direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Inhalt des Dokuments

Fabian Schneider's Publications

Performance evaluation of packet capturing systems for high-speed networks
Citation key S-PEPCSHN-05
Author Schneider, Fabian
Year 2005
Address Munich, Germany
Month November
School Technische Universit√§t M√ľnchen
Abstract Packet capturing in contemporary high-speed networks like Gigabit Ethernet is a challenging task when using commodity hardware. This holds especially for applications where full packets (headers and data) are needed and packet loss is unwanted. Most network security tools–-particularly network intrusion detection systems–-have these demands. Therefore, it is interesting to know if todays customary hardware and software are able to keep up with the network in terms of throughput of packet data. A methodology for evaluating the performance of different systems for packet capture is described and applied in this thesis. Four different PC based systems are compared with respect to their maximum capturing rate. As modern PCs are available with different types of processor architectures which can then be equipped with different operating systems, it is interesting to find out which combination performs best for the task of packet capturing. The measurements performed for this thesis evaluate Intel Xeon against AMD Opteron based systems running either Linux or FreeBSD. For this purpose, the Linux Kernel Packet Generator has been extended by the feature to not only generate packets of a given size, but to generate packets according to an underlying packet size distribution. This workload source provides all four systems with high bandwidth traffic which has to be captured. The results show that the combination of AMD Opterons with FreeBSD outperforms all others, independently of running in single or multi processor mode. Moreover, the impacts of packet filtering, using multiple capturing applications, adding packet based load, writing the captured packets to disk, and available enhancements are measured and looked into.
Bibtex Type of Publication Diplomarbeit
Link to publication Download Bibtex entry

Zusatzinformationen / Extras

Quick Access:

Schnellnavigation zur Seite über Nummerneingabe

Auxiliary Functions