Hacker News new | past | comments | ask | show | jobs | submit login

Snabb Switch looks awesome.

Is there a list of "things" (not sure of the terminology?) people have built with it?

I guess the downside is that you can't virtualize it (I realize that is kind of the point, but it does reduce the accessibility of it).

I'm the Snabb Switch originator.

The project is new: I and other open source contributors are currently under contract to build a Network Functions Virtualization platform for Deutsche Telekom's TeraStream project [1] [2]. This is called Snabb NFV [3] and it's going to be totally open source and integrated with OpenStack.

Currently we are doing a lot of virtualization work from the "outside" of the VM: implementing Intel VMDq hardware acceleration and providing zero-copy Virtio-net to the VMs. So the virtual machine will see normal Virtio-net but we will make that operate really fast.

Inside the VMs we can either access a hardware NIC directly (via IOMMU "PCI passthrough") or we can write a device driver for the Virtio-net device.

So, early days, first major product being built, and lots of potential both inside and outside VMs, lots of fantastic products to build with nobody yet building them :-)

[1] http://blog.ipspace.net/2013/11/deutsche-telekom-terastream-...

[2] https://ripe67.ripe.net/archives/video/3/

[3] https://github.com/SnabbCo/snabbswitch/blob/snabbnfv-readme/...

How about this use case: I have a ChromeCast on my home network, but I want sandbox/log its traffic. I would want to write some logic to ignore video data, because that's big. But I want to see the metadata and which servers it's talking to. I want to see when it's auto-updating itself with new binaries and record them.

Is that a good use case for Snabb Switch, or is there is an easier way to accomplish what I want?

That sounds pretty reasonable to me.

If you can express how you want to filter with a fancy pcap-filter expression the tcpdump is the easy answer. Otherwise you might want to code it up in Lua with snabbswitch.

Here is our basic trace store/replay library today: https://github.com/SnabbCo/snabbswitch/blob/master/src/lib/p...

OK and I forgot to say I might want to deny some traffic... like disable auto updates but still allow it to contact other servers to play video. AFAIK tcpdump doesn't let you do that.

Thanks for the very cool project! I will have to learn more about it.

I'm clueless, so I'll just ask: is this made for software-defined networking?

No. Honestly, software defined networking is the idea of replacing all of your networking staff with a very clever distributed Java program. Half the world thinks this is genius and the other half thinks it's a facepalm.

Network Functions Virtualization is the idea of replacing networking boxes (Cisco, Juniper, Ericsson, F5, ...) with virtual machines running on your own PCs. This is basically a "private cloud" but with emphasis on doing networking in a way that doesn't annoy ISPs.

Rest assured that Software Defined Networking will be redefined to mean whatever the next good technology turns out to be :-)

That's interesting because i have always thought SDN are what you are describing as NFV.

Another downside is that if you do networking in userspace, portability becomes your problem. If you do TCP/IP in the kernel, it works on nearly everything: just about any brand of Ethernet card, and even exotic non-Ethernet stuff (ISDN, whatever). If you do it in Snabb Switch, according to the wiki it currently supports exactly one class of interface: Intel-branded ethernet cards. Of course, I expect that will expand, but each one of these user-space networking stacks will have to ship with its own complete driver set to reach the same level of portability.

True. Or we might end up sharing drivers between projects too.

In my experience high-end systems choose hardware to match software, so you only need to support one suitable option. The main reason we would add support for a new NIC is if it turns out to be better in some way e.g. as Mellanox support 40G now and Intel don't.

In Snabb Switch have a lot of 10G/40G NICs online for people to play with now: https://groups.google.com/d/msg/snabb-devel/PXOsv0uLQCE/HjPj...

Realistically that isn't much of an issue. If you are doing something at this level, you pick your hardware for the task. You don't need to support every random old dell PC someone wants to use like a general purpose OS has too (linux, the BSDs, etc). And of course, intel cards are not hard to find.

Some NICs support virtualizing raw hardare access, so there's no fundamental reason for why Snabb couldn't support it. Just a simple matter of programming (and last I heard it was high on the priority list, so the support might even be there by now).

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact