[Ntop] Announce: libzero

Luca Deri deri at ntop.org
Mon May 14 16:13:41 CEST 2012 

Hi all,
Last year we have introduced PF_RING DNA for implementing 0% CPU 
receive/transmission on commodity 1/10 Gbit network adapters. We 
considered DNA as a starting point, as it implemented high-speed RX/TX 
that was enough for most, but not all of you. This is because commodity 
adapters do not feature advanced packet balancing techniques as they 
rely on RSS, that has several limitations such as asymmetric flow 
balancing (i.e. the two direction of the same flow are spread onto two 
different cores) and inability to provide users a way to use their 
balancing function. Another limitation of DNA, again due to its nature 
that is close to the hardware, is that packets should be processed in 
sequence (i.e. in FIFO) whereas applications sometimes need to store 
packets and process them out of sequence (e.g. in case of fragmented 
packets, a given packet must be rebuilt with all fragments prior to 
process it).

Although zero-copy is often a buzzword as only a subset of packet 
management is really performed without copying any packet, at ntop we 
decided to see whether it was really possible implement zero-copy for 
all operations, including packet dispatching to threads and applications 
(including packet fan-out support), packet queuing, and forwarding 
across interfaces. This is what libzero is for: as its name says, we can 
do all these operations in zero-copy, with no performance penalty as you 
will still be able to reach line rate with minimal packet size (14.88 
Mpps with 60+4 bytes packets).

Libzero opens up a new world of opportunities, as it enables developers 
to focus on their application leaving to the library the task of 
handling packet memory, prefetching memory to let your applications 
access packet payload at the same speed as counting packets. Now you can 
finally scale up applications, as you can for instance spawn several 
snort applications and, without changing a single line of its code, let 
each instance handle a coherent (across directions) set of packets, all 
at line rate. In a nutshell, the network is no longer the bottleneck nor 
the source of complexity.

The ball is on the software side again. You can find all details at 
the libzero home page ( 
http://www.ntop.org/products/pf_ring/libzero-for-dna/).

Enjoy, Luca and Alfredo


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listgateway.unipi.it/pipermail/ntop/attachments/20120514/63ab691e/attachment.htm>

More information about the Ntop mailing list