1 / 19

Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks

Measurement. Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks http://www.cs.princeton.edu/courses/archive/fall14/cos561/. Why Measure?. Managing protocols Generating reports Diagnosing problems Tuning network configuration Planning future capacity

wilma-herrera
Download Presentation

Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Measurement Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks http://www.cs.princeton.edu/courses/archive/fall14/cos561/

  2. Why Measure? • Managing protocols • Generating reports • Diagnosing problems • Tuning network configuration • Planning future capacity • Evaluating protocols • Characterizing protocol behavior in the wild • Creating realistic models to drive protocol evaluation

  3. What to Measure • Traffic • Routing • Topology • Performance

  4. Traffic Measurement

  5. Shared media (Ethernet, wireless) Multicast switch Host A Host C Monitor Host A Host B S w i t c h Host B Monitor Monitor Splitting a point-to-point link Router B Router A How to Monitor a Link Line card that does monitoring Router A

  6. Subselecting the Traffic • Look at a subset of the packets • Filter on packet-header fields • Sample packets (e.g., 1 out of 1000) • Collect the first n bytes of packet • Medium access control header (if present) • IP header (typically 20 bytes) • IP+UDP header (typically 28 bytes) • IP+TCP header (typically 40 bytes) • Application-layer message (entire packet) • What can you learn?

  7. Data Analysis Challenges • Mapping IP addresses to names, users, institutions • Mapping transport port numbers to applications • Reconstructing application messages from packets • Missing data (sampling, monitor overload) • Routing changes • Asymmetric routing

  8. Data Aggregation: Flow Monitoring • Grouping packets into flows • Packets with the same header fields • Close together in time • Approximating a “conversation” • Without access to the end-hosts • E.g., NetFlow, sFlow flow 4 flow 1 flow 2 flow 3

  9. Recording Flow Statistics • Packet header fields • Source and destination IP addresses • Source and destination TCP/UDP port numbers • Other IP & TCP/UDP header fields • Location • Input and output ports • Aggregate statistics • Start and finish time • Number of bytes or packets • Summary of TCP flags SYN ACK ACK FIN finish start 4 packets 1436 bytes SYN, ACK, & FIN

  10. Network-Wide Traffic Measurement • Observe directly as packets flow • Observe at ingress and project to paths • Infer from link loads and routing fine grained: path matrix = bytes per path current state &traffic flow predicted control action: impact of routing traffic matrix = bytes per ingress-egress

  11. Routing

  12. Monitoring the Routes • Control plane • Routing-protocol messages • Techniques • Dump state from one or more routers • Participate in the routing protocol • Collect packets from routing-protocol messages • Challenges • Cooperation of the network administrator • Collection from enough vantage points • Delays in propagating routing messages

  13. Monitoring Link-State Routing • Flooding of link-state advertisements • All routers knows the entire topology • Can dump the state of any router • Monitor can participate in the routing protocol • Can collect the routing-protocol messages 2 1 3 1 4 2 1 5 4 3

  14. Monitoring Path-Vector Routing • Propagating a path to each neighbor • A router knows the path used by each neighbor • Monitor can become a neighbor of a router • Multiple vantage points to achieve coverage BGP session Monitor BGP session

  15. BGP Table (“show ip bgp” at RouteViews) NetworkNext HopPath * 3.0.0.0/8 205.215.45.50 4006 701 80 * 167.142.3.6 5056 701 80 * 157.22.9.7 715 1 701 80 * 195.219.96.239 8297 6453 701 80 * 195.211.29.254 5409 6667 6427 3356 701 80 *>12.127.0.2497018 701 80 * 213.200.87.254 3257 701 80 * 9.184.112.0/20 205.215.45.50 4006 6461 3786 * 195.66.225.254 5459 6461 3786 *>203.62.248.41221 3786 * 167.142.3.6 5056 6461 6461 3786 * 195.219.96.239 8297 6461 3786 * 195.211.29.254 5409 6461 3786 AS 80 is General Electric, AS 701 is UUNET, AS 7018 is AT&T AS 3786 is DACOM (Korea), AS 1221 is Telstra

  16. Measuring the Forwarding Path • Data plane • What path is the traffic taking • Techniques • Extract the forwarding-table state • Record the path as the packet travels • Infer the path from end-to-end measurements • Challenges • Cooperation of the network administrator • Routing changes during the measurement • Overhead of collecting the data

  17. TTL=2 Traceroute • Time-To-Live field in IP packet header • Source sends a packet with a TTL of n • Each router along the path decrements the TTL • “TTL exceeded” sent when TTL reaches 0 • Traceroute tool exploits this TTL behavior Time exceeded TTL=1 destination source Send packets with TTL=1, 2, 3, … and record source of “time exceeded” message

  18. From My House to Princeton CS • 1 192.168.0.1 (192.168.0.1) • 2 c-68-37-226-1.hsd1.nj.comcast.net (68.37.226.1) • 3 xe-2-1-0-sur01.hillsboro.nj.panjde.comcast.net (68.85.119.149) • 4 ae-18-0-ar03.plainfield.nj.panjde.comcast.net (68.85.62.65) • 5 he-3-10-0-0-cr01.newyork.ny.ibone.comcast.net (68.86.93.225) • 6 he-0-12-0-0-pe03.111eighthave.ny.ibone.comcast.net (68.86.83.106) • 7 be7922.ccr21.jfk10.atlas.cogentco.com (154.54.13.161) • 8 be2057.ccr22.jfk02.atlas.cogentco.com (154.54.80.177) • 9 te0-0-2-1.rcr12.phl03.atlas.cogentco.com (154.54.27.118) • 10 te0-0-2-1.rcr12.phl03.atlas.cogentco.com (154.54.27.118) • 11 38.122.150.2 (38.122.150.2) • 12 core-87-router.princeton.edu (128.112.12.130) • csgate.princeton.edu (128.112.12.58) • ...

  19. RocketFuel Paper Discussion

More Related