Upgrade to Pro — share decks privately, control downloads, hide ads and more …

eQUIC Gateway: Maximizing QUIC throughput using a Gateway Service based on eBPF + XDP

Gustavo Pantuza
September 02, 2021

eQUIC Gateway: Maximizing QUIC throughput using a Gateway Service based on eBPF + XDP

Paper presented at: ISCC 2021

Abstract:
QUIC protocol is considered an experimental environment and a straight forward evolution of the TCP protocol. Applications created on top of QUIC demonstrate being more efficient than the regular HTTPS stack. Computational offload to kernel space is used as performance optimization for modern applications and brings with it a series of architectural and algorithmic challenges. This work presents eQUIC Gateway, a kernel space module that filter packets based on real time information exchanged with a user space
QUIC application. Throughout kernel offload technique for filtering packets, eQUIC Gateway increased the packets throughput in 30.9%, reduced 65% of the average HTTPS request duration under attack and reduced by 26.4% the CPU time consumed for filtering packets. The source code of eQUIC Gateway is public available on Github.

Keywords:
Network Reliability, Quality of Service, Web Services, Service Oriented Architectures, Network Design

Project source code:
https://github.com/pantuza/equic

Gustavo Pantuza

September 02, 2021
Tweet

More Decks by Gustavo Pantuza

Other Decks in Research

Transcript

  1. eQUIC Gateway:
    Maximizing QUIC Throughput using a
    Gateway Service based on eBPF + XDP
    Gustavo Pantuza, Marcos Augusto M. Vieira, Luiz Filipe M. Vieira
    26th IEEE Symposium on Computers and Communications
    Athens, Greece, September 5-8, 2021
    IEEE ISCC 2021

    View Slide

  2. Agenda
    ■ Introduction
    ■ QUIC protocol
    ■ XDP + eBPF
    ■ eQUIC
    ■ Experiments
    ■ Results
    ■ Future work
    ■ Conclusion

    View Slide

  3. Introduction
    ■ Tail at scale (2013)
    ■ Pluginizing QUIC (2019)
    ■ AccelTCP (2020)
    ■ Making QUIC quicker (2020)
    Image extracted from Cloudflare blog:
    https://blog.cloudflare.com/content/images/2018/07/[email protected]

    View Slide

  4. Introduction
    ■ Kernel bypass
    ■ Nic Offload
    ■ Kernel offload

    View Slide

  5. QUIC protocol
    ■ Being tested since 2012
    ■ Evolution for TCP
    ■ Good results for HTTPs applications

    View Slide

  6. QUIC protocol

    View Slide

  7. XDP + eBPF

    View Slide

  8. eQUIC

    View Slide

  9. eQUIC
    lsquic
    ■ Implemented on top of lsquic
    ■ User space library (c lang)
    ■ Kernel space module (eBPF)
    ■ eBPF map
    ■ Quota control

    View Slide

  10. eQUIC

    View Slide

  11. Experiments ■ 1 Server
    ○ HTTPs application over QUIC
    ○ eQUIC module
    ■ 8 Clients
    ■ Request throughput (reqs/s)
    ■ Request latency (ms)
    ■ CPU usage (µs)

    View Slide

  12. Results

    View Slide

  13. Results

    View Slide

  14. Results

    View Slide

  15. Results

    View Slide

  16. Results

    View Slide

  17. Future work
    ■ implement QUIC encryption offload
    ■ Other gateway services (rate limiting,
    authentication, authorization, ...)
    ■ kernel space as programmable data plane
    eQUIC
    g a t e w a y

    View Slide

  18. Conclusion
    ■ +30.9% request throughput
    ■ -65% average request duration
    ■ -26.4% CPU usage for packet filtering
    ■ -89% less system calls
    eQUIC
    g a t e w a y
    https://github.com/pantuza/equic

    View Slide

  19. eQUIC Gateway:
    Maximizing QUIC Throughput using a
    Gateway Service based on eBPF + XDP
    Gustavo Pantuza, Marcos Augusto M. Vieira, Luiz Filipe M. Vieira
    26th IEEE Symposium on Computers and Communications
    Athens, Greece, September 5-8, 2021
    IEEE ISCC 2021

    View Slide