• Solaris |
    Tuesday, April 29, 2014

Priority flows and socket level flows in Solaris 11.2

A brief bit of background first - Crossbow flows have been there since Solaris 11. flowadm(1M) and flowstat(1M) are the admin commands. flowadm(1M) is used for enforcing bandwidth limit on a service by creating a flow and setting 'maxbw' property on it. flowstat(1M) is used to observe the traffic on the flow. Note that a flow can be created without any property set on it. This is useful for observability.
We have extended Crossbow flows in Solaris 11.2 to support -
1. socket level (a.k.a. fine-grained) flows
2. A new flow property called 'priority'
1. socket level flows
One can now create a flow that corresponds to a listener socket or a fully-connected socket. To give an example, you can do the following in Solaris 11.2 -
a. Specify both local IP and local port attributes in a flow
# flowadm add-flow -l net0 -a transport=tcp,local_ip=,\
local_port=22 sshd-flow
b. Specify the 5-tuple attributes in a flow
# flowadm add-flow -l net0 -a transport=tcp,local_ip=,\
-p maxbw=800M custom-flow
In addition to extending the flowadm command, we have also introduced a new socket option, SO_FLOW_SLA, to allow a privileged socket application to create a socket level flow and set properties on it using setsockopt(). I will talk about that API in my next blog entry.
2. 'priority' flow property
We have also added a new property called 'priority'. From the man page
Setting the value to 'high' on a flow has the effect that packets
classified to that flow are processed ahead of packets from normal flows
on the same link. A high priority flow may offer a
better latency depending on the availability of system resources.
One could use it for interactive and/or latency sensitive applicationslike sshd, and ntp. For example, one could do

# flowadm set-flowprop -p priority=high sshd-flow
to ensure better latency for ssh traffic even when the system is heavily loaded by other networking traffic.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha