摘要
一般的网络安全应用软件,只对网络中的某类报文进行处理,基于通用的网卡采集网络数据,会收到大量的无用报文,降低系统效率。本文基于FPGA和零拷贝技术,设计并实现了一种智能网卡,将报文分类过滤工作下移到网卡硬件中实现,智能网卡完成了网络数据包报文捕获、报文分析、规则匹配等工作,可以过滤掉无用报文,只把应用关心的报文提交给到主机系统。与普通网卡相比,智能网卡可以有效提升网络数据采集的效率。
General network security application software only process some kinds of packets. When the data is acquisited from ordinary NIC(network interface card), it involves many useless packets, which cause the reduction of system performance. Based on the FPGA (Field Programmable Gate Array) and zero-copy technologies, this paper describes the design of a intelligent NIC. In this NIC, packet classification can be done in hardware. The intelligent NIC can capture packets, analyze and classify them, and can filter out useless packets. Only the packets that application software care will be submitted to the server system. Intelliqent NIC obtains hiqher performance compared with ordinary NIC in network data acouisition.
关键词
智能网卡
FPGA
报文分类
intelligent NIC
FPGA
packet classification
