Network Interface Virtualizaion: Challenges and Solutions Ryan Shea and Jiangchuan Liu, Simon Fraser University IEEE Network 2012 2016.04.06 Park Sewon.

Slides:



Advertisements
Similar presentations
Virtual Switching Without a Hypervisor for a More Secure Cloud Xin Jin Princeton University Joint work with Eric Keller(UPenn) and Jennifer Rexford(Princeton)
Advertisements

Bart Miller. Outline Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network,
Virtual Machine Security Design of Secure Operating Systems Summer 2012 Presented By: Musaad Alzahrani.
NoHype: Virtualized Cloud Infrastructure without the Virtualization Eric Keller, Jakub Szefer, Jennifer Rexford, Ruby Lee ISCA 2010 Princeton University.
ECE 526 – Network Processing Systems Design Software-based Protocol Processing Chapter 7: D. E. Comer.
Operating Systems. What is an Operating System? A layer of software between users/applications and the hardware. The first program loaded onto a computer.
Network Implementation for Xen and KVM Class project for E : Network System Design and Implantation 12 Apr 2010 Kangkook Jee (kj2181)
1 Disco: Running Commodity Operating Systems on Scalable Multiprocessors Edouard Bugnion, Scott Devine, and Mendel Rosenblum, Stanford University, 1997.
Virtual Machines. Virtualization Virtualization deals with “extending or replacing an existing interface so as to mimic the behavior of another system”
Virtualization B. Ramamurthy. References Practical Virtualization Solutions: Virtualization from the Trenches by K. Hess and A. Newman, Prentice-Hall.
Virtualization for Cloud Computing
LINUX Virtualization Running other code under LINUX.
Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.
Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.
Virtualization A way To Begin with Virtual Reality… - Rahul Khanwani.
Virtual WiFi: Bring Virtualization from Wired to Wireless Lei Xia, Sanjay Kumar, Xue Yang Praveen Gopalakrishnan, York Liu, Sebastian Schoenberg, Xingang.
Tanenbaum 8.3 See references
Virtualization Virtualization is the creation of substitutes for real resources – abstraction of real resources Users/Applications are typically unaware.
CS 149: Operating Systems April 21 Class Meeting
Microkernels, virtualization, exokernels Tutorial 1 – CSC469.
Jakub Szefer, Eric Keller, Ruby B. Lee Jennifer Rexford Princeton University CCS October, 2011 報告人:張逸文.
SAIGONTECH COPPERATIVE EDUCATION NETWORKING Spring 2010 Seminar #1 VIRTUALIZATION EVERYWHERE.
Enabling Technologies for Distributed and Cloud Computing Dr. Sanjay P. Ahuja, Ph.D FIS Distinguished Professor of Computer Science School of.
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Achieving 10 Gb/s Using Xen Para-virtualized.
Kenichi Kourai (Kyushu Institute of Technology) Takuya Nagata (Kyushu Institute of Technology) A Secure Framework for Monitoring Operating Systems Using.
Xen I/O Overview. Xen is a popular open-source x86 virtual machine monitor – full-virtualization – para-virtualization para-virtualization as a more efficient.
Virtualization Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation is licensed.
© 2010 IBM Corporation Plugging the Hypervisor Abstraction Leaks Caused by Virtual Networking Alex Landau, David Hadas, Muli Ben-Yehuda IBM Research –
Virtualization: Not Just For Servers Hollis Blanchard PowerPC kernel hacker.
Virtual Machine and its Role in Distributed Systems.
Politecnico di Torino Dipartimento di Automatica ed Informatica TORSEC Group Performance of Xen’s Secured Virtual Networks Emanuele Cesena Paolo Carlo.
Our work on virtualization Chen Haogang, Wang Xiaolin {hchen, Institute of Network and Information Systems School of Electrical Engineering.
Xen (Virtual Machine Monitor) Operating systems laboratory Esmail asyabi- April 2015.
Windows Server 2012 Hyper-V Networking
 Virtual machine systems: simulators for multiple copies of a machine on itself.  Virtual machine (VM): the simulated machine.  Virtual machine monitor.
Cloud Operating System Unit 09 Cloud OS Core Technology M. C. Chiang Department of Computer Science and Engineering National Sun Yat-sen University Kaohsiung,
SECURING SELF-VIRTUALIZING ETHERNET DEVICES IGOR SMOLYAR, MULI BEN-YEHUDA, AND DAN TSAFRIR PRESENTED BY LUREN WANG.
Introduction to virtualization
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Full and Para Virtualization
Enabling Technologies for Distributed Computing Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing,
Virtualization One computer can do the job of multiple computers, by sharing the resources of a single computer across multiple environments. Turning hardware.
Operating-System Structures
Processor Memory Processor-memory bus I/O Device Bus Adapter I/O Device I/O Device Bus Adapter I/O Device I/O Device Expansion bus I/O Bus.
E Virtual Machines Lecture 5 Network Virtualization Scott Devine VMware, Inc.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
Overview of Virtualization The magic of virtual machines Borislav Varadinov Telerik Software Academy System Administrator Marian.
Virtualization Neependra Khare
Welcome to the Virtual Machine Mark Cyzyk The Sheridan Libraries Johns Hopkins University.
Introduction to Operating Systems Concepts
Virtualization for Cloud Computing
Introduction to Virtualization
Virtualization.
Operating System & Application Software
Why VT-d Direct memory access (DMA) is a method that allows an input/output (I/O) device to send or receive data directly to or from the main memory, bypassing.
L2- Virtualization Technology
Matt Lemons Nate Mayotte
Current Generation Hypervisor Type 1 Type 2.
Lesson Objectives Aims Key Words
Virtualization overview
CS 286 Computer Organization and Architecture
Xen: The Art of Virtualization
Disco: Running Commodity Operating Systems on Scalable Multiprocessors
Final Review CS144 Review Session 9 June 4, 2008 Derrick Isaacson
CIT 480: Securing Computer Systems
OS Virtualization.
Virtualization Techniques
Windows Virtual PC / Hyper-V
Chapter 13: I/O Systems.
System Virtualization
Presentation transcript:

Network Interface Virtualizaion: Challenges and Solutions Ryan Shea and Jiangchuan Liu, Simon Fraser University IEEE Network Park Sewon

2 CONTENTS 1.Introduction 2.Virtualization 3.Why is the NIC more problematic to Virtualize? 4.Software-Based Virtual Interfaces 5.Hardware-Assisted Virtual Interfaces 6.Summary

3 2.Virtualization Hypervisor-based computer virtualization Physical machine Virtual machine host VM 1 Open Solaris VM 1 Open Solaris Hypervisor Physical hardware devices VM 2 Debian Linux VM 2 Debian Linux VM 3 Free BSD VM 3 Free BSD Virtual devices

4 2.Virtualization Paravirtualizations(PBMs); VM/370(IBM) - XEN(OSP) -no special hardware -privileged system calls -modified VM’s OS Hardware Virtual Machines(HVMs); VT-X, AMD-V -special hardware -intercepting privileged calls -unmodified VM’s OS

5 3.Why is the NIC more problematic to Virtualize? Memory  TLB  When a request is made from within the VM.  The ability to control the priority of the request  Known the data length NIC  Need to many Layers  Initiated by other hosts in the network  Show up at anytime  Any priority  The physical network interface sends an interrupt

6 KVM process VM process Virtual machine host Kernel Process 3.Why is the NIC more problematic to Virtualize? Linux Kernel Process Network Layer Network Layer Physical NIC Layer Physical NIC Layer Physical NIC Physical NIC Physical NIC Physical NIC Physical NIC driver Physical NIC driver Bridge Network TAP device Network TAP device Virtual NIC Virtual NIC VirtIO driver VirtIO driver Network Layer Network Layer Bare-metal KVM IRQ

7 4.Software-Based Virtual Interfaces Emulated -Require specific hardware. -The hypervisor is scheduled to run. -Only used if absolutely necessary. Paravirtualized (VirtIO) - Receiving and sending multiple packets at once. - Use of the processor’s last level cache (LLC). - Unnecessary hardware features.

8 4.Software-Based Virtual Interfaces HypervisorKVM CPUIntel Core 2 Q9500 quad core processor 2.83 GHz RAM4 Gbytes of 1333 Mhz DDR-3 SDRAM HDD320 Gbyte 7200 RPM hard drive, 16 Mbytes cache NIC1000Mb/s Broadcom Ethernel adapter (PCI-E bus) OSDebian Squeeze BenchmarkIperf Etc.VT-X Environment

9 4.Software-Based Virtual Interfaces Bare-metalKVM VirtIOKVM rtl8139 Cycles11.5 M/s51.8 M/s96.6 M/s LLC references0.48 M/s2.3 M/s3.6 M/s Context switches189/s452/s IRQs600/s2600/s5000/s Bare-metalKVM VirtIOKVM rtl8139 Cycles4.1 M/s33.4 M/s74.2 M/s LLC references0.13 M/s1.3 M/s2.7 M/s Context switches19/s307/s432/s IRQs180/s1700/s3500/s Ipref receiving 10 Mb/s TCP traffic Ipref sending 10 Mb/s TCP traffic

10 5.Hardware-Assisted Virtual Interfaces  a physical NIC has a single interrupt, which in a multicore system is mapped to a single core Virtual Machine Device Queues (VMDQ) - Multiple interrupts. - Destined based on either its MAC address or VLAN tag. - DMA into host’s memory. - host’s memory space into the VM space using hypervisor. Single Root I/O Virtualization (SR-IOV) -send an interrupt to the proper core -DMA into VM’s memory space.

11 Physical NIC VMDQ 5.Hardware-Assisted Virtual Interfaces VM1 Virtual machine VM1 process VM2 process Physical NIC VMDQ KVM process Network Layer Virtual NIC driver Virtual NIC Software switch Physical NIC driver Layer2 Classifier VM1 Virtual machine VM1 process VM2 process KVM process Network Layer Virtual NIC driver Virtual NIC Layer2 Classifier VM1 IRQ VM2 IRQ VM1 IRQ VM2 IRQ VM2 packets VM1 packets VM1 packets VM2 packets VMDQ SR-IOV Physical NIC driver

12 5.Hardware-Assisted Virtual Interfaces Bare-metalKVM SR-IOVKVM VirtIO Cycles11.5 M/s31.1M/s51.8M/s LLC references0.48 M/s2.1M/s2.3M/s Context switches189/s476/s452/s IRQs600/s1200/s2600/s Bare-metalKVM SR-IOVKVM VirtIO Cycles4.1 M/s18.8M/s33.4M/s LLC references0.13 M/s0.72M/s1.3M/s Context switches19/s239/s307/s IRQs180/s390/s1700/s Ipref receiving 10 Mb/s TCP traffic Ipref sending 10 Mb/s TCP traffic

13 6.Summary There remain many challenges to face. Issues in terms of network delay and bandwidth stability. The hypervisor must still handle IRQs generated by the SR-IOV enabled NIC. Security A DoS attack on a VM can consume almost 10 times more resources than on a bare metal machine.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.