a 10ge monitoring system ari n vijn arien ams ix net
play

A 10GE Monitoring System Arin Vijn arien@ams-ix.net Agenda - - PDF document

Jan 24, 2023 •304 likes •887 views

A 10GE Monitoring System Arin Vijn arien@ams-ix.net Agenda - Introduction The role of an internet exchange (IX). - The problem to be solved. Real life examples - The chosen solution for that problem * The Force10's P10 IDS/IPS card *

  1. A 10GE Monitoring System Ariën Vijn arien@ams-ix.net

  2. Agenda - Introduction The role of an internet exchange (IX). - The problem to be solved. Real life examples - The chosen solution for that problem * The Force10's P10 IDS/IPS card * Photonic cross connects

  3. ISP A ISP B ISP D ISP C ISP E ISP F ISP G ISP H ISP I

  4. ISP A ISP B ISP D ISP C Tier 1 ISP E ISP F Tier 2 ISP G ISP H ISP I Tier 3

  5. AS2 AS1 AS3 AS4 switch park AS6 AS5

  6. AS2 AS1 BGP BGP Router Router BGP BGP AS3 AS4 Router Router switch park BGP BGP Router Router AS6 AS5

  7. AS2 AS1 BGP BGP Router Router BGP BGP AS3 AS4 Router Router switch park BGP BGP Router Router AS6 AS5

  8. AS2 AS1 BGP BGP Router Router BGP BGP AS3 AS4 Router Router switch park BGP BGP Router Router AS6 AS5

  9. AS2 AS1 BGP BGP Router Router BGP BGP AS3 AS4 Router Router switch park BGP BGP Router Router AS6 AS5

  10. monitor AS2 AS1 BGP BGP Router Router BGP BGP AS3 AS4 Router Router switch park BGP BGP Router Router AS6 AS5

  11. Example #1

  12. UNI.. 1 M 1 AS1 M 1 UNI.. 2 AS2 switch park M 1 UNI.. 3 AS3

  13. UNI.. 1 M 1 AS1 M 1 UNI.. 2 AS2 switch park M 1 UNI.. 3 AS3

  14. F 2 ARP 1 AS1 Ethernet Destination: ff:ff:ff:ff:ff:ff Source: 00:00:00:00:00:01 Type: ARP (0x0806) Address Resolution Protocol (request) ARP 2 F Hardware type: Ethernet (0x0001) 2 AS2 Protocol type: IP (0x0800) Hardware size: 6 switch park Protocol size: 4 Opcode: request (0x0001) Sender MAC address: 0 1 :00:00:00:00:02 Sender IP address: 195.69.144.2 Target MAC address: 00:00:00:00:00:00 Target IP address: 195.69.144.3 F 2 ARP 3 AS3

  15. F 2 ARP 1 AS1 Ethernet Destination: ff:ff:ff:ff:ff:ff Source: 00:00:00:00:00:01 Type: ARP (0x0806) Address Resolution Protocol (request) ARP 2 F Hardware type: Ethernet (0x0001) 2 AS2 Protocol type: IP (0x0800) Hardware size: 6 switch park Protocol size: 4 Opcode: request (0x0001) Sender MAC address: 0 1 :00:00:00:00:02 Sender IP address: 195.69.144.2 Target MAC address: 00:00:00:00:00:00 F 2 ARP Target IP address: 195.69.144.3 3 AS3

  16. F 2 ARP 1 AS1 ARP 2 F 2 AS2 switch park F 2 ARP 3 AS3

  17. Tuttle AS2 AS1 BGP BGP Router Router BGP BGP AS3 AS4 Router Router switch park BGP BGP Router Router AS6 AS5 Buttle

  18. monitor AS2 AS1 BGP BGP Router Router BGP BGP AS3 AS4 Router Router switch park BGP BGP Router Router AS6 AS5

  19. AS2 AS1 BGP BGP Router Router BGP BGP AS3 AS4 Router Router switch park BGP BGP Router Router AS6 monitor AS5

  20. monitor AS2 AS1 BGP BGP Router Router BGP BGP AS3 AS4 Router Router switch park BGP BGP Router Router AS6 AS5

  21. Example #2

  22. transit AS 1 transit own netwerk BGP shared link router AS 1 switch AS 1 ixp IXP

  23. BGP BGP router router AS 1 AS 2 shared shared link link private switch AS 1 switch AS 2 interconnect AS1 - AS2 ixp ixp AS1 AS2 IXP

  24. 1 D BGP 1 ROUTER AS1 switch park

  25. S != 1 D BGP 1 ROUTER AS1 switch park syslog source mac

  26. PAYL. S D BGP 1 ROUTER AS1 Ethernet Destination: 00:00:00:00:00:02 Source: 00:00:5e:00:01:11 (IETF-VRRP-virtual-router-VRID_11) IP (0x0800) Internet Protocol Protocol: ICMP (0x01) Header checksum Source: 10.0.0.1 Destination: 10.0.0.2 switch park Internet Control Message Protocol Type: 0 (Echo (ping) reply) Code: 0 [...]

  27. Monitoring

  28. S == 1 D BGP 1 ROUTER AS1 mirror port switch park NIC PCI-X General purpose PC (libpcap)

  29. ≤ 5Gbps optic MAC PP TM ≤ 5Gbps monitored port switch fabric optic MAC PP TM ≤ 5Gbps mirror port

  30. Ethernet Router switch

  31. Ethernet Router switch MEMS based Fiber Switch AKA Photonic Cross Connect (PXC)

  32. Fiber Lens Array Fixed Mirror Dry Air Movable Mirror Array

  33. Fiber Lens Array Fixed Mirror Dry Air Movable Mirror Array

  34. core switch core switch science park Telecity metrofiber BGP router

  35. core switch core switch science park Telecity metrofiber BGP router

  37. AMS-IX Router switch XENPAK XENPAK traffic generator / analyser Anritsu MD1230A

  38. frame n frame n+1 64 byte, 51.2 ns 9.6 ns 64 byte, 51.2 ns 9.6 ns

  39. Solution

  40. AMS-IX Router switch XPAK XPAK interface card PCI-X General Purpose Computer (Linux)

  41. max. 14.8Mfps full duplex 10GE 10GE max. 10 Gbps full duplex Layer 1 repeater and tap Hardware max. 2 x 14.8 Mfps one way max. 2 x 10 Gbps one way Programmable Filter max. ~ 600kfps PCI-X interface PCI-X bus software driver eth2 'normal' ethernet interface

  42. XPAK XPAK front-end flash FPGA JTAG back-end SRAM FPGA CPLD JTAG PCI

  43. XPAK Transceivers ch1 ch2 XAUI XAUI AND AND 64 64 128 128 frame data frame data block ch1 block ch2 ch 2 ch1 back-end FPGA

  44. 127 111 95 79 63 47 31 15 0 preamble / SFD dest. MAC addr. src 0

  45. preamble / SFD dest. MAC addr. src 0 127 111 95 79 63 47 31 15 0 4 H TTL pro MAC addr. type L TOS total len. ID F/F 1 to. HCS src. IP addr. dst. IP addr IP payload 2 IP payload n

  46. front-end FPGA valid frame data offset clk frame data register R0 R1 Rn C0 C1 Cn reduction network match memory filtered data CPLD

  47. 127 111 95 79 63 47 31 15 0 preamble / SFD dest. MAC addr. src 0 MAC addr. type payload 1 payload n

  48. 127 111 95 79 63 47 31 15 0 preamble / SFD dest. MAC addr. src 0 Rx Cx reduction network

  49. 127 111 95 79 63 47 31 15 0 MAC addr. type payload 1 Ry Rz Cy Cz reduction network

  50. front-end FPGA frame block offset valid data clk memory packet processor management user defined functionality addr. match data R/W memory capture filtered host interface data CPLD

  51. front-end FPGA valid frame data offset clk frame data register R0 R1 Rn C0 C1 Cn reduction network counter host interface CPLD

  52. front-end FPGA valid frame data offset clk frame data register R0 R1 Rn R0 R1 Rn C0 C1 Cn C0 C1 Cn reduction network reduction network counter host interface CPLD

  53. random number frame counter generator register Cr reduction network

  54. 127 111 95 79 63 47 31 15 0 preamble / SFD dest. MAC addr. src 0 4 H TTL pro MAC addr. type L TOS total len. ID F/F 1 to. HCS src. IP addr. dst. IP addr IP payload 2 IP payload n

  55. XPAK XPAK front-end flash FPGA JTAG back-end SRAM FPGA CPLD JTAG PCI

  57. Thank you for your attention

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Data Streaming over an International 10GE Multipath OpenFlow Network Sander Boele, Freek

Data Streaming over an International 10GE Multipath OpenFlow Network Sander Boele, Freek

Data Streaming over an International 10GE Multipath OpenFlow Network Sander Boele, Freek Dijkstra, Ronald van der Pol Artur Barczyk, Michael Bredel, Azher Mughal, Ramiro Voicu Gerben van Malenstein Jim Chen, Joe Mambretti Caltech

331 views • 4 slides
General Relativity: Einsteins Theory of Gravitation Presented By Presented By Arien

General Relativity: Einsteins Theory of Gravitation Presented By Presented By Arien

General Relativity: Einsteins Theory of Gravitation Presented By Presented By Arien Crellin-Quick and Tony Miller SPRING 2009 PHYS43, SRJC The Motivations of General Relativity General Relativity, or GR, was created in order to better

470 views • 26 slides
iSMART 4.0.X S.M.A.R.T ( Self-Monitoring, Analysis and Reporting Technology ) A monitoring system

iSMART 4.0.X S.M.A.R.T ( Self-Monitoring, Analysis and Reporting Technology ) A monitoring system

iSMART 4.0.X S.M.A.R.T ( Self-Monitoring, Analysis and Reporting Technology ) A monitoring system for computer hard disk drives to detect and report on various indicators of reliability, in the hope of anticipating failures. 1992 1995 iSMART

481 views • 25 slides
A brief about online monitoring system By Ajit Joshi & Amol Malode Regulatory Regime PCB

A brief about online monitoring system By Ajit Joshi & Amol Malode Regulatory Regime PCB

A brief about online monitoring system By Ajit Joshi & Amol Malode Regulatory Regime PCB Guidelines WHY IS REAL TIME MONITORING SYSTEM REQUIRED? Self Monitoring mechanism within the industries Increased management responsibility for

548 views • 41 slides
CLICK HERE TO KNOW MORE Safe City Monitoring System Safe City Monitoring System GIS Web Based

CLICK HERE TO KNOW MORE Safe City Monitoring System Safe City Monitoring System GIS Web Based

CLICK HERE TO KNOW MORE Safe City Monitoring System Safe City Monitoring System GIS Web Based Application in Crime Monitoring in Malaysia Geospatial World Forum 2014 Geneva, Switzerland Geneva, Switzerland 5-9 May 2014 SIOW SUAN NEO SIOW

374 views • 22 slides
Motivations Monitoring (the eigenstructure of) a (linear) system: On sensors positioning

Motivations Monitoring (the eigenstructure of) a (linear) system: On sensors positioning

Motivations Monitoring (the eigenstructure of) a (linear) system: On sensors positioning identification, damage detection and localization. for Structural Health Monitoring For given monitoring requirements: How to achieve optimum

677 views • 4 slides
STERWeld monitor STERWeld configurator March 2013. STERWeld monitoring system System

STERWeld monitor STERWeld configurator March 2013. STERWeld monitoring system System

STERWeld monitor STERWeld configurator March 2013. STERWeld monitoring system System configuration: STERWeld measurement unit: robust, lightweight, battery operated, portable instrument for monitoring up to 4 independent arcs STER Quad

559 views • 21 slides
Continuous monitoring system for groundwater Daily monitoring. No false alarms.

Continuous monitoring system for groundwater Daily monitoring. No false alarms.

Continuous monitoring system for groundwater Daily monitoring. No false alarms. Physical-Chemical contamination detection. ATEX and IP68 compliant. No civil work needed for installation. One-day installation and

208 views • 9 slides
Temperature Monitoring System Enhancement Controls Background Project Experiments &

Temperature Monitoring System Enhancement Controls Background Project Experiments &

Introduction Temperature Monitoring System Enhancement Controls Background Project Experiments & Results Future Work Conclusion Background Background Temperature Monitoring System Visual monitoring of temperatures Alerting of

319 views • 18 slides
Effective Monitoring System for Tunnel Important Instruction This solution contains three

Effective Monitoring System for Tunnel Important Instruction This solution contains three

Effective Monitoring System for Tunnel Important Instruction This solution contains three sub-systems, the first is Event Detection system, the second is Traffic Status Analysis system, the last is Section Speed Measurement system. The

574 views • 16 slides
A Review of Market Monitoring A Review of Market Monitoring Activities at U.S. Independent System

A Review of Market Monitoring A Review of Market Monitoring Activities at U.S. Independent System

A Review of Market Monitoring A Review of Market Monitoring Activities at U.S. Independent System Activities at U.S. Independent System Operators Operators Bernard Lesieutre & Charles Goldman Lawrence Berkeley National Laboratory Western

461 views • 22 slides
System Monitoring Xavier Martorell-Bofill 1 Ren Serral-Graci 1 Universitat Politcnica de

System Monitoring Xavier Martorell-Bofill 1 Ren Serral-Graci 1 Universitat Politcnica de

System Monitoring Xavier Martorell-Bofill 1 Ren Serral-Graci 1 Universitat Politcnica de Catalunya (UPC) May 26, 2014 Introduction Monitoring Processos Usuaris Xarxa Lectures System administration introduction 1 Operating System

427 views • 31 slides
The National Estuarine Research Reserve System (NERRS) System- Wide Monitoring Program (SMWP):

The National Estuarine Research Reserve System (NERRS) System- Wide Monitoring Program (SMWP):

The National Estuarine Research Reserve System (NERRS) System- Wide Monitoring Program (SMWP): How to Access and Utilize Our Coastal Monitoring Data Gregg P. Sakowicz Jacques Cousteau National Estuarine Research Reserve System (JC NERR)

566 views • 31 slides
System Health and Intrusion Monitoring System Health and Intrusion Monitoring Using a Hierarchy

System Health and Intrusion Monitoring System Health and Intrusion Monitoring Using a Hierarchy

Advanced Security Research System Health and Intrusion Monitoring System Health and Intrusion Monitoring Using a Hierarchy of Constraints Using a Hierarchy of Constraints Calvin Ko Calvin Ko , Network Associates, Inc. NAI Labs , Network

462 views • 27 slides
FY21 21 st Century Community Learning Centers Tracking and Monitoring System Training November

FY21 21 st Century Community Learning Centers Tracking and Monitoring System Training November

FY21 21 st Century Community Learning Centers Tracking and Monitoring System Training November 2020 Welcome and Overview Charmaine Davis-Bey, M.Ed., EdPsyc 21 st CCLC Education Program Specialist Compliance/Monitoring System Lead Regional

908 views • 63 slides
Kooltrak Refrigeration Data Temperature Monitoring System Working together with the Energy

Kooltrak Refrigeration Data Temperature Monitoring System Working together with the Energy

Introducing the Kooltrak Refrigeration Data Temperature Monitoring System Working together with the Energy Saving EndoCube What is the Kooltrak system? An easy to use data temperature monitoring system designed for the catering and hospitality

371 views • 24 slides
JUST THE MATHS SLIDES NUMBER 16.6 LAPLACE TRANSFORMS 6 (The Dirac unit impulse function)

JUST THE MATHS SLIDES NUMBER 16.6 LAPLACE TRANSFORMS 6 (The Dirac unit impulse function)

JUST THE MATHS SLIDES NUMBER 16.6 LAPLACE TRANSFORMS 6 (The Dirac unit impulse function) by A.J.Hobson 16.6.1 The definition of the Dirac unit impulse function 16.6.2 The Laplace Transform of the Dirac unit impulse function 16.6.3

447 views • 16 slides
7 Network Layer Network Layer BGP basics Internet inter-AS routing: BGP when AS2 advertises

7 Network Layer Network Layer BGP basics Internet inter-AS routing: BGP when AS2 advertises

Network Layer Network Layer RIP ( Routing Information Protocol) RIP advertisements distance vectors: exchanged among distance vector algorithm neighbors every 30 sec via Response included in BSD-UNIX Distribution in 1982 Message

746 views • 3 slides
Routing Session 14 INST 346 Technologies, Infrastructure and Architecture Goals for Today

Routing Session 14 INST 346 Technologies, Infrastructure and Architecture Goals for Today

Routing Session 14 INST 346 Technologies, Infrastructure and Architecture Goals for Today Routing Routing Routing Internet approach to scalable routing aggregate routers into regions known as autonomous systems (AS)

650 views • 40 slides
CS519: Computer Networks Lecture 4, Part 5: Mar 1, 2004 Internet Routing: ASs, igp, and BGP

CS519: Computer Networks Lecture 4, Part 5: Mar 1, 2004 Internet Routing: ASs, igp, and BGP

CS519: Computer Networks Lecture 4, Part 5: Mar 1, 2004 Internet Routing: ASs, igp, and BGP CS519 As we said earlier, the Internet is composed of Autonomous Systems (ASs) Where each AS is a set of routers, links, and hosts And

504 views • 36 slides
Right-Linear Grammars Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department

Right-Linear Grammars Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department

Objectives Conversion to Right-Linear Grammar Right-Linear Grammars Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer Science Objectives Conversion to Right-Linear Grammar Objectives You should be able to

287 views • 9 slides
A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann

A Reproducibility Study of IP Spoofing Detection in Inter-Domain Traffic Jasper Eumann October 9, 2019 iNET RG, Hamburg University of Applied Sciences Overview IP Spoofing Mitigation in General Detection in Inter-Domain Traffic

778 views • 42 slides
A Brief Review of Quantum Information Aspects of Black Hole Evaporation Reference: M. Hotta and

A Brief Review of Quantum Information Aspects of Black Hole Evaporation Reference: M. Hotta and

A Brief Review of Quantum Information Aspects of Black Hole Evaporation Reference: M. Hotta and A. Sugita, Prog. Theor. Exp. Phys, 123B04 (2015). M. Hotta, R. Schtzhold and W. G. Unruh, Phys. Rev. D 91, 124060 (2015). M. Hotta, Y. Nambu, and

1.33k views • 105 slides
Scalable Routing Outline Routing Algorithms Scalability 1 Overview Forwarding vs Routing

Scalable Routing Outline Routing Algorithms Scalability 1 Overview Forwarding vs Routing

Scalable Routing Outline Routing Algorithms Scalability 1 Overview Forwarding vs Routing forwarding: to select an output port based on destination address and routing table routing: process by which routing table is built

543 views • 13 slides

More recommend