Средства захвата и обработки высокоскоростного сетевого трафика

В данной работе дается обзор научных исследований в области захвата и обработки высокоскоростного трафика, а также рассматриваются конкретные программно-аппаратные решения. В работе выделены основные направления развития технологий перехвата трафика и описано их взаимодействие между собой. На основе обзора выделены основные проблемы сетевого стека операционных систем и способы их решения. Рассматриваются реализованные в программно-аппаратных средствах алгоритмы и структуры, а также их архитектура. Для каждого из решений описывается процесс получения пакетов с сетевого интерфейса. Кроме того, проведено сравнение их производительности, общий анализ реализаций, а также приведены рекомендации по области применимости.

1. D. Cerović, V. Del Piccolo et al. Fast Packet Processing: A Survey. IEEE Communications Surveys & Tutorials, vol. 20, no. 4, 2018, pp. 3645-3676.

2. L. Linguaglossa, S. Lange et al. Survey of Performance Acceleration Techniques for Network Function Virtualization. Proceedings of the IEEE, vol. 107, no. 4, 2019, pp. 746-764.

3. Sangjin Han, Keon Jang et al. Berkeley Extensible Software Switch (BESS). Technical Report No. UCB/EECS-2015-155, University of California at Berkeley, 2015, 17 p.

4. DPDK (Data Plane Development Kit). URL: https://core.dpdk.org.

5. ntop. URL: https://www.ntop.org/.

6. T. Høiland-Jørgensen, J. D. Brouer et al. The eXpress data path: fast programmable packet processing in the operating system kernel. In Proc. of the 14th International Conference on Emerging Networking EXperiments and Technologies (CoNEXT '18), 2018, pp. 54-66.

7. L. Rizzo. netmap: A Novel Framework for Fast Packet I/O. In Proc. of the USENIX Annual Technical Conference (USENIX ATC 12), 2012, pp. 101-112.

8. S. McCanne and V. Jacobson. The BSD packet filter: a new architecture for user-level packet capture. In Proc. of the Winter USENIX Conference (USENIX'93), 1993, 11 p.

9. Ben Pfaff, Justin Pettit et al. The Design and Implementation of Open vSwitch. In Proc. of the 12th USENIX Symposium on Networked Systems Design and Implementation (NSDI 15), 2015, pp. 117-130.

10. László Molnár, Gergely Pongrácz et al. Dataplane Specialization for High-Performance OpenFlow Software Switching. In Proc. of the ACM SIGCOMM Conference (SIGCOMM ’16), 2016, pp. 539-552.

11. Sangjin Han, Keon Jang et al. PacketShader: A GPU-Accelerated Software Router. ACM SIGCOMM Computer Communication Review, vol. 40, issue 4, 2010, pp. 195–206.

12. M. Trevisan, A. Finamore et al. Traffic Analysis with Off-the-Shelf Hardware: Challenges and Lessons Learned. IEEE Communications Magazine, vol. 55, no. 3, 2017, pp. 163-169.

13. Robert Morris, Eddie Kohler et al. The Click Modular Router. In Proc. of the Seventeenth ACM Symposium on Operating Systems Principles, 1999, pp. 217-231.

14. Tom Barbette, Cyril Soldani, and Laurent Mathy. Fast Userspace Packet Processing. In Proc. of the Eleventh ACM/IEEE Symposium on Architectures for Networking and Communications Systems, 2015, pp. 5-16.

15. FD.io. Vector Packet Processing - One Terabit Software Router on Intel Xeon Scalable Processor Family Server. White Paper. Cisco, Intel Corporation, FD.io, 2017.

16. M. Paolino, N. Nikolaev et al. SnabbSwitch user space virtual switch benchmark and performance optimization for NFV. In Proc. of the IEEE Conference on Network Function Virtualization and Software Defined Network (NFV-SDN), 2015, pp. 86-92.

17. A. Farshin, T. Barbette et al. PacketMill: Toward per-core 100-GBPS Networking. In Proc. of the Twenty-Sixth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS 2021), 2021, pp. 1-17.

18. Intel: 82599 10 GbE controller datasheet, 2019. http://www.intel.com/content/www/us/en/ethernet-controllers/82599-10-gbe-controller-datasheet.html.

19. А.И. Гетьман, Е.Ф. Евстропов, Ю.В. Маркин. Анализ сетевого трафика в режиме реального времени: обзор прикладных задач, подходов и решений. Препринт ИСП РАН, вып. 28, 2015, стр. 1-52 / A.I. Getman, E.F. Evstropov, Yu.V. Markin. Analysis of network traffic in real time: an overview of applications, approaches and solutions. ISP RAS Preprint, no. 28, 2015, pp. 1-52 (in Russian).

20. V. Moreno, J. Ramos et al. Commodity packet capture engines: tutorial cookbook and applicability. IEEE Communications Surveys & Tutorials, vol. 17, no. 3, 2015, pp. 1364-1390.

21. G. Liao, X. Znu, L. Bnuyan. A new server I/O architecture for high speed networks. In Proc. of the Symposium on High-Performance Computer Architecture, 2011, pp. 255-265.

22. S. Han, K. Jang, K.S. Park, S. Moon. PacketShader: a GPU-accelerated software router. ACM SIGCOMM Computer Communication Review, vol. 40, issue 4, 2010, pp. 195–206.

23. W. Wu, P. DeMar, M. Crawford. Why can some advanced Ethernet NICs cause packet reordering? IEEE Communications Letters, vol. 15, issue 2, 2011, pp. 253-255.

24. V. Moreno, P.M. Santiago del Río, J. Ramos, J.J. Garnica, J.L. García-Dorado. Batch to the future: Analyzing timestamp accuracy of high-performance packet I/O engines. IEEE Communications Letters vol. 16, issue 11, 2012, pp. 1888–1891.

25. pcap(3pcap). URL: https://www.tcpdump.org/manpages/pcap.3pcap.html.

26. Wireshark. URL: https://www.wireshark.org/.

27. Tcpdump. URL: https://www.tcpdump.org.

28. Snort. URL: https://www.snort.org.

29. L. Deri. Improving passive packet capture: Beyond device polling. In Proc. of the 4th International System Administration and Network Engineering Conference, 2004, 9 p.

30. D.Scholz. A look at Intel’s Dataplane Development Kit. In Proc. of the Seminars on Future Internet (FI) and Innovative Internet Technologies and Mobile Communications (IITM), 2014, pp. 115-122.

31. M. Karlsson and B. Töpel. The Path to DPDK Speeds for AF_XDP. In Proc. of the Linux Plumbers Conference, 2018, 9 p.