Performance assessment of 40 Gbit/s off-the-shelf network cards for virtual network probes in 5G networks

Incoming 5G networks will evolve regarding how they operate due to the use of virtualization technologies. Network functions that are necessary for communication will be virtual and will run on top of commodity servers. Among these functions, it will be essential to deploy monitoring probes, which will provide information regarding how the network is behaving, which will be later analyzed for self-management purposes. However, to date, the network probes have needed to be physical to perform at link-rates in high-speed networks, and it is challenging to deploy them in virtual environments. Thus, it will be necessary to rely on bare-metal accelerators to deal with existing input/output (I/O) performance problems. Next, to control the costs of implementing these virtual network probes, our approach is to leverage the capabilities that current commercial off-the-shelf network cards provide for virtual environments. Specifically, to this end, we have implemented HPCAP40vf, which is a driver that is GPL-licensed and available for download, for network capture in virtual machines. This driver handles the communication with an Intel XL710 40 Gbit/s commercial network card to enable a network monitoring application run within a virtual machine. To store the captured traffic, we have relied on NVMe drives due to their high transference rate, as they are directly connected to the PCIe bus. We have assessed the performance of this approach and compared it with DPDK, in terms of both capturing and storing the network traffic by measuring the achieved data rates. The evaluation has taken into account two virtualization technologies, namely, KVM and Docker, and two access methods to the underlying hardware, namely, VirtIO and PCI passthrough. With this methodology, we have identified bottlenecks and determined the optimal solution in each case to reduce overheads due to virtualization. This approach can also be applied to the development of other performance-hungry virtual network functions. The obtained results demonstrate the feasibility of our proposed approach: when we correctly use the capabilities that current commercial network cards provide, our virtual network probe can monitor at 40 Gbit/s with full packet capture and storage and simultaneously track the traffic among other virtual network functions inside the host and with the external networkThis work has been partially supported by the Spanish Ministry of Economy and Competitiveness and the European Regional Development Fund under the project TRÁFICA (MINECO/FEDER TEC2015-69417-C2-1-R),and by the European Commission under the project H2020METRO-HAUL (Project ID:761727

Aplicación de Big Data al análisis, monitorización y seguridad de redes de comunicaciones

Tesis doctoral inédita leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Tecnología Electrónica y de las Comunicaciones. Fecha de lectura: 04-02-202

Modelos Matemáticos Basados en Consumos Computacionales para el Estudio de Rendimiento de Sondas de Análisis de Tráfico en Redes de Datos

196 p.La monitorización de tráfico es una operación crítica dentro de las tareas de gestión de red. Por ello, es necesario disponer de herramientas y equipos que analicen el tráfico de red y detecten posibles anomalías, fallos de configuración, ataques o intrusiones. Este trabajo de Tesis se centra en el estudio de equipos denominados sondas de análisis de tráfico que realizan labores de monitorización. Tras analizar la evolución de estos sistemas desde las primeras redes Gigabit Ethernet hasta las redes 5G actuales, la Tesis propone modelos analíticos dirigidos a medir el rendimiento de dichos dispositivos. Se presentan tres modelos basados en teoría de colas: en el primero, sobre un cola tándem con un único servidor activo, se formula un proceso de decisión de Markov que optimiza el throughput de una sonda de análisis; en el segundo, se analiza y se mide el rendimiento de un sistema de captura de paquetes mediante un modelo de cola con vacations; por último, el tercero plantea una red abierta de colas para tomar decisiones en el despliegue de funciones virtuales de red (VNFs) de un servicio de Misión Crítica sobre una red 5G. Cada modelo se resuelve con una técnica diferente y posteriormente se valida, bien sea comparando sus resultados con medidas experimentales de una sonda real o bien mediante simulación