[dpdk-dev] [RFC] - Offloading tunnel ports

William Tu u9012063 at gmail.com
Sun Jul 12 18:34:22 CEST 2020
Previous message: [dpdk-dev] [RFC] - Offloading tunnel ports
Next message: [dpdk-dev] [RFC] - Offloading tunnel ports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi Oz,

I started to learn about this and have a couple of questions below.
Thank you in advance.

On Tue, Jun 9, 2020 at 8:07 AM Oz Shlomo <ozsh at mellanox.com> wrote:
>
> Rte_flow API provides the building blocks for vendor agnostic flow
> classification offloads.  The rte_flow match and action primitives are fine
> grained, thus enabling DPDK applications the flexibility to offload network
> stacks and complex pipelines.
>
> Applications wishing to offload complex data structures (e.g. tunnel virtual
> ports) are required to use the rte_flow primitives, such as group, meta, mark,
> tag and others to model their high level objects.
>
> The hardware model design for high level software objects is not trivial.
> Furthermore, an optimal design is often vendor specific.
>
> The goal of this RFC is to provide applications with the hardware offload
> model for common high level software objects which is optimal in regards
> to the underlying hardware.
>
> Tunnel ports are the first of such objects.
>
> Tunnel ports
> ------------
> Ingress processing of tunneled traffic requires the classification
> of the tunnel type followed by a decap action.
>
> In software, once a packet is decapsulated the in_port field is changed
> to a virtual port representing the tunnel type. The outer header fields
> are stored as packet metadata members and may be matched by proceeding
> flows.
>
> Openvswitch, for example, uses two flows:
> 1. classification flow - setting the virtual port representing the tunnel type
> For example: match on udp port 4789 actions=tnl_pop(vxlan_vport)
> 2. steering flow according to outer and inner header matches
> match on in_port=vxlan_vport and outer/inner header matches actions=forward to port X
> The benefits of multi-flow tables are described in [1].
>
> Offloading tunnel ports
> -----------------------
> Tunnel ports introduce a new stateless field that can be matched on.
> Currently the rte_flow library provides an API to encap, decap and match
> on tunnel headers. However, there is no rte_flow primitive to set and
> match tunnel virtual ports.
>
> There are several possible hardware models for offloading virtual tunnel port
> flows including, but not limited to, the following:
> 1. Setting the virtual port on a hw register using the rte_flow_action_mark/
> rte_flow_action_tag/rte_flow_set_meta objects.
> 2. Mapping a virtual port to an rte_flow group
> 3. Avoiding the need to match on transient objects by merging multi-table
> flows to a single rte_flow rule.
>
> Every approach has its pros and cons.
> The preferred approach should take into account the entire system architecture
> and is very often vendor specific.

Are these three solutions mutually exclusive?
And IIUC, based on the description below, you're proposing solution 1, right?
and the patch on OVS is using solution 2?
https://patchwork.ozlabs.org/project/openvswitch/cover/20200120150830.16262-1-elibr@mellanox.com/

>
> The proposed rte_flow_tunnel_port_set helper function (drafted below) is designed
> to provide a common, vendor agnostic, API for setting the virtual port value.
> The helper API enables PMD implementations to return vendor specific combination of
> rte_flow actions realizing the vendor's hardware model for setting a tunnel port.
> Applications may append the list of actions returned from the helper function when
> creating an rte_flow rule in hardware.
>
> Similarly, the rte_flow_tunnel_port_match helper (drafted below) allows for
> multiple hardware implementations to return a list of fte_flow items.
>
And if we're using solution 1 "Setting the virtual port on a hw
register using the rte_flow_action_mark/
rte_flow_action_tag/rte_flow_set_meta objects."
For the classification flow, does that mean HW no longer needs to
translate tnl_pop to mark + jump,
but the HW can directly execute the tnl_pop(vxlan_vport) action
because the outer header is
saved using rte_flow_set_meta?

> Miss handling
> -------------
> Packets going through multiple rte_flow groups are exposed to hw misses due to
> partial packet processing. In such cases, the software should continue the
> packet's processing from the point where the hardware missed.
>
> We propose a generic rte_flow_restore structure providing the state that was
> stored in hardware when the packet missed.
>
> Currently, the structure will provide the tunnel state of the packet that
> missed, namely:
> 1. The group id that missed
> 2. The tunnel port that missed
> 3. Tunnel information that was stored in memory (due to decap action).
> In the future, we may add additional fields as more state may be stored in
> the device memory (e.g. ct_state).
>
> Applications may query the state via a new rte_flow_get_restore_info(mbuf) API,
> thus allowing a vendor specific implementation.
>

Thanks
William
Previous message: [dpdk-dev] [RFC] - Offloading tunnel ports
Next message: [dpdk-dev] [RFC] - Offloading tunnel ports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the dev mailing list