[Search] [txt|pdfized|bibtex] [Tracker] [Email] [Diff1] [Diff2] [Nits]
Versions: 00 01                                                         
INTERNET-DRAFT                                                T. Herbert
Intended Status: Informational                                  Facebook


                                                       February 29, 2016


                   Remote checksum offload for VXLAN
                       draft-herbert-vxlan-rco-01


Abstract

   This specification describes remote checksum offload for VXLAN.
   Remote checksum offload is a mechanism that provides checksum offload
   of transport checksums in encapsulated packets using rudimentary
   offload capabilities found in most Network Interface Card (NIC)
   devices. The outer UDP checksum is enabled on transmit and, with some
   additional meta data, a receiver is able to deduce the checksum to be
   set in an encapsulated packet. Effectively this offloads the
   computation of the inner checksum which can be a significant
   performance optimization. Enabling the UDP checksum has the
   additional advantage that it covers more of the packet including the
   IP pseudo header and virtual network identifier.

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as
   Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html


Copyright and License Notice



Herbert                Expires September 1, 2016                [Page 1]


INTERNET DRAFT     Remote checksum offload for VXLAN   February 29, 2016


   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document. Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.



Table of Contents

   1  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . .  3
   2 Remote checksum offload for VXLAN  . . . . . . . . . . . . . . .  3
     2.1 Header format  . . . . . . . . . . . . . . . . . . . . . . .  3
     2.2 Transmitter operation  . . . . . . . . . . . . . . . . . . .  4
     2.3 Receiver operation . . . . . . . . . . . . . . . . . . . . .  4
   3  Security Considerations . . . . . . . . . . . . . . . . . . . .  6
   4  IANA Considerations . . . . . . . . . . . . . . . . . . . . . .  6
   5  References  . . . . . . . . . . . . . . . . . . . . . . . . . .  6
     5.1  Normative References  . . . . . . . . . . . . . . . . . . .  6
     5.2  Informative References  . . . . . . . . . . . . . . . . . .  6
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . .  6























Herbert                Expires September 1, 2016                [Page 2]


INTERNET DRAFT     Remote checksum offload for VXLAN   February 29, 2016


1  Introduction

   Remote checksum offload is a mechanism that uses rudimentary NIC
   offload features to support offloading checksum calculation of
   encapsulated packets. The background and motivation for remote
   checksum offload is presented in [RCO].

   In this specification we describe remote checksum offload for VXLAN
   [RFC7348]. In this design the UDP [RFC0768] checksum is enabled on
   transmit, and optional data conveyed in the VXLAN header specifies
   the location of the checksum field being offloaded and its starting
   point for computation. Upon receipt, after the UDP checksum is
   verified, the receiver sets the offloaded checksum field per the
   computed packet checksum and the data in the header.

   This design should also be compatible with VXLAN-GPE [VXLANGPE].

2 Remote checksum offload for VXLAN

   This section describes remote checksum offload for VXLAN.

2.1 Header format

   VXLAN header with remote checksum data:

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |R|R|R|R|I|R|R|R|R|R|C|              Reserved                   |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |           VXLAN Network Identifier (VNI)      |O| Csum start  |
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

      o C bit: Remote checksum offload bit. When set indicates that the
        remote checksum offload data is present.

      o O bit: Offset bit. Indicates the checksum offset relative to
        checksum start. Two offsets are supported corresponding to TCP
        [RFC0793] and UDP [RFC0768].

           O = 1 indicates checksum offset is checksum start + 6 (UDP)

           O = 0 indicates checksum offset is checksum start + 16 (TCP)

      o Csum start: Checksum start divided by two. Checksum start is
        relative to the the first byte of the encapsulated packet. Note
        that only even offsets are supported and that the maximum value
        is 254. This typically refers to the offset of a transport



Herbert                Expires September 1, 2016                [Page 3]


INTERNET DRAFT     Remote checksum offload for VXLAN   February 29, 2016


        header.

   The remote checksum data is encoded within the eight reserved bits of
   the VXLAN header that follow the VNI. A flag bit is allocated to
   indicate the presence of the remote checksum data.

2.2 Transmitter operation

   The typical actions to set remote checksum offload on transmit are:

      1) Transport layer creates a packet and indicates in internal
         packet meta data that checksum is to be offloaded to the NIC
         (normal transport layer processing for checksum offload). The
         checksum field is populated with the bitwise "not" of the
         checksum of the pseudo header.

      2) VXLAN header is added to the packet to do encapsulation. If the
         transport checksum is for UDP or TCP, checksum start is even,
         and checksum start relative to start of the payload is <= 254,
         then remote checksum offload may be used. To set remote
         checksum offload the C bit is set, the O bit is set for a UDP
         offset or cleared for a TCP offset, and checksum start value
         divided by two is set in the csum start field.

      3) Encapsulation layer arranges for NIC checksum offload of the
         outer UDP header checksum. This supersedes the settings to
         offload the inner packet's transport checksum.

      4) Packet is sent to the NIC. The NIC will perform transmit
         checksum offload and set the checksum field in the outer UDP
         header. The inner header and rest of the packet are transmitted
         without modification.

2.3 Receiver operation

   The typical actions a VXLAN receiver does to support remote checksum
   offload are:

      1) Receive packet and validate outer checksum following normal
         processing (ie. validate non-zero UDP checksum).

      2) Deduce full checksum for the IP packet. This is directly
         provided if a device returns the packet checksum in checksum-
         complete or checksum-unnecessary conversion can be done.

      3) If the C bit is set, remote checksum offload is enabled.
         Checksum start is csum start value times two. If O bit is set
         then checksum offset is checksum start + 6, else it is checksum



Herbert                Expires September 1, 2016                [Page 4]


INTERNET DRAFT     Remote checksum offload for VXLAN   February 29, 2016


         start + 16.

      4) From the packet checksum, subtract the checksum computed from
         the start of the packet (outer IP header) to the offset in the
         packet indicted by checksum start. The result is the deduced
         checksum to set in the checksum field of the encapsulated
         transport packet.

      5) Write the resultant checksum value into the packet at the
         offset provided by checksum offset.

      6) Adjust the saved packet checksum to account for changing the
         checksum field within the packet.

      7) Checksum is verified at the transport layer using normal
         processing. This should not require any checksum computation
         over the packet since the complete checksum has already been
         provided.

   Steps 3,4,5, and 6 in pseudo code:

        packet_csum: checksum computed by receiver covering the start
          of the packet (outer IP header) to the end of the packet

        start_of_packet: memory address of start of packet

        offset_encap_payload: offset of encapsulation payload relative
          to start_of_packet

        csum_start: value of csum start field

        o_bit: value of the O bit

        checksum(start, len): function to compute checksum from start
          address for len bytes

        // Derive the start and offset values
        start = csum_start * 2
        if (o_bit)
            offset = start + 6
        else
            offset = start + 16

        // Compute packet checksum starting from checksum start value
        // (1's complement arithmetic)
        csum = packet_csum - checksum(start_of_packet,
                                     offset_encap_payload + start)




Herbert                Expires September 1, 2016                [Page 5]


INTERNET DRAFT     Remote checksum offload for VXLAN   February 29, 2016


        // Set derived checksum in the checksum field
        old = *(start_of_packet + offset_encap_payload + offset)
        *(start_of_packet + offset_encap_payload + offset) = csum

        // Adjust packet checksum (1's complement arithmetic)
        packet_csum += (csum - old)

3  Security Considerations

   Remote checksum offload should not impact protocol security.

4  IANA Considerations

   There are no IANA considerations in this specification. Remote
   checksum offload requires a one VXLAN reserved bit and use of the
   eight reserved bits after the VNI.

5  References

5.1  Normative References

   [RFC7348]  Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger,
              L., Sridhar, T., Bursell, M., and C. Wright, "Virtual
              eXtensible Local Area Network (VXLAN): A Framework for
              Overlaying Virtualized Layer 2 Networks over Layer 3
              Networks", RFC 7348, August 2014, <http://www.rfc-
              editor.org/info/rfc7348>.

   [RFC0768]  Postel, J., "User Datagram Protocol", STD 6, RFC 768,
              August 1980.

   [RFC0793]  Postel, J., "Transmission Control Protocol", STD 7, RFC
              793, September 1981.

5.2  Informative References

   [RCO]      Herbert T., "Remote checksum offload", draft-herbert-
              remotecsumoffload-02.

   [VXLANGPE] Quinn P. and et al.,  "Generic Protocol Extension for
              VXLAN", draft-quinn-vxlan-gpe-04.txt

Authors' Addresses

   Tom Herbert
   Facebook
   1 Hacker Way
   Menlo Park, CA



Herbert                Expires September 1, 2016                [Page 6]


INTERNET DRAFT     Remote checksum offload for VXLAN   February 29, 2016


   US

   EMail: tom@herbertland.com
















































Herbert                Expires September 1, 2016                [Page 7]