A. Biswas and P. Sinha (Canada)
Packet capture, high performance network processing.
In a network intrusion detection and network alarm management system the packet capturing component is a bottleneck. NAPI and PFRING, which attempt to improve packet capturing performance of Linux, are inefficient. We identified the hurdles and have implemented an user space architecture (DMA ring) to capture packets under high network load on a modest commodity platform. We demonstrate that our user space network processing architecture outperforms NAPI, PFRING and Linux in terms of less CPU utilization and no packet loss.
Important Links:
Go Back
