在 2023/3/1 下午7:07, Michael S. Tsirkin 写道:
On Wed, Mar 01, 2023 at 11:30:37AM +0800, Heng Qi wrote:
在 2023/2/28 下午7:16, Michael S. Tsirkin 写道:
On Sat, Feb 18, 2023 at 10:37:15PM +0800, Heng Qi wrote:
If the tunnel is used to encapsulate the packets, the hash calculated
using the outer header of the receive packets is always fixed for the
same flow packets, i.e. they will be steered to the same receive queue.
Wait a second. How is this true? Does not everyone stick the
inner header hash in the outer source port to solve this?
For example geneve spec says:
it is necessary for entropy from encapsulated packets to be
exposed in the tunnel header. The most common technique for this is
to use the UDP source port
same goes for vxlan did not check further.
so what is the problem? and which tunnel types actually suffer from the
problem?
In fact, similar to protocols such as GRE, there is no outer transport
header.
Thanks.
Sorry I don't understand the answer. What is similar to what?
By GRE you mean NVGRE? That has FlowID for this purpose.
Only 8 bit - is this the issue? Not enough entropy?
Sorry I almost missed this email. 😮
Did you miss the reply in the other thread:
"
The end point of the tunnel called the gateway (with DPDK on top of it).
1. When there is no inner header hash, entropy can be inserted into the
udp src port of the outer header of the tunnel,
and then the tunnel packet is handed over to the host. The host needs to
take out a part of the CPUs to parse the outer headers (but not drop them)
to calculate the inner hash for the inner payloads, and then use the
inner hash to forward them to another part of the CPUs that are
responsible for processing.
1). During this process, the CPUs on the host are divided into two
parts, one part is used as a forwarding node to parse the outer header,
and the CPU utilization is low. Another part handles packets.
2). The entropy of the source udp src port is not enough, that is, the
queue is not widely distributed.
2. When there is an inner header hash, the gateway will directly help
parse the outer header, and use the inner 5 tuples to calculate the
inner hash.
The tunneled packet is then handed over to the host.
1) All the CPUs of the host are used to process data packets, and there
is no need to use some CPUs to forward and parse the outer header.
2) The entropy of the original quintuple is sufficient, and the queue is
widely distributed.
"
In this thread, I mean protocols such as Generic Routing Encapsulation
(GRE)[1], which have IPv4 as *Delivery Header*.
Compared with VXLAN, which increases entropy through outer udp src port,
GRE has less entropy.
[1] https://www.rfc-editor.org/rfc/rfc2784.html
Thanks.
---------------------------------------------------------------------
To unsubscribe, e-mail: virtio-dev-unsubscr...@lists.oasis-open.org
For additional commands, e-mail: virtio-dev-h...@lists.oasis-open.org