© 2014 VMware Inc. All rights reserved. Open vSwitch for Microsoft Hyper-V Eitan Eliahu, Nithin Raju, Ankur Sharma Network & Security Business Unit.

Slides:



Advertisements
Similar presentations
Device Virtualization Architecture
Advertisements

Virtual Machine Queue Architecture Review Ali Dabagh Architect Windows Core Networking Don Stanwyck Sr. Program Manager NDIS Virtualization.
Fluffy’s Safe Right? If you want to limit a user’s functionality, don’t make them an administrator.
DOT – Distributed OpenFlow Testbed
Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.
Open vSwitch. What is Open vSwitch ?  Open vSwitch is an open source OpenFlow capable virtual switch that is typically used with hypervisor to interconnect.
OPERATING SYSTEMS Threads
Outlines Backgrounds Goals Implementation Performance Evaluation
PAGE 2 PAGE 3 INTRODUCING HYPER-V EXTENSIBLE SWITCH.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Keith Wiles DPACC vNF Overview and Proposed methods Keith Wiles – v0.5.
Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.
I/O Hardware n Incredible variety of I/O devices n Common concepts: – Port – connection point to the computer – Bus (daisy chain or shared direct access)
Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition Chapter 2: Operating-System Structures Modified from the text book.
 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.
Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.
Network Architecture and Protocol Concepts. Network Architectures (1) The network provides one or more communication services to applications –A service.
What’s new in Hyper-V in Windows Server 2012 (Part 2) Stu Fox Technical Specialist, Microsoft NZ VIR315.
LWIP TCP/IP Stack 김백규.
Operating System Support for Virtual Machines Samuel T. King, George W. Dunlap,Peter M.Chen Presented By, Rajesh 1 References [1] Virtual Machines: Supporting.
Hardware Definitions –Port: Point of connection –Bus: Interface Daisy Chain (A=>B=>…=>X) Shared Direct Device Access –Controller: Device Electronics –Registers:
Xen I/O Overview. Xen is a popular open-source x86 virtual machine monitor – full-virtualization – para-virtualization para-virtualization as a more efficient.
Internet Addresses. Universal Identifiers Universal Communication Service - Communication system which allows any host to communicate with any other host.
LWIP TCP/IP Stack 김백규.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
© 2010 IBM Corporation Plugging the Hypervisor Abstraction Leaks Caused by Virtual Networking Alex Landau, David Hadas, Muli Ben-Yehuda IBM Research –
Xen and The Art of Virtualization Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt & Andrew Warfield.
A Comparative Study of the Linux and Windows Device Driver Architectures with a focus on IEEE1394 (high speed serial bus) drivers Melekam Tsegaye
Inside Microsoft’s Network and Storage VSP/VSC Brian Henry Program Manager Windows Virtualization Microsoft Corporation.
Windows 2000 Course Summary Computing Department, Lancaster University, UK.
Fast NetServ Data Path: OpenFlow integration Emanuele Maccherani Visitor PhD Student DIEI - University of Perugia, Italy IRT - Columbia University, USA.
NDIS 6.20 Overview Bob Combs Lead Program Manager Core Networking Narsi Nagampalli Lead Software Development Engineer Core Networking.
Virtual Machine Queue Driver Development Sambhrama Mundkur Sr. Software Design Engineer Core Networking
Unit OS A: Windows Networking A.4. Lab Manual. 2 Copyright Notice © David A. Solomon and Mark Russinovich These materials are part of the Windows.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Porting IPN2220AP on Embedded System SW Engineer:Yeh, Chih Hao, Embedded System Inprocomm, Inc, Taiwan.
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Full and Para Virtualization
The Goals Proposal Realizing broadcast/multicast in virtual networks
Introduction to Mininet, Open vSwitch, and POX
VIRTUAL NETWORK PIPELINE PROCESSOR Design and Implementation Department of Communication System Engineering Presented by: Mark Yufit Rami Siadous.
Level 300 Windows Server 2012 Networking Marin Franković, Visoko učilište Algebra.
CSCI/CMPE 4334 Operating Systems Review: Exam 1 1.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
Atrium Router Project Proposal Subhas Mondal, Manoj Nair, Subhash Singh.
AVS Brazos : IPv6. Agenda AVS IPv6 background Packet flows TSO/TCO Configuration Demo Troubleshooting tips Appendix.
Overview of today’s lecture Major components of an operating system Structure and internal architecture of an operating system Monolithic Vs Micro-kernels.
An open source user space fast path TCP/IP stack and more…
Network Virtualization Ben Pfaff Nicira Networks, Inc.
LISA Linux Switching Appliance Radu Rendec Ioan Nicu Octavian Purdila Universitatea Politehnica Bucuresti 5 th RoEduNet International Conference.
Introduction to Networks v6.0
Virtual Machine Monitors
New Approach to OVS Datapath Performance
Heitor Moraes, Marcos Vieira, Italo Cunha, Dorgival Guedes
Instructor Materials Chapter 5: Ethernet
LWIP TCP/IP Stack 김백규.
Lecture 24 Virtual Machine Monitors
1.
Lec 5 Layers Computer Networks Al-Mustansiryah University
Chapter 3: Windows7 Part 4.
Chapter 13: I/O Systems.
Internet Control Message Protocol (ICMP)
Open vSwitch HW offload over DPDK
Implementing an OpenFlow Switch on the NetFPGA platform
Offloading Linux LAG devices Via Open vSwitch and TC
All or Nothing The Challenge of Hardware Offload
Empowering OVS with eBPF
Top #1 in China Top #3 in the world
CSE 451: Operating Systems Autumn Module 24 Virtual Machine Monitors
Presentation transcript:

© 2014 VMware Inc. All rights reserved. Open vSwitch for Microsoft Hyper-V Eitan Eliahu, Nithin Raju, Ankur Sharma Network & Security Business Unit

Open vSwitch for Microsoft Hyper-V 1.Project Introduction 1.Hyper-V Switch extensions framework 1.Introduction to NDIS framework 1.Internals of OVS for Hyper-V 1.Fun stuff Agenda

Open vSwitch for Microsoft Hyper-V Develop Open vSwitch on the Hyper-V platform Shared effort of Cloudbase and VMware Weekly IRC meeting for discussions –Tuesday 10 AM PST on #openvswitch OVS on Hyper-V, What is all about?

Open vSwitch for Microsoft Hyper-V Interoperable with other Hypervisors User cross platform common code Extensible Netlink protocol for user/kernel interface Windows specific OS primitives for threads, synchronization, and system IOCTL calls Leverage Switch Extension Framework for enforcing packet forwarding Design Objectives...

Open vSwitch for Microsoft Hyper-V Design Objectives Leverage WFP callout filter driver Zero copy of packet data in Datapath Support various tunneling protocols Asynchronous I/O, NDIS Framework, Event driven notification for Missed packets and port state changes Use host IP stack for fragment reassembly

Child Partitions (Guest) OVS Forwarding Extension INGRESSINGRESS EGRESSEGRESS Hyper-V extensible switch Interface device Flowtable Packet Processing WFP Callout Driver Virtual Machine #1 Virtual Machine #2 VIF Physical NIC ovs-vswitchd netlink socket(emulation) User NDIS Stack Root Partition (Host) ovs-*ctl Netlink Message Impl. Kernel dpif- netlink netdev- windows Hyper-V Internal NIC High Level Architecture vport table

Open vSwitch for Microsoft Hyper-V Hyper-V Extensible Switch - Overview Layered instances of NDIS filter drivers (“switch extensions”) for monitoring, modifying and forwarding Each layer has an upper “miniport” interface and a lower “protocol” interface. Packet (NBLs) are forwarded through modifying or inserting ports in the packet forwarding context (OOB). Packets are transferred through the filter driver in an asynchronous fashion

Open vSwitch for Microsoft Hyper-V Hyper-V Extensible Switch Architecture MSDN Documentation

Child Partitions (Guest) INGRESSINGRESS EGRESSEGRESS Hyper-V extensible switch Virtual Machine #1 Virtual Machine #2 VIF Physical NIC NDIS Stack Hyper-V Internal NIC 1 Packet Flow in Hyper-V Virtual Switch 1.Packet Injected to Ingress path 2.Packet sent to extension 3.Packet sent to miniport edge of switch 4.Packet shows up on Egress path 5.Packet sent to destination VM or Physical NIC 4

Open vSwitch for Microsoft Hyper-V OVS extension gets packet from Hyper-V Extensible Switch OVS extracts a “flow key” for that packet and looks up flow If a match is found (typical case)the flow destination ports are set into the packet “forward context” of the NBL If no match packet sent to usermode via upcall In turn, user mode processes the packet and will send it back to the driver as a raw data. (a new flow is installed) Driver allocates a new packet and injects into ingress path If the destination port is a Tunnel port the packet is encapsulated and sent to the external port Typical Ingress Packet Flow with OVS

Child Partitions (Guest) OVS Forwarding Extension INGRESSINGRESS EGRESSEGRESS Hyper-V extensible switch “OpenvSwithDevice” device Flowtable Packet Processing WFP Callout Driver Virtual Machine #1 Virtual Machine #2 VIF Physical NIC ovs-vswitchd netlink socket(emulation) User NDIS Stack Root Partition (Host) ovs-*ctl Netlink Message Impl. Kernel dpif- netlink netdev- windows Hyper-V Internal NIC 1 High Level Architecture vport table

Open vSwitch for Microsoft Hyper-V Kernel Datapath - About OVSEXT - NDIS Filter driver implementing forwarding extensions Compiled using Visual Studio 2013 Documentation in datapath-windows/DESIGN

Open vSwitch for Microsoft Hyper-V Interfacing with NDIS stack Registers drivers with NDIS upon load OVS datapath created/deleted when OVS extension is enabled/disabled on a Hyper-V switch Supports single OVS datapath Control path - OID callbacks Datapath - Ingress, and Ingress completion Kernel Datapath - Components...

Open vSwitch for Microsoft Hyper-V Interfacing with OVS Userspace Control device for Userspace to talk to kernel datapath Netlink sockets emulated in userspace using handles to control device Netlink message handling in kernel datapath Netlink commands in openvswitch.h supported, with extensions defined in OvsDpInterfaceExt.h Kernel Datapath - Components...

Open vSwitch for Microsoft Hyper-V Port management OVS-port-name is identity of port in Datapath & OVSDB Port enumerated on the Hyper-V switch need to be “activated” by adding it from OVS userspace Hyper-V internal port attached to the Host IP stack –Used as VTEP Port Event notifications - create/delete/update Kernel Datapath - Components...

Open vSwitch for Microsoft Hyper-V Optimized Buffer (NBL) management Avoid deep-copies of NBLs. Works by keeping ref count to parent NBLs, and shallow copying MDLs Zero copy in the OVS extension Tunneling IP Helper for ARP resolution & Route lookup VXLAN tunnelling supported. Easy to extend Flowtable/Actions Supports all basic actions including set L2/L3 Kernel Datapath - Components...

Open vSwitch for Microsoft Hyper-V NIC Offloads completion (VIF NIC) Checksum and TSO completion in Transmit direction Checksum verification in Receive direction Packet send/miss to userspace Packet notification to avoid busy polling in userspace Kernel Datapath - Components...

Open vSwitch for Microsoft Hyper-V Posix code ported to Windows Netlink sockets emulated Unified DPIF provider for Linux & Windows –Uses pool of netlink sockets per handler (thread) Netdev-Windows implemented using netlink commands in kernel datapath Userspace - Components...

Open vSwitch for Microsoft Hyper-V PowerShell cmdlet Set the “OVS-Port-Name” of a port to name in OVSDB, so datapath can map the Hyper-V port to OVS port Windows specific command line utility Eg. Set-VMNetworkAdapterOVSPortDirect -VMname Ubuntu-VM -OVSPortName vif-port-1 Userspace - Components

Open vSwitch for Microsoft Hyper-V 1.Project Introduction 1.Hyper-V Switch extensions framework 1.Introduction into NDIS framework 1.Internals of OVS for Hyper-V 1.Fun stuff - Demo a.Install the OVS kernel driver b.Configuring OVS c.Ping between VMs across VXLAN backed tunnel Open vSwitch for Microsoft Hyper-V

Demo TOPOLOGY

Open vSwitch for Microsoft Hyper-V Developer credits Ankur Sharma Ben Pfaff Eitan Eliahu Guolin Yang Gurucharan Shetty Linda Sun Nithin Raju Saurabh Shah (and more) Alin Serdean Lucian Petrut Samuel Ghinet Sorin Vinturis Questions?

Open vSwitch for Microsoft Hyper-V Backup Slides

Open vSwitch for Microsoft Hyper-V Hyper-V Extensible Switch - Overview MSDN Documentation

Open vSwitch for Microsoft Hyper-V Main Functional Modules Switch Forwarding Extension –Layered filter driver WFP Callout driver - used for decapsulation of tunneled packets Two control paths –Extensible User/Kernel mode interface through exposing a “Netlink” device interface –NDIS/WMI control path through OIDs Remote VTEP IP address through the use of the host stack (IP Helper) Network Buffer management (avoids packet data copy)

Open vSwitch for Microsoft Hyper-V Registers with NDIS as a filter driver upon loading Implemented as a set of callback functions adhere to “NDIS Filter Driver” interface –Callback for Egress and Ingress packet processing –Packet processing is done on the egress path –Callback for Port and Nic creation and state change –Callbacks for processing control commands (OIDs) Acts as a “Miniport” for an upper layer filter driver –Indicates received packets to upper layer –Callback for packet returned from upper layer Acts as a “Protocol” for lower layered filter driver –Send sdoen packets originated from upper layer –Callback upon packet send completion OVS Switch Forwarding Extension Driver

Open vSwitch for Microsoft Hyper-V OVS Switch Forwarding Extension Driver - cont. Each Hyper-V Virtual Switch is associated with a Device Object, OVS uses a single Device Object (datapath) for all OVS Virtual Switches Forwarding is performed on the ingress path on Filter Send NBL callback Packets can be dropped, offload completed and indicated to usermode, Cloned and forwarded to Vport(s), Encapsulated and sent to a Tunnel port, VLAN tagged Packet / NBL processing is based on NDIS service function which creates new fragmented NBL based on an original NBL (No data copying rather than buffer control structure manipulation)

Open vSwitch for Microsoft Hyper-V WFP Callout Filter Driver - Tunnel Packet Processing Installed as a filter driver on the Host network stack Packed into the same binary as the extension driver Registers a Datagram “callout” with the stack filter engine for processing fragmented packets received on a tunnel UDP port The filter engine calls the driver ClassifyFn callback function for network packets associated with callout rule Packet is intercepted and removed from the host stack The packet is decapsulated and processed and it was received on the egress callback of the Extension driver Non fragmented tunnel packets are intercepted and processed directly

Open vSwitch for Microsoft Hyper-V Netdev-windows No native netdev support Supports “system” and “internal” ports Messy to use Windows APIs like GetAdaptersInfo() Netdev commands implemented in kernel datapath –Get MAC address, MTU, etc –No support for packet send, receive etc (not needed) Userspace - Components [...]

Child Partitions (Guest) INGRESSINGRESS EGRESSEGRESS Hyper-V extensible switch Virtual Machine #1 Virtual Machine #2 VIF Physical NIC NDIS Stack Hyper-V Internal NIC 1 High Level Architecture The built in switch calls the extension Send callback function to process a set of packets originated by a VM The extension (indirectly) calls the lower driver on its Send callback passing the packets. The packets are transferred to the destination VM over the VM Bus The lower layer driver on the destination VM indicates the packet to the Extension. The Extension (indirectly) calls the upper layer driver with the packet. Upper layer driver return the packet to the extension In turn the extension return the packet to the lower driver Packet return is propagated to the source VM Send complete callback is called on the extension

Open vSwitch for Microsoft Hyper-V An “enlightened” or emulated Virtual NIC driver in a guest transfers a packet originated by the VM to the Virtual Switch over the VM Bus. The Hyper-V Extensible Switch passes the packet to the Extension with a source port associated with the VM VNIC. The filter driver generates a “flow key” for that packet. The flow key is matched to a cached flow table If a match is found (typical case) the flow destination ports are set into the packet “forward context” of the NBL If a match is not found the packets is “terminated”, packed in a Netlink format and indicated up to usermode. Typical Ingress Packet Flow

Open vSwitch for Microsoft Hyper-V Typical Ingress Packet Flow cont. In turn, user mode (vswitchd.exe) processes the packet and will send it back to the driver as a raw data. (a new flow is installed) The driver allocates a new packet structure and process it as it was received on its ingress callback if the destination port is a Tunnel port the packet is encapsulated and sent to the external port

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.