Abstract
Packet monitoring arguably needs the flexibility of open architectures and active networking. In earlier work we have implemented FLAME, an open monitoring system, that balanced flexibility and safety while attempting to achieve high performance by combining the use of a type-safe language, lightweight run-time checks, and fine-grained policy restrictions.
We seek to understand the range of applications, workloads, and tra.c, for which a safe, open, traffic monitoring architecture is practical. To that end, we investigated a number of applications built on top of FLAME.We use measurement data and analysis to predict the workload at which our system cannot keep up with incoming traffic.We report on our experience with these applications, and make several observations on the current state of open architecture applications.
This work was supported in part by the DoD University Research Initiative (URI) program administered by the Office of Naval Research under Grant N00014-01-1- 0795, and by NSF under grant ANI-00-82386.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
D. S. Alexander, W. A. Arbaugh, M. W. Hicks, P. Kakkar, A. D. Keromytis, J. T. Moore, C. A. Gunter, S. M. Nettles, and J. M. Smith. The Switc hWare active network architecture. IEEE Network, 12(3):29–36, May/June 1998.
K. G. Anagnostakis and H. Bos. Towards flexible real-time network monitoring using a network processor. In Proceedings of the 3rd USENIX/NLUUG SANE Conference (short paper), May 2002.
K. G. Anagnostakis, S. Ioannidis, S. Miltchev, J. Ioannidis, M. B. Greenwald, and J. M. Smith. Efficient packet monitoring for network management. In Proceedings of the 8th IFIP/IEEE Network Operations and Management Symposium (NOMS), pages 423–436, April 2002.
K. G. Anagnostakis, S. Ioannidis, S. Miltchev, and J. M. Smith. Practical network applications on a lightweight active management environment. In Proceedings of the 3rd Int’l Working Conference on Active Networks (IWAN), pages 101–115, October 2001.
M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis. The KeyNote Trust Management System Version 2. Internet RFC 2704, September 1999.
H. Bos and B. Samwel. Safe kernel programming in the OKE. In Proceedings of IEEE OPENARCH 2002, June 2002.
J. Brunner. The Shockwave Rider. Del Rey Books, Canada, 1975.
J. Chase, H. Levy, M. Baker-Harvey, and E. Lazowska. Opal: A single address space system for 64-bit architectures. In Proceedings of the Fourth Workshop on Workstation Operating Systems, pages 80–85, 1993.
N. Duffield and M. Grossglauser. Trajectory sampling for direct traffic observation. IEEE/ACM Transactions on Networking, 9(3):280–292, June 2001.
M. Hicks, J. T. Moore, and S. Nettles. Compiling PLAN to SNAP. In Proceedings of the 3rd Int’l Working Conference on Active Networks (IWAN), pages 134–151, October 2001.
S. Ioannidis, K. G. Anagnostakis, J. Ioannidis, and A. D. Keromytis. xPF: packet filtering for low-cost network monitoring. In Proceedings of the IEEE Workshop on High-Performance Switching and Routing (HPSR), pages 121–126, May 2002.
T. Jim, G. Morrisett, D. Grossman, M. Hicks, J. Cheney, and Y. Wang. Cyclone: A safe dialect of C. In Proceedings of USENIX 2002 Annual Technical Conference, June 2002.
T. V. Lakshman and U. Madhow. The performance of TCP/IP for networks with high bandwidth-delay products and random loss. IEEE/ACM Transactions on Networking, 5(3):336–350, June 1997.
G. R. Malan and F. Jahanian. An extensible probe architecture for network protocol performance measurement. In Proceedings of ACM SIGCOMM, pages 215–227, August 1998.
J. C. Mogul and K. K. Ramakrishnan. Eliminating receive livelock in an interruptdriven kernel. ACM Transactions on Computer Systems, 15(3):217–252, August 1997.
D. Moore. The spread of the code-red worm (crv2). In http://www.caida.org/analysis/security/code-red/. August 2001.
R. Morris, E. Kohler, J. Jannotti, and M. F. Kaashoek. The click modular router. In Proceedings of the 17th ACM Symposium on Operating System Principles (SOSP), pages 217–231, December 1999.
C. Partridge, A. Snoeren, T. Strayer, B. Schwartz, M. Condell, and I. Castineyra. FIRE: Flexible intra-AS routing environment. In Proceedings of ACM SIGCOMM, pages 191–203. August 2000.
M. Roughan, D. Veitch, and P. Abry. Real-time estimation of the parameters of long-range dependence. IEEE/ACM Transactions on Networking, 8(4):467–478, August 2000.
F. B. Schneider, G. Morrisett, and R. Harper. A language-based approach to security. Informatics: 10 Years Back, 10 Years Ahead, pages 86–101, 2000.
J. F. Shoch and J. A. Hupp. The “worm” programs-early experiments with a distributed computation. Communications of the ACM, 25(3):172–180, March 1982.
J. M. Smith and C. B. S. Traw. Giving applications access to Gb/s networking. IEEE Network, 7(4):44–52, July 1993.
D. Tennenhouse, J. Smith, W. Sincoskie, D. Wetherall, and G. Minden. A survey of active network research. IEEE Communications Magazine, pages 80–86, January 1997.
D. Wetherall. Active network vision and reality: Lessons from a capsule-based system. In Proceedings of the 17th ACM Symposium on Operating System Principles (SOSP), pages 64–79, December 1999.
C. Yarvin, R. Bukowski, and T. Anderson. Anonymous RPC: Low-latency protection in a 64-bit address space. In Proceedings of the 1993 Summer USENIX Conference, June 1993.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Anagnostakis, K.G., Greenwald, M., Ioannidis, S., Miltchev, S. (2002). Open Packet Monitoring on FLAME: Safety, Performance, and Applications. In: Sterbenz, J., Takada, O., Tschudin, C., Plattner, B. (eds) Active Networks. IWAN 2002. Lecture Notes in Computer Science, vol 2546. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36199-5_10
Download citation
DOI: https://doi.org/10.1007/3-540-36199-5_10
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00223-9
Online ISBN: 978-3-540-36199-2
eBook Packages: Springer Book Archive