Download ITC2015 Advanced Network Tap application for

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
Document related concepts

Multiprotocol Label Switching wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Parallel port wikipedia , lookup

RapidIO wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Distributed firewall wikipedia , lookup

Asynchronous Transfer Mode wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Net bias wikipedia , lookup

Computer network wikipedia , lookup

IEEE 1355 wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Deep packet inspection wikipedia , lookup

Airborne Networking wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Packet switching wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Network tap wikipedia , lookup

Transcript 
Advanced Network Tap application for
Flight Test Instrumentation Systems
Øyvind Holmeide/Markus Schmitz
10/26/2015
by
Network taps
Why network tap?
• Relevant when the operational network and mission
network, (e.g. FTI) are two different networks
• Mission network shall not interfere with the operational
network
• No need to duplicating/installing a specific FTI data
acquisition system to receive this data
Filtering
• Tap filtering packets based on:
–
–
–
–
Layer 2, MAC/VLAN
Layer 3, IP addresses (source or destination)
Layer 4, UDP port numbers
Layer 7, Payload parameter.
Ethernet Network Taps
Two types of Ethernet Network Taps:
1. End Point Tap
2. Inline Tap
End point Tap
Operational Network
Network
element 1
Operational
Network
switch
Network
element 2
Network
element 3
Monitoring
device 1
End point Tap
CM1600
used as tap
Monitoring
device 2
Monitoring
device 3
Inline Tap
• Network Tap is part of the operational network
• One or two mirror ports
• Two mirror ports means:
– No packet loss
– Minimal latency through the tap
Inline Tap
How to monitor the traffic sent to/from an End node?
End node
Solution:
The inline Tap is used to tap the
Ethernet traffic sent to/from an
end node and forwarded to a
monitoring unit. The traffic sent
to the monitoring unit can also
be filtered
TAP Function
Monitoring device or
recorder
Switch
Port Mirroring vs Network Tap
Why not use a standard operational switch with port mirroring as an
Inline Tap?
Not a good idea, because:
• Switch packet scheduler grants the Switch Port Mirroring function
lowest possible priority
• Switch Port Mirroring will be disabled in case of congestion with
packet loss on the monitoring port as a result.
• Switch Port Mirroring might require switch resources that can
load the switch and lead to reduced switching performance.
Latency Aspects of Inline Taps
• An Inline Tap will increase the network latency, but:
– network tap latency in TAP mode, will not depend on the network load
on the Inline Tap.
– The Inline Tap latency depends on the port speed, packet length and a
general static latency of a few microseconds.
– The network tap latency in case the Inline Tap is running in BYPASS
mode, is close to zero.
• Full egress bandwidth of tap port 1 is allocated to the ingress
data received on the tap port 2 and vice versa:
– Therefore not latency jitter introduced due to packet queueing
Safety
• No Traffic flow back into the operational network, as
– The mirror ports of the Inline Tap can receive data, but this
data can only be sent to the CPU of the Inline Tap.
– Therefore, data from the FTI system cannot flow back into
the ONS system.
Time Stamping of Mirrored Data
• Implementation of IEEE1588 PTP Slave Clock or a NTP/SNTP
client to use for time stamp generation at the tap level
• Time Stamping of Mirrored Data critical if tapped data is not
directly sent to a recorder
• Tapped data should be time stamped as close to the source
as possible
• Time stamp inserted by time stamp module, either in packet
header or in packet payload.
• Preferably, and before being inserted into the packet, the time
stamp generated for a particular packet is adjusted for the
propagation delay between the sending node and the network
tap element.
Advanced Inline Tap Applications
• Packet filtering based on e.g. VLAN id
• Bypass function to/from tap port 1 and tap port 2,
where Bypass mode is entered if tap is:
– Without power
– Malfunction detected or BIT failed
• Time stamping of mirrored packets where
the time stamps are inserted into the packets
Advanced Inline Tap + End Point Tap
• Inline Tap forward mirrored data to the End Point Tap
• End Point Tap filters the data with different filtering rules for the
monitoring ports
Conclusion
• Advanced Inline Network Tap, supports:
– No packet loss if separate ports are used for uplink and
downlink
– Static latency
– BYPASS and TAP mode; i.e. Tap can be part of operational
network
– Packet filtering
– Time stamping of mirrored packets
Questions?
Related documents
402 Statistical Calculations – Frequency Table
402 Statistical Calculations – Frequency Table
082 Random Sample From Normal Distribution
082 Random Sample From Normal Distribution
474 Binomial Distribution Calculations
474 Binomial Distribution Calculations
The Tap Dancing Mermaid 13.2.16
The Tap Dancing Mermaid 13.2.16
CP744 Cyclic Quadrilaterals
CP744 Cyclic Quadrilaterals
Slides - EECG Toronto - University of Toronto
Slides - EECG Toronto - University of Toronto
CP571 Simulating Distribution Of Sample Proportion
CP571 Simulating Distribution Of Sample Proportion
PDF
PDF
American and British English
American and British English
PDF
PDF