Electronic Design

Deep Packet Inspection At 20 Gbits/s Improves Networking Monitoring And Control

Most packet protocols permit virtually any packet to encapsulate another. So, it's difficult for any network administrator to know just what is passing through the network. The solution to this pervasive problem is deep packet inspection, which usually means looking at the data payload of packets passing through the system.

Software mostly handles this today, but it doesn't accomplish it at the usual line rates of 10 Gbits/s or even 1 Gbit/s. Also, it most likely doesn't include header inspection. Startup cPacket Networks has fixed that problem, though, with its cPacket 20G chip.

The cPacket 20G performs deep packet inspection, including header classification, at a 20-Gbit/s rate one way or 10 Gbits/s duplex. With it, designers can build highly intelligent switches, routers, or other network boxes that can actively analyze and respond to network traffic based upon a 100% analysis of the packet payloads and headers. Overall, it provides about 10 times the processing performance at one-tenth the cost of other slower, more complex, and expensive solutions while consuming 6 W (see the figure).

The chip inspects and classifies packets based upon both payload and header. Whatever protocol, such as Sonet, Ethernet, or TCP/IP, its pattern-matching algorithms match profiles selected by the user via cPacket software.

The cPacket 20G then looks at the bit stream bit-by-bit so it can count, tag, redirect, replicate, or drop information beyond user-specified protocol. The process is completely deterministic, meaning independent of the data itself. The algorithm lets the process scale linearly with the chip area to 40 and 100 Gbits/s.

The fully pipelined architecture of the chip comprises a two-dimensional array of proprietary very long instruction word (VLIW) processing elements that provides a predictable throughput under any traffic condition. As an example, the chip can monitor events like failed login attempts and take corrective action by dropping or rate-limiting specific traffic profiles.

Users set up monitoring and control protocols with software that modifies the chip, which uses templates to completely eliminate unwanted programming. Also, users can specify complex traffic profiles without worrying about low-level protocol details like chained virtual local-area networks or case-insensitive pattern searches. Complete packet inspection enables integration of traffic monitoring, network security, test, and lawful intercept into intelligent switches and network devices.

The chip doesn't have any external memories or coprocessors. It offers in-order processing, and there's no software in the data path. It provides flexible templates and incremental provisioning. And, the chip can be placed almost anywhere inside the switch or router, and it becomes just a "bump in the wire."

With increasing network speeds and the continuous introduction of new applications such as Internet Protocol television (IPTV), Web video conferencing, storage networks, IMS, P2P, and Voice over Internet Protocol (VoIP), the need to know what's going on in the network is more important than ever. The cPacket 20G could solve cost-performance issues with current equipment and eliminate the bottleneck caused by slow software inspection that is the norm today at a reasonable price.

The cPacket 20G is sampling now. Several reference designs are available.

cPacket Networks Inc.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.