Exploiting Commodity Multi-core Systems for Network Traffic Analysis
نویسندگان
چکیده
The current trend in computer processors is towards multi-core systems. Although operating systems were adapted a long time ago to support multi-processing, kernel network layers have not yet taken advantage of this new technology. The result is that packet capture, the cornerstone of every network monitoring application, is not efficient on modern systems and its performance gets worse with an increasing number of cores. This paper describes common pitfalls of network monitoring applications when used with multi-core systems, and presents solutions to these problems. In addition, it covers the design and implementation of a new multi-core aware packet capture kernel module that enables monitoring applications to scale with the number of cores, contrary to what happens in most operating systems.
منابع مشابه
Traffic Analysis on High-Speed Internet Links
The past years have seen an increase in the importance of computer networks for many tasks in day-to-day life. Network services are crucial for many business work-flows and become more important for the private life driven by new services such as social networks or online video streaming portals. As the need for network service availability increases, operators see a growing need for understand...
متن کاملMulti-perspective Decision Support System for Hierarchical Bus Transportation Network Design: Tehran Case Study
In this paper, a multi-perspective decision support system (MP-DSS) to design hierarchical public transportation network is developed. Since this problem depends on different perspectives, MP-DSS consists of two sub-systems with macro and micro sub-systems based on travel information, land use and expert knowledge. In the micro sub-system, two sub-modules are developed considering o...
متن کاملNetwork Monitoring on Multicores with Algorithmic Skeletons
Monitoring network traffic on 10 Gbit networks requires very efficient tools capable of exploiting modern multicore computing architectures. Specialized network cards can accelerate packet capture and thus reduce the processing overhead, but they can not achieve adequate packet analysis performance. For this reason most monitoring tools cannot cope with high network speeds. We describe the desi...
متن کاملTowards Low Latency Software Routers
Network devices based on commodity hardware are capable of high-speed packet processing while maintaining the programmability and extensibility of software. Thus, software-based network devices, like software routers, software-based firewalls, or monitoring systems, constitute a cost-efficient and flexible alternative to expensive, special purpose hardware. The overall packet processing perform...
متن کاملTIFAflow: Enhancing Traffic Archiving System with Flow Granularity for Forensic Analysis in Network Security
The archiving of Internet traffic is an essential function for retrospective network event analysis and forensic computer communication. The state-of-the-art approach for network monitoring and analysis involves storage and analysis of network flow statistic. However, this approach loses much valuable information within the Internet traffic. With the advancement of commodity hardware, in partic...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2009