Full of Problems
• CrossBow Architecture
• Demo
3. CrossBow (The Name)
• Crossbow was invented in 314 B.C in China
• They prevailed in middle ages when steel was used
in them
• Crossbows are easier to learn and more effective
than normal bows
• QoS mechanisms are the same as normal bows,
requires long time to master.
4. The Past
• Without QoS, life can turn into hell
• QoS mechanisms are
– Complex
– Come with a performance penalty
• The interrupt based delivery mechanism for inbound
packets and the QoS are implemented by a separate layer
• Packets are already delivered to the host memory by
means of interrupts before QoS takes place
5. The Future is Present
• Crossbow Crossbow completes
Network Virtualization
– Network Virtualization
– Resource Control
– Live Monitoring
• Networking Virtualization is
essential in today's Virtual
World
6. The Future is Present
• You can split physical NICs into multiple
VNICs
• A VNIC: a virtual network device with the
same data-link interface as a physical
interface.
• VNICs can have their own resources “DMA
channel, MAC, kernel threads and
queues”
• Each VNIC is implicitly connected to a
virtual switch that corresponds to the
physical interface.
• Virtual Machines on the same host can
communicate through Virtual Switches
7. Past is Full of Problems
• Interrupt driven packet delivery model precludes any kind of
policy enforcement and fair sharing.
• Most of the time, the processing of a critical packet is
interrupted to deal with the arrival of a non critical packet.
• The cost of dropping unwanted packets is too high
• Common queues and common threads make enforcing
policies based on traffic type very difficult.
• Pseudo NICs has no way of knowing about the hardware
capabilities of the real hardware
8. Crossbow's Architecture
• Integrates network virtualization and resource control
as part of the stack architecture.
• Pushes the classification of packets based on services,
protocols or virtual machines as far below as possible.
– Rx/Tx Rings -> CPU -> Squeue
• Rx/Tx ring, its DMA channel, MSI-X interrupt, the
Squeue, the CPU, and processing threads are unique for
the service, protocol or virtual machine
• It can be assigned a VNIC in case of Virtual Machines
9. Crossbow's Architecture
• If classification has already been done by the NIC to a
particular Rx ring the entire data link layer is bypassed
unless in promiscuous
• In case, the NIC hardware does not have classification
capability, soft rings are used in Data-link layer “Pseudo
Hardware Layer”
• The entire layered architecture is built on function
pointers known us 'upcall_func' and 'downcall_func'
10. Demo
Our demo has a vmachine on which we
wanna create a vnic for it, and put
alimit on the total nic ssh traffic
11. Demo
• Create the vnic:
root@A0059:~# dladm create-vnic -l e1000g0 f11-vnic1
• Assign the vnic to your vmachine
• Add the flow:
root@A0059:~# flowadm add-flow -l e1000g0 -a
transport=TCP,local_port=22 ssh-policy
• Set maximum bandwidth:
root@A0059:~# flowadm set-flowprop -p maxbw=50M ssh-policy
12. Thank you
Join Us
EGOSUG
http://www.opensolaris.org/os/project/egosug/
Ahmed Abdalla
http://www.Abd4llA.com
Abd4llA@AhmedAbdalla.net