Real-time Network Traffic Analysis in Data Centers

Real-time Network Traffic Analysis in Data Centers
Slide Note
Embed
Share

This content discusses the analysis of network traffic characteristics in data centers, focusing on interpacket delay, network research insights via the physical layer, and the importance of precise network measurements. It highlights the benefits of accessing the physical layer for improving network research and control. The presentation also covers the significance of idle characters, interpacket gaps, and interpacket timing in enhancing network efficiency and throughput.

  • Network Traffic Analysis
  • Data Centers
  • Real-time Measurements
  • Interpacket Delay
  • Physical Layer Insights
krystiana
krystiana Follow

Uploaded on Feb 25, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Data Center Traffic and Measurements: SoNIC Hakim Weatherspoon Assistant Professor, Dept of Computer Science CS 5413: High Performance Systems and Networking November 12, 2014 Slides from USENIX symposium on Networked Systems Design and Implementation (NSDI) 2013 presentation of SoNIC: Precise Realtime Software Access and Control of Wired Networks,

  2. Goals for Today Analysis and Network Traffic Characteristics of Data Centers in the wild T. Benson, A. Akella, and D. A. Maltz. In Proceedings of the 10th ACM SIGCOMM conference on Internet measurement (IMC), pp. 267-280. ACM, 2010.

  3. Interpacket Delay and Network Research Interpacket gap, spacing, arrival time, IPG Application Transport Packet i Packet i+1 Network IPD Data Link Important metric for network research Can be improved with access to the PHY Physical Increasing Throughput Detecting timing channel Packet Capture Packet Generation Estimating bandwidth Characterization 2/25/2025 SoNIC NSDI 2013 4

  4. Network Research enlightened via the PHY Valuable information: Idle characters IPG Application Transport Packet i Packet i+1 Network IPD Data Link Can provide precise timing base for control Each bit is ~97 ps wide Physical 2/25/2025 SoNIC NSDI 2013 5

  5. Network Research enlightened via the PHY Valuable information: Idle characters IPG Application 12 /I/s = 100bits = 9.7ns Transport Packet i Packet i+1 Network One Idle character (/I/) = 7~8 bits Data Link Can provide precise timing base for control Each bit is ~97 ps wide Physical Detecting timing channel Packet Capture Packet Generation 2/25/2025 SoNIC NSDI 2013 6

  6. Principle #1: Precision Precise network measurements is enabled via access to the physical layer (and the idle characters and bits within interpacket gap) 2/25/2025 SoNIC NSDI 2013 7

  7. How to control the idle characters (bits)? Access to the entire stream is required IPG Application Transport Packet i Packet i+1 Network Issue1: The PHY is simply a black box No interface from NIC or OS Valuable information is invisible (discarded) Data Link Physical Packet i Packet i Packet i+1 Packet i+1 Packet i+2 Packet i+2 Packet i Packet i Packet i+1 Packet i+1 Packet i+2 Packet i+2 Issue2: Limited access to hardware We are network systems researchers a.k.a. we like software 2/25/2025 SoNIC NSDI 2013 8

  8. Principle #2: Software Network Systems researchers need software access to the physical layer 2/25/2025 SoNIC NSDI 2013 9

  9. Precision + Software = Physics equipment??? BiFocals [IMC 10Freedman, Marian, Lee, Birman, Weatherspoon, Xu] Enabled novel network research Precision + Software = Laser + Oscilloscope + Offline analysis Allowed precise control in software Limitations Offline (not realtime) Limited Buffering Expensive 2/25/2025 SoNIC NSDI 2013 10

  10. Principle #3: Realtime Network systems researchers need access and control of the physical layer (interpacket gap) continuously in realtime 2/25/2025 SoNIC NSDI 2013 11

  11. Challenge Goal: Control every bit in software in realtime IPG Application Transport Packet i Packet i+1 Network IPD Data Link Enable novel network research Physical Challenge Requires unprecedented software access to the PHY 2/25/2025 SoNIC NSDI 2013 12

  12. Outline Introduction SoNIC: Software-defined Network Interface Card Background: 10GbE Network Stack Design Network Research Applications Conclusion 2/25/2025 SoNIC NSDI 2013 13

  13. SoNIC: Software-defined Network Interface Card Implements the PHY in software IPG Application Transport Packet i Packet i+1 Network IPD Data Link Enabling control and access to every bit in realtime With commodity components Thus, enabling novel network research How? Backgrounds: 10 GbE Network stack Design and implementation Hardware & Software Optimizations SoNIC NSDI 2013 Physical 2/25/2025 14

  14. 10GbE Network Stack Application Data Transport L3 Hdr Data Network L2 Hdr L3 Hdr Data Data Link Preamble Eth Hdr L2 Hdr L3 Hdr Data CRC Gap Physical 64/66b PCS Encode Encode 2 bit syncheader Idle characters (/I/) 64 bit 10.3125 Gigabits /S/ /S/ /D/ /D/ /D/ /D/ /D/ /D/ /D/ /D/ /T/ /T/ /E/ /E/ Decode 16 bit Scrambler Scrambler Descrambler Gearbox Gearbox Blocksync PMA PMA 011010010110100101101001011010010110100101101001011010010110100101101 PMD 2/25/2025 SoNIC NSDI 2013 15

  15. 10GbE Network Stack Application Data Transport L3 Hdr Packet i Data Packet i+1 SW Network L2 Hdr L3 Hdr Data Data Link Preamble Eth Hdr L2 Hdr L3 Hdr Data CRC Gap Physical 64/66b PCS Encode Encode HW /S/ /D/ /D/ /D/ /D/ /T/ /E/ Decode Packet i Packet i+1 Scrambler Scrambler Descrambler Gearbox Gearbox Blocksync PMA PMA 011010010110100101101001011010010110100101101001011010010110100101101 PMD Commodity NIC 2/25/2025 SoNIC NSDI 2013 16

  16. 10GbE Network Stack Application Application Data SW Transport Transport L3 Hdr Data Network Network L2 Hdr L3 Hdr Data HW Data Link Data Link Preamble Eth Hdr L2 Hdr L3 Hdr Data CRC Gap Physical 64/66b PCS Encode Encode Physical 64/66b PCS Encode Encode /S/ Packet i /D/ /D/ Packet i+1 /D/ /D/ /T/ /E/ Decode Decode SW Scrambler Scrambler Descrambler Scrambler Scrambler Descrambler Gearbox Gearbox Blocksync Gearbox Gearbox Blocksync HW PMA PMA PMA PMA 011010010110100101101001011010010110100101101001011010010110100101101 PMD PMD SoNIC NetFPGA 2/25/2025 SoNIC NSDI 2013 17

  17. SoNIC Design Application Data Transport L3 Hdr Data Network L2 Hdr L3 Hdr Data Data Link Preamble Eth Hdr L2 Hdr L3 Hdr Data CRC Gap Physical 64/66b PCS Encode Encode /S/ /D/ /D/ /D/ /D/ /T/ /E/ Decode SW Scrambler Scrambler Descrambler Gearbox Gearbox Blocksync HW PMA PMA 011010010110100101101001011010010110100101101001011010010110100101101 PMD SoNIC 2/25/2025 SoNIC NSDI 2013 18

  18. SoNIC Design and Architecture Application Data Userspace Transport APP L3 Hdr Data Kernel Network APP L2 Hdr L3 Hdr Data Data Link TX MAC RX MAC Preamble Eth Hdr L2 Hdr L3 Hdr Data CRC Gap Physical 64/66b PCS Encode Encode /S/ /D/ /D/ /D/ /D/ /T/ /E/ Decode SW TX PCS RX PCS Scrambler Scrambler Descrambler Hardware Gearbox Blocksync Gearbox Gearbox Blocksync HW PMA PMA 011010010110100101101001011010010110100101101001011010010110100101101 Transceiver Transceiver PMD SFP+ SoNIC 2/25/2025 SoNIC NSDI 2013 19

  19. SoNIC Design: Hardware To deliver every bit from/to software High-speed transceivers PCIe Gen2 (=32Gbps) Optimized DMA engine Application Transport Network Data Link Physical 64/66b PCS Encode Decode SW Scrambler Descrambler SFP+ SFP+ FPGA Gearbox Gearbox Blocksync Blocksync HW PMA PMA PMD PMD PCIeGen2 2/25/2025 SoNIC NSDI 2013 20

  20. SoNIC Design: Software Port 0 Port 1 Application Transport APP APP Network TX MAC RX MAC TX MAC RX MAC Data Link Data Link Physical 64/66b PCS Encode Encode TX PCS RX PCS TX PCS RX PCS Decode Decode Dedicated Kernel Threads TX / RX PCS, TX / RX MAC threads APP thread: Interface to userspace SW Scrambler Scrambler Descrambler Descrambler Gearbox Blocksync HW PMA Packet i Packet i+1 PMD 2/25/2025 SoNIC NSDI 2013 21

  21. SoNIC Design: Synchronization Low-latency FIFOs Port 0 Port 1 Application Transport APP APP Network TX MAC RX MAC TX MAC RX MAC Data Link Physical 64/66b PCS Encode TX PCS RX PCS TX PCS RX PCS Decode SW Scrambler Descrambler Pointer-polling No Interrupts SFP+ SFP+ FPGA Gearbox Blocksync HW PMA PMD PCIeGen2 2/25/2025 SoNIC NSDI 2013 22

  22. SoNIC Design: Optimizations 58 x 39 x Scrambler Application = + + ( ) 1 G x Transport Na ve Implementation Optimized Implementation s state d data fori = 0 63 do in (d >> i) & 1 out (in (s >> 38) (s >> 57))&1 s (s << 1) | out r r | (out << i) state s end for Network s state d data r (s >> 6) (s >> 25) d r r (r << 39) (r << 58) state r Data Link Data Link Physical 64/66b PCS Encode Decode Scrambler Scrambler Descrambler Descrambler 0.436 Gbps 21 Gbps Gearbox Blocksync CRC computation DMA engine PMA PMD 2/25/2025 SoNIC NSDI 2013 23

  23. SoNIC Design: Interface and Control Hardware control: ioctl syscall I/O : character device interface Sample C code for packet generation and capture 1: #include "sonic.h" 2: 3: struct sonic_pkt_gen_info info = { 4: .mode = 0, 5: .pkt_num = 1000000000UL, 6: .pkt_len = 1518, 7: .mac_src = "00:11:22:33:44:55", 8: .mac_dst = "aa:bb:cc:dd:ee:ff", 9: .ip_src = "192.168.0.1", 10: .ip_dst = "192.168.0.2", 11: .port_src = 5000, 12: .port_dst = 5000, 13: .idle = 12, 14: }; 15: 16: /* OPEN DEVICE*/ 17: fd1 = open(SONIC_CONTROL_PATH, O_RDWR); 18: fd2 = open(SONIC_PORT1_PATH, O_RDONLY); 19: /* CONFIG SONIC CARD FOR PACKET GEN*/ 20: ioctl(fd1, SONIC_IOC_RESET) 21: ioctl(fd1, SONIC_IOC_SET_MODE, PKT_GEN_CAP) 22: ioctl(fd1, SONIC_IOC_PORT0_INFO_SET, &info) 23 24: /* START EXPERIMENT*/ 25: ioctl(fd1, SONIC_IOC_START) 26: // wait till experiment finishes 27: ioctl(fd1, SONIC_IOC_STOP) 28: 29: /* CAPTURE PACKET */ 30: while ((ret = read(fd2, buf, 65536)) > 0) { 31: // process data 32: } 33: 34: close(fd1); 35: close(fd2); 2/25/2025 SoNIC 24

  24. Outline Introduction SoNIC: Software-defined Network Interface Card Network Research Applications Packet Generation Packet Capture Covert timing channel Conclusion 2/25/2025 SoNIC NSDI 2013 25

  25. Network Research Applications Interpacket delays and gaps Application IPG Transport Packet i Packet i+1 Network IPD Data Link Physical Detecting timing channel Packet Capture Packet Generation 2/25/2025 SoNIC NSDI 2013 26

  26. Packet Generation and Capture Basic functions for network research Generation: SoNIC allows control of IPGs in # of /I/s Capture: SoNIC captures what was sent with IPGs in bits APP APP TX MAC RX MAC TX MAC RX MAC TX PCS RX PCS TX PCS RX PCS 1518B 1518B 1518B 1518B 1518B 9Gbps, IPD =13992 bits (1357ns) 2/25/2025 SoNIC NSDI 2013 27

  27. Packet Generation SoNIC allows precise control of IPGs CDF of generated IPDs 1? 1? SoNIC? SoNIC? 0.8? 0.8? Sniffer? 10G? CDF Specialized NIC Higher variance 0.6? 0.6? APP APP 0.4? 0.4? SoNIC TX MAC RX MAC TX MAC RX MAC Zero variance!!! TX PCS RX PCS TX PCS RX PCS 0.2? 0.2? 0? 0? 1000? 1000? 1500? 1500? 2000? 2000? 2500? 2500? 3000? 3000? Interpacket delays (ns) 1518B 1518B 1518B 1518B 1518B 9Gbps, IPD =13992 bits (1357ns) 2/25/2025 SoNIC NSDI 2013 28

  28. Packet Capture SoNIC captures what is sent CDF of captured IPDs 1? 1? 1? 1? 1? 0.8? 0.8? 0.8? 0.8? 0.8? SoNIC? SoNIC? Kernel? SoNIC? SoNIC? Kernel? Kernel? Userspace? Userspace? Sniffer? 10G? CDF 0.6? 0.6? 0.6? 0.6? 0.6? APP APP 0.4? 0.4? 0.4? 0.4? 0.4? TX MAC RX MAC TX MAC RX MAC TX PCS RX PCS TX PCS RX PCS 0.2? 0.2? 0.2? 0.2? 0.2? 0? 0? 0? 0? 0? 0? 0? 0? 0? 0? 1000? 1000? 1000? 1000? 1000? 2000? 2000? 2000? 2000? 2000? Interpacket delays (ns) 3000? 3000? 3000? 3000? 3000? 4000? 4000? 4000? 4000? 4000? 5000? 5000? 5000? 5000? 5000? 1518B 1518B 1518B 1518B 1518B 9Gbps, IPD =13992 bits (1357ns) 2/25/2025 SoNIC NSDI 2013 29

  29. Covert Timing Channel Embedding signals into interpacket gaps. Large gap: 1 Small gap: 0 Covert timing channel by modulating IPGs at 100ns Overt channel at 3 Gbps Covert channel at 250 kbps Over 4-hops with < 1% BER Packet i Packet i+1 Packet i Packet i+1 APP APP TX MAC RX MAC TX MAC RX MAC TX PCS RX PCS TX PCS RX PCS 2/25/2025 SoNIC NSDI 2013 30

  30. Covert Timing Channel Modulating IPGS at 100ns scale (=128 /I/s) 3562 /I/s 1? 1? 1? 1? SoNIC? SoNIC? Kernel? 3562 - 128 /I/s 0.8? 0.8? 0.8? 0.8? 3562 + 128 /I/s BER = 0.37% CDF 0.6? 0.6? 0.6? 0.6? APP APP 0.4? 0.4? 0.4? 0.4? TX MAC RX MAC TX MAC RX MAC 0.2? 0.2? 0.2? 0.2? TX PCS RX PCS TX PCS RX PCS 1 0 0? 0? 0? 0? 500? 500? 500? 500? 1500? 1500? 1500? 1500? 2500? 2500? 2500? 2500? 3500? 3500? 3500? 3500? 4500? 4500? 4500? 4500? Interpacket delays (ns) 1 : 3562 + 128 /I/s 0 : 3562 128 /I/s 1 : 3562 + a /I/s 0 : 3562 a /I/s 2/25/2025 SoNIC NSDI 2013 31

  31. Contributions Network Research Unprecedented access to the PHY with commodity hardware A platform for cross-network-layer research Can improve network research applications Engineering Precise control of interpacket gaps (delays) Design and implementation of the PHY in software Novel scalable hardware design Optimizations / Parallelism Status Measurements in large scale: DCN, GENI, 40 GbE 2/25/2025 SoNIC NSDI 2013 32

  32. Conclusion Precise Realtime Software Access to the PHY Commodity components An FPGA development board, Intel architecture Network applications Network measurements Network characterization Network steganography Webpage: http://sonic.cs.cornell.edu SoNIC is available Open Source. 2/25/2025 SoNIC NSDI 2013 33

  33. Before Next time Project Interim report Due Monday, November 24. And meet with groups, TA, and professor Fractus Upgrade: Should be back online Required review and reading for Friday, November 14 Timing is Everything: Accurate, Minimum Overhead, Available Bandwidth Estimation in High-speed Wired Networks, H. Wang, K. Lee, E. Li, C. L. Lim, A. Tang, and H. Weatherspoon. ACM SIGCOMM Internet Measurement Conference (IMC), November 2014. http://conferences2.sigcomm.org/imc/2014/papers/p407.pdf Check piazza: http://piazza.com/cornell/fall2014/cs5413 Check website for updated schedule

Related


Traffic Turning Tendency Surveys in Transportation Studies

Traffic Turning Tendency Surveys in Transportation Studies

kamau
Prioritizing Effective Traffic Management at the Workplace

Prioritizing Effective Traffic Management at the Workplace

indi
Principles of Traffic Demand Analysis and Highway Demand Forecasting

Principles of Traffic Demand Analysis and Highway Demand Forecasting

lolarose
Network Traffic Analysis with Wireshark: Examples and Techniques

Network Traffic Analysis with Wireshark: Examples and Techniques

tommy-lee
Traffic Engineering Analysis in Telecommunication Networks

Traffic Engineering Analysis in Telecommunication Networks

cason
IEEE 802.11-21/1115r0 Traffic Prioritization Summary

IEEE 802.11-21/1115r0 Traffic Prioritization Summary

imran
Network Design Challenges and Solutions in Business Data Communications

Network Design Challenges and Solutions in Business Data Communications

aviva
Real-Time Systems and Operating Systems

Real-Time Systems and Operating Systems

liel
Traffic Flow Improvement at Gate 1 Pilot Project Overview

Traffic Flow Improvement at Gate 1 Pilot Project Overview

alix
Innovative Smart Traffic App Solution by Smart Road Technology Ltd

Innovative Smart Traffic App Solution by Smart Road Technology Ltd

lillymae
Real-Time Network Traffic Prediction Using LSTM Neural Network

Real-Time Network Traffic Prediction Using LSTM Neural Network

hawwa
Programmable Traffic Management for Network Optimization

Programmable Traffic Management for Network Optimization

humphrey
Luxury Big Island SEO Report - February 2017 Summary

Luxury Big Island SEO Report - February 2017 Summary

hafsah
Kingwood Traffic Signals Overview and Updates

Kingwood Traffic Signals Overview and Updates

lyon
Traffic Response to Tolling: Insights from Research

Traffic Response to Tolling: Insights from Research

jerr_199
Efficient Rule Management for Data Centers

Efficient Rule Management for Data Centers

mean261
Preventing Road Traffic Injuries: A Global Perspective

Preventing Road Traffic Injuries: A Global Perspective

astat
Engaging Traffic Education Lesson for Students at Shaistagonj Kamil Madrasah

Engaging Traffic Education Lesson for Students at Shaistagonj Kamil Madrasah

dkay
Fine-Grained Dissection of WeChat in Cellular Networks

Fine-Grained Dissection of WeChat in Cellular Networks

gkyr
Efficient Traffic Monitoring for Science DMZ with Side-Channel Traffic Winnowing

Efficient Traffic Monitoring for Science DMZ with Side-Channel Traffic Winnowing

joyl_770
Traffic Engineering Studies in Civil Engineering

Traffic Engineering Studies in Civil Engineering

porreca_a
Next-Generation Network Security Solutions for Evolving Challenges

Next-Generation Network Security Solutions for Evolving Challenges

aailiyah

More Related Content