This is to announce that Cento 2.0 is out! This new major release introduces many new great features.
First of all it adds support for offloading flows to Napatech SmartNICs featuring Flow Manager. This new feature has been presented at IEEE HPSR (IEEE International Conference on High Performance Switching and Routing) and demonstrated to provide a significant performance boost and dramatically reduce the PCIe and memory bandwidth utilisation when processing 100 Gbit (or more) links with full-speed traffic. This can be used both by standard cento to accelerate passive monitoring, and cento-bridge to accelerate packet forwarding and reduce latency (also in combination with the new zero-copy packet forwarding support).
This release also adds support for Avro serialization when exporting flows to Kafka, in addition to the JSON serialization. Support for custom templates has also been introduced to select the Information Elements to export when exporting to Kafka, both with Avro and JSON serialization formats.
From the long list of major improvements, it is worth to mention also the ability to configure, for each application protocol, a specific destination interface or queue when running cento in IDS mode, in combination with load-balancing. In addition to this, cento-ids is also now able to bufferize packets per flow, to store packets in memory until the layer-7 protocol has been detected, to make sure all packets for the flow are sent to the same/expected egress interface when a destination is configured per application protocol.
Please check the changelog below for the full list of new features and improvements.
Enjoy!
Changelog
New Features
- Flow table offload on Napatech adapters with Flow Manager support (–flow-offload option), on both passive and bridge mode
- Avro flow serialization when exporting to Kafka (–avro option)
- Template support (–template option) to select the Information Elements when exporting JSON or Avro to Kafka
Improvements
- Add supprot for zero-copy packet forwarding on Napatech adapters (–tx-offload option)
- Add support for interface notation with no rss queues on second interface (e.g. nt:stream[0-1],nt:1)
- Add support for bridging on a single interface (packet bouncing)
- Add support for shunting and slicing (via rules file) in bridge mode
- Add support for configuring egress interfaces or queues as actions in rules configuration when balancing traffic in ids mode
- Add support for buffering packets (per flow) in ids mode (–balanced-egress-buffer option)
- Add support for blacklists (–blacklists option)
- Add IMSI aggregation and caching using redis
- Add ability to load public TLD domain names
- Add support for GRE Transparent Ethernet Bridging
- Add UUID to exported metadata
- Improve Geolocation support with MaxMind DB
- Improve ZMQ export with high flow rate
- Optimize nDPI support
Fixes
- Fix PPPoE support
Misc/Changes
- Disable cento auto start on first install
- Add nDPI package dependency
- Add cento user to the ntop group
- Add libavro dependency
- Migrate from json-c to jansson due to Avro incompatibility
- Package for Ubuntu 24