User Details
- User Since
- Mar 13 2022, 5:49 PM (64 w, 5 d)
Apr 19 2023
Apr 9 2023
Feb 17 2023
I cannot attach the rest of the artifacts due to size limits.
Publishing them on git instead: https://github.com/volodymyrhuti/QPPB_docs
========================================================================================================= The QoS Policy Propagation via BGP feature allows you to classify packets by IP precedence based on the Border Gateway Protocol (BGP) community lists, BGP autonomous system paths, access lists, thus helping to classify based on the destination instead of source address.
Nov 7 2022
Hi @zsdc! This seems to be related to T4028. The relevant commits are:
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓ commit 92980561382fc04380414a6e2f6ca6746c2fe5e9 ┃ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┻━━━━━━━━━━━━━━━━━━━━━━━━━ Author: Donald Sharp <[email protected]> Date: Mon Apr 19 19:23:45 2021 -0400
Oct 6 2022
Hi @aserkin! It looks like you have some frr server misbehavior. It sends up/down events with an unexisting vrf id.
Could you make/describe the setup that causes the issue to appear? Thanks
Sep 27 2022
DEMO Notes:
=====================
1) You need to load the XDP program before starting frr so that
it can find the LPM map on plugin initialization.
To keep it simple, the VTY interface was not implemented for now.
XDP side is accessible via `bpftool`
3) I`m monitoring packets for TOS/DSCP changes to see if marking happens
But in another approach tag is associated with the packet and then
read by the TC classifier
4) These are two traffic shaping examples.
The point is that you have two options for marking:
4.1) Modifying the TOS byte and installing the u32 tc filter to match the value.
This has a limited range of possible values (8 bits) + needs to modify the packet.
4.2) Using a custom BPF classifier.
The XDP side extends the packet context and saves the value.
Afterward, the classifier may read the context and control the shaping behavior
by setting the `skb->tc_classid` or one of the fields mentioned below.Therefore, BPF programs attached to the tc BPF hook can, for instance, read or write the skb’s mark, pkt_type, protocol, priority, queue_mapping, napi_id, cb[] array, hash, tc_classid or tc_index, vlan metadata, the XDP transferred custom metadata and various other information. All members of the struct __sk_buff BPF context used in tc BPF are defined in the linux/bpf.h system header. https://docs.cilium.io/en/stable/bpf/#tc-traffic-control
Sep 22 2022
DEMO
===============================================
To demonstrate the feature let's look at the following topology
Sep 15 2022
Changes on the FRR side:
- Convert xdp helper library to an optional plugin + bgp hook
- Minor fixes + cleanups
- Figured out most of the permission problems
Changes on the XDP side:
- Convert mappings from legacy iproute format to the latest libbpf one
- New mappings improve debugging experience by implementing pretty-printing for XDP map dumping
- Added an xdp-loader for xdp-tools repo
Aug 25 2022
The latest version of the demo can be found here:
Jul 28 2022
The latest version of the demo can be found here:
Jul 21 2022
You can find the latest version of the demo implementation here:
Jul 14 2022
Demo QPPB implementation supporting bgp-policy destination mode:
Jun 21 2022
Memray:
In order to keep useful tracing/debugging tooling in a single place, the @jestabro has created the repo:
https://github.com/jestabro/profiling-tools
Since there is no vyatta package yet, you need to either compile it by hand or install it from the apt
as explained before. Some examples to play around with:
# NOTE: I had to downgrade this package to resolve the installation conflict # sudo apt-get install python3-pkg-resources=45.2.0-1 sudo apt-get install python3-pip sudo python3 -m pip install memray PATH+=":/home/vyos/.local/bin"
Analysis:
I have collected the profiling data for the following configurations:
Gotchas:
If you are running a small QEMU device and it has run out of the memory, the scenario is following:
- The boot process has failed, the prompt is stuck, bash is not initialized - You reboot the device, it tries to read the config, fails once again as there is no free memory - Config was not loaded, you cannot log in; it is a loop
TBD: GUI
VyOS users can configure the front-end interface, called vycontroll, to examine the configuration state.
A detailed description can be found at:
https://vycontrol.com/
https://github.com/vycontrol/vycontrol
https://docs.vyos.io/en/equuleus/configuration/service/https.html
https://brezular.com/2021/05/01/vycontrol-web-ui-for-vyos-firewall/
FRR Debugging
Recently, I had to triage/debug a bunch of issues that involved running a legacy build of frr.
This involved:
- Triaging issue down to the place when it was introduced. Otherwise, verifying that feature was never working at all.
- Comparing the execution flow between legacy/master versions to identify the divergence
- Building & running multiple (legacy/master) frr versions in parallel
- Doing deep analysis within gdb
Since the last update, I have simplified the CLI interface:
1. I have removed the global iterator and incapsulated the iteration state into the vty structure. This way, each vtysh client has its private iteration state for the following requests. It should be possible to query multiple data nodes simultaneously and asynchronously.
Jun 16 2022
Ongoing activity:
1. Stabilization - I have seen a corner case that would crash inside the northbound callbacks. - I can see some validation failure logs, although the resulting output seems good for me. - Daniil was concerned about memory leaks associated with iteration state. After additional research - this is not a problem, but I can imagine cases where we would fail to handle a malformed XPath and leak resources on the stuck unwinding I need to do some testing with Valgrind. 2. Scale testing 3. Async support for multiple vtysh clients. The current demo assumes that there is only one client. I want to map the iteration state to the vtysh client/socket so multiple requests may be executed in parallel 4. A debugging instruction I have used some complicated debugging flow when merging the feature. This should be useful for other (non-C) devs. 5. Finishing the documentation 6. advanced XPath filtering support?
Recently, I had a conversation with the VMware team lead - Pushpasis Sarkar.
He has described the ongoing development and explained the use case they are interested in.
From the conversation:
1. The latest proposal draft: Page 72-73 `Retrieve Operational Data - Retrieving Containers and Leaf members` Page 84-85 `Retrieve Operational Data - Retrieving Large List elements` + comments Page 86 `Retrieve Operational Data - Retrieving Containers and Leaf members` + comments.
Jun 9 2022
May 2 2022
There was some effort to introduce profiling into the system before, but nothing was developed.
The ticket was opened to verify that the timing values displayed in /var/log/vyatta are correct.
The vyos-debug flag enables tracing for actions described in the templates.
This will be a step-by-step walkthrough of the system profiling, as I have found this to have a bunch of non-obvious technical nuances that might get you stuck.
Apr 25 2022
Apr 20 2022
Pull https://github.com/FRRouting/frr/pull/11004 was merged. This needs retesting on the latest FRR