Network Interface Grouping in the Linux Kernel

Network Interface Grouping in the Linux Kernel

ICNS 2011 : The Seventh International Conference on Networking and Services Network Interface Grouping in the Linux Kernel Vlad Dogaru, Octavian Purdila,˘ Nicolae T, apus˘ , Automatic Control and Computers Faculty Politehnica University of Bucharest Emails: fvlad.dogaru,tavi,[email protected] Abstract—The Linux kernel is a prime field for implementing group. Their parameters can be modified either individually experiments, many of which are related to networking. In this or collectively, thus no flexibility is lost. Because there is work we tackle a part of the network scalability issues of no intrinsic relationship between members of a group, group the kernel. More specifically, we devise a means of efficiently manipulating large numbers of network interfaces. Currently, the membership and policy is entirely defined by the administrator, only approach to handling multiple interfaces is through repeated not forced by the kernel. In many ways, the concept of an userspace calls, which add significant overhead. We propose interface group is similar to that of a packet mark. It is used the concept of network device groups, which are completely exclusively from userspace and its meaning is flexible. transparent to the majority of the networking subsystem. These By introducing network interface grouping, both of the serve for simple manipulation of large number of interfaces through a single userspace command, which greatly improves re- factors slowing down interface manipulation are addressed. sponsiveness. Changes are proposed both in kernel and userspace, The administrator can use a single command to modify the using the iproute2 software package as support. Improvements parameters of a large number of interfaces; thus, scheduler in speed are visible, with changing parameters of thousands overhead is eliminated. Further, userspace can address all the of interfaces taking less than a second, as opposed to over 10 members of a group using a single request to the kernel, thus seconds using a conventional approach. Implementation is simple, unintrusive and, most importantly, user-defined. This leaves room minimizing message transfers and system calls. for future improvements which use the group infrastructure, The solution described has been fully implemented using some of which have already been proposed by third parties. Linux and the iproute2 software package as support. The Index Terms—Linux, kernel, network, device, scalability, changes to existing code are unintrusive, with respect to both grouping, iproute2 performance and code complexity. The code has undergone several rounds of review from the community and is, at I. INTRODUCTION the time of this writing, pending inclusion in the upstream Computer networking poses interesting problems, both in kernel. This enables continued development in the area of the design of new protocols and techniques and in improving network interface grouping and collective configuration. It also the scalability of existing concepts. It is particularly interest- provides guaranteed maintenance from the community. ing to see what happens when the quantity of networking Performance tests feature a virtual machine setup. This equipment, rather than the number of clients, grows. More enables harmless recovery from kernel errors and contained specifically, we study the performance of the Linux kernel testing. Moreover, it speeds up the testing process because when dealing with thousands or tens of thousands of network rebooting is low-cost. KVM was chosen for the task because, interfaces. Because these cannot be physically fitted into a except for the live boot media, it demands no additional files or single machine, virtual interfaces are used. daemons. Additionally, KVM incurs little performance penalty Linux already offers a kernel module that emulates network on the host system (provided the host hardware supports the interfaces. Before we can measure performance of these in- Intel VT-x or AMD-V extensions) in comparison to other terfaces, a means of efficiently manipulating them is needed. virtual machines or emulators. Userspace utilities are provided The simple way to do this would be to repeatedly use an by the busybox suite; this enables a full array of Linux utilities, administrative tool for every interface. However, when dealing with minimal dependencies. with a large number of interfaces, this proves inefficient. The Tests have been made featuring the dummy module of the creation of a new process for each of the interfaces offsets the Linux kernel. This module enables the user to add as many useful work which is done. Moreover, even if the entire work interfaces as they like by providing a parameter when inserting could be done in a single process, communicating to the kernel the module into the kernel. Because these interfaces have that each interface is to be modified becomes a bottleneck. no physical meaning and are not critical to virtual machine What is needed is an kernel API for specifying that a number operation, they are easily the target of tests involving batch of interfaces need to be modified in an identical manner. This modifications. We have tested two setups: one in which the includes activating or deactivating the interfaces, setting their user repeatedly calls the iproute2 ip command for each MTU and other link-level parameters. interface (using a shell script); the other involves using our We propose a solution that introduces the concept of net- proposed solution and changing the parameters of an entire work interface group. A group is nothing but a simple integer group of interfaces using a single command. Test results tag; no relationship is implied between the devices in the same are consistently orders of magnitude in favor of the latter Copyright (c) IARIA, 2011. ISBN: 978-1-61208-133-5 131 ICNS 2011 : The Seventh International Conference on Networking and Services technique, particularly for larger numbers of interfaces. II. RELATED WORK It is interesting to note that, while much research has gone into Linux network scalability, there is little interest in configuration-time optimization. Most progress is made towards runtime performance, be it packet handling [4] or routing performance [1]. III. ARCHITECTURE Network interface grouping targets the Linux operating system and, as such, must adhere to the kernel API. Because the group infrastructure proposed is simple, no additional data structures or complex algorithms were needed. Changes are entirely in existing source code files, so no modification was brought to the build system. Although Linux supports loadable modules, changes were deemed sufficiently unintrusive not to warrant the modularity of the interface grouping routines. The only core data structure Figure 1. iproute2, a userspace tool, uses a Netlink socket to communicate that was modified is struct net_device, which is by with the kernel. We add new attributes to the message so that Netlink will be no means a performance-critical element. Thus, cache perfor- group-aware. mance was not a problem and the necessary modifications could be made without resorting to memory profiling. Kernel-side, the contributions are located in the IV. IMPLEMENTATION net_device structure and in the API that the kernel To have a properly functioning, albeit minimal, device group provides to manipulate it. Historically, there have been two infrastructure, the following aspects need to be addresses: choices for modifying network parameters. The first interface is based on the ioctl system call. This involves creating 1) A mechanism for grouping devices together. a special descriptor and using successive ioctl calls to 2) A means of exporting group information to userspace, modify kernel parameters. It is used by the ifconfig as well as a way to filter certain groups. The user can utility, but both the API and the userspace components are then view devices from a single group. currently deprecated. 3) The possibility to change the group a device belongs to. The alternative is Netlink [3], a socket mechanism for We generally avoid referring to this action as moving, interprocess communication. Netlink can serve as a means because no copying is required, as we shall see. of communication between userspace and the kernel, as well 4) Finally, a way of specifying that a change affects an as between two processes. Unlike other sockets, however, entire group and not just a single device. Netlink only works for a single host. Netlink provides multiple The net_device structure has been modified to include socket families, corresponding to different operating system group information in the form of an integer field. Thus, parameters ranging from the neighboring system (ARP) to each network device belongs to a single group, there are firewalling (Netfilter) or IPSec. The one of most interest no overlappings between groups. By default, all devices are to us is NETLINK_ROUTE, which is used to query and created in group 0. The network device structure is not critical change routing and link information. This socket family is to performance (for instance, it is not used during routing), so used by routing protocol implementations such as Quagga, as modifying it does not raise cache efficiency problems. Nor is well as the iproute2, which we chose as support for our this structure part of intricate lists and other data, so it is fairly userspace modifications. Figure 1 shows how Netlink is used easy to understand the purpose of all its fields. by iproute2. Group information is exported from kernel to userspace via Meant as a modern network configuration tool, the route Netlink. The message format used in communication iproute2 utility is developed in close relation to the Linux consists of a header followed by a variable number of at- kernel. The development teams are closely related and patches tributes. Every time information is sent to the user, typically are sent to the same mailing list for both the kernel networking as a response to a RTM_GETLINK message, the group number subsystem and iproute2. As such, it was the natural choice is also packed in the message.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    5 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us