140 likes | 152 Views
Learn about KONOE, a toolkit for building object-oriented online environments with the Gate Package for firewall bypass and high-speed transmission. Discover how to pass the firewall, use port-forwarding, benchmark performance, and more.
E N D
KONOE, a toolkit for an object-oriented online environment, with Gate Package M.Abe, Y.Nagasaka, F.Fujiwara, T.Tamura, I.Nakano, H.Sakamoto, Y.Sakamoto,S.Enomoto, I.Iwai, R.Tanaka, S.Kawabata, A.Manabe, T.Sasaki
Contents • Background • Firewall • Port-forwarding • SSH’s port-forwarding • Gate package • Bench mark • Conclusions
Background Online DAQ model Analysis Storage • The KONOE for DAQ • Toolkit for building DAQ systems • Collecting experiment data • Saving the data • Online monitoring and controlling • Processing log messages DAQ The Internet Event • The firewall Blocks the traffic Detector The function topass the Firewall is needed
Firewall • It looks at the packet in the networks • IP, Port, Protocol and so on. • It allows and rejects the packet according to a rule Analysis The Internet DAQ 80 80 22 22 Wait at 11000 port Wait at 12000 port Only allowed request can connect
Port-forwarding Firewall Connection request • Forwarding to a request port 22 port waiting at 22 and forwarding to 12000 process request of using port 22 process process request of using port 12000 Waiting at 12000 port Communicating is possible even if the firewall exists
SSH port-forwarding 22 port sshd ssh 21000 port Waiting at 21000 port process process • SSH is shell to secure remote login • It encodes the transmission data • It uses encoding and decoding functions Transmission speed will slow down by encrypting
Benchmarking • How to • Transfer 1-20 kbyte data • Measure transmission time • environment • OS linux kernel-2.4.18 • CPU Xeon 2GHz • Memory 256MByte • Network 1000BaseT Receive • Evaluation • Direct transfer • SSH transfer Measure time of transmission Send 1000Base 1~20K data
Speed of SSH port-forwarding Slow down( about 60% ) Transmission speed (Mbyte/s) 42.5 Mbyte/s 25 Mbyte/s
Gate package Gate package Any connection Using open-port connection Firewall Ctrl-packet Data size 32bit IP address 32bit Port number 32bit Head/Area/Command flag 8bit • Features of the gate package • Can Pass the firewall by using port-forwarding • Realizes a high speed transmission performance • Uses the Ctrl-packet to connect Wait at 8080 and 80 port
Bench marking • Environment • OS linux kernel-2.4.18 • CPU Xeon 2GHz • Memory 256MByte • Network 1000BaseT • How to measure • Transfer 1-20 kbyte data • Measure transmission time Receive 1~20K data • Evaluation • Direct transfer • SSH transfer • Gate package transfer Send Measure time of transmission 1000BaseT
Transmission speed of this package Mark a good performance Same with direct at greater than 8K byte Transmission speed (Mbyte/s) Higher than SSH at 1K byte or more
Conclusions • Recently, the online DAQ is executing using the internet • Traffic is blocked by the firewall • Developed the Gate package • function • Communication passing the firewall • Performance • At greater than 1 kbyte, transmission speed is higher than SSH • At greater than 8 kbyte, transmission speed is same to direct one • The KONOE become to able to pass the firewall.
Transmission time Time (usec)
Data format Data size 32bit Payload data 0~(2 × 8 - 40) bit 32 • 2 kind of data format • Control format • It uses to establish connection • Data format Data size 32bit IP address 32bit PORT 32bit Head/Area/Command flag 8bit Data flag 8bit