KONOE, a toolkit for an object-oriented online environment, with Gate Package

KONOE, a toolkit for an object-oriented online environment, with Gate Package

M.Abe, Y.Nagasaka, F.Fujiwara,T.Tamura, I.Nakano, H.Sakamoto,Y.Sakamoto,S.Enomoto, I.Iwai,R.Tanaka, S.Kawabata, A.Manabe,T.Sasaki

2/12

Contents

Background Firewall Port-forwarding SSH’s port-forwarding Gate package Bench mark Conclusions

3/12

Background

The KONOE for DAQ Toolkit for building DAQ systems

Collecting experiment data Saving the data Online monitoring and controlling Processing log messages

Detector

StorageAnalysisOnline DAQ model

DAQ

The Internet

The firewall Blocks the traffic

The function to pass the Firewall is needed

Event

4/12

Firewall

It looks at the packet in the networks IP, Port, Protocol and so on.

It allows and rejects the packet according to a rule

Analysis

Wait at 11000 port

Wait at12000 port

8080

22 22

Only allowed request can connect

The Internet DAQ

5/12

Port-forwarding

Forwarding to a request port

Communicating is possible even if the firewall exists

Firewall

Connection request

request of using port 12000

request of using port 22

waiting at 22and

forwarding to 12000

Waiting at 12000 port

process process

process

22 port

6/12

SSH port-forwarding

SSH is shell to secure remote login It encodes the transmission data

It uses encoding and decoding functions

21000port

22 port

process processWaiting at 21000 port

ssh sshd

Transmission speed will slow down by encrypting

7/12

Benchmarking

environment OS linux kernel-2.4.18 CPU Xeon 2GHz Memory 256MByte Network 1000BaseT

Evaluation Direct transfer SSH transfer

How to Transfer 1-20 kbyte data Measure transmission time

1000Base

1~20Kdata

Receive

Send

Measure time of transmission

8/12

Speed of SSH port-forwardingT

rans

mis

sion

spe

ed (

Mby

te/s

)

25 Mbyte/s

42.5 Mbyte/s

Slow down( about 60% )

9/12

Gate package Features of the gate package

Can Pass the firewall by using port-forwarding Realizes a high speed transmission performance Uses the Ctrl-packet to connect

Data size 32bit IP address 32bitPort number 32bit

Head/Area/Command flag 8bit

Wait at8080 and 80 port

Any connectionUsing open-port connection

Gate package

Firewall

Ctrl-packet

10/12

Bench marking

Environment OS linux kernel-2.4.18 CPU Xeon 2GHz Memory 256MByte Network 1000BaseT

How to measure Transfer 1-20 kbyte data Measure transmission time

1000BaseT

1~20Kdata

Receive

Send Measure time of transmission

Evaluation Direct transfer SSH transfer Gate package transfer

11/12

Transmission speed of this packageT

rans

mis

sion

spe

ed (

Mby

te/s

)

Higher than SSHat 1K byte or more

Same with directat greater than 8K byte

Mark a good performance

12/12

Conclusions Recently, the online DAQ is executing using the

internet Traffic is blocked by the firewall

Developed the Gate package function

Communication passing the firewall Performance

At greater than 1 kbyte, transmission speed is higher than SSH At greater than 8 kbyte, transmission speed is same to direct one

The KONOE become to able to pass the firewall.

13/12

Transmission timeT

ime

(u s

ec)

14/12

2 kind of data format Control format

It uses to establish connection

Data format

Data format

Data size32bit

IP address32bit

PORT32bit

Data flag8bit

Payload data0 ～ (2 × 8 - 40) bit

32Data size

32bit

Head/Area/Command flag8bit