airvantage / sbulb Goto Github PK
View Code? Open in Web Editor NEWUDP load balancer prototype using bcc (XDP/Bpf)
UDP load balancer prototype using bcc (XDP/Bpf)
This idea is either to use ipv4 or ipv6 for real and virtual server but not both at same time
Meaning that you can have a virtual v4 ip and real server v6 ips or vice&versa.
When systemd launches a daemon (such as ulb.py) it does not wait to see if there was an error after the process was launched. Thus, even the bpf code compilation failed, systemd will start the dependents services as if everything was ok.
To solve this issue, ulb.py simply needs to call /bin/systemd-notify --ready
to signal it is ready to accept connections.
The idea is to use DTLS connection ID to be able to load-balance traffic.
This idea is more detailed here.
The load balancer store the associations in a LRU map.
For each association an entry foreing peer+port
=> real server
is created.
The number of entries allowed for this LRU map must be configurable.
Hello, in your code, only the checksum of the udp modification target ip is recalculated. If I change the source ip:port of this packet, and also modify the destination ip:port, how can I compute the checksum efficiently? My current implementation is to use a for loop to calculate the checksum on the packet, but it feels very inefficient.
See #18 (comment) for more details.
Remove unused code, cleaning warning, add some documentation, fix TODO ...
(#1 is related to this issue)
The idea would be to :
The targeted setting is mainly all about real server, to be able to handle real server redeployment.
The RFC 791 says :
The Options provide for control functions needed or useful in some
situations but unnecessary for the most common communications. The
options include provisions for timestamps, security, and special
routing.
Here is the iana list of IP options.
My guess is that we don't need to support that.
Katran does not support that too.
Move repository to https://github.com/AirVantage organization.
Maybe before we need to choose and open-source license before...
For now this is now clear which license we can use with bpf and maybe bcc already choose a license for us ...
Currently the algorithm to dispatch traffic is very simple.
It's just a simple circular rotation :
To do that we need a state : the last(or next) real server used.
The idea of "doing a random pick" was raised. This way we could remove the state.
We could investigate this.
Maybe we can use : bpf_get_prandom_u32
helper function.
This issue aims to centralize all possible amelioration about current logging facilities (#22):
print
if
to improve performance ? we should first find a way to measure performance !To make sbulb more reactive to configuration changes, we should listen to a signal (typically HUP) that would trigger configuration reloading.
RFC 791 says:
Fragmentation of an internet datagram is necessary when it
originates in a local net that allows a large packet size and must
traverse a local net that limits packets to a smaller size to reach
its destination.
My guess is that we don't need to support that.
Katran does not support that too.
i have this issue even though i have installed bcc in ubuntu
Traceback (most recent call last):
File "/usr/lib/python3.6/runpy.py", line 183, in _run_module_as_main
mod_name, mod_spec, code = _get_module_details(mod_name, _Error)
File "/usr/lib/python3.6/runpy.py", line 142, in _get_module_details
return _get_module_details(pkg_main_name, error)
File "/usr/lib/python3.6/runpy.py", line 109, in _get_module_details
import(pkg_name)
File "/home/alla/Bureau/loadbalancer/sbulb/sbulb/init.py", line 2, in
from bcc import BPF
ImportError: cannot import name 'BPF'
Logs will just be print on standard output.
4 levels logs : NONE / ERROR / DEBUG / TRACE
NONE : nothing printed
ERROR : for unexpected state
DEBUG : ERROR + all packet unmodified packet.
TRACE : DEBUG + all modified packet.
(can not be changed without restart)
It seems this could be possible to create python unit tests for bpf/XDP thanks to bpf: program testing framework
Here some example based on bcc/scapy.
Linux Observability with BPF: Advanced Programming for Performance Analysis and Networking book (by David Calavera, Lorenzo Fontana) contains also some hints.
To facilitate refactoring, maybe it could make sense to use type hints to allow us to static type checking.
see :
From README.md:
For egress traffic :
clientip:port/realserverip
association.clientip:port
)My feeling is, that the drop in the second cause trouble. Doesn't that depend on the server sending it? If it's the "associated one", then the packet should pass as in the third.
The IP header contains a TTL field (see RFC 791):
This field indicates the maximum time the datagram is allowed to
remain in the internet system. If this field contains the value
zero, then the datagram must be destroyed. This field is modified
in internet header processing. The time is measured in units of
seconds, but since every module that processes a datagram must
decrease the TTL by at least one even if it process the datagram in
less than a second, the TTL must be thought of only as an upper
bound on the time a datagram may exist. The intention is to cause
undeliverable datagrams to be discarded, and to bound the maximum
datagram lifetime.
The wikipedia explanation is maybe better :
The time-to-live value can be thought of as an upper bound on the time that an IP datagram can exist in an Internet system. The TTL field is set by the sender of the datagram, and reduced by every router on the route to its destination. If the TTL field reaches zero before the datagram arrives at its destination, then the datagram is discarded and an Internet Control Message Protocol (ICMP) error datagram (11 - Time Exceeded) is sent back to the sender. The purpose of the TTL field is to avoid a situation in which an undeliverable datagram keeps circulating on an Internet system, and such a system eventually becoming swamped by such "immortals".
We can consider sbulb as a router, so If we want to be a good internet citizen we should update TTL field and discard packet if needed. This part should be easy to implement.
About sending an ICMP packet, I don't know if this is easy maybe we can just let the Linux kernel do that ? (return XDP_PASS)
For now this is now clear which license we can use with bpf and maybe bcc already choose a license for us ...
For egress traffic, if we find an association we must ensure that real server is still alive.
Currently we recalculate all the IP checksum, we could be better using : https://tools.ietf.org/html/rfc1624 like we do for UDP checksum update.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.