Using Ada95 to Build Software for a Gigabit Layer 7 IP Networking Device: Ada s No Big Deal Anymore

(1)

Using Ada95 to Build Software for a Gigabit Layer 7 IP

Using Ada95 to Build Software for a Gigabit Layer 7 IP

Networking Device: Ada’s No Big Deal Anymore

Mike Kamrad

“senior” Software Engineer

[email protected]

+1.508.870.1300x139

(2)

10/3/00 Top Layer - "Layers above the Rest" 2

What You’ll See

♦

♦ A Really Bitchin’ Data_{A Really Bitchin’ Data}--Comm ProductComm Product

♦

♦ Architecture_Architecture

♦

♦ Ada Software Development Environment_{Ada Software Development Environment}

♦

♦ Obstacles and Lessons Learned_{Obstacles and Lessons Learned}

♦

(3)

$SS6ZLWFK

70

)DPLO\

7KH)LUVW/D\HU'HYLFHZLWKH

7KH)LUVW/D\HU'HYLFHZLWKH$SSOLFDWLRQ$SSOLFDWLRQ &RQWURO

(4)

Who is Top Layer

Networks?

♦

♦ Founded January, 1997_{Founded January, 1997}

♦

♦ 155+ Employees _{155+ Employees}

♦

♦ Headquarters in Westboro, MA, USA_{Headquarters in Westboro, MA, USA}

♦

♦ Strong executive management team_{Strong executive management team}

♦

♦ Chipcom, Fore Systems, DEC, Wellfleet/Bay NetworksChipcom, Fore Systems, DEC, Wellfleet/Bay Networks

♦

♦ World_World--class engineering team class engineering team

♦

♦ DEC, Fore, Chipcom, 3Com, etc.DEC, Fore, Chipcom, 3Com, etc.

♦

♦ Major experience in ASICs andMajor experience in ASICs and switchesswitches

♦

♦ Private Company Private Company -- Raised over $30M in fundingRaised over $30M in funding

♦

♦ Shipping Products: AppSwitch 2500 _{Shipping Products: AppSwitch 2500}-- October ‘99; October ‘99; AppSwitch 3500

AppSwitch 3500 -- June ‘00June ‘00

♦

(5)

What is the Top Layer

AppSwitch?

♦

♦ The AppSwitch is a high performance L4_{The AppSwitch is a high performance L4}-L7 device -L7 device with a powerful set of flexible features, called with a powerful set of flexible features, called ee-

-Application Control Application Control. .

♦

♦ It provides flexible solutions to today’s IP _{It provides flexible solutions to today’s IP} networking challenges including congestion, networking challenges including congestion,

accounting, monitoring, high

accounting, monitoring, high--availability, availability, responsiveness, and

(6)

What is e-Application Control?

♦

♦ A powerful set of flexible high_{A powerful set of flexible high}--performance features...performance features...

♦

♦ Security AugmentationSecurity Augmentation

–

– Packet Filter Firewall withPacket Filter Firewall withSyslog Syslog ReportingReporting

–

– Filters for Filters for DoS DoS attacksattacks

–

– Flow Mirroring for IDS Flow Mirroring for IDS

♦

♦ Application Accounting/MonitoringApplication Accounting/Monitoring

–

– TopFlow TopFlow protocolprotocol

–

– TopFlowTopFlowData CollectorData Collector

–

– TopView GraphsTopView Graphs

♦

♦ Application Traffic ManagementApplication Traffic Management

–

– Application QoSApplication QoS

–

– Application BalancingApplication Balancing

–

– Application RedirectionApplication Redirection

…built on a powerful policy

…built on a powerful policy--based management model based management model which includes a unique Application Definition Library which includes a unique Application Definition Library

(7)

What do we do with Applications

♦ ♦ Prioritize_Prioritize FTP

..…

...

.….

…..

- Assign relative priorities to Applications - Weighted Round Robin Queuing

..

.…

……..

Priority 1 Priority 2 Priority 3 Priority 4 etc.

.

(8)

What do we do with Applications

♦

♦ Graduated Priorities_{Graduated Priorities}

.….

- Priorities are altered as size of flow increases

. . . .…….

Priority 1 Priority 2 Priority 3 Priority 4 etc.

(9)

What do we do with Applications

♦

♦ Bandwidth Guarantees_{Bandwidth Guarantees}

..…

...

.….

…..

- Assign guaranteed bandwidth to Applications - Uses the static queues

- Will guarantee per flow bandwidth up to 8 Mbps per flow

- Up to 128 flows can be set

Xing Streamworks MS Stream H.323 Priority 1

……...

Priority 2 Priority 3 Priority 4 etc.

…..….

……...

2Mbps 1 Mbps 384Kbps 1Mbps

(10)

What do we do with Applications

♦

♦ Firewall_Firewall

...

- A firewall policy can be set by application between zones FastPath FastPath Process Process

(11)

What do we do with Applications

♦

♦ TopFlow_TopFlow displays message flow displays message flow

statistics

statistics

- Output stats on packets sent by application and user + L3/L2 data FastPath FastPath Process Process Background Engine FTP

..…

.….

…..

...

- TopFlow output:

(12)

- AS2512 - 12 10/100 TX ports + 2 100FX ports - 32,000 simultaneous flows

AppSwitch 2500

console

(13)

- AS3502 - 12 10/100 TX ports + 2 Gig ports (1 redundant only) - 256,000 simultaneous flows

- Additional packet processing capability

AppSwitch 3500

console

(14)

Technical Differentiators

♦

♦ “_“TouchTouch everyevery packetpacket”” switching engineswitching engine

♦

♦ Stateful packet inspection_{Stateful packet inspection}

♦

♦ Datalink independent LAN/WAN switching_{Datalink independent LAN/WAN switching}

♦

♦ Hierarchical Hybrid Queuing (HHQ)_{Hierarchical Hybrid Queuing (HHQ)}

♦

♦ Customizable Application Policy Library_{Customizable Application Policy Library}

♦

♦ “Automatic” operation_{“Automatic” operation}

♦

(15)

(16)

Architecture Matters!

♦

♦ Key components_{Key components}

♦

♦ TopFire_TopFireTMTM _Programmable_Programmable _{Silicon Switching Engine}_{Silicon Switching Engine}

–

– Architected, designed, and patentedArchitected, designed, and patented

–

– Layer 7 at full wire speed at every portLayer 7 at full wire speed at every port

–

– Very scaleable and extensibleVery scaleable and extensible

–

– Same architecture/softwareSame architecture/softwarein entire familyin entire family

♦

(17)

e-Application Control

Architecture

Packet Processing Incoming Data Tx Queue Forwarding Tables L2/L3 Priority Output Queues Tx Queue Tx Queue L4 Application Definition Library Application Policies Session Data Stateful

(18)

Architecture - A Closer Look

RE Chip

QM Chip

TopFireTM _chipset MOM Chip MOM Chip

100 Mbps MII RAMbus DRAM QM SRAM SDRAM SRAM Lookup Tables Memory

Fast Path Code, System Data, Memory Descriptors, Tables Memory Packet Memory Forwarding Engine Queue Manager MII Octal MAC

100 Mbps MII MII Octal MAC

AppSwitch 2500

RE Chip

(19)

Scalable Architecture

RE Chip QM Chip GMOM Chip 1000 Mbps RAMbus DRAM QM SRAM SDRAM SRAM Lookup Tables Memory

Fast Path Code, System Data, Memory Descriptors, Tables Memory Packet Memory Forwarding Engine Queue Manager Dual Gig + 16 10/100 MAC AppSwitch 3500 100 Mbps MII RE Chip RE Chip Background Engine Application Engine

(20)

Major Software Components

♦

♦ Forwarding Engine _{Forwarding Engine}-- The main switching The main switching component to establish and maintain

component to establish and maintain

message flows, per network policies

♦

♦ Background Engine _{Background Engine}-- The management The management

control component that interfaces with the

network administrator

♦

♦ Application Engine(s) _{Application Engine(s)}-- Protocol specific Protocol specific accelerator to handle complex protocols

(21)

Forwarding Engine (FE) Architecture

♦

♦ Custom_Custom RISC Core (ARC)RISC Core (ARC)

♦

♦ Extensive Proprietary _{Extensive Proprietary}HW AssistHW Assist

♦

♦ Tight Polling Loop _{Tight Polling Loop}-- NO INTERRUPTSNO INTERRUPTS

♦

♦ Application “wrapper” and Slowpath coded _{Application “wrapper” and Slowpath coded}

in

in AdaAda

♦

♦ Fastpath and Application “policies” _{Fastpath and Application “policies”}

handcrafted in

handcrafted in assemblyassembly

♦

♦ Connection rates and throughput are _{Connection rates and throughput are}key key performance requirements

(22)

Background Engine Architecture

♦

♦ Based on same ARC chip as FE_{Based on same ARC chip as FE}

♦

♦ Event_Event--driven system where events are:driven system where events are:

♦

♦ Arrival of message packetsArrival of message packets

♦

♦ Time expirationTime expiration

♦

♦ Multi_Multi--tasking application to respond to various tasking application to respond to various events

events

♦

♦ Division of application between_{Division of application between}

♦

♦ Core modulesCore modules

♦

♦ Extension modulesExtension modules

♦

♦ Throughput and event processing are _{Throughput and event processing are}key key performance requirements

(23)

Background Engine Architecture

I proc e dur a l I /F pr oc e d u ra l I /F pr oc e d u ra l I /F p roc ed ur al I /F Protocol Modules pr oc ed ur a l I /F Session Modules pr oc ed ur a l I /F Protocol Modules dispatching on Interface object or events Core Extensions Clock DMA Input DMA Output Packet/ Event Processor A p p li c a ti o n /Ser v ice/ Sessi o n M o d u le s Multi-Tasked "Continuous" "Timed" JobJar P rot oc ol or S e s s io n M o d u le s

packets/events Qs "processed" packets Q

Strategic Disaster events Disaster Manager pro c e dur a l I /F Single Tasked Worker Task Q Worker Task Worker Task Q Worker Task Q Worker Task Q Worker Task Q PO PO PO PO I H I I H I _Management Control DataBase

(24)

Application Engine (FE) Architecture

♦

♦ Based on same ARC chip as FE_{Based on same ARC chip as FE}

♦

♦ Tight Polling Loop _{Tight Polling Loop}-- NO INTERRUPTSNO INTERRUPTS

♦

♦ Basis infrastructure, written in C_{Basis infrastructure, written in C}

♦

♦ Application specific software written in Ada _{Application specific software written in Ada}

or C

♦

♦ Throughput is _{Throughput is}key key performance performance requirements

(25)

Ada Software Dev

e

(26)

Why Ada?

♦

♦ Best combination_{Best combination} of language features for high of language features for high reliability and portability

reliability and portability

♦

♦ Strong typing_{Strong typing}

♦

♦ OOP_OOP

♦

♦ MultiMulti--taskingtasking

♦

♦ Exception handling_{Exception handling}

♦

♦ Founder’s familiarity_{Founder’s familiarity} with Ada and frustration with with Ada and frustration with traditional languages

traditional languages

♦

♦ Implementation _{Implementation}based on GCCbased on GCC, best chance for , best chance for ARC target

(27)

Ada Tool Chain

♦

♦ GNAT because GCC targeted ARC_{GNAT because GCC targeted ARC}

♦

♦ Hosts: _Hosts:

♦

♦ Solaris on SPARCSolaris on SPARC

♦

♦ Linux on PC_{Linux on PC}

♦

♦ Targets:_Targets:

♦

♦ Motorola MPC860 (PPC based) for WANMotorola MPC860 (PPC based) for WAN

♦

♦ ARCARC

♦

(28)

Argonaut RISC Core (ARC)

♦

♦ Argonaut, British producer of computer _{Argonaut, British producer of computer}

game technology

game technology

♦

♦ Provided as a _{Provided as a}“soft macro“soft macro” (in VHDL), ” (in VHDL), configurable to customer needs

configurable to customer needs

♦

♦ Basis for Forwarding Engine, Background _{Basis for Forwarding Engine, Background}

Engine and Application Engines

(29)

Modes of Ada Execution

♦

♦ While a multiprocessor product, no _{While a multiprocessor product, no}

distributed execution mode considered

distributed execution mode considered

♦

♦ Instead, _Instead,

♦

♦ Forwarding Engine and Application Engines executes as _{Forwarding Engine and Application Engines executes as}

single task

single task, i.e. no RTOS, i.e. no RTOS

♦

♦ Background Engine application executes with Background Engine application executes with restricted restricted tasking operations

tasking operations, per the , per the Ravenscar ProfileRavenscar Profile

♦

♦ Control information is passed between Engines as special Control information is passed between Engines as special IPC protocol

(30)

Ravenscar Profile

(+)

♦

♦ No task hierarchy_{No task hierarchy}

♦

♦ No dynamic creation of No dynamic creation of protected objectsprotected objects and tasksand tasks

♦

♦ TasksTasks

♦

♦ No entriesNo entries ♦

♦ No abortion nor ATCsNo abortion nor ATCs ♦

♦ No select statementsNo select statements

♦

♦ No userNo user--defined attributesdefined attributes

♦

♦ No dynamic prioritiesNo dynamic priorities ♦

♦ No requeueNo requeue ♦

♦ No formal terminationNo formal termination

♦

♦ Protected Objects_{Protected Objects}

♦

♦ Limited to one entryLimited to one entry ♦

♦ Limited queues to one callerLimited queues to one caller ♦

♦ No requeueNo requeue ♦

♦ Barrier conditions limited to single Boolean variableBarrier conditions limited to single Boolean variable

♦

♦ Interrupt handlers defined through protected procedures_{Interrupt handlers defined through protected procedures}

♦

(31)

Obstacles and

Lessons Learne

(32)

Limitations on Ada Usage

♦

♦ Not usedNot used

♦

♦ Real typesReal types

♦

♦ GotoGoto

♦

♦ Annexes EAnnexes E--HH

♦

♦ Functions returning unconstrained objectsFunctions returning unconstrained objects

♦

♦ Predefined I/OPredefined I/O

♦

♦ Limited use_{Limited use}

♦

♦ Child generic unitsChild generic units

♦

♦ Formal package parametersFormal package parameters

♦

♦ Dynamic slices and aggregatesDynamic slices and aggregates

♦

(33)

Significant Features of Ada

♦

♦ OOP OOP -- Reinforced Reinforced relationshipsrelationships among “modules”, among “modules”,

“interfaces” and “state block”

“interfaces” and “state block”

♦

♦ Root_Storage_Pool type _{Root_Storage_Pool type}-- Supports Supports totaltotal memory managementmemory management

♦

♦ Controlled and Limited_Controlled types _{Controlled and Limited_Controlled types}-- Get Get “closure”“closure” on on

resource usage

♦

♦ Interfacing to C Interfacing to C -- Because there’s Because there’s lotslots of legacy and thirdof legacy and third--party party

software

software

♦

♦ Various Interfaces to hardwareVarious Interfaces to hardware

♦

(34)

Obstacles

/Solutions

♦

♦ Learning Curve_{Learning Curve}

♦

♦ Intensive internal training and advocacy_{Intensive internal training and advocacy}

♦

♦ Incomplete Tool Chain for ARC_{Incomplete Tool Chain for ARC}

♦

♦ GCC consultants to bridge the gap_{GCC consultants to bridge the gap}

♦

♦ Inadequate RTOS _{Inadequate RTOS}-- GNAT RTS and RTEMS GNAT RTS and RTEMS too excessive and non

too excessive and non--unified for ARCunified for ARC

♦

(35)

Other Lessons

♦

♦ Guidelines to guide user through “choices”_{Guidelines to guide user through “choices”}

♦

♦ Budget resources for tool support _{Budget resources for tool support}

♦

♦ Tool chains reflect their legacy_{Tool chains reflect their legacy}

♦

♦ Be supportive to new user through the “niggling” _{Be supportive to new user through the “niggling”} period

period

♦

♦ Watch out for generic foot print_{Watch out for generic foot print}

♦

(36)

Restrict

ed Us

(37)

Our Restricted Ada RTOS

♦

♦ Built to work with _{Built to work with}GNATGNAT

♦

♦ Simplify the functionality of RTOS to only _{Simplify the functionality of RTOS to only}

support

support RavenscarRavenscar--like profilelike profile

♦

♦ Reduce the _{Reduce the}“thickness”“thickness” of layers in GNAT of layers in GNAT RTOS

RTOS

♦

♦ Simply the “kernel” for _{Simply the “kernel” for}bare machinebare machine execution

(38)

Restricted RTOS Organization

Ada application Ada-specific runtime routines RT POSIX compatible Kernel C application

OS binding to Kernel RT-POSIX_{binding to Kernel}

(39)

Restricted RTOS Organization

Ada application Ada-specific runtime routines C application RT POSIX compatible Kernel