Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add script lwaftrctl #206

Closed
wants to merge 428 commits into from
Closed

Add script lwaftrctl #206

wants to merge 428 commits into from

Conversation

dpino
Copy link
Member

@dpino dpino commented Jan 22, 2016

This script eases the process of running the lwaftr from within a VM. To run lwaftr virtualized is necessary to go through the following steps:

  1. Bring up two NICs from the host using snabbnfv (vhost-user).
  2. Start VM with QEMU.
  3. Run lwaftr from within VM.

The lwaftr is run inside the VM using the virtio_net driver.

Once the lwaftr is running, it should be possible to send packets to and from the guest. Run the "snabb-lwaftr transient" from within the host for testing purposes.

The script exposes the following commands to ease this process:

  1. lwaftrctl snabbnfv start
  2. lwaftrctl vm start
  3. lwaftrctl lwaftr start

A file lwaftrctl.conf, containing all the necessary parameters, must exist within the same folder the lwaftrctl command is run. See lwaftrctl.conf.example.

It is also necessary to create user VM_USER in the VM. This user must be in the list of sudoers. It is necessary to create a script "run_lwaftr.sh" in VM_USER home. See run_lwaftr.sh.example.

@dpino
Copy link
Member Author

dpino commented Jan 22, 2016

Snippet of lwaftr virtualized performance (high peak):

42.999192,1.818182,7.999999,1.810595,7.387226,1.818182,7.999999,1.810278,8.544511
43.999196,1.818182,8.000000,1.809456,7.382580,1.818182,8.000000,1.808330,8.535317
44.999192,1.818182,7.999999,1.811041,7.389046,1.818182,7.999999,1.810099,8.543666
45.999191,2.045455,9.000001,2.003559,8.174520,2.045455,9.000001,1.997284,9.427180
46.999200,2.045454,8.999999,2.029920,8.282075,2.045454,8.999999,2.024419,9.555260
47.999195,2.045455,9.000000,2.026917,8.269823,2.045455,9.000000,2.021996,9.543823
48.999192,2.045455,9.000001,2.028222,8.275145,2.045455,9.000001,2.024683,9.556502
49.999193,2.045454,8.999998,2.026676,8.268839,2.045454,8.999998,2.022252,9.545030
50.999190,2.178563,9.585678,2.031885,8.290090,2.178577,9.585740,2.023756,9.552127
51.999195,2.177662,9.581715,2.000570,8.162327,2.177664,9.581724,1.994811,9.415510
52.999195,2.177664,9.581721,2.032380,8.292110,2.177664,9.581721,2.023313,9.550037

local name = port_name(t)
local NIC = name.."_NIC"
local Virtio = name.."_Virtio"
local vmdq = true
if vmdq == nil then vmdq = true end
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure about this change. It's necessary that vmdq is false. Right now in master vmdq is only false if mac_address is not set in a ports.cfg file. Would it be possible to set a mac_address and disable vmdq? cc @lukego

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think that will work. VMDq is the hardware feature that received packets to be dispatched across different queues based on their destination (DMAC w/ optional VLAN). I think it only makes sense to disable VMDq if you have one VM on the port that is supposed to receive all traffic. Having said that, the intel10g module API is not a 1:1 mapping onto the hardware so it is possible that the vmdq=true parameter has a more peculiar meaning that this.

Katerina Barone-Adesi and others added 25 commits February 4, 2016 15:06
The new configuration variables are:
policy_icmpv4_incoming, policy_icmpv6_incoming,
policy_icmpv4_outgoing, and policy_icmpv6_outgoing

They can now only be set to ALLOW or DROP.
This allows outgoing ICMPv4 packets to be up to 576 bytes, rather than the
IP header + 8 octets specified in RFC 792.
As suggested by javierguerragiraldez
The benchrun.lua accepts the number of times to execute a command, and the
command itself. The command should output lines in the format:

  Rate: X MPPS

where X is a positive number (either integer or floating point). The following
calculations are made:

* Minimum rate.
* Maximum rate.
* Average rate.
* Standard error of rate.

If the command outputs more than one "Rate: X MPPS" line, the statistis are
done separately for each of the observed values (average of the first values,
average of the second, and so on), plus an additional report with the same
statistics calculated over the sums of all the observed values per each run
of the command.

Example usage:

  sudo ../tests/benchrun.lua 10 'snabb snsh
    apps/lwaftr/benchmark.lua ../tests/apps/lwaftr/data/binding.table \
    ../tests/apps/lwaftr/data/icmp_on_fail.conf \
    ../tests/apps/lwaftr/data/tcp-frominet-bound-550.pcap \
    ../tests/apps/lwaftr/data/empty.pcap \
    0000:04:00.0 0000:04:00.1'

Notice how the command is a single argument to the script.
This is tested with all relevant ICMPv6 types from internet IP addresses,
as well as a test with implicit hairpinning.

It does not update the state of the lwaftr.
LuaJIT is a dependency for Snabb, but stock Lua is not.
In particular for long-running processes it is good to provide feedback to the
user so they know that things are working. This patch makes the script report
the percentage done, and the current/total execution rounds, in the following
format:

  Progress: 5% (3/10)
Closing file-like objects obtained with io.popen() is needed to ensure that
the child process running at the other side of the pipe finishes its execution
and the resources used by it are freed. Explicitly closing the file-like
object avoid hitting the limit of opened file descriptors when the number
of execution rounds is high and the GC does not kick in often enough.
This moves the benchrun.lua script with the other benchmarking tools
and apps/lwaftr/end-to-end, as it is intended to be used along with
them.
Some of the benchmarks do not follow the supported format when printing
results (e.g. "Rate: 4.5 MPPS"). This patch relaxes the scanned format
to allow different output formats, changing the format to:

* The word "rate" at the beggining of the line ("Rate" is also accepted).
* An options sequence of non-numeric characters.
* A positive number formatted as decimal or floating point. This is the
  captured value.
* The rest of line is discarded.
This improves the verbose TTY progress reporting, by adding the
last matched result line as part of the output.
When encapsulating a IPv4 packet into IPv6, instead of removing the
ethernet header of the IPv4 packet and after that append IPv6 and
Ethernet headers, just prepend the necessary bits to the packet and
modify the correspondent header bytes directly.
This includes:
a) the smallest IPv4, and IPv4-in-IPv6 packets (54 and 94 bytes)
b) 550-byte IPv4 and IPv4-in-IPv6 packets
c) IPv4 packets of the same absolute size as all the IPv6 packets
d) All the IPv4 packets which are encapsulated by IPv6 packets
e) The 1046 and 1006 byte packets needed to average 550 bytes with the smallest
wingo and others added 24 commits February 5, 2016 09:35
We have been seeing some latency jitter recently and we want to
eliminate possible causes.
Enable busy-waiting by default in the lwaftr
This commit adds two types of NDP support:
- One listens for neighbor solicitations and replies with advertisements.
  It is always on.
- The other is implicitly on if the mac address of the next hop on the IPv6
  side is not set. It sends out a request for it on start.

Documentation and end-to-end tests are included.
It's been broken since the changes made right before the alpha release in
October.
This reflects that it is not actually the MAC of a b4.
It is the MAC of the next hop on the internal IPv6 network, so all B4s are
reached via it.
There were two problems:
a) The non-existent variable frag_status was used
b) There was an assert. That is unacceptable in this context, even in
   unreachable code.
Changed handling of fragmentation status.
Renamed b4_mac to next_hop6_mac
This new application will generate the corresponding ICMP Echo Reply packets
whenever an ICMP Echo Request packet addressed to its configured IPv4 address
is detected. All other packets are forwarded to the output.
This new application will generate the corresponding ICMP Echo Reply packets
whenever an ICMP Echo Request packet addressed to its configured IPv6
addresses is detected. All other packets are forwarded to the output.
This adds two ICMPEcho applications (one for ICMPv4, other for ICMPv6) which
allow pinging the AFTR. The "north" ports of the application is connected to
the LwAftr application, and the "south" ports (where the ICMP Echo packets
are interpreted and replies generated) to the last preprocessing application,
and the first postprocessing application:

    |-> preproc  ->|                                  |<- preproc  <-|
 b4 |              | ICMPEcho <-> LwAftr <-> ICMPEcho |              | inet
    |<- postproc <-|   (v6)                    (v4)   |-> postproc ->|
Moving these two to the utilities module will allow reusing them to implement
is_icmpv4() & is_icmpv6(), which contain an almost exact copy of the code.
Instead of duplicating the code, reuse functions is_ipv4() & is_ipv6() from
the utilities module.
Instead of linking the applications manually, use the set_preprocessors() and
set_postprocessors() functions to link the ports of the ICMPEcho applications.

This also allows the last and first applications to be described using tables,
instead of assuming that the names of the ports are always "input" and "output".
This avoids some calculations every time the these functions are called, which
is good for performance as they are used in the hot path of the AFTR.
Implement applications to respond to ICMPv4 and ICMPv6 echo requests
@dpino dpino closed this Feb 7, 2016
@dpino dpino deleted the lwaftrctl branch February 7, 2016 15:35
@dpino dpino restored the lwaftrctl branch February 7, 2016 15:36
@dpino dpino mentioned this pull request Feb 7, 2016
eugeneia added a commit that referenced this pull request Jan 13, 2022
e587f8c55 Merge pull request #225 from vavrusa/master
5ea3a881e bpf: add missing constants for linux 4.10 - 4.15
2c691e5a7 Merge pull request #224 from wingo/lseek-syscall-tweak
ae38bdbd7 Make "offset" arg to lseek a signed integer
5cb3b6950 Merge pull request #221 from wingo/util-ls-fix
8e0874609 Promptly close util.ls() dir fd; fix bug with deleted entries
277517436 Merge pull request #220 from sileht/master
8e48fd094 linux/nl.lua: Use ndmsg struct instead of rtmsg for neighbors
3e482bc4e Merge pull request #215 from qsn/gettid
57520cce3 expose gettid
db1a88e94 Merge pull request #214 from jsitnicki/sof-flags-linux
270a6e611 Add missing type for struct scm_timestamping for Linux
e49232047 Add missing SCM_* constants for Linux timestamping API
60fcc6b48 Add constants for SOF_* flags for Linux
26ac34851 Merge pull request #210 from alexandergall/linux-if-ioctls
3e6d3e27c Merge pull request #211 from fperrad/deb
d425a22b2 dummy changelog
b27eca538 update .gitignore
92292aa4b debian files
be257a7e1 debian files generated by lua-create-gitbuildpackage-layout
50a02b94b Add some SIOC{G,S}IF* ioctls for Linux
ee90324 Merge pull request #209 from justincormack/osx_clock
ee17863 Add CLOCK_ constants for OSX
178d244 Merge pull request #208 from justincormack/holes
61450f5 Add SEEK_DATA and SEEK_HOLE constants
9a7b584 Add memfd fnctl sealing support
99beaf5 more test fixes for memfd
cc221e4 fix ctest for new fcntl changes, typowq
56c4c76 fix ctest for new fcntl changes
96073cc fix typo
7a73e8a Add more constants for fcntl, memfd
8d3034c Fix ppc64le syscall numbers for newer calls
62828f6 Merge pull request #206 from johnae/master
c4002b6 The spook project is using ljsyscall.
0b266e8 Merge pull request #205 from lukego/close-fd-safely
ad91aa9 Add more protection against fd double-close
c8baf9e Merge pull request #202 from justincormack/dockerignore
66843c5 Use dockerignore to simplify Dockerfile
7b7211d Merge pull request #200 from justincormack/redo-dockerfile
a779caa Docker Cloud does not start processes at priority 0, remove from test
b85382d Rework Dockerfile and tests
24f7789 Merge pull request #199 from vavrusa/master
2ecf486 linux/constants: added new BPF map and prog types
00c1949 use Alpine 3.4 for docker build
0bcafc6 Merge pull request #196 from kbara/removecunused
a4217a8 Merge pull request #195 from kbara/fixgetcpu
ee67430 Remove unused variables from c.lua
4b2e0b2 Fix getcpu: the cpu argument was incorrectly given the node variable previously
214550a update changelog and rockspec for 0.12 release
21f3fd8 Merge pull request #192 from vavrusa/master
0da437f linux/bpf_prog_load: support custom kernel builds
9981190 fix missing vhangup
f245114 Merge pull request #191 from vavrusa/linux-perf-open
93558c1 linux: added support for tracing/performance counters
0511fb8 Merge pull request #190 from vavrusa/master
1f141ca linux: added new constants (e.g. attach BPF to socket)
36274f3 linux/bpf: added strflag support
4fd3bd6 Merge pull request #189 from vavrusa/master
aaa89cb linux: added support for eBPF
e095295 linux: added new syscall numbers (up to __nr_bpf)
1e079c4 test calls container so just needs file to run
d92625e define a docker compose test
5f14711 Merge pull request #188 from aperezdc/fix-if-nameindex
8915a83 Close socket immediately after error in if_nametoindex()
96c0286 use addons for travis, as learned at fosdem
71241e0 update changelog for unreleased changes
559b499 ignore audit arch constant
5d867d3 new architectures do not have open, will use openat
49d9ff9 test issues with new constants
7cd460e aarch64 audit constants for seccomp
6249e99 more docker examples
dd00af9 rockspec fix
d20033b rockspec for new release
fb17244 update copyright years
9d87597 more Changelog tweaks before release
53856b0 typo
1881526 sometimes winsz is 0, eg if terminal not set up
ab0c08d add error message
a1c207e update Changelog for forthcoming 0.11 release
ce12fb2 addDocker hub to README
602a2b3 fix osx fstatat to use 32 bit stat type, as cannot find how to call to get 64 bit one
8a0a6ad Now have arm machines with working seccomp
d14bd38 Appears that setting maac address on lo often works
6e878a1 remove debug print from test
30e9b5b allow skip on EPERM for adjtimex
bff3e90 Add strace in Docker image for convenient debugging
e67fa31 Use alpine 3.3 for Docker
5148bc3 fix ipv6 tests
185c1a6 more failures with no ipv6
98cc9a2 more fixes for ipv4 only environments for netlink tests
248a935 fix bind errors in environments that do not support ipv6
0eacd64 clean up travis file
5fb71b6 switch to newer Ubuntu in travis
8235724 fix more constant checks not in headers
8dff4ef constants missing on travis
db51b08 update Changelog
7540b04 add new rtnetlink values, so tests work under docker
22604b8 remove test that fails in some environments
d431693 fix waitid test under docker
1595b7d fix swap test under docker
321fdd2 Now an alpine package available
984b533 Add Dockerfile, fix some of the tests that made unreasonable assumptions
9aeff88 recent osx has *at functions
18cd829 better handling for xattr errors
b6bb892 freebsd 11 now has utimensat
7065b0d on freebsd/zfs chflags will fail, skip

git-subtree-dir: lib/ljsyscall
git-subtree-split: e587f8c55aad3955dddab3a4fa6c1968037b5c6e
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants