Navigation

Technical tidbits

DMAring: A real-time efficient network packet capturing solution

Download the code (ver 0.9) and documentation from Sourceforge/ Freashmeat (tgz /zip)

Keywords: Packet capturing, network monitoring, Linux network driver, real-time Linux, real-time networking.

This open source project is a novel generic network interface card driver architecture which works in hybrid interrupt-polling mode. It delivers superior real-time performance on Linux, Redhat Linux or Linux-RTAI-LXRT (a real-time co-kernel for Linux with user level extension). Existing Linux drivers are inefficient, they saturate the CPU at a much lower packet rates than the maximum wire line packet rate that is possible. But with this driver, vanilla network cards can be used for high speed packet capturing. This driver improves the packet capturing speed by 7 to 10 times, and the real-time packet delivery response by 500 to 5000 times over existing drivers and alternate approaches (HIP, NAPI, pfring, check the references in the papers for performance comparisons [1]), depending on whether Redhat Linux or RTAI is used. Thus this obviates the need for expensive high capacity hardware, specialized network data acquisition cards and systems (for example from Endace). Description of DMAring architecture and reasons behind its superior performance can be found here.

This project contain basic source codes, which other developers can use/adapt for their applications, and this paper [2] describes the architecture in greater details and provide some guidelines to modify any Linux network interface driver (Donald Becker style drivers).

Earlier I had received lot of mail request from networking, network security/monitoring domain people, to get these codes or modified specific network drivers. I am looking forward that some developer will take up this project, churn out driver modifications for the most common net work cards and share with others.

Anybody willing to know the issues involved in real-time Linux or looking for real-time networking solutions can take a look at my Masters thesis. I found RTAI with LXRT to be a very tractable, good performance, cheap (free!) real-time Linux option. This thesis contains some useful performance related discussions.

 

A service oriented VoIP soft switch prototype for enriched telecom services

Keywords: VoIP, value added telecom services, soft switch, conference call, local number portability, SIP, Megaco, service oriented architecture (SOA).

This was a prototyping experiment to see what type of service oriented architecture (SOA) is suitable for telecom soft-switch. Such switches facilitate deployment of enriched value added telecom services by drastically reducing the deployment cost and time-to-market. This is achieved by using a service oriented architecture and the new generation telecom protocols - SIP, Megaco, etc. This is very similar to what Skype, Vonage and others are doing these days.

The novelty of this soft-switch is in its SOA. It is possible to deploy many services without additional code development and deployment. All it requires is configuration. In addition to all the routine services provided by 2G network switches (800, 900, call screening, forwarding etc.), I could deploy conference call, local number portability (LNP), follow me services with this SOA (I mean without programming). This switch exported a configuration and agent interaction interface that could provide additional value added services. I was the designer and lead developer for this prototype.

 

Designing northbound interface for a hierarchical Network Management System (NMS)

Keywords: Flow through subscriber provisioning, data mediation, NMS, fault tolerant design, overlay network.

This project is about integrating a generic Operation Support System (OSS) with proprietary telecom Network Elements. This involved developing a suitable north bound interface for the CorDECT Wireless Local Loop (WLL) Element Management System (EMS). CorDECT WLL is an indegeneious, extremely low cost fixed wireless telecom technology, developed by Tenet research group of IIT Madras. This interface was a part of a hierarchical Network Management System deployment for a large national telecom operator. The EMS interacts with the Clarity OSS through this interface, to receive subscriber provisioning requests and to hand off fault alarm notifications, traffic Erlang data and call data records for bill processing.

Permanent reliable data network between the EMS and the WLL network elements was absent. The EMS had to communicate with the WLL elements over unreliable PSTN dial-up. That was the typical telecom infrastructure scenario in India, a few years back and these telecom projects improved the situation significantly. Therefore the technical challenge was to design an appropriate northbound interface protocol, which would allow fault tolerant and seamless flow-through provisioning and monitoring of the provisioning tasks. More details can be found in this document. I was the lead designer and project manager for this project.

 

Performance re-engineering of a Network Management Data Collection server

Keywords: ISO 9126, Performance engineering, performance evaluation, Network Management System, performance of Java applications.

This project was about improving the performance of a mission critical Network Management System (NMS) application. An appropriate performance and reliability evaluation model for a Network Management System (NMS) application was developed and then this model was utilized to identify the possible performance bottlenecks of Cygnet 130, the erstwhile NMS flagship product of NMSWorks. The underlying causes behind these performance problems were identified and some software components were re-engineered to achieve the desired performance. The salient point of this project was the methodical performance troubleshooting and engineering approach based on ISO 9126, for an extremely complex server side application. More details are available here. I was the lead engineer and engineering manager for this activity.

 

Low overhead software instrumentation for Linux kernels and applications for accurately measuring time related performances

Keywords: Low overhead software instrumentation, performance measurements of OS/kernels/Linux, real-time instrumentation and measurement, real-time Linux, real-time networking.

This project is a small library for low overhead software instrumentation to measure timing related performances of Linux kernels and applications. In many performance tests/experiments, this obviates the need for expensive hardware test jigs involving: logic analyzers, embedded signature patterns and signature based triggering mechanisms. This will be useful for real-time system and hardware-software codesigners/developers to evaluate and verify performances of their codes. Codes and documentation will be soon available along with some data collected on real-time performance of various Linux drivers. These data would be useful to other driver and kernel developers.

 

A high performance platform for deploying Network Intrusion Detection Sensors (NIDS)

Keywords: NIDS, high performance platform.

This project is about building a high performance platform for Network Intrusion Detection Sensors from the available real-time co-kernel, Linux, DMAring driver. Will put more information about this project later, meanwhile you can take a look at these papers [2, 3].

 

NS-2 ver 2.30 code patch to implement a 802.11 wireless channel error model

Download the code for NS-2 (ver 2.30) (zip).

Keywords: NS-2 ver 2.30, 802.11 wireless channel bit error model.

Here is the patch for the 802.11 wireless channel error model for NS-2 ver 2.30. This is ported from the intial work done by Wu Xiuchao (the pdf doc can be found here). The zipped folder contains files that go to corresponding folders under /ns-2.30/ (replace the files which are already there). For re-compilation follow the instruction as given in the next para.

If time permits we would put another code here (for download) that computes BER/SER for Rayleigh channel. The output of this code can be put in a text file and to feed the error model running within NS2. This combination of this code and NS2 will allow NS2 simulation with Rayleigh channel.

 

NS-2 code patch for TCP-Illinois

Download the code for NS-2 (ver 2.30) (zip).

Keywords: NS-2, TCP-Illinois.

Here is the patch for the TCP-Illinois for NS-2. The TCP-Illinois paper can be found here. The zipped folder contains two files "tcp.h" and "tcp.cc". In the ns2 source code, go to /ns-2.30/tcp/ folder and replace the two files "tcp.h" and "tcp.cc" from the ones in the downloaded zipped package. Then do the following to recompile the ns2 -

make clean

make

Use the "sack_illinois.tcl" ns2 script file as an example on how to activate TCP-Illinois. To activate TCP ILLINOIS, use TCP SACK agent, and then set the windowOption_ to 105. The follwing is the tcl code snippet to do this-

#Create tcp-illinois connection
set tcp3 [new Agent/TCP/Sack1]
Agent/TCP set windowOption_ 105
$ns attach-agent $s3 $tcp3