IETF Logo Mail Archive

RE: Impact of hardware offloads on network stack performance

Mike Bishop <mbishop@evequefou.be> Thu, 05 April 2018 21:56 UTC

Return-Path: <mbishop@evequefou.be>
X-Original-To: quic@ietfa.amsl.com
Delivered-To: quic@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id D09AC12DA49 for <quic@ietfa.amsl.com>; Thu, 5 Apr 2018 14:56:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1522965417; bh=b3vQpCa29vkbdRkoey4IwLaurTqAmlOkkFoVyYxw5YQ=; h=From:Subject:Date:References:In-Reply-To:To:To:To; b=iTjXepNLobPKGC/g2XdbXPsG1EnG8ozRfMuXKwk62clR5jLSVGA3lcYddzHrQtouU D0xHnM2PuLZVLCLlCXZoUkPO4i7DcdPDtR3gsTmzyaHrsMAGISMIX6IO7WdvA4YXf7 6J3CDOC3rn+lf6SmXP/1nJrbH4z85XP19iZ1Udqo=
X-Mailbox-Line: From mbishop@evequefou.be Thu Apr 5 14:56:57 2018
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 802A812D948; Thu, 5 Apr 2018 14:56:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1; t=1522965417; bh=b3vQpCa29vkbdRkoey4IwLaurTqAmlOkkFoVyYxw5YQ=; h=From:Subject:Date:References:In-Reply-To:To:To:To; b=iTjXepNLobPKGC/g2XdbXPsG1EnG8ozRfMuXKwk62clR5jLSVGA3lcYddzHrQtouU D0xHnM2PuLZVLCLlCXZoUkPO4i7DcdPDtR3gsTmzyaHrsMAGISMIX6IO7WdvA4YXf7 6J3CDOC3rn+lf6SmXP/1nJrbH4z85XP19iZ1Udqo=
X-Original-To: dmarc-reverse@ietfa.amsl.com
Delivered-To: dmarc-reverse@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5528612D962 for <dmarc-reverse@ietfa.amsl.com>; Thu, 5 Apr 2018 14:56:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=evequefou.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lKuFSUF-sYh0 for <dmarc-reverse@ietfa.amsl.com>; Thu, 5 Apr 2018 14:56:45 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on071f.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe44::71f]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4016212D948 for <pravb=40microsoft.com@dmarc.ietf.org>; Thu, 5 Apr 2018 14:56:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=evequefou.onmicrosoft.com; s=selector1-evequefou-be; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=b3vQpCa29vkbdRkoey4IwLaurTqAmlOkkFoVyYxw5YQ=; b=FY7Z167WjiJSAh8RLIioYFiF1JiQNexuGsgOTxTTSJUS1WXlt1L0HGicMX4uk0XFs7YM2S6Lp4E8Quu2gPyvhbgRKhsHKQZ+BAG5nkV3ZeTWN34tRCqw033LZyaoHud7OAf3TM5clrhilVKzJR/JiBi6vsx4suseuPqhh7t8a7M=
Received: from SN1PR08MB1854.namprd08.prod.outlook.com (10.169.39.8) by SN1PR08MB1856.namprd08.prod.outlook.com (10.169.39.10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.653.12; Thu, 5 Apr 2018 21:56:41 +0000
Received: from SN1PR08MB1854.namprd08.prod.outlook.com ([fe80::e9d8:1358:e716:ba77]) by SN1PR08MB1854.namprd08.prod.outlook.com ([fe80::e9d8:1358:e716:ba77%13]) with mapi id 15.20.0653.013; Thu, 5 Apr 2018 21:56:41 +0000
From: Mike Bishop <mbishop@evequefou.be>
Subject: RE: Impact of hardware offloads on network stack performance
Thread-Topic: Impact of hardware offloads on network stack performance
Thread-Index: AdPMUbL7T8nZAW2ySiO289IPTC0ttgAApm4AADSbFZA=
Date: Thu, 05 Apr 2018 21:56:40 +0000
Message-ID: <SN1PR08MB1854E64D7C370BF0A7456977DABB0@SN1PR08MB1854.namprd08.prod.outlook.com>
References: <CY4PR21MB0630CE4DE6BA4EDF54A1FEB1B6A40@CY4PR21MB0630.namprd21.prod.outlook.com> <CAN1APde93+S8CP-KcZmqPKCCvsGRiq6ECPUoh_Qk0j9hqs8h0Q@mail.gmail.com>
In-Reply-To: <CAN1APde93+S8CP-KcZmqPKCCvsGRiq6ECPUoh_Qk0j9hqs8h0Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=mbishop@evequefou.be;
x-originating-ip: [38.134.241.6]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; SN1PR08MB1856; 7:oVUgXNLHuJU9rLcWpcZL/U6dBBuGnlXcxM8XLkW2ftcaqmbGEA9XzQgwkne0NwPIIO1DjuEBwCsSuvXCVX7lGR+ONgU1ZBKopdj65+eKVw80uV6n+YvDm48HkK/mqRuBr4pnq3EEAioetYHppmTzxZr2by+cLAYlqwN/XVP7sKxJOLlwqwVsto4QZ/OoSwqREbLoTnZ9NZJtU5wgefGdDxsgIWi2Vy5Xl1+jdUwhhX1gSgLfdqWq1iw2ToDYBUjj
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: 79a81afb-403d-4dd5-3fe2-08d59b401d30
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(7021125)(5600026)(4604075)(3008032)(4534165)(7022125)(4603075)(4627221)(201702281549075)(7048125)(7024125)(7027125)(7028125)(7023125)(2017052603328)(7153060)(7193020); SRVR:SN1PR08MB1856;
x-ms-traffictypediagnostic: SN1PR08MB1856:
x-microsoft-antispam-prvs: <SN1PR08MB185622BD9AF5172EEA22A221DABB0@SN1PR08MB1856.namprd08.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(158342451672863)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040522)(2401047)(8121501046)(5005006)(3002001)(93006095)(93001095)(3231221)(944501327)(52105095)(10201501046)(6041310)(20161123558120)(20161123562045)(20161123564045)(20161123560045)(2016111802025)(6072148)(6043046)(201708071742011); SRVR:SN1PR08MB1856; BCL:0; PCL:0; RULEID:; SRVR:SN1PR08MB1856;
x-forefront-prvs: 06339BAE63
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(346002)(39380400002)(376002)(366004)(39830400003)(396003)(189003)(199004)(486006)(5250100002)(186003)(106356001)(6506007)(74482002)(19609705001)(33656002)(8936002)(102836004)(86362001)(81166006)(8676002)(81156014)(26005)(97736004)(476003)(229853002)(66066001)(3280700002)(2906002)(11346002)(446003)(53546011)(5660300001)(105586002)(316002)(790700001)(55016002)(39060400002)(7736002)(68736007)(74316002)(110136005)(3660700001)(53936002)(54896002)(6306002)(7696005)(9686003)(236005)(6246003)(6116002)(2900100001)(99286004)(25786009)(3846002)(14454004)(478600001)(6436002)(76176011); DIR:OUT; SFP:1102; SCL:1; SRVR:SN1PR08MB1856; H:SN1PR08MB1854.namprd08.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:0;
received-spf: None (protection.outlook.com: evequefou.be does not designate permitted sender hosts)
x-microsoft-antispam-message-info: 3VUr96vjl0P6a8XmmQgmfI+kcxOdiMqYU5OHiEjLvyjYcX0t6KcmlOkdSbjBi6T3adZPvLuYwuHwy5xT7dnGwY5gJlBvSEVOlJ9Adnym246f99HD+YVW/NaqELx0ryYanBVeZAfDYlg/bayKAUYjMdbmrQ2Sk4EGIVr5fKQBGj36TvC/5J0vw/s46oLKfFTtf2xNTrnh0HI/em12/sOs9oS0/M5gJ6fJKT3dd1Poikq4wG1eqPHQrH32YM62W9xbKJ/rYcO5YNI/khwIznVNtuBl+zAkiGf4hmzQPo5D2GXmNB9wtx11MSobXiFtVrxvcaJw9lkxLGchkW2IQ6AG3ZVeEaekl3iWy4P49FhlJMUQmuiWe8g7IK0VNNqtkgzII9HhUpRWuLR0u+jNBeB99yfG8+ZvnxcZ4sa0i8xRv+U=
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_SN1PR08MB1854E64D7C370BF0A7456977DABB0SN1PR08MB1854namp_"
MIME-Version: 1.0
X-OriginatorOrg: evequefou.be
X-MS-Exchange-CrossTenant-Network-Message-Id: 79a81afb-403d-4dd5-3fe2-08d59b401d30
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Apr 2018 21:56:40.9894 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 41eaf50b-882d-47eb-8c4c-0b5b76a9da8f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1PR08MB1856
To: Mikkel Fahnøe Jørgensen <mikkelfj@gmail.com>
To: Praveen Balasubramanian <pravb@microsoft.com>
To: IETF QUIC WG <quic@ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic/qlN45JKg8flPy4TZtY0D0cdPQLk>
X-BeenThere: quic@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Main mailing list of the IETF QUIC working group <quic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic>, <mailto:quic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic/>
List-Post: <mailto:quic@ietf.org>
List-Help: <mailto:quic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic>, <mailto:quic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Apr 2018 21:56:58 -0000

That’s interesting data, Praveen – thanks.  There is one caveat there, which is that (IIUC, on current hardware) you can’t do packet pacing with LSO, and so my understanding is that even for TCP many providers disable this in pursuit of better egress management.  So what we’re really saying is that:

  *   On current hardware and OS setups, UDP runs less than half as much throughput as TCP; that needs some optimization, as we’ve already discussed
  *   TCP will dramatically gain performance once hardware offload catches up and allows paced LSO 😊

However, as Mikkel points out, the crypto costs are likely to overwhelm the OS throughput / scheduling issues in real deployments.  So I think the other relevant piece to understanding the cost here is this:

  *   What is the throughput and relative cost of TLS/TCP versus QUIC (i.e. how much are the smaller units of encryption hurting us versus, say, 16KB TLS records)?
     *   TLS implementations already vary here:  Some implementations choose large record sizes, some vary record sizes to reduce delay / HoLB, so this probably isn’t a single number.
  *   How much additional load does PNE add to this difference?
  *   To what extent would PNE make future crypto offloads impossible versus requires more R&D to develop?

From: QUIC [mailto:quic-bounces@ietf.org] On Behalf Of Mikkel Fahnøe Jørgensen
Sent: Wednesday, April 4, 2018 1:34 PM
To: Praveen Balasubramanian <pravb=40microsoft.com@dmarc.ietf.org>; IETF QUIC WG <quic@ietf.org>
Subject: Re: Impact of hardware offloads on network stack performance

Thanks for sharing these numbers.

My guess is that these offloads deal with kernel scheduling, memory cache issues, and interrupt scheduling.

It probably has very little to do with crypto, TCP headers, and any other cpu sensitive processing.

This is where netmap enters: you can transparently feed the data as it becomes available with very little sync work and you can also efficiently pipeline so you pass data to decryptor, then to app, with as little bus traffic as possible. No need to copy data or synchronize kernel space.

For 1K packets you would use about 1000ns (3 cycles/byte) on crypto and this would happen in L1 cache. It would of course consume a core which a crypto offload would not, but that can be debated because with 18 core systems, your problem is memory and network more than CPU.

My concern with PNE is for small packets and low latency where
1) an estimated 24ns for PN encryption and decryption becomes measurable if your network is fast enough.
2) any damage to the packet buffer cause all sorts of memory and cpu bus traffic issues.

1) is annoying. 2) is bad, completely avoidable but not as PR 1079 is formulated currently.

2) is also likely bad for hardware offload units as well.

As to SRV-IO - I’m not familiar with it, but obviously there is some IO abstraction layer - the question is how you make it accessible to apps as opposed to device drivers that does nor work with you QUIC custom stack, and netmap is one option here.

Kind Regards,
Mikkel Fahnøe Jørgensen


On 4 April 2018 at 22.15.52, Praveen Balasubramanian (pravb=40microsoft.com@dmarc.ietf.org<mailto:pravb=40microsoft.com@dmarc.ietf.org>) wrote:
Some comparative numbers from an out of box default settings Windows Server 2016 (released version) for a single connection with a microbenchmark tool:

Offloads enabled

TCP gbps

UDP gbps

LSO + LRO + checksum

24

3.6

Checksum only

7.6

3.6

None

5.6

2.3


This is for a fully bottlenecked CPU core -- if you run lower data rates there is still a significant difference in Cycles/byte cost. Same increased CPU cost applies for client systems going over high data rate Wifi and cellular.

This is without any crypto. Once you add crypto the numbers become much worse with crypto cost becoming dominant. Adding another crypto step further exacerbates the problem. Hence crypto offload gains in importance followed by these batch offloads.

If folks need any more numbers I’d be happy to provide them.

Thanks

v2.23.0 | Report a Bug | By Email