1 Architecture and scalability of a high-speed traffic measurement platform with a highly flexible packet classification Author: Detlef Sas *, Simon Hauger,

Slides:

Advertisements

Similar presentations

1 A TCAM-based solution for integrated traffic anomaly detection and policy filtering Author: Zhijun Wang, Hao Che, Jiannong Cao, Jingshan Wang Publisher:

Advertisements

Module 5: Configuring Access to Internal Resources.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

External perimeter of secure network public Internet SNMPdata transaction data control commands July 2003 Firewall Network Processor™: basic concept and.

Diagnostics. Module Objectives By the end of this module participants will be able to: Use diagnostic commands to troubleshoot and monitor performance.

A New Network Processor Architecture for High-speed Communication Xiaoning Nie; Gazsi, L.; Engel, F.; Fettweis, G. Signal Processing Systems, SiPS.

1 A CAM-based keyword match processor architecture Author: Long Bu, John A. Chandy * Publisher: Microelectronics Journal 37 (2006) Presenter: Han-Chen.

Efficient IP-Address Lookup with a Shared Forwarding Table for Multiple Virtual Routers Author: Jing Fu, Jennifer Rexford Publisher: ACM CoNEXT 2008 Presenter:

1 A Virus Scanning Engine Using a Parallel Finite-Input Memory Machine and MPUs Author: Hiroki Nakahara, Tsutomu Sasao, Munehiro Matsuura, and Yoshifumi.

An 8051 Based Web Server Project by Mason Kidd Advised by Dr. Schertz.

Performance Evaluation of IPv6 Packet Classification with Caching Author: Kai-Yuan Ho, Yaw-Chung Chen Publisher: ChinaCom 2008 Presenter: Chen-Yu Chaug.

1 Network Packet Generator Characterization presentation Supervisor: Mony Orbach Presenting: Eugeney Ryzhyk, Igor Brevdo.

1 OC-3072 Packet Classification Using BDDs and Pipelined SRAMs Author: Amit Prakash, Adnan Aziz Publisher: Hot Interconnects 9, Presenter: Hsin-Mao.

Ethernet Bomber Stand-Alone / PCI-E controlled Ethernet Packet Generator Oren Novitzky & Rony Setter Advisor: Mony Orbach Spring 2008 – Winter 2009 Characterization.

Students:Gilad Goldman Lior Kamran Supervisor:Mony Orbach Mid-Semester Presentation Spring 2005 Network Sniffer.

Vocabulary URL = uniform resource locator: web address protocol –set of rules that networked computers follow in order to share data and coordinate communications.

Licentiate Seminar: On Measurement and Analysis of Internet Backbone Traffic Wolfgang John Department of Computer Science and Engineering Chalmers University.

PCI-Express Network Sniffer Characterization Presentation Project Period : 2 semesters Students: Neria Wodage Aviel Tubul Advisor: Mony Orbach 17/12/2007.

- 1 - A Powerful Dual-mode IP core for a/b Wireless LANs.

Sven Ubik, Petr Žejdl CESNET TNC2008, Brugges, 19 May 2008 Passive monitoring of 10 Gb/s lines with PC hardware.

High-Performance Packet Classification on GPU Author: Shijie Zhou, Shreyas G. Singapura and Viktor K. Prasanna Publisher: HPEC 2014 Presenter: Gang Chi.

ECE 526 – Network Processing Systems Design Network Processor Architecture and Scalability Chapter 13,14: D. E. Comer.

What is FORENSICS? Why do we need Network Forensics?

High Performance Computing & Communication Research Laboratory 12/11/1997 [1] Hyok Kim Performance Analysis of TCP/IP Data.

Chapter 3 How to build a network?. 2 Objectives What is a Network? IP Addresses Key Components of a Network (NIC) Factors in Designing a Network.

Lect1..ppt - 01/06/05 CDA 6505 Network Architecture and Client/Server Computing Lecture 2 Protocols and the TCP/IP Suite by Zornitza Genova Prodanoff.

Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL

Filtering in Firewall By Fantastic 5. Agenda What is Firewall? Types Of Firewall Pros and Cons Of Different Firewalls What Firewall can do? What Firewall.

RiceNIC: A Reconfigurable and Programmable Gigabit Network Interface Card Jeff Shafer, Dr. Scott Rixner Rice Computer Architecture:

D0 SAM – status and needs Plagarized from: D0 Experiment SAM Project Fermilab Computing Division.

(TPDS) A Scalable and Modular Architecture for High-Performance Packet Classification Authors: Thilan Ganegedara, Weirong Jiang, and Viktor K. Prasanna.

GLOBECOM (Global Communications Conference), 2012

Vladimír Smotlacha CESNET Full Packet Monitoring Sensors: Hardware and Software Challenges.

The University of Bolton School of Games Computing & Creative Technologies LCT2516 Network Architecture CCNA Exploration LAN Switching and Wireless Chapter.

Univ. of TehranAdv. topics in Computer Network1 Advanced topics in Computer Networks University of Tehran Dept. of EE and Computer Engineering By: Dr.

Chapter 1 Communication Networks and Services Network Architecture and Services.

Application Block Diagram III. SOFTWARE PLATFORM Figure above shows a network protocol stack for a computer that connects to an Ethernet network and.

OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.

Agilent Technologies Copyright 1999 H7211A+221 v Capture Filters, Logging, and Subnets: Module Objectives Create capture filters that control whether.

Management of the LHCb DAQ Network Guoming Liu * †, Niko Neufeld * * CERN, Switzerland † University of Ferrara, Italy.

XStream: Rapid Generation of Custom Processors for ASIC Designs Binu Mathew * ASIC: Application Specific Integrated Circuit.

StrideBV: Single chip 400G+ packet classification Author: Thilan Ganegedara, Viktor K. Prasanna Publisher: HPSR 2012 Presenter: Chun-Sheng Hsueh Date:

4/19/20021 TCPSplitter: A Reconfigurable Hardware Based TCP Flow Monitor David V. Schuehler.

Vladimír Smotlacha CESNET High-speed Programmable Monitoring Adapter.

Department of Computer Science and Engineering Applied Research Laboratory Architecture for a Hardware Based, TCP/IP Content Scanning System David V. Schuehler.

Cisco Network Devices Chapter 6 powered by DJ 1. Chapter Objectives At the end of this Chapter you will be able to:  Identify and explain various Cisco.

1 of 20 Smart-NICs: Power Proxying for Reduced Power Consumption in Network Edge Devices Karthikeyan Sabhanatarajan, Ann Gordon-Ross +, Mark Oden, Mukund.

Authors: Danhua Guo 、 Guangdeng Liao 、 Laxmi N. Bhuyan 、 Bin Liu 、 Jianxun Jason Ding Conf. : The 4th ACM/IEEE Symposium on Architectures for Networking.

Research on TCAM-based OpenFlow Switch Author: Fei Long, Zhigang Sun, Ziwen Zhang, Hui Chen, Longgen Liao Conference: 2012 International Conference on.

Binary-tree-based high speed packet classification system on FPGA Author: Jingjiao Li*, Yong Chen*, Cholman HO**, Zhenlin Lu* Publisher: 2013 ICOIN Presenter:

COMP2322 Lab 1 Introduction to Wireshark Weichao Li Jan. 22, 2016.

Range Enhanced Packet Classification Design on FPGA Author: Yeim-Kuan Chang, Chun-sheng Hsueh Publisher: IEEE Transactions on Emerging Topics in Computing.

1 CPAC: May 2005 A Roadmap for SAM A proposal to the Washington Technology Center.

High Throughput and Programmable Online Traffic Classifier on FPGA Author: Da Tong, Lu Sun, Kiran Kumar Matam, Viktor Prasanna Publisher: FPGA 2013 Presenter:

Exploiting Task-level Concurrency in a Programmable Network Interface June 11, 2003 Hyong-youb Kim, Vijay S. Pai, and Scott Rixner Rice Computer Architecture.

Research Unit for Integrated Sensor Systems and Oregano Systems Cern Timing Workshop 2008 Patrick Loschmidt, Georg Gaderer, and Nikolaus Kerö.

1 Monitoring: from research to operations Christophe Diot and the IP Sprintlabs ipmon.sprintlabs.com.

Practical Multituple Packet Classification Using Dynamic Discrete Bit Selection Author: Baohua Yang, Fong J., Weirong Jiang, Yibo Xue, Jun Li Publisher:

أمن المعلومات لـ أ. عبدالرحمن محجوب حمد mtc.edu.sd أمن المعلومات Information Security أمن المعلومات Information Security  أ. عبدالرحمن محجوب  Lec (5)

Sensors Journal, IEEE, Issue Date: May 2013,

Distributed Systems.

Toward Advocacy-Free Evaluation of Packet Classification Algorithms

Implementing TMG Server Publishing

Data collection methodology and NM paradigms

DDoS Attack Detection under SDN Context

Characteristics of Reconfigurable Hardware

2019/1/1 High Performance Intrusion Detection Using HTTP-Based Payload Aggregation 2017 IEEE 42nd Conference on Local Computer Networks (LCN) Author: Felix.

IP Control Gateway (IPCG)

Byung-Joon Lee and Youngseok Lee

Chapter-5 Traffic Engineering.

Presentation transcript:

1 Architecture and scalability of a high-speed traffic measurement platform with a highly flexible packet classification Author: Detlef Sas *, Simon Hauger, Martin Kohn Publisher: Computer Networks 53 (2009) Presenter: Han-Chen Chen Date:2009/10/28

2 Outline  Introduction  Traffic Measurement  Architecture of I 2 MP  Scalability of I 2 MP  Performance * I 2 MP (IKR Internet Measurement Platform)

3 Introduction  Evolving network technologies, new web services and changing usage patterns continuously change traffic characteristics. But a thorough understanding of the traffic is the basis for many applications in networking.

4 Traffic Measurement - purposes  network management  health monitoring  troubleshooting  accounting  network control  traffic characterization  modeling

5 Traffic Measurement - Functional blocks  Reception of data from the network link  Decoding line signal including error checks and restoring packets  Decapsulate packets from lower layer protocols  Time stamping  Pre-processing  Passive  Active  Storing data

6 Traffic Measurement - Platforms For processing data  General-purpose processors (GP-CPU)  Network processors (NP)  FPGA and ASIC For storing the measured data  HD  RAM

7 Architecture of I 2 MP

8 Hardware Unit Interface Time Stamping unit Classification and Filtering unit 1.decode protocol 2.classification packet 3.filter packet Assembly unit

9 Hardware Unit Classification and Filtering Unit

10 Hardware Unit Processing of a packet by Protocol Layering Decoder Protocol tag index

11 Hardware Unit Find the relevant criteria Find the all rules which contains these criteria Find the highest priority rule Classifier TCAM

12 PC Unit Online modeOffline mode 1.Reception of data containers 2.Post-processing of data records 3.Storage of the final trace

13 Scalability of I 2 MP Throughput of Hardware unit 1.Increase clock rate 2.Increase number of bytes processed in each clock rate Increase internal word width Replicate the entire system or those parts of limit the overall throughput 3.Process the first part of each packet Classification criteria and rules Increasing those parameters does not deteriorate the system ’ s throughput.

14 Performance 16 bytes word width Clock rate of 60MHz (FPGA) Packet size of 200Bytes Throughput of 20Gb/s (Ethernet, IP, TCP)

15 Thanks for your listening