Balancing Tunneled Traffic Based on Client IP Addresses

Multi-CPU Distribution

Platform
Napatech SmartNIC
Content Type
User Guide
Capture Software Version
Link™ Capture Software 12.7

Distributing tunneled traffic for different IP addresses between streams

Traffic to and from different client IP addresses inside a tunnel can be distributed between streams based on an inner tunnel hash key, so that traffic to and from one client goes to one stream and traffic to and from another client goes to another stream (or to the same stream).

Example using a SmartNIC port filter

Assume a client has an IP address 192.168.0.1 and it connects to remote IP addresses Y and Z. All the traffic from/to IP address 192.168.0.1 should end up in the same stream regardless of the destination IP address Y and Z. Also assume that all uplink traffic is on port 0, all downlink traffic is on port 1 and all tunneled traffic is IPv4. The idea is to generate a hash value from a key that only contains the client IP address. In uplink traffic coming from port 0, the address will be the source address, and in downlink traffic from port 1, the address will be the destination. This can be expressed in the following NTPL commands:

Define HashUp = Hash(HashWord0_3=InnerLayer3Header[12]/32)
Define HashDown = Hash(HashWord0_3=InnerLayer3Header[16]/32)
Define FilterUp = Filter(Port==0 AND InnerLayer3Protocol==IPV4)
Define FilterDown = Filter(Port==1 AND InnerLayer3Protocol==IPV4)
Assign[StreamId=(0..3); Hash = HashUp] = FilterUp
Assign[StreamId=(0..3); Hash = HashDown] = FilterDown

Example using an IP filter

Consider the case where similar functionality is wanted, but instead of having one port for uplink and one for downlink, the connection is a SPAN/mirror port. In this case the IP addresses of the possible gateways in and out of our network (SGSN and GGSN) must be known in order to be able to figure out if a packet is uplink or downlink. The uplink traffic has SGSN as source address or GGSN as destination address. The downlink traffic has SGSN as destination address or GGSN as source address. The up/down filters can in this case be defined like this:

DefineMacro("SGSN", "3")
DefineMacro("GGSN", "4")
IPMatchList[KeySet=SGSN] = IPv4Addr == [10.10.10.1]
IPMatchList[KeySet=GGSN] = IPv4Addr == [172.20.20.1]
Define FilterUp = Filter(KeyMatch(Layer3Header[12]/32)==SGSN
    OR KeyMatch(Layer3Header[16]/32)==GGSN)
Define FilterDown = Filter(KeyMatch(Layer3Header[12]/32)==GGSN
    OR KeyMatch(Layer3Header[16]/32)==SGSN)
Assign[StreamId=(0..3); Hash = HashUp] = FilterUp
Assign[StreamId=(0..3); Hash = HashDown] = FilterDown
Note: This example does not apply to NT200A01 running on the 2 × 100 Gbit/s capture/replay image.

Style Conventions

Bold typeface is used for names of, for instance, user interface elements and software components.

Italic typeface is used for replaceable text.

Monospaced typeface is used for code, commands and file names.

Abbreviations

CPU

Central Processing Unit

Dest

DESTination

DN

Document Number

Dst

DESTination

GGSN

Gateway GPRS Support Node

GPRS

General Packet Radio Service

GRE

Generic Routing Encapsulation

GTP

GPRS Tunneling Protocol

Id

IDentifier

Ids

IDentifierS

IP

Internet Protocol

m

Macro

MPLS

MultiProtocol Label Switching

N

Napatech

NT

NapaTech

NTPL

NapaTech Programming Language

Rev.

REVision

RTCP

Real-time Transport Control Protocol

RTP

Real-time Transport Protocol

SCTP

Stream Control Transmission Protocol

SGSN

Serving GPRS Support Node

SIP

Session Initiation Protocol

Src

SouRCe

Tcp, TCP

Transmission Control Protocol

Udp, UDP

User Datagram Protocol

v

Version

VLAN

Virtual Local Area Network

VoIP

Voice Over IP

References