1 / 37

A Suite of Schemes for User-level Network Diagnosis without Infrastructure

A Suite of Schemes for User-level Network Diagnosis without Infrastructure. Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern University. Motivation. How do end users, with no special privileges, identify packet loss inside the network with one or two computers?.

elke
Download Presentation

A Suite of Schemes for User-level Network Diagnosis without Infrastructure

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern University

  2. Motivation • How do end users, with no special privileges, identify packet loss inside the network with one or two computers?

  3. Motivation • How do end users, with no special privileges, identify packet loss inside the network with one or two computers? • Take-home • We propose three user-level loss rate diagnosis approaches • The combo of our approaches and Tulip [SOSP03] is much better than any single approach

  4. Outline • Motivation • Related Works • Lossy Link Diagnosis • Fragmentation Aided Diagnosis (FAD) • Algebraic FAD • Opportunistic FAD • Striped Probe Analysis (SPA) • Evaluations • Conclusions

  5. Virtual link Related Work I • Internet Tomography • Multicast based (not practical) • Unicast based • Mimic multicast S The more cooperating end hosts, the shorter the virtual links L4 L1 L2 L3

  6. S S S D D D x Related Work II • Tulip [SOSP03] • Leverage on consecutive IPID • Tend to underestimate forward loss rates • Suffer from the packet loss correlation x id id x x id+1 id+2 id Reverse Loss ? Forward Loss

  7. Outline • Motivation • Related Works • Lossy Link Diagnosis • Fragmentation Aided Diagnosis (FAD) • Algebraic FAD • Opportunistic FAD • Striped Probe Analysis (SPA) • Evaluations • Conclusions

  8. D S R1 R2 Link Diagnosis=> Forward Path Diagnosis • If we can infer the loss rates of forward path F1 and F2, we can infer the link loss rate of l3 F1 l3 l2 l1 F2 • The more diagnosable forward path segments, the better the diagnosis granularity

  9. P R P R R S N S N P1 P2 P1 P2 R Basic Idea of FAD

  10. P R P1 P2 R Algebraic FAD • Let pf and pr be the loss rate of the forward and reverse path respectively (1 - pf)×(1 - pr)=1 – p (1) (1 - pf)2×(1 - pr)=1 – p’ (2) p and p’ are measurable. Solve pf and pr using (1) and (2)

  11. How to Achieve FAD IP Fragmentation • Fragment a packet longer than MTU • Required to be supported in IPv4 • Some routers disable it for security reason • Support of IP Fragmentation • 64,320 router IP addresses probed by using Traceroute • About 80% of routers support IP fragmentation • Degree of Rate Limiting on Responses • 99% of routers allow a rate of 100 probes/s for ICMP Echo, ICMP Timestamp and TCP probes • Response to UDP probe is severely rate-limited

  12. F1 + F’2 P’ aaaaaaaa ccccccccc aaaaaaaacccccccc Opportunistic FAD F1 + F2 P aaaaaaaa aaaaaaaabbbbbb bbbbbbbb

  13. S S N N F1 F’2 F1 F2 F2 F1+F2 R F’2 R’ x Opportunistic FAD No Loss Forward Loss F1+F’2 Similar to Tulip, but OFAD allows large gap between fragments

  14. S p1 R p2 p3 D S Striped Probe Analysis (SPA) • S sends a probe to D and we get the path p1->p2 • S sends UDP packet with a certain TTL so that R returns an ICMP TTL-Exceeded response. Hence we get path p1->p3 p1 p2 S R D p3

  15. P1 P2 D S S Striped Probe Analysis (SPA) p1 R p2 p3 (1) Loss on shared link

  16. P2 P1 D D S S S S R Striped Probe Analysis (SPA) • Success rate of p1≈n1×n2 / (n×n12) • n: number of striped probes sent, • n1: number of P1 received by D, • n2: number of P2 received by S, • n12: number of cases that both P1 and P2 are received • Unbiased if packet loss has perfect correlation and loss rates of different links are independent p1 p1 R p2 p2 p3 p3 (2) Loss on non-shared link (1) Loss on shared link

  17. Summary The current Internet usually has strong but short loss correlation.

  18. Outline • Motivation • Related Works • Lossy Link Diagnosis • FAD • SPA • Evaluations • Conclusions

  19. Evaluation Metrics • Diagnosis Granularity • Weighted average of the lengths of the path’s diagnosable segments • For example, an 8-hop path has two diagnosable segments of length 3 and 5, and then the granularity of the path is (32 + 52)/8 = 4.25 • Accuracy • Estimation error: • Relative error:

  20. Diagnosis Granularity SPA is best FAD ≈Tulip Combo of FAD and Tulip is better

  21. Path-Level Accuracy Evaluation FAD > Tulip > SPA OFAD, Tulip and SPA tends to underestimate loss rates

  22. More Evaluations • Consistency Check • Packet Probe Size Selection • Lossy Link Distribution • More in the technical report http://www.cs.northwestern.edu/~yzh734/

  23. Conclusions and Recommendations • We propose AFAD, OFAD and SPA which can conduct loss rate diagnosis without infrastructure • Tulip, FAD and SPA have different working scenarios • The combination of them can achieve low diagnosis granularity and high accuracy • Recommendations • OFAD+SPA, if we can control the two ends of an end-to-end path • OFAD+Tulip, if we can only control the source

  24. ? ? ?

  25. Thanks! Questions?

  26. Path-Level Accuracy of Combined Schemes

  27. Path-Level Accuracy Evaluation

  28. Path-Level Accuracy of Combined Schemes

  29. IP Fragmentation Is Widely Supported • Router Collection • 64,320 router IP addresses probed by using traceroute from a machine • Support of Different Probes • Support of IP Fragmentation • 90.3% of responsive routers support IP fragmentation • Altogether about 80% of routers support FAD. • Degree of Rate Limiting on Responses • 99% of routers allow a rate of 100 probes/s for ICMP Echo, ICMP Timestamp and TCP probes • UDP probe is severely rate-limited

  30. Packet Transmission Correlation • Choose 100 PlanetLab hosts and randomly measure 5000 paths • Little loss correlation with enough gap

  31. Forward Path Diagnosis => Link Diagnosis • If we can infer the loss rates of forwarding path l1 and P1, we can infer the link loss rate of l2 too. D

  32. Opportunistic FAD • n: number of R12received,n’: number of R’12received • Xi = 0 when forward packetiis lost andXi =1 otherwise • P(X2=1)≈P(X2=1|X1=1)≈n/(n+n’) P1 P1 P2 P2 x R12 P’2 P’2 R’12 (1) (2)

  33. D S R S R S Striped Probe Analysis (SPA) • No fragmented packets needed ! • S sends a probe to D and we get the path l1->l2 • S sends UDP packet with a certain TTL so that R returns an ICMP TTL-Exceeded response. Hence we get path l1->l3 l1 l2 l1 l2 l3 l3 D

  34. P1 P2 D S R S Striped Probe Analysis (SPA) l1 l2 l3

  35. P2 P1 P1 P2 D D S S R R S S Striped Probe Analysis (SPA) l1 l1 l2 l3 l2 l3 (1) No loss (2) Loss on shared link

  36. P1 P2 P1 P2 D D R D S R S S S R S S Striped Probe Analysis (SPA) • Success rate of l1≈n1×n2 / (n×n12) • n: number of striped probes sent, • n1: number of P1 received by D, • n2: number of P2 received by S, • n12: number of cases that both P1 and P2 are received • Unbiased if packet loss has perfect correlation and loss rates of different links are independent l1 l1 l1 l2 l2 l3 l3 l2 l3 (1) No loss (2) Loss on shared link (3) Loss on non-shared link

More Related