Performance Evaluation of Virtual Routers in Para-virtual Environment 1. Abhishek Bajaj abhishek.bajaj@iiitb.net 2. Anargha Biswas anargha.biswas@iiitb.net 3. Ambarish Kumar ambarish.kumar@iiitb.net 4. Deepak Porwal deepak.porwal@iiitb.net 5. Kirti Wadehra kirti.wadehra@iiitb.net Technical Report IIITB-OS-2010-03a April 2010 1
ABSTRACT Network virtualization is a networking environment that allows us to provide multiple heterogeneous virtual networks that co-exists together in isolation with each other. It is important since, it can increase the performance, flexibility, and security of a network. A single machine can be used to create multiple instances of routers. In this paper we evaluate the performance of virtual router in both paravirtualization and full - virtualization. In para-virtualization we evaluate the performance of single as well as multiple routers on XEN hypervisor. The full virtualization, router performance is evaluated on Virtual Box (x86 Virtualization software package). Based on these evaluation it is observed that performance of para-virtualization is better than full-virtualization. Project URL: https://osproject3a.svn.sourceforge.net/svnroot/osproject3a/ 2010 abhishek bajaj, anargha biswas, ambarish kumar, deepak porwal, kirti wadehra. This material is available under the Creative Commons Attribution- Non-commercial-Share Alike License. See http://creativecommons.org/licenses/by-nc-sa/3.0/ for details 2
INDEX 1. Technical definition and Introduction 4 1.1 Network Virtualization 4 1.1.1 Full virtualization 4 1.1.2 Para virtualization 4 1.2 XEN 5 1.2.1 Virtualization in XEN 5 1.2.2 XEN advantages 5 1.2.3 XEN architecture 6 2. Similar Efforts 8 3. Gap Analysis 9 4. Experimental Setup 9 4.1 Router Configuration of host OS in Para Virtual Environment 9 4.2 Router Configuration of guest OS in Para Virtual Environment 10 4.3 Router Configuration in full Virtual Environment 5. Testing and Experimental Results 11 6. Conclusion 14 7. Future Work 15 8. References 15 3
1. Technical Definition and Introduction 1.1 Network Virtualization Virtualization hides the physical characteristics of a computing platform from users, instead showing another abstract computing platform. Network virtualization is a network environment that allows multiple service providers to dynamically compose multiple heterogeneous virtual network that co exists together in isolation from each other and display customized end to end services on the fly as well as manage them on those virtual network for that end users by effectively sharing and utilizing underlying network resources leased from infrastructure providers [2]. There are several ways to implement virtualization. Two leading approaches are full virtualization and Para-virtualization [1]. 1.1.1 Full Virtualization Full virtualization provides total abstraction of the underlying physical system and creates a complete virtual system in which the guest operating system can execute. No Modification is required in the guest operating system or application; the guest OS or application is not even aware that it is running within a virtualized environment. The guest OS executes on the VM just as they would on a physical system. This approach can be advantageous because it enables complete decoupling of the software from the hardware. Full virtualization provides complete isolation of different virtualized applications, which makes this approach highly secure by design. Microsoft Virtual Server and VMware ESX Server are examples of full virtualization [1]. 1.1.2 Para-Virtualization In contrast, Para-virtualization presents each virtual machine with an abstraction of the hardware that is similar to but not identical to the underlying physical hardware. Para-virtualization attempts to provide most services directly from the underlying hardware instead of abstracting it. Para-virtualization allows for nearnative performance. Para-virtualization requires modifications to the guest operating systems that are running on the VMs. As a result the guest operating systems are aware that they are executing on a VM [3]. 4
1.2 XEN Xen is a virtual-machine monitor for IA-32, x86-64, Itanium and PowerPC 970 architectures. It allows several guest operating systems to execute on the same computer hardware concurrently. Xen systems have a structure with the Xen hypervisor as the lowest and most privileged layer. Above this layer come one or more guest operating systems, which the hypervisor schedules across the physical CPUs. The first guest operating system, called in Xen terminology "domain 0" (dom0), boots automatically when the hypervisor boots and receives special management privileges and direct access to all physical hardware by default. The system administrator can log into dom0 in order to manage any further guest operating systems, called "domain U" (domu) in Xen terminology [2]. 1.2.1 Virtualization in Xen Xen is a virtualization system supporting both para-virtualization and hardwareassistant full virtualization 1.2.2 XEN Advantages XEN offers a number of advantages in both para-virtualized and fully virtualized environments. Para-Virtualization (PV) 1) High performance (claim to fame) 2) High scalability 3) Uses a modified Operating System Hardware-assisted full virtualization (HVM) 1) Leading hardware vendors to enhance virtualization in x86 architecture. 2) Uses an unmodified Operating System 5
1.2.3 XEN Architecture Figure 1 The various components in the XEN architecture are as follows: 1) Xen Hypervisor The Xen hypervisor is the basic abstraction layer of software that sits directly on the hardware below any operating systems. It is responsible for CPU scheduling, memory partitioning of the various virtual machines running on the hardware device and controls the execution of virtual machines as they share the common processing environment as shown in figure 1. 2) Domain 0 It is unique virtual machine running on the Xen hypervisor that has special rights to access physical I/O resources as well as interact with the other virtual machines running on the system. All Xen virtualization environments require Domain 0 to be running before any other virtual machines can be started. 3) Domain U All para-virtualized virtual machines running on a Xen hypervisor are referred to as Domain U PV Guest. All fully virtualized machines running on a Xen hypervisor are referred to as Domain U HVM Guests. The Domain U PV Guest virtual machine is aware that it does not have direct access to the hardware and recognizes that other virtual machines are running on the same machine. The 6
Domain U HVM Guest virtual machine is not aware that it is sharing processing time on the hardware and that other virtual machine are present [5]. Xen has 3 virtual network modes: 1) Bridging Some of the features of the bridging mode are as follows: a) DomUs are (transparently) on the same network as dom0. b) Default network mode for Xen c) No need to do anything if guest has network interface d) Bridge-utils used to set up a software bridge in dom0 2) Routing mode Some of the features of the routing mode are: a) Guest domains sit behind dom0. Packets are relayed to the network by dom0. b) xend configuration modified to: (network-script network-route) (vif-script vif-route) c) Guest's gateway set to dom0's IP d) Xen uses iptables in dom0 to set up the software router 3) NAT mode Some of the features of the NAT mode are: a) Guest domains hide behind dom0 using dom0's IP for external traffic. b) xend configuration modified to: (network-script network-nat) (vif-script vif-nat) c) iptables in dom0 used to do the NAT translation [5]. 7
2. Similar Effort The idea of using virtualization in networks is not new and there are several approaches in this research area. The motivation behind these researches is to make us understand the importance of network virtualization. IP: X-BONE The X-Bone was first proposed as a system for the rapid, automated deployment and management of overlay networks using encapsulation to enable virtual infrastructure. It virtualizes all the component of the Internet i.e. hosts, routers and links between them. A single network node may participate as virtual host (VH), virtual router (VR) or multiple of them simultaneously in a VI. VHs act as data sources and sinks, while VRs act as data transits [4]. ATM: TEMPEST The Tempest is a network control architecture that allows multiple heterogeneous control architectures to run simultaneously over single physical ATM network. It is defined as a set of policies, algorithms, mechanisms, and protocols to control and manage various devices on the network following the open signalling school of thought of network programmability. It is based on the concept of switch lets, which allows a single ATM switch to be controlled by multiple controllers by strictly partitioning the resources of that switch between those controllers. The set of switch lets that a controller or group of controllers possess forms its virtual network. Virtualization of routers has been investigated in different contexts and is already available in commercial products.the application of system virtualization to routers has been investigated. Performance challenges were identified that have to be tackled when virtual routers are based on the popular XEN hypervisor. In contrast to these related virtualization investigations. This work analyzes the network model emerging when the method of system virtualization is applied to the core network infrastructure. 8
3. Gap Analysis A lot of work has been done in the field of virtualization which has been described in detail in the similar effort section. Till now the focus has been primarily on full virtualization technology. In this project we are concentrating on paravirtualization since it accounts for better performance and speed in contrast to full virtualization. Also we intend to carry out a comparative study of these two virtualization technologies w.r.t their performance in a networking environment. This basically means that we set up the 2 environments, configure the host into a router or use an open source router and allow the guest OSs to communicate with each other. This kind of a network is actually a good parameter or environment to perform a comparative study of the two virtualization technologies. It will test the two in terms of performance, security and speed. The results of this study can help one in taking a decision on the type of virtualization technology to be used for different types of applications. 4. Experimental Setup 4.1 Router Configuration of host OS in para-virtual environment The router configuration for host OS is described. The steps taken for configuration of router are as follows: 1. Disabling the bridge mode and setting up the bridge to the physical network e.g eth0. 2. Setting up the private network i.e assigning IPs to host as well as guest OS. 3. Changing the firewall settings for br0 and br1 so as to allow the traffic from br0 and br1 to the external and internal network. 4. ipv4 forwarding has been set to 1 to have the router properties. 5. Create an alias of the port so as to communicate to network in different subnets. 6. Assign the default gateway for routing of incoming packets. 9
4.2 Router Configuration of guest OS in para-virtual environment 1) Since the router needs to Ports. So port aliasing which is done as follows ifconfig eth0:0 <ip number> netmask 255.255.255.0 broadcast <ip broadcast> 2) Ipforwarding command to be written in the following file vi /etc/sysctl.conf net.ipv4.conf.default.forwarding=1 3) At terminal write sysctl w /net/ipv4/ip_forward=1 4) Adding of subsequent gateways to be added so that it is forwarded to the next router. Write following command at terminal route n add default gateway <ip_number of next router> 4.3 Router configuration in full virtual environment For full virtualization, Acer aspire 4736 system having 3GB ram,320gb hard-disk and 2.0 GHz core 2 duo Intel processor acts as Hardware platform. An x86 virtualization software package, VirtualBox 3.1, was selected to have setup for Virtualized Environment. OpenSuse 11.1 acts as Host OS on which virtualization software package was installed. Fedora 10 and OpenSuse 11.1 was installed as guest OS on Virtualization software package. Host OS has been configured into virtual router following the steps as given in VirtualBox manual for network setup. Both Guest OSs has been configured into bridge mode. Virtual Router has been assigned two different IP for two different interfaces which it has on two different subnet mask. One guest OS has been assigned IP on one subnet mask, while second guest OS on other. And ipv4 forwarding has been set to 1 to have the router properties. 10
For testing purpose, a constant bit rate of traffic was generated from one guest OS and routed through router (Host OS) to other guest OS with an increasing packet rate of 2Mbits. Traffic was generated with this rate for 10 seconds and repeated two times. The rate for each 10 second burst was observed on the guest and the mean of the two readings was calculated. 5. Testing and Experimental results The performance of this virtual router in different traffic conditions and with different data rates using data generators has been evaluated and the results were compared with the performance of a native linux router. For comparing the performance of single virtual router with multiple routers, some other guests OSs are configured into router having different sub-net masks with respect to the native router. A comparative study of the performance of routers in full virtual environment as well as in para-virtual environment is also done to evaluate the working of the two virtualization technologies with respect to network parameters namely, throughput and jitter. The data generator used is Iperf. Iperf is a network performance measurement tool that measures the TCP Throughput of the network. It allows the user to set various parameters that can be used for testing a network, or alternately for optimizing or tuning a network. The reading is taken using Jperf, the graphical front end of Iperf. The results obtained is plotted in Matlab and presented. 11
The Performance Analysis is displayed in Graphical form: 2.5 2.45 2.4 T h r o u g h u t i n G b 2.35 2.3 2.25 2.2 2.15 Router in ParaVirtual Native Router 2.1 500 510 520 530 540 550 560 570 580 590 Packet Size in MB Figure 2 Comparison of performance of single router and native router Figure 2 shows the graph for performance comparision between single virtual router in para-virtual environment and native linux router. By this graph we can easily interpret that the performance of single virtual router is nearly equal to native router. 12
2.5 2.45 2.4 T h r o u g h p u t i n G b 2.35 2.3 2.25 ONE ROUTER TWO ROUTER THREE ROUTER 2.2 2.15 2.1 500 510 520 530 540 550 560 570 580 590 Packet Size in MB Figure 3 Comparative study of performance of single and multiple routers Figure 3 is the graph showing performance comparision of single virual router to the multiple virtual router in para-virtual environment. By this graph we can analyse that as we increase the number of router the performance of router decreases. 13
2.5 2.45 2.4 T h ro u g h u t i n G b 2.35 2.3 2.25 2.2 2.15 ParaVirtual FullVirtual 2.1 500 510 520 530 540 550 560 570 580 590 Packet Size in MB Figure 4 Comparison of performance of single router in full virtual and para virtual environment. Figure 4 shows the graph for performance comparison between single virtual router in para-virtual and full-virtual environment. The performance of paravirtual router is better than full-virtual router. 14
6. Conclusion Comparative study has been done in full and para-virtual environment. Performance of virtual router in para-virtual environment is more than fullvirtual environment in terms of throughput. Also the study of single virtual router with multiple virtual routers is done in para-virtual environment. It is observed that as we increase the number of DomU (guest OS) on the XEN hypervisor the performance decreases. i.e. performance is less in case of multiple routers. With the help of comparative study on full and para-virtual environment one can identify that para-virualization is much better than full virtualization. 7. Future work Performance (in terms of resource utilization) of multiple routers can be checked using TOP command. Once we have the individual router s resource utilization we can analyse the traffic intensity or load on those routers. The traffic from the router, which is using more resources, should be routed through less heavy router (router which is using less resource). In this way resources can be used in efficient manner. Also the packets can be transferred at the earliest, thereby less delay. Hence the resources are used to the maximum extent and less delay in delivering the packets. 15
8. References [1] Andreas Berl1, Andreas Fischer1, Hermann de Meer1, Alex Galis2, and Javier Rubio-Loyola3, Management of Virtual Networks, University College of London. [2] Mosharaf Chowdhury, Network virtualization present and future, University of Waterloo, May 2008. [3] N.M Mosharaf Chowdhury, Raouf Boutaba, Survey of Network Virtualisation,University of Waterloo. [4] Florian Baumgartner, Torsten Braun, Virtual Routers A tool for networking Research and education, Universitat Bern. [5] P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R.Neugebauer, I.Pratt, and A.Warfield, Xen and the art of virtualization, in 19th ACM Symposium on Operating Systems Principles. ACM Press, October 2003. 16