This year HPSR’s program will include three tutorials:
- Sunday, June 17th, 16:00 – 18:00:
- Monday, June 18th, 15:30 – 17:30:
- Tuesday, June 19th, 15:30 – 17:30:
Tutorial on P4, a Language for the Future Programmable Network Devices
P4 (p4.org) is a candidate language for the future programmable network devices that can be used for describing how network packets should be processed on a variety of hardware targets ranging from general-purpose CPUs to custom ASICs. Its main goals are 1) protocol independence: devices are not tied to existing protocols and new headers can be introduced easily; 2) reconfigurability: the behavior of the devices can be modified in run-time and 3) portability: the P4 program is independent of the hardware target. The packet processing model of P4 is quite similar to how OpenFlow works. There is a parsing phase at the beginning and a deparsing phase at the end. The former phase extracts the packet header structures and the contained data for further processing, the latter phase rebuilds the headers before sending out. The business logic is between these two phases, implementing a series of lookups in predefined match/action tables, branching on whether the lookup resulted in a hit or a miss. The real power of P4 lies here, describing these tables, lookups, and actions in an abstract, straightforward manner with the freedom of defining any kind of protocol headers.
Since its creation in 2013, P4 has been gaining adoption at an exponential rate, rapidly becoming the standard way to describe packet processing pipelines. The potential of the language to describe common networking tasks has already been showcased by some preliminary works. Today, a hectic ecosystem of open source software tools is maintained and developed by the P4 community. The P4 community has created—and continues to maintain and develop—a language specification, a set of open-source tools (compilers, debuggers, code analyzers, libraries, software P4 switches, etc.), and sample P4 programs with the goal of making it easy for P4 users to quickly and correctly author new data-plane behaviors. On 16th March it was announced that P4 will become a project of the Open Networking Foundation (ONF) and the Linux Foundation portfolio.
This half-day tutorial will introduce the audience to the latest version of P4 language (P4-16), providing attendees with the required knowledge to start developing and prototyping their own ideas on data plane logic. After introducing some basic examples including L2 forwarding and L3 routing, more complex use cases like BNG, mobile GW and VXLAN-based data center GW will be presented in a hands-on training session using available P4 development tools and compilers.
The tutorial will be useful to researchers, students, and practitioners from network admins and network architects to developers. Attendees are expected to bring their own laptops since we will provide a pre-configured VM image containing all necessary open-source tools and P4 programs. We advise the participants to pre-install. Approximately 10GB of free disk space is required for the virtual machine.
Date and Time
Sunday, June 17th, from 16:00 to 18:00
P Gyanesh Kumar Patra – Ph.D. candidate at University of Campinas, Brazil. His primary interests are in SDN and programmable dataplane. He has nearly five years of industry experience working on network operating systems, data center protocol like QCN, SPB, etc. He also worked as a visiting researcher at Ericsson Research, Hungary. Currently, he is pursuing his thesis on building cross-platform software switch for programmable dataplanes.
Péter Vörös – ELTE Eötvös Loránd University, Budapest, Hungary (Communication Networks Laboratory) Péter Vörös received the MSc degree and graduated in the doctoral school in computer science from the Eötvös Loránd University,
Budapest, Hungary, in 2014, and 2017 respectively. He is currently a doctoral candidate and working as an assistant lecturer at the Department of Information Systems, Eötvös Loránd University. He is recently working on projects in the topics of network security, traffic analytics and programmable data planes. He is one of the developers of the open-source multi-target P4 compiler called T4P4S.
Sándor Laki – ELTE Eötvös Loránd University, Budapest, Hungary (Communication Networks Laboratory) Sándor Laki received the MSc and PhD degrees in computer science from the Eötvös Loránd University, Budapest, Hungary, in 2007 and 2015, respectively. He is currently working as an assistant professor at the Department of Information Systems, Eötvös Loránd University. His research interests focus on active and passive network measurement techniques, traffic analytics, resource sharing, programmable data planes and their application for new networking solutions. He is the author of more than 25 peer-reviewed papers and demo papers including publications at JSAC, INFOCOM, ICC and SIGCOMM. He is one of the key contributors of the open-source multi-target P4 compiler development project called T4P4S.
Tutorial on eBPF
Toward Flexible and Efficient In-Kernel Network Function Chaining with IOVisor
Download the slides used at the tutorial here: 18-06-18 – IOVisor – HPSR
The eBPF Linux module, which represents the main component of the IOVisor technology, became part of the Linux kernel in 2013. This module enables arbitrary code to be dynamically injected and executed in the Linux kernel while at the same time providing hard safety guarantees in order to preserve the integrity of the system.
While, so far, this component has been used mainly for tracing, monitoring and statistics (in fact, several tools exist that extract information from network traffic and other kernel events such as page faults, system calls, and more), recent projects proposed its usage also for the creation of complex network functions.
This tutorial focuses on the high performance network processing capabilities of IOVisor and it presents the state of the art of the above technology, including XDP (eXpress Data Path), which enables a vanilla Linux kernel to sustain a 10Gbps wire-rate throughput. In addition, it presents the recent extensions of the Iovisor technology that allow the creation of complex network functions (switch, router, NAT, load balancer, firewall, etc.), including both data and control plane. This enables the creation of arbitrary modules, dynamically injectable at run-time, which can be used to create complex service chains and datacenter-wide services (such as the Cilium project).
Finally, this tutorial will summarize the possible interactions of IOVisor with other emerging technologies, such as OpenFlow/OpenState, P4, and SmartNICs.
Date and Time
Monday, June 18th, from 15:30 to 17:30
Fulvio Risso (Ph.D. in Computer Engineering) is Associate Professor at the Department of Control and Computer Engineering of Politecnico di Torino, Italy. His research interests focus on high-speed and flexible network processing, software-defined networks, and network functions virtualization. He started and led several open-source software projects including WinPcap, the de-facto library for capturing and analyzing traffic on Windows. Fulvio is author of 100+ scientific papers, mostly focused on high-speed and flexible network processing.
Mellanox Tutorial on SmartNICs
SmartNICs provide tight integration of compute power with the NIC hardware offloads for RDMA, steering, packet processing and security accelerators. It also enables software services to run transparently and in isolation from the host CPU on the network edge. These two SmartNICs properties enables a new class of data-center applications including Network Edge Security, Storage Virtualization, Bare Metal Clouds, SLA Monitoring and more.
Data-center security has been forced to reinvent itself as software complexity increases, networking capabilities grow more agile, and attack complexity turns unmanageable. With this change, the need for security policy enforcement to be handled at the edge has pushed functionality onto host compute systems, resulting in inherent performance loss and security weakness due to consolidation of resources. SmartNICs solve both the performance problem and the security problem of edge-centric policy models.
This tutorial will cover the architecture, principles of operation, and development flow of the Mellanox BlueField SmartNIC. The tutorial will include examples showing the difference between a NIC and a SmartNIC packet flow manipulation within the SmartNIC basic security operations and offloads security orchestration and policy enforcement.
Date and Time
Tuesday, June 19th, from 15:30 to 17:30
Jack Matheson is a principal architect at Mellanox Technologies, where he is responsible for the development of technology to make data-centers more secure. For 15 years, he has been building software/hardware hybrid solutions to help accelerate and secure workloads – most recently at McAfee, where he was the chief cloud architect for enterprise security, and Intel, as the software architect for cloud identity.