[vpp-dev] Help Needed with Worker Thread Selection in VPP's Data Path

2023-02-22 Thread Chul-Woong Yang 
Hello everyone,

I am currently working on synchronizing session information between
two nodes in a High Availability (HA) setup. When the Master node
sends session information to the Backup node, it is important that the
information is handed off to the corresponding worker thread in order
to properly serve the packet with the same 5-tuple. Failure to do so
would result in a synchronization issue.

To distribute the packets to the worker threads, I plan to use VLIB
handoff code. However, I am unsure how VPP selects the worker thread
on the datapath. Specifically, I have the following questions:

If each thread has a dedicated rx-queue, can we use dpdk's hash
algorithm to select the corresponding rx-queue and determine which
threads are attached to it? Are there any examples of this in the VPP
codebase?

If multiple worker threads are attached to a single rx-queue, how are
the packets distributed? Round-robin would not be desirable since it
would result in the same 5-tuple session being passed to multiple
threads.

If dpdk is disabled, would the behavior be different?

As someone new to VPP and lower level networking, I would greatly
appreciate any comments or suggestions. Thank you for your help.

Best regards,
Chul-Woong

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#22613): https://lists.fd.io/g/vpp-dev/message/22613
Mute This Topic: https://lists.fd.io/mt/97156106/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/1480452/21656/631435203/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [vpp-dev] Q) Is it a possible acl-plugin race condtion?

2022-12-12 Thread Chul-Woong Yang 
Thank you for your answer.
It's for fast datapath processing, I see.
However, I'm curious whether it is an accepted behavior to stop routing while 
processing configuration change.
Are production CISCO routers made in that way?

Kind regards,
Chul-Woong

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#22317): https://lists.fd.io/g/vpp-dev/message/22317
Mute This Topic: https://lists.fd.io/mt/95613760/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/1480452/21656/631435203/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[vpp-dev] Q) Is it a possible acl-plugin race condtion?

2022-12-11 Thread Chul-Woong Yang 
Hi, team.

I'm reading acl-plugin code and have a question on race condition.
When vpp needs to update acl rules, it does not keep a refcnt or
something and just `vec_free`s the rules. Is it safe?:
```
  /* ACL updater: from acl_add_list() */
{
  a = am->acls + *acl_list_index;
  /* Get rid of the old rules */
  if (a->rules)
vec_free (a->rules);   /* (A) */
}
...


  /* ACL user: from single_acl_match_5tuple() */
  for (i = 0; i < vec_len(acl_rules); i++)
{
  r = &acl_rules[i];
  ... /* (B) */
```

I worry that vpp can SEGV by refering freed memory when it referes an
acl rules `r` in (B) while another thread frees the rule in (A).

Best regards,
Chul-Woong

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#22313): https://lists.fd.io/g/vpp-dev/message/22313
Mute This Topic: https://lists.fd.io/mt/95613760/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/1480452/21656/631435203/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[vpp-dev] Q) Why does the timeout of ACL plugin get halved?

2022-10-11 Thread Chul-Woong Yang 
Hi, all.

When I try the ACL plugin, I find that transient timeout of the TCP
connection gets halved.
For example, the session entry for a finished TCP session gets cleaned
after 60 seconds, even if the TCP idle timeout is set to default 120 seconds.

This is the relevant code.
https://github.com/FDio/vpp/blob/06923b33a9507ee6a92facb770650fff93d89dff/src/plugins/acl/sess_mgmt_node.c#L133

I think the author's original intention is `check them twice per user
timeout`, but the current behavior is `halve the user timeout`.

Any comments will be appreciated deeply.

Best regards,
Chul-Woong

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#21996): https://lists.fd.io/g/vpp-dev/message/21996
Mute This Topic: https://lists.fd.io/mt/94254992/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/leave/1480452/21656/631435203/xyzzy 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[vpp-dev] Q) Service function chaining

2019-05-21 Thread Chul-Woong Yang 
Hi, all.

I'm looking for ways to service function chaining in container-native 
environments.
My use case is security vnfs. I've developed on-premise boxes for several years 
and want to make vnfs using vpp now.

As far as I surveyed, ligato/sfc project and nsm(network service mesh) are only 
two viable solutions.

What sfc way do you suggest, in terms of active development, maturity, and user 
community?

Now I'm trying ligato/sfc quick start ( 
https://github.com/ligato/sfc-controller ) but docker image is missing and
have trouble in finding ligato community.

Can you share your experience on doing sfc?

Best regards,
Chul-Woong
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#13110): https://lists.fd.io/g/vpp-dev/message/13110
Mute This Topic: https://lists.fd.io/mt/31715546/21656
Group Owner: vpp-dev+ow...@lists.fd.io
Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-