Tharaneedharan Vilwanathan
Innovator

Tharaneedharan Vilwanathan

San Francisco Bay Area, CA, USA

Activity Feed

Tharaneedharan V. added photos to project Replica - A Fast Packet Capture Mechanism

Medium 70e6b352 452f 468f aa92 e7e8e8b6b8f1

Replica - A Fast Packet Capture Mechanism

Introduction

Replica is an SPDK-based Packet Capture Mechanism for DPDK-based switch/router. This article covers the details about the need for a packet capture mechanism. and the design and features of Replica.

Problem

Packet Capture is an essential piece for development, testing and troubleshooting. It is essential that a good network device has robust packet capture mechanism. Many network devices either lack a good packet capture mechanism or need expensive devices.

Firehose

Debugging the firehose is not easy. The sheer bandwidth may make it impractical to store the packets that are arriving at high frequency. Obviously, filter mechanism such as Wireshark packet filter mechanism will not suffice.

DPDK

DPDK is a kit that uses commodity hardware such as Intel CPU and NIC to achieve near-ASIC network forwarding solution. DPDK uses smart techniques such as user-level, polled mode drivers, bulking, ring buffers, large page size, prefetch, efficient use of cache, pinning threads to core, smart software algorithms, NIC offload, etc. to achieve this.

SPDK

SPDK is an offshoot of DPDK. While DPDK is focused on network solutions, SPDK is focused on storage solutions. SPDK can offer near 100x compared to hard disk based Linux file system and near-10x improvements compared to SSD based Linux solution. Like DPDK, SPDK uses techniques such as user-level, polled mode drivers, efficient use of cache, pinning threads to core, etc. to provide an order of magnitude performance improvement.

Solution

Replica is a solution that offers a practical, cheap, robust, fast packet capture mechanism. It uses several techniques to achieve this:

- Efficient filter mechanism
- Fast handoff to the storage core avoiding
- Multiple packet capture sessions
- Ability to store full packet or partial packet (e.g. first 64 bytes)
- Capture 1:1 packets or Packet Sampling (e.g. 1 out of 32)
- Bloom filter support and/or Cuckoo filter support
- Ability to identify packets of interest at several touch points:
* Ingress or Egress
* Port, VLAN, Port-VLAN
* L2 or L3
* Flow Level
* ACL level
* QoS
- Auxiliary Action support: Matching or non-matching is the trigger for packet capture. For e.g. capture all ACL-denied packets
- Ability to build complex rules: E.g. capture first 32 bytes of 1 out of 64 packets that are specific to a flow.
- Expanding SPAN concepts: While traditional SPAN is for replicating a port, we extend the concept to allow it to capture only first x bytes, sample, etc.
- SPAN+ or storage: The destination is another port or storage
- Support standard PCAP format for decoding/analyzing using Wireshark
- Use of one or more cores simultaneously for packet capture

Summary: (to be removed if needed)
SPDK-based Packet Capture Mechanism for DPDK-based switch/router

This feature will allow packet capture in various ways:

- Using SPDK, it stores in disk in .pcap format
- Advanced filter support using ACL, Flow and fuzzy logic (Bloom filter)
- Support for multiple packet capture sessions
- Support for high traffic capture limited only by SPDK and DPDK
- Replicated packets will be sent to another interface (SPAN)
- Will support ERSPAN (Encapsulated Remote SPAN)
- Will do full 1:1 packet capture or sampling (for e.g. 1 out of 64)
- Will do full packet or first segment (say, first 64 bytes)
- Support for Wireshark format (directly sends in Wireshark .pcap format to a remote destination)
- Multiple touch points for capture - Port, Port-VLAN, VLAN, L3, ACL, etc

Default user avatar 57012e2942

Tharaneedharan V. created project Replica - A Fast Packet Capture Mechanism

Medium 70e6b352 452f 468f aa92 e7e8e8b6b8f1

Replica - A Fast Packet Capture Mechanism

Introduction

Replica is an SPDK-based Packet Capture Mechanism for DPDK-based switch/router. This article covers the details about the need for a packet capture mechanism. and the design and features of Replica.

Problem

Packet Capture is an essential piece for development, testing and troubleshooting. It is essential that a good network device has robust packet capture mechanism. Many network devices either lack a good packet capture mechanism or need expensive devices.

Firehose

Debugging the firehose is not easy. The sheer bandwidth may make it impractical to store the packets that are arriving at high frequency. Obviously, filter mechanism such as Wireshark packet filter mechanism will not suffice.

DPDK

DPDK is a kit that uses commodity hardware such as Intel CPU and NIC to achieve near-ASIC network forwarding solution. DPDK uses smart techniques such as user-level, polled mode drivers, bulking, ring buffers, large page size, prefetch, efficient use of cache, pinning threads to core, smart software algorithms, NIC offload, etc. to achieve this.

SPDK

SPDK is an offshoot of DPDK. While DPDK is focused on network solutions, SPDK is focused on storage solutions. SPDK can offer near 100x compared to hard disk based Linux file system and near-10x improvements compared to SSD based Linux solution. Like DPDK, SPDK uses techniques such as user-level, polled mode drivers, efficient use of cache, pinning threads to core, etc. to provide an order of magnitude performance improvement.

Solution

Replica is a solution that offers a practical, cheap, robust, fast packet capture mechanism. It uses several techniques to achieve this:

  • Efficient filter mechanism
  • Fast handoff to the storage core avoiding
  • Multiple packet capture sessions
  • Ability to store full packet or partial packet (e.g. first 64 bytes)
  • Capture 1:1 packets or Packet Sampling (e.g. 1 out of 32)
  • Bloom filter support and/or Cuckoo filter support
  • Ability to identify packets of interest at several touch points: * Ingress or Egress * Port, VLAN, Port-VLAN * L2 or L3 * Flow Level * ACL level * QoS
  • Auxiliary Action support: Matching or non-matching is the trigger for packet capture. For e.g. capture all ACL-denied packets
  • Ability to build complex rules: E.g. capture first 32 bytes of 1 out of 64 packets that are specific to a flow.
  • Expanding SPAN concepts: While traditional SPAN is for replicating a port, we extend the concept to allow it to capture only first x bytes, sample, etc.
  • SPAN+ or storage: The destination is another port or storage
  • Support standard PCAP format for decoding/analyzing using Wireshark
    • Use of one or more cores simultaneously for packet capture

Summary: (to be removed if needed) SPDK-based Packet Capture Mechanism for DPDK-based switch/router

This feature will allow packet capture in various ways:

  • Using SPDK, it stores in disk in .pcap format
  • Advanced filter support using ACL, Flow and fuzzy logic (Bloom filter)
  • Support for multiple packet capture sessions
  • Support for high traffic capture limited only by SPDK and DPDK
  • Replicated packets will be sent to another interface (SPAN)
  • Will support ERSPAN (Encapsulated Remote SPAN)
  • Will do full 1:1 packet capture or sampling (for e.g. 1 out of 64)
  • Will do full packet or first segment (say, first 64 bytes)
  • Support for Wireshark format (directly sends in Wireshark .pcap format to a remote destination)
  • Multiple touch points for capture - Port, Port-VLAN, VLAN, L3, ACL, etc
Default user avatar 57012e2942

Tharaneedharan V. created project PerfectStream: A DPDK-based Video Gateway

Medium 432a7a60 482c 469d aeee 12ea4c820fcb

PerfectStream: A DPDK-based Video Gateway

PerfectStream is primarily a Video Gateway that receives multiple streams, stores the feed and/or relays the feed as needed in the way the client prefers.

The challenges today are:

  • Content distribution devices are expensive and use proprietary technology
  • There is no efficient use of network bandwidth.
  • Outburst of use of wireless communication.
  • There is an outburst of end devices with varying capabilities and needs: Wearables, Smartphones, Tablets, Laptops and SmartTVs
  • The demand for video and live streaming is ever-growing.

The key features are:

  • Flexible as a receiver: By supporting multiple formats, protocols, etc. it is very flexible as a reciever.
  • Flexible as a sender: Also, as a sender, it is very flexible. It offers multiple choices and goes by what the client prefers for coding format, rate, size, security, etc.
  • Efficient use of hardware: Tries to maximize hardware use as well as the intrinsic capabilities of hardware.
  • Use of right hardware: Although CPU will be primarily used in the early stages, use of GPU/GP-GPU, Intel MIC and other hardware will be used.

The project involves several modules and provides many features. They are briefly described below:

PerfectCode: Stream is received in various video formats and the received video is re-encoded in various formats to suit the end devices.

PerfectRate: Multiple streams will be generated for various bitrates and frame rates.

PerfectSize: The video stream is resized to various sizes to suit various end devices.

PerfectCopy: A single stream is replicated at the right layer as many times as needed for each end device.

PerfectCrypt: The incoming video stream received over a secure session is decrypted as needed, using the capabilities of AES-NI. Similarly, the video stream is encrypted based on the choice of the end device.

PerfectTransport: PerfectStorm supports a variety of transport protocols. For e.g. UDP, TCP, http, https, etc.

PerfectStore: Received video stream can be stored in flash disk.

PerfectCast: The incoming video is relayed to multiple destination after various stages of processing.

PerfectPlay: Any video stream stored can be played at any time.

PerfectChain: PerfectStorm devices can be daisy-chained for wider deployment and content distribution.

Some sample applications on top of Perfect Stream:

PerfectBeep: PerfectStorm can be used to introduce broadcast delay to avoid Wardrobe Malfunction telecast incidents. It can also replace the stream with Censor Beep stream for the period.

PerfectPolice: Content received/sent can be monitored for potential copyright violation

The project is really a starburst of ideas and cannot be done in a short time. So, the following section tells what is possible in the first phase:

Key Benefits

The project offers the following benefits:

  • On-demand content delivery like YouTube, Netflix, Apple iTunes, Google Play, Amazon Prime, etc.
  • Live broadcast service like Comcast (Cable operators) with TiVo service (Pause live TV, rewind, etc)
  • Live streaming service like YouTube, Facebook, etc.
  • Interactive video chat such as Apple FaceTime, Google Chat, etc.

Note:

An earlier section covered myriad features and functionalities. However, due to severe time and resource limits, only a subsection will be implemented for the first demo. Here are the details:

PerfectStream - Over UDP, receives one or more streams - It reassembles the video frame from UDP payload and decodes the frame - Trans-rates and transcodes the stream and stores to disk - Loads and sends the streams over UDP, encrypting (if needed) - The end device displays the streams

Please note that if there are constraints, shortcuts will be taken as needed.

About

Interested in Networking, OS, Processors, many-core, Graphics, etc

Featured Projects

See All

Bigger eric headshot 2012
  • Projects 0
  • Followers 4

Eric Heaton

Intel Data Plane Architect, focusing on the Cable market. Use IA to create high-performance hw or sw-based networking infrastructure.

Oakland, CA, USA

Bigger 0 f1sxxhvhunzeujw7htnovdzhs5w6jmw7h xwmwq25ahlg7r3eirhrfveldw
  • Projects 0
  • Followers 10

Bill Strahm

San Francisco Bay Area, CA, USA

Thumb e7801888 75ee 472e 92d1 be20b8d25cae
  • Collaborators 2
  • Followers 44

Follow

Blynk

Thumb u3nm 7ef Pavel Bayborodin

Created: 01/15/2016

Build a mobile app for your connected project or product in less than 5 minutes

Medium big data
Featured
  • Followers 1500

Modern Code

Drive faster breakthroughs through faster code: Get more results on your hardware today and carry...

Medium networking
Featured
  • Followers 1371

Networking

Software-Defined Networking (SDN) and Network Functions Virtualization (NFV) are transforming the...

Bigger 0 0noe1qqpuw fhvora9ihxyev2kxfhzxve5ghfobp2v blndziogsq0cpde1blq5vegiw mnmouxbgw5v007lxf9vwuxfgw49i07elqospnaagowxiuxwbgw9kb
  • Projects 0
  • Followers 0

Jonathan Wan

San Francisco Bay Area, CA, USA

Bigger 0 ob6zzix7tcwmyiytscqnyg6tgksmrj tsczzycq 2xrsx48f4bbnpkxnrtj
  • Projects 0
  • Followers 1

Marcos Alvarez

Electrical Engineering Master's Degree student. Computer Vision with Deep Learning passionate. Self learner and self starter.

San Francisco Bay Area, CA, USA