1 xin wang internet real -time laboratory internet real -time laboratory columbia university ( joint...
TRANSCRIPT
1
Xin WangXin Wang
Internet Real -Time LaboratoryInternet Real -Time Laboratory
Columbia University
(Joint work with Henning Schulzrinne, Dilip Kandlur, and Dinesh Verma) http://www.cs.columbia.edu/~xinwanghttp://www.cs.columbia.edu/~xinwang
2
• Introduction to LDAP Introduction to LDAP • MotivationMotivation• BackgroundBackground• Experimental SetupExperimental Setup• Test MethodologyTest Methodology• Result AnalysisResult Analysis• Related Work Related Work • ConclusionConclusion
OutlineOutline
3
• Directory ServiceDirectory Service– A simplified database, primarily for high volume efficient A simplified database, primarily for high volume efficient
reads; no database mechanisms to support roll-back of reads; no database mechanisms to support roll-back of transactions transactions
• LDAP: Lightweight Directory Access Protocol LDAP: Lightweight Directory Access Protocol – A distributed client-server model over TCP/IPA distributed client-server model over TCP/IP– Can access stand-alone directory servers or X.500 Can access stand-alone directory servers or X.500
directoriesdirectories
What is LDAP?What is LDAP?
4
• Wide use of LDAPWide use of LDAP– personnel databases for administration, tracking personnel databases for administration, tracking
schedules, address translation for IP telephony, schedules, address translation for IP telephony, storage of network configuration, etc.storage of network configuration, etc.
• Performance ofPerformance of LDAP?LDAP?– relatively static data, caching to improve performance relatively static data, caching to improve performance – Can LDAP be used in a dynamic environment with Can LDAP be used in a dynamic environment with
frequent searches?frequent searches?
MotivationMotivation
5
Background: LDAP StructureBackground: LDAP Structure
• Tree structure: entry, attributes, valuesTree structure: entry, attributes, values• Operations: add, delete, modify, compare, and Operations: add, delete, modify, compare, and
search.search.
6
Background (cont’d.)Background (cont’d.)
• LDAPLDAP for for SLSSLS AdministrationAdministration– A better than best effort service, e.g., int-serv, diff-serv, A better than best effort service, e.g., int-serv, diff-serv,
requires a service level specification (SLS) between the requires a service level specification (SLS) between the network and customernetwork and customer
– SLS specifies type of service, user traffic constraints, SLS specifies type of service, user traffic constraints, quality expected, etc. May be dynamically negotiatedquality expected, etc. May be dynamically negotiated
– LDAP directory contains: SLS, policy rules, network LDAP directory contains: SLS, policy rules, network provisioning informationprovisioning information
7
LDAP Structure for SLS ManagementLDAP Structure for SLS Management
– Management tools are used to populate and maintain Management tools are used to populate and maintain LDAP directoryLDAP directory
– Decision entities download classification rules, service Decision entities download classification rules, service specifications, and poll directory periodically.specifications, and poll directory periodically.
– Enforcement entities query rules from the decision entities Enforcement entities query rules from the decision entities and enforce themand enforce them
8
LDAP Tree Structure in the ExperimentsLDAP Tree Structure in the Experiments
9
Experimental SetupExperimental Setup• Hardware: Hardware:
– Server: dual Ultra-2 processors, 200 MHz CPUs, 256 MB Server: dual Ultra-2 processors, 200 MHz CPUs, 256 MB main memory; server was bound to one of the CPUs.main memory; server was bound to one of the CPUs.
– Clients: Ultra1, 170 MHz CPU, 128 MB main memoryClients: Ultra1, 170 MHz CPU, 128 MB main memory– 10 Mb/s Ethernet10 Mb/s Ethernet
• LDAP server:LDAP server:– OpenLDAP 1.2, Berkeley DB 2.4.14OpenLDAP 1.2, Berkeley DB 2.4.14– Stand -alone LDAP daemon (slapd) : front end handling Stand -alone LDAP daemon (slapd) : front end handling
communication with LDAP clients, and backend handling communication with LDAP clients, and backend handling database operations.database operations.
– LDBM backend: a high performance disk-based databaseLDBM backend: a high performance disk-based database– cachesizecachesize: size in entries of in-memory cache; variable size: size in entries of in-memory cache; variable size– dbcachesizedbcachesize: size in bytes of the in-memory cache : size in bytes of the in-memory cache
associated with each open index file; 10 MBassociated with each open index file; 10 MB
10
Experimental Setup (cont’d)Experimental Setup (cont’d)
• LDAP ClientLDAP Client
11
• Search is likely to dominate the server operations, Search is likely to dominate the server operations, mainly test mainly test searchsearch performance for downloading performance for downloading policy rulespolicy rules
• Search filter: interface address, and corresponding Search filter: interface address, and corresponding policy object policy object
• Default parameters: Default parameters: – Directory size: 10,000 entriesDirectory size: 10,000 entries– Entry size: 488 bytes Entry size: 488 bytes
• Search operation steps:Search operation steps:– ldap_open, ldap_bind, ldap_search, ldap_unbindldap_open, ldap_bind, ldap_search, ldap_unbind
Test MethodologyTest Methodology
12
Search SequencesSearch Sequences
13
Performance Measures and ObjectivesPerformance Measures and Objectives
• Latencies:Latencies:– Connect: ldap_open + ldap_bindConnect: ldap_open + ldap_bind– Processing: ldap_search + result transmissionProcessing: ldap_search + result transmission– Response: ldap_open -> ldap_unbind Response: ldap_open -> ldap_unbind
(~connect+processing)(~connect+processing)
• Server throughput: requests served per secondServer throughput: requests served per second• Objectives: use latencies and throughput to evaluateObjectives: use latencies and throughput to evaluate
– Overall LDAP performance Overall LDAP performance – Effect of individual system components on performanceEffect of individual system components on performance– System scalability and performance limitsSystem scalability and performance limits– Performance under update loadPerformance under update load– Measures to improve system performanceMeasures to improve system performance
14
Overall PerformanceOverall Performance
Average connection time, Average connection time, processing time, and response processing time, and response timetime
Average server throughputAverage server throughput
15
Components of LDAP Search LatencyComponents of LDAP Search Latency
Client Server
16
Components of LDAP Connect LatencyComponents of LDAP Connect Latency
17
Effect of Nagle AlgorithmEffect of Nagle Algorithm
Average server throughputAverage server throughputAverage server connection , Average server connection , processing, and response timeprocessing, and response time
18
Effect of Caching EntriesEffect of Caching Entries
Average server throughputAverage server throughputAverage connection, processing , Average connection, processing , and response time with 10,000 entry and response time with 10,000 entry cache and without cachecache and without cache
19
Single vs. Dual ProcessorSingle vs. Dual Processor
Average server throughputAverage server throughputAverage server connection, Average server connection, processing, and response timeprocessing, and response time
20
Single vs. Dual Processor (cont’d)Single vs. Dual Processor (cont’d)
Read and write throughputRead and write throughput
21
Scaling of Directory SizeScaling of Directory Size
Average server throughput Average server throughput Average connection and processing Average connection and processing time time
a)10,000 entries in DB, 10,000 in cache; b) 50,000 DB, 50,000 cache; a)10,000 entries in DB, 10,000 in cache; b) 50,000 DB, 50,000 cache; c)100,000 DB, 50,000 cachec)100,000 DB, 50,000 cache
22
Scaling of Directory Entry Size (in-memory)Scaling of Directory Entry Size (in-memory)
Average server throughputAverage server throughputAverage connection and Average connection and processing timeprocessing time
(488 bytes vs. 4880 bytes)(488 bytes vs. 4880 bytes)
23
Scaling of Directory Entry Size (out-of-memory)Scaling of Directory Entry Size (out-of-memory)
Average server throughputAverage server throughputAverage server connection time Average server connection time and processing timeand processing time
(488 bytes vs. 4880 bytes)(488 bytes vs. 4880 bytes)
24
Connection ReuseConnection Reuse
Average server throughputAverage server throughputAverage server processing timeAverage server processing time
(no reuse, 25 % reuse, 50% reuse, 75% reuse, 100% reuse)(no reuse, 25 % reuse, 50% reuse, 75% reuse, 100% reuse)
25
Latency and Throughput for Search and AddLatency and Throughput for Search and Add
Average server throughputAverage server throughputAverage server connect, Average server connect, processing, and response timeprocessing, and response time
26
Related WorkRelated Work
• MindcraftMindcraft– Netscape Directory Server 3.0 (NSD3), Netscape Netscape Directory Server 3.0 (NSD3), Netscape
Directory Server 1.0 (NSD1), Novell LDAP services Directory Server 1.0 (NSD1), Novell LDAP services (NDS)(NDS)
– 10,000 entry personnel DB10,000 entry personnel DB– Pentium Pro 200 MHz, 512 MB RAMPentium Pro 200 MHz, 512 MB RAM– All experiments are in memoryAll experiments are in memory– ThroughputThroughput
• NSD3: 183 requests/secondNSD3: 183 requests/second• NSD1: 38.4 requests/secondNSD1: 38.4 requests/second• NDS: 0.8 requests/secondNDS: 0.8 requests/second• CPU is found to be the bottleneckCPU is found to be the bottleneck
27
ConclusionConclusion
• General Results:General Results:– response latency 8 ms up to 105 requests/second response latency 8 ms up to 105 requests/second – Maximum throughput 140 requests/second Maximum throughput 140 requests/second – 5 ms processing latency - 36% from backend, 64% from 5 ms processing latency - 36% from backend, 64% from
front endfront end– Connect time dominates at high load, and limits the Connect time dominates at high load, and limits the
throughput throughput
• Disabling Nagle Algorithm reduces latency about 50 Disabling Nagle Algorithm reduces latency about 50 msms
• Entry Caching:Entry Caching:– for 10,000 entry directory, caching all entries gives 40% for 10,000 entry directory, caching all entries gives 40%
improvement in processing time, 25% improvement in improvement in processing time, 25% improvement in throughputthroughput
28
Conclusion (cont’d)Conclusion (cont’d)
• Scaling with Directory Size - determined by Scaling with Directory Size - determined by back-end processingback-end processing– In memory operation, 10,000 -> 50,000: processing In memory operation, 10,000 -> 50,000: processing
time increases 60%, throughput reduces 21%.time increases 60%, throughput reduces 21%.– Out-of-memory, 50,000 ->100,000: processing time Out-of-memory, 50,000 ->100,000: processing time
increases another 87%, and throughput reduces 23%. increases another 87%, and throughput reduces 23%.
• Scaling with Entry Size (488 ->4880 bytes):Scaling with Entry Size (488 ->4880 bytes):– In-memory, mainly increase in front-end processing, In-memory, mainly increase in front-end processing,
i.e., time for ASN.1 encoding . Processing time i.e., time for ASN.1 encoding . Processing time increases 8 ms, 88% due to ASN.1 encoding, and increases 8 ms, 88% due to ASN.1 encoding, and throughput reduces 30%. throughput reduces 30%.
– Out-of-memory, throughput reduces 70%, mainly due Out-of-memory, throughput reduces 70%, mainly due to increased data transfer time. to increased data transfer time.
29
Conclusion (cont’d)Conclusion (cont’d)
• CPU: CPU: – During in-memory operation, dual processors improve During in-memory operation, dual processors improve
performance by 40%.performance by 40%.
• Connection Re-use:Connection Re-use:– 60% performance gain when connection left open. 60% performance gain when connection left open.