1 / 14

MGRID: Network Testing and Performance

Charles J. Antonelli Center for Information Technology Integration University of Michigan. MGRID: Network Testing and Performance. MGRID NTAP Project. NTAP : Network Testing and Performance

erol
Download Presentation

MGRID: Network Testing and Performance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Charles J. Antonelli Center for Information Technology Integration University of Michigan MGRID: Network Testing and Performance

  2. MGRID NTAP Project • NTAP : Network Testing and Performance • Purpose : provide a secure and extensible network testing and performance tool invocation service at U-M • Service based on Globus • Runs on dedicated nodes attached to routers in a VLAN environment

  3. MGRID Architecture MGRID Portal User Workstation Apache SSL – Client Certificate required mod ssl Browser 3 libpkcs11 mod kct Kerberos V5 4 KCT mod kx509 kx509 Kerberos 2 5 KCA kinit mod php mod jk Kerberos KDC 1 6 Tomcat GSI Grid Resource LDAP CHEF 6 Authorization SASL GateKeeper 7 Resource Mng LDAP SASL Authorization Resource 8

  4. MGRID NTAP Project • Initial work implemented a bandwidth reservation tool: • Securely modifies network switch configurations to provide differentiated services • Based on GARA • “General-purpose Architecture for Reservation and Allocation” • Layered on Globus • Implements role-based authorization • Includes scheduler for future reservations

  5. MGRID NTAP Project • Added modular, fine-grained authorization • Added signed group membership(s) to reservation data • Now provides two authorization methods: • Keynote policy engine / AFS PTS group service • PERMIS policy engine / LDAP group service • Generalized from bandwidth reservations to the ability to run securely arbitrary programs at a Grid service endpoint • Designed to easily add functionality • Network testing tools being used now • Iperf, traceroute, ping, owamp, etc

  6. Flat File AFS PTS PERMIS MGRID NTAP Architecture Host A Host B Router 1 Router 2 Router 3 Web Portal GSI GSI GSI PMP 1 PMP 2 PMP 3 Attribute Callout

  7. MGRID NTAP Project • Multihomed PMP support • One routing table per VLAN • Routing policy selects routing table based on source address of outgoing packet • Emulates a default route per virtual interface • Path discovery • Use traceroute to obtain routing information • Use network topology databases to map network segments to PMP pairs

  8. MGRID NTAP Project • PERMIS authorization • User, Target, Action • Attribute, policy certificates • Policy engine • Production hardening • Error handling/recovery • Cleanup/restart • Log file management • Deployment packaging

  9. MGRID NTAP Project • Performance measurement • Deployment to ITCom lab • Output Database • Permanent, secure storage of results • Searches and aggregations • Throughput/latency matrix • Host Endpoint Testing • The “last mile” segment • Secure download of signed binaries

  10. Host A Host B 192.168.10.19 192.168.20.99 R1 R2 192.168.10.1 10.1.1.1/30 10.1.1.2/30 192.168.10.50 192.168.20.50 PMP 1 PMP 2 MGRID NTAP Project Demonstration

  11. MGRID NTAP Project Performance test, step 1 • locate the first PMP, the performance machine “nearest” to the tester

  12. MGRID NTAP Project Performance test, step 2 • discover network path (i.e. routers)

  13. MGRID NTAP Project Performance test, steps 3, 4, …, n • run pairwise tests between “adjacent” PMPs • ideally, this will capture hop-by-hop network data • sometimes there are network “holes” • lastly, timestamp and store the output for post-processing (generate graphs, check for empirical anomalies, etc)

  14. Any Questions? http://mgrid.umich.edu

More Related