An Initial Investigation of the Design Challenges Associated with Reliable 100GigE Packet Capture

Wang, Haoda; Baker, Gavin Matthew; Kenny, Joseph P.; Ulmer, Craig D.

doi:10.2172/1560808

Title: An Initial Investigation of the Design Challenges Associated with Reliable 100GigE Packet Capture

Technical Report · Sun Sep 01 00:00:00 EDT 2019

DOI:https://doi.org/10.2172/1560808· OSTI ID:1560808

Wang, Haoda ^[1]; Baker, Gavin Matthew ^[1]; Kenny, Joseph P. ^[1]; Ulmer, Craig D. ^[1]

Sandia National Lab. (SNL-CA), Livermore, CA (United States)

Network security researchers often rely on Emulytics^TM to provide a way to evaluate the safety and security of real world systems. This work involves running a large number of virtual machines on a distributed platform to observe how software and hardware will respond to different types of attacks. While Emulytics^TM software such as minimega provide a scalable system for conducting experiments, the sheer volume of network traffic produced in an experiment can easily exceed the rate at which data can be recorded for offline analysis. As such, researchers must perform live analytics, narrow their monitoring scope or accept that they must run an experiment multiple times to capture all the information they require. In support of Sandia's commitment to Emulytics^TM, we are developing new storage components for the Carlin cluster that will enable researchers to capture significantly more network traffic from their experiments. This report provides a summary of Haoda Wang's initial investigation of how new AMD Epyc storage nodes can be adapted to perform packet capture at 100Gbps speeds with minimal loss. This work found that the NVMe storage capabilities of the Epyc architecture are suitable for capturing 100Gbps Ethernet traffic. While capturing traffic with existing libraries was surprisingly challenging, we were able to develop a DPDK-based software tool that recorded network traffic to disk with minimal packet loss.

View Technical Report

Cite

Export

Save

Research Organization:: Sandia National Lab. (SNL-CA), Livermore, CA (United States)

Sponsoring Organization:: USDOE National Nuclear Security Administration (NNSA)

DOE Contract Number:: AC04-94AL85000; NA0003525

OSTI ID:: 1560808

Report Number(s):: SAND-2019-10319; 679003

Country of Publication:: United States

Language:: English

Similar Records

Efficient Aho-Corasick String Matching on Emerging Multicore Architectures

Book · Thu Dec 12 00:00:00 EST 2013 · OSTI ID:1560808

Tumeo, Antonino; Villa, Oreste; Secchi, Simone; +1 more

Software-Driven Network Architecture for Synchronous Data Acquisition

Technical Report · Fri Jul 10 00:00:00 EDT 2020 · OSTI ID:1560808

McMillian, Gary; McMillian, Brett; DeWitt, Michael

Final Report for the project titled "Enabling Supernova Computations by Integrated Transport and Provisioning Methods Optimized for Dedicated Channels"

Technical Report · Wed Oct 31 00:00:00 EDT 2007 · OSTI ID:1560808

Veeraraghavan, Malathi

Related Subjects

97 MATHEMATICS AND COMPUTING

Title: An Initial Investigation of the Design Challenges Associated with Reliable 100GigE Packet Capture

Citation Formats

Similar Records

Related Subjects