UC San Diego Electronic Theses and Dissertations

UC San Diego Electronic Theses and Dissertations

UC San Diego UC San Diego Electronic Theses and Dissertations Title Scalable Traffic Management for Data Centers and Logging Devices Permalink https://escholarship.org/uc/item/2hp6b5sm Author Lam, Vinh The Publication Date 2013 Peer reviewed|Thesis/dissertation eScholarship.org Powered by the California Digital Library University of California UNIVERSITY OF CALIFORNIA, SAN DIEGO Scalable Traffic Management for Data Centers and Logging Devices A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science by Vinh The Lam Committee in charge: Professor George Varghese, Chair Professor Tara Javidi Professor Bill Lin Professor Amin Vahdat Professor Geoffrey Voelker 2013 Copyright Vinh The Lam, 2013 All rights reserved. The Dissertation of Vinh The Lam is approved, and it is acceptable in quality and form for publication on microfilm and electronically: Chair University of California, San Diego 2013 iii DEDICATION To my parents iv EPIGRAPH Science is what we understand well enough to explain to a computer. Art is everything else we do. Donald Knuth Simplicity is prerequisite for reliability. Edsger Dijkstra v TABLE OF CONTENTS SignaturePage...................................... ................................. iii Dedication ......................................... ................................. iv Epigraph........................................... ................................. v TableofContents .................................... ................................ vi ListofFigures ...................................... ................................. viii ListofTables....................................... ................................. x Acknowledgements................................... ................................ xi Vita............................................... ................................. xiii AbstractoftheDissertation .......................... .................................. xiv Chapter1 Introduction............................... ............................... 1 Chapter 2 Carousel: Scalable Logging for Intrusion PreventionSystems .................... 5 2.1 Introduction.................................... ............................. 5 2.2 Model........................................... ........................... 8 2.3 AnalysisofaNa¨ıveLogger ......................... ........................... 10 2.3.1 TheNa¨ıveLoggerAlone .......................... ..................... 10 2.3.2 TheNa¨ıveLoggerwithaBloomFilter ............... ..................... 14 2.4 ScalableloggingusingCarousel .................... ............................ 15 2.4.1 Partitioningandlogging ........................ ........................ 15 2.4.2 CollectionTimesforCarousel .................... ....................... 17 2.5 CarouselImplementations ......................... ............................ 21 2.5.1 SnortImplementation ........................... ....................... 21 2.5.2 HardwareImplementation ........................ ...................... 23 2.6 SimulationEvaluation............................ ............................. 24 2.6.1 BaselineExperiment............................ ....................... 24 2.6.2 LoggerPerformancewithLogisticModel ............ ..................... 25 2.6.3 Non-uniformsourcearrivals..................... ........................ 28 2.6.4 EffectofChangingHashFunctions................. ...................... 28 2.6.5 AdaptivelyAdjustingSamplingBits ............... ....................... 32 2.7 SnortEvaluation ................................. ............................ 33 2.8 RelatedWork..................................... ........................... 34 2.9 Summary ......................................... .......................... 36 Chapter 3 Flame: Efficient and Robust Hardware Load BalancingforDataCenterRouters ..... 38 3.1 Introduction.................................... ............................. 38 3.2 RelatedWork..................................... ........................... 42 3.3 Mechanisms...................................... ........................... 44 3.3.1 DiscountingRateEstimator(DRE) ................. ...................... 44 3.3.2 Choosingtheleastloadedlink .................... ....................... 47 3.3.3 Statetabledesign.............................. ........................ 49 vi 3.3.4 Handlingheavy-hitters ......................... ........................ 52 3.3.5 Profile-basedrebalancing ....................... ........................ 55 3.4 Hardwareimplementation .......................... ........................... 56 3.5 Analysis........................................ ............................ 58 3.5.1 DREanalysis ................................... ...................... 58 3.5.2 AnalysisofFlamestatetabledesign ............... ....................... 60 3.6 Evaluation ...................................... ............................ 63 3.6.1 Loadbalancinggoodnessmetrics .................. ...................... 64 3.6.2 Simulationsetup ............................... ....................... 65 3.6.3 Simulationresults ............................. ........................ 66 3.6.4 ImpactofpacketreorderingonTCP ................. ..................... 68 3.7 Summary ......................................... .......................... 73 Chapter 4 NetShare and Stochastic NetShare: Predictable Bandwidth Allocation for Data Centers 74 4.1 Introduction.................................... ............................. 74 4.2 NetShareSpecification ............................ ............................ 76 4.3 NetShareAlgorithms .............................. ........................... 78 4.3.1 GroupAllocationLeveragingTCP .................. ..................... 78 4.3.2 StochasticNetShare............................ ........................ 80 4.3.3 RateThrottlingforUDP.......................... ...................... 82 4.3.4 CentralizedBandwidthAllocator................. ........................ 84 4.4 Analysis........................................ ............................ 86 4.4.1 StochasticNetShareModel....................... ....................... 86 4.4.2 StabilityofCentralizedAllocation .............. ......................... 87 4.5 Implementation .................................. ............................ 88 4.6 Evaluation ...................................... ............................ 89 4.6.1 SinglePathExperiments......................... ....................... 89 4.6.2 MultipathExperiments .......................... ....................... 92 4.6.3 HowEffectiveisRateThrottling? ................. ....................... 93 4.6.4 ScalingtoLargerTopologies ..................... ....................... 96 4.6.5 ScalabilityofStochasticNetShare............... ......................... 98 4.7 AutomaticWeightAssignment ....................... .......................... 100 4.8 RelatedWork..................................... ........................... 101 4.9 Summary ......................................... .......................... 102 Chapter5 Conclusions................................ .............................. 103 Bibliography ....................................... ................................. 104 vii LIST OF FIGURES Figure1.1. LoggingprobleminChapter2................. ............................ 2 Figure1.2. LoadbalancingprobleminChapter3........... ............................ 3 Figure1.3. GroupQoSprobleminChapter4 ................ .......................... 4 Figure 2.1. IPS logical model with logging componentthat is oftenimplementedna¨ıvely ..... 6 Figure 2.2. IPS hardware model with Carousel scalable logger............................ 8 Figure2.3. Abstractloggingmodel ..................... ............................. 9 Figure 2.4. Model of na¨ıve logging using an optimistic randommodel..................... 11 Figure 2.5. Portion of timeline for randommodel shown in Figure2.4 ..................... 12 Figure 2.6. Flowchart of Carousel within Snort packet flow .. ............................ 21 Figure 2.7. Schematic of the Carousel Loggerlogic as part of anIPSChip. ................. 23 Figure 2.8. Performance of Carousel with different logging populations ................... 25 Figure 2.9. Performanceof the Carousel scalable logger. .. .............................. 27 Figure2.10. Highscanrate(60scans/s)................. ............................... 27 Figure2.11. Reducedmonitoringspace(50%) ............. ............................. 27 Figure 2.12. Logistic model of propagation- fast worm... .. .............................. 29 Figure 2.13. Logistic model of propagation- slow worm.. ... ............................. 29 Figure 2.14. Scaling up the vulnerablepopulation ........ ............................... 29 Figure 2.15. Logger performance under non-uniform source arrivals........................ 30 Figure 2.16. Dynamicsource samplingin Carousel ......... ............................. 30 Figure 2.17. Comparison of fixed vs. changing hash functions inCarousel................... 31 Figure 2.18. Logging performance of Snort instrumented with Carousel under a random traffic pattern............................................ ..................... 33 Figure 2.19. Logging performance of Snort instrumented with Carousel under a periodic traffic pattern............................................ ..................... 34 Figure 2.20. Snort under non-uniformsource arrivals .... ..............................

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    124 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us