STT is another tunneling protocol along the lines of the VXLAN and NVGRE proposals. As with both of those the intent of STT is to provide a network overlay, or virtual network running on top of a physical network. STT was proposed by Nicira and is therefore not surprisingly written from a software centric view rather than other proposals written from a network centric view. The main advantage of the STT proposal is it’s ability to be implemented in a software switch while still benefitting from NIC hardware acceleration. The other advantage of STT is its use of a 64 bit network ID rather than the 32 bit IDs used by NVGRE and VXLAN.
The hardware offload STT grants relieves the server CPU of a significant workload in high bandwidth systems (10G+.) This separates it from it’s peers that use an IP encapsulation in the soft switch which negate the NIC’s LSO and LRO functions. The way STT goes about this is by having the software switch inserts header information into the packet to make it look like a TCP packet, as well as the required network virtualization features. This allows the guest OS to send frames up to 64k to the hypervisor which are encapsulated and sent to the NIC for segmentation. While this does allow for the HW offload to be utilized it causes several network issues due to it’s use of valid TCP headers it causes issues for many network appliances or “middle boxes.â€
STT is not expected to be ratified and is considered by some to have been proposed for informational purposes, rather than with the end goal of a ratified standard. With its misuse of a valid TCP header it would be hard pressed for ratification. STT does bring up the interesting issue of hardware offload. The IP tunneling protocols mentioned above create extra overhead on host CPUs due to their inability to benefit from NIC acceleration techniques. VXLAN and NVGRE are intended to be implemented in hardware to solve this problem. Both VXLAN and NVGRE use a 32 bit network ID because they are intended to be implemented in hardware, this space provides for 16 million tenants. Hardware implementation is coming quickly in the case of VXLAN with vendors announcing VXLAN capable switches and NICs.
Hi Joe,
Nice write up.
Just a couple of drive-by comments:
-STT traffic wouldnt be traversing middle boxes in most cases. Rather, the middle box would likely terminate and originate STT tunnels. And if the middle box is an x86 machine (likely) (virtual or physical) running OVS, no problem.
-Its one thing for a NIC vendor to announce/ship VXLAN aware adapters. That’s a good start. But its another thing to have VXLAN aware LOM (probably still quite a way out). STT works with the common server LOMs we have today.
Brad,
Thanks for dropping by and the comments, both are excellent points. As far as LOM is concerned I agree it will be a while before we see the functionality added there, but in the meantime a decision can be made to add a VXLAN capable NIC or accept the performance overhead of losing LSO and LRO capabilities on the NIC.
Joe
Great stuff as always Joe!
Hi to every one, because I am actually keen of reading this webpage’s post to be updated regularly.
It carries nice stuff.
This is my first time visit at here and i am truly pleassant
to read all at single place.
L’ astuce Rate of growth Beach représente enfaite este générateur sur internet qui vous-même générera parfois des
ressources durante illimité.
Des diamants peut également être utilisé ici pour increaser
vos réserves de Calcul.
There are installed many agario android mobile phone
app most of options buggy or perhaps is to an easy task to play with no
features of browser variation.
nuclear familyZipXrevolting disgusting twoisrevolting disgustingextended familytwo twonuclear familyrevolting disgustingarevolting disgustingextended familytwofive hundred
five hundredtwonuclear familyrevolting disgustingsinglerevolting disgustingnuclear familytwo five hundrednuclear
familyagariorevolting disgustingextended familytwo extended familybotrevolting disgustingfive hundred five hundredextended familyrevolting disgustinghackrevolting disgustingtwofive hundred five hundredtwonoextended
family obtain five hundredextended familyforrevolting disgusting cases, but
twonuclear familyextranuclear family five hundredEnglishrevolting disgustingnuclear familytwo parts five hundredtwonuclear
familyrevolting disgustingwillrevolting disgustingnuclear familytwofive hundred five hundredtwonuclear familyBurnextended family all the five
hundredinhabitants five hundredtwoextended familyrevolting disgustingandrevolting disgustingfive hundred features five hundredtwogotnuclear familytwofive hundred five hundredextended familyinrevolting disgustingtwofive hundred twoaextended familytwofive hundred revolting disgustingbulkrevolting disgusting
anything revolting disgustingblood.
Hi there all, here every person is sharing these kinds of familiarity, therefore it’s nice to read this weblog, and I used to pay a quick visit this blog daily.
Admiring the time and effort you put into your website and in depth information you present.
It’s good to come across a blog every once in a while that isn’t the same outdated rehashed material.
Fantastic read! I’ve saved your site and I’m adding your RSS feeds to my Google account.
Helâ…¼o, i thÑ–nk that i saw you visited my blog so i came to return the favor.I’m
tгying tß‹ find things tο improve my website!Ó
suppose its oÒ to use somе оf yοur ideas!!