| Network Management System plays a significant role in today's Internet with increasing growth in network speed and complicated network infrastructure. CERNET Network Center dedicated to the research and development of network management system during the last decade, and achieved great success after several years' hard work. However, with the emerging development of network bandwidth, network management system begins suffering from network capture techniques.Currently, PC based network capture system is adopted by CERNET's Network Management System, which could not fulfill the requirement of high speed network capture performance. The thesis analyzed the technique used in current system, pointed out the factors which restricted the system performance through the survey and research to a great deal of testing data set and practical operational experiments. Architecture of general PC based system restricted the whole system performance and there is no space for further optimization in this architecture. In order to handle much higher speed network capture requirement, the thesis introduced a new capture technique based on Network Processor.First of all, the thesis extracted the capture requirement of several network applications, including Network Accounting System, Network Intrusion Detection System, Network Monitoring System and Network Measurement System. Based on the analysis, the thesis designed a novel general network capture system. The system presented here can offer the following functionality: filtering abnormal packets, collecting packet headers and relative packet payload, aggregating packet to traffic flow, providing statistical information. The system designs to run in 1Gbps Ethernet environment and can be scalable to handle 2.5Gbps SDH network.Aggregating packet to traffic flow is the core and most important functional part in a network capture system. The thesis proposed a new packet classification algorithm based on geometric space splitting principle after analyzing the features of flow aggregation so as to implement the large scale flow aggregation in high-speed network environment. The algorithm is flexible and efficient, performs well in the practical experiments, and also scalable to support next generation IPv6 network.The generic network capture system presented in this thesis was implemented in Intel IXP2400 Network Processor and can handle 1Gbps Ethernet currently. Both laboratory testing and practical operation proved that the system can fulfill the requirement of IGbps Ethernet traffic capture and support 2.5Gbps SDH network by upgrading hardware.
|
PDF Full Text Request