From 28091bba8e316c44e0b64460f53d16d25c50c65c Mon Sep 17 00:00:00 2001 From: Thiery Ouattara Date: Thu, 23 May 2019 16:02:36 +0000 Subject: [PATCH] doc: description packets flow in Butterfly Signed-off-by: Thiery Ouattara --- doc/DESCRIPTION.md | 88 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 doc/DESCRIPTION.md diff --git a/doc/DESCRIPTION.md b/doc/DESCRIPTION.md new file mode 100644 index 000000000..452499d35 --- /dev/null +++ b/doc/DESCRIPTION.md @@ -0,0 +1,88 @@ +DESCRIPTION + +## Packets come from VM (VHOST) + +### Poll: + +- We collect VM packets in the queue. If not packet in the queue it return. +- We count and collect all packets from the queue and build they metadata(packets size; layers size and type) +- We add packets size to the brick packets counter(so yes we can retrieve information about how much packets have been burst/receive). +- We burst packets. + +## Packets go to VM (VHOST) + +### Burst: +- Vhost bricks got all packet +- Copy packets in vhosts queue. +- We count all packets bytes that have been busted and we add it to packet count. + +## PRINT (SNIFFER) + +This brick is optional +- Sniffer write all networks traffic in pcap files. +- At this moment we only use pcap files but it possible to display it with FPRINTF(). +- We can change the path of pcap files. +- For each packet: +- We collect data size +- Compute date and time of reception. +- If packet is segmented we store each segment in a buffer before writing them into the pcap file. otherwise write it directly. + +## ANTISPOOF + +### Burst: + +Antispoof Brick have 2 parameter: a Mac Address and a boolean value +- We let pass incoming packets into VM. +- If packets are coming from VM: +- We block all reverse ARP packets. +- We verify that packet mac address source with Brick mac address are the same. +- If all verifiction are OK (is ARP reverse packet, is IPv4 or IPv6), we burst packet. + +## NPF (FIREWALL) + +Firewall use BPF rules, that can be pass to packetgraph API. +- We set firewalling rules by converting SG to BPF rule, see (link to better explications about that) +- Each rules have a direction. (IN/OUT or Both) +- Firewall analyse only IPv4, IPv6 protocols and let pass no-IP protocols. +- For each IP packets firewall brick check that packets pass the firewall (configured by butterfly earlier) + +## SWITCH + +- Switches are automatically added in network graphs when two or more VM connect to VTEP bricks with the same VNI on the same host. +- If mac tables are death, we try to rebuild them. If it fail, we return an error. +- We collect packet source address and port, (build metadata for each packet). +- For each non-multicast mac address, we associate mac address to corresponding source port, store it in mac table and burst packets to corresponding ports. +- For multicast mac and unknow one, we burst to all but incoming brick + +## To VTEP + +If mac tables are death, we try to rebuild them. If it fail, we return an error. +- We verify if destination IP address is multicast or unicast. +- If unicast we find corresponding port in mac table. +- Else we collect multicast mac address and create a new multicast IP address. +- We collect VNI corresponding to communication port, build and arrange needful headers (ip, udp, vxlan ...) VxLAN packets encapsulations. +- Burst them all. + +## From VTEP + +If mac tables are death, we try to rebuild them. If it fail, we return an error. + +for each packet: +- We compare Vxlan packet VNI with port VNI, if it is OK, we remove packet VxLAN layer, record its mac address to VTEP mac table and get destination ip address. +- We restore network layers L2,L3 and L3, and we send packet to corresponding port VNI. + +## SNIFFER (cf PRINT) + +## NIC + +### Poll + +- We collect packets in nic, store them in an array. +- We rebuild all metadata for each packet +- Burst all packets in opposite direction + +### Burst + +- We collect packets, its numbers, put them in ethernet device. +- We burst packets on ethernet port and free packets. +