1 / 15

TUNDRA The Ultimate Netflow Data Realtime Analysis

TUNDRA The Ultimate Netflow Data Realtime Analysis. Jeffrey Papen Yahoo! Inc. Source and Destination AS bandwidth analysis Transit AS bandwidth analysis Custom AS macros: Bandwidth forecasting, peering merit analysis Billing Formulas for cost/ benefit budget analysis.

elana
Download Presentation

TUNDRA The Ultimate Netflow Data Realtime Analysis

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TUNDRAThe Ultimate Netflow Data Realtime Analysis Jeffrey Papen Yahoo! Inc.

  2. Source and Destination AS bandwidth analysis Transit AS bandwidth analysis Custom AS macros: Bandwidth forecasting, peering merit analysis Billing Formulas for cost/ benefit budget analysis Analyze usage for local servers or services - Charge Back Billing Symmetric Network Performance Analysis: latency and packet loss AS path hop count stats DOS attack detection All in Real Time TUNDRA Features

  3. Empirical Data Prove that network performance increases Prove that network reliability increases as AS hops decrease Cost/Savings analysis for new peer or transit Know how much bandwidth a peer will use before (or after) you turn link up – determine private vs. public peering need Focus and Order peer hit list – who should you go after? Business case to document support for peers that say No. Why should you care about TUNDRA?

  4. Why Call It TUNDRA?

  5. 49,000 subnets processed in 2 – 3 minutes Continuously exporting flows 500Mb/sec in + out in 15 minutes generates approx 5,244,216 flows (288 MB). Processed in 21 seconds @ 248,724 flows/sec Polls Interfaces. Stores to local DB Flow % * SNMP stored in central DB MySQL Database Zebra Server Router SNMP Poller Collector/ Processor

  6. Flow Data TUNDRA Displays

  7. Port Out

  8. Protocol Out

  9. Bandwidth Out

  10. Transit Data All outbound flows have destination IP Each Destination Subnet learns AS path from Zebra BGP table - AS padding removed Zebra BGP table is identical to actual routes used on local router(s) Local BGP data reflects immediate policy changes with no performance impact or security threat to production routers

  11. Destination vs. Transit Traffic – UUNet

  12. AS Hop Count Table

  13. Performance Analysis • ICMP Ping vs. TCP packet with bogus SYN/ACK • Testing is done from your network’s perspective • Route-Maps on collector interface • Simultaneous testing of multiple paths to same target AS • No continuous IBGP flapping from /32 updates • No adding and removing /32 static routes • No 3rd party remote applications logging onto routers • Looking Glass server (www) for troubleshooting

  14. TUNDRA Next Steps • White Paper – No, I really mean it! • I’m looking for help – this is a hobby, not my job • Maintainers to finish baking code and configuration • Release to Internet community • Licensing is GPL + please peer with Yahoo! 

  15. Questions? Jeffrey Papen jpapen@yahoo-inc.com jeffrey@papen.com

More Related