Building Performant Network Infrastructure for Thousands of Snapshotted VMs: eBPF, Geneve, and more
              

Running thousands of snapshotted VMs presents unique networking challenges that push Linux networking primitives to their limits. This talk explores battle-tested strategies for designing large-scale network topologies that balance performance, isolation, and resource efficiency. We'll dive into practical solutions for high-density VM environments, covering:

• 1. Modern tunneling with Geneve for scalable overlay networks that outperform traditional approaches.
• 2. eBPF-accelerated networking to bypass kernel bottlenecks and achieve line-rate performance.
• 3. Stateless NAT techniques that enable network reuse without connection tracking overhead.
• 4. Smart firewall design using device prefix-based iptables/nftables rules that scale to thousands of instances.
• 5. Namespace pooling strategies to minimize creation/teardown costs during rapid VM snapshot operations.
• 6. RTNL lock contention and its operational impact on large-scale deployments, plus mitigation strategies.

Attendees will learn how to architect network stacks that handle the unique demands of snapshotted workloads—where VMs are frequently cloned, restored, and migrated—while maintaining security boundaries and predictable performance. Real-world examples will demonstrate how these techniques reduce network initialization time from seconds to milliseconds and handle 10K+ concurrent VM instances on commodity hardware.

              HC 204
              Sat 9:30 am - 10:00 am
              

                          Lecture (30 Min + Q&A)
                          Panel
                          Introductory
                          Some experience required
                          Networks
                          In-person
                          anywhere
                          severalth time speaking
              
      Target Audience    
          Students, Engineers, Architects interested in scaling network performance