Monosek
MONOSEK is a Network Processor based Network Packet Processing and Network Session Analysis system”.
For designers of communications equipment whose network processing requirements extend beyond simple forwarding, the NFP-32xx delivers high performance packet processing with intelligence, security and virtualization for millions of simultaneous flows. Unlike network processors and multicore CPUs that lack L4-L7 programmability or cannot scale to 10 Gbps and beyond, the NFP-32xx is powered by 40 programmable flow processing cores that deliver 2,000 instructions and 50 flow operations per packet at 30 million pps, enabling up to 40Gbps of L2-L7 processing.
Product Highlights NFP-3240
- 70-million enqueue/dequeue packet operations per second
- More than 70 Gbps of total memory bandwidth
- SRAM with support for more than 300 MQOps (queuing operations/second)
- Source-code and backward compatibility with Intel® IXP28XX microengines
- High-performance solution with low power consumption for a broad range of L2-L7 applications
- Delivering up to 30 Mpps/20 Gbps packet forwarding, policing, scheduling, queue management
- Enhanced flow processing cores (v2.7) derived from Intel microengine version (v2.6)
- 40 fully programmable flow processing cores with eight threads each running up to 1.4GHz.
- High-speed PCIe 2.0 interface to multicore x86 or external control plane processor
- Standards-based interfaces for easy integration (e.g., QDRII, DDR3, PCIe 2.0, XAUI, Interlaken)
- Integrated cryptography engine
- High-performance 32-bit ARM11
Flow Processor
- NFP-3240 operating at up to 1.4Ghz
Programmable Processing Cores
- 40 multi-threaded flow processing cores operating at up to 1.4 GHz
- 320 threads
- Microengine v2.7 (8k instructions or 16k shared between 2 MEs; 1k-word local memory)
- ARM11 core @ 700MHz, 500MHz and 325MHz/32-bit data path
Hardware Accelerators
- 20 Gbps cryptography block for DES, 3DES, AES, SHA-1 and SHA-2 algorithms
- PKI engine, 20K RSA ops (1024-bit keys).
Flexible High Bandwidth Interfaces
- SPI-4 Phase 2 @ 250-500MHz (622-1,000 MTs) with 16-bit LVDS (dual-edge) signaling
- XAUI interface @ 3.125GHz for 4 lanes supporting 10 Gbps operation
- Interlaken interface @ 6.25GHz per lane (each of the 4 lanes supports 3.125-6.375GHz operation)
- 1x PCIe Gen2 x8
Memory
- SRAM interface (QDR) (two channels) with peak bandwidth of 2GBytes/sec per channel using 250MHz SRAMs (1GByte/sec Read, 1GByte/secWrite)
- DDR3 DRAM (two channels) with peak bandwidth 8.5GBytes/sec (68.2 Gbps) for 64-bit channel
Power Supply Voltages
- ME Vdd Voltage, 1.125V±3%
- ARM11 Core Vdd Voltage, 1.05V±3%
- Memory I/O Voltage, 1.5V±5%
- GEN-II PCIe I/O Voltage, 1.0V±3%
- SPI4.2 I/O Voltage, 2.5V±5%
- Interlaken Voltage, 1.0V±3%
Performance
- Over 40 Gbps wire speed programmable stateful flow and packet processing
- 56 billion instructions per second
- 30M packets per second
- 1,800 instructions per packet
- 1.84 billion instructions per watt
Package Information
- 1932 Ball (45mmx45mm) Flip Chip Ball Grid Array (FCBGA)
- 1mm solder ball pitch
- 6/6 RoHS-compliant Solution
NFE-3240 Features
- Up to 40 flow processing cores
- OpenFlow 1.3 support with 42 match fields
- OVS 2.0 acceleration
- Packet classification and filtering
- Stateful flow analysis and action processing for up to 8 million flows in hardware
- Hardware-based cryptography and PKI operations
- Extremely low latency
- I/O virtualization
- Packet timestamping with 11ns accuracy
- GPS time synchronization
- Dynamic load balancing to parallelize application performance
- Layer 2 switching
- Layer 3 routing
- Network address and port translation (NAPT)
- Full programming flexibility to support network or protocol changes
- APIs controlling flow processing cores
PCIe
- PCIe Gen2 interface x 8 offering up to 40 Gbps of bandwidth to the x86
Network Interfaces
- 2x10GigE, SFP+
- 6x1GigE, RJ-45
Memory
- TCAM, up to 36Mb TCAM
- SRAM, up to 32MB @ 300Mhz
- DDR3 DRAM, up to 8GB
Power
- 40W (average)
- 65W (maximum)
Operating Temperature
- 0-70°C ambient
SOFTWARE
- Comprehensive software and hardware development tools
- Comprehensive library of application software building blocks
Operating Systems:
- Ubuntu Server LTS 64-bit (currently 12.04)
- CentOS 6.x 64-bit
Compatible Hardware Platforms:
- NFP-3200 acceleration platforms
- Intel Xeon host CPUs (PCIe Gen2 and Gen3)
- AMD host CPUs (PCIe Gen2 and Gen3)
Licensing:
- 20 users license with speed support up to 6Gbps.
- 8 users license with speed support up to 100Mbps.
Research Interests:
- Virus signatures - Study and analysis.
- Network attacks - Known attacks – Identifying and alerting, creating statistics.
- Network attacks - Behavioral pattern matching to estimate possible new threats.
Real Time & Forensic – Applications and Services
- Monitoring the high speed network traffic.
- Developing own pattern of traffic with API calls.
- Enables us to understand protocols practically.
- To study various protocol traffic patterns.
- To have in-depth analysis of all protocols.
- To create sessions and perform session reconstruction of analyzed protocols.
- Vast scope for Research and Development in Protocols using API calls.
- API-calls serve us to build our own application.
Sl No. | Sample Experiments for students ( available with SDK library and Source code) |
---|---|
1 | Display all packets (irrespective of Transport Protocol) in a table format. |
2 | Display all TCP packets in a table format. |
3 | Display all UDP packets in a table format. |
4 | Display all TCP packets in a table format. |
5 | Display all SMTP packets in a complete packet format.. |
6 | Display all POP3 packets in a table format. |
7 | Display all HTTP packets in a table format. |
8 | Display list of all captured IPv4 addresses being monitored. |
9 | Display list of all captured IPv4 addresses using HTTP services. |
10 | Display all packets (irrespective of Transport Protocol) in a complete packet format. |
11 | Display all TCP packets in a complete packet format. |
12 | Display all UDP packets in a complete packet format. |
13 | Display all packets with layer wise information display ( TCP/IP model based) |
14 | Display a Flow Analysis of TCP Handshake mechanism. |
15 | VoIP Analysis using SIP/RTP protocols and performs VoIP session reconstruction. |
16 | Deep Packet Inspection techniques to detect XSS, SQLI vulnerabilities. |
17 | IP Trace back to map an IPv4 addresses to Geo locations. |
18 | Deep Packet Inspection techniques to detect Flow based Application protocols. |
19 | Pattern matching filter for the analyzed and reconstructed sessions (HTTP, SMTP, POP3). |
20 | Detect IPv4 addresses from the session reconstructed data of POP3 mail containing details of Origin, Receiver and Proxies involved. |
“Monosek on Cloud”, for people to learn, develop, perform Research in the cloud or on-premise in their own environment.