Accurate and flexible flow-based monitoring for high-speed networks

Abstract

In this paper we present an FPGA-based architecture to export flows in 10 Gbps networks, implemented on the NetFPGA-10G platform. Flow-based monitoring is a powerful methodology to analyze and detect network issues, such as congested links or DDoS attacks. Our design provides the following advantages: (i) The architecture allows processing 10 Gbps links without sampling, even for the highest packet rate of 14.88 Mpps (Million packets per second) that corresponds to the shortest (64-byte) Ethernet frames; (ii) It is possible to manage up to 786,432 concurrent flows; (iii) The project is developed in an open-source hardware platform and the HDL code is open to the community; (iv) The proposed approach frees network routers from the burden of exporting flows.