Flow Monitoring in High-Speed Networks with 2D Hash Tables
Flow monitoring is a required task for a variety of networking applications including fair scheduling and intrusion/anomaly detection. Existing flow monitoring techniques are implemented in software, which are insufficient for real-time monitoring in high-speed networks. In this paper, we present the design of a flow monitoring scheme based on two-dimensional hash tables. Taking advantage of FPGA technology, we exploit the use of parallelism in our implementation for both accuracy and performance. We present four techniques based on this two-dimensional hash table scheme. Using a simulation environment that processes packet traces, our implementation can find flow information within 8% of the actual value while achieving link speeds exceeding 60 Gbps for a workload with constant packet sizes of 40 bytes.
Unable to display preview. Download preview PDF.
- 1.Arsham, H.: Time Series Analysis and Forecasting Techniques, http://obelia.jde.aca.mmu.ac.uk/resdesgn/arsham/opre330Forecast.htm
- 3.Cheung, O.Y.H., Leong, P.H.W.: Implementation of an FPGA Based Accelerator for Virtual Private Networks. In: IEEE International Conference on Field-Programmable Technology (FPT 2002), Hong Kong, China (December 2002)Google Scholar
- 4.Jenkins, B.: Hash Functions and Block Ciphers, http://www.burtleburtle.net/bob/hash/index.html
- 5.Madson, C., Temoshenko, L., Pellecuru, C., Harrison, B., Ramakrishnan, S.: IPSec Flow Monitoring MIB Textual Conventions, Internet Engineering Task Force (March 2003)Google Scholar
- 6.NLANR Project. Network Traffic Packet Header Traces, http://moat.nlanr.net/Traces
- 7.Synplicity Inc. Synplify Pro: The Most Powerful HDL Synthesis Solution for Multi-Million Gate Programmable Logic Designs (2000), http://www.synplify.com
- 8.Xilinx Inc., SPEEDRouter v1.1 Product Specification (October 2001)Google Scholar