1 / 14

ECE 526 – Network Processing Systems Design

ECE 526 – Network Processing Systems Design. Network Address Translator II. Overview. Review Network Address Translation Basic Conceptually Implementation Today IXP Implementation IXP Optimization Header caching Alignment ARP Checksum. NAT Basic. What is NAT:

forrest-conner
Download Presentation

ECE 526 – Network Processing Systems Design

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ECE 526 – Network Processing Systems Design Network Address Translator II

  2. Overview • Review • Network Address Translation Basic • Conceptually Implementation • Today • IXP Implementation • IXP Optimization • Header caching • Alignment • ARP • Checksum ECE 526

  3. NAT Basic • What is NAT: • System allowing multiple computers share single global IP address • Changing packet header: address, port number, IDs and etc • Located between a set of computers at a site and rest of the Internet • Mechanism: header modification • Source/destination IP address, source/destination port, checksum ECE 526

  4. Conceptual Implementation • Simplifying assumptions • No fragmentation (why) • No packet with IP option (why) • Flows initiated from local computer only (why) • NAT table • Creation: automatic • Updating policy: • LRU and priority heuristic • Optimization • Bucket hashing • Independent tables ECE 526

  5. NAT Complexity • Fragmentation causes header of encapsulated protocol are only present in first fragment • E.g., no port number available for later fragments • IP datagram with options • Memory requirement for NAT table ECE 526

  6. NAT Table Management • Creation • Automatically • Add one entry when it is first packet for new flow • Table entry lifetime • Based on packet header • E.g., Fin or reset for TCP • Aging • Counter down timer • Reset to maximum value once used • Decrease one every cycle • Table entry update • Least recent used • Priority heuristic • TCP > UDP > ARP >others ECE 526

  7. NAT IXP Implementation ECE 526

  8. NAT Overall Structure • What are implementation ideas to improve throughput? ECE 526

  9. NAT Microblock Organization ECE 526

  10. IXP Optimization • Header caching • Byte alignment • ARP lookup: • Checksum computation: incremental modification ECE 526

  11. Header caching • NAT need access multiple header fields • External DRAM access is very slow • Read packet header from buffer in DRAM to local memory • Modify headers using local memory copy • Write back from local memory to DRAM after processing ECE 526

  12. Byte alignment • Local memory is organized 4-byte words • Ethernet frame header is 14 byte • Simply copy: IP source/destination spanned into two entries • Use byte_align_be or byte_align_le to read and write local memory ECE 526

  13. ARP Lookup • ( IP address, MAC address) • 16 bytes each entry: IP address in one entry of LM; easily convert index to address by shifting • Checksum computation: incremental modification ECE 526

  14. Reminder • Read Chapter 10 ECE 526

More Related