SlideShare une entreprise Scribd logo

Integrating Linux routing with FusionCLI™

Télécharger en tant que ODP, PDF
Stephen Hemminger
Stephen Hemminger

Overview of Vyatta from presentation in Copenhagen 2007

Technologie
1  sur  32
Herding networking cats: Integrating Linux routing with FusionCLI™ Stephen Hemminger shemminger@vyatta.com
Outline Introduction FusionCLI™ QoS configuration Issues
My background OSDL – Linux Foundation Linux 2.5 network infrastructure → bridging TCP congestion control → netem → iproute Network performance → Marvell replacement drivers Vyatta Kernel performance Quality Of Service support
Vyatta versions http://vyatta.org http://vyatta.com Free download Subscription livecd Update 2x year Update 4x year Community forums Software or Hardware Phone and Email Support Same source and features
Vyatta Distribution Debian GNU/Linux Current version based on testing → lenny Linux kernel 2.6.24 + bugfix Filesystems: unionfs, squashfs Serial driver: wanpipe Additional packages CLI infrastructure Configuration templates Updated routing related packages Quagga, SNMP, SNORT, ...
Linux cats
CLI Requirements Router look & feel Command completion Roles: Administrator, operator Configure mode Extensible Text based Language neutral Integrated with operating system
Vyatta Proprietary Open System System Monolithic SW Graphical User Interface Network Apps FusionCLITM Internet Protocols WAN Optimization Open API Load Balancing Scalable Routing NW Functions Security Extensible Internet Protocols DHCP, NAT, Radius… Firewall, VPN Anti-X PBX Linux Kernel IDS Unique HW Massive open-source Standard HW ecosystem…
CLI architecture
Demo 1: Basic interface $ show interfaces  Interface    IP Address         State       Link   Description eth0         192.168.111.132/24 up          up eth1         ­                  up          up  lo           127.0.0.1/8        up          up   lo           ::1/128            up          up $ show interfaces et<tab>hernet <tab>    detail  eth0    eth1     $ show interfaces ethernet eth0  eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast  state UNKNOWN qlen 1000     link/ether 00:0c:29:f6:20:9e brd ff:ff:ff:ff:ff:ff     inet 192.168.111.132/24 brd 192.168.111.255 scope global eth0     inet6 fe80::20c:29ff:fef6:209e/64 scope link         valid_lft forever preferred_lft forever ...
Template hierarchy /opt/vyatta/share/vyatta­op/templates/show/interfaces/ethernet |­­ detail |   `­­ node.def |­­ node.def `­­ node.tag     |­­ brief     |   `­­ node.def     |­­ capture     |   |­­ node.def     |   |­­ not     |   |   |­­ node.def     |   |   `­­ port     |   |       |­­ node.def     |   |       `­­ node.tag     |   |           `­­ node.def     |   `­­ port     |       |­­ node.def     |       `­­ node.tag     |           `­­ node.def     |­­ identify     |   `­­ node.def     |­­ node.def     |­­ physical     |   `­­ node.def
Operational template show/interfaces/ethernet/node.tag/node.def help: Show specified ethernet interface information allowed: for dev in /sys/class/net/*;           do if [[ ­L $dev/device ]]             then if [[ $(cat $dev/type) ­eq 1 ]]                  then echo ­n ${dev##*/} " "                  fi             fi          done run: vyatta­show­interfaces.pl ­­intf="$4"
Demo 2: Configuration $ configure [edit] # set interfaces ethernet eth0 description 'Vmware NAT' [edit] # show interfaces ethernet eth0  address dhcp +description "Vmware NAT"  hw­id 00:0c:29:f6:20:9e [edit] # mount ... unionfs on /opt/vyatta/config/tmp/new_config_5035 type unionfs     (rw,dirs=/tmp/changes_only_5035=rw:/opt/vyatta/config/active=r o) [edit] vyatta@vc3­1­3# commit
Configuration templates multi: type: txt help: Set an IP address for this interface syntax:expression: exec "/opt/vyatta/sbin/vyatta­interfaces.pl      ­­valid­addr $VAR(@) ­­dev $VAR(../@)"     ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" update: /opt/vyatta/sbin/vyatta­interfaces.pl     ­­eth­addr­update $VAR(@) ­­dev $VAR(../@) delete: /opt/vyatta/sbin/vyatta­interfaces.pl      ­­eth­addr­delete $VAR(@) ­­dev $VAR(../@) allowed: echo "dhcp <>" comp_help:Possible completions:   <x.x.x.x/x> Set the IP address and prefix length   <h:h:h:h:h:h:h:h/x>   Set the IPv6 address and prefix length   dhcp Set the IP address and prefix length via DHCP
Configuration save restore interfaces {     ethernet eth0 {         address dhcp         duplex auto         hw­id 00:0c:29:f6:20:9e         speed auto     }     loopback lo {     } } service {     ssh {         port 22         protocol­version v2     } }
Quality of Service (QoS) usage models Real time services VOIP Network control plane BGP, OSPF, STP Fairness Throttle batch services P2P, backup,
Vyatta QoS Organized by policy types Fair queue => sfq Traffic shaper => htb Drop tail => fifo Rate limiter => tbf Traffic limiter => ingress ...
fair-queue # set qos­policy fair­queue fq [edit] # set interfaces ethernet eth0 qos­policy out fq [edit] # commit [edit] # run show queueing    Output queues: Interface  Qos­Policy             Sent    Dropped   Overlimit eth0       fair­queue             4578          0          0 eth1       default                 468          0          0
fair-queue template set/qos-policy/fair-queue/node.def tag: type: txt help: Set fair queueing policy syntax:expression: pattern $VAR(@) "^[[:alnum:]][­_[:alnum:]]*$"                    ; "only alpha­numeric policy name allowed" update: /opt/vyatta/sbin/vyatta­qos.pl ­­create­policy "$VAR(.)"  "$VAR(@)" delete: /opt/vyatta/sbin/vyatta­qos.pl ­­delete­policy "$VAR(@)"
Qos on Ethernet Interface set/interfaces/ethernet/node.tag/qos-policy/out/node.def type: txt help: Set outbound QOS policy for specified ethernet interface allowed: /opt/vyatta/sbin/vyatta­qos.pl ­­list­policy update: /opt/vyatta/sbin/vyatta­qos.pl  ­­update­interface $VAR(../../@) $VAR(.) $VAR(@) delete: /opt/vyatta/sbin/vyatta­qos.pl  ­­delete­interface $VAR(../../@) $VAR(.)
Internals - perl code sub update_interface {     my ($interface, $direction, $name ) = @_;     my $config = new VyattaConfig;     ( $direction eq "out" ) or die "Only out direction  supported";     $config­>setLevel('qos­policy');     foreach my $type ( $config­>listNodes() ) {         if ( $config­>exists("$type $name") ) {           my $shaper = make_policy($config, $type, $name);           delete_interface($interface, $direction);           open my $out, "|­" or exec qw:sudo /sbin/tc ­batch ­:;           $shaper­>commands($out, $interface);           if (! close $out) {               delete_interface($interface, $direction);           }     }     die "Unknown qos­policy $namen"; }
QoS traffic-shaper # edit qos­policy traffic­shaper lartc [edit qos­policy traffic­shaper lartc] # set class 2 bandwidth 100% [edit qos­policy traffic­shaper lartc] # set class 2 match www ip destination port 80 [edit qos­policy traffic­shaper lartc] # set class 3 bandwidth 3mbit [edit qos­policy traffic­shaper lartc] # set class 3 ceiling 5mbit   [edit qos­policy traffic­shaper lartc] # set class 3 match smtp ip destination port 25 [edit qos­policy traffic­shaper lartc] # exit
Traffic-shaper continue [edit] # commit qos­policy traffic­shaper lartc configuration not complete: missing  default class Commit failed # set qos­policy traffic­shaper lartc default bandwidth 1 [edit] # commit [edit] # set interfaces ethernet eth0 qos­policy out
Result # run show queueing ethernet eth0          eth0 Output queue: Class      Qos­Policy             Sent    Dropped   Overlimit 1:        traffic­shaper        11438          0          0   4       fair­queue            11438          0          0   2       fair­queue                0          0          0   3       fair­queue                0          0          0 [edit]
Issues Developer documentation Linux Kongress paper Watch this space Vyatta ↔ Linux management Vyatta config ignores other changes CLI stays loosely coupled Vyatta package changes Every distribution is a fork All changes are fed to upstream
SPC-FLOSS: orphaned projects Users want support for orphaned projects Multicast routing MPLS RSTP IPV6
Future Richer features QoS+, bonding, … GUI Multi-queue Performance

Recommandé

Performance challenges in software networking
Performance challenges in software networkingPerformance challenges in software networking
Performance challenges in software networkingStephen Hemminger
 
Packet Framework - Cristian Dumitrescu
Packet Framework - Cristian DumitrescuPacket Framework - Cristian Dumitrescu
Packet Framework - Cristian Dumitrescuharryvanhaaren
 
Dpdk performance
Dpdk performanceDpdk performance
Dpdk performanceStephen Hemminger
 
Userspace networking
Userspace networkingUserspace networking
Userspace networkingStephen Hemminger
 
Virtual net performance
Virtual net performanceVirtual net performance
Virtual net performanceStephen Hemminger
 
Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)micchie
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.Naoto MATSUMOTO
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabMichelle Holley
 

Recommandé

Performance challenges in software networking
Performance challenges in software networkingPerformance challenges in software networking
Performance challenges in software networkingStephen Hemminger
 
Packet Framework - Cristian Dumitrescu
Packet Framework - Cristian DumitrescuPacket Framework - Cristian Dumitrescu
Packet Framework - Cristian Dumitrescuharryvanhaaren
 
Dpdk performance
Dpdk performanceDpdk performance
Dpdk performanceStephen Hemminger
 
Userspace networking
Userspace networkingUserspace networking
Userspace networkingStephen Hemminger
 
Virtual net performance
Virtual net performanceVirtual net performance
Virtual net performanceStephen Hemminger
 
Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)Recent advance in netmap/VALE(mSwitch)
Recent advance in netmap/VALE(mSwitch)micchie
 
How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.How to Speak Intel DPDK KNI for Web Services.
How to Speak Intel DPDK KNI for Web Services.Naoto MATSUMOTO
 
DPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabDPDK in Containers Hands-on Lab
DPDK in Containers Hands-on LabMichelle Holley
 
DPDK Summit 2015 - HP - Al Sanders
DPDK Summit 2015 - HP - Al SandersDPDK Summit 2015 - HP - Al Sanders
DPDK Summit 2015 - HP - Al SandersJim St. Leger
 
High Performance Networking Leveraging the DPDK and Growing Community
High Performance Networking Leveraging the DPDK and Growing CommunityHigh Performance Networking Leveraging the DPDK and Growing Community
High Performance Networking Leveraging the DPDK and Growing Community6WIND
 
mSwitch: A Highly-Scalable, Modular Software Switch
mSwitch: A Highly-Scalable, Modular Software SwitchmSwitch: A Highly-Scalable, Modular Software Switch
mSwitch: A Highly-Scalable, Modular Software Switchmicchie
 
100 M pps on PC.
100 M pps on PC.100 M pps on PC.
100 M pps on PC.Redge Technologies
 
Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDKKernel TLV
 
DPDK KNI interface
DPDK KNI interfaceDPDK KNI interface
DPDK KNI interfaceDenys Haryachyy
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsHisaki Ohara
 
Accelerate Service Function Chaining Vertical Solution with DPDK
Accelerate Service Function Chaining Vertical Solution with DPDKAccelerate Service Function Chaining Vertical Solution with DPDK
Accelerate Service Function Chaining Vertical Solution with DPDKOPNFV
 
DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...
DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...
DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...Jim St. Leger
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunheut2008
 
FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)Kirill Tsym
 
The n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkThe n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkmarkdgray
 
DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...
DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...
DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...Jim St. Leger
 
Accelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAccelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAlexander Shalimov
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support Hanoch Haim
 
DPDK Summit 2015 - RIFT.io - Tim Mortsolf
DPDK Summit 2015 - RIFT.io - Tim MortsolfDPDK Summit 2015 - RIFT.io - Tim Mortsolf
DPDK Summit 2015 - RIFT.io - Tim MortsolfJim St. Leger
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux KernelKernel TLV
 
PASTE: Network Stacks Must Integrate with NVMM Abstractions
PASTE: Network Stacks Must Integrate with NVMM AbstractionsPASTE: Network Stacks Must Integrate with NVMM Abstractions
PASTE: Network Stacks Must Integrate with NVMM Abstractionsmicchie
 
DPDK summit 2015: It's kind of fun to do the impossible with DPDK
DPDK summit 2015: It's kind of fun to do the impossible with DPDKDPDK summit 2015: It's kind of fun to do the impossible with DPDK
DPDK summit 2015: It's kind of fun to do the impossible with DPDKLagopus SDN/OpenFlow switch
 
Lagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus SDN/OpenFlow switch
 
6 networking
6 networking6 networking
6 networkingricharddxd
 
Linux Based DiffServ. Router
Linux Based DiffServ. RouterLinux Based DiffServ. Router
Linux Based DiffServ. RouterTarek Amr
 

Contenu connexe

Tendances

DPDK Summit 2015 - HP - Al Sanders
DPDK Summit 2015 - HP - Al SandersDPDK Summit 2015 - HP - Al Sanders
DPDK Summit 2015 - HP - Al SandersJim St. Leger
 
High Performance Networking Leveraging the DPDK and Growing Community
High Performance Networking Leveraging the DPDK and Growing CommunityHigh Performance Networking Leveraging the DPDK and Growing Community
High Performance Networking Leveraging the DPDK and Growing Community6WIND
 
mSwitch: A Highly-Scalable, Modular Software Switch
mSwitch: A Highly-Scalable, Modular Software SwitchmSwitch: A Highly-Scalable, Modular Software Switch
mSwitch: A Highly-Scalable, Modular Software Switchmicchie
 
Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDKKernel TLV
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsHisaki Ohara
 
Accelerate Service Function Chaining Vertical Solution with DPDK
Accelerate Service Function Chaining Vertical Solution with DPDKAccelerate Service Function Chaining Vertical Solution with DPDK
Accelerate Service Function Chaining Vertical Solution with DPDKOPNFV
 
DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...
DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...
DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...Jim St. Leger
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunheut2008
 
FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)Kirill Tsym
 
The n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkThe n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkmarkdgray
 
DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...
DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...
DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...Jim St. Leger
 
Accelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAccelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAlexander Shalimov
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support Hanoch Haim
 
DPDK Summit 2015 - RIFT.io - Tim Mortsolf
DPDK Summit 2015 - RIFT.io - Tim MortsolfDPDK Summit 2015 - RIFT.io - Tim Mortsolf
DPDK Summit 2015 - RIFT.io - Tim MortsolfJim St. Leger
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux KernelKernel TLV
 
PASTE: Network Stacks Must Integrate with NVMM Abstractions
PASTE: Network Stacks Must Integrate with NVMM AbstractionsPASTE: Network Stacks Must Integrate with NVMM Abstractions
PASTE: Network Stacks Must Integrate with NVMM Abstractionsmicchie
 
DPDK summit 2015: It's kind of fun to do the impossible with DPDK
DPDK summit 2015: It's kind of fun to do the impossible with DPDKDPDK summit 2015: It's kind of fun to do the impossible with DPDK
DPDK summit 2015: It's kind of fun to do the impossible with DPDKLagopus SDN/OpenFlow switch
 
Lagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus SDN/OpenFlow switch
 

Tendances (20)

DPDK Summit 2015 - HP - Al Sanders
DPDK Summit 2015 - HP - Al SandersDPDK Summit 2015 - HP - Al Sanders
DPDK Summit 2015 - HP - Al Sanders
 
High Performance Networking Leveraging the DPDK and Growing Community
High Performance Networking Leveraging the DPDK and Growing CommunityHigh Performance Networking Leveraging the DPDK and Growing Community
High Performance Networking Leveraging the DPDK and Growing Community
 
mSwitch: A Highly-Scalable, Modular Software Switch
mSwitch: A Highly-Scalable, Modular Software SwitchmSwitch: A Highly-Scalable, Modular Software Switch
mSwitch: A Highly-Scalable, Modular Software Switch
 
100 M pps on PC.
100 M pps on PC.100 M pps on PC.
100 M pps on PC.
 
Introduction to DPDK
Introduction to DPDKIntroduction to DPDK
Introduction to DPDK
 
DPDK KNI interface
DPDK KNI interfaceDPDK KNI interface
DPDK KNI interface
 
Intel DPDK Step by Step instructions
Intel DPDK Step by Step instructionsIntel DPDK Step by Step instructions
Intel DPDK Step by Step instructions
 
Accelerate Service Function Chaining Vertical Solution with DPDK
Accelerate Service Function Chaining Vertical Solution with DPDKAccelerate Service Function Chaining Vertical Solution with DPDK
Accelerate Service Function Chaining Vertical Solution with DPDK
 
DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...
DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...
DPDK Summit - 08 Sept 2014 - Futurewei - Jun Xu - Revisit the IP Stack in Lin...
 
Enable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zunEnable DPDK and SR-IOV for containerized virtual network functions with zun
Enable DPDK and SR-IOV for containerized virtual network functions with zun
 
FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)FD.io Vector Packet Processing (VPP)
FD.io Vector Packet Processing (VPP)
 
The n00bs guide to ovs dpdk
The n00bs guide to ovs dpdkThe n00bs guide to ovs dpdk
The n00bs guide to ovs dpdk
 
DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...
DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...
DPDK Summit - 08 Sept 2014 - 6WIND - High Perf Networking Leveraging the DPDK...
 
Accelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDKAccelerating Neutron with Intel DPDK
Accelerating Neutron with Intel DPDK
 
TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support TRex Realistic Traffic Generator - Stateless support
TRex Realistic Traffic Generator - Stateless support
 
DPDK Summit 2015 - RIFT.io - Tim Mortsolf
DPDK Summit 2015 - RIFT.io - Tim MortsolfDPDK Summit 2015 - RIFT.io - Tim Mortsolf
DPDK Summit 2015 - RIFT.io - Tim Mortsolf
 
VLANs in the Linux Kernel
VLANs in the Linux KernelVLANs in the Linux Kernel
VLANs in the Linux Kernel
 
PASTE: Network Stacks Must Integrate with NVMM Abstractions
PASTE: Network Stacks Must Integrate with NVMM AbstractionsPASTE: Network Stacks Must Integrate with NVMM Abstractions
PASTE: Network Stacks Must Integrate with NVMM Abstractions
 
DPDK summit 2015: It's kind of fun to do the impossible with DPDK
DPDK summit 2015: It's kind of fun to do the impossible with DPDKDPDK summit 2015: It's kind of fun to do the impossible with DPDK
DPDK summit 2015: It's kind of fun to do the impossible with DPDK
 
Lagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics WorkshopLagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
Lagopus presentation on 14th Annual ON*VECTOR International Photonics Workshop
 

En vedette

Linux Based DiffServ. Router
Linux Based DiffServ. RouterLinux Based DiffServ. Router
Linux Based DiffServ. RouterTarek Amr
 
Lession3 Routing
Lession3 RoutingLession3 Routing
Lession3 Routingleminhvuong
 
Linux Based Advanced Routing with Firewall and Traffic Control
Linux Based Advanced Routing with Firewall and Traffic ControlLinux Based Advanced Routing with Firewall and Traffic Control
Linux Based Advanced Routing with Firewall and Traffic Controlsandy_vasan
 
Linux – routing and firewall for beginners v 1.0
Linux – routing and firewall for beginners v 1.0Linux – routing and firewall for beginners v 1.0
Linux – routing and firewall for beginners v 1.0Sriram Narayanan
 

En vedette (7)

6 networking
6 networking6 networking
6 networking
 
Linux Based DiffServ. Router
Linux Based DiffServ. RouterLinux Based DiffServ. Router
Linux Based DiffServ. Router
 
Lession3 Routing
Lession3 RoutingLession3 Routing
Lession3 Routing
 
Linux Based Advanced Routing with Firewall and Traffic Control
Linux Based Advanced Routing with Firewall and Traffic ControlLinux Based Advanced Routing with Firewall and Traffic Control
Linux Based Advanced Routing with Firewall and Traffic Control
 
Linux routing and firewall for beginners
Linux routing and firewall for beginnersLinux routing and firewall for beginners
Linux routing and firewall for beginners
 
Linux – routing and firewall for beginners v 1.0
Linux – routing and firewall for beginners v 1.0Linux – routing and firewall for beginners v 1.0
Linux – routing and firewall for beginners v 1.0
 
Linux router
Linux routerLinux router
Linux router
 

Similaire à Integrating Linux routing with FusionCLI™

An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)Mario Cho
 
Harmonia open iris_basic_v0.1
Harmonia open iris_basic_v0.1Harmonia open iris_basic_v0.1
Harmonia open iris_basic_v0.1Yongyoon Shin
 
Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13Dan Wendlandt
 
Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxM.Qasim Arham
 
#IBMEdge: "Not all Networks are Equal"
#IBMEdge: "Not all Networks are Equal" #IBMEdge: "Not all Networks are Equal"
#IBMEdge: "Not all Networks are Equal" Brocade
 
Quantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxQuantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxOpenStack Foundation
 
Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenesinbroker
 
DockerCon17 - Beyond the backslash
DockerCon17 - Beyond the backslashDockerCon17 - Beyond the backslash
DockerCon17 - Beyond the backslashTaylor Brown
 
Quantum grizzly summit
Quantum grizzly summitQuantum grizzly summit
Quantum grizzly summitDan Wendlandt
 
OpenStack Quantum: Cloud Carrier Summit 2012
OpenStack Quantum: Cloud Carrier Summit 2012OpenStack Quantum: Cloud Carrier Summit 2012
OpenStack Quantum: Cloud Carrier Summit 2012Dan Wendlandt
 
OpenStack and OpenFlow Demos
OpenStack and OpenFlow DemosOpenStack and OpenFlow Demos
OpenStack and OpenFlow DemosBrent Salisbury
 
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...The Linux Foundation
 
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad IrzanIndonesia Network Operators Group
 

Similaire à Integrating Linux routing with FusionCLI™ (20)

An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)An Introduce of OPNFV (Open Platform for NFV)
An Introduce of OPNFV (Open Platform for NFV)
 
Harmonia open iris_basic_v0.1
Harmonia open iris_basic_v0.1Harmonia open iris_basic_v0.1
Harmonia open iris_basic_v0.1
 
Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13Openstack Quantum yahoo meetup 1 23-13
Openstack Quantum yahoo meetup 1 23-13
 
Osnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptxOsnug meetup-tungsten fabric - overview.pptx
Osnug meetup-tungsten fabric - overview.pptx
 
Simplify Networking for Containers
Simplify Networking for ContainersSimplify Networking for Containers
Simplify Networking for Containers
 
Iaas on xcp
Iaas on xcpIaas on xcp
Iaas on xcp
 
Contrail Enabler for agile cloud services
Contrail Enabler for agile cloud servicesContrail Enabler for agile cloud services
Contrail Enabler for agile cloud services
 
66 pf sensetutorial
66 pf sensetutorial66 pf sensetutorial
66 pf sensetutorial
 
66_pfSenseTutorial
66_pfSenseTutorial66_pfSenseTutorial
66_pfSenseTutorial
 
66_pfSenseTutorial
66_pfSenseTutorial66_pfSenseTutorial
66_pfSenseTutorial
 
#IBMEdge: "Not all Networks are Equal"
#IBMEdge: "Not all Networks are Equal" #IBMEdge: "Not all Networks are Equal"
#IBMEdge: "Not all Networks are Equal"
 
Quantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptxQuantum PTL Update - Grizzly Summit.pptx
Quantum PTL Update - Grizzly Summit.pptx
 
Neutron behind the scenes
Neutron behind the scenesNeutron behind the scenes
Neutron behind the scenes
 
DockerCon17 - Beyond the backslash
DockerCon17 - Beyond the backslashDockerCon17 - Beyond the backslash
DockerCon17 - Beyond the backslash
 
Quantum grizzly summit
Quantum grizzly summitQuantum grizzly summit
Quantum grizzly summit
 
Mellanox Approach to NFV & SDN
Mellanox Approach to NFV & SDNMellanox Approach to NFV & SDN
Mellanox Approach to NFV & SDN
 
OpenStack Quantum: Cloud Carrier Summit 2012
OpenStack Quantum: Cloud Carrier Summit 2012OpenStack Quantum: Cloud Carrier Summit 2012
OpenStack Quantum: Cloud Carrier Summit 2012
 
OpenStack and OpenFlow Demos
OpenStack and OpenFlow DemosOpenStack and OpenFlow Demos
OpenStack and OpenFlow Demos
 
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
XPDS13: Enabling Fast, Dynamic Network Processing with ClickOS - Joao Martins...
 
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
09 (IDNOG02) Services SDN & NFV Delivering more with less by Mochammad Irzan
 

Plus de Stephen Hemminger

Netem -emulating real networks in the lab
Netem -emulating real networks in the labNetem -emulating real networks in the lab
Netem -emulating real networks in the labStephen Hemminger
 
Linux Bridging: Teaching an old dog new tricks
Linux Bridging: Teaching an old dog new tricksLinux Bridging: Teaching an old dog new tricks
Linux Bridging: Teaching an old dog new tricksStephen Hemminger
 
Taking the Fear Out of Contributing
Taking the Fear Out of ContributingTaking the Fear Out of Contributing
Taking the Fear Out of ContributingStephen Hemminger
 
Virtual Network Performance Challenge
Virtual Network Performance ChallengeVirtual Network Performance Challenge
Virtual Network Performance ChallengeStephen Hemminger
 

Plus de Stephen Hemminger (10)

Staging driver sins
Staging driver sinsStaging driver sins
Staging driver sins
 
Netem -emulating real networks in the lab
Netem -emulating real networks in the labNetem -emulating real networks in the lab
Netem -emulating real networks in the lab
 
Untold story
Untold storyUntold story
Untold story
 
Llnw bufferbloat
Llnw bufferbloatLlnw bufferbloat
Llnw bufferbloat
 
Bufferbloat is alll Wet!
Bufferbloat is alll Wet!Bufferbloat is alll Wet!
Bufferbloat is alll Wet!
 
Linux Bridging: Teaching an old dog new tricks
Linux Bridging: Teaching an old dog new tricksLinux Bridging: Teaching an old dog new tricks
Linux Bridging: Teaching an old dog new tricks
 
Taking the Fear Out of Contributing
Taking the Fear Out of ContributingTaking the Fear Out of Contributing
Taking the Fear Out of Contributing
 
Virtual Network Performance Challenge
Virtual Network Performance ChallengeVirtual Network Performance Challenge
Virtual Network Performance Challenge
 
A Baker's dozen of TCP
A Baker's dozen of TCPA Baker's dozen of TCP
A Baker's dozen of TCP
 
Online tools
Online toolsOnline tools
Online tools
 

Dernier

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 

Dernier (20)

What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 

Integrating Linux routing with FusionCLI™

  • 1. Herding networking cats: Integrating Linux routing with FusionCLI™ Stephen Hemminger shemminger@vyatta.com
  • 2. Outline Introduction FusionCLI™ QoS configuration Issues
  • 3. My background OSDL – Linux Foundation Linux 2.5 network infrastructure → bridging TCP congestion control → netem → iproute Network performance → Marvell replacement drivers Vyatta Kernel performance Quality Of Service support
  • 4.
  • 5.
  • 6.
  • 7. Vyatta versions http://vyatta.org http://vyatta.com Free download Subscription livecd Update 2x year Update 4x year Community forums Software or Hardware Phone and Email Support Same source and features
  • 8. Vyatta Distribution Debian GNU/Linux Current version based on testing → lenny Linux kernel 2.6.24 + bugfix Filesystems: unionfs, squashfs Serial driver: wanpipe Additional packages CLI infrastructure Configuration templates Updated routing related packages Quagga, SNMP, SNORT, ...
  • 9.
  • 11. CLI Requirements Router look & feel Command completion Roles: Administrator, operator Configure mode Extensible Text based Language neutral Integrated with operating system
  • 12. Vyatta Proprietary Open System System Monolithic SW Graphical User Interface Network Apps FusionCLITM Internet Protocols WAN Optimization Open API Load Balancing Scalable Routing NW Functions Security Extensible Internet Protocols DHCP, NAT, Radius… Firewall, VPN Anti-X PBX Linux Kernel IDS Unique HW Massive open-source Standard HW ecosystem…
  • 14. Demo 1: Basic interface $ show interfaces  Interface    IP Address         State       Link   Description eth0         192.168.111.132/24 up          up eth1         ­                  up          up  lo           127.0.0.1/8        up          up   lo           ::1/128            up          up $ show interfaces et<tab>hernet <tab>    detail  eth0    eth1     $ show interfaces ethernet eth0  eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast  state UNKNOWN qlen 1000     link/ether 00:0c:29:f6:20:9e brd ff:ff:ff:ff:ff:ff     inet 192.168.111.132/24 brd 192.168.111.255 scope global eth0     inet6 fe80::20c:29ff:fef6:209e/64 scope link         valid_lft forever preferred_lft forever ...
  • 15. Template hierarchy /opt/vyatta/share/vyatta­op/templates/show/interfaces/ethernet |­­ detail |   `­­ node.def |­­ node.def `­­ node.tag     |­­ brief     |   `­­ node.def     |­­ capture     |   |­­ node.def     |   |­­ not     |   |   |­­ node.def     |   |   `­­ port     |   |       |­­ node.def     |   |       `­­ node.tag     |   |           `­­ node.def     |   `­­ port     |       |­­ node.def     |       `­­ node.tag     |           `­­ node.def     |­­ identify     |   `­­ node.def     |­­ node.def     |­­ physical     |   `­­ node.def
  • 16. Operational template show/interfaces/ethernet/node.tag/node.def help: Show specified ethernet interface information allowed: for dev in /sys/class/net/*;           do if [[ ­L $dev/device ]]             then if [[ $(cat $dev/type) ­eq 1 ]]                  then echo ­n ${dev##*/} " "                  fi             fi          done run: vyatta­show­interfaces.pl ­­intf="$4"
  • 17. Demo 2: Configuration $ configure [edit] # set interfaces ethernet eth0 description 'Vmware NAT' [edit] # show interfaces ethernet eth0  address dhcp +description "Vmware NAT"  hw­id 00:0c:29:f6:20:9e [edit] # mount ... unionfs on /opt/vyatta/config/tmp/new_config_5035 type unionfs     (rw,dirs=/tmp/changes_only_5035=rw:/opt/vyatta/config/active=r o) [edit] vyatta@vc3­1­3# commit
  • 18. Configuration templates multi: type: txt help: Set an IP address for this interface syntax:expression: exec "/opt/vyatta/sbin/vyatta­interfaces.pl      ­­valid­addr $VAR(@) ­­dev $VAR(../@)"     ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" update: /opt/vyatta/sbin/vyatta­interfaces.pl     ­­eth­addr­update $VAR(@) ­­dev $VAR(../@) delete: /opt/vyatta/sbin/vyatta­interfaces.pl      ­­eth­addr­delete $VAR(@) ­­dev $VAR(../@) allowed: echo "dhcp <>" comp_help:Possible completions:   <x.x.x.x/x> Set the IP address and prefix length   <h:h:h:h:h:h:h:h/x>   Set the IPv6 address and prefix length   dhcp Set the IP address and prefix length via DHCP
  • 19. Configuration save restore interfaces {     ethernet eth0 {         address dhcp         duplex auto         hw­id 00:0c:29:f6:20:9e         speed auto     }     loopback lo {     } } service {     ssh {         port 22         protocol­version v2     } }
  • 20.
  • 21. Quality of Service (QoS) usage models Real time services VOIP Network control plane BGP, OSPF, STP Fairness Throttle batch services P2P, backup,
  • 22. Vyatta QoS Organized by policy types Fair queue => sfq Traffic shaper => htb Drop tail => fifo Rate limiter => tbf Traffic limiter => ingress ...
  • 23. fair-queue # set qos­policy fair­queue fq [edit] # set interfaces ethernet eth0 qos­policy out fq [edit] # commit [edit] # run show queueing    Output queues: Interface  Qos­Policy             Sent    Dropped   Overlimit eth0       fair­queue             4578          0          0 eth1       default                 468          0          0
  • 24. fair-queue template set/qos-policy/fair-queue/node.def tag: type: txt help: Set fair queueing policy syntax:expression: pattern $VAR(@) "^[[:alnum:]][­_[:alnum:]]*$"                    ; "only alpha­numeric policy name allowed" update: /opt/vyatta/sbin/vyatta­qos.pl ­­create­policy "$VAR(.)"  "$VAR(@)" delete: /opt/vyatta/sbin/vyatta­qos.pl ­­delete­policy "$VAR(@)"
  • 25. Qos on Ethernet Interface set/interfaces/ethernet/node.tag/qos-policy/out/node.def type: txt help: Set outbound QOS policy for specified ethernet interface allowed: /opt/vyatta/sbin/vyatta­qos.pl ­­list­policy update: /opt/vyatta/sbin/vyatta­qos.pl  ­­update­interface $VAR(../../@) $VAR(.) $VAR(@) delete: /opt/vyatta/sbin/vyatta­qos.pl  ­­delete­interface $VAR(../../@) $VAR(.)
  • 26. Internals - perl code sub update_interface {     my ($interface, $direction, $name ) = @_;     my $config = new VyattaConfig;     ( $direction eq "out" ) or die "Only out direction  supported";     $config­>setLevel('qos­policy');     foreach my $type ( $config­>listNodes() ) {         if ( $config­>exists("$type $name") ) {           my $shaper = make_policy($config, $type, $name);           delete_interface($interface, $direction);           open my $out, "|­" or exec qw:sudo /sbin/tc ­batch ­:;           $shaper­>commands($out, $interface);           if (! close $out) {               delete_interface($interface, $direction);           }     }     die "Unknown qos­policy $namen"; }
  • 27. QoS traffic-shaper # edit qos­policy traffic­shaper lartc [edit qos­policy traffic­shaper lartc] # set class 2 bandwidth 100% [edit qos­policy traffic­shaper lartc] # set class 2 match www ip destination port 80 [edit qos­policy traffic­shaper lartc] # set class 3 bandwidth 3mbit [edit qos­policy traffic­shaper lartc] # set class 3 ceiling 5mbit   [edit qos­policy traffic­shaper lartc] # set class 3 match smtp ip destination port 25 [edit qos­policy traffic­shaper lartc] # exit
  • 28. Traffic-shaper continue [edit] # commit qos­policy traffic­shaper lartc configuration not complete: missing  default class Commit failed # set qos­policy traffic­shaper lartc default bandwidth 1 [edit] # commit [edit] # set interfaces ethernet eth0 qos­policy out
  • 29. Result # run show queueing ethernet eth0          eth0 Output queue: Class      Qos­Policy             Sent    Dropped   Overlimit 1:        traffic­shaper        11438          0          0   4       fair­queue            11438          0          0   2       fair­queue                0          0          0   3       fair­queue                0          0          0 [edit]
  • 30. Issues Developer documentation Linux Kongress paper Watch this space Vyatta ↔ Linux management Vyatta config ignores other changes CLI stays loosely coupled Vyatta package changes Every distribution is a fork All changes are fed to upstream
  • 31. SPC-FLOSS: orphaned projects Users want support for orphaned projects Multicast routing MPLS RSTP IPV6
  • 32. Future Richer features QoS+, bonding, … GUI Multi-queue Performance

Notes de l'éditeur

  1. Today, I am going to talk about Vyatta&apos;s Command Line Interface. The CLI tries to integrate existing Linux projects which as they say in the US is a bit like herding cats.. Maybe that is a US expression so let me explain...
  2. Vyatta Debian mirror repository Does include all the networking packages on livecd Does not include X / Gnome /KD Can use packages from Debian except overlaps.
  3. Start with Linux + ipv6 + serial + bonding + bridging + vlan + QoS + Quagga + Snort + clam + ...
  4. Command completion with TAB and ? Admin is like root Operator is the guy you only partially trust Vyatta has 4 modes: root, admin, operator, normal
  5. IOS is monolithic. Not extensible Explain layers Marketing != reality
  6. Use slogin to VM Show system kernel-messages Cd /opt/vyatta/share/vyatta-op/templates Cat show/kernel-messages/node.def (Explain template hierarchy and run tag) Show interfaces ethernet eth0 Cat show/interfaces/ethernet/node.tag/node.def (Explain tag nodes and allowed, etc)
  7. Cd # home Show how values are stored Show how snapshots are done; mount Emphasize that this is internals (like .git) Explain save/load If that was all CLI could do this would be...
  8. Use QoS as example, most familiar to me, less to audience
  9. Mapping from policy to internals
  10. Example from LARTC, Linux server with total of 10Mbit available bandwidth. You want to limit webserver traffic to 5Mbit, SMTP traffic to 3Mbit and everything else (unclassified traffic) to 1Kbit. In case there is unused bandwidth, you want to share it between SMTP and unclassified traffic. The &amp;quot;total bandwidth&amp;quot; implies one top-level class with maximum bandwidth of 5Mbit. Under the top-level class, there are three child classes. set qos-policy traffic-shaper lartc bandwidth 10mbit edit qos-policy traffic-shaper lartc set class 2 bandwidth 50% set class 2 match www ip destination port 80 set class 3 bandwidth 3mbit set class 3 ceiling 100% set class 3 match smtp ip destination port 25 Commit # Fix missing default bandwidth class for unclassified traffic is allowed to use 1K but must not exceed 5Mbit. set default bandwidth 1 set default ceiling 5mbit Exit # edit mode commit # Apply to eth0 set interfaces ethernet eth0 qos-policy out lartc commit
  11. These are projects customers want, but upstream project is abandoned IPV6 is not really abandoned but we want to make sure it has a good home after the end of the WIDE project
  12. Current release (3.1.3) aka Hollywood is finally out GUI is in next release along with lots more little pieces Excited about opportunity offered by MQ...