Presentation is loading. Please wait.

Presentation is loading. Please wait.

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises: Lab 5 (Deep Packet Inspection)

Published byPearl Harper Modified over 8 years ago

Similar presentations

Presentation on theme: "Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises: Lab 5 (Deep Packet Inspection)"— Presentation transcript:

1 Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises: Lab 5 (Deep Packet Inspection)

2 5-2 Lab # 5: Deep Packet Inspection An overview

3 5-3 Lab Goals Objective Learning parallel programming using threads Utilizing many core systems efficiently Performance measurement Packet capture / filter / analyze - A case study We will use series of labs to achieve our objectives. Today’s lab is about deep packet inspection

4 5-4 Prerequisites Sniffing Capturing of network packets arriving or departing from a network interface Mechanism We use raw sockets as follows rawSock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)) This system call picks every packet going out or coming in on an Ethernet interface

5 5-5 Prerequisites Testing You can use loop back device as a network interface Use Netperf or MPAC for traffic generation on the network interface

6 5-6 Lab Setup 0246 1357 0246 1357 SenderReceiver Packet Sniffer 1 GigE Link System 1System 2 Data Packets Core Packet Mapping to Cores

7 5-7 Sniffing Labs Framework Sniffing One thread, called the dispatcher, sniffs the packets from the interface and puts it in one of the workers’ queues Filtering / Analysis Any kind of processing on a packet is the responsibility of the workers Each worker has its own queue or shared queue depending on sniffer application architecture Dispatcher assigns packets to worker queues

8 5-8 Lab 5 – Deep Packet Inspection Objective A user provided string will be searched in the TCP based application payload Mechanisms Same as Lab 4 except each worker now finds a string in the application payload String to find is provided by the user

9 5-9 Lab 5 – Deep Packet Inspection Observations Observer the throughput performance with increasing number of threads Compare the throughput with lab 3 and 4 throughput Use core affinity and observer performance

10 5-10 Sniffer Application Architecture MPAC packet sniffer version 1 Single queue Dispatcher can access whole queue Each worker thread can access only dedicated locations In-situ sniffing No copying from dispatcher to worker space Each location access is mutually exclusive Controlled by a flag per location No locking overhead Get packet, if flag = 1 (workers) Location Access Function = Put packet, if flag = 0 (Dispatcher)

11 5-11 T1T1 T0T0 T N-1 T1T1 T0T0 T1T1 T0T0 T1T1 T0T0 Dispatcher putting space Dispatcher putting direction Workers getting direction TNTN Worker Threads MPAC Packet Sniffer (Version 1)

12 5-12 Compile and Run $ cd / /mpac_1.2/apps/sniffer/sniffer_1Q/ $ make clean $ make $ netserver $ netperf $./mpac_sniffer_app – n – d – f – e 5

13 5-13 Throughput Bottlenecks Scanning of whole queue according to the status of flag Large stride size Needed more cache coherency

14 5-14 Sniffer Application Architecture MPAC Sniffer Version 2 Queue size distributed between worker threads Dispatcher can access whole queue Each worker thread can access only dedicated sub-queue In-situ sniffing No copying from dispatcher to worker space Mutually exclusion is assured by get and set indices ( get chases set ) Location access directions No locking overhead Get packet, if get < set (workers) Location Access Function = Put packet, if get ≤ set ( Dispatcher) Wait, otherwise

15 5-15 Dispatcher putting direction Workers getting direction TNTN Worker Threads T N-1 T2T2 T1T1 T0T0 Dispatcher putting space MPAC Packet Sniffer (Version 2 & 3)

16 5-16 Compile and Run $ cd / /mpac_1.2/apps/sniffer/sniffer_MQ/ $ make clean $ make $ netserver $ netperf $./mpac_sniffer_app – n – d – f – e 5

17 5-17 Throughput Bottlenecks Sniffing functions try to get a packet (of specific type) on their own Duplicate capturing Sniffing functions have high coupling and low cohesion

18 5-18 Sniffer Application Architecture MPAC Packet Sniffer Version 3 Data structures and algorithm same as that of version 2 Packet sniffing functions are optimized for maximum throughput No duplicate sniffing Packet type (IP, ARP, etc.) identification removed from these functions Conditionally perform computations on available packet Main logic responsible for packet type checking

19 5-19 Compile and Run $ cd / /mpac_1.2/apps/sniffer/sniffer_MQ_optimized/ $ make clean $ make $ netserver $ netperf $./mpac_sniffer_app – n – d – f – e 5

20 5-20 Lab 5 – String Matching in Payload (MPAC sniffer version 3)

Download ppt "Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises: Lab 5 (Deep Packet Inspection)"

Similar presentations

IP Router Architectures. Outline Basic IP Router Functionalities IP Router Architectures.

IP Router Architectures. Outline Basic IP Router Functionalities IP Router Architectures.
Unix Systems Performance Tuning Project of COSC 513 Name: Qinghui Mu Instructor: Prof. Anvari.

Unix Systems Performance Tuning Project of COSC 513 Name: Qinghui Mu Instructor: Prof. Anvari.
Virtual Machine Queue Architecture Review Ali Dabagh Architect Windows Core Networking Don Stanwyck Sr. Program Manager NDIS Virtualization.

Virtual Machine Queue Architecture Review Ali Dabagh Architect Windows Core Networking Don Stanwyck Sr. Program Manager NDIS Virtualization.
A Search Memory Substrate for High Throughput and Low Power Packet Processing Sangyeun Cho, Michel Hanna and Rami Melhem Dept. of Computer Science University.

A Search Memory Substrate for High Throughput and Low Power Packet Processing Sangyeun Cho, Michel Hanna and Rami Melhem Dept. of Computer Science University.
A Scalable and Reconfigurable Search Memory Substrate for High Throughput Packet Processing Sangyeun Cho and Rami Melhem Dept. of Computer Science University.

A Scalable and Reconfigurable Search Memory Substrate for High Throughput Packet Processing Sangyeun Cho and Rami Melhem Dept. of Computer Science University.
Multi-granular, multi-purpose and multi-Gb/s monitoring on off-the-shelf systems TELE9752 Group 3.

Multi-granular, multi-purpose and multi-Gb/s monitoring on off-the-shelf systems TELE9752 Group 3.
Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises.

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Lab Exercises.
Study of Hurricane and Tornado Operating Systems By Shubhanan Bakre.

Study of Hurricane and Tornado Operating Systems By Shubhanan Bakre.
NSF/TCPP Early Adopter Experience at Jackson State University Computer Science Department.

NSF/TCPP Early Adopter Experience at Jackson State University Computer Science Department.
© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.8: Understanding WAN Link Efficiency Mechanisms.

© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.8: Understanding WAN Link Efficiency Mechanisms.
Chapter 7 Protocol Software On A Conventional Processor.

Chapter 7 Protocol Software On A Conventional Processor.
ECE 526 – Network Processing Systems Design Software-based Protocol Processing Chapter 7: D. E. Comer.

ECE 526 – Network Processing Systems Design Software-based Protocol Processing Chapter 7: D. E. Comer.
Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Dr. Abdul Waheed.

Programming Multi-Core Processors based Embedded Systems A Hands-On Experience on Cavium Octeon based Platforms Dr. Abdul Waheed.
1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.

1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.
Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.

Snort - an network intrusion prevention and detection system Student: Yue Jiang Professor: Dr. Bojan Cukic CS665 class presentation.
Page: 1 Director 1.0 TECHNION Department of Computer Science The Computer Communication Lab (236340) Summer 2002 Submitted by: David Schwartz Idan Zak.

Page: 1 Director 1.0 TECHNION Department of Computer Science The Computer Communication Lab (236340) Summer 2002 Submitted by: David Schwartz Idan Zak.
CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 23 Introduction to Computer Networks.

CMPE 150- Introduction to Computer Networks 1 CMPE 150 Fall 2005 Lecture 23 Introduction to Computer Networks.
1 Multi-Core Architecture on FPGA for Large Dictionary String Matching Department of Computer Science and Information Engineering National Cheng Kung University,

1 Multi-Core Architecture on FPGA for Large Dictionary String Matching Department of Computer Science and Information Engineering National Cheng Kung University,
Students:Gilad Goldman Lior Kamran Supervisor:Mony Orbach Mid-Semester Presentation Spring 2005 Network Sniffer.

Students:Gilad Goldman Lior Kamran Supervisor:Mony Orbach Mid-Semester Presentation Spring 2005 Network Sniffer.
Informationsteknologi Tuesday, October 9, 2007Computer Systems/Operating Systems - Class 141 Today’s class Scheduling.

Informationsteknologi Tuesday, October 9, 2007Computer Systems/Operating Systems - Class 141 Today’s class Scheduling.

Similar presentations

Ads by Google