| Along with technique advancement, the Internet, which is based on TCP/IP protocols, has been popularized all over the world since 1990's very rapidly. Nowadays, the Internet is one of the most important information infrastructures in modern society. The expansion of network scale, increasing heterogeneity and complexity made the network prevalence. However, people are not satisfied with network performance.The networks have to meet the service demands such as high reliability, high performance. Besides the design of efficient network protocols and the development of high performance network devices, realizing reasonable distributed network loads and guaranteeing the performance of key services by implementing traffic engineering is also important. So, there are requirement to understand network traffic at different protocol levels and traffic characteristics metrics such as the distribution of flows quantificationally. Traffic Monitoring is a direct approach to get the characteristics of network and application behaviors, it has been applied widely in areas such as protocol design, network plan, anomaly monitor, traffic engineering.The traffic monitoring approaches such as SNMP, NetFlow have limitations; while special devices such as SmartBit are expensive. The network manager of LAN and MAN need traffic monitor and capture tools based on general PC to monitor and manage their networks.This thesis studies traffic capture techniques of high speed networks.The main contributions include:1) We analyze Tcpdump, and BPF, a popular traffic capture tool; and we analyze some problems in BPF programming that induced by BPF in Ethernet environment. A method resolves these problems is proposed. This method can be extend to many BSD Unix platforms.2) We analyze Windump and Winpcap, and we test tcpdump and windump with multiple traffic conditions in 1000Mbps environment. We... |
PDF Full Text Request