CHAPTER 12 INTRODUCTION TO PARALLEL PROCESSING CS 147 Guy Wong page 514-526.
ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.
-
Upload
corey-russell -
Category
Documents
-
view
221 -
download
0
Transcript of ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.
![Page 1: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/1.jpg)
ECE 526 – Network ECE 526 – Network Processing Systems Processing Systems
DesignDesignNetwork Processing Functions
Chapter 6&9: D. E. Comer
![Page 2: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/2.jpg)
Ning Weng ECE 526 2
Packet Processing Packet Processing FunctionsFunctions
• Basic network system functionality─ Address lookup─ Packet forwarding ─ Fragmentation and re-assembly─ Security─ Error detection and correction─ Queuing─ Scheduling─ Protocol de-multiplexing─ Packet classification─ Traffic measurement (Lab 2)
![Page 3: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/3.jpg)
Ning Weng ECE 526 3
OutlineOutline• Error detection and correction• Queueing• Scheduling• Packet classification
─ Inefficiency of packet de-multiplexing─ Classification implementation schemes
• Summary
![Page 4: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/4.jpg)
Ning Weng ECE 526 4
Error Detection and Error Detection and CorrectionCorrection
• Bit errors can occur in packet• Layer 2
─ Cyclic Redundancy Check (CRC)
• Layer 3─ Header checksum
• Significant computation overhead─ Layer 2 CRC done in hardware─ Layer 3 checksum computed over packet header only
• Error correction not performed by network system─ Even more overhead─ Error correction handled by upper layers
![Page 5: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/5.jpg)
Ning Weng ECE 526 5
QueueingQueueing• Referred to policies, data structure and
algorithms related to storing and selecting packets
• Packet processing- store and forward─ Incoming packet placed in incoming queue─ Outgoing packet placed in output queue
• When queue full, packets are discarded• Recall: queuing is one source of packet delay
• Basic questions about queuing─ What is the right size of each queue?─ How many queue needed?─ Where to place queues physically?─ How to implement priority policy?
![Page 6: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/6.jpg)
Ning Weng ECE 526 6
Queueing PriorityQueueing Priority• Multiple queues used to enforce priority
• Incoming packet─ Assigned priority as function of packet content, size or
security─ Placed in appropriate priority queue
• Queueing discipline─ Examining priority queues─ Chooses which packet to send─ Drop/discard policy: tail drop
![Page 7: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/7.jpg)
Ning Weng ECE 526 7
Queueing DisciplinesQueueing Disciplines• Priority Queueing
─ Assign unique priority number to each queue─ Choose packet from highest priority queue which is nonempty─ Known as strict priority queueing -> starvation
• Weighted Round Robin (WRR)─ Assign unique priority number to each queue─ Process all queues round-robin─ Compute N, max number of packets to select from a queue
proportional to priority─ Take up to N packet for processing before moving to next queue─ Does this work well?
• Weighed Fair Queueing (WFQ)─ Use packet size rather than number of packets─ Allocates priority to data amount of from a queue rather than
number of packets
![Page 8: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/8.jpg)
Ning Weng ECE 526 8
SchedulingScheduling• Co-ordination of activities in network systems• Two types
─ Link (queue) scheduling─ Resource scheduling
• Resource allocation─ Processing on multiple packets─ Processing on multiple protocols─ Multiple processors
• Scheduling attempts to achieve fairness
![Page 9: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/9.jpg)
Ning Weng ECE 526 9
messagesegment
datagram
frame
sourceapplicatio
ntransportnetwork
linkphysical
HtHnHl M
HtHn M
Ht M
M
destination
application
transportnetwork
linkphysical
HtHnHl M
HtHn M
Ht M
M
networklink
physical
linkphysical
HtHnHl M
HtHn M
HtHnHl M
HtHn M
HtHnHl M HtHnHl M
router
switch
EncapsulatioEncapsulationn
![Page 10: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/10.jpg)
Ning Weng ECE 526 10
Protocol DemultiplexingProtocol Demultiplexing• Used with layered protocols• Protocols at each layer of stack are differentiated
with type information at lower layer─ Example: layer 3 – IP, ARP based on Ethernet type
• Layered processing─ On output side (sender), type field in each header
specifies encapsulation.─ On input side (receiver), software in each layer chooses
module at next higher layer.─ Layered processing is inefficient since we have to go
through all stacks sequentially
• Can we do better?
![Page 11: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/11.jpg)
Ning Weng ECE 526 11
Packet ClassificationPacket Classification• Alternative to demultiplexing for higher speed• Idea
─ All layer header information available (no dependency)─ Can we process layer headers at different sequence
(reorder!)─ Can we consider all layer header at the same time
(parallel!)
• Classification─ Mapping packet into categories─ Based on header information from mixed layer
• Rule based─ Example:
• five-tuple flow classification• Web traffic
![Page 12: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/12.jpg)
Ning Weng ECE 526 12
Classification:Classification: Software Software VersionVersion
• Compare values in header fields• Conceptually a logic and of all fields comparisons
• Example: web traffic ─ three classification rules requiredIf ((frame type == 0x800) && (IP type ==6) && (TCP port
==80) packet matched classificationelse
packet does not match classification
• Can we do better?
![Page 13: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/13.jpg)
Ning Weng ECE 526 13
Classification: Software Classification: Software OptimizationOptimization
![Page 14: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/14.jpg)
Ning Weng ECE 526 14
Classification: Hardware Classification: Hardware VersionVersion
• Specific hardware• Extract required fields parallel
![Page 15: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/15.jpg)
Ning Weng ECE 526 15
Classification: Hybrid Classification: Hybrid VersionVersion
• Hardware and software combination─ Hardware for standard cases─ Software for exceptions
![Page 16: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/16.jpg)
Ning Weng ECE 526 16
SummarySummary
• Finish overview of the major packet processing functions
• Error detection and correction are expensive• Queuing and queuing disciplines• Scheduling and fairness• Difference between demultiplexing and
classification─ Sequential tour layers vs. parallel scan
![Page 17: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/17.jpg)
Ning Weng ECE 526 17
Network MeasurementsNetwork Measurements• Why do we need measurements?
─ Debugging─ Performance tuning─ Discovery of network structure─ Understanding of network behavior (reverse-
engineering)─ Discovery of security holes and attacks─ Etc.
• How can we measure networks?─ Inject packets and see what happens (active
measurement)─ Observe traffic (passive measurement)
• What are pros and cons of measurement?
![Page 18: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/18.jpg)
Ning Weng ECE 526 18
Active Measurement • Metrics that can be measured
─ Connectivity─ Round-trip time─ Loss rate─ Reordering─ Available bandwidth─ Bandwidth capacity
• Some metrics are available per-hop, others only end-to-end
• Some tools need software on both sides of measurement
![Page 19: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/19.jpg)
Ning Weng ECE 526 19
Passive Passive Measurement • Tcpdump is an example of passive network
measurement• Passive measurement consists of several phases
─ Data collection─ Data storage─ Extraction and calculation of metrics
• Passive measurement metrics─ Traffic volume (link utilization)─ Traffic mix (e.g., by protocol type, by destination)─ TCP flow behavior (packet retransmissions)
• Passive measurement challenges?─ Data rates to process─ Only partial view of network─ Staleness of data
![Page 20: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/20.jpg)
Ning Weng ECE 526 20
Lab2: Lab2: NetworkNetwork Traffic Monitoring & Traffic Monitoring & Performance MeasurementPerformance Measurement
• Goals─ Learn basic network tools─ Understand packet structure by watching real packets─ Get real performance number
• Tools─ Ping: a program verifying the existence of IP address
• Used for packet generator and delay measurement
─ Traceroute: a program tracing the route from sender to destination
• Used for delay measurement and route bottleneck identifier
─ Ethereal: network protocol analyzer─ Iperf: a tool to measure the maximum throughput between
client and server
![Page 21: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/21.jpg)
Ning Weng ECE 526 21
Connectivity • Simples case of active measurement• Typically done with ICMP Echo Request
─ Recipient will reply with ICMP Echo Response
• Implemented in ping tool:─ Sends ICMP echo requests to specified IP address─ Prints responses─ Reports TTL, round-trip time, loss rate (both ways)
• Useful parameters─ -c or -n count─ On Unix: -n numeric output (no IP address translation)─ -f flood ping ☺
• Very common and useful tool
![Page 22: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/22.jpg)
Ning Weng ECE 526 22
PingPing• Sending ICMP “echo request” packets to the
target host and listening for ICMP “echo response” replies
• Using interval timing and response rate, ping estimates the round-trip time and packet loss
![Page 23: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/23.jpg)
Ning Weng ECE 526 23
Ping Limitations • What are the limitations of ping?
─ ICMP disabled─ NAT boxes / firewalls─ No information on route (other than TTL)─ No information on performance (other than RTT)
• Other interesting observations─ TTL in packets can reveal OS type (useful for hackers)
![Page 24: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/24.jpg)
Ning Weng ECE 526 24
RouteRoute• How can route of packet be measured?• Traceroute approach:
─ Send packets with limited TTL towards destination─ Packets will “expire” and cause ICMP error message─ Source of error message is intermediate hop─ Repeat with increasing TTL
• Output:─ Each router with RTT
![Page 25: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/25.jpg)
Ning Weng ECE 526 25
TracerouteTraceroute• To determine the route taken by packets across
an IP network. • working by increasing the "time-to-live" value of
each successive batch of packets sent• Host discards the packet and sends an ICMP time
exceeded packet when TTL = 0 • Using these returning packets to produce a list of
hosts that the packets have traversed en route to the destination
• IP does not guarantee that all the packets take the same route.
![Page 26: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/26.jpg)
Ning Weng ECE 526 26
![Page 27: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/27.jpg)
Ning Weng ECE 526 27
Traceroute LimitationTraceroute Limitation• Not all routers respond• Processing, control and queue leads to wrong TTL
results
![Page 28: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/28.jpg)
Ning Weng ECE 526 28
tcpdumptcpdump• Passive network measurement tool: tcpdump• Tcpdump collects packets from interface and displays
headers─ Only one interface can be observed at any point of time─ All traffic on interface can bee seen (promiscuous mode)─ Filter allows pre-filtering of output─ Payload can be preserved (if necessary)─ Timestamp of packet arrival and transmission
• Very useful to check network setup• Useful options
─ -n no address translation─ -r and -w to read and write files─ -s determines length of preserved data─ -vv very verbose output
• Results can be displayed nicely with ethereal
![Page 29: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/29.jpg)
Ning Weng ECE 526 29
EtherealEthereal
![Page 30: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/30.jpg)
Ning Weng ECE 526 30
BandwidthBandwidth• How to measure bandwidth?
─ TCP vs. UDP─ Inject packets at high rates─ Reporting of result?─ Requires software on both sides
• Issues to consider─ Measurement reports currently available bandwidth─ Reports only bottleneck bandwidth─ TCP behavior needs to be considered─ Timing of UDP packet is critical
• Tool: iperf (and many others)─ Client acts as sender─ Server sinks traffic and reports statistics
![Page 31: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/31.jpg)
Ning Weng ECE 526 31
iperfiperf• Iperf report
• Iperf options─ -s run as server─ -c run as client─ -u uses UDP instead of TCP─ Man other options for packet size and rate (UDP)─ -b binds output interface (very useful)
![Page 32: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/32.jpg)
Ning Weng ECE 526 32
IperfIperf• > iperf -c 10.0.13.68 • results should look like this:
------------------------------------------------------------Client connecting to 10.0.13.68, TCP port 5001TCP window size: 8.00 KByte (default)------------------------------------------------------------[1924] local (your IP) port 1500 connected with 10.0.13.68 port 5001[ ID] Interval Transfer Bandwidth[1924] 0.0-10.0 sec 111 MBytes 92.9 Mbits/sec
• You're interested in the red numbers
![Page 33: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/33.jpg)
Ning Weng ECE 526 33
iperf Limitations • What are the limitations of iperf?
─ Same as for any other bandwidth measurement tool─ Control overhead─ Many options -> possible misconfiguration
• Need tool to observe network traffic to verify correct measurement setup
![Page 34: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/34.jpg)
Ning Weng ECE 526 34
Hyperion ProjectHyperion Project• Distributed passive measurement platform
─ Multiple measurement node in network─ Coordinated traffic collection and storage
• Performance challenge
─ Extraction, storage, and retrieval requires high performance
• Network processors can be used for extraction and pre-processing
![Page 35: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/35.jpg)
Ning Weng ECE 526 35
Hyperion Node Architecture
![Page 36: ECE 526 – Network Processing Systems Design Network Processing Functions Chapter 6&9: D. E. Comer.](https://reader035.fdocuments.net/reader035/viewer/2022062408/56649ef25503460f94c03688/html5/thumbnails/36.jpg)
Ning Weng ECE 526 36
Privacy IssuesPrivacy Issues• Passive measurements observe all traffic in network
─ Users have rights to privacy─ Measurement data can reveal lots of personal information
• Examples of personal information─ Web pages visited─ Usernames and passwords (if not encrypted)─ Emails, IM, etc.─ Even encrypted traffic reveals information
• One possible solution: anonymization of traces─ “Scramble” IP addresses ─ Prefix-preserving hashing is preferable over random
hashing─ Computationally expensive