A Network Project Course

Based on Network Processors

Peter Steenkiste
Computer Science Department and
Department of Electrical and Computer Engineering
Carnegie Mellon University
Pittsburgh, PA 15213
prs@cs.cmu.edu

Abstract 1 Introduction
A difficult problem in networking courses is to find hands-on Most universities today offer a set of courses on computer
projects that have the right balance between the level of realism networking. The first course is typically an introductory
and complexity. This is especially true for projects that focus on undergraduate course that covers basic concepts such as
the internal functionality of routers and other network devices. routing, error control, flow control, … Advanced courses
We developed a capstone course called “Network Design and
Evaluation” that uses a network processor-based platform for
typically study a smaller set of topics in more depth. They
networking projects. This platform is more realistic than can for example focus on wireless and mobile networking,,
traditional approaches based on software emulation environments routing and traffic engineering, or quality of service. An
or PC-based routers running Unix, but it is significantly less important question is how hands-on assignments or projects can
complex to work with than real commercial routers or even PC- be used to complement lectures and exams. Projects can for
based routers. We are currently teaching this course for the third example teach students how to apply the course material to solve
year, and our experience has been extremely positive. Students practical problems (e.g., how to deal with packet loss). Projects
enjoy the realism of the platform and not only learn a lot about the can also be used to illustrate important concepts, thus improving
internal operation of the network, but also about network the students’ understanding of the course material (e.g., the
configuration and management. importance of congestion control).
In this paper we describe our experience in using a platform based
on a network processor (the Intel IXP 1200 [1]) for course
Categories & Subject Descriptors projects in computer networking. The projects specifically focus
K.3.2 [Computers and Education]: Computer and Information on learning in a hands-on fashion about network internals, e.g.,
Science Education – Computer science education, Curriculum. routers, switches, or special-purpose network devices. A network
C.2.1 [Computer-Communication Networks]: Network processor-based platform is an attractive vehicle for teaching
Architecture and Design – Packet-switching networks, Network because it is more realistic than traditional platforms, namely
communications. software emulation environments or PC-based routers. For
example, the IXP 1200 platform used in our course has a
processor architecture and a memory hierarchy that are optimized
General Terms for use in routers and network devices. These features add a
significant level of realism to the platform, and help students in
Design, Experimentation, Human Factors.
understanding the design and optimization tradeoffs that have to
be made when implementing networks. While real commercial
routers would be even more realistic, they are typically closed
Keywords
systems that are too complex to be used in a course setting.
Network project, Network internals, Pedagogy.
We use network processor-based projects in the context of
“Network Design and Evaluation”, a capstone course taught in the
Department of Electrical and Computer Engineering at CMU. As
such, the goals of the course include teaching the students how to
_____________________ prepare technical documents (design specifications, status reports,
Permission to make digital or hard copies of all or part of this work for ..), how to give presentations, and how to work in teams. The
personal or classroom use is granted without fee provided that copies are course typically involves a mix of seniors and masters students.
not made or distributed for profit or commercial advantage and that copies The course has been very successful and it received good course
bear this notice and the full citation on the first page. To copy otherwise,
evaluation scores.
or republish, to post on servers or to redistribute to lists, requires prior
specific permission and/or a fee. The remainder of this paper is organized as follows. We first
SIGCSE’03, February 19-23, 2003, Reno, Nevada, USA. review some of the requirements for computer networking labs.
We describe the structure of our course in Section 3 and the
Copyright 2003 ACM 1-58113-648-X/03/0002…$5.00.
project component of the course in Section 4. In Section 5, we
explain how we bring the students up to speed on the IXP internal design is in fact very different from that of a real router.
platform. We summarize in Section 6. Another drawback of this approach is that the programming
complexity increases significantly since students now have to
modify the kernel. This also raises security issues. While the use
2 Networking Labs of downloadable kernel modules can alleviate these problems
Hands-on assignments and projects are an essential part of somewhat, our experience is that this approach only works for
teaching computer networking. They can help improving smaller, graduate level courses.
students’ understanding of the course material or they can teach As an alternative to software emulation and PC-based routers, we
the student how they can apply the concepts taught in the course have used a network processor-based platform as the basis for
[2]. Given that computer networking is a fairly broad area, networking projects. Network processors have been designed
projects should target a specific topic or skill. Project will specifically to support high-speed packet processing in routers
typically focus on one of the following aspects of computer and network devices. Combined with a suitable software
networking: environment, they form a very realistic networking platform. The
• Application level programming: use tools such as sockets specific platform we used is an evaluation card for the Intel IXP
to develop distributed applications [4, 5]. 1200 network processor. Intel provides both development tools
and an open runtime environments for the IXP evaluation card.
• Probing the network: use simple applications such as The idea is that students start with a completely functional IP
traceroute and ping to gain insight into the internal operation router, which is one of the sample IXP applications provided by
of the network. When using an operational network, it is Intel. Projects consist of extending the router functionality and
important to make sure that the experiments are non- evaluating the extension.
intrusive. By providing an isolated network [6], it becomes
possible to offer a broader set of experiments. Examples, Our experience shows that this approach has significant
include snooping packets and congestion control experiments advantages. First, the environment in which students work is
that involve flooding. quite realistic. For example, the processor architecture and
memory hierarchy of the IXP 1200 platform are optimized for use
• Network internals: implement protocol stacks or other in routers and other network devices. The IXP1200 is a multi-
network functions, such as firewall functionality, network CPU processor that includes six microengines for packet
address translation, or quality of service. These projects are processing and one general-purpose CPU (a StrongArm) for
often done in the context of an emulation environment [3]. control operations. The memory design has separate memories
• Network configuration and management: configure for packets and control information, and the memory hierarchy is
networks to meet specific requirements. One example is optimized for data streaming instead of cache-based memory
VINTLab [7] at the University of Virginia. access. This means that students can learn in a hands-on fashion
about the design and optimization tradeoffs for network devices.
Our focus is on the third topic, i.e. gaining experience in Second, since they are using real hardware, students can use real
implementing and improving internal network functions. The application and traffic generators to evaluate their project.
most common way of supporting this type of project is to provide Finally, students get to put together and configure their own
students with a software emulation environment that implements network, so they learn, for example, how to configure interfaces
the operating system functionality that is needed by the network, and the differences between various types of cables and
e.g., timer functions, buffer management, and packet-level connectors.
read/write access to one or more network interfaces. These
functions implicitly also model the hardware. The students can Commercial routers would, of course, be an even more realistic
then implement protocols and other network functions, calling platform for projects. However, while they may be appropriate
these built-in functions as needed. for use in labs that focus on network configuration and
management, they are not a very practical platform to teach about
The software emulation approach has many advantages. First, network internals. First, commercial routers are typically closed
students can fairly quickly build and test network protocols, and systems, i.e. we cannot get access to the code and development
gain insights in some of the finer points of protocol tools. Second, even if we had access, we believe that the systems
implementation. This approach also scales well to larger class would be too complex to be of practical use in a course setting.
sizes. We have for example used software emulation-based
projects in the CMU Computer Science “Computer Networking” We have significant experience in using network processors in a
course, a senior-level course with 100+ students. However, there project-oriented course, as we describe in the remainder of this
are also some disadvantages. First, the software emulation paper. One of challenges is that students have to go through a
environment typically does not present a very realistic picture of fairly steep learning curve, although in practice, this is quite
the internals of routers and network devices. Second, it is manageable (Section 5). However, because of this learning curve,
sometimes difficult to run real applications on top of emulation doing smaller scale projects (e.g. one week programming
environments, further reducing the level of realism. Finally, assignments) is much more difficult. One possibility is to use
emulation environments only support certain types of projects, simulators of network processors for smaller programming
specifically projects that are not sensitive to timing. Projects on assignments, thus avoiding the overhead of learning how to set up
topics that are performance-oriented or timing sensitive (e.g. the hardware.
congestion control) cannot easily be done this way.
An alternative is to use PC-based routers running Linux or 3 Course Description
FreeBSD as the platform for course projects. This significantly
increases the level of realism (e.g. packets flow over real wires We describe the goals and structure of our capstone course.
and it is possible to run real applications). However, while a PC-
based router is real in the sense that it forwards packets, its
3.1 Course Goals is that it difficult to adjust the degree of difficulty of the project to
We have used network processor-based projects in a capstone the student background, which is an issue in a course that has both
course on “Network Design and Evaluation” in the CMU ECE seniors and potentially very mature graduate students. However,
department for the last three years. The goals for the course are when using IXP-based projects in a short amount of time as part
driven in part by the capstone nature of the course. Specifically: of a broader course, this option is definitely the way to go.
The option we use is to let students define their own projects.
• Students gain an in-depth understanding of both the
This is more work for the instructors and there is a higher risk for
functionality and implementation options of a specific
“failed” projects, i.e., projects that turn out to be impractical.
networking aspect, such as network QoS, security, … They
However, it has the big advantage that students feel like they own
also learn about other networking topics through
their project. As a result, they are more likely to take initiative. A
presentations on other class projects.
side effect of having teams pick their own projects is that the
• Students learn how to take an idea and turn it into a working students are responsible for finding the necessary background
system by going through a full project definition, design, information to execute the project. While the instructors can (and
implementation, and evaluation cycle. The skills developed should) of course provide pointers to relevant material, it is not
are not only system building skills but also how to give possible to have a prepared reading list on every conceivable
presentations and write project documents. project topic. Having to decide what material is relevant and what
• Students learn how to work in teams and do project material is not is an important learning experience.
management (e.g. set milestones, coordinate with team The projects proposed by each team of students must consist of
members). three interacting network components. A first component is a data
plane component, i.e. a network element that is involved in
processing packets that are forwarded by the router. This
3.2 Course Structure component will be implemented on the microengine. Examples
The course has three components. The main component is of include a packet scheduler that supports quality of service, or
course the capstone project. The second component is a set of packet filtering for a firewall. The second component is a control
lectures, lab sessions, and programming assignments that are plane component that manages and controls the above data plane
designed to bring the students up to speed on the IXP 1200 function. Examples are a signaling protocol that sets up the QoS
platform. We describe these two course components in more packet scheduler, or a management interface for a firewall. A
detail in Sections 4 and 5. third component is one or more applications that stress the new
network feature. For example, a video streaming application that
The last component is a set of lectures on router architecture and
uses a connection with a bandwidth guarantee, or an application
network processors that give students insights in the design and
that tries to break into a network protected by a firewall.
implementation of network devices, other than the IXP-based
platform they use for their project. This course segment consists It turns out that there are a small number of topics that are obvious
of a set of 3 or 4 lectures that can be given at any time during the candidates for projects. They include: firewalls, NAT, RED and
semester. The lectures cover architectures for both low-end and ECN support, and QoS support. However, students sometimes
high-end routers, network devices (e.g. NATs, firewalls, web come up with more creative topics, e.g. source-based routing,
front-ends) and also include a survey of network processor porting RSVP, or IP traceback to stop denial of service attacks.
architectures.
4.3 Milestones
4 The Capstone Project The goal of the course is not just to implement a project, but also
We look in detail at how the course projects are defined and to gain experience in writing documents and giving project
managed. presentations. Students get written feedback on both the
documents and the presentations. I have observed how for most
teams, the quality of the documents and presentations improves
4.1 Project Structure throughout the semester. The table below lists the timing of these
Small teams of 2-4 students develop a router extension, using an deliverables.
IXP 1200-based router as a starting point. The students have to
go through a design, implementation, and evaluation phase, and at Week 2 One-page project proposals due
each stage they have to write documents and give presentations
describing their work. Week 4 Project design documents due
Week 5 Design presentations
4.2 Project Definition Week 8 Status presentations
There are two ways of organizing projects in this type of course. Status reports due
The first option is to have teams execute a predefined project. Week 12 Status presentations
There might be one project that is executed by all teams or teams Status reports due
can choose from a small number of predefined projects. The Week 14 Draft final report
advantage of this approach is that it is easier for the instructor to End semester Demos and final presentations
prepare and it is less likely that there will be surprises later in the Final reports due
semester since projects can be tried out beforehand. The
drawback is that the project may feel like a large programming
assignment and may not engage the students. Another drawback
The design document must cover: projects goals, design of
extension, related work, project plan including milestones and
tasks for each team member, evaluation plan including metrics,
and a discussion on risks. The status reports are shorter and cover
results obtained so far, plus a discussion of any changes to the
original plan (goals, design, …). The final report includes goals,
design, a detailed description on the implementation, and
evaluation results.
It is also useful to schedule regular (roughly once every 2 weeks)
one-on-one status meeting with each team, where the instructor
meets with the team to go over the project status. These meetings
tend to be more useful for talking about problems and open issues
than the in-class presentations, where there is typically not enough Figure 1: lab station
time for in-depth discussion.
Another goal of the course is to teach students about project
management, i.e. planning the project execution, working in 5 Bringing students up to speed
teams, and dealing with set backs, such as unanticipated platform One of the challenges in using a realistic platform such as the IXP
limitations, design shortcomings). The milestones associated with 1200 evaluation card for course project is that students face a
the above schedule requires the students to plan ahead and their steep learning curve.
design document must include a project plan that lists milestones
and the responsibilities of each team members. Given the
structure of the projects, it often makes sense for team members to 5.1 Lectures and lab sessions
specialize. For example, one student focuses on the control plane During the first three weeks of the semester, we use a sequence of
while the other takes charge of the data plane. Breaking up a lectures and lab sessions to familiarize the students with the
project is not only a good way of organizing the implementation - platform. Three aspects of the platform are covered:
it also has the advantage that the students only have to learn the
details of part of the IXP platform. • The architecture of the microengines that implement the data
forwarding path and the programming tools that are used to
program the microengines. These tools include a
4.4 Lab Setup programming environment and a cycle-accurate simulator.
The specific platform used in the course is an evaluation platform • The software environment on the StrongArm that supports
for the IXP, called Bridalveil. It is a PCI card that has an the router control plane. This includes mechanisms for
IXP1200 chip, static and dynamic memory, and the necessary communication between the microengines and the
buses. It has four 10/100 Ethernet interfaces. We use the L3 StrongArm; communication can be based on message
Forwarder project, so the card behaves as a small 4x4 router. In passing or shared memory.
our configuration, the StrongArm core runs Linux. The host • The design of the router software that is used as the starting
machine also runs Linux and it uses a PCI driver to manage the point for the projects.
IXP device (e.g. download code, monitor card, ..).
The readings for these lectures and lab sessions consist of
Each team in the course has its own hardware set up to work with. chapters from the textbook [8] and selected sections of the IXP
Figure 1 shows the hardware set up that is used in the beginning documentation. The readings have two goals: give the students a
of the semester. It consists of a Bridalveil card hosted by a Linux high level overview of the IXP system and familiarize them with
PC. Two other Linux PCs have a second network interface card the organization of the documentation so they can look up
(NIC) that connect them to the Bridalveil card. As a result, the information as they need it throughout the semester. Students
Bridalveil card is at the heart of a teaching network that is have access to the full set of documentation both electronically
separate from the departmental network. The students can and in the form of hardcopies made available in the teaching lab.
experiment with (configure, break) the teaching network, but not
the departmental network. Besides the 3 Linux PCs, each team
also has access to a Windows 2000 PC that runs the IXP software 5.2 Programming Assignments
development environment. Each machine is connected to the The lectures and lab sessions are complemented by a sequence of
ECE departmental network for access to remote file systems, the programming assignments that are designed to make the students
Web, .. feel comfortable with the platform and software tools. The
This simple set up is sufficient to do a lot of development and programming assignments are for that reason very simple. As an
testing. Later in the semester, more NICs and Bridalveil cards are example, this year (Fall 2002) we are asking student to do some
added to test projects over larger networks. For even larger scale special processing for packets that have a “Type of Service”
testing, teams can combine their hardware. (TOS) field with a specific value. We use a sequence of three
The configuration of the teaching network is under the control of programming assignments:
the students. For example, students can change the network 1. Modify the data forwarding code on the microengines to
topology, configure the network interfaces, and set up the routing identify packets that have their TOS field set to the specific
tables. Students do not have root access on the Linux hosts value and to replace the TOS field by a different value. This
because of CMU rules for teaching labs. Instead, students are first assignment must be done in the software development
given selective use of privileged commands using the “sudo” environment, using the IXP simulator for testing, i.e. it does
support provided in Linux. require access to the hardware.
2. Extend the first assignment to count the number of packets work with than real commercial routers or even PC-based routers.
that are modified and to make that count available to the We are currently teaching this course for the third year, and our
control plane code running on the StrongArm so it can be experience has been extremely positive. Students enjoy the level
printed out. This requires the use of microengine-StrongArm of realism of the platform and not only learn a lot about the
communication based on shared memory. internal operation of the network, but also about network
3. Execute the result of programming assignment 2 on the configuration and management.
hardware and verify its functionality. The Linux hosts are
used to send packets with different TOS fields through the
Acknowledgements
IXP router running the students’ projects. The receiving host
can check the TOS fields in the received packets, while the The development of this course was made possible in part by
number of modified packets can be monitored from the support from Intel. I would also like to thank Petcharat
command shell executing on the StrongArm. Suriyachai and Haoyu Zhou, who were my teaching
The starting point for the assignment is the router project code, assistants in the first two years, Nimit Sawhney, and Dirk
which is also the basis for the capstone projects. Brandewie for all their help.

5.3 Discussion References

While the learning curve initially looked like a major issue, it has [1] The Intel IXP1200 Processor Family. Available at:
not been a stumbling block in practice. One reason is that the http://www.intel.com/design/network/products/npfamily/ixp
students have to become familiar with only a limited number of 1200.htm
features of the platform. For example, a team working on a [2] Comer, D.E. Hands-On Networking with Internet
routing project can largely ignore the details of how packets are Technologies, Prentice Hall, 2002.
queued on the outgoing interfaces. On the other hand, a team
working on quality of service does not have to understand how the [3] Carniani, E., and Davoli, R. The Netwire Emulator: A Tool
routing table is organized. Some of the more complex modules of for Teaching and Understanding Networks, The 6th Annual
the system, such as the modules that manage the network SIGCSE/SIGCUE Conference on Innovation and
interfaces, can be ignored by everybody. Another reason why the Technology in Computer Science Education (ITiCSE 2001),
complexity of the platform is manageable is that once the project June 25-27, 2001.
designs have been completed, team members can focus on their [4] Shay, W. A Multiplatform/Multilanguage Client/Server
part of the project. Project, The 33rd Technical Symposium on Computer
The complexity of the platform may in fact add some value to the Science Education, February 27-March 3, 2002.
course. My experience in working with junior graduate students [5] Mitchener, W., and Vahdat, A. A Chat Room Assignment
and programmers is that for many systems, the problem when for Teaching Network Security, The 32rd Technical
starting to use a new system is often not lack of documentation Symposium on Computer Science Education, February 21-
but abundance of documentation. Being able to figure out what 25, 2001.
part of the documentation is relevant to completing a specific task [6] Hill, J., Carver, C., Humphries, J., and Pooch, U. Using an
is an important skill. Many students, however, never have to deal Isolated Network Laboratory to Teach Advanced
with this problem since courses typically provide very specific Networking, The 32rd Technical Symposium on Computer
reading lists. Science Education, February 21-25, 2001.
The complexity of the platform does however create a problem [7] Liebeherr, J. VINTLab, description available at
for shorter term programming assignment that are given, for http://www.cs.virginia.edu/wintlab/index.html.
example, as part of an introductory networking course. For such
courses, it is probably preferable to use programming assignments [8] Johnson, E.J., and Kunze, A.R. IXP1200 Programming.
that use the simulation environment. Intel Press, 2002.
A more significant challenge is bringing teaching assistants up to
speed. First, students expect TAs to be very knowledgeable about
the platform. Moreover, since the TAs support a diverse set of
projects, they must deal with a wider range of system features
than the students. The best solution is of course to use TAs that
have taken the course in a previous year.

6 Conclusion
In this paper we described our experience in using a network
processor-based platform for capstone projects that focus on
implementing or extending the internal functionality of routers
and other network devices. We believe that this approach
provides the right balance between the level of realism and
complexity. This platform is more realistic than traditional
approaches based on software emulation environments or PC-
based routers running Unix, but it is significantly less complex to