4 research outputs found
Performance assessment of 40 Gbit/s off-the-shelf network cards for virtual network probes in 5G networks
Incoming 5G networks will evolve regarding how they operate due to the use of virtualization technologies. Network functions that are necessary for communication will be virtual and will run on top of commodity servers. Among these functions, it will be essential to deploy monitoring probes, which will provide information regarding how the network is behaving, which will be later analyzed for self-management purposes. However, to date, the network probes have needed to be physical to perform at link-rates in high-speed networks, and it is challenging to deploy them in virtual environments. Thus, it will be necessary to rely on bare-metal accelerators to deal with existing input/output (I/O) performance problems. Next, to control the costs of implementing these virtual network probes, our approach is to leverage the capabilities that current commercial off-the-shelf network cards provide for virtual environments. Specifically, to this end, we have implemented HPCAP40vf, which is a driver that is GPL-licensed and available for download, for network capture in virtual machines. This driver handles the communication with an Intel XL710 40 Gbit/s commercial network card to enable a network monitoring application run within a virtual machine. To store the captured traffic, we have relied on NVMe drives due to their high transference rate, as they are directly connected to the PCIe bus. We have assessed the performance of this approach and compared it with DPDK, in terms of both capturing and storing the network traffic by measuring the achieved data rates. The evaluation has taken into account two virtualization technologies, namely, KVM and Docker, and two access methods to the underlying hardware, namely, VirtIO and PCI passthrough. With this methodology, we have identified bottlenecks and determined the optimal solution in each case to reduce overheads due to virtualization. This approach can also be applied to the development of other performance-hungry virtual network functions. The obtained results demonstrate the feasibility of our proposed approach: when we correctly use the capabilities that current commercial network cards provide, our virtual network probe can monitor at 40 Gbit/s with full packet capture and storage and simultaneously track the traffic among other virtual network functions inside the host and with the external networkThis work has been partially supported by the Spanish Ministry of Economy and Competitiveness and the European Regional Development Fund under the project TRÁFICA (MINECO/FEDER TEC2015-69417-C2-1-R),and by the European Commission under the project H2020METRO-HAUL (Project ID:761727
Estudio de captura y almacenamiento de tráfico en redes físicas y virtuales multi-gigabit
Study and analyze a high speed network ( 10Gbps) is a challenge in terms
of the amount of data to be processed and the data rate itself. As a result, the networking
capture tools are usually very complex. Those tools also have to be continuously adapted to new
technology and higher data rates. To meet those requirements, each capture tool implements
its own formats and way to capture that difficulties its interoperability. In order to solve this
problem, it is necessary to develop a capture tool that stores and works with network data in a
well-known format. Standard formats, like PCAP, allow different applications to work together
easly, even in a paralel way. In the same way, common formats frees network analyzing tools
from the underlying network.
Typically, expensive dedicated servers are used to capture, store and process network data at
high speed rates. However, this is changing due to the proliferation of cloud computing and the
greatly improved performance virtualization technology. This trend makes difficult to find baremetal
servers or even network equipment in some environments. Therefore, it is becoming more
and more important to evaluate the performance and feasibility of capture and process network
data on virtual environments. To achieve that, a capture and store tool has been developed.
The tool can work at 10 Gbps thanks to Intel DPDK capture technology. A technology, that
also can work in both bare-metal and virtual environments. In this work, different methods
and capture tools are compared. In the same way, different virtualization methods provided
by KVM are evaluated. While running applications in virtual machines have a small overhead
compared with the bare-metal version, results show that performance in virtual environment is
really close to bare-metal environment. However, those results can only be reached using the
correct configuration and the latest advantages of the state-of-the-art hardware devices.Estudiar y analizar el comportamiento de una red a alta velocidad ( 10 Gbps)
supone un reto constante a medida que aumenta la velocidad de las redes de comunicaciones
debido a la gran cantidad de datos que se generan a diario y al propio hecho de procesar
información a tales velocidades. Por estos motivos, las herramientas encargadas de la captura
de datos son complejas y se encuentran, por lo general, en constante adaptación a las nuevas
tecnologías y velocidades, lo que dificulta considerablemente su integración directa con otras
aplicaciones de motorización o análisis de datos. Por ello es necesario que estas herramientas sean
capaces de capturar y almacenar los datos en un formato estándar en el que otras herramientas
puedan trabajar a posteriori o incluso en paralelo, con los datos de red independientemente de
la tecnología de captura utilizada.
Típicamente, este proceso de captura, almacenamiento y procesamiento de datos a alta
velocidad se ha realizado en máquinas dedicadas. No obstante, debido a la proliferación del
cloud computing y a la gran mejora en rendimiento de la tecnología de virtualización, esto está
cambiando, pudiéndose llegar al caso en el que sea raro disponer de una máquina física en la
que realizar estos procesos. Por ello, evaluar la viabilidad de realizar estos procesos de tan alto
rendimiento dentro de entornos virtuales comienza a cobrar importancia. Dentro de este contexto,
se ha desarrollado una herramienta de captura y almacenamiento en disco a 10 Gbps mediante la
tecnología de captura Intel DPDK, con la capacidad de funcionar tanto en entornos físicos como
virtuales. Del mismo modo, en este trabajo se presentan y se comparan diferentes métodos y
herramientas de captura, así como los diferentes métodos de virtualización de componentes que
ofrece KVM. A pesar de que el uso de máquinas virtuales impone un sobrecoste computacional a
cualquier aplicación, los resultados obtenidos muestran que el rendimiento en entornos virtuales
se asemeja mucho al rendimiento en entornos sin virtualización, siempre y cuando se utilice la
configuración adecuada que exprima las capacidades de los dispositivos actuales
Harnessing low-level tuning in modern architectures for high-performance network monitoring in physical and virtual platforms
Tesis doctoral inédita leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Tecnología Electrónica y de las Comunicaciones. Fecha de lectura: 02-07-201
Aplicación de Big Data al análisis, monitorización y seguridad de redes de comunicaciones
Tesis doctoral inédita leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Tecnología Electrónica y de las Comunicaciones. Fecha de lectura: 04-02-202