A 10GE Monitoring System Arin Vijn arien@ams-ix.net Agenda - - - PDF document

A 10GE Monitoring System Ariën Vijn arien@ams-ix.net

• Introduction

The role of an internet exchange (IX).

• The problem to be solved.

Real life examples

• The chosen solution for that problem

* The Force10's P10 IDS/IPS card * Photonic cross connects

Agenda

ISP E ISP G ISP H ISP C ISP F ISP I ISP A ISP B ISP D

ISP E ISP G ISP H ISP C ISP F ISP I ISP A ISP B ISP D

Tier 1 Tier 2 Tier 3

AS1

switch park

AS2 AS5 AS6 AS3 AS4

AS1 switch park AS2 AS5 AS6 AS3 AS4 BGP Router BGP Router BGP Router BGP Router BGP Router BGP Router

AS1 switch park AS2 AS5 AS6 AS3 AS4 BGP Router BGP Router BGP Router BGP Router BGP Router BGP Router

AS1 switch park AS2 AS5 AS6 AS3 AS4 BGP Router BGP Router BGP Router BGP Router BGP Router BGP Router

AS1 switch park AS2 AS5 AS6 AS3 AS4 BGP Router BGP Router BGP Router BGP Router BGP Router BGP Router

AS1 switch park AS2 AS5 AS6 AS3 AS4 BGP Router BGP Router BGP Router BGP Router BGP Router BGP Router

monitor

Example #1

switch park AS2 AS3 AS1

2 3 1

1 M

UNI..

1 M

UNI..

1 M

UNI..

switch park AS2 AS3 AS1

2 3 1

1 M

UNI..

1 M

UNI..

1 M

UNI..

switch park AS2 AS3 AS1

2 3 1

2 F

ARP

2 F

ARP

2 F

ARP

Ethernet Destination: ff:ff:ff:ff:ff:ff Source: 00:00:00:00:00:01 Type: ARP (0x0806) Address Resolution Protocol (request) Hardware type: Ethernet (0x0001) Protocol type: IP (0x0800) Hardware size: 6 Protocol size: 4 Opcode: request (0x0001) Sender MAC address: 01:00:00:00:00:02 Sender IP address: 195.69.144.2 Target MAC address: 00:00:00:00:00:00 Target IP address: 195.69.144.3

switch park AS2 AS3 AS1

2 3 1

2 F

ARP

2 F

ARP

2 F

ARP

Ethernet Destination: ff:ff:ff:ff:ff:ff Source: 00:00:00:00:00:01 Type: ARP (0x0806) Address Resolution Protocol (request) Hardware type: Ethernet (0x0001) Protocol type: IP (0x0800) Hardware size: 6 Protocol size: 4 Opcode: request (0x0001) Sender MAC address: 01:00:00:00:00:02 Sender IP address: 195.69.144.2 Target MAC address: 00:00:00:00:00:00 Target IP address: 195.69.144.3

switch park AS2 AS3 AS1

2 3 1

2 F

ARP

2 F

ARP

2 F

ARP

AS1 switch park AS2 AS5 AS6 AS3 AS4 BGP Router BGP Router BGP Router BGP Router

Tuttle Buttle

BGP Router BGP Router

AS1 switch park AS2 AS5 AS6 AS3 AS4 BGP Router BGP Router BGP Router BGP Router BGP Router BGP Router

monitor

AS1 switch park AS2 AS5 AS6 AS3 AS4 BGP Router BGP Router BGP Router BGP Router BGP Router BGP Router

monitor

AS1 switch park AS2 AS5 AS6 AS3 AS4 BGP Router BGP Router BGP Router BGP Router BGP Router BGP Router

monitor

Example #2

BGP router AS 1 AS 1 transit ixp

• wn netwerk

transit switch AS 1 IXP shared link

BGP router AS 1 ixp AS1 switch AS 1 IXP shared link BGP router AS 2 switch AS 2 shared link ixp AS2 private interconnect AS1 - AS2

switch park BGP ROUTER AS1

1 D

1

switch park BGP ROUTER AS1

S != 1 D

1

syslog source mac

switch park BGP ROUTER AS1

1

S D

PAYL.

Ethernet Destination: 00:00:00:00:00:02 Source: 00:00:5e:00:01:11 (IETF-VRRP-virtual-router-VRID_11) IP (0x0800) Internet Protocol Protocol: ICMP (0x01) Header checksum Source: 10.0.0.1 Destination: 10.0.0.2 Internet Control Message Protocol Type: 0 (Echo (ping) reply) Code: 0 [...]

Monitoring

General purpose PC (libpcap)

switch park BGP ROUTER AS1

1

S == 1 D NIC

PCI-X

mirror port

≤ 5Gbps switch fabric ≤ 5Gbps ≤ 5Gbps monitored port MAC PP TM

• ptic

mirror port MAC PP TM

• ptic

Router Ethernet switch

Router Ethernet switch MEMS based Fiber Switch AKA Photonic Cross Connect (PXC)

Movable Mirror Array Fiber Lens Array Fixed Mirror Dry Air

Movable Mirror Array Fiber Lens Array Fixed Mirror Dry Air

core switch Telecity core switch science park

BGP router metrofiber

core switch Telecity core switch science park

BGP router metrofiber

Router AMS-IX switch traffic generator / analyser Anritsu MD1230A

XENPAK XENPAK

frame n 9.6 ns 64 byte, 51.2 ns 64 byte, 51.2 ns frame n+1 9.6 ns

Solution

Router AMS-IX switch General Purpose Computer (Linux) interface card XPAK XPAK PCI-X

PCI-X interface 10GE 10GE Layer 1 repeater and tap Programmable Filter PCI-X bus

• max. ~ 600kfps

eth2 'normal' ethernet interface Hardware software driver

• max. 2 x 14.8 Mfps one way
• max. 2 x 10 Gbps one way
• max. 14.8Mfps full duplex
• max. 10 Gbps full duplex

CPLD SRAM JTAG XPAK XPAK front-end FPGA flash PCI JTAG back-end FPGA

back-end FPGA XAUI XAUI

AND AND

64 128 64 128 XPAK Transceivers frame data ch1 frame data ch 2 block ch1 block ch2 ch1 ch2

15 31 47 63 79 95 111 127

preamble / SFD

• dest. MAC addr.

src

1 2

15 31 47 63 79 95 111 127

preamble / SFD

• dest. MAC addr.

src MAC addr. type

4 H L TOS total len. ID F/F TTL pro to.

n IP payload HCS

• src. IP addr.
• dst. IP addr

IP payload

R0 R1 Rn reduction network clk valid

• ffset

match memory CPLD front-end FPGA C0 C1 Cn frame data frame data register filtered data

1 n

15 31 47 63 79 95 111 127

preamble / SFD

• dest. MAC addr.

src MAC addr. type payload payload

15 31 47 63 79 95 111 127

preamble / SFD

• dest. MAC addr.

src Rx Cx reduction network

1

15 31 47 63 79 95 111 127

MAC addr. type payload Ry reduction network Rz Cz Cy

user defined functionality clk valid

• ffset

match memory CPLD front-end FPGA frame data filtered data packet processor memory management host interface addr. data R/W block capture

R0 R1 Rn reduction network clk valid

• ffset

CPLD front-end FPGA C0 C1 Cn frame data frame data register

counter

host interface

R0 R1 Rn reduction network C0 C1 Cn R0 R1 Rn reduction network clk valid

• ffset

CPLD front-end FPGA C0 C1 Cn frame data frame data register

counter

host interface

frame counter Cr reduction network

random number generator register

1 2

15 31 47 63 79 95 111 127

preamble / SFD

• dest. MAC addr.

src MAC addr. type

4 H L TOS total len. ID F/F TTL pro to.

n IP payload HCS

• src. IP addr.
• dst. IP addr

IP payload

CPLD SRAM JTAG XPAK XPAK front-end FPGA flash PCI JTAG back-end FPGA

Thank you for your attention