STT Review
Network virtualization uses an encapsulation technology for the overlay network. Common encapsulation technologies include GRE, VXLAN, STT, and a promising new technology called Geneve.
Today, we will focus on Stateless Transport Tunnel (STT) and some of the benefits over GRE and VXLAN….
Background
STT was first introduced by Nicira and continues to be supported today by VMware in Multi Hypervisor versions NSX. STT is detailed in the following IETF Draft RFC…
https://datatracker.ietf.org/doc/draft-davie-stt/
Figure 1 – STT between Hypervisors
In the long term, it is envisioned Geneve will be the optimal encapsulation technology for Host to Host (Hypervisor to Hypervisor) tunneling…
Features
The draft RFC is well written and makes it very clear why STT was created and the problems it addresses. In order of importance –
- A stateless protocol.
- Takes advantage of Hardware NIC Offload capabilities by using a “TCP like” header. TCP Segment Offload (TSO), Large Receive Offload (LRO), and Checksum Calculation are three major optimizations realized.
- Support for Equal Cost Multi Pathing (ECMP) so that all packets in a flow take the same path mitigating out of sequence packets, while different flows can take advantage of multiple paths.
- Layer 4 Offset in header to help optimize packet processing.
Figure 2 – STT Frame Fragments and Encapsulation
Figure 3 – STT Frame Format
In my own experience, STT works really well and given its implementation takes advantage of standard TCP NIC optimizations that have been available for many years, it’s performance out of the box is impressive.
Standards
Currently, STT has draft RFC status and Bruce Davie continues to champion it’s support so I am somewhat optimistic STT will achieve at least Information RFC status in the near term.
Gotchas?
Absolutely! STT uses a header that is TCP like yet is stateless, Firewalls between STT endpoints that do not recognize STT will be problematic. Again, STT is designed for Hypervisor to Hypervisor tunneling within a data center so optimally, hardware firewalls are outside of this environment.
Future?
Geneve! Recognizing the limitations of all current encapsulation technologies, there is considerable work by various manufacturers on the development of Geneve. For more information on Geneve, see https://datatracker.ietf.org/doc/draft-ietf-nvo3-geneve/
Footnote
What is interesting is that VXLAN is likely going to be the encapsulation technology for Hypervisor to Top of Rack switch integration so likely we will see VXLAN, GRE+VXLAN, STT+VXLAN, or GRE+VXLAN over the next few years. The encapsulation should not matter.