Download Reconfigurable Hardware Based TCP Flow Monitor

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
Document related concepts
no text concepts found
Transcript 
TCP-Splitter:
A Reconfigurable Hardware
Based TCP/IP Flow Monitor
David V. Schuehler
[email protected]
Hot Interconnects 2002
1
Outline






Motivation
Hardware Platform
Design
Results
Applications
Questions
Hot Interconnects 2002
2
MOTIVATION
Hot Interconnects 2002
3
Problem Statement

Develop a lightweight network monitoring
component that operates at multi-gigabit/second
line rates.
Data
Client Application
Traffic
Monitor
IP frames
Hot Interconnects 2002
IP frames
4
Why work with TCP?




Over 85% on Internet traffic is TCP based
Internet is growing
TCP is a proven reliable transport for data
delivery
Provide high speed active networks the ability
work with TCP flows
Hot Interconnects 2002
5
Why not use a software based monitor?

Difficult to achieve desired performance
Why not implement a full TCP stack ?




Large memories required for reassembly
Limited number of simultaneous connections
Acts as a connection endpoint
Not a lightweight solution
Hot Interconnects 2002
6
Solution



Develop TCP flow monitor: TCP-Splitter
Leverage existing hardware infrastructure
Expand upon Layered Protocol Wrappers research
IP frames
TCP Splitter
Byte Stream
Client Application
IP frames
IP Wrapper
AAL5 Frame Wrapper
ATM Cell Wrapper
Hot Interconnects 2002
7
HARDWARE PLATFORM
Hot Interconnects 2002
8
Washington University Gigabit Switch
Hot Interconnects 2002
9
FPX Module
Oscillators
Static Ram
RAD
(XCV1000E)
NID (XCV600E)
PROM
Hot Interconnects 2002
10
DESIGN
Hot Interconnects 2002
11
Goals






High Speed Design
Small FPGA Footprint
Simple Client Interface
Support Large Number of Flows
Utilize existing protocol wrapper framework
Execute within FPX environment, and
systems like it
Hot Interconnects 2002
12
Challenges






Frames are dropped on the Internet
Packets are reordering
Flow state is needed for large number of
flows
Widescale deployment requires an efficient
implementation
Backbone networks must process data at
multi-Gigabit/second rates
Hardware library should be small
Hot Interconnects 2002
13
Assumptions/Limitations



Though traffic may take diverse paths
through a network, all monitored traffic must
flow through the node with TCP-Splitter
Through flows are generally bidirectional,
data is processed as a pair of unidirectional
flows
Though data may be sent out of order, data
will be forced to be processed in-order
Hot Interconnects 2002
14
TCP-Splitter
TCP Splitter
IP frames
Inbound
Byte Stream
Client Application
IP frames
Outbound
IP Wrapper
AAL5 Frame Wrapper
ATM Cell Wrapper
Hot Interconnects 2002
15
TCP Input Module Data Flow
Flow
Classifier
Checksum
Engine
Output State Machine
Input
Input State Machine
Control
FIFO
Output
Frame FIFO
Hot Interconnects 2002
16
Layout
Client
Application
TCPProc
TCPInput
TCPOutput
Flow Classifier
IP Input
Input State Machine
Output State Machine
Checksum Engine
IP Output
Packet Routing
Control FIFO
Frame FIFO
Hot Interconnects 2002
17
Packet Routing






Non-TCP packets  IP stack
Invalid TCP checksum  Drop
TCP SYN packets  IP stack
(Seq # < Expected Seq #)  IP stack
(Seq # > Expected Seq #)  Drop
Else  Client App AND IP stack
Hot Interconnects 2002
18
Client Interface









1 bit Clock
1 bit Reset
32 bit Data Word
2 bit Data Enable
3 bit Start/End of Data Signals
2 bit Valid Data Bytes
N bit Flow Identifier
2 bit Start/End of Flow Signals
1 bit TCA
Hot Interconnects 2002
Client
Application
19
RESULTS
Hot Interconnects 2002
20
Current State of Research





Developed, simulated, and tested design
Handles 256 k simultaneous flows
Synthesizes at 101MHz
Executes in hardware
Developing new client applications
Hot Interconnects 2002
21
Synthesis Results for Xilinx XCV1000E-7
TCPSplitter
Space/LUTs
617 (2%)
Full Wrappers
(Cell + Frame + IP
+ TCP + Client)
4954 (20%)
Register bits
503 (2%)
4933 (20%)
Processing delay 7 clock cycles *
44-68 clock cycles
*
* Plus length of packet in 32 bit words
Hot Interconnects 2002
22
APPLICATIONS
Hot Interconnects 2002
23
Sample Run
Flow ID
Hot Interconnects 2002
TCP data enable
Start of frame
IP payload
End of frame
Byte count
SRAM write
24
Multi-Device Programmer




Listens to TCP/IP conversation
Extracts programming information
Sends programming information to device
Simultaneously programs multiple devices
Connection
Endpoint
Programmer
TCP/IP connection
Hot Interconnects 2002
25
Stacked programmer
50
FPX
50
FPX
50
FPX
FPX
50
98
50
FPX
Line Card
98
50
99
Client
Hot Interconnects 2002
99
50
FPXFPX
FPX
50
Server
26
Conclusion

A lightweight circuit, called TCP-Splitter, has been
developed which provides a client application with
the ability to monitor TCP/IP flows on multiGigabit/second networks.






Implemented in reconfigurable hardware
Operates on network traffic in real-time
Processes data at 3.1 Gigabits/second
Requires limited resources: 2% of a Xilinx XCV1000E
Eliminates the need for large reassembly buffers
Monitors 256 k flows simultaneously
Hot Interconnects 2002
27
Acknowledgments

Harvey Ku


Multi-Device Programmer
Dr. John Lockwood

Advisor
Hot Interconnects 2002
28
QUESTIONS
Hot Interconnects 2002
29
Related documents