What is MMT Load Balancer?
MMT-LB (Montimage Monitoring Tool - Load Balancer) is a network and application traffic load balancer or network traffic splitter that can be used to separate network traffic according to the traffic’s protocols or applications. Separating the traffic, while respecting the sessions (i.e., sticky sessions), allows, for instance analysing each part of the traffic by different instances of an IDS or security analysis probe using disjoint security verification rules. This will improve the scalability of the analysis with respect to the amount of traffic and the number of rules used.
Solution Overview :
- It uses DPDK (http://dpdk.org/) for the capturing of the network packets of high bandwidth network interfaces (e.g. 10Gbps NICs). A PCAPlib (http://www.tcpdump.org/) version is also available.
- DPDK’s symétric hash (called sym_hash) is programmed with MMT’s own algorithm to assure that a session is not split among the different Rx queues of the NIC (i.e., assure that the sessions are respected).
- Each execution thread manages the complete processing starting from the packet capture, to the classification by the MMT-DPI module, and ending with the redirection of the traffic to the appropriate network interface. In other words, each processing core will take the packets from one or more Rx queues of the input NICs, classify the packets, and redirect them to the appropriate Tx queues of the output NICs.
- For dealing with 10/20/40 Gbps traffic bandwidth, MMT-LB is designed to work best with a server with 16 or more processing cores and with 16 to 22 Rx queues made available by the NIC’s DPDK.
DPDK is a set of libraries and drivers for fast packet processing. It allows building applications that can receive and send packets within the minimum number of CPU cycles (usually less than 80 cycles). MMT-LB relies on this library to develop its fast packet capture algorithms and parallelize the packet processing tasks.
The following figure shows the main modules and functions: