INTERNET-DRAFT T. Herbert
Intended Status: Informational Facebook
February 29, 2016
Remote checksum offload for VXLAN
draft-herbert-vxlan-rco-01
Abstract
This specification describes remote checksum offload for VXLAN.
Remote checksum offload is a mechanism that provides checksum offload
of transport checksums in encapsulated packets using rudimentary
offload capabilities found in most Network Interface Card (NIC)
devices. The outer UDP checksum is enabled on transmit and, with some
additional meta data, a receiver is able to deduce the checksum to be
set in an encapsulated packet. Effectively this offloads the
computation of the inner checksum which can be a significant
performance optimization. Enabling the UDP checksum has the
additional advantage that it covers more of the packet including the
IP pseudo header and virtual network identifier.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Copyright and License Notice
Herbert Expires September 1, 2016 [Page 1]
INTERNET DRAFT Remote checksum offload for VXLAN February 29, 2016
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2 Remote checksum offload for VXLAN . . . . . . . . . . . . . . . 3
2.1 Header format . . . . . . . . . . . . . . . . . . . . . . . 3
2.2 Transmitter operation . . . . . . . . . . . . . . . . . . . 4
2.3 Receiver operation . . . . . . . . . . . . . . . . . . . . . 4
3 Security Considerations . . . . . . . . . . . . . . . . . . . . 6
4 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6
5 References . . . . . . . . . . . . . . . . . . . . . . . . . . 6
5.1 Normative References . . . . . . . . . . . . . . . . . . . 6
5.2 Informative References . . . . . . . . . . . . . . . . . . 6
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 6
Herbert Expires September 1, 2016 [Page 2]
INTERNET DRAFT Remote checksum offload for VXLAN February 29, 2016
1 Introduction
Remote checksum offload is a mechanism that uses rudimentary NIC
offload features to support offloading checksum calculation of
encapsulated packets. The background and motivation for remote
checksum offload is presented in [RCO].
In this specification we describe remote checksum offload for VXLAN
[RFC7348]. In this design the UDP [RFC0768] checksum is enabled on
transmit, and optional data conveyed in the VXLAN header specifies
the location of the checksum field being offloaded and its starting
point for computation. Upon receipt, after the UDP checksum is
verified, the receiver sets the offloaded checksum field per the
computed packet checksum and the data in the header.
This design should also be compatible with VXLAN-GPE [VXLANGPE].
2 Remote checksum offload for VXLAN
This section describes remote checksum offload for VXLAN.
2.1 Header format
VXLAN header with remote checksum data:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|R|R|R|R|I|R|R|R|R|R|C| Reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| VXLAN Network Identifier (VNI) |O| Csum start |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
o C bit: Remote checksum offload bit. When set indicates that the
remote checksum offload data is present.
o O bit: Offset bit. Indicates the checksum offset relative to
checksum start. Two offsets are supported corresponding to TCP
[RFC0793] and UDP [RFC0768].
O = 1 indicates checksum offset is checksum start + 6 (UDP)
O = 0 indicates checksum offset is checksum start + 16 (TCP)
o Csum start: Checksum start divided by two. Checksum start is
relative to the the first byte of the encapsulated packet. Note
that only even offsets are supported and that the maximum value
is 254. This typically refers to the offset of a transport
Herbert Expires September 1, 2016 [Page 3]
INTERNET DRAFT Remote checksum offload for VXLAN February 29, 2016
header.
The remote checksum data is encoded within the eight reserved bits of
the VXLAN header that follow the VNI. A flag bit is allocated to
indicate the presence of the remote checksum data.
2.2 Transmitter operation
The typical actions to set remote checksum offload on transmit are:
1) Transport layer creates a packet and indicates in internal
packet meta data that checksum is to be offloaded to the NIC
(normal transport layer processing for checksum offload). The
checksum field is populated with the bitwise "not" of the
checksum of the pseudo header.
2) VXLAN header is added to the packet to do encapsulation. If the
transport checksum is for UDP or TCP, checksum start is even,
and checksum start relative to start of the payload is <= 254,
then remote checksum offload may be used. To set remote
checksum offload the C bit is set, the O bit is set for a UDP
offset or cleared for a TCP offset, and checksum start value
divided by two is set in the csum start field.
3) Encapsulation layer arranges for NIC checksum offload of the
outer UDP header checksum. This supersedes the settings to
offload the inner packet's transport checksum.
4) Packet is sent to the NIC. The NIC will perform transmit
checksum offload and set the checksum field in the outer UDP
header. The inner header and rest of the packet are transmitted
without modification.
2.3 Receiver operation
The typical actions a VXLAN receiver does to support remote checksum
offload are:
1) Receive packet and validate outer checksum following normal
processing (ie. validate non-zero UDP checksum).
2) Deduce full checksum for the IP packet. This is directly
provided if a device returns the packet checksum in checksum-
complete or checksum-unnecessary conversion can be done.
3) If the C bit is set, remote checksum offload is enabled.
Checksum start is csum start value times two. If O bit is set
then checksum offset is checksum start + 6, else it is checksum
Herbert Expires September 1, 2016 [Page 4]
INTERNET DRAFT Remote checksum offload for VXLAN February 29, 2016
start + 16.
4) From the packet checksum, subtract the checksum computed from
the start of the packet (outer IP header) to the offset in the
packet indicted by checksum start. The result is the deduced
checksum to set in the checksum field of the encapsulated
transport packet.
5) Write the resultant checksum value into the packet at the
offset provided by checksum offset.
6) Adjust the saved packet checksum to account for changing the
checksum field within the packet.
7) Checksum is verified at the transport layer using normal
processing. This should not require any checksum computation
over the packet since the complete checksum has already been
provided.
Steps 3,4,5, and 6 in pseudo code:
packet_csum: checksum computed by receiver covering the start
of the packet (outer IP header) to the end of the packet
start_of_packet: memory address of start of packet
offset_encap_payload: offset of encapsulation payload relative
to start_of_packet
csum_start: value of csum start field
o_bit: value of the O bit
checksum(start, len): function to compute checksum from start
address for len bytes
// Derive the start and offset values
start = csum_start * 2
if (o_bit)
offset = start + 6
else
offset = start + 16
// Compute packet checksum starting from checksum start value
// (1's complement arithmetic)
csum = packet_csum - checksum(start_of_packet,
offset_encap_payload + start)
Herbert Expires September 1, 2016 [Page 5]
INTERNET DRAFT Remote checksum offload for VXLAN February 29, 2016
// Set derived checksum in the checksum field
old = *(start_of_packet + offset_encap_payload + offset)
*(start_of_packet + offset_encap_payload + offset) = csum
// Adjust packet checksum (1's complement arithmetic)
packet_csum += (csum - old)
3 Security Considerations
Remote checksum offload should not impact protocol security.
4 IANA Considerations
There are no IANA considerations in this specification. Remote
checksum offload requires a one VXLAN reserved bit and use of the
eight reserved bits after the VNI.
5 References
5.1 Normative References
[RFC7348] Mahalingam, M., Dutt, D., Duda, K., Agarwal, P., Kreeger,
L., Sridhar, T., Bursell, M., and C. Wright, "Virtual
eXtensible Local Area Network (VXLAN): A Framework for
Overlaying Virtualized Layer 2 Networks over Layer 3
Networks", RFC 7348, August 2014, <http://www.rfc-
editor.org/info/rfc7348>.
[RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768,
August 1980.
[RFC0793] Postel, J., "Transmission Control Protocol", STD 7, RFC
793, September 1981.
5.2 Informative References
[RCO] Herbert T., "Remote checksum offload", draft-herbert-
remotecsumoffload-02.
[VXLANGPE] Quinn P. and et al., "Generic Protocol Extension for
VXLAN", draft-quinn-vxlan-gpe-04.txt
Authors' Addresses
Tom Herbert
Facebook
1 Hacker Way
Menlo Park, CA
Herbert Expires September 1, 2016 [Page 6]
INTERNET DRAFT Remote checksum offload for VXLAN February 29, 2016
US
EMail: tom@herbertland.com
Herbert Expires September 1, 2016 [Page 7]