Architectural lessons from other projects

[prasadtalasila]

The topas project performs distributed flow measurements using IPFIX/PSAMP. The important innovation is that the remote probes can collect interesting packets as well. These packets collected at remote probes are sent to collector node to be fed into Wireshark.

This use case is exactly similar to what we are trying to achieve. What lessons can we draw from this architecture and application?

Datix performs distributed analytics on network data sets. The innovation seems to be in the sphere of distributed DB algorithms. But do checkout the paper.

Software defined monitoring (SDM) of the application protocols architecture combines both software and hardware-based approaches to perform 100Gbps flow measurements.

_References_

1. Münz, G. and Carle, G., 2008, April. Distributed network analysis using TOPAS and Wireshark. In Network Operations and Management Symposium Workshops, 2008. NOMS Workshops 2008. IEEE (pp. 161-164). IEEE.
2. https://github.com/tumi8/topas
3. Sarlis, D., Papailiou, N., Konstantinou, I., Smaragdakis, G. and Koziris, N., 2015. Datix: A System for Scalable Network Analytics. ACM SIGCOMM Computer Communication Review, 45(5), pp.21-28.
4. Lukas Kekely, Viktor Pus and Jan Korenek, Software Defined Monitoring of Application Protocols, IEEE INFOCOM 2014.
5. Lukas Kekely, Viktor Pus and Jan Korenek, Low-Latency Modular Packet Header Parser for FPGA, ANCS 2012.
6. Gad, R., Kappes, M. and Medina-Bulo, I., 2014, July. Bridging the Gap between Low-Level Network Traffic Data Acquisition and Higher-Level Frameworks. In Computer Software and Applications Conference Workshops (COMPSACW), 2014 IEEE 38th International (pp. 67-72). IEEE.
7. https://github.com/ruedigergad/clj-net-pcap; http://ruedigergad.com/publications/

[prasadtalasila]

Not a priority right now.