A collaborative research project between Red Hat and Karlstad University, Sweden, yielded multiple publications in its second year [Year 2 Report PDF]. The project, Building the next generation of programmable networking—powered by Linux, aims to enhance the capabilities of the eXpress Data Path (XDP), a high-performance data path integrated into the Linux kernel that permits flexible programmable networking.
The core project team includes:
- Red Hat engineers Toke Høiland-Jørgensen, Jesper Dangaard Brouer and Simone Ferlin-Reiter
- Karlstad University professors Anna Brunstrom and Per Hurtig
- Karlstad PhD students Freysteinn Alfredsson and Simon Sundberg
The project focuses on two key areas:
Enhancing XDP with support for queuing
Researchers are experimenting with ways to add programmable packet scheduling to XDP, with the goal of allowing programmers to define their packet schedulers using BPF while benefiting from the XDP fast data path. The team has designed a new extension to XDP, a programmable packet scheduling framework in BPF, to provide this capability. In addition, they have created a new prototyping framework for quickly developing new scheduling algorithms.
Utilizing eBPF/XDP for efficient latency monitoring
The eBPF subsystem in the Linux kernel has the potential to alleviate several problems with latency monitoring using currently available tools such as ping, by enabling passive always-on latency measurements. Researchers have developed an implementation of passive ping using eBPF. In initial tests, their tool, evolved passive ping (ePPing), achieved a significant increase in the number of packets processed compared to the existing userspace implementation.
In addition to the publications listed below, team members have presented elements of their research at the 2022 Linux Plumbers conference (Dublin, Ireland), 10th Inria Workshop of Systems (Rennes, France), Red Hat Research Days (Brno, Czech Republic), and Lund Linux Con 2022 (Lund, Sweden).
Bringing packet queueing to XDP
Freysteinn Alfredsson, Per Hurtig, and Anna Brunstrom (Karlstad University); Toke Høiland-Jørgensen and Jesper Dangaard Brouer (Red Hat)
Presented at the 17th Swedish National Computer Networking Workshop (SNCNW 2022) KTH, Stockholm
Summary: The Linux eXpress Data Path, or XDP, has found numerous uses in the industry, such as DoS attack mitigation, load-balancers, and intrusion prevention systems. XDP provides a high-performance programmable network data path using the BPF framework and allows programmers to process packets early out of the driver. While XDP excels in forwarding packets, it currently has no mechanism for queueing or reordering packets and cannot implement traffic scheduling policies. This talk presents our ongoing work to address this challenge. We have designed a programmable packet scheduling extension for the XDP framework using recently proposed schemes for programmable queues. This extension allows programmers to define their packet schedulers using BPF while benefiting from the XDP fast data path.
Passive monitoring of network latency at high line rates
Simon Sundberg and Anna Brunstrom (Karlstad University); Simone Ferlin-Reiter (Ericsson); Toke Høiland-Jørgensen and Jesper Dangaard Brouer (Red Hat)
Presented at the 17th Swedish National Computer Networking Workshop (SNCNW 2022) KTH, Stockholm
Summary: Network latency plays a crucial role in many applications and their perceived quality of experience. With an increasing focus on high network speeds and real-time interactive applications relying on reliable and low latency, the ability to monitor latency effectively is becoming more important than ever. While many available tools rely on active monitoring, this approach relies on traffic injection in the network, which can be a source of latency and negatively impact overall network performance. This paper presents evolved Passive Ping (ePPing), a tool that leverages eBPF to passively monitor the latency of existing network traffic. Preliminary evaluation shows that ePPing delivers RTT reports more reliably and at a lower overhead than other state-of-the-art tools, such as PPing.
Using BPF to measure latency at high link speeds
Simon Sundberg (Karlstad University), Anna Brunstrom (Karlstad University)
In Proceedings of The 2021 Internet Measurement Conference (IMC ’21). ACM, New York, NY, USA.
[abstract PDF] [poster]
Summary: Network latency monitoring is useful for determining QoE, troubleshooting, network performance, and more. However, existing monitoring tools such as ping, PPing, Dapper, and P4RTT have drawbacks, including contribution to network traffic, high overhead, failure to keep up with link speed, and the need for hardware support. Researchers propose ePPing, an extension of PPing, which leverages eBPF to parse packets directly in kernel space to alleviate the resource demands created by traditional packet capturing, especially in environments with high packet rates. ePPing runs on any Linux machine with low overhead at high line rates.
Ongoing and future work
While ePPing is currently functional and usable, work continues to improve it further. Testing has shown that reporting large amounts of RTT samples has considerable overhead, and the large quantity of output ePPing may generate makes it challenging to deploy in practice. Researchers are investigating different options for filtering and aggregating the RTT samples before reporting them.
Researchers also hope to extend ePPing to support additional protocols, such as DNS and QUIC. In addition, the accuracy and performance of ePPing are continuously evaluated as additional improvements and features are developed. Once a suitable approach for aggregating and filtering RTT samples has been implemented, the plan is to deploy ePPing in different environments to evaluate it for other use cases. Potential targets for deployment include smaller ISP gateways and the AIDA edge observability framework being developed as part of the AIDA project at Karlstad University.
