Download wespy_1 (dec 2007)

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
Document related concepts

Deep packet inspection wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Multiprotocol Label Switching wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Peering wikipedia , lookup

Distributed firewall wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Computer network wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Airborne Networking wikipedia , lookup

IEEE 1355 wikipedia , lookup

Network tap wikipedia , lookup

Routing in delay-tolerant networking wikipedia , lookup

Transcript 
A victim-centric peer-assisted
framework for monitoring and
troubleshooting routing
problems
How to Monitor?
Four schemes
How to monitor? Pros
Cons
Monitor devices
such as routers
No overhead
Device status does not
directly translate into
user perceived
performance
Monitor BGP
updates
No overhead; Know
what happens in
other network
Do not see some
data-plane anomaly
Monitor flowlevel traffic
No overhead; Real
traffic; Witness direct
impact of failures
Do not witness
failures directly
Active probing
Extra overhead; May
Witness direct
impact of failures not mimic the real
traffic
What Constraint to Monitor?

Network meets ISP’s goals




Resource utilization
Routing goes as specified by policy
…
Network meets users’ goals



Reachability
 Most fundamental end-to-end property
 Easy to define and formulate
Delay, loss
 Less easier to define and formulate
Application level: Bulk transfer, VOIP
 Depends on reachability, delay, loss, etc
Our Monitor Scheme

Monitor reachability using active probing




Focus on reachability
Use ping – no need for remote cooperation
Trade off between probing efficiency and probing
coverage (challenges)
Disclaimers


Do not monitor delay or loss
Do not consider ISP’s goals
Troubleshooting -Next Step to Monitoring

Goal of troubleshooting



Localize the root cause
How local? Depends on the nature of the cause
Purpose of troubleshooting

Local root cause


Pin-point the problem and fix it
Remote root cause


Contact the responsible networks to solve the problem
By-pass the faulty network
Localize the Root Cause
Topology dimension
AS 1
a->b b->c c->d
AS 2
m->n m->l n->l
AS 3
x->y y->z z->x
Firewalls (those
who prevent
forwarding)
Forwarding paths
(those who do
forwarding)
Control plane
Physical and link
layers
Protocol dimension
Localize
the cause
Link level
at AS level
Localize the cause at protocol
Both AS
level
and protocol level
Troubleshooting:
Three building blocks

Tool


Data: generated by tool


traceroute, ping, netflow, looking glass, etc
e2e reachability, BGP updates, traffic profile, etc
Brain: the intelligent part, usually network
operator


Digest the data, make inference, leverage
dependency, draw from past experience
The key of troubleshooting. Hard problem
What Can We Do to Improve?

Improve the tool




Promote the cooperation among networks
Traceroute -> resilient remote traceroute
BGP feed -> resilient remote BGP feed
Improve the automation of brain

Unify previous work
Automatic Brain

It’s a challenging problem



Fault may occur at multiple levels
Involve machine learning
Example work:
Enterprise network services, sigcomm’07, by
Paramvir Bahl et al.
Dependency Graph Approach


Decompose a large system into components
Infer the dependencies among components



A set of observations on some components


A depends on B: If B fails, A fails
Lead to a hierarchy of dependencies: dependency graph
(like Makefile)
For example, F,H,X works but G fails
Infer the status of other components using
dependencies, finally locate the root cause
component
Dependency Graph
Example 1
Multi-tier dependency graph. Diagnoses multi-level fault but needs
automated construction. [ From Paramvir Bahl et al, sigcomm’07 ]
Dependency Graph
Example 2
Flat dependency graph. Diagnoses simple fault. [From Ramana Kompella
et al, infocom’07 ]
Trade-off in Decomposition


The granularity of decomposition determines
the how specific the troubleshooting is
Fine-grained decomposition



Advantage: more specific
Disadvantage: graph is more complex,
constructing and solve it is challenging
Coarse-grained decomposition


Advantage: graph is simple, constructing and
solving it is less challenging
Disadvantage: less specific
Dependency Graph
Regarding Internet Routing
A
B
p can ping q
A depends on B
p can send packets to q
q can send packets to p
Forwarding path p->q is OK
Physical path p->q is OK
Link u_i->u_{i+1}
is up
……
Control plane info is correctly propagated
AS N_i has correct
route
N_{i+1}
AS N_i imports routes
of prefix p
Path p->q before failure: IP hops: u_0, u_1, …, u_n,
AS hops: N_0, N_1, …., N_m
Dependency Graph Regarding
Internet Routing (cont.)

Account for three common root causes




Link/router failure
Router misconfiguration leading to missing route
(i.e. does not import route)
Router misconfiguration or attack leading to prefix
hijacking
Topology-wise locate the root cause, and also
tell among the three root causes

Reasonably specific
Recent Work on Network
Troubleshooting

Infocom’07, Detection and Localization of Network Black Holes, by
Ramana R. Kompella et al


CoNext’07, NetDiagnoser: Troubleshooting network unreachabilities
using end-to-end probes and routing data, by Amogh Dhamdhere et al


Automate the “brain”. Consider both physical failure and control plane fault.
For inter-domain. Flat dependency graph.
Sigcomm’07, Automating Cross-layer Diagnosis of Enterprise Wireless
Networks, by Cheng et al


Automate the “brain”. Consider only physical failure. Mainly for intra-domain.
Flat dependency graph.
Improving the “tool”. Measure and infer various delays in a wireless
environment
Sigcomm’07, Towards Highly Reliable Enterprise Network Services Via
Inference of Multi-level Dependencies, by Paramvir Bahl et al

Automate the “brain”. Mainly for enterprise network and services. Deal with
multi-level faults. Automatically generate multi-tier dependency graph.
NetDiagnoser: Overview


Troubleshooting unreachability
Fault assumption:





Link failure, router misconfiguration causing partial link
failure (in particular BGP export filter misconfiguration)
Deal with filtered traceroute
More comprehensive than previous work
Infrastructure: sensors, all pair-wise traceroute
Mechanisms:



Binary tomography
Per-neighor-basis logical link modeling control plane
Combining BGP withdraw message
NetDiagnoser: Logical Links
Netdiagnoser:
Dependency Assumption
P can send packets to q
Forwarding path
p->q is OK
Physical path p->q
is OK
Link u_i->u_{i+1}
is up
A
B
Control plane info is
correctly propagated
AS N_{i+1} exports
prefix q to AS N_i
A depends on B
P->q: IP hops: u_0, u_1, …, u_n,
AS hops: N_0, N_1, …., N_m
Related documents
Monitoring and Measurement
Monitoring and Measurement
Institutional Paths to Development
Institutional Paths to Development
The Callos Companies current is working with our Client on a Full
The Callos Companies current is working with our Client on a Full
File Share Dependencies
File Share Dependencies
Clicker Poll
Clicker Poll
Final Exam Review
Final Exam Review
1. Introduction
1. Introduction
Chapter 4
Chapter 4
Chapter 8 - Chabot College
Chapter 8 - Chabot College