
Protocol Independent Switch Architecture - rmurthy716
https://barefootnetworks.com/white-paper/the-worlds-fastest-most-programmable-networks/
======
unwind
Pet peeve: when talking about a new programming language in a technical
context, show some code!

But the super-long page of course doesn't, and neither does the Wikipedia page
[1]. Also the CODE-tab on the P4 site [2] fails at first glance ... getting
frustrating but I bet the site is the right place to dig. Hang on ... Aha, it
was on the front page! THANK YOU, P4 web people!

Here's a snippet, then:

    
    
        table routing {
          reads {
            ipv4.dstAddr : lpm;
          }
          actions {
            do_drop;
            route_ipv4;
          }
          size: 2048;
        }
    
        control ingress {
          apply(routing);
        } 
    

I don't know anything about large-scale network programming, but at least it's
nice to get a hint of the concepts that the language deals with. Makes it more
concrete, to me.

1:
[https://en.wikipedia.org/wiki/P4_(programming_language)](https://en.wikipedia.org/wiki/P4_\(programming_language\))
2: [http://p4.org/code/](http://p4.org/code/)

------
hueving
Wow, this article is extremely disingenuous with the notion that P4 is the
first vendor-agnostic way to control forwarding behavior in switches. OpenFlow
has been around for years now and is a vendor agnostic way to control
forwarding behavior and it allows packet injection as well.

I get that a startup has to pretend this is a huge foundational advancement,
but P4 is really an incremental improvement to the state of SDN that openflow
brought. Disappointing that they don't even acknowledge it once.

~~~
insaneirish
OpenFlow and P4 address different levels of abstraction in switching.

OpenFlow (in its original form, for simplicity's sake) says "Hey, we have a
match/action table with these 12 fields. Here's a way to put stuff in those
fields and the switch will match and act accordingly."

P4 says "Hey, we have this piece of programmable silicon. Feel free to define
the sorts of tables you want, the protocols you want to switch on, and we'll
then give you tables and an API to program."

You can write an OpenFlow pipeline in P4.

Also, maybe take a look at the original OpenFlow paper [1] and the original P4
paper [2]. Nick McKeown, one of Barefoot's cofounders, is an author on both.

[1]:
[http://ccr.sigcomm.org/online/files/p69-v38n2n-mckeown.pdf](http://ccr.sigcomm.org/online/files/p69-v38n2n-mckeown.pdf)
[2]:
[http://yuba.stanford.edu/~nickm/papers/v44n3k2-bosshartA.pdf](http://yuba.stanford.edu/~nickm/papers/v44n3k2-bosshartA.pdf)

~~~
hueving
Yes, different levels of abstraction but P4 is not a foundational beginning of
SDN like this post makes it out to be.

Packet injection, etc were already possible with OpenFlow and this article
pretends P4 is the first thing to enable that.

P4 can certainly allow much more than openflow, but some of the use cases this
article pretends like P4 is the first to solve were already solved by
openflow, etc.

------
supahfly_remix
Can this handle IP fragmentation? I know it can process layer 3 headers (or
layer 4, etc.) but am wondering about other layer 3 functionality.

~~~
noncoml
AFAIK fragmentation is usually not a problem for switches/routers.

Reassembly could be, but luckily it doesn’t happen on the switch/router, but
on the end host.

~~~
supahfly_remix
According to wikipedia, routers do it. Is this wrong? (Sincerely asking not
begin argumentative)

[https://en.wikipedia.org/wiki/IP_fragmentation](https://en.wikipedia.org/wiki/IP_fragmentation)

    
    
        In IPv4, routers perform fragmentation, whereas in IPv6, routers do not fragment, but drop the packets that are larger than their MTU.

~~~
rnxrx
Routers absolutely do fragment packets (...at least those that don't have the
DF bit set) but it's up to the receiving host to reassemble the fragments.

------
hodgesrm
Maybe I missed it but where's the discussion of security issues and how to
prevent code tampering within programmable switches? It's great to be able to
program the data plane on demand to trace problems but this also opens up a
huge opportunity for technically astute evildoers. I would expect at the very
least to see some discussion of risks as well as possible solutions like code
signing or secure enclaves but this seems to be absent from both the white
paper as well as the cited sources.

In contrast other efforts on networking like Martin Casado's Sane work [1] and
OpenFlow [2] explicitly addressed security issues up front.

[1]
[http://yuba.stanford.edu/ethane/sane.pdf](http://yuba.stanford.edu/ethane/sane.pdf)
[2] [http://archive.openflow.org/documents/openflow-wp-
latest.pdf](http://archive.openflow.org/documents/openflow-wp-latest.pdf)

~~~
sargun
Switches are already programmable to a degree. This is out of scope -- and
yes, it's slightly worse than the existing story, but not that much worse. I
believe, as a community, we've decided that trusting the transport is a bad
idea.

~~~
hodgesrm
You are of course right that switches are partially programmable but I don't
think believe the argument about never trusting the transport really holds up.

First, getting code into the data plane opens up the entire network to new
attacks or at least makes them far easier. For instance, just knowing the
bytes that are traversing the network gives you a lot of information about
what applications are doing, regardless of application encryption. [See
[https://news.ycombinator.com/item?id=14070130](https://news.ycombinator.com/item?id=14070130)
for an enjoyable discussion.] In short this would undo the benefits of
strategies like micro-segmentation.

Second, a lot of backend traffic is unencrypted because managing the crypto
infrastructure (e.g., managing X509 certs, keeping up ciphers, staying fully
patched) is a pain in the tail when you have communication between hundreds or
thousands of services. Individual services can do it, yes, but as far as I can
tell there's no general solution for managing application-level security
across diverse services. My current employer is pretty sophisticated about
enterprise security but we really struggle with this problem. At some point
you just say some parts of the network are trusted.

~~~
hodgesrm
p.s., Did I mention denial-of-service attacks? All you need is intermittent
failures in packet forwarding to sow chaos.

------
noncoml
How does Barefoot plan to position themselves?

Do the plan to compete had to head with Cisco and Arista in the datacenter
segment with this switch?

Or do they see themselves more as Broadcom competitors, and the their switch
is a reference implementation for their chips?

~~~
ktta
There's a section 'Is Barefoot a systems company, a software company or a chip
company?'[1] which talks about this.

[1]:[https://barefootnetworks.com/white-paper/the-worlds-
fastest-...](https://barefootnetworks.com/white-paper/the-worlds-fastest-most-
programmable-networks/#p9)

------
ribs
NVIDIA for networks sounds like a good pitch.

------
youdontknowtho
"the networking team only had ping and traceroute"

Thats idiotic. There have been lots of ways to generate health, performance,
and usage signals for years. Netflow being a huge omission.

this is marketing.

~~~
sargun
No. Netflow makes it very difficult to capture tail latencies, and outliers.
Netflow's aggregate model makes it very hard to detect things like buffers
falling over, and making intelligent decisions based on that.

~~~
youdontknowtho
There are also on-box perf counters that can be read via SNMP...

My point is that a networking department for a wall street firm would know
that there were more tools available than ping and traceroute.

------
lucozade
I thought that was a very well written whitepaper: clearly explains the
problem, why it needs solving, what their solution is and why it's a good
solution.

Very nice piece of semi-technical writing.

------
justinjlynn
There's a spelling mistake on the architectural diagram (figure two): "PRASER"
instead of "PARSER", I assume.

------
cryptonector
But can you generate ICMP DF-set-and-fragmentation-needed packets with this?

~~~
pyvpx
the control (or management) plane generates packets. a dataplane does not
generate packets; it ingests and expels packets.

~~~
cryptonector
And THIS is why people disable ICMP generation on routers. Which then breaks
any systems that don't implement ICMP-less PMTUD. Ugh!!

------
Animats
Tried to watch the video about P4 at p4.org, but it failed with

    
    
        http://p4.org/html5boxplayer.swf - 404 not found
    

The P4 language is interesting. There are little programs, like shaders, which
run for each packet. Presumably many units are running these programs in
parallel. These programs can read tables set by the "control plane", a more
conventional CPU, and can pass a packet to the control plane. That's similar
to large routers today, but here, the lower level hardware is more flexible.

It seems sufficient for writing a router, but not, say, a stateful middlebox
like a firewall or a SSL/TLS decoder. It seems designed for "software defined
networking". The P4 programs detect that a packet isn't in a table that tells
what to do with it, and pass that packet to the control plane. The control
plane sets a table to handle routing for that flow, and, thereafter, packets
from that flow are handled by the low-level system.

This is a threat to Cisco, Brocade, etc. in that it defines a generic
architecture for commodity routing hardware.

~~~
exikyut
The play button image is actually a link to [http://p4.org/wp-
content/uploads/2015/04/p4-demo-video-full....](http://p4.org/wp-
content/uploads/2015/04/p4-demo-video-full.mp4) [mp4; 41,439,148 bytes]

I don't have Flash (using Chromium; never installed it), so the page used
HTML5. Looks like they need to invert the prioritization!!

~~~
Animats
It's a PowerPoint/Flash presentation, blown up to 41MB by making it into a
video. It's essentially the same content as the P4.org paper.

~~~
exikyut
_...Right._ I had no idea. Heh.

------
ramshanker
TLDR: Barefoot’s Tofino is a 6.5Tb/s (65 x 100GE or 260 x 25GE) fully user-
programmable switch.

------
mosselman
Scroll hijacking 2.0. We capture your scroll and make it impossible for you to
go back to HN quickly because every scroll action was performed as a
navigation action and pushed to your history...

~~~
agumonkey
Thanks for avoiding me a bit of cringe.

Here's a nice "readable" version
[https://app.printfriendly.com/print?source=homepage&url_s=uG...](https://app.printfriendly.com/print?source=homepage&url_s=uGGCF_~_PdN_~_PcS_~_PcSonErsBBGArGJBExFmpBz_~_PcSJuvGr-
CnCrE_~_PcSGur-JBEyqF-snFGrFG-zBFG-CEBtEnzznoyr-ArGJBExF_~_PcS)

------
QAPereo
PISA... Tofino... Capilano... I detect a theme.

~~~
mst
"Names including the letter i", right?

