High-density network flow monitoring

Monitoring of high-speed networks is becoming a resource intensive task. There are dedicated flow monitoring probes built with commodity hardware support up to 10G links, but multiple 10G or even 100 G optical networks are being used for transport networks and a data center connectivity. Running and maintaining many separate probes is uneconomical and time-consuming. Therefore, we explore the possibility to facilitate network interface cards (NICs) with multiple 10G interfaces to build probes which can replace many existing boxes, leading to reduced management and operational costs. The monitoring performance is critical for such a high-density solution. We use two custom-built, FPGA-based NICs, each with eight 10G interfaces to test current CPU limits and to propose improvements for the near future commodity NICs.

[1]  Luca Deri Passively Monitoring Networks at Gigabit Speeds Using Commodity Hardware and Open Source Software , 2003 .

[2]  Aiko Pras,et al.  Flow Monitoring Explained: From Packet Capture to Data Analysis With NetFlow and IPFIX , 2014, IEEE Communications Surveys & Tutorials.

[3]  Georg Carle,et al.  Comparing and improving current packet capturing solutions based on commodity hardware , 2010, IMC '10.

[4]  Luca Deri,et al.  High speed network traffic analysis with commodity multi-core systems , 2010, IMC '10.

[5]  Christian Callegari,et al.  DataTraffic Monitoring and Analysis: from measurement, classification, and anomaly detection to quality of experience , 2013 .

[6]  Benoit Claise,et al.  Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of IP Traffic Flow Information , 2008, RFC.

[7]  José Luis García-Dorado,et al.  High-Performance Network Traffic Processing Systems Using Commodity Hardware , 2013, Data Traffic Monitoring and Analysis.

[8]  Benoit Claise,et al.  Cisco Systems NetFlow Services Export Version 9 , 2004, RFC.

[9]  Benoit Claise,et al.  Specification of the IP Flow Information Export (IPFIX) Protocol for the Exchange of Flow Information , 2013, RFC.

[10]  L. Deri Improving Passive Packet Capture : Beyond Device Polling , 2003 .

[11]  Stefano Giordano,et al.  Enabling open-source high speed network monitoring on NetFPGA , 2012, 2012 IEEE Network Operations and Management Symposium.

[12]  Loris Degioanni,et al.  Introducing scalability in network measurement: toward 10 Gbps with commodity hardware , 2004, IMC '04.

[13]  Miguel Rio,et al.  Challenges in the capture and dissemination of measurements from high-speed networks , 2009, IET Commun..

[14]  Luca Deri,et al.  10 Gbit line rate packet-to-disk using n2disk , 2013, INFOCOM Workshops.