1 / 14

Bob Briscoe Chief Researcher, BT IRTF DCLC Jul 2014

Network Performance Isolation in Data Centres using ConEx Congestion Policing draft-briscoe-conex-policing-01 draft-briscoe-conex-data-centre-02. Bob Briscoe Chief Researcher, BT IRTF DCLC Jul 2014.

maine
Download Presentation

Bob Briscoe Chief Researcher, BT IRTF DCLC Jul 2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Performance Isolation in Data Centres using ConEx Congestion Policingdraft-briscoe-conex-policing-01draft-briscoe-conex-data-centre-02 Bob BriscoeChief Researcher, BT IRTF DCLC Jul 2014 Bob Briscoe’s work is part-funded by the European Communityunder its Seventh Framework Programme through the Trilogy 2 project (ICT-317756)

  2. purpose of talk • work proposal for the data centre latency control r-g • data centre queuing delay control • designed for global scope (inter-data-centre,... Inter-net) • this talk: adds first step: intra-data centre • without any new protocols • started in the IETF congestion exposure (ConEx) w-g • generalised for initial deployment without ConEx • and even without ECN end-to-end • now even without ECN on switches (in slides, not draft)

  3. Network Performance Isolation in Data Centres • An important problem • isolating between tenants, or departments • virtualisation isolates CPU / memory / storage • but network and I/O systemis highly multiplexed & distributed • SDN-based (edge) capacity partitioning* • configuration churn: nightmare at scale • poor use of capacity • edge-based weighted round robin (or WFQ) • More common • but biases towards heavy hitters (no concept of time) bit-rate time bit-rate time * every problem in computer science can be solved by not thinking then hiding the resulting mess under a layer of abstraction

  4. w VM sender VM receiver congestion policer guest OS hypervisor switching Outline Design – First Step edge bottlenecks by capacity design • Edge policing like Diffserv • but congestion policing (per guest) • isolation within FIFO queue • no config on switches hosts switches

  5. in a well-provisioned link, policer rarely intervenes but whenever needed, it limits queue growth bottleneck congestion policer network FIFObuffer policer foreach pkt { i = classify_user(pkt) di += wi*(tnow-ti) //fill ti = tnow di -= s * p//drain if (di<0) {drop(pkt)} } s: packet size p: drop prob of AQM AQM incomingpacketstream Y outgoing packet stream p(t) w1 w2 wi congestiontokenbucket ci … di(t) … meter

  6. actually each bucket needs to be two bucketsto limit bursts of congestion • similar code • except 2 token buckets ... if (di1<0 || di2<0) {drop(pkt)} AQM policer police if either bucket empties p(t) kwi wi ci di(t) C main congestiontoken bucket congestionburst limiter meter

  7. performance isolation outcome • WRR or WFQ • congestion policer • with unequal traffic loads • congestion policer • treats equal traffic loadsequivalently to WRR rate time rate time rate time

  8. w VM sender VM receiver TEP / congestion policer TEP / audit guest OS hypervisor switching Outline Designedge and core queue control • Edge policing like Diffserv • but congestion policing (per-guest) • Hose model • intra-class isolation in all FIFO queues • FIFO ECN marking on L3 switches • no other config on switches hosts switches

  9. trusted path congestion feedback Initial deployment all under control of infrastructure admin ECN on guest hosts: optional ECN enabled across tunnel ConEx on guest hosts: optional any ConEx-enabled packetdoesn’t require tunnel feedback details – see spare slide or draft transportsender transportreceiver infrastructure policer audit ConEx packets Non-ConExpackets transportsender transportreceiver feedback betweentunnel endpoints infrastructure TEP TEP policer

  10. Features of Solution • Network performance isolation between tenants • No loss of LAN-like multiplexing benefits • work-conserving • Zero (tenant-related) switch configuration • No change to existing switch implementations • Weighted performance differentiation • Simplest possible contract • per-tenant network-wide allowance • tenant can freely move VMs around without changing allowance • sender constraint, but with transferable allowance • Transport-Agnostic • Extensible to wide-area and inter-data-centre interconnect

  11. call for interest • implementation in hypervisors • evaluation

  12. Network Performance Isolation in Data Centres using congestion policingdraft-briscoe-conex-policing-01draft-briscoe-conex-data-centre-02 Q&A & spare slides

  13. measuring contribution to congestion bit-rate = bytes weighted by congestion level= bytes dropped (or ECN-marked)= ‘congestion-volume’ as simple to measure as volume time congestion 1% 0.01% time 0.01% congestion 1% congestion 3MB 300MB 10GB 100MB 1MB 1MB

  14. exploits: • widespread edge-edge tunnels in multi-tenant DCs to isolate forwarding • a side-effect of standard tunnelling (IP-in-IP or any ECN link encap) unilateral deployment technique for data centre operator 11  drop congestednetworkelement 00  10 • for e2e transports that don’t support ECN, the operator can: • at encap: alter 00 to 10 in outer • at interior buffers: turn on ECN • defers any drops until egress • audit just before egress can see packets to be dropped 10  11 ingress E egress 1 2 A audit pol-icer meter 3 IPFIX collector exporter • for e2e transports that don’t support ConEx, the operator can create its own trusted feedback: • at decap: only for Not-ConEx packets, feedback aggregate congestion marking counters: • CE outer, Not-ECT inner = loss • CE outer, ECT inner = ECN E A

More Related