Nokia, ARM, Enea craft new TCP/IP stack for the cloud

Open source 'OpenFastPath' unloads comms from the kernel


A group of major vendors has put forward an open source TCP/IP stack they say is designed to reinvigorate the ancient and rather crusty protocol.

Nokia, ARM, and Enea are offering up both code and tutorials here for their OpenFastPath user-space TCP/IP implementation.

As The Register has previously noted, user-space networking is designed to get TCP/IP out of the kernel space, for two reasons: kernels have absorbed a lot of code over the years; and using the kernel for packet processing involves extra operations to get packets into memory, pass them to the kernel, and push them back out to the interface.

The BBC, for example, has crafted a user-space stack so its video farms can push out the 340,000 packets per second needed for high-definition video, and a Swiss company called Teclo is using a user-space stack to improve mobile network processing.

Enter OpenFastPath: based on FreeBSD, it currently includes User Datagram Protocol (UDP), Transmission Control Protocol (TCP), and Internet Control Message Protocol (ICMP) functions, with more to be added in the future.

OpenFastPath system view

OpenFastPath system view. Click to embiggen

Both IPv4 and IPv6 are supported, with an “optimised callback-based zero-copy socket API” to keep packet processing in user-space as far as possible. Since the feature set isn't complete, OpenFastPath as it now stands will still have to hand-off some functions either to the kernel or to another software packet processor.

So far so good, but it's in the cloud that the three companies hope OpenFastPath will shine, with particular attention to comms processing on bare metal switches.

They say the stack is optimised for OpenDataPlane (ODP) programming interfaces. This will let OpenFastPath take advantage of acceleration in systems-on-a-chip that support ODP, and make the protocol programmable via the ODP environment.

As well as the three founding companies, the OpenFastPath Foundation claims support from AMD, Cavium, Freescale, HP and Linaro.

The group is hoping future contributors will work on interfaces for the open source Data Plane Development Kit (DPDK, here). Currently, data plane integration happens via the ODP-DPDK layer. ®


Other stories you might like

  • Pentester pops open Tesla Model 3 using low-cost Bluetooth module
    Anything that uses proximity-based BLE is vulnerable, claim researchers

    Tesla Model 3 and Y owners, beware: the passive entry feature on your vehicle could potentially be hoodwinked by a relay attack, leading to the theft of the flash motor.

    Discovered and demonstrated by researchers at NCC Group, the technique involves relaying the Bluetooth Low Energy (BLE) signals from a smartphone that has been paired with a Tesla back to the vehicle. Far from simply unlocking the door, this hack lets a miscreant start the car and drive away, too.

    Essentially, what happens is this: the paired smartphone should be physically close by the Tesla to unlock it. NCC's technique involves one gadget near the paired phone, and another gadget near the car. The phone-side gadget relays signals from the phone to the car-side gadget, which forwards them to the vehicle to unlock and start it. This shouldn't normally happen because the phone and car are so far apart. The car has a defense mechanism – based on measuring transmission latency to detect that a paired device is too far away – that ideally prevents relayed signals from working, though this can be defeated by simply cutting the latency of the relay process.

    Continue reading
  • Google assuring open-source code to secure software supply chains
    Java and Python packages are the first on the list

    Google has a plan — and a new product plus a partnership with developer-focused security shop Snyk — that attempts to make it easier for enterprises to secure their open source software dependencies.

    The new service, announced today at the Google Cloud Security Summit, is called Assured Open Source Software. We're told it will initially focus on some Java and Python packages that Google's own developers prioritize in their workflows. 

    These two programming languages have "particularly high-risk profiles," Google Cloud Cloud VP and GM Sunil Potti said in response to The Register's questions. "Remember Log4j?" Yes, quite vividly.

    Continue reading
  • Rocket Lab is taking NASA's CAPSTONE to the Moon
    Mission to lunar orbit is further than any Photon satellite bus has gone before

    Rocket Lab has taken delivery of NASA's CAPSTONE spacecraft at its New Zealand launch pad ahead of a mission to the Moon.

    It's been quite a journey for CAPSTONE [Cislunar Autonomous Positioning System Technology Operations and Navigation Experiment], which was originally supposed to launch from Rocket Lab's US launchpad at Wallops Island in Virginia.

    The pad, Launch Complex 2, has been completed for a while now. However, delays in certifying Rocket Lab's Autonomous Flight Termination System (AFTS) pushed the move to Launch Complex 1 in Mahia, New Zealand.

    Continue reading

Biting the hand that feeds IT © 1998–2022