From: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
To: Jason Wang <jasowang@redhat.com>, qemu devel <qemu-devel@nongnu.org>
Cc: zhanghailiang <zhang.zhanghailiang@huawei.com>,
Li Zhijian <lizhijian@cn.fujitsu.com>,
Gui jianfeng <guijianfeng@cn.fujitsu.com>,
"eddie.dong" <eddie.dong@intel.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
Huang peng <peter.huangpeng@huawei.com>,
Gong lei <arei.gonglei@huawei.com>,
Stefan Hajnoczi <stefanha@redhat.com>,
jan.kiszka@siemens.com,
Yang Hongyang <hongyang.yang@easystack.cn>
Subject: Re: [Qemu-devel] [RFC PATCH v2 00/10] Add colo-proxy based on netfilter
Date: Wed, 20 Jan 2016 11:29:41 +0800 [thread overview]
Message-ID: <569EFF25.2020804@cn.fujitsu.com> (raw)
In-Reply-To: <569CB08F.4030607@redhat.com>
> Sure.
>
> Two main comments/suggestions:
>
> - TCP analysis is missed in current version, maybe you point a git tree
> (or another version of RFC) to me for a better understanding of the
> design. (Just a skeleton for TCP should be sufficient to discuss).
> - I prefer to make the code as reusable as possible. So it's better to
> split/decouple the reusable parts from the codes. So a vague idea is:
>
> 1) Decouple the packet comparing from the netfilter. You've achieved
> this 99% since the work has been done in a thread. Just let the thread
> poll sockets directly, then the comparing have the possibility to be
> reused by other kinds of dataplane.
> 2) Implement traffic mirror/redirector as filter.
> 3) Implement TCP seq rewriting as a filter.
>
> Then, in primary node, you need just a traffic mirror, which did:
> - mirror ingress traffic to secondary node
> - mirror outgress traffic to packet comparing thread
>
> And in secondadry node, you need two filters:
> - A TCP seq rewriter which adjust tcp sequence number.
> - A traffic redirector which redirect packet from a socket as ingress
> traffic, and redirect outgress traffic to the socket which could be
> polled by remote packet comparing thread.
>
> Thoughts?
>
> Thanks
>
>> Thanks
>> zhangchen
>
Hi, Jason.
We consider your suggestion to split/decouple
the reusable parts from the codes.
Due to filter plugin are traversed one by one in order
we will split colo-proxy to three filters in each side.
But in this plan,primary and secondary both have socket
server,startup is a problem.
Primary qemu Secondary qemu
+----------------------------------------------------------+ +-----------------------------------------------------------+
| +-----------------------------------------------------+ | | +------------------------------------------------------+ |
| | | | | | | |
| | guest | | | | guest | |
| | | | | | | |
| +-----------^--------------+--------------------------+ | | +---------------------+--------+-----------------------+ |
| | | | | ^ | |
| | | | | | | |
| +-------------------------------------------------+ | | | |
| netfilter | | | | | netfilter | | |
| +-----------------------------------------------------+ | | | +------------------------------------------------------+ |
| | | | filter excute order | | | | | | | filter excute order | |
| | | | +-------------------> | | | | | | | +-------------------> | |
| | | | | | | | | | | TCP | |
| | +---------+-+ +------v-----+ +----+ +-----+ | | | | | +-----------+ +---+----+---v+rewriter+ +--------+ | |
| | | | | | | | | | | | | | | | | | | | | |
| | | mirror | | redirect +----> compare | | | +--------> mirror +---> adjust | adjust +-->redirect| | |
| | | client | | server | | | | | | | | server | | ack | seq | |client | | |
| | | | | | | | | | | | | | | | | | | | |
| | +----^------+ +----^-------+ +-----+------+ | | | | +-----------+ +--------+-------------+ +----+---+ | |
| | | tx | rx | rx | | | | tx all | rx | |
| +-----------------------------------------------------+ | | +------------------------------------------------------+ |
| | +-------------------------------------------------------------------------------------------+ |
| | | | | |
+----------------------------------------------------------+ +-----------------------------------------------------------+
| |
|guest receive |guest send
| |
+--------+------------------------------------v------------+
| |
| |
| tap | NOTE: filter direction is rx/tx/all
| | rx:receive packets sent to the netdev
| | tx:receive packets sent by the netdev
+----------------------------------------------------------+
guest recv packet route
primary
tap --> mirror client filter
mirror client will send packet to guest,at the
same time, copy and forward packet to secondary
mirror server.
secondary
mirror server filter --> TCP rewriter
if recv packet is TCP packet,we will adjust ack
and update TCP checksum, then send to secondary
guest. else directly send to guest.
guest send packet route
primary
guest --> redirect server filter
redirect server filter recv primary guest packet
but do nothing, just pass to next filter.
redirect server filter --> compare filter
compare filter recv primary guest packet then
waiting scondary redirect packet to compare it.
if packet same,send primary packet and clear secondary
packet, else send primary packet and do
checkpoint.
secondary
guest --> TCP rewriter filter
if the packet is TCP packet,we will adjust seq
and update TCP checksum. then send it to
redirect client filter. else directly send to
redirect client filter.
redirect client filter --> redirect server filter
forward packet to primary
In failover scene(primary is down), the TCP rewriter will keep servicing
for the TCP connection which is established after the last checkpoint。
How about this plan?
> .
>
--
Thanks
zhangchen
next prev parent reply other threads:[~2016-01-20 3:30 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-22 10:42 [Qemu-devel] [RFC PATCH v2 00/10] Add colo-proxy based on netfilter Zhang Chen
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 01/10] Init colo-proxy object " Zhang Chen
2016-01-15 18:21 ` Dr. David Alan Gilbert
2016-01-18 7:08 ` Zhang Chen
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 02/10] Jhash: add linux kernel jhashtable in qemu Zhang Chen
2016-01-08 12:08 ` Dr. David Alan Gilbert
2016-01-11 1:49 ` Zhang Chen
2016-01-11 12:50 ` Dr. David Alan Gilbert
2016-01-12 1:58 ` Zhang Chen
2016-01-12 8:58 ` Dr. David Alan Gilbert
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 03/10] Colo-proxy: add colo-proxy framework Zhang Chen
2016-02-19 19:57 ` Dr. David Alan Gilbert
2016-02-22 3:04 ` Zhang Chen
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 04/10] Colo-proxy: add data structure and jhash func Zhang Chen
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 05/10] net/colo-proxy: Add colo interface to use proxy Zhang Chen
2016-02-19 19:58 ` Dr. David Alan Gilbert
2016-02-22 3:08 ` Zhang Chen
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 06/10] net/colo-proxy: add socket used by forward func Zhang Chen
2016-02-19 20:01 ` Dr. David Alan Gilbert
2016-02-22 5:51 ` Zhang Chen
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 07/10] net/colo-proxy: Add packet enqueue & handle func Zhang Chen
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 08/10] net/colo-proxy: Handle packet and connection Zhang Chen
2016-02-19 20:04 ` Dr. David Alan Gilbert
2016-02-22 6:41 ` Zhang Chen
2016-02-22 19:54 ` Dr. David Alan Gilbert
2016-02-23 17:58 ` Dr. David Alan Gilbert
2016-02-24 2:01 ` Zhang Chen
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 09/10] net/colo-proxy: Compare pri pkt to sec pkt Zhang Chen
2016-02-19 20:07 ` Dr. David Alan Gilbert
2015-12-22 10:42 ` [Qemu-devel] [RFC PATCH v2 10/10] net/colo-proxy: Colo-proxy do checkpoint and clear Zhang Chen
2015-12-29 6:31 ` [Qemu-devel] [RFC PATCH v2 00/10] Add colo-proxy based on netfilter Zhang Chen
2015-12-29 6:58 ` Jason Wang
2015-12-29 7:08 ` Zhang Chen
2015-12-31 2:36 ` Jason Wang
2015-12-31 8:02 ` Li Zhijian
2016-01-04 2:08 ` Jason Wang
2015-12-31 8:40 ` Zhang Chen
2016-01-04 5:37 ` Jason Wang
2016-01-04 8:16 ` Zhang Chen
2016-01-04 9:46 ` Jason Wang
2016-01-04 11:17 ` Zhang Chen
2016-01-06 5:16 ` Jason Wang
2016-01-18 7:05 ` Zhang Chen
2016-01-18 9:29 ` Jason Wang
2016-01-20 3:29 ` Zhang Chen [this message]
2016-01-20 6:54 ` Jason Wang
2016-01-20 7:44 ` Wen Congyang
2016-01-20 9:20 ` Jason Wang
2016-01-20 9:49 ` Wen Congyang
2016-01-20 10:03 ` Jason Wang
2016-01-20 10:34 ` Wen Congyang
2016-01-22 5:33 ` Jason Wang
2016-01-22 5:57 ` Wen Congyang
2016-01-20 10:01 ` Wen Congyang
2016-01-20 10:19 ` Jason Wang
2016-01-20 10:30 ` Wen Congyang
2016-01-22 3:15 ` Jason Wang
2016-01-22 3:28 ` Wen Congyang
2016-01-22 5:41 ` Jason Wang
2016-01-22 5:56 ` Wen Congyang
2016-01-22 6:21 ` Jason Wang
2016-01-22 6:47 ` Wen Congyang
2016-01-22 7:42 ` Jason Wang
2016-01-22 7:46 ` Wen Congyang
2016-01-27 15:22 ` Eric Blake
2016-01-04 16:52 ` Dr. David Alan Gilbert
2016-01-06 5:20 ` Jason Wang
2016-01-06 9:10 ` Dr. David Alan Gilbert
2016-01-08 11:19 ` Dr. David Alan Gilbert
2016-01-11 1:30 ` Zhang Chen
2016-01-11 12:59 ` Dr. David Alan Gilbert
2016-01-12 7:32 ` Zhang Chen
2016-02-29 20:04 ` Dr. David Alan Gilbert
2016-03-01 2:39 ` Li Zhijian
2016-03-01 10:48 ` Dr. David Alan Gilbert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=569EFF25.2020804@cn.fujitsu.com \
--to=zhangchen.fnst@cn.fujitsu.com \
--cc=arei.gonglei@huawei.com \
--cc=dgilbert@redhat.com \
--cc=eddie.dong@intel.com \
--cc=guijianfeng@cn.fujitsu.com \
--cc=hongyang.yang@easystack.cn \
--cc=jan.kiszka@siemens.com \
--cc=jasowang@redhat.com \
--cc=lizhijian@cn.fujitsu.com \
--cc=peter.huangpeng@huawei.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
--cc=zhang.zhanghailiang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.