Weblog

Wednesday October 28, 2009

Berkeley Packet Filter and pf_packet in Solaris Darren Reed recently delivered Berkeley Packet Filter and PF_PACKET into Solaris Nevada:

BPF is now as a supported option for the Solaris kernel. Support has been implemented for capturing packets at the link layer as well as at the IP layer. By using the IPNET device from Clearview Observability, BPF can be used to sniff packets local to the host (loopback & between zones) as well as those from "the wire" through interfaces supplied by Crossbow. In subsequent builds you can look forward to the libpcap shipped with Solaris being switched over from DLPI to BPF and updates to wireshark and tcpdump to support IPNET for loopback packet capture.

In addition to BPF, an implementation of PF_PACKET has now been added to Solaris. This provides both another mechanism to sniff packets from the network, with in-kernel filtering supported by BPF. Both raw and datagram PF_PACKET sockets have been included in this implementation of PF_PACKET for Solaris. Unlike BPF, PF_PACKET does not have access to loopback packets on Solaris.

( Oct 28 2009, 09:15:09 PM PDT ) Permalink Comments [1]

Crossbow link protection attribute in Solaris Nevada Eric Cheng recently integrated two interesting new features into Solaris Nevada, the Solaris.Next development gate:

1. Link protection -

this allows an administrator to prevent certain types of spoofed packets from being sent from a link. This is typically used in virtual environments (zones/domU) where individual domains can't be trusted to behave properly. In this phase, we deliver support for anti-spoofing of IP addresses (v4 only), mac addresses, and non-IP l2 frames.

2. flowadm remote_port attribute -

this allows flows to created with the 'remote_port' attribute. A flow is typically used for enforcing resource controls (e.g. bandwidth limit) on the type of traffic described by the flow.

More to come ...
Markus ( Oct 28 2009, 09:04:50 PM PDT ) Permalink

Friday May 29, 2009

Crossbow BOF and hands-on workshop

Next week is going to be very exciting for me, Sun will have its big developer conferences, CommunityONE and JavaONE at the Moscone Center in San Francisco. Crossbow will be one of the main features discussed during John Fowler's keynote on Monday, June 1 at 9am and Sunay Tripathi is going to do a talk on Crossbow at 2:40pm, see Agenda .

On Tuesday, June 2 at 5:30pm we'll then do a Birds of a Feather session at the Intecontinental Hotel right next to the Moscone Center. We'll have several early adopters describe their use cases and experience with Crossbow. All of the Crossbow engineers are going to be present and will be available to answer any questions and would like to hear your feedback. Right after the BOF, at around 7:30pm we'll do a hands-on workshop where participants can get started with creating virtual networks right then and there. Here are some more details:

Introduction - Jeff Jackson, Sr. VP of Solaris (5 min)
Overview of Crossbow and Open Networking - Sunay Tripathi and Nicolas Droux, Crossbow architects (20 min)
Customer use case 1 - Xiaobo Wang, Francesca Puggioni, Veraz Networks (20 min)
Customer use case 2 - Ben Rockwood, Joyent (20 min)
Customer use case 3 - Richard Newman, Reliant Security (20min)
Informal Q&A and discussion (40min)

Starting at around 7:30pm: Hands-on Workshop - build your own virtual network on your laptop (60min)

More details under:
http://wikis.sun.com/display/OpenSolaris/Crossbow+BoF+at+CommunityOne+West

Hope to see you there, Markus ( May 29 2009, 03:34:02 PM PDT ) Permalink

Thursday February 05, 2009

Crossbow, quo vadis? The Crossbow framework was recently integrated into OpenSolaris. It provides some really sexy network virtualization capabilities as well some significant performance improvements. Going forward there is a lot of work to do in this space to get additional performance as well as to add some more sexy features. [Read More] ( Feb 05 2009, 12:11:27 AM PST ) Permalink

Wednesday January 14, 2009

How to save on your commission when buying or selling a home I'm starting to realize that the only thing I ever blog about is my work. Of course this is a big part of my life, but there are other interesting subjects that people may find useful. Especially here in the bay area I've found a lot of people complaining about the high real estate commissions that they end up paying when buying or selling a home. Of course this is a function of the ridiculously high prices that people end up paying when they buy houses. Just to put things in perspective, paying USD 1 million for a rather modest house in a good school district like Palo Alto or Menlo Park is nothing unusual here - welcome to the Bay Area! Since the commissions are a percentage of the value of a home the amount of commission goes up to some really high numbers: Typically a seller pays 5-6 % of commission, that equates to 50-60K in commission for the two realtors involved.

When we bought our house a couple of years ago my wife and I already knew where we wanted to live and had even picked out the house by ourselves. So I didn't need the services of a buyer agent and tried to save the 3% buying agent commission. However, the house we wanted (and all the others that we had previously looked at) had their contract written such that a buying agent was required. The whole real estate industry seems like a big cartel to me and I wasn't willing to pay that much money for that little service that I required - call me a stingy German if you like. I looked around and the best I could initially find was ZipRealty who was willing to refund 20% of the 3% commission, that still leaves USD 24K for the buying agent for essentially helping me fill out some paperwork. After lots of searching around I finally found the following web site that allows you to let realtors bid down their commission, pretty cool really:
www.homecommission.com

Through that I found a buying agent who was willing to refund 70% of his commission to me, a nice chunk of money really!

The bottom line: I guess I'll be a bit more picky when it comes to selling my house, since the right pricing and the right marketing can make a difference. But when it comes to buying a house I think paying the full commission when you pretty much know what you want is just a total waste of money - my 2 cents.
Markus ( Jan 14 2009, 11:22:31 PM PST ) Permalink

Friday January 09, 2009

Crossbow available on OpenSolaris Crossbow is available and officially supported on Sun's OpenSolaris distro, the basis for SolarisNext. [Read More] ( Jan 09 2009, 09:52:46 PM PST ) Permalink

Monday August 11, 2008

Successful Crossbow beta results By now we have received feedback from almost all of our Crossbow beta testers and it's been entirely positive so far. A number of folks who are currently running Solaris zones really like the Virtual NIC (VNIC) concept that allows them to consolidate several separate services onto a single machine while guaranteeing the isolation and performance of the VNIC. For hosting companies this means port consolidation, i.e. lower capital cost as well as lower port management cost. Another group likes the significantly reduced latency. In the case of one customer they were able to cut their end-to-end TCP and UDP latency down by more than 50% on their work load. We had generated some similar numbers in our labs before publishing the bits, but of course it's always great to see customers verifying your own numbers. Another beta tester is trying things like using the HW classification capabilities in the NIC to push down firewall functionality into the HW and so on. I'm curious to hear back from them in the next few weeks.

At the same time the development team is slaving away to get Crossbow into Solaris. Still a few more bugs to be resolved and a bit more performance work ahead, but things are going rather well right now. Keep your fingers crossed!

If you are interested in checking out Crossbow yourself, see:
http://opensolaris.org/os/project/crossbow/snapshots/


Markus ( Aug 11 2008, 08:12:54 PM PDT ) Permalink

Monday March 10, 2008

Crossbow beta The beta version of Crossbow has just been released! At the same time Crossbow is already running Reliant's Managed PCI System ("MPS") at a retailer with 750 stores. [Read More] ( Mar 10 2008, 05:00:00 PM PDT ) Permalink

Thursday November 29, 2007

Job openings at Sun

My group is looking for college hires and interns Interested in working on cutting edge networking technology:
Interested in defining the future of network virtualization? We are currently looking for top students with solid C programming skills and ideally some experience with kernel-level programming who can help shape the future of next-generation networking infrastructure, either as full-time employees or interns. Here is one of the projects we are currently working on: http://opensolaris.org/os/project/crossbow/

Interested? Just send me your resume at: markus dot flierl at sun dot com


Markus ( Nov 29 2007, 08:56:40 AM PST ) Permalink

Tuesday October 23, 2007

What's new in Solaris Networking Current work in Solaris Networking [Read More] ( Oct 23 2007, 12:35:43 AM PDT ) Permalink

Friday May 18, 2007

Solaris 10U4 is IPv6 ready S10U4 is now IPv6 certified. [Read More] ( May 18 2007, 12:27:55 AM PDT ) Permalink Comments [1]

Tuesday February 20, 2007

CrossBow and Neptune

All the stars seem to be lining up: Sun's T1000 and T2000 Chip Multi Threaded machines, the Neptune 10Gb NICs and CrossBow Network Virtualization and Resource Control: With CrossBow, Solaris will take full advantage of the the new virtualization functionality that Neptune 10 Gb NIC offers like hardware classification, multiple Receive/Transmit rings and DMA channels. This means the networking stack in Solaris is fully aligned with the networking hardware.


Crossbow features include:

*- Ability to create Virtual NIC (VNIC) which is built on top of dedicated resources like Rx/Tx rings, DMA channels, kernel queues and threads and CPUs. On systems like Niagara and other hardware, this allows multiple Solaris Containers or Virtual machines to share the available B/W and host networking resources based on policies or resource partitioning without any performance impact due to virtualization.

- Parallelizing the networking workload across multiple Niagara threads and cores using Neptune classifier to spread traffic to multiple Receive and transmit rings while maintaining affinity between Rx/Tx rings, Niagara threads, kernel threads and queues.

- Ability to separate out services and protocols and providing dedicated resources (like Neptune Rx/Tx rings, DMA channels, kernel threads and queues, and Niagara threads and cores) and dedicated bandwidth (both limits and guarantees) over a common NIC without any performance penalties. Provides Quality of service to services that need it.


CrossBow on OpenSolaris:

Crossbow is one of the leading projects on OpenSolaris and has a large community around it. The source code and binaries are available today via the OpenSolaris (http://opensolaris.org/os/project/crossbow/). CrossBow will be available in Solaris by the end of this year.

Pretty cool stuff! And with the upcoming next generation of Niagara chips the NIC will even be included on the board itself. This will give us additional performance boost. ( Feb 20 2007, 06:00:00 AM PST ) Permalink

Monday January 22, 2007

IP Instances - Network Virtualization for Solaris Containers, aka. zones The IP Instance project just integrated into the Solaris Nevada code base and is supposed to be available in a Solaris 10 update later this year. Donghai Han, Yukun Zhang, Zhijun Fu and Erik Nordmark worked really hard on the development side to make this happen, George Yao and Alex Peng did the same on the test development side. IP Instances provides Solaris customers the option of assigning seperate IP stacks to Containers thus providing much more flexibility. IP Instances addresses a long list of customer enhancement requests and takes networking in Solaris Containers to the next level: With IP Instances you get full separation of the networking stack between Containers. With project Crossbow we'll extend network virtualization into the device driver layer and provide a industry-leading network virtualization solution. Crossbow is still in the works, but a beta version is already available on OpenSolaris. We are planning on starting a formal beta program in the next couple of weeks. ( Jan 22 2007, 09:32:31 PM PST ) Permalink Comments [1]

Saturday January 20, 2007

Looking for college hires and interns Interested in working on cutting edge networking technology? Interested in defining the future of network virtualization? We are currently looking for top students who can help shape the future of next-generation networking infrastructure, both as full-time employees or interns. Interested? Just send me your resume at: markus.flierl@sun.com -Markus ( Jan 20 2007, 01:28:09 AM PST ) Permalink

Monday October 23, 2006

Solaris is ready for IPv6 We just go the news from the UNH Interoperability lab, that we have passed the phase I IPv6 compliance tests with Solaris Nevada, see:

http://www.iol.unh.edu/services/testing/ipv6/logoholders.php

This means Solaris is leading in the IPv6 space. Given the convergence of the different types of communication traffic like data, Voice and streaming video onto IP I'd expect a much greater need for IPv6 in the next few years. Initially it looked like the government mandate for IPv6 was going to drive its deployment, but right now it looks like the telco space is going to lead that change.

Markus ( Oct 23 2006, 11:20:20 PM PDT ) Permalink