[E1000-devel] Support for Symmetric RSS Hashing?

Sun, 19 Jun 2016 21:48:06 -0700 

I’ve been using and recommending Intel NICs for years for network sensor 
platforms. I’m a huge user of Bro (http://bro.org <http://bro.org/>) and also 
leveraged Suricata for signature-based detections. Lately, I’ve started working 
with trying to get away from PF_RING as my hardware interface layer due to 
additional complications of out-of-kernel bolt-ons. I’ve really enjoyed the 
performance achieved using AF_PACKET for applications that support it. In Bro 
(and Suricata and now netsniff-ng), in order to support FANOUT_HASH mode 
provided by the kernel, the packets are spread across multiple processes. The 
problem is that these applications need symmetric hashing of the connections. 
The current ixgbe driver does not provide this guarantee in its RSS hashing. 
Recent changes in the kernel further made this a problem by accepting the 
hardware calculated hash, when available (for performance reasons, this would 
be great, unless you needed symmetric hashing).

I ran across several discussions where an ixgbe driver was patched to support 
this, and also ran across this blog post [1] that used DPDK to override the 
driver hash. Can we just update the hash key in the mainline driver so that we 
get both good distribution of connections and symmetric hashing? It basically 
comes down to swapping out the hash key to ensure the first 32-bits (src ip) 
match the second 32-bits (dst ip) and the next 16-bits (src port) match the 
following 16-bits (dst port). A published paper provides a key change that 
modifies the standard Toeplitz hash function, which does not provide these 
guarantees.

So…  Can we just have a better hash function in hardware (via the driver) that 
feeds RSS (and now AF_PACKET)?

Thanks!

[1] http://galsagie.github.io/2015/02/26/dpdk-tips-1/ 
<http://galsagie.github.io/2015/02/26/dpdk-tips-1/>
—
Derek Ditch
de...@criticalstack.com
GPG: 0x2543A3B5


------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://sdm.link/zohomanageengine
_______________________________________________
E1000-devel mailing list
E1000-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/e1000-devel
To learn more about Intel&#174; Ethernet, visit 
http://communities.intel.com/community/wired

Reply via email to