Let's now speak about data-plane programmability using P4. I want to start doing that by going through an example.
Prof. Laurent Vanbever, Georgette Weingärtner (Scribe 1)
Let's now speak about data-plane programmability using P4. I want to start doing that by going through an example.
In this example, we'll look at how we can implement a router in P4. We'll use this topology where we three routers, two that act as gateway to two different Local Area Networks (LAN), and one that route traffic in-between them. Hosts on the left LAN use IP addresses in 1.2.3.0/24, while hosts on the right LAN use IPs in 5.6.7.0/24.
P4 is all about defining the forwarding behavior of a router, not the routing behavior. The latter is left to routing protocols like OSPF or BGP. It's OSPF or BGP that will tell you where to forward each prefix. What P4 tells you is when a packet enters the switch on a port what should happen to it before it leaves the router on another port.
When forwarding an IP packet, the router essentially performs four simple actions. The first one is that it needs to perform a lookup in order to figure out what is the next hop. Then the router needs to update the MAC addresses. Remember, in layer 2, the MAC addresses change on each link. Then the router needs to decrement the TTL. And then the router needs to finally forward the packet on the output port.
We need to implement each of these steps in P4.
A P4 program essentially is composed of three parts: a parser, a match action pipeline, and then a deparser.
The parser, as the name indicates, specifies essentially the headers that you have to extract from the packet in order to do the logic that you need. What do I need to extract in my example? Well, I need to extract the Ethernet header because I need to update the MAC addresses. I also need to extract the IP header because I need to do an IP lookup. So in order to implement the router, I need at least to extract the Ethernet header and the IP header. If you wanted to implement the firewall, you would also extract the TCP and UDP headers so that you can also match on the port numbers to drop accordingly.
The parsed fields will then go through what is known as a match-action pipeline.
This match-action pipeline will apply the logic you define onto the extracted headers. The logic typically relies on table lookups to figure out what to do depending on specific field values. The logic can add headers, modify them, or remove them.
Finally, you need to put everything back together; you need to re-serialize the packets before putting it on the output wire. This step is the exact opposite of the parser. It's really about specifying how the output packet now will look like.
In P4, all these steps are packed together into the equivalent of a main method. You can see there are a few other things I'm skipping for now, we'll come back to them a bit later in the course.
From a syntax viewpoint, P4 is very close to C. It's quite a simple language. It's also very constrained in what it can do. Why so? Well, you have to think that you need to these P4 programs at line rate, possibly at terabits per second, so you really only have a few nanoseconds per packet to do processing before the next packet hits you. So you cannot start with fancy computation there. You are limited by design.
When you buy one of these switches, when you take it out of the box it cannot do a single thing. It cannot forward any packet. It does not know what the packet is. As you will see in the P4 code, we have to define what is the Ethernet header. What are the bits in the Ethernet header? Where is the source address, where is the destination address?
It may look like a lot of work but what it allows you to do is then to actually define your own protocol. So there are people who are using these switches for instance in special contexts like high frequency trading where instead of having IP destination there you could use stock ID, for instance. This is just one example. But it's just to tell you that you are not bound by having Ethernet and IP and TCP and UDP. You can create whatever you want!
So it gives you a lot of flexibility. You could create IPv5, IPv8, IPv10. If you wanted to do that without P4, the alternative would be to go and knock at the routing vendors doors and say, would you mind implementing me a switch that can forward this arcane protocol that no one cares about except me? Of course, they will say no to you.
Let me now switch to the code, and I will show you how it looks like.
