International Conference on e-Learning and the Knowledge Society - e-Learning’11

Atomos – Internet Traffic Disruptor

Jouni Ikonen, Vesa Jääskeläinen and Janne Parkkila

Abstract: In this paper we present Atomos, a network connection quality emulation tool. Atomosdevice is placed in the wire between two communicating devices and provides the programming communitya tool to test their software with varying network connection parameters like packet loss, delay and jitter. Oursolution is implemented by using of OpenWRT Linux distribution in a dedicated wireless router and withcustom made Atomos software. Solution utilizes Linux kernel’s raw sockets interface in promiscuous modeto capture all network traffic. The solution is low cost and can be easily adopted. This paper describes theimplementation and the use of Atomos.

Key words: distributed programming, traffic emulator.

INTRODUCTIONDistributed and parallel processing have a tendency to add an additional dimension to thecomplexity of programming. Such programs commonly depend on instances that can belocated at neighbouring processors or even in another computer. When a distributedprogram requires information from another computer, the network connection between thetwo computers has to be taken into account. Quite a many programmers have a bad habitof developing distributed applications based on trial and error. However, there are anumber of aspects that need to be considered when programming in non-traditional, suchas networked, environment. One notable factor is the non-deterministic character ofnetwork traffic, i.e. there exists no prior knowledge on how long it takes to send a messagefrom one computer to another. Additionally there can be other issues that need to beconsidered. For example in the Internet Protocol, the messages can arrive in differentorder than initially sent due to routing decisions related to the protocol [2].

Testing network related program code can sometimes be difficult. A common environmentrarely allows testing in a more fluctuating network, where loss of packets or other problemsare always at hand. A well-tried solution for testing programs in such rough conditions is touse network emulators. There exists a numerous amount of tools, such as NetworkSimulator [1] for emulating real traffic, and scalable emulator architecture [5]. Generallymany of the solutions are created for specialized protocol analysis purposes featuring awide variety of options. However, our goal was the implementation of a low cost, easy todeploy and simple to use device for teaching purposes. As installing such tools that canaccess and modify the network traffic is not usually allowed, the implementation is done onan external hardware.

This paper presents a system that is capable of emulating different networkingenvironments. The emulator itself can be installed on a device that is placed between twonetworking interfaces thus allowing the device to produce different network conditions forthe flowing traffic. The system can generate or modify the following characteristics:

Packet latency – Amount of time that an IP data packet is delayed within the buffers Packet jitter – The variance between packet delivery times Packet duplication – Simulation of routing error where the IP packets are duplicated

and delivered at different times Packet loss – The percentage of packets the device destroys

All of the mentioned characteristics are used to simulate the different network conditions. Atypical example would be the emulation of General Packed Radio Service (GPRS) where alatency of 1-2 seconds is common. A normal delay in Local Area Network (LAN) is less

International Conference on e-Learning and the Knowledge Society - e-Learning’11

than 1 millisecond. It is quite easy to understand that the protocol design phase shouldtake this delay into consideration. However, inspecting students' implementations, it canbe seen that they do not consider issues such as latency, packet loss and bit error. This isdue to the fact, that in a closed LAN environment these problems do normally arise.Network emulation allows the students to understand and take these issues intoconsideration when developing solutions requiring network connection.

SYSTEM DESIGN AND IMPLEMENTATIONConvincing a computer administrator to allow installing additional software to a workstationcan sometimes be difficult. In order to be able to modify the incoming and outgoingnetwork traffic, we have devised a solution named as Atomos. It is a network trafficemulator that can be placed between two workstations without the need to adjust theworkstation settings and thus compromising the security. Only recommended addition isusing two different network cards – one for the real internet traffic and the other for testing.By setting-up the environment this way the regular use of the workstation is not interferedby the Atomos system. A suggested hardware set-up is to place the traffic emulatorbetween two machines, as shown in the Figure 1. Note that the Atomos device iscompletely transparent to both of the computers. In addition the network emulator has aseparate management interface to which a third device, such as a laptop, can beconnected in order to modify the emulator’s rules on the fly. The management interface isshown in Figure 2.

Figure 1. Suggested setup for traffic emulation.

Administration workstation

Atomos – network emulator

Test workstation A

Test workstation B

International Conference on e-Learning and the Knowledge Society - e-Learning’11

The device running the network emulator is a wireless Linksys wrt54gl router containing aninternal Ethernet switch that has a virtual local area network (VLAN) support. The internalswitch has six physical ports of which one is connected to the embedded processor of thedevice and the rest are connected to the external WAN and LAN ports. This architecture isportrayed in the Figure 3. The device is configured to to send Ethernet frames with VirtualLAN information between the internal switch and the embedded processor, and to sendthe frames without VLAN information through the other ports. The processor uses theadditional information to create virtual network interfaces in order to allow dedicatedcommunication through the external device ports. In a normal configuration the LAN portswould be configured to the same virtual local area network allowing fast packet traversaltimes between the ports.

Figure 2. Atomos management interface.

However, in Atomos the internal switch is set in a way where different LAN ports areconfigured to different VLANs. This way Atomos software acts as a virtual bridge betweenthe virtual local area networks, allowing it to modify the passing traffic. As one of the port isdedicated to the web based administration interface and two are directed for the Atomos touse, one LAN and one WAN port are left free for other purposes.

International Conference on e-Learning and the Knowledge Society - e-Learning’11

Figure 3. Ethernet switch featuring a VLAN support. The internal switch isconnected via VLAN to actual external device ports (WAN and LAN ports)

Atomos Software is built on on top of an open-source Linux kernel known as OpenWrt [3].The raw socket interface [6] of the kernel is used to manage the connections between twonetwork interfaces. These interfaces are Virtual Local Area Networks which are configuredfor promiscuous mode thus listening all the flowing network traffic, regardless of theintended recipients. The software components of Atomos are portrayed in Figure 4. ThePacketCaptureEngine is used to capture packets from both network interfaces and to passthem on to PacketProcessor. This processor then takes action on the captured packagesbased on the system settings. In addition to to configuring the characteristics of thenetwork a certain percentage can be used to define the likelihood of a certain event. Forexample, if a packet delivery is decided to be delayed, the processor will forward it toPacketDelayEngine which will cause the packets to be sent at a specified moment of time.Once a packet is decided to be forwarded, it will be given back to the PacketCaptureengine for instant delivery. Furthermore Atomos keeps track of the statistic information ofactions taken using the StatisticsHelper. The statistics can be queried with the use ofadministrative web interface of the device.

In current system the Linux kernel is functioning as a proxy between the networkinghardware and the application layer. This way the system provides features that allowprocessing of networking hardware's incoming and outgoing data frames. The receiveddata frame is analyzed in order to determine which protocol handler is needed to furtherprocess the data. In the case of Atomos, the software data frame received from thenetworking hardware is first processed by the network driver. After this it is passed to theVLAN module to determine from where it was receive from. Finally the data frame ends upto Atomos software via the raw socket interface. This design improves the portability of thesoftware, allowing it to be used in other systems as well. The downside here is the copyingof data between the linux kernel and the user space, which has impact on performance.

When using Linux kernel the optimal solution for the best performance would be todevelop a kernel module for processing data directly from the network driver. With thisapproach a zero-copy solution could be achieved but that would require further time todevelop. Installing a kernel update to the system would require at least recompilation ofthe developed module – or in the worst case, modifying the source code to adapt to thechanges of the new kernel.

International Conference on e-Learning and the Knowledge Society - e-Learning’11

Figure 4. Atomos software organization

During the study an alternative way to use Linux kernel netfilter's queue module inconjunction with the userspace library libipq [4] was also experimented. When libipq isused to copy the network data, the userspace can be kept to minimum while still allowingdecission making based on contents of the received data frame's header. However, libipqhas a limitation that does not allow it to create new data frames that would be required fordelaying or duplicating data frames. As there was no solution to overcome this restrictionof libipq, the further development based on the library was halted.

CONCLUSIONS AND FUTURE WORK

The Atomos Internet Traffic Disruptor has been used on network programmingcourses to simulate network behaviour. The system has provided students an efficient toolto realize that their self-made distributed programs can behave differently under LAN,WAN and mobile environments. The tool has truly allowed the students working onprotocol design assignments to understand the importance of protocol robustness in orderto deal with problems such as packet loss and long delays.

The implemented system has been designed concentrating on the end-user. The toolis easy to use and highly cost-efficient. Atomos can be installed to a cheap 50 € off-shelfnetwork router. A good suggestion is to add additional network interfaces to the PCs in thetest network and specify them own IP addresses that can be used in program testing.

The system presented in this paper does not aim to be a silver bullet that solves allpossible network emulation requirements. It is just a simple but efficient tool for exposingstudents to the most common network problematic. The solution does suffer fromprocessor and memory limitations of the embedded device and must be taken intoconsideration when used to make measurements. All in all, the system has been found tobe more than adequate for emulating basic characteristics of network behaviour forprogrammers' use.

International Conference on e-Learning and the Knowledge Society - e-Learning’11

REFERENCES[1] Breslau, L. et al. Advances in network simulation, Computer, vol.33, no.5, pp.59-

67, May 2000.[2] Comer, D., E., Internetworking with TCP/IP, Volume 1: Principles Protocols and

Architecture, 5th edition, Prentice Hall, 2006[3] Homepage of OpenWrt Linux distribution for embedded devices,

http://www.openwrt.org/ [visited 5.7.2011] [4] Morris, J., Linux Programmer's Manual, Libipq, 2001. Manpages of Libipq,

available from http://linux.die.net/man/3/libipq [visited 5.7.2011][5] Oki, E. et al. Scalable network emulator architecture to support IP+optical network

management, IEEE Network Operations and Management Symposium (NOMS), pp. 902-905, 19-23 April 2010.

[6] Stevens, R. W., Fenner, B., Rudoff, A. M. UNIX Network Programming: Thesockets networking API, 3rd edition, Addison-Wesley, 2004.

ABOUT THE AUTHORSAssoc. Prof. Jouni Ikonen, PhD, Department of Information Technology,

Lappeenranta University of Technology, Е-mail: jikonen@lut.fiVesa Jääskeläinen, MSc. Janne Parkkila. BSc, Department of Information Technology, Lappeenranta University

of Technology, Е-mail: janne.parkkila@lut.fi