Accelerate In-Line Packet Processing Using Fast Queue

Abstract

It is common for network researchers and system developers to run packet processing algorithms on UNIX-like operating systems. For the ease of development, complex packet processing algorithms are often implemented at the user-space level. As a result, performance benchmarks for packet processing algorithms often show a great gap when packets are input from different sources. An algorithm that performs well by reading packets from a raw packet trace file may get a worse result when it reads packets directly from a network interface. Such a phenomenon gets much worse when the algorithm is going to process packets in-line.

In this paper, we identify the performance bottleneck of existing in-line packet processing implementations in the Linux operating system. Based on the observation, a new software architecture, named Fast Queue, is proposed and implemented to show that the identified bottleneck can be effectively eliminated. Experiments show that the proposed software architecture reduces 30% of CPU utilization. In addition, the overall system throughput can be improved by a factor of 1.6 when it is applied to the well-known snort-inline open source intrusion detection system.

Citation

Chun-Ying Huang, Chi-Ming Chen, Shu-Ping Yu, Sheng-Yao Hsu, and Chih-Hung Lin, "Accelerate In-Line Packet Processing Using Fast Queue," IEEE TENCON, November 2010.

Bibtex

@inproceedings{huang10:fastqueue, author = {Chun-Ying Huang and Chi-Ming Chen and Shu-Ping Yu and Sheng-Yao Hsu and Chih-Hung Lin}, title = {Accelerate In-Line Packet Processing Using Fast Queue}, booktitle = {Proceedings of IEEE TENCON 2010}, month = {Nov}, year = {2010} }

Download