BSDCan2017 - 0722

BSDCan 2017
The Technical BSD Conference

Vincenzo Maffione
Day Talks #1 - 9 June - 2017-06-09
Room DMS 1110
Start time 10:00
Duration 01:00
ID 814
Event type Lecture
Track Hacking
Language used for presentation English

Boosting bhyve networking with netmap

netmap as a fast network backend for hypervisors

Performance of Bhyve VM networking is currently very limited (< 2 Gbit/s), as slow TAP devices are used as a network backend.

Netmap extensions for virtualization come to the rescue, offering a solution that upgrades Bhyve to a state of the art tool for Network Function Virtualization, allowing over 20 Gbit/s of TCP throughput and over 20 Mpps of packet rate.

Several enhancements have been designed for netmap to support virtualization. Support for various paravirtualized drivers (virtio-net, Xen netfront/netback) allows netmap applications to run in the VM over fast paravirtualized I/O devices. The VALE software switch, that provides scalable high performance local communication (over 20 Mpps between two switch ports), can then be used to connect multiple VMs together.

However, in a typical scenario with two communicating netmap applications running in different VMs (on the same host) connected through a VALE switch, the journey of a packet is still quite convoluted. The main issues is that while netmap is fast on both the host (the VALE switch) and the guest (interaction between application and the emulated device), each packet still needs to be processed from the hypervisor, which needs to emulate the device model used in the guest (e.g. e1000, virtio-net). The emulation involves device-specific overhead (queue processing, format conversions, packet copies, address translations) which limits the maximum packet rate between the two VMs to 2-5 Mpps.

To overcome these limitations, this talk presents ptnetmap as a passthrough technique to completely avoid hypervisor processing in the packet datapath, unblocking the full potential of netmap also for VM environments. With ptnetmap, a netmap port on the host can be exposed to the guest in a protected way (as a "ptnet" interface), so that netmap applications in the guest can directly access the rings and packet buffers of the host port, avoiding all the extra overhead involved in the emulation of network devices. Similarly to VirtIO paravirtualization, synchronization between guest netmap and host netmap happens through a shared memory area, which is used to store producer-consumer state and notification suppression flags.

Finally, the full support for TSO/checksum offloadings offered by VALE allows ptnet interfaces to optimize traditional socket applications, as these offloadings are available for the guest kernel.