1 of 6

VPP @ Hackathon ‘95

  • VPP - Open source software data plane
    • Commodity hardware, ~10Mpps/core,
    • http://fd.io Source: git clone https://gerrit.fd.io/r/vpp
  • IETF - Running code:�Before: Proprietary hardware�Now: Production high performance forwarding with commodity hardware and open source
  • Project:
    • Source Address Dependent Routing:
      • draft-ietf-rtgwg-dst-src-routing
      • Implementation and performance
  • Champion: Ole Trøan <ot@cisco.com>

2 of 6

Need for Source Address Dependent Routing (SADR)

Internet

ISP Blue

ISP Red

Host uses addresses from BLUE and RED prefixes

Using src addr from Blue

First hop is Red

Anti-spoofing => blocked

3 of 6

SADR in VPP - what we did

  • Victoria, Ezequiel, Pierre (in Paris), Eric, Ole
  • Setup development environment. Pulled code, built
  • Two competing proposals for data structure:
    • Extend hash key to 256 bit (D, S) lookup
    • D table entry point to S tables
  • Running implementation of 1.
  • Test setup, Auto generation of FIBs, PCAP files, performance measurements

4 of 6

SADR table

::/0, 1000::/64 -> ISP A

::/0, 2000::/64 -> ISP B

2001:db8::/64, 1000::/64 -> VPN

2001:db8::/48, ::/0 -> Null

2001:db9::/48, ::/0 -> Null

5 of 6

IPv6 FIB SADR Lookup

  • Hash table indexed by: <destination, prefixLength, FIBIndex>
    • Iterate on prefixLength starting from the longest in the table until match found
  • When match:
    • No source prefix -> Done (normal Dest lookup)
    • Lookup in a S,D hash table keyed on <destination, destinationPrefixLength, source, sourcePrefixLength, FIBindex>
    • Iterate on sourcePrefixLength starting from longest in the table until match is found
    • If no match on source prefix, then backtrack up the next longest matching D

6 of 6

Performance