Deep packet inspection

The University of Cambridge has deployed a router from US-based Procket Networks into its research network to allow it to identify and understand new traffic patterns in Grid computing networks.

In a Grid network, multiple computers are interconnected so that every computer can talk to every other computer using high bandwidth I/O channels. A Grid computing network is typically used by physicists with computationally intensive requirements.

The University of Cambridge, which is working closely with several agencies such as the Centre for European Nuclear Research (CERN) and the UK Particle Physical Science Research Council, chose to deploy Procket’s PRO/8801 routers because its adaptive packet processing architecture allows users to gather detailed byte and packet statistics for accounting and security purposes.

The University made the decision after an extensive testing and evaluation process. As a result, it determined that the PRO/8801 could deliver full wire-rate throughput with deep packet filtering capabilities where access into application layer data well within the TCP payload is required. This capability is needed to distinguish between different Grid uses/users and to filter out malicious users when large volumes of traffic are coming into and out of the GRID centre.

‘The Procket router can let us pull packets off the wire at much higher rates and reflect them to our monitoring system in a controlled way based on the contents of packets (not just source and destination addresses). That means we can selectively log traffic from particular high bandwidth grid sites and then use our monitoring and analysis tools to try to understand the novel network behaviours of new Grid type applications,’ said Dr. Crowcroft.

Crowcroft says that understanding the behaviour of such applications will be increasingly important as high-speed networks such as the UK Light initiative start to emerge. This Initiative was funded by the UK HEFCE (Higher Education Funding Council for England) in February 2003 for £6.5 million to enable the UK to join several other leading networks in the world to create an international experimental testbed for optical networking.

‘The quantity of high speed applications with new traffic patterns seems likely to pick up a lot over the next 3 years (over these networks), and instead of trying to understand the nature of the traffic after it has happened, we would like to be prepared ahead of time,’ concluded Crowcroft.