Computer Science

Computer Science ›› 2024, Vol. 51 ›› Issue (2): 311-321.doi: 10.11896/jsjkx.221100196

• Computer Network • Previous Articles     Next Articles

EAGLE:A Network Telemetry Mechanism Based on Telemetry Data Graph in Kernel and UserMode

XIAO Zhaobin1,2,3, CUI Yunhe1,2,3, CHEN Yi1,2,3, SHEN Guowei1,2,3, GUO Chun1,2,3, QIAN Qing4   

  1. 1 School of Computer Science and Technology,Guizhou University,Guiyang 550025,China
    2 State Key Laboratory of Public Big Data,Guiyang 550025,China
    3 Engineering Research Center for Text Computing and Cognitive Intelligence,Ministry of Education,Guiyang 550025,China
    4 School of Information,Guizhou University of Finance and Economics,Guiyang 550025,China
  • Received:2022-11-24 Revised:2023-06-22 Online:2024-02-15 Published:2024-02-22
  • About author:XIAO Zhaobin,born in 1997,master,is a member of CCF(No.N1797G).His main research interests include SDN,network telemetry,efficient data plane programming,network and information security.CUI Yunhe,born in 1987,Ph.D,asso-ciate professor,is a member ofCCF(No.F3600M).His main research interests include edge computing,networksecu-rity,software-defined networks and data center networks,and network telemetry.
  • Supported by:
    Young Scientists Fund of the National Natural Science Foundation of China(62102111),Science and Technology Project of Guizhou Province([2020]1Y267) and Talent Introduction Project of Guizhou University([2019]52).

PDF (PC)

873

Abstract: Network telemetry is a new type of network measurement technology,which has the characteristics of strong real-time performance,high accuracy and low overhead.Existing network telemetry technologies have problems such as being unable to collect multi-granularity network data,unable to effectively store a large amount of original network data,unable to quickly extract and generate network telemetry information,and unable to design network telemetry solutions using kernel-mode and user-mode features.In order to solve the above problems,this paper proposes a multi-granularity,scalable,and network-wide network tele-metry mechanismEAGLE,which integrates kernel mode and user mode,and is based on telemetry data graphs and synchronization control blocks.EAGLE has designed a flexible and controllable network telemetry packet structure on the data plane that can collect multi-granularity data,and is used to obtain the data required by upper-layer applications.In addition,in order to quickly store,query,count,and aggregate network status data,and realize the rapid extraction and generation of telemetry data required by network telemetry packets,EAGLE proposes a network telemetry information generation method based on telemetry data graphs and synchronization control blocks.On this basis,in order to maximize the processing efficiency of network telemetry packets in the network telemetry mecha-nism,EAGLE proposes a network telemetry information embedding architecture that integrates the characteristics of kernel state and user state.Finally,this paper implements and tests the EAGLE scheme on Open vSwitch.The test results show that EAGLE can collect multi-granularity data and quickly extract and generate telemetry data with only a little increase in processing time and resource usage.

Key words: Network telemetry, Telemetry efficiency, Programmable data plane, Telemetry data graph, Kernel space

CLC Number: 

  • TP393
[1]GULENKO A,WALLSCHLÄGER M,KAO O.A practical implementation of in-band network telemetry in open vswitch[C]//2018 IEEE 7th International Conference on Cloud Networking(CloudNet).IEEE,2018.
[2]MCKEOWN N,ANDERSON T,BALAKRISHNAN H,et al.OpenFlow:enabling innovation in campus networks[J].ACM SIGCOMM Computer Communication Review,2008,38(2):69-74.
[3]ZHANG H,CAI Z,LIU Q,et al.A survey on security-aware measurement in SDN[J/OL].https://www.hindawi.com/journals/scn/2018/2459154/.
[4]PENG G B,CHEN M,BAI Y.Analysis of SDN Attack and Defense Technology [J].Information Security Research,2019,5(4):333.
[5]CAI Z,WANG Z,ZHENG K,et al.A distributed TCAM coprocessor architecture for integrated longest prefix matching,policy filtering,and content filtering[J].IEEE Transactions on Computers,2011,62(3):417-427.
[6]PHAAL P,PANCHEN S,MCKEE N.InMon corporation’ssFlow:A method formonitoring traffic in switched and routed networks[EB/OL].https://www.rfc-editor.org/info/rfc3176.
[7]QUITTEK J,ZSEBY T,CLAISE B,et al.Requirements for IP flow information export(IPFIX)[EB/OL].https://www.rfc-editor.org/info/rfc3917.
[8]SOMMER R,FELDMANN A.NetFlow:Information loss orwin? [C]//Proceedings of the 2nd ACM SIGCOMM Workshop on Internet Measurment.2002:173-174.
[9]CLAISE B,JOHNSON A,QUITTEK J.Packet sampling(PSAMP) protocol specifications[EB/OL].https://www.rfc-editor.org/info/rfc5476.
[10]TAN L,SU W,ZHANG W,et al.In-band network telemetry:A survey[J].Computer Networks,2021,186:107763.
[11]KIM C,SIVARAMAN A,KATTA N,et al.In-band networktelemetry via programmable dataplanes[C]//ACM SIGCOMM Industrial Demo Session.2015.
[12]LIU ZZ,BI J,ZHOU Y,et al.Active network telemetry mechanism based on P4 [J].Journal of Communications,2018,39(A1):162-169.
[13]RAMANATHAN S,KANZA Y,KRISHNAMURTHY B.SDProber:A software defined prober for SDN[C]//Proceedings of the Symposium on SDN Research.2018.
[14]ZHOU Y,SUN C,LIU H H,et al.Flow event telemetry on programmable data plane[C]//Proceedings of the Annual Confe-rence of the ACM Special Interest Group on Data Communication on the Applications,Technologies,Architectures,and Protocols for Computer Communication.2020:76-89.
[15]HUANG Q,SUN H,LEE P P C,et al.Omnimon:Re-architecting network telemetry with resource efficiency and full accuracy[C]//Proceedings of the 2020 Annual Conference of the ACM Special Interest Group on Data Communication on the Applications,Technologies,Architectures,and Protocols for Computer Communication.2020:404-421.
[16]PAN T,LIN X C,ZHANG J,et al.In-band network telemetry system based on high-performance packet processing architecture VPP[J].Journal of Communications,2021,42(3):75-90.
[17]FEZEU R A K,ZHANG Z L.Anomalous Model-Driven-Tele-metry Network-Stream BGP Detection[C]//2020 IEEE 28th International Conference on Network Protocols(ICNP).IEEE,2020.
[18]BEN BASAT R,RAMANATHAN S,LI Y,et al.PINT:Probabilistic in-band network telemetry[C]//Proceedings of the 2020 Annual Conference of the ACM Special Interest Group on Data Communication on the Applications,Technologies,Architectures,and Protocols for Computer Communication.2020:662-680.
[19]NAM S,LIM J,YOO J H,et al.Network anomaly detectionbased on in-band network telemetry with RNN[C]//2020 IEEE International Conference on Consumer Electronics-Asia(ICCE-Asia).IEEE,2020.
[20]PFAFF B,PETTIT J,KOPONEN T,et al.The Design and Implementation of Open vSwitch[C]//12th USENIX Symposium on Networked Systems Design and Implementation(NSDI 15).2015:117-130.
[21]YUAN X,MAHAPATRA S,NIENABER W,et al.A new routing scheme for Jellyfish and its performance with HPC workloads[C]//Proceedings of the International Conference on High Performance Computing,Networking,Storage and Analysis.2013.
[22]CUI Y,YAN L,LI S,et al.SD-Anti-DDoS:Fast and efficient DDoS defense in software-defined networks[J].Journal of Network and Computer Applications,2016,68:65-79.
[1] WU Yanni, ZHOU Zhengyan, CHEN Hanze, ZHANG Dong. RBFRadar:Detecting Remarkable Burst Flows with Programmable Data Plane [J]. Computer Science, 2024, 51(4): 48-55.
[2] HAO Bingwei, CUI Yunhe, QIAN Qing, SHEN Guowei, GUO Chun. APPOINTER:Adaptive Network Telemetry Path Orchestration Method Based on Cooperative Migration Evolution [J]. Computer Science, 2023, 50(7): 270-277.
[3] WANG Li, CHEN Hong-mei. NKSMOTE Algorithm Based Classification Method for Imbalanced Dataset [J]. Computer Science, 2018, 45(9): 260-265.
[4] ZHAO Yu, CHEN Rui and LIU Wei. Research on Optimal Support Vector Classifier Model Integrating Feature Selection [J]. Computer Science, 2016, 43(8): 177-182.
[5] LIU Yue,PENG Hong-jing and QIAN Su-jing. Color Image Segmentation Approach Based on LLE in Kernel Space [J]. Computer Science, 2013, 40(Z6): 180-183.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.