Download presentation source

Project Octopus: Network
Topology Discovery
Rachit Siamwalla
Rosen Sharma
MONET : Cornell Department of
Computer Science
Goals

To discover the topology of an existing network given
little or no information.

This would allow SurReal -- a network simulation
system -- to simulate the network and gather valuable
data about bottlenecks.

This is a small part of an integrated project to
discover, simulate, visualize and manage complex
networks.
Algorithms


Currently we have three algorithms that determine
network topology.
All of them have the same general strategy:
– Come up with a temporary set of hosts in the network that
may or may not exist
– Go through each host and determine whether they really do
exist. If they exist:
• Add to permanent set.
• Use some heuristics on those hosts to find more hosts which
are added to the temporary set. Go back to step 1.
Algorithms
Temporary Set
Heuristic
Permanent Set
Algorithm 1
DNS ls is a simple query to
a name server that returns
a list of all the hosts it
thinks is in a domain
DNS ls
Ping is when you send a
special packet sent to a
machine. If it is alive, it will
send a response
ping
Permanent Set
Directed
Broadcast Ping
Broadcast ping is a ping
packet addressed to an
entire subnetwork. All hosts
on that network should
reply to the message
Algorithm 1: Analysis

Strengths
– Relatively weak assumptions
 Weaknesses
– It is quite slow. Subnet guessing for each
host is quite expensive in time.
– Ping broadcast is not supported in many
domains (for example, to avoid smurfing)
Algorithm 2
Figures out default router
of machine algorithm is
run
netstat
Ping hosts and add to
permanent set
ping
Permanent Set
SNMP Query
SNMP allows us to talk to
a machine and ask it about
connected routers and
hosts.
Algorithm 2: Analysis

Strengths
– Returns the most information
– Fast
– Quite simple
 Weaknesses
– Has the strongest assumption of all of the
algorithms. Many domains restrict access
to SNMP due to security reasons.
Algorithm 3
Figures out default router
of machine algorithm is
run
netstat
Ping hosts and add to
permanent set
ping
Permanent Set
Random Probe
look at the first few IP
addresses in the subnet.
Usually many routers are
configured to have the first
few addresses in a subnet.
Results

CUCS network
– Algorithm 1 and 2 worked fine.
– Algorithm 3 did not detect all routers and hosts because the
probe wasn’t perfect.

Cornell network
– Algorithm 1 worked OK -- it found most of the hosts, except
subnet guessing failed.
– Algorithm 2, in theory should work, but SNMP access was
broken on the network.
– Algorithm 3 did not work because some crucial routers could
not be found and subnet could not be guessed.
DNS ls
Algorithm 4
Ping hosts and traceroute to
to determine subnet.
traceroute
Permanent Set
traceroute
Traceroute also returns
intermediary routers to
check for more hosts.
Future Work


We can also remove the DNS ls assumption off
algorithm 4 by using the Bellcore trick of randomly
sampling IP addresses in a given range. Once we
traceroute those random IP addresses, we are sure
to find most, if not all of the routers in the network.
Eventually all these algorithms will be merged into
one big hybrid algorithm that can be used in any
network under any circumstances.