Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises: Lab 4 (Network Packet Filtering)

Slides:

Advertisements

Similar presentations

Virtual Machine Queue Architecture Review Ali Dabagh Architect Windows Core Networking Don Stanwyck Sr. Program Manager NDIS Virtualization.

Advertisements

Router Implementation Project-2

ECE Department: University of Massachusetts, Amherst ECE 354 Lab 3: Transmitting and Receiving Ethernet Packets.

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises.

Study of Hurricane and Tornado Operating Systems By Shubhanan Bakre.

© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.8: Understanding WAN Link Efficiency Mechanisms.

Chapter 7 Protocol Software On A Conventional Processor.

ECE 526 – Network Processing Systems Design Software-based Protocol Processing Chapter 7: D. E. Comer.

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Dr. Abdul Waheed.

1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.

Page: 1 Director 1.0 TECHNION Department of Computer Science The Computer Communication Lab (236340) Summer 2002 Submitted by: David Schwartz Idan Zak.

ECE Department: University of Massachusetts, Amherst ECE 354 Spring 2009 Lab 3: Transmitting and Receiving Ethernet Packets.

CS335 Networking & Network Administration Tuesday, May 11, 2010.

Students:Gilad Goldman Lior Kamran Supervisor:Mony Orbach Mid-Semester Presentation Spring 2005 Network Sniffer.

Informationsteknologi Tuesday, October 9, 2007Computer Systems/Operating Systems - Class 141 Today’s class Scheduling.

VSP Video Station Protocol Presented by : Mittelman Dana Ben-Hamo Revital Ariel Tal Instructor : Sela Guy Presented by : Mittelman Dana Ben-Hamo Revital.

Chapter 9 Classification And Forwarding. Outline.

FreeBSD Network Stack Performance Srinivas Krishnan University of North Carolina at Chapel Hill.

POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) Programming with Libpcap.

1 TCP/IP architecture A set of protocols allowing communication across diverse networks Out of ARPANET Emphasize on robustness regarding to failure Emphasize.

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises.

Module 10. Internet Protocol (IP) is the routed protocol of the Internet. IP addressing enables packets to be routed from source to destination using.

G64INC Introduction to Network Communications Ho Sooi Hock Internet Protocol.

LWIP TCP/IP Stack 김백규.

UKERNA IP Multicast Mini Workshop Intra-domain Multicast Hands-on Lab Exercises Networkshop 2006.

High Performance Computing & Communication Research Laboratory 12/11/1997 [1] Hyok Kim Performance Analysis of TCP/IP Data.

Para-Snort : A Multi-thread Snort on Multi-Core IA Platform Tsinghua University PDCS 2009 November 3, 2009 Xinming Chen, Yiyao Wu, Lianghong Xu, Yibo Xue.

Uncovering the Multicore Processor Bottlenecks Server Design Summit Shay Gal-On Director of Technology, EEMBC.

Timothy Whelan Supervisor: Mr Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University Hardware based packet filtering.

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises.

Scalable Web Server on Heterogeneous Cluster CHEN Ge.

Raw Sockets Vivek Ramachandran. A day in the life of Network Packet.

1 Multiprocessor and Real-Time Scheduling Chapter 10 Real-Time scheduling will be covered in SYSC3303.

ECE 526 – Network Processing Systems Design Packet Processing I: algorithms and data structures Chapter 5: D. E. Comer.

Lab 2: SSL Security Attack June 17, 2008 Hyun Jin Kim.

Srihari Makineni & Ravi Iyer Communications Technology Lab

Increasing Web Server Throughput with Network Interface Data Caching October 9, 2002 Hyong-youb Kim, Vijay S. Pai, and Scott Rixner Rice Computer Architecture.

EECB 473 DATA NETWORK ARCHITECTURE AND ELECTRONICS PREPARED BY JEHANA ERMY JAMALUDDIN Basic Packet Processing: Algorithms and Data Structures.

Click to edit Master subtitle style

Chapter 9 Hardware Address & Frame Type Identification Hardware address of frame Addressing schemes Ethernet Frame header format.

An Architecture and Prototype Implementation for TCP/IP Hardware Support Mirko Benz Dresden University of Technology, Germany TERENA 2001.

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises (Lab 2: Sorting)

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises: Lab 5 (Deep Packet Inspection)

LRPC Firefly RPC, Lightweight RPC, Winsock Direct and VIA.

Authors: Danhua Guo 、 Guangdeng Liao 、 Laxmi N. Bhuyan 、 Bin Liu 、 Jianxun Jason Ding Conf. : The 4th ACM/IEEE Symposium on Architectures for Networking.

Lecture 27 Multiprocessor Scheduling. Last lecture: VMM Two old problems: CPU virtualization and memory virtualization I/O virtualization Today Issues.

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises: Lab 1 (Performance measurement)

Architecture of a Proactive Security Tool Vivek Ramachandran.

WIRESHARK Lab#3. Computer Network Monitoring  Port Scanning  Keystroke Monitoring  Packet sniffers  takes advantage of “friendly” nature of net. 

A Classification for Access Control List To Speed Up Packet-Filtering Firewall CHEN FAN, LONG TAN, RAWAD FELIMBAN and ABDELSHAKOUR ABUZNEID Department.

Mobile Packet Sniffer Ofer Borosh Vadim Lanzman Dr. Chen Avin

WAN Technologies. 2 Large Spans and Wide Area Networks MAN networks: Have not been commercially successful.

6. The Open Network Lab Overview and getting started

Networks Problem Set 3 Due Nov 10 Bonus Date Nov 9

Solving Real-World Problems with Wireshark

Lab 2: Packet Capture & Traffic Analysis with Wireshark

LWIP TCP/IP Stack 김백규.

Distributed Network Traffic Feature Extraction for a Real-time IDS

LAN Vulnerabilities.

ARP and RARP Objectives Chapter 7 Upon completion you will be able to:

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises.

Networks Problem Set 3 Due Oct 29 Bonus Date Oct 26

Wireshark Lab#3.

Task Scheduling for Multicore CPUs and NUMA Systems

CS 286 Computer Organization and Architecture

Using Packet Information for Efficient Communication in NoCs

CS703 - Advanced Operating Systems

Ch 17 - Binding Protocol Addresses

2019/10/19 Efficient Software Packet Processing on Heterogeneous and Asymmetric Hardware Architectures Author: Eva Papadogiannaki, Lazaros Koromilas, Giorgos.

Packet Sniffing and Spoofing

Presentation transcript:

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises: Lab 4 (Network Packet Filtering)

4-2 Lab # 4: Network Packet Filtering An overview

4-3 Lab Goals Objective Learning parallel programming using threads Utilizing many core systems efficiently Performance measurement Packet capture / filter / analyze - A case study We will use series of labs to achieve our objectives. Today’s lab is about packet filtering

4-4 Prerequisites Sniffing Capturing of network packets arriving or departing from a network interface Mechanism We use raw sockets as follows rawSock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)) This system call picks every packet going out or coming in on an Ethernet interface

4-5 Prerequisites Testing You can use loop back device as a network interface Use Netperf or MPAC for traffic generation on the network interface

4-6 Lab Setup SenderReceiver Packet Sniffer 1 GigE Link System 1System 2 Data Packets Core Packet Mapping to Cores

4-7 Sniffing Labs Framework Sniffing One thread, called the dispatcher, sniffs the packets from the interface and puts it in one of the workers’ queues Filtering / Analysis Any kind of processing on a packet is the responsibility of the workers Each worker has its own queue or shared queue depending on sniffer application architecture Dispatcher assigns packets to worker queues

4-8 Lab 4 – Packet Filtering Objective Use different packet header information to sniff specific type of packets Mechanism Use different sniffer application architectures to compare the performance of these architectures Dispatcher will sniff frames and will put in worker queues in round-robin fashion User will specify source IP, destination IP, source port and destination port for filtering in TCP packets

4-9 Lab 4 – Packet Filtering Mechanism Each worker will process packets residing in its queues Observations Observer the throughput performance with increasing number of threads Compare the throughput with lab 3 throughput Use core affinity and observe throughput

4-10 Sniffer Application Architecture MPAC packet sniffer version 1 Single queue Dispatcher can access whole queue Each worker thread can access only dedicated locations In-situ sniffing No copying from dispatcher to worker space Each location access is mutually exclusive Controlled by a flag per location No locking overhead Get packet, if flag = 1 (workers) Location Access Function = Put packet, if flag = 0 (Dispatcher)

4-11 T1T1 T0T0 T N-1 T1T1 T0T0 T1T1 T0T0 T1T1 T0T0 Dispatcher putting space Dispatcher putting direction Workers getting direction TNTN Worker Threads MPAC Packet Sniffer (Version 1)

4-12 Compile and Run $ netserver $ netperf –H -l $ cd / /mpac_1.2/apps/sniffer/sniffer_1Q/ $ make clean $ make $./mpac_sniffer_app – n – d – f – e 4

4-13 Throughput Bottlenecks Scanning of whole queue according to the status of flag Large stride size Needed more cache coherency

4-14 Sniffer Application Architecture MPAC Sniffer Version 2 Queue size distributed between worker threads Dispatcher can access whole queue Each worker thread can access only dedicated sub-queue In-situ sniffing No copying from dispatcher to worker space Mutually exclusion is assured by get and set indices ( get chases set ) Location access directions No locking overhead Get packet, if get < set (workers) Location Access Function = Put packet, if get ≤ set ( Dispatcher) Wait, otherwise

4-15 Dispatcher putting direction Workers getting direction TNTN Worker Threads T N-1 T2T2 T1T1 T0T0 Dispatcher putting space MPAC Packet Sniffer (Version 2 & 3)

4-16 Compile and Run $ cd / /mpac_1.2/apps/sniffer/sniffer_MQ/ $ make clean $ make $./mpac_sniffer_app – n – d – f – e 4

4-17 Throughput Bottlenecks Sniffing functions try to get a packet (of specific type) on their own Duplicate capturing Sniffing functions have high coupling and low cohesion

4-18 Sniffer Application Architecture MPAC Packet Sniffer Version 3 Data structures and algorithm same as that of version 2 Packet sniffing functions are optimized for maximum throughput No duplicate sniffing Packet type (IP, ARP, etc.) identification removed from these functions Conditionally perform computations on available packet Main logic responsible for packet type checking

4-19 Compile and Run $ cd / /mpac_1.2/apps/sniffer/sniffer_MQ_optimized/ $ make clean $ make $./mpac_sniffer_app – n – d – f – e 4

4-20 Lab 4 – Five Tuple comparison (MPAC sniffer version 3)