Multicore Packet Processing Forum

Archive for the ‘Network Protocols’ Category

By Yann Rapaport, 6WIND Customer Support and Service Manager.

If you are a frequent reader of this blog, you are already familiar with the 6WINDGate fast path-based architecture that allows data plane performance to be improved by offloading packet processing from the Linux networking stack. This post explains how the 6WINDGate architecture can also be used to accelerate processing of packets that are terminated locally on the equipment, for example in the case of a TCP application.

TCP applications typically use the socket API to receive packets from the kernel of the operating system. The advantages of such an API are (1) that it provides an abstraction layer to receive packets from the networking stack and (2) that it is well-known to network application developers. However, it suffers from several performance bottlenecks related to the Linux architecture, such as the need to copy the packet buffers between kernel and userland memory areas, the latency of the userland/kernel system calls, the locking and scheduling mechanisms used in the different queues of the Linux networking stack, memory exhaustion due to the number of queues that have to be managed in the operating system, etc.

In such cases, the performance bottleneck is no longer data plane processing (processing of packets that go through the equipment), but rather traffic termination (traffic that is terminated locally and sent to your application).

The 6WINDGate fast path TCP termination module allows this processing to be offloaded from the Linux kernel: when a TCP packet needs to be processed locally by a TCP application, the TCP protocol part is processed entirely in the fast path and the packet is provided to the application through the 6WINDGate fast path socket API, similar to the Linux socket API. Very few changes are required to the TCP application (basically replacing the Linux socket calls by their fast path counterparts).

Thanks to the optimized design of the 6WINDGate fast path compared to the Linux networking stack, the performance bottlenecks described above are removed: a zero copy mechanism can be used to share buffers between the fast path and the TCP application, the latency of socket calls is minimized, scheduling mechanisms can take advantage of hardware-specific features, memory usage is limited as the number of queues is lower, etc. Hardware TCP offloading features such as TSO/LSO, LRO, TOE are also leveraged.

The applications for TCP termination are very diverse, including High Frequency Trading (HFT), WAN acceleration, inline anti-virus, inline anti-spam, storage (Samba/CIFS, iSCSI), SSL proxying, etc. Possible future enhancements include the addition of fast path termination features for different protocols, such as HTTP, SSL, RTP, etc.

As usual, we welcome your feedback about fast path TCP termination and future termination modules that you would like to see in the 6WINDGate software.

More information about 6WINDGate architecture can be found here.

You can download more detailed documents here.

You can check 6WINDGate FAQ here.