Control and Management Plane for IO Modules, with Fulvio Risso from Politecnico di Torino - a podcast by Ben Pfaff

Fulvio Risso is an associate professor at Politecnico di Torino in Turin,
Italy. His research is in the area of high-speed (10+ Gbps) packetprocessing and especially in programmable networks. This interview was
prompted by Fulvio's presentation “A
Control and Management Plane for IO Modules” at the IO Visor Summit
held on Feb. 27 in Mountain View (see Quentin Monnet's excellentsummaryof the summit for more information).

The episode begins with a few words aboutOSSN 2017, the
2nd International Workshop on Open-Source Software Networking, whichFulvio co-chairs. The interview occurred long before the workshop, which
took place in early July. See also theworkshop schedule.

An IO Module, according to Fulvio, is a kind of marketing term for an
eBPF program. In turn, eBPF is an abstract, portable, safe virtualmachine that Linux allows userspace programs to install into the kernel
to monitor, augment, or control kernel behavior. OVS Orbit haspreviously covered eBPF inepisode 4on Cilium,episode 23on the IO Visor project, and other episodes.

According to Fulvio, for NFV packet processing, IO Modules have three
primary advantages over other approaches. First, they cab directlyinjected into a kernel. Second, potentially, IO Modules can be injected
at different layers, for example in the main networking stack or in anetworking driver. Third, eBPF programs are more portable than native
code, which can be an important advantage for heterogeneous telcoenvironment.

Fulvio gives an example of the use of IO Modules for implementing the
functionality of a residential network gateway. IO Modules implementDHCP, routing, NAT, deep packet inspection, etc. The advantage of an IO
Module architecture over the traditional home gateway design ismodularity: the IO Module design can be easily changed and adapted to
suit a new use case.

TheIO Modulesrepository includes a controller named Hover that is the main method
proposed for IO Module deployment and (re)configuration. Northbound,Hover provides a high-level REST API that accepts IO Modules or C code
that can be transformed into eBPF; southbound, it talks to the Linuxkernel to enable and connect IO Modules. In addition, it provides some
helpers that allow IO Modules to handle points of eBPF programming thatare currently tricky.

There is a clear analogy between Open vSwitch/OpenFlow and IO
Modules/Hover. In both cases, there is a kernel-based fast path, thatsometimes needs to consult a userspace-based slow path, which
occasionally needs to consult a controller over the network. OpenvSwitch uses OpenFlow for communication with the controller; for Hover,
the protocol is yet to be determined. Fulvio is considering whether touse an existing controller such as ONOS.

Ben and Fulvio discuss how to divide the implementation between fast path
and slow path, with ARP as an example.

Fulvio briefly discusses the performance of IO Modules, which is
generally competitive with related technologies. The goal, however, isnot performance, but flexibility.

In the future, Fulvio plans to dedicate resources to bringing IO Modules
into the larger IO Visor community. Fulvio is also concerned that the IOVisor community is tied too tightly to individual companies. He hopes
for the community to expand further into university and researchenvironments.

OVS Orbit is produced byBen Pfaff. The
intro music in this episode isDrive,
featuring cdk and DarrylJ, copyright 2013, 2016 by Alex. The bumpermusic isYeah Antfeaturing Wired Ant and Javolenus, copyright 2013 by Speck. The outro
music isSpace
Bazookafeaturing Doxen Zsigmond, copyright 2013 by Kirkoid. All
content is licensed under a Creative CommonsAttribution 3.0
Unported (CC BY 3.0)license.

Further episodes of OVS Orbit

Further podcasts by Ben Pfaff

Website of Ben Pfaff