Welcome!

Java IoT Authors: Elizabeth White, Liz McMillan, Pat Romanski, William Schmarzo, AppDynamics Blog

Related Topics: SDN Journal, Java IoT, Containers Expo Blog, @CloudExpo, Cloud Security, @BigDataExpo

SDN Journal: Blog Post

Stateless Transport Tunneling (STT) Meets the Network

At a high level the concepts of larger packets, hardware offload, reduced CPU load and interrupts all make sense

Last week I walked through the packet formats for VXLAN and NVGRE specifically focused on ways by which the overlay packets provide information to the physical network that help the physical network. Some of the initial extreme thoughts that the overlay and physical network can and should be completely ignorant of each other have softened more recently and more pragmatic thoughts of collaborating layers are being articulated. At Plexxi we have often mentioned that we believe the physical network and the overlay need to be closely orchestrated to get the most benefit out of the total network solution. And orchestration != ECMP.

In addition to VXLAN and NVGRE, Stateless Transport Tunneling (STT) is an encapsulation mechanism used by VMware, mostly for communication between server based vSwitches. It is a bit more involved and complicated than VXLAN and NVGRE, mostly because it was designed to carry large data packets, up to 64 Kbytes. Physical networks have limitations on the size of a packet that can be transferred. Ethernet standard maximum transmission unit (MTU) used to be 1500 bytes, but most ethernet devices these days can support jumbo packets allowing packets of 4, 9 or even 16 Kbytes in size. Even at those sizes, large data transfers are somewhat hampered by the work involved in taking a large chunk of data and then chopping them up into smaller portions to be transmitted. In a response to this, hardware vendors have taken some of this functionality and added it to the Network Interface Cards (NICs) on servers and have them do most of this segmentation and re-assembly work based on how TCP takes large portions of data and chops them into smaller segments. Doing his in hardware means it can be done faster, but more importantly, it removes this burden from the server CPUs, allowing them to do other (more useful) work.

STT was designed to make use of these TCP capabilities in NICs. STT can take ethernet packets up to 64 Kbytes from a VM on a server, and tunnel it to its destination as a 64 Kbyte entity. This STT frame has to be chopped into smaller pieces to match the MTU of the physical network, but an STT packet looks just like a TCP segment to the receiving NICs, allowing them to reconstruct the original 64 Kbyte packet without needing the CPU.

When the sending tunnel endpoint receives a large chunk of data to be transmitted at another VM at the other side of a tunnel, the vSwitch takes several steps to encapsulate this packet. First, it adds an STT Frame Header to the packet.

STT Frame Format 1

The STT Header is 18 bytes in length and has a variety of administrative fields, but the key field is the Context ID. This is a 64 bit field and its intended use is similar to the VXLAN Network Identifier (VNI) or the NVGRE Virtual Subnet ID (VSID). While the semantics of this field are somewhat defined, its value and how to use it is left open in the latest specifications. Its main purpose is to provide the receiving tunnel endpoint the information it needs to determine where this packet needs to be sent after decapsulation.

After the STT Frame Header has been added, this new packet (original packet  + new STT header) is chopped into smaller pieces so that each piece is at least 62 bytes smaller than the MTU of the physical network. Each of these new segments receives 24 byte TCP like header, a normal 20 byte IP header, and of course the final 18 byte Ethernet header before transmission. The magic (or ugliness for those less enamored by STT) is in the TCP like header. These 24 bytes are formatted just like a normal TCP header to ensure the hardware in the NICs can re-assemble segments that belong together. The traditional Acknowledgement field in TCP is used as a fragment ID, essentially telling the NIC that all packets/segments that come in with the same fragment ID belong together and should be reassembled into the larger original ethernet frame. The traditional Sequence number is used as an offset indicator, to tell the NIC in what order the fragments need to be put together.

STT Frame Format 2

Similar to VXLAN and NVGRE described last week, STT has a mechanism to create entropy for the physical network to distinguish flows from each other and allow them to be balanced using ECMP (or link aggregation – LAG) based deployments. In STT, the TCP source port is used to create entropy. The originating tunnel end point will use some hash calculation on the original packets header information and use the result to populate the TCP source port. Switches in the physical network can now use the TCP port information from the tunneled packet in their hash calculation for ECMP or LAG packet distribution.

While STT is likely to be more efficient than either VXLAN or NVGRE for the transfer of large amount of information because it offloads the segmentation and re-assembly, it carries significantly more overhead than either VXLAN or NVGRE in additional header information for smaller packets. STT adds 80 bytes of new header to a VM originated ethernet packet for the first segment of this packet, 62 for each following segment. Compare that to a consistent 46 bytes for each NVGRE encapsulated packet, and 54 bytes for VXLAN. For traffic between VMs on the same server this may not matter, but it certainly does for traffic carried across the physical network. For the plentiful mice flows, we have likely doubled the size and bandwidth required for each.

A probably more significant drawback of STT comes from its strength. Designed for large packet transfers, once an original packet is encapsulated with STT header, chopped into parts, then encapsulated into individual ethernet, IP and TCP (like) headers, only the first packet provides any clue or context of the original source, destination, protocol, application and other content. The relevant pieces of that will only be found in the first segment, any follow up segments only provide enough information about the tunnel endpoints and no other original context without the first segment. And that makes debugging really hard. It also makes it hard to differentiate traffic on the physical network, even at a very high level Virtual Network identifier. And every existing network based service (realizing that one of the goals of overlay networks is to push this to the vSwitches themselves) will also have a hard time deciding what to do with these packets.

At a high level the concepts of larger packets, hardware offload, reduced CPU load and interrupts all make sense. But most data center ethernet networks can easily support 9k or even 16k packets, so perhaps the gap between 16k packet based transfer and 64k semi-stream based communication is really not that much considering that the bulk of packets are small to begin with (remember those mice and elephants?). Perhaps aligning the MTU of the virtual port with that of the network may be worthwhile to have the STT and original header in each and every packet on the wire. Regardless of whether that is a real wire, or a virtual one.

[Today's fun fact: One of the primary reasons the Mayflower pilgrims ended their voyage at Plymouth Rock was pretty much the same reason people today suspend their journeys: they ran out of beer. No need for a funny punch line on that one]

The post Stateless Transport Tunneling (STT) meets the Network appeared first on Plexxi.

Read the original blog entry...

More Stories By Marten Terpstra

Marten Terpstra is a Product Management Director at Plexxi Inc. Marten has extensive knowledge of the architecture, design, deployment and management of enterprise and carrier networks.

@ThingsExpo Stories
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discussed how businesses can gain an edge over competitors by empowering consumers to take control through IoT. He cited examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He also highlighted how IoT can revitalize and restore outdated business models, making them profitable ...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo Silicon Valley Call for Papers is now open.
We all know the latest numbers: Gartner, Inc. forecasts that 6.4 billion connected things will be in use worldwide in 2016, up 30 percent from last year, and will reach 20.8 billion by 2020. We're rapidly approaching a data production of 40 zettabytes a day – more than we can every physically store, and exabytes and yottabytes are just around the corner. For many that’s a good sign, as data has been proven to equal money – IF it’s ingested, integrated, and analyzed fast enough. Without real-ti...
SYS-CON Events announced today that 910Telecom will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Housed in the classic Denver Gas & Electric Building, 910 15th St., 910Telecom is a carrier-neutral telecom hotel located in the heart of Denver. Adjacent to CenturyLink, AT&T, and Denver Main, 910Telecom offers connectivity to all major carriers, Internet service providers, Internet backbones and ...
Big Data, cloud, analytics, contextual information, wearable tech, sensors, mobility, and WebRTC: together, these advances have created a perfect storm of technologies that are disrupting and transforming classic communications models and ecosystems. In his session at @ThingsExpo, Erik Perotti, Senior Manager of New Ventures on Plantronics’ Innovation team, provided an overview of this technological shift, including associated business and consumer communications impacts, and opportunities it ...
You think you know what’s in your data. But do you? Most organizations are now aware of the business intelligence represented by their data. Data science stands to take this to a level you never thought of – literally. The techniques of data science, when used with the capabilities of Big Data technologies, can make connections you had not yet imagined, helping you discover new insights and ask new questions of your data. In his session at @ThingsExpo, Sarbjit Sarkaria, data science team lead ...
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, discussed the importance of WebRTC and how it enables companies to focus...
ReadyTalk has expanded the capabilities of the FoxDen collaboration platform announced late last year to include FoxDen Connect, an in-room video collaboration experience that launches with a single touch. With FoxDen Connect, users can now not only engage in HD video conferencing between iOS and Android mobile devices or Chrome browsers, but also set up in-person meeting rooms for video interactions. A host’s mobile device automatically recognizes the presence of a meeting room via beacon tech...
Manufacturers are embracing the Industrial Internet the same way consumers are leveraging Fitbits – to improve overall health and wellness. Both can provide consistent measurement, visibility, and suggest performance improvements customized to help reach goals. Fitbit users can view real-time data and make adjustments to increase their activity. In his session at @ThingsExpo, Mark Bernardo Professional Services Leader, Americas, at GE Digital, discussed how leveraging the Industrial Internet a...
On Dice.com, the number of job postings asking for skill in Amazon Web Services increased 76 percent between June 2015 and June 2016. Salesforce.com saw its own skill mentions increase 37 percent, while DevOps and Cloud rose 35 percent and 28 percent, respectively. Even as they expand their presence in the cloud, companies are also looking for tech professionals who can manage projects, crunch data, and figure out how to make systems run more autonomously. Mentions of ‘data science’ as a skill ...
IoT generates lots of temporal data. But how do you unlock its value? You need to discover patterns that are repeatable in vast quantities of data, understand their meaning, and implement scalable monitoring across multiple data streams in order to monetize the discoveries and insights. Motif discovery and deep learning platforms are emerging to visualize sensor data, to search for patterns and to build application that can monitor real time streams efficiently. In his session at @ThingsExpo, ...
"delaPlex is a software development company. We do team-based outsourcing development," explained Mark Rivers, COO and Co-founder of delaPlex Software, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
SYS-CON Events announced today that LeaseWeb USA, a cloud Infrastructure-as-a-Service (IaaS) provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. LeaseWeb is one of the world's largest hosting brands. The company helps customers define, develop and deploy IT infrastructure tailored to their exact business needs, by combining various kinds cloud solutions.
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
SYS-CON Events announced today that Venafi, the Immune System for the Internet™ and the leading provider of Next Generation Trust Protection, will exhibit at @DevOpsSummit at 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Venafi is the Immune System for the Internet™ that protects the foundation of all cybersecurity – cryptographic keys and digital certificates – so they can’t be misused by bad guys in attacks...
The cloud market growth today is largely in public clouds. While there is a lot of spend in IT departments in virtualization, these aren’t yet translating into a true “cloud” experience within the enterprise. What is stopping the growth of the “private cloud” market? In his general session at 18th Cloud Expo, Nara Rajagopalan, CEO of Accelerite, explored the challenges in deploying, managing, and getting adoption for a private cloud within an enterprise. What are the key differences between wh...
There will be new vendors providing applications, middleware, and connected devices to support the thriving IoT ecosystem. This essentially means that electronic device manufacturers will also be in the software business. Many will be new to building embedded software or robust software. This creates an increased importance on software quality, particularly within the Industrial Internet of Things where business-critical applications are becoming dependent on products controlled by software. Qua...
In addition to all the benefits, IoT is also bringing new kind of customer experience challenges - cars that unlock themselves, thermostats turning houses into saunas and baby video monitors broadcasting over the internet. This list can only increase because while IoT services should be intuitive and simple to use, the delivery ecosystem is a myriad of potential problems as IoT explodes complexity. So finding a performance issue is like finding the proverbial needle in the haystack.
Machine Learning helps make complex systems more efficient. By applying advanced Machine Learning techniques such as Cognitive Fingerprinting, wind project operators can utilize these tools to learn from collected data, detect regular patterns, and optimize their own operations. In his session at 18th Cloud Expo, Stuart Gillen, Director of Business Development at SparkCognition, discussed how research has demonstrated the value of Machine Learning in delivering next generation analytics to imp...