Enabling open-source high speed network monitoring on NetFPGA

Network measurement both as diagnostic and within measurement-based techniques of traffic engineering and management, alongside network measurement for security has maintained the needs of researchers and network operators for the ongoing development of measurement tools for traffic monitoring/characterisation and to support Intrusion Detection Systems (IDSs). Many such tools capitalise on the pricing of commodity hardware by operating on general purpose architectures. Many are based on the well known libpcap API, a de facto standard in this area. Despite the many improvements that have been applied to packet capturing, packet-monitoring implementations still suffer from either: performance flaws on commodity hardware due mainly to unresolvable hardware bottlenecks, or costly and inflexible niche systems. To address such issues, the paper proposes a system architecture based on the cooperation of NetFPGA and a general purpose host PC. The NetFPGA is an open networking platform accelerator that enables rapid development of hardware-accelerated packet processing applications. The objective is to combine the high performance of a hardware-oriented solution with the flexibility of general purpose PCs.