Tutorial on eBPF
Toward Flexible and Efficient In-Kernel Network Function Chaining with IOVisor
The eBPF Linux module, which represents the main component of the IOVisor technology, became part of the Linux kernel in 2013. This module enables arbitrary code to be dynamically injected and executed in the Linux kernel while at the same time providing hard safety guarantees in order to preserve the integrity of the system.
While, so far, this component has been used mainly for tracing, monitoring and statistics (in fact, several tools exist that extract information from network traffic and other kernel events such as page faults, system calls, and more), recent projects proposed its usage also for the creation of complex network functions.
This tutorial focuses on the high performance network processing capabilities of IOVisor and it presents the state of the art of the above technology, including XDP (eXpress Data Path), which enables a vanilla Linux kernel to sustain a 10Gbps wire-rate throughput. In addition, it presents the recent extensions of the Iovisor technology that allow the creation of complex network functions (switch, router, NAT, load balancer, firewall, etc.), including both data and control plane. This enables the creation of arbitrary modules, dynamically injectable at run-time, which can be used to create complex service chains and datacenter-wide services (such as the Cilium project).
Finally, this tutorial will summarize the possible interactions of IOVisor with other emerging technologies, such as OpenFlow/OpenState, P4, and SmartNICs.
Fulvio Risso (Ph.D. in Computer Engineering) is Associate Professor at the Department of Control and Computer Engineering of Politecnico di Torino, Italy. His research interests focus on high-speed and flexible network processing, software-defined networks, and network functions virtualization. He started and led several open-source software projects including WinPcap, the de-facto library for capturing and analyzing traffic on Windows. Fulvio is author of 100+ scientific papers, mostly focused on high-speed and flexible network processing.
Mellanox Tutorial on SmartNICs
Innova2 Tutorial: An Industrial Strength Capable FPGA +NIC Platform
Data Centers, Machine Learning platforms and 5G infrastructure present significant challenges to the network infrastructure, including bandwidth and latency as well as power and cost. It is long known that FPGAs provide the ultimate programmability in close to hardware cost. Tight integration of the silicon accelerators, like RDMA and encryption, provided by modern NICs with FPGA flexibility has a great potential to meet these challenges. But Bump on the Wire Architecture does not meet the NFV requirements as the FPGA has to be aware of all the VM flow control rules, which get updated very fast.
Mellanox invented Innova®2 which allows the FPGA to offload virtual networks and virtual machines, without the need to parse and update the FPGA about the packet header. In this tutorial, we will present the Mellanox Innova®2 FPGA+NIC integrated board and teach you how to build the future network-edge applications on top of it. The tutorial covers the architecture, the principles of operations, and the development environment.
The tutorial will include two practical examples as follows:
- Catch a specific vflow in FPGA without a single line of FPGA coding.
- Modify the flow packets in the FPGA.
Dotan Levi is a senior architect at Mellanox Technologies. He has 13 years of experience, spread across software, hardware, algorithms and architectures. In the past Dotan worked for Zoran Semiconductor (later acquired by CSR) doing algorithms and architectures. Dotan holds a B.Sc degree in Electrical Engineering from Technicon Israel Institute of Technology.