Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Project Octopus: Network Topology Discovery Rachit Siamwalla Rosen Sharma MONET : Cornell Department of Computer Science Goals To discover the topology of an existing network given little or no information. This would allow SurReal -- a network simulation system -- to simulate the network and gather valuable data about bottlenecks. This is a small part of an integrated project to discover, simulate, visualize and manage complex networks. Algorithms Currently we have three algorithms that determine network topology. All of them have the same general strategy: – Come up with a temporary set of hosts in the network that may or may not exist – Go through each host and determine whether they really do exist. If they exist: • Add to permanent set. • Use some heuristics on those hosts to find more hosts which are added to the temporary set. Go back to step 1. Algorithms Temporary Set Heuristic Permanent Set Algorithm 1 DNS ls is a simple query to a name server that returns a list of all the hosts it thinks is in a domain DNS ls Ping is when you send a special packet sent to a machine. If it is alive, it will send a response ping Permanent Set Directed Broadcast Ping Broadcast ping is a ping packet addressed to an entire subnetwork. All hosts on that network should reply to the message Algorithm 1: Analysis Strengths – Relatively weak assumptions Weaknesses – It is quite slow. Subnet guessing for each host is quite expensive in time. – Ping broadcast is not supported in many domains (for example, to avoid smurfing) Algorithm 2 Figures out default router of machine algorithm is run netstat Ping hosts and add to permanent set ping Permanent Set SNMP Query SNMP allows us to talk to a machine and ask it about connected routers and hosts. Algorithm 2: Analysis Strengths – Returns the most information – Fast – Quite simple Weaknesses – Has the strongest assumption of all of the algorithms. Many domains restrict access to SNMP due to security reasons. Algorithm 3 Figures out default router of machine algorithm is run netstat Ping hosts and add to permanent set ping Permanent Set Random Probe look at the first few IP addresses in the subnet. Usually many routers are configured to have the first few addresses in a subnet. Results CUCS network – Algorithm 1 and 2 worked fine. – Algorithm 3 did not detect all routers and hosts because the probe wasn’t perfect. Cornell network – Algorithm 1 worked OK -- it found most of the hosts, except subnet guessing failed. – Algorithm 2, in theory should work, but SNMP access was broken on the network. – Algorithm 3 did not work because some crucial routers could not be found and subnet could not be guessed. DNS ls Algorithm 4 Ping hosts and traceroute to to determine subnet. traceroute Permanent Set traceroute Traceroute also returns intermediary routers to check for more hosts. Future Work We can also remove the DNS ls assumption off algorithm 4 by using the Bellcore trick of randomly sampling IP addresses in a given range. Once we traceroute those random IP addresses, we are sure to find most, if not all of the routers in the network. Eventually all these algorithms will be merged into one big hybrid algorithm that can be used in any network under any circumstances.