I will try to capture some traffic tomorrow at morning … In the meanwhile, maybe these statistics are best:ĭate: – 15:42:50 (uptime: 0d, 01h 33m 01s) Counter | TM Name | Valueĭ4. As you can see, there are a lot of streams alerts in a few time (15 min), On th other hand, I am sending all anomalies to a Splunk server. And stats.logs shows me:ĭate: – 07:22:35 (uptime: 0d, 00h 19m 09s) Counter | TM Name | Valueĭ_pad_required | Total | 17 I have enabled only one interface with one thread assigned. I am using netmap capture in Suricata … My config for interfaces is pretty simple:Īn I have disabled all off-loading options in network interfaces … Any idea?ĭate: – 13:15:45 (uptime: 0d, 06h 17m 07s) Counter | TM Name | Valueĭ_pad_required | Total | 387 After that, I have enabled anomaly option and I am receiving a lot of entries like this: Week 12: clean code and prepare documents to final evaluation.Today, I have updated my FreeBSD 12.1 (fully updated) host with Suricata 5.0.3. Week 11: test and performance evaluation. Week 10: implement notification mechanism in bhyve/freebsd. Week 7-8: implement kernel thread in netmap host adapter. prepare documents to mid-term evaluation. Week 4-5: write code to map netmap host memory into the guest. Week 3: test, bugfix, and performance evaluation. Week 1-2: add ptnetmap support to virtio device driver and QEMU frontend. Risk factor: We don't know how long it takes because in linux we had eventfd already implemented. We want to have a similar mechanism to ioeventfd and irqfd available in linux, to exchange notifications between guest and host threads. Implement notification mechanism in bhyve/FreeBSD. We need to implement only the functions to create/delete kernel thread and to handle notifications. The code that the kthread runs, is already done. We expect to have the same performance of KVM (over 20 Mpps on VALE port over 50 Mpps on netmap-pipe line rate on Physical NICs). Kernel thread in netmap host adapter to implement ptnetmap on FreeBSD host. Shares most of the code (easy to test in userspace) - Interpreter and JIT compiler for x86-64 based on ubpf. About 200 lines of glue code for each platform. Currently supports FreeBSD user/kernel, Linux user/kernel and macOS user. Risk factor: In linux we used PCI BAR to expose the host memory to the guest, but we don't know if it is possible in easy way also in bhyve. Generalized multi-platform eBPF implementation. We need to expose the memory of the netmap instance running in the host to the netmap instance running in the guest. (We can test it on linux-KVM where ptnetmap is already done.) Since the device driver is used for the setup, we expect to have the same performance of e1000. Modify virtio device driver to allow the FreeBSD guest to use ptnetmap. We need a mechanism like linux's eventfd to exchange notifications and a way to expose the host memory to the guest through PCI device. bhyve extensions to expose netmap host memory to the guest and to exchange notifications. guest device driver modifications for the setup of the notification mechanism and to share netmap memory (estimated new code ~800 loc for virtio, assuming the existing netmap support for virtio developed by my advisor) netmap framework modifications both for the guest part and the host part, to implement the virtio-like communication and the shared netmap memory (existing code ~ 1900 loc in netmap framework + 300 loc OS specific estimated new code ~ 300 + 300 loc) The implementation of ptnetmap will be based on our previous prototype above, which requires work in the following areas: (We wrote ourselves the entire ptnemtap code for linux, so we own the copyright on it). The code will be completely BSD licensed. Now I would like to add host ptnetmap support on bhyve and FreeBSD. The preliminary version of ptnetmap for linux/KVM hosts is already done, and on this platform both linux and FreeBSD guest are able to send and receive 14.88 Mpps on 10Gbps physical link (line rate), talk at over 20 Mpps through VALE ports, and over 75 Mpps through netmap pipes. To avoid these bottlenecks, we present ptnetmap: a netmap virtual passthrough for VMs. Unfortunately, they can introduce performance bottlenecks, especially for intensive I/O operations that are very common in networking services. Virtual Machines are widely used in Cloud services and Network Function Virtualization. For this GSoC project I'll develop host ptnetmap support for bhyve/FreeBSD. I developed a preliminary version for linux/KVM hosts. Ptnetmap allows userspace applications running in a guest VM to safely use any netmap port with near-native performance (physical devices, software switches, shared memory channels ). To avoid VMs networking bottlenecks, I recently worked with my advisors on ptnetmap: a netmap virtual passthrough for VMs (ptnetmap). A FreeBSD/bhyve version of the netmap virtual passthrough (ptnetmap) for VMs.
0 Comments
Leave a Reply. |