From owner-freebsd-net@FreeBSD.ORG Mon Feb 17 21:14:39 2014 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CF10B355 for ; Mon, 17 Feb 2014 21:14:39 +0000 (UTC) Received: from onelab2.iet.unipi.it (onelab2.iet.unipi.it [131.114.59.238]) by mx1.freebsd.org (Postfix) with ESMTP id 8C15211F8 for ; Mon, 17 Feb 2014 21:14:39 +0000 (UTC) Received: by onelab2.iet.unipi.it (Postfix, from userid 275) id C3DF47300A; Mon, 17 Feb 2014 22:16:49 +0100 (CET) Date: Mon, 17 Feb 2014 22:16:49 +0100 From: Luigi Rizzo To: Mike Tancsa Subject: Re: netmap, VALE and netmap pipes Message-ID: <20140217211649.GA42452@onelab2.iet.unipi.it> References: <1392661063.244494415.kh0fdlsv@frv34.fwdcdn.com> <20140217185832.GB41267@onelab2.iet.unipi.it> <530273BF.5020303@sentex.net> <20140217205213.GC42021@onelab2.iet.unipi.it> <53027678.2020202@sentex.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <53027678.2020202@sentex.net> User-Agent: Mutt/1.5.20 (2009-06-14) Cc: "freebsd-net@freebsd.org" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Feb 2014 21:14:39 -0000 On Mon, Feb 17, 2014 at 03:52:08PM -0500, Mike Tancsa wrote: ... > > this is just the FreeBSD/head ipfw code with obvious features > > Actually, I was thinking more in terms of netmap in general. eg. > examples of how to use it as a high speed firewall or router, or packet > generator etc. i should really write a book on this stuff :) + for simple traffic sources/sinks, the pkt-gen program (FreeBSD: tools/tools/netmap, git repo: examples/ ) is the swiss-army-knife. In RX mode it can drain and count packets at very high rates. In TX mode it can create one or more udp streams with programmable addresses, packet sizes and rates up to the 100+Mpps i was mentioning in the posting. It could be trivially extended to create TCP flows + the 'bridge' program also in the same directories is an example of how to move traffic between (2) interfaces. Note that if you really want to go fast with multiple ports and concurrent threads you will need to reimplement the same batching tricks that we use in the in-kernel VALE switch. I am afraid i do not have a ready-to-use example to point you at. In general, if you have a tool (generator, software router, etc) that speaks libpcap it is a no-op to have it working on top of the netmap-enabled libpcap. Note though that the application itself might be too slow to exploit the speedup that netmap could give. I know that tcpreplay has recently added netmap support and needed some tweaks to work correctly at high rates. Similarly a student of mine is working on the 'ostinato' traffic generator to get some speedups. Keep in mind, the basic I/O costs 500..1000ns per packet with conventional methods, and 10..50ns with netmap. This means that the actual rate you will be able to achieve is dominated by the extra time your application consumes on each packet. cheers luigi