Presentation is loading. Please wait.

Presentation is loading. Please wait.

NAT Implementation for the NetFPGA Platform Omar Choudary and David Miller University of Cambridge Computer Laboratory.

Published byBarnaby Garrison Modified over 9 years ago

Similar presentations

Presentation on theme: "NAT Implementation for the NetFPGA Platform Omar Choudary and David Miller University of Cambridge Computer Laboratory."— Presentation transcript:

1 NAT Implementation for the NetFPGA Platform Omar Choudary and David Miller University of Cambridge Computer Laboratory

2 Outline Hardware o Design o TCAM memory: LPM and NAT o Performance Software o Functionality Advanced Feature: NAT o Hardware o Software NAT Demo o Case 1: client-server transfer crossing two nf-test machines o Case 2: ttcp performance test NAT implementation for the NetFPGA (Omar Choudary; David Miller) Slide 2

3 Advanced Feature.NAT NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 8

4 Hardware.Design NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 3

5 NAT.Hardware Tables to store NAT translations 2 CAMs + 2 RAMs 1 RAM for update counter (to solve TCP State issue) Registers for software communication Synchronisation with LPM and Routing functionality NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 9

6 Hardware.Performance TTCP (Test TCP, sourcing data from Linux OS) o 976Mbps = 122 MB/s o Limited by the OS and NF2 framework Router_perf (sourcing data directly from the FPGA): o 2909 Mbps = 363MB/s for 64-byte packet size o 3751 Mbps = 469MB/s for 1500-byte packet size o Limited by the NF2 framework NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 6

7 Software.Functionality Process packets sent by the Hardware to the CPU o Send and receive ICMP and ARP packets Implement and run the OSPF protocol Insert and update entries into the hardware tables: IP filter, ARP, ROUTE, NAT| Implement the CLI NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 7

8 NAT.Software Create entries in the NAT table when TCP/UDP packet arrives on INBOUND interfaces Checks the hardware counter on each entry to delete unused entries Handles incorrect UDP/TCP packets (possibly due to incorrect header checksum) Implements DHCP server to automatically provide hosts connected to INBOUND interfaces with IP addresses NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 10

9 NAT.DEMO NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 11

10 CASE 1: HTTP Transfer NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 12

11 CASE 2: TTCP Test NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 13

12 Questions NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 16

13 Problems Encountered NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 17 NF2 framework limitations -> issues with out_rdy signal Bad hardware design Hidden hardware bugs; hard to debug using chipscope NetFPGA ports are only Gigabit-capable; not possible to plug in a laptop Fast-Ethernet-only capable Problems when dealing with slow devices; either web server or our software making problems

14 CASE 3: Open Internet NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 14

15 CASE 4: Speed Test NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 15

16 Hardware.CAMs NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 4

17 Hardware.TCAM Fastest LPM hardware solution Based on a Ternary CAM => Each bit in the CAM memory contains 3 states: 0, 1 and X (don't care) My implementation uses 2 CAMs for each bit of the 32 composing an IP address => 64 Block RAMs NAT implementation for the netFPGA (Omar Choudary; David Miller)Slide 5

Download ppt "NAT Implementation for the NetFPGA Platform Omar Choudary and David Miller University of Cambridge Computer Laboratory."

Similar presentations

Ch. 23, 25 Q and A (NAT and UDP) Victor Norman IS333 Spring 2014.

Ch. 23, 25 Q and A (NAT and UDP) Victor Norman IS333 Spring 2014.
TCP/IP MODEL Maninder Kaur www.eazynotes.com.

TCP/IP MODEL Maninder Kaur
CSC458 Programming Assignment II: NAT Nov 7, 2014.

CSC458 Programming Assignment II: NAT Nov 7, 2014.
Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.

Media Access Control (MAC) addresses in the network access layer ▫ Associated w/ network interface card (NIC) ▫ 48 bits or 64 bits IP addresses for the.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—4-1 Implementing Inter-VLAN Routing Deploying Multilayer Switching with Cisco Express Forwarding.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—4-1 Implementing Inter-VLAN Routing Deploying Multilayer Switching with Cisco Express Forwarding.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
An 8051 Based Web Server Project by Mason Kidd Advised by Dr. Schertz.

An 8051 Based Web Server Project by Mason Kidd Advised by Dr. Schertz.
t Popularity of the Internet t Provides universal interconnection between individual groups that use different hardware suited for their needs t Based.

t Popularity of the Internet t Provides universal interconnection between individual groups that use different hardware suited for their needs t Based.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Application Layer PART VI.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Application Layer PART VI.
IP Routing: an Introduction. Quiz 0-31 32-63 64-95 96-127 128-159 160-191 192-223 224-255.

IP Routing: an Introduction. Quiz
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
CSC458/2209 PA1 Simple Router Based on slides by: Antonin Seyed Amir Hejazi 19/09/2014 CSC458/2209 - Computer Networks, University of Toronto.

CSC458/2209 PA1 Simple Router Based on slides by: Antonin Seyed Amir Hejazi 19/09/2014 CSC458/ Computer Networks, University of Toronto.
Announcement r Project 2 Extension ? m Previous grade allocation: Projects 40% –Web client/server7% –TCP stack21% –IP routing12% Midterm 20% Final 20%

Announcement r Project 2 Extension ? m Previous grade allocation: Projects 40% –Web client/server7% –TCP stack21% –IP routing12% Midterm 20% Final 20%
Section 461.  ARP  Ghostbusters  Grew up in Lexington, KY  Enjoy stargazing, cycling, and mushroom hunting  Met Mario once (long time ago)

Section 461.  ARP  Ghostbusters  Grew up in Lexington, KY  Enjoy stargazing, cycling, and mushroom hunting  Met Mario once (long time ago)
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
TCP/IP Networking sections 13.2,3,4,5 Road map: TCP, provide connection-oriented service IP, route data packets from one machine to another (RFC 791) ICMP,

TCP/IP Networking sections 13.2,3,4,5 Road map: TCP, provide connection-oriented service IP, route data packets from one machine to another (RFC 791) ICMP,
Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.

Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Similar presentations

Ads by Google