SONiC Virtual Switch with FD.io Vector Packet Processor (VPP) on Google Cloud
Introduction
SONiC is an open source (free) service provider grade operating system for networking devices. SONiC installs on name brand hardware such as Arista, Dell, Cisco, Juniper, and others. See Supported Platforms.
Software for Open Networking in the Cloud (SONiC) is an open source network operating system (NOS) based on Linux that runs on switches from multiple vendors and ASICs. SONiC offers a full suite of network functionality, like BGP and RDMA, that has been production-hardened in the data centers of some of the largest cloud service providers. It offers teams the flexibility to create the network solutions they need while leveraging the collective strength of a large ecosystem and community.
The SONiC Virtual Switch
Since the early days of SONiC, the virtual switch installation, sonic-vs, available as a single container or as a dedicated VM, was deployed for development and testing but was practically unusable because the packet processing performance was quite slow.
FD.io Vector Packet Processor (VPP)
VPP delivers up to 100X greater packet processing throughput. “Terabit IPSec” was a term that stood out to me watching one of the SONiC presentations available online. Generally, throughput scales up w more cores.
[VPP] is the open source version of Cisco’s Vector Packet Processing (VPP) technology: a high performance, packet-processing stack that can run on commodity CPUs. — FD.io VPP/What is VPP?
The SONiC VPP virtual switch is an exciting development in computer networking. Let’s install it and have a look!
Installation on Google Cloud
We are going to install both the all in one Docker image and the standalone VM Qemu image using Google’s n2-highmem-4 machine. The only modifications required is to (1) change the boot disk to Ubuntu and size it for 50GB and (2) enable nested virtualization. The easiest way to enable nested virtualization is to build the machine using gcloud command line’s — enable-nested-virtualization (if you click Equivalent Code top right on GCP console you can add this then build).
PREREQUISITES: (1) A Google Cloud Account with Billing Enabled, (2) SONiC images, docker-sonic-vpp.gz and sonic-vpp.img.gz.
Additional interfaces can be added to the GCP host as needed but a single network interface card on the VM is sufficient to have SONiC route and/or switch.
Single Container SONiC VPP
Build the machine as specified above and SSH into it. Install Docker.
# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg - print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get updateInstall Docker packages.
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-pluginAdd user to docker group and reboot
sudo gpasswd -a ${USER} docker
sudo rebootInstall Image, iproute2, and startup script.
sudo apt-get install -y iproute2
wget "http://findit.com/your-path-to/docker-sonic-vpp.gz"
wget "https://raw.githubusercontent.com/sonic-net/sonic-platform-vpp/refs/heads/main/start_sonic_vpp.sh" - output-document=start_sonic_vpp.shCopy the startup script from SONiC and update permissions.
wget "https://raw.githubusercontent.com/sonic-net/sonic-platform-vpp/refs/heads/main/start_sonic_vpp.sh" --output-document=start_sonic_vpp.sh
chmod +x start_sonic_vpp.shLoad Docker Images
docker load < docker-sonic-vpp.gzAdd Links on host.
sudo ip link add name veth_vpp1 type veth peer name vpp1
sudo ip link add name veth_vpp2 type veth peer name vpp2
sudo ip netns add host-1.0
sudo ip netns add host-2.0
sudo ip link set dev veth_vpp1 netns host-1.0
sudo ip link set dev veth_vpp2 netns host-2.0
sudo ip netns exec host-1.0 bash
ip link set dev veth_vpp1 up
ip addr add 172.16.1.2/24 dev veth_vpp1
ip route add 172.16.2.0/24 via 172.16.1.1
ip address show
ip route show
exit
sudo ip netns exec host-2.0 bash
ip link set dev veth_vpp2 up
ip addr add 172.16.2.2/24 dev veth_vpp2
ip route add 172.16.1.0/24 via 172.16.2.1
ip address show
ip route show
exitLaunch the Docker container via the startup script.
sudo ./start_sonic_vpp.sh start -n sonic-vpp -i vpp1,vpp2
Terminal In To SONiC. Configure interfaces and an IP address for the management interface eth0.
docker exec -it sonic-vpp /bin/bash
ip link show
sudo config interface ip add Ethernet0 172.16.1.1/24
sudo config interface ip add Ethernet1 172.16.2.1/24
sudo config interface ip add eth0 192.168.1.1/24 192.168.1.2
sudo config interface startup Ethernet0
sudo config interface startup Ethernet1
sudo config save -y
ip route show
exitExit the SONiC container telnet session and back on the host machine add an IP address to the tap0 interface.
sudo ip addr add 192.168.1.2/24 dev tap0
You can now SSH into SONiC.
ssh admin@191.268.1.2
Full Feature VM SONiC VPP
Install Qemu and SONiC image
sudo apt update
sudo apt-get install -y qemu-system-x86 qemu-kvmwget "https://somewhere.com/sonic-vpp.img.gz" --output-document=sonic-vpp.img.gz
sudo mkdir /var/lib/sonic
sudo mv sonic-vpp.img.gz /var/lib/sonic/sonic-vpp.img.gz
sudo gunzip /var/lib/sonic/sonic-vpp.img.gzLaunch the SONiC VM
sudo qemu-system-x86_64 -name sonic-vpp-vm -m 4096M -cpu host -smp cpus=4 -drive file=/var/lib/sonic/sonic-vpp.img,index=0,media=disk,id=drive0 -serial telnet:127.0.0.1:5001,server,nowait -monitor tcp:127.0.0.1:44001,server,nowait -device e1000,netdev=net0 -netdev tap,ifname=tap0,id=net0 -device e1000,netdev=net1 -netdev tap,ifname=sonic-tap1,id=net1 -device e1000,netdev=net2 -netdev tap,ifname=sonic-tap2,id=net2 -display vnc=:4 -daemonize -enable-kvmWait 3 minutes for the system to boot up. Telnet in telnet localhost 5001. Build out host links and SONiC interfaces like in the above example.
You have installed SONiC Virtual Switch w FD.io’s Vector Packet Processor.
