DOCSLIB.ORG

Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference USENIX Association Proceedings of the FREENIX Track: 2002 USENIX Annual Technical Conference Monterey, California, USA June 10-15, 2002 THE ADVANCED COMPUTING SYSTEMS ASSOCIATION © 2002 by The USENIX Association All Rights Reserved For more information about the USENIX Association: Phone: 1 510 528 8649 FAX: 1 510 548 5738 Email: [email protected] WWW: http://www.usenix.org Rights to individual papers remain with the author or the author's employer. Permission is granted for noncommercial reproduction of the work for educational or research purposes. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Authorization and charging in public WLANs using FreeBSD and 802.1x Pekka Nikander Ericsson Research NomadicLab [email protected] Abstract The IEEE 802.1x standard defines a link-layer level authentication protocol for local area networks. While originally designed to authenticate users in a switched Ethernet environment, it looks like the most important need for 802.1x lies in wireless networks, especially IEEE 802.11b based Wireless LANs. Furthermore, due to the flexibility of the Extensible Authentication Protocol (EAP), the heart of 802.1x, it looks like 802.1x could be used for many purposes its original designers have not foreseen. In this paper, we describe an FreeBSD-based open source 802.1x implementation, and show how it can be used to implement different authorization and charging systems for public WLANs, including a pre-paid, pay-per-use charg- ing system and another one based on community membership. The implementation is based on the netgraph facility, resulting in a surprisingly flexible and simple implementation. 1 Introduction Protocol (PPP). Now 802.1x is extending the same architecture to LANs, both wireline and wireless. With the advent of 802.11 based Wireless Local Area At the basic level, the 802.1x architecture, properly Networks (WLANs) and the proliferation of laptops and augmented with the RADIUS [3], allows the existing PDAs, the usage of Ethernet networks is changing. What PPP based authentication, authorization and accounting once was meant to statically connect computers belong- infrastructure to be used to control LAN access in addi- ing to a single organization, is now increasingly being tion to PPP access. The solution works well in current used to provide Internet connectivity for mobile profes- environments, where the network providers and network sionals. This change is very visible at certain high pro- users have an existing, pre-established relationship. file telecommunication and computer science confer- However, if we consider public WLAN offerings at air- ences, including IETF meetings, where an increasing ports, hotels, cafes, and even offices and homes, it number of people are utilizing the wireless networks becomes more common than before that the prospective provided by the organizers. network user has no relationship with the provider. The changing usage patterns brings forth new security Thus, something new must be introduced, something problems. From the network point of view, the most that allows such a relationship to be build on the fly. prominent problem is that of access control. The net- In this paper, we show how it is possible to set up a work must somehow decide if and how to allow a net- public WLAN environment that supports various kinds work node to utilize the resources provided by the of authorization and charging schemes, including com- network. The IEEE 802.1x standard [1] is designed to munity membership based and pre-paid, pay-per-use provide a solution framework for this problem. accounts. The new schemes allow more flexible user– The 802.1x standard defines a method to run the provider relationship management than the existing Extensible Authentication Protocol (EAP) [2] in raw ones. The implementation is based on IEEE 802.1x, and (non-IP) Ethernet frames. The resulting protocol is the prototype runs under FreeBSD. The architecture is called EAP over LAN (EAPOL). The EAP protocol was geared to small service providers, eventually scaling originally designed as a flexible authentication solution down to the level of individuals offering WLAN based for modem connections using the Point-to-Point Internet access through their xDSL or cable modem. The rest of this paper is organized as follows. In Section 2, we briefly describe the IEEE 802.1x standard Authentication Corporate and the FreeBSD netgraph facility. After that, in Server Intranet Section 3, we describe our 802.1x implementation in broad terms, and in Section 4 we cover the implementa- tion details. In Section 5 we describe how the imple- RADIUS mentation can be configured to support different usage Access point or Ethernet switch scenarios, including pre-paid pay-per-usage accounts and community membership based accounts, and EAPOL Section 6 includes our initial performance measure- authenticator ments. In Section 7, we discuss a number of open issues and future possibilities related to this ongoing work. type = EAPOL any other type Finally, Section 8 includes our conclusions that we have Ethernet frames been able to achieve so far. Client 2 Background EAPOL Other supplicant applications Our work is mostly based on existing technologies, inte- grating them in a novel way. The only significant piece Figure 1: Basic IEEE 802.1x architecture of new software that we have written is the base 802.1x EAPOL protocol [1], which is implemented as a pair of server, the protocol is mediated by an EAPOL authenti- FreeBSD netgraph [4] nodes. Since we cannot assume cator function located at the access point. The EAPOL that all readers are familiar with the IEEE 802.1x stan- authenticator takes care of two functions. First, it medi- dard and the netgraph facility, we introduce them briefly ates the EAP packets between RADIUS, used towards in this section. Additionally, we discuss related work. the authentication server, and EAPOL, used towards the client. Second, it contains a state machine that “snoops” 2.1 IEEE 802.1x the EAP protocol, learning whether the authentication server was able to authenticate the user identity or not. If the user was authenticated, it permits the client to freely IEEE 802.1x [1] is a forthcoming standard for authenti- communicate; otherwise the client is denied access from cating and authorizing users in Ethernet like local area the network. In the figure, this latter function is depicted network (LAN) environments. It is primarily meant to with the on/off switch within the access point. secure switched Ethernet wireline networks and IEEE 802.11 based WLANs. In the typical usage scenarios, It is important to note that 802.1x implements only the network requires user authentication before any authentication and MAC address based access control. other traffic is allowed, i.e., even before the client com- Since MAC spoofing is fairly easy, the resulting system, puter is assigned an IP address. This allows corporations as such, might not be secure enough. The need for addi- to strictly control access to their networks. tional security measures depends on the usage scenario; see Section 7.1 for the details. The 802.1x overall architecture is depicted in Figure 1. The central point of the architecture is an Ethernet switch or WLAN access point. Now, instead of 2.2 EAPOL directly connecting clients to the network, the access points contains additional controls, basically preventing The EAPOL protocol is run between the EAPOL suppli- the clients from communicating before they have posi- cant, running on the client, and the EAPOL authentica- tively authenticated themselves. The authentication tor, running on the access point. It is a fairly simple pro- takes place between an EAPOL supplicant, running on tocol, consisting of a packet structure and state the client, and a background authenticator server. This is machines running on both the supplicant and the authen- denoted with the thick, dashed arrow line. The authenti- ticator. The packets are based on raw Ethernet frames cation protocol can be any supported by the Extensible with little additional structure, as depicted in Figure 2, Authentication Protocol (EAP) standard [2]. on the next page. Even though the actual authentication protocol is run The protocol is typically initiated by the authenticator between the supplicant client and the authentication as soon as it detects that a new client has been connected Src Ethernet Addr mpd Dst Ethernet Addr Ether type = 888E socket node TCP/IP Vers Type Body length Body (e.g. EAP frame) iface node inet Figure 2: EAPOL packet structure inet PPP node to an switched Ethernet port or that a new client has link0 joined to a WLAN access point. However, the protocol session can also be triggered by the client by sending an PPPoE node EAPOL start packet. ethernet A typical protocol run is depicted in Figure 3, below. orphan The first message is an EAP identity request, sent by the Ethernet device driver node EAPOL authenticator. The supplicant replies with an Figure 4: A netgraph stack implementing PPPoE EAP identity response, which is passed to the authenti- cator server. The authenticator server replies by running such as HDLC, Frame Relay, and PPP, in different ways. one of the possible EAP subprotocols within EAP Furthermore, it allows intelligent filtering and pseudo- request and response frames. Once the authentication interfaces, thereby making it possible to make a differ- phase has been completed, the authentication server ence between LAN clients based on their MAC ad- sends an EAP success (or failure), indicating that the dresses. user identity was verified (or could not be verified). The From the implementor’s and administrator’s point of EAPOL authenticator notices this message, and allows view, netgraph is extremely flexible. Firstly, new proto- (or disallows) the client to communicate. col nodes are implemented as loadable kernel modules, In addition to the base authentication, EAPOL also making development and testing fairly easy.
Load more

Recommended publications
  • The Challenges of Dynamic Network Interfaces
    The Challenges of Dynamic Network Interfaces by Brooks Davis brooks@{aero,FreeBSD}.org The Aerospace Corporation The FreeBSD Project EuroBSDCon 2004 October 29-31, 2004 Karlsruhe, Germany Introduction ● History of Dynamic Interfaces ● Problems ● Possible Solutions ● Advice to Implementors ● Future Work Early UNIX ● Totally static. ● All devices must be compiled in to kernel ● Fast and easy to program ● Difficult to maintain as the number of devices grows Autoconfiguration ● Introduced in 4.1BSD (June 1981) ● One kernel can serve multiple hardware configurations ● Probe – Test for existence of devices, either using stored addresses or matching devices on self-identifying buses ● Attach – Allocate a driver instance (as of 6.0, this must be fully dynamic) Kernel Modules ● Allows drivers to be added at run time ● LKM (Loadable Kernel Modules) – Introduced in 2.0 by Terry Lambert – Modeled after the facility in SunOS ● KLD (dynamic kernel linker) – Introduced along with newbus in 3.0 by Doug Rabson – Added a generic if_detach() function PC Card & CardBus ● Initial PC Card (PCMCIA) support via PAO in 2.0 ● Fairly good support in 3.0 ● Most PAO changes merged in 4.0 – PAO development ceased ● CardBus support in 5.0 Other Removable Devices ● USB Ethernet (4.0) ● Firewire (fwe(4) in 4.8, fwip(4) in 5.3) ● Bluetooth (5.2) ● Hot plug PCI ● Compact PCI ● PCI Express ● Express Card Netgraph ● Node implement network functions ● Arbitrary connection of nodes allowed ● ng_iface(4) node creates interfaces on demand Interface Cloning ● Handles most pseudo
    [Show full text]
  • Introduzione Al Mondo Freebsd
    Introduzione al mondo FreeBSD Corso avanzato Netstudent Netstudent http://netstudent.polito.it E.Richiardone [email protected] maggio 2009 CC-by http://creativecommons.org/licenses/by/2.5/it/ The FreeBSD project - 1 ·EÁ un progetto software open in parte finanziato ·Lo scopo eÁ mantenere e sviluppare il sistema operativo FreeBSD ·Nasce su CDROM come FreeBSD 1.0 nel 1993 ·Deriva da un patchkit per 386BSD, eredita codice da UNIX versione Berkeley 1977 ·Per problemi legali subisce un rallentamento, release 2.0 nel 1995 con codice royalty-free ·Dalla release 5.0 (2003) assume la struttura che ha oggi ·Disponibile per x86 32 e 64bit, ia64, MIPS, ppc, sparc... ·La mascotte (Beastie) nasce nel 1984 The FreeBSD project - 2 ·Erede di 4.4BSD (eÁ la stessa gente...) ·Sistema stabile; sviluppo uniforme; codice molto chiaro, ordinato e ben commentato ·Documentazione ufficiale ben curata ·Licenza molto permissiva, spesso attrae aziende per progetti commerciali: ·saltuariamente esterni collaborano con implementazioni ex-novo (i.e. Intel, GEOM, atheros, NDISwrapper, ZFS) ·a volte no (i.e. Windows NT) ·Semplificazione di molte caratteristiche tradizionali UNIX Di cosa si tratta Il progetto FreeBSD include: ·Un sistema base ·Bootloader, kernel, moduli, librerie di base, comandi e utility di base, servizi tradizionali ·Sorgenti completi in /usr/src (~500MB) ·EÁ giaÁ abbastanza completo (i.e. ipfw, ppp, bind, ...) ·Un sistema di gestione per software aggiuntivo ·Ports e packages ·Documentazione, canali di assistenza, strumenti di sviluppo ·i.e. Handbook,
    [Show full text]
  • The Challenges of Dynamic Network Interfaces
    The Challenges of Dynamic Network Interfaces Brooks Davis The FreeBSD Project Seattle, WA brooks@{aero,FreeBSD}.org Abstract vices to the modern age of near complete dynamism. Following this history, the problems caused by this dynamism are discussed in detail. Then solutions to On early BSD systems, network interfaces were some of these problems are proposed and analyzed, static objects created at kernel compile time. To- and advice to implementers of userland applications day the situation has changed dramatically. PC is given. Finally, the issues are summarized and fu- Card, USB, and other removable buses allow hard- ture work is discussed. ware interfaces to arrive and depart at run time. Pseudo-device cloning also allows pseudo-devices to be created dynamically. Additionally, in FreeBSD and Dragonfly, interfaces can be renamed by the ad- 2 History ministrator. With these changes, interfaces are now dynamic objects which may appear, change, or dis- appear at any time. This dynamism invalidates a In early versions of UNIX, the exact set of devices number of assumptions that have been made in the on the system had to be compiled in to the kernel. If kernel, in external programs, and even in standards the administrator attempted to use a device which such as SNMP. This paper explores the history of was compiled in, but not installed, a panic or hang the transition of network interfaces from static to dy- was nearly certain. This system was easy to pro- namic. Issues raised by these changes are discussed gram and efficient to execute. Unfortunately, it was and possible solutions suggested.
    [Show full text]
  • PC-BSD 9 Turns a New Page
    CONTENTS Dear Readers, Here is the November issue. We are happy that we didn’t make you wait for it as long as for October one. Thanks to contributors and supporters we are back and ready to give you some usefull piece of knowledge. We hope you will Editor in Chief: Patrycja Przybyłowicz enjoy it as much as we did by creating the magazine. [email protected] The opening text will tell you What’s New in BSD world. It’s a review of PC-BSD 9 by Mark VonFange. Good reading, Contributing: especially for PC-BSD users. Next in section Get Started you Mark VonFange, Toby Richards, Kris Moore, Lars R. Noldan, will �nd a great piece for novice – A Beginner’s Guide To PF Rob Somerville, Erwin Kooi, Paul McMath, Bill Harris, Jeroen van Nieuwenhuizen by Toby Richards. In Developers Corner Kris Moore will teach you how to set up and maintain your own repository on a Proofreaders: FreeBSD system. It’s a must read for eager learners. Tristan Karstens, Barry Grumbine, Zander Hill, The How To section in this issue is for those who enjoy Christopher J. Umina experimenting. Speed Daemons by Lars R Noldan is a very good and practical text. By reading it you can learn Special Thanks: how to build a highly available web application server Denise Ebery with advanced networking mechanisms in FreeBSD. The Art Director: following article is the �nal one of our GIS series. The author Ireneusz Pogroszewski will explain how to successfully manage and commission a DTP: complex GIS project.
    [Show full text]
  • Absolute BSD—The Ultimate Guide to Freebsd Table of Contents Absolute BSD—The Ultimate Guide to Freebsd
    Absolute BSD—The Ultimate Guide to FreeBSD Table of Contents Absolute BSD—The Ultimate Guide to FreeBSD............................................................................1 Dedication..........................................................................................................................................3 Foreword............................................................................................................................................4 Introduction........................................................................................................................................5 What Is FreeBSD?...................................................................................................................5 How Did FreeBSD Get Here?..................................................................................................5 The BSD License: BSD Goes Public.......................................................................................6 The Birth of Modern FreeBSD.................................................................................................6 FreeBSD Development............................................................................................................7 Committers.........................................................................................................................7 Contributors........................................................................................................................8 Users..................................................................................................................................8
    [Show full text]
  • Governance Structures of Free/Open Source Software Development
    Uitnodiging GOVERNANCE STRUCTURES OF FREE/OPEN 51 SOURCE SOFTWARE DEVELOPMENT Voor het bijwonen van de George Dafermos openbare verdediging van het Modularity theory makes a compelling argument: modular product design increases the potential number of persons that could work on a distributed project and has a positive effect proefschrift: on their labour productivity because it allows them to work independently of each other, with little or no need for central coordination. This doctoral dissertation sets out to put this argument to the test by studying a phenomenon that combines both scale and modularity: Governance Structures Free and open source software (FOSS) development. Its central question is: Does modularity mitigate the adverse effects of increasing scale in FOSS development? of Free/Open Source Software Development In exploring the effect of modularity and increasing scale on the dynamic of development of FreeBSD, a large and well-known FOSS project, over a period of fifteen years, the dissertation addresses several related empirical issues: How are FOSS projects organised? How are they governed? And most interestingly, how do they manage increasing scale? Does their ability to self-organise diminish as they grow larger, thereby necessitating hierarchical coordination? Op maandag 10 december 2012 om 15 uur precies in de Frans Source Software Development Source Software Governance Structures of Free/Open van Hasseltzaal van de Aula van de Technische Universiteit Delft, Mekelweg 5 te Delft The Next Generation Infrastructures Foundation George Dafermos represents an international consortium of knowledge institutions, market players and governmental bodies, which joined forces to cope with the challenges faced Governance Structures by today’s and tomorrow’s infrastructure systems.
    [Show full text]
  • Netmap: a Novel Framework for Fast Packet I/O
    netmap: a novel framework for fast packet I/O Luigi Rizzo,∗ Universita` di Pisa, Italy Abstract high rate raw packet I/O required by these applica- tions is not the intended target of general purpose OSes. Many applications (routers, traffic monitors, firewalls, Raw sockets, the Berkeley Packet Filter [14] (BPF), the etc.) need to send and receive packets at line rate even on AF SOCKET family, and equivalent APIs have been very fast links. In this paper we present netmap, a novel used to build all sorts of network monitors, traffic gen- framework that enables commodity operating systems erators, and generic routing systems. Performance, how- to handle the millions of packets per seconds traversing ever, is inadequate for the millions of packets per sec- 1..10 Gbit/s links, without requiring custom hardware or ond (pps) that can be present on 1..10 Gbit/s links. In changes to applications. search of better performance, some systems (see Sec- In building netmap, we identified and successfully re- tion 3) either run completely in the kernel, or bypass the duced or removed three main packet processing costs: device driver and the entire network stack by exposing per-packet dynamic memory allocations, removed by the NIC’s data structures to user space applications. Ef- preallocating resources; system call overheads, amor- ficient as they may be, many of these approaches depend tized over large batches; and memory copies, elimi- on specific hardware features, give unprotected access to nated by sharing buffers and metadata between kernel hardware, or are poorly integrated with the existing OS and userspace, while still protecting access to device reg- primitives.
    [Show full text]
  • Network Stack Virtualization for Freebsd 7.0 Marko
    Network stack virtualization for FreeBSD 7.0 Marko Zec [email protected] University of Zagreb September 2007. Network stack virtualization for FreeBSD 7.0 slide 1 of 64 Tutorial outline ● Network stack virtualization concepts ● Management interface ● Application scenarios ● Implementation in FreeBSD 7.0 kernel Network stack virtualization for FreeBSD 7.0 slide 2 of 64 Tutorial outline ● Hands-on work encouraged! ● Bootable system image alternatives: – USB stick – LiveCD – VMWare player image ● Neither option will touch anything on your HD ● If already running a recent 7.0-CURRENT, you'll need to copy the kernel from the stick or CD, or compile your own Network stack virtualization for FreeBSD 7.0 slide 3 of 64 Tutorial outline ● Virtualized networking == preview technology – What we learn / try out today might look different in 3 months, particularly the management API – Your input may influence the final version of the virtualization framework ● Do not hesitate to ask questions! Network stack virtualization for FreeBSD 7.0 slide 4 of 64 Server virtualization: two sides of the spectrum VM #1 VM #2 Applications Applications VM #1 VM #2 Operating System Operating System Applications Applications Virtual Machine Virtual Machine Private Resources Private Resources (network, CPU...) (network, CPU...) Virtual Machine Monitor Operating System Physical Machine Physical Machine Strong isolation model Efficient resource utilization Independent OS instances No extra I/O overhead VM migration possible Scaling Network stack virtualization for FreeBSD 7.0
    [Show full text]
  • Introduzione Al Mondo Freebsd Corso Avanzato
    Introduzione al mondo FreeBSD corso Avanzato •Struttura •Installazione •Configurazione •I ports •Gestione •Netstudent http://netstudent.polito.it •E.Richiardone [email protected] •Novembre 2012 •CC-by http://creativecommons.org/licenses/by/3.0/it/ The FreeBSD project - 1 • E` un progetto software open • Lo scopo e` mantenere e sviluppare il sistema operativo FreeBSD • Nasce su CDROM come FreeBSD 1.0 nel 1993 • Deriva da un patchkit per 386BSD, eredita codice da UNIX versione Berkeley 1977 • Per problemi legali subisce un rallentamento, release 2.0 nel 1995 con codice royalty-free • Dalla release 4.0 (2000) assume la struttura che ha oggi • Disponibile per x86 32 e 64bit, ia64, MIPS, ppc, sparc... • La mascotte (Beastie) nasce nel 1984 The FreeBSD project - 2 • Erede di 4.4BSD (e` la stessa gente...) • Sistema stabile; sviluppo uniforme; codice molto chiaro, ordinato e ben commentato • Documentazione ufficiale ben curata • Licenza molto permissiva, spesso attrae aziende per progetti commerciali: • saltuariamente progetti collaborano con implementazioni ex-novo (i.e. Intel, GEOM, NDISwrapper, ZFS, GNU/Linux emulation) • Semplificazione di molte caratteristiche tradizionali UNIX Di cosa si tratta Il progetto FreeBSD include: • Un sistema base • Bootloader, kernel, moduli, librerie di base, comandi e utility di base, servizi tradizionali • Sorgenti completi in /usr/src (~500MB) • E` gia` completo (i.e. ipfw, ppp, bind, ...) • Un sistema di gestione per software aggiuntivo • Ports e packages • Documentazione, canali di assistenza, strumenti
    [Show full text]
  • IRIX® Admin: Networking and Mail (日本語版)
    IRIX® Admin: Networking and Mail (日本語版) ドキュメント番号 007-2860-007JP 編集協力者 執筆 Arthur Evans、Jeffrey B. Zurschmeide 改訂 Pam Sogard、Helen Vanderberg、Bob Bernard、Terry Schultz、Julie Boney 編集 Christina Cary、Cindy Kleinfeld、Susan Wilkening 制作 Amy Swenson、Glen Traefald、Karen Jacobson 技術協力 Scott Henry、Carlin Otto、Kam Kashani、Chris Wagner、Paul Mielke、Robert Stephens、Joe Yetter、Gretchen Helms、John Schimmel、 Robert Mende、Vernon Schryver、 Michael Nelson、Landon Noll イラスト Dany Galgani 本書の著作権について © 1996 - 2002 Silicon Graphics, Inc. All Rights Reserved. このマニュアルには下記の商標・著作に関する注意にある通り、サード・パーティが著作権を保有して いる部分が含まれます。本書の内容の一部あるいは全部について(ソフトウェアを含む)、Silicon Graphics, Inc. から事前に文書による明確な許諾を得ず、いか なる形態においても複写、複製することは禁じられております。 LIMITED AND RESTRICTED RIGHTS LEGEND The electronic (software) version of this document was developed at private expense; if acquired under an agreement with the USA government or any contractor thereto, it is acquired as "commercial computer software" subject to the provisions of its applicable license agreement, as specified in (a) 48 CFR 12.212 of the FAR; or, if acquired for Department of Defense units, (b) 48 CFR 227-7202 of the DoD FAR Supplement; or sections succeeding thereto. Contractor/manufacturer is Silicon Graphics, Inc., 1600 Amphitheatre Pkwy 2E, Mountain View, CA 94043-1351, USA. 商標・著作 IRIX および IRIS は、Silicon Graphics, Inc. の登録商標であり、4DDN、4DLT、Challenge、CHALLENGE、FDDI Visualyzer、IRIS InSight、IRIX NetWorker、 IRIS 4D、NetVisualyzer、Onyx、SGI、および SGI ロゴは、Silicon Graphics, Inc. の商標です。DSI は、Digicom Systems, Inc. の商標です。FLEXlm は、GLOBEtrotter Software, Inc の登録商標です。Hayes は、Hayes Microcomputer Products, Inc. の登録商標です。IBM 3270 は、International Business Machines, Inc. の商標で す。Intel は、Intel Corporation の登録商標です。Macintosh は、Apple Computer Corporation の登録商標です。MS-DOS は、Microsoft Corporation の登録商標 です。Sun と RPC は、Sun Microsystems, Inc.
    [Show full text]
  • IRIX® Admin: Networking and Mail
    IRIX® Admin: Networking and Mail Document Number 007-2860-006 CONTRIBUTORS Written by Arthur Evans and Jeffrey B. Zurschmeide. Updated by Pam Sogard, Helen Vanderberg, Bob Bernard,Terry Schultz, and Julie Boney Edited by Christina Cary, Cindy Kleinfeld, and Susan Wilkening Production by Amy Swenson and Glen Traefald Engineering contributions by Scott Henry, Carlin Otto, Kam Kashani, Chris Wagner, Paul Mielke, Robert Stephens, Joe Yetter, Gretchen Helms, John Schimmel, Robert Mende, Vernon Schryver, Michael Nelson, and Landon Noll Illustrations by Dany Galgani Cover design and illustration by Rob Aguilar, Rikk Carey, Dean Hodgkinson, Erik Lindholm, and Kay Maitz © Copyright 1996 - 2000 Silicon Graphics, Inc.— All Rights Reserved The contents of this document may not be copied or duplicated in any form, in whole or in part, without the prior written permission of Silicon Graphics, Inc. LIMITED AND RESTRICTED RIGHTS LEGEND Use, duplication, or disclosure by the Government is subject to restrictions as set forth in the Rights in Data clause at FAR 52.227-14 and/or in similar or successor clauses in the FAR, or in the DOD, DOE or NASA FAR Supplements. Unpublished rights reserved under the Copyright Laws of the United States. Contractor/manufacturer is SGI, 1600 Amphitheatre Pkwy., Mountain View, CA 94043-1351. Silicon Graphics, Challenge, IRIX,IRIS, and Onyx are registered trademarks and SGI, 4DDN, 4DLT, CHALLENGE, FDDI Visualyzer, IRIS InSight, IRIX NetWorker, IRIS 4D, NetVisualyzer, and the SGI logo are trademarks of Silicon Graphics, Inc. DSI is a trademark of Digicom Systems, Inc. FLEXlm is a trademark of GLOBEtrotter Software, Inc. Hayes is a registered trademark of Hayes Microcomputer Products, Inc.
    [Show full text]
  • Improving Distributed Traffic Generation Performance by Using IMUNES
    Improving distributed traffic generation performance by using IMUNES network emulator Valter Vasic,´ Mirko Suznjeviˇ c,´ Miljenko Mikuc, Maja Matijaseviˇ c´ University of Zagreb, Faculty of Electrical Engineering and Computing, Unska 3, 10000 Zagreb, Croatia {valter.vasic, mirko.suznjevic, miljenko.mikuc, maja.matijasevic}@fer.hr Abstract—In this paper we present improvements of our focusing on generated packed load and bandwidth load, and software architecture for User Behaviour Based Network Traffic measuring saturation of the CPU and RAM usage of the Generation (UrBBan-Gen). It consists of four modules Service PC participating in the traffic generation. This integration repository, Control function and user interface, Behaviour process, and Traffic generation process. Improvements are performed on also enables testing traffic workloads on realistic network the traffic generation process, specifically on the virtualization topologies, thus enabling more precise and detailed tests section of UrBBaN-Gen through integration of the Distributed which can be used to identify problems and bottlenecks in Internet Traffic Generator (D-ITG) which we use as a module the network. for traffic generation with network simulator and emulator The remainder of the paper is organized as follows: in IMUNES. In this way we achieve two goals: 1) better scalability of the traffic generation and 2) possibility for testing of various section 2 we present the related work in the area of behaviour network scenarios in simulated networks under realistic loads. based traffic generation with emphasis on networked games and virtualization techniques, in section 3 we describe the UrBBaN-Gen, in section 4 we explain improvements of the 1. INTRODUCTION emulated environment, section 5 contains the testing method- ology applied, section 6 the results of the measurements, and In recent years Massively Multiplayer Online Role-Playing we conclude the paper in section 7.
    [Show full text]