PPP
This documentation intended to serve the purpose of giving detail level architecture description.
- Performance bound
- Bidirectional communication interface from MS to PPP will be through AMQP
- Unidirectional communication interface from PPP to PHS or another new component will be through RXTXAL
- Default PPP plugin will be HTTP processing
TBD
PPP main purpose is to filter packet payloads (above Layer 4) and perform any additional operations such as session tracking if need be. PPP will be launched as a standalone process that pulls packets using RXTXAL API with load balancing and clustering supported on both input and output lines through RXTXAL library. Input and output line should also support multiple communication channels. In order to achieve high level throughput performance, multiple IPPS can be launched together as standalone processes. The packet flow will be in the following order:
- Packet comes in and passed to RXTXAL on the input line where RXTXAL performs load balancing on communication channel(s)
- Packet being filtered by plugin at user space with “HTTP processing” as the default plugin
- Packet comes out and passed to RXTXAL on the output line where RXTXAL performs load balancing if need be on communication channel(s)
Figure 1 (component stack)
- Background configuration/registration thread
- RXTXAL input configuration and load balancing
- User level Layer 4 protocol plugin
- RXTXAL output configuration and load balancing
- Logging
Background thread is responsible for configuring and registering PPP component, which uses AMQP as communication channel to the MS. Responsibilities:
- The only thread that is up and running when the daemon first started
- RXTXAL input and output channels configuration
- Configure/load plugin (default: HTTP plugin)
- Idle once configuration and registration have been successfully applied
Configuration can only be done once PPP component has been successfully registered.
|----------------| |-----------|
down -> up -> registering -> registered -> loading -> loaded
| | | | | |
------------------------------|----------------------
error
Below is the bi-directional communication between MS and PPP:
- PPP uuid
- status (state-machine): registering, registered, error
- status (state-machine): registering, registered, error
- RXTXAL
- User level Layer 4 protocol plugin
- logging
- status (state-machine): loading, loaded, error
Performs configurations for input channels and load balancing for all the input channels using RXTXAL library. Packets received will be forwarded to user space component for user level Layer 4 protocol plugin filtering.
For example, setting the RXTXAL library to do load balancing if we want and perform filtering on L4 packets on TCP and UDP port 80 on logical interface enp0s3. example:
{
"version": "1.0.0",
...
"io_drivers": {
"dpi_input": {
"direction": "tx",
"core_bind_id":1,
"watermark": 100,
"poll_wait_msec":10,
"ring_cluster_id":55,
"intf_names": ["enp0s3"],
"pcap_filters": [
"tcp port 80",
"udp port 80"
]
},
...
},
...
}
The packets that are being serviced at user level can go through a chain of plugins. It parses, dissects and applies regex on the packet payload (L4 payload) at user space level and performs regex matching based on configuration given and determines if the packet needs to be passed to the PHS or not and filtering will be "OR" operation pipeline. Example of PPP responsibility as packet filtering through http plugin operation:
- above L4 decoding
- session correlation
- above L4 packet filtering Packets received will be forwarded to RXTXAL output component for load balancing.
For example, allowing "https and "http" plugin to filter specific TCP/UDP packets payload url, header or body to be forwarded to the next pipeline. example:
{
"version": "1.0.0",
...
"plugins": [
{
"type": "http",
"services": [
{
"name": "hbo",
"url_regex": [],
"header_regex": [],
"body_regex": []
}
]
},
{
"type": "https",
"services": [
{
"name": "tls"
}
]
}
]
}
Performs configurations for output channels and load balancing for all the output channels using RXTXAL library. Packets received can be forwarded to another PPP, PHS or new component.
For example, setting the RXTXAL library to do load balancing if we want and QinQ tagging the packet as video packet leaving the logical interface. example:
{
"version": "1.0.0",
...
"io_drivers": {
...
"dpi_output": {
"direction": "rx",
"core_bind_id":2,
"watermark": 1000,
"poll_wait_msec":100,
"ring_cluster_id":80,
"intf_names": ["enp0s4"],
"qinq_vlan_push": {
"tpid": "0x8100",
"pcp": 4,
"dei": 0,
"vid": 254
},
}
},
...
}
C++ open source spdlog library
Example configuration:
- location: /tmp/ppp
- size: 10 MB
- max log rotate: 5
- log level: debug
{
"version": "1.0.0",
"log": {
"dir_location": "/tmp/ppp",
"size_mb": 10,
"num": 5,
"level": "debug"
},
...
}
example format: [date] [location] [debug level]
[2017-02-10 01:15:06.916] [/tmp/ipps/ppthd_0] [info]