-
Notifications
You must be signed in to change notification settings - Fork 140
Flexrouter
The reference router implementation on the NetFPGA platform has been changed in order to hijack the incoming packets according to rules specified by the user through NetFPGA registers. This means that we are able to change any field of any incoming packets; of course, depending on whether we are changing TCP or IP header fields, we need to recompute the TCP or IP checksum and store them back into the packets. Our implementation works at user data path level and modifies packet fields if certain conditions defined by the user through NetFPGA registers are satisfied.
- Status :
- Version :
- Authors :
- NetFPGA base source :
- Install the Flex Router Project (coming soon).
Our system consists of two main components: hardware and software. The hardware component is an extended NetFPGA IPv4 reference router that, for each packet satisfying user defined constraints, changes its fields accordingly. The software component is represented by a graphical user interface which writes the constraints defined by the users into new NetFPGA registers that we have created. The system architecture is shown in below.
Our design modifies the User Data Path module of the reference router. We have introduced two new modules (flex_router_preprocess and flex_router) between output_port_lookup and output_queues. flex_router_preprocess takes as input data provided by the output_port_lookup module; hence it evaluates the users data provided using new defined registers and computes the new IP and TCP checksums for each incoming packet which satisfies these rules. Once computed, it enables the next module, the flex_router, allowing it to receive the new computed values. The flex_router module, hence, writes into the appropriate packet fields, the data specified by the users and the new computed check-sums where needed.
A Graphical User Interface (GUI) developed in JAVA has been used to allow the user which packet to modify. In the figure below, a screenshot of the JAVA application is displayed. he column on the left represents the requirements that a packet has to satisfy; if it does, then, the values on the second column are written in the relative packet fields. As shown in Fig. 5, packets having as IP source 192.168.1.2, as IP destination 192.168.2.2 and as TCP source port 5554 will satisfy the user defined rule: the packets satisfying the rules will be hijacked: their IP source and the advertised window size fields will be overwritten, respectively, with the new values 192.168.3.2 and 52.
When the user specifies the values, once he clicks on the write button, the new values will be passed from the host computer to the NetFPGA board which will write them into registers introduced in our design. If any of the parameters are not specified, then the relative field is not taken into account.
- Compile the GUI from the source:
cd projects/flex_router/sw/gui make
- Ensure that the NetFPGA kernel driver is loaded and that the CPCI has been reprogrammed.
- Download the Flex Router bitfile:
nf2_download flex_router.bit
The Flex Router system can be tested using the below topology. The NetFPGA interfaces use IP addresses 192.168.x.2, where 'x' is the interface number (starting at 0). Connect two PCs to the 2nd and 3rd NetFPGA port, whit IP address 192.168.1.2 and 192.168.2.2 respectively.
On the host system :
- Run SCONE. The cpuhw file has been provided for this topology (projects/flex_router/sw/scone).
cpuhw: eth0 192.168.0.1 255.255.255.0 00:00:00:00:00:01 eth1 192.168.1.1 255.255.255.0 00:00:00:00:00:02 eth2 192.168.2.1 255.255.255.0 00:00:00:00:00:03 eth3 192.168.3.1 255.255.255.0 00:00:00:00:00:04
- Run the GUI:
cd projects/flex_router/sw/gui java GUI
- Define rules and new values through the GUI.
- Open Wireshark (or similar) and check that required changes in packet fields have effectively occurred.
[1] J.W. Lockwood, J. Naous, G. Gibb. (2008, Aug) Building Gigabit-rate Routers with the NetFPGA: NICTA Tutorial at UNSW. Sydney, Australia. [Online]. Available: http://netfpga.org/tutorials/NICTA2008/NICTA-NetFPGA_Tutorial-Ver_2-2008_02_3.ppt
[2] M. Ciesla, V. Sivaraman, and A. Seneviratne. (2009). Url extraction on the NetFPGA reference router. http://www.ee.unsw.edu.au/Students/MichaelCiesla/NFDevWksp-final9.pdf