D. Ficara, S. Giordano, F. Oppedisano, G. Procissi, F. Vitucci
{"title":"A cooperative PC/Network-Processor architecture for multi gigabit traffic analysis","authors":"D. Ficara, S. Giordano, F. Oppedisano, G. Procissi, F. Vitucci","doi":"10.1109/ITNEWS.2008.4488141","DOIUrl":null,"url":null,"abstract":"The extensive availability of cost effective commodity PC hardware pushed the development of flexible and versatile traffic monitoring software such as protocol analyzers, protocol dissectors, traffic sniffers, traffic characterizers and IDSs (Intrusion Detection Systems). The largest part of these pieces of software is based on the well known libpcap API, which in the last few years has become a de facto standard for PC based packet capturing. Many improvements have been applied to this library but it still suffers from several performance flaws that are due not to the software itself but rather to the underlying hardware bottlenecks. In this paper we present a new traffic monitoring device, implemented by an Intel IXP2400 Network Processor PCI-X card connected to a gigabit Ethernet LAN hosting a cluster of common personal computers running any libpcap based application. This architecture outperforms the previous solutions in terms of packet capturing power and timestamp accuracy.","PeriodicalId":255580,"journal":{"name":"2008 4th International Telecommunication Networking Workshop on QoS in Multiservice IP Networks","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2008-04-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2008 4th International Telecommunication Networking Workshop on QoS in Multiservice IP Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITNEWS.2008.4488141","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 8
Abstract
The extensive availability of cost effective commodity PC hardware pushed the development of flexible and versatile traffic monitoring software such as protocol analyzers, protocol dissectors, traffic sniffers, traffic characterizers and IDSs (Intrusion Detection Systems). The largest part of these pieces of software is based on the well known libpcap API, which in the last few years has become a de facto standard for PC based packet capturing. Many improvements have been applied to this library but it still suffers from several performance flaws that are due not to the software itself but rather to the underlying hardware bottlenecks. In this paper we present a new traffic monitoring device, implemented by an Intel IXP2400 Network Processor PCI-X card connected to a gigabit Ethernet LAN hosting a cluster of common personal computers running any libpcap based application. This architecture outperforms the previous solutions in terms of packet capturing power and timestamp accuracy.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
