Análisis de mecanismos software para la captura pasiva y procesamiento de tráfico de red

Igor Delgado, Armando Ferro, Alfredo Beaumont, Alex Muñoz
V Jornadas de Ingeniería Telemática (JITEL'05). Vigo, Spain. September 12-14

<span lang="en">Analysis of network traffic has become a really important task for many fields, from IDS to QoS evaluation. The great increase in the speed of networks, much faster than processor's performance increase, is making difficult to handle the processing of all network packets. One way to solve this problem is to move the processing to the hardware elements. This is a very expensive solution and, in some cases, improving the performance of the capturing software may be enough. Although current general purpose operating systems have been improving the performance of network processing, there is still place for improvement. In this paper we present in detail the way followed by a packet through the operating system until it is processed at user level. Some empirical measurements has been made along the packet journey in order to find the bottlenecks of the capturing process as well as discussing some ways to further increase the performance of the capturing process.</span>