Engine Design: Stream Operators Everywhere Theodore Johnson AT&T Labs – Research Contributors: Chuck Cranor Vladislav Shkapenyuk.

Slides:



Advertisements
Similar presentations
Getting Traffic to your Cluster. Where to Tap WAN or Internal – WAN Detect intrusion attempts and out-bound misbehavior – Internal Detect internal-internal.
Advertisements

Congestion Control Reasons: - too many packets in the network and not enough buffer space S = rate at which packets are generated R = rate at which receivers.
Chapter 8 Hardware Conventional Computer Hardware Architecture.
Outline State of the Art Measurement Tools –Measured Node Properties –Measured Link Properties –Measured Topology Properties –Measured Traffic Properties.
1 K. Salah Module 4.0: Network Components Repeater Hub NIC Bridges Switches Routers VLANs.
FFPF: Fairly Fast Packet Filters uspace kspace nspace Vrije Universiteit Amsterdam Herbert Bos Willem de Bruijn Trung Nguyen Mihai Cristea Georgios Portokalidis.
How to Build a Stream Database Theodore Johnson AT&T Labs - Research.
A Heartbeat Mechanism and its Application in Gigascope Johnson, Muthukrishnan, Shkapenyuk, Spatscheck Presented by: Joseph Frate and John Russo.
Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.
ECE 526 – Network Processing Systems Design
Applications : Network Monitoring Theodore Johnson AT&T Labs – Research Contributors: Chuck Cranor Vladislav Shkapenyuk Oliver.
Field Programmable Gate Array (FPGA) Layout An FPGA consists of a large array of Configurable Logic Blocks (CLBs) - typically 1,000 to 8,000 CLBs per chip.
1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.
Introduction to Networking. Key Terms packet  envelope of data sent between computers server  provides services to the network client  requests actions.
Is Lambda Switching Likely for Applications? Tom Lehman USC/Information Sciences Institute December 2001.
Hosting Virtual Networks on Commodity Hardware VINI Summer Camp.
UNIX Unbounded 5 th Edition Amir Afzal Chapter 1 First Things First.
Eric Keller, Evan Green Princeton University PRESTO /22/08 Virtualizing the Data Plane Through Source Code Merging.
N E T G R O U P P O L I T E C N I C O D I T O R I N O Towards Effective Portability of Packet Handling Applications Across Heterogeneous Hardware Platforms.
1 Liquid Software Larry Peterson Princeton University John Hartman University of Arizona
Today’s Topics Chapter 8: Networks Chapter 8: Networks HTML Introduction HTML Introduction.
Heartbeat Mechanism and its Applications in Gigascope Vladislav Shkapenyuk (speaker), Muthu S. Muthukrishnan Rutgers University Theodore Johnson Oliver.
Vladimír Smotlacha CESNET Full Packet Monitoring Sensors: Hardware and Software Challenges.
1.4 Open source implement. Open source implement Open vs. Closed Software Architecture in Linux Systems Linux Kernel Clients and Daemon Servers Interface.
Querying Large Databases Rukmini Kaushik. Purpose Research for efficient algorithms and software architectures of query engines.
Securing and Monitoring 10GbE WAN Links Steven Carter Center for Computational Sciences Oak Ridge National Laboratory.
Heavy and lightweight dynamic network services: challenges and experiments for designing intelligent solutions in evolvable next generation networks Laurent.
Srihari Makineni & Ravi Iyer Communications Technology Lab
EECB 473 DATA NETWORK ARCHITECTURE AND ELECTRONICS PREPARED BY JEHANA ERMY JAMALUDDIN Basic Packet Processing: Algorithms and Data Structures.
Guangdeng Liao, Xia Zhu, Steen Larsen, Laxmi Bhuyan, Ram Huggahalli University of California, Riverside Intel Labs.
By: M.Nadeem Akhtar1 Data Communication Ch 10. By: M.Nadeem Akhtar2 Networks?  LAN  MAN  WAN.
4/19/20021 TCPSplitter: A Reconfigurable Hardware Based TCP Flow Monitor David V. Schuehler.
Vladimír Smotlacha CESNET High-speed Programmable Monitoring Adapter.
Hot Interconnects TCP-Splitter: A Reconfigurable Hardware Based TCP/IP Flow Monitor David V. Schuehler
Lecture 12: Reconfigurable Systems II October 20, 2004 ECE 697F Reconfigurable Computing Lecture 12 Reconfigurable Systems II: Exploring Programmable Systems.
A record and replay mechanism using programmable network interface cards Laurent Lefèvre INRIA / LIP (UMR CNRS, INRIA, ENS, UCB)
Intel Research & Development ETA: Experience with an IA processor as a Packet Processing Engine HP Labs Computer Systems Colloquium August 2003 Greg Regnier.
Understand the Components of a Network Mrs. Whaley.
VO2-MAGAZINE.jpg Michael Jenkins Presents:
1.4 Open source implement. Open source implement Open vs. Closed Software Architecture in Linux Systems Linux Kernel Clients and Daemon Servers Interface.
Tackling I/O Issues 1 David Race 16 March 2010.
Addressing Data Compatibility on Programmable Network Platforms Ada Gavrilovska, Karsten Schwan College of Computing Georgia Tech.
1 Monitoring: from research to operations Christophe Diot and the IP Sprintlabs ipmon.sprintlabs.com.
CHAPTER -II NETWORKING COMPONENTS CPIS 371 Computer Network 1 (Updated on 3/11/2013)
Data Link Protocols Relates to Lab 2.
Bellman: A Data Quality Browser Theodore Johnson Tamraparni Dasu S. Muthukrishnan Vladislav Shkapenyuk Contact:
COMPUTER NETWORKS CS610 Lecture-30 Hammad Khalid Khan.
CRISP WP18, High-speed data recording Krzysztof Wrona, European XFEL PSI, 18 March 2013.
IP - Internet Protocol No. 1  Seattle Pacific University IP: The Internet Protocol Kevin Bolding Electrical Engineering Seattle Pacific University.
1 Netflow Collection and Aggregation in the AT&T Common Backbone Carsten Lund.
Building OC-768 Monitor using GS Tool Vladislav Shkapenyuk Theodore Johnson Oliver Spatscheck June 2009.
Streaming Data Warehouses Theodore Johnson
1 Copyright © 2013 Tap DANZing with Arista Networks Redefining the Cost of the Access Layer.
1 Out of Order Processing for Stream Query Evaluation Jin Li (Portland State Universtiy) Joint work with Theodore Johnson, Vladislav Shkapenyuk, David.
Gigascope A stream database for network monitoring
Instructor & Todd Lammle
Architecture and Algorithms for an IEEE 802
Paul Vixie, ISC with Duane Wessels, Measurement Factory July, 2007
Network Packet Brokers
Configuring EtherChannels and Switch Troubleshooting
Optimizing OSPF Bernard Fortz (Université Libre de Bruxelles)
Introduction to Packet Sniffing using Ethereal
Shenghsun Cho, Mrunal Patel, Han Chen, Michael Ferdman, Peter Milder
Streaming Sensor Data Fjord / Sensor Proxy Multiquery Eddy
Dynamic Packet-filtering in High-speed Networks Using NetFPGAs
On-time Network On-chip
Router Construction Outline Switched Fabrics IP Routers
Network Systems and Throughput Preservation
Congestion Control Reasons:
Adaptive Query Processing (Background)
Presentation transcript:

Engine Design: Stream Operators Everywhere Theodore Johnson AT&T Labs – Research Contributors: Chuck Cranor Vladislav Shkapenyuk Oliver Spatscheck

Early Data Reduction Goal : Query high-speed links using inexpensive off-the- shelf servers. –OC48 : 2 x 2.4 Gb/sec., 7 million packets/sec. –OC192 : 2 x 7.2 Gb/sec., 21 million packets/sec. Goal : Evaluate queries over every bit of every packet. Problem : Not enough cycles in a second. –3 Ghz / 21 Mpacket/sec = 142 cycles / packet Solution : Push data reduction operators as far down the protocol stack as possible. –Into the hardware if possible. –View hardware bit twiddling as stream operators.

Early Data Reduction in Gigascope Gigascope was designed to monitor very high speed (optical) links using complex query sets. Multiple levels of data reduction: –Data reduction in the NIC : depends on NIC capabilities Snap length (projection) BPF filters Approximate filtering (bitmasks) Data reduction queries (replace the NIC run time system) –Low level queries Run queries on kernel input buffers Preliminary filter for the query set –Other possibilities ….

Example: Router Monitoring Router Network Tap Select Stream Network Interface card Snap length (projection) Approximate filter (selection) Selection/projection/aggregation queries (replace run time system) Circular Buffer Kernel Libpcap / BPF filters Low Level Queries Selection/projection/aggregation Pre-filter High Level Queries

Stream Operators Problem : Great heterogeneity in the specifics of manipulating the hardware mechanism –Stream selection vs. NIC filters vs. kernel filters, etc. –Programmable NIC vs. bit-twiddling NIC vs. non- programmable NIC, etc. Solution : –Define a set of stream operators to evaluate the stream query. Selection, projection, (partial) aggregation Merge, join, reorder ? –Define hardware capabilities as the types of queries they can execute –Multiple query optimization over the query set Low level query nodes feed multiple user queries

select timestamp, sourceIP, destIP, source_port, dest_port, len, total_length, gp_header from GAMEPROTOCOL where sample_hash[50, sourceIP, destIP] and protocol=17 and offset=0 NIC : snap_len = 134 (projection) Pre-filter : protocol=17 and offset=0 Low-level query : select timestamp, sourceIP, destIP, source_port, dest_port, len, total_length, gp_header from GAMEPROTOCOL where sample_hash[50, sourceIP, destIP] and protocol=17 and offset=0 Example (network monitoring)

Other Operators? Merge : Some NICs deliver packets out of order … –Optical links are not duplex In Buffer Out Buffer NIC In Buffer Out Buffer NIC Stream Merge Almost ordered stream ordered stream timestamp

Summary Early data reduction is critical for monitoring very high-speed streams –Selection, projection, aggregation. Use stream operators to mask the complexity and heterogenity of hardware / kernel data reduction. Issues : –Multiple query optimization –Push more complex operators down the stack? Join? Stratified sampling? Sketches? –Optimization at low level / hardware level Approximate filters Avoid duplicate filters. Where to place them? Re-organization when the query set changes.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.