Automating the Automating the configuration of flow configuration - - PowerPoint PPT Presentation
Zurich Research Laboratory Automating the Automating the configuration of flow configuration of flow monitoring probes monitoring probes Xenofontas (Fontas) Dimitropoulos (xed@zurich.ibm.com) Andreas Kind (ank@zurich.ibm.com) IBM | Dec 07
Zurich Research Laboratory
IBM | Dec 07 | Systems Department www.zurich.ibm.com
Xenofontas (Fontas) Dimitropoulos (xed@zurich.ibm.com) Andreas Kind (ank@zurich.ibm.com)
2
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
– Requirements and goals. – Design. – Implementation.
3
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
Network elements are typically configured with low-level commands, e.g., Cisco IOS commands. Network administrators manage numerous network elements with lengthy configuration files. Network configuration is an error-prone and time-consuming process. Configuration errors can be costly, e.g.:
– network outages – violations of SLAs
Source of figure: 100x100 project
4
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
The configuration of monitoring probes is part of the more general network configuration problem. Monitoring probes are gradually becoming more intelligent, for example, using advanced sampling and data aggregation techniques. Consequently, their configuration becomes more involved. Flexible Netflow (FNF) and IPFIX provide numerous configuration options that were not available earlier:
– FNF has 58 different configuration commands. – FNF provides 65 different fields, arbitrary combinations of which can be used in the definition of flow key and non-key fields.
Certain network operation applications need to dynamically change configuration to:
– adapt to changing traffic conditions. – investigate on-going network anomalies.
5
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
network monitoring probes data traffic profiling billing anomaly detection application identification traffic engineering
network
applications Probe configuration
application needs low-level configuration
6
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
– the measurements module describes different measurements, i.e., application needs. – the inventory module describes the monitoring probes of a network. – the back-end module provides necessary information for generating low-level commands.
application needs.
– uses the modules and specification to generate low-level commands. – configures the probes
7
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
– express configuration in terms of measurement objectives. – focus on measurements instead of devices.
8
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
1st level: vendor-specific configuration commands. 2nd level: probe elements (pe), i.e., logical components of a probe, like interface, flow cache, exporter. 3rd level: configlet, i.e., a set of specific probe elements that realizes a measurement. 4th level: measurement services, i.e., a configlet with certain probe selection rules.
Measurement service Configlet Probe elements Vendor-specific commands
9
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
Specifies different probe elements. A probe element specification:
– is written in XML. – has a unique id. – identifies parameters and parameter default values. – determines the low-level vendor-specific commands.
<!– Pro be E le me nt E xpo rte r --> <pe id=‘ g e ne ric _e xpo rte r'> <pa ra ms> <pa ra m id='po rt'>90</ pa ra m> <pa ra m id='tra nspo rt'>udp</ pa ra m> <pa ra m id='de stina tio n'>192.0.0.1</ pa ra m> <pa ra m id='la be l'>E XPORT E R</ pa ra m> </ pa ra ms> <te mpla te > <io s> flo w e xpo rte r $la be l de stina tio n $de stina tio n tra nspo rt $tra nspo rt $po rt </ io s> <ya f>
</ ya f> <juno s> </ juno s> </ te mpla te > </ pe >
10
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
Specifies network probes, i.e., lists the characteristics that can be useful for their configuration. Besides describing location, system, and interface information, it declares tags that can be used for grouping probes and for probe selection.
<pro be id='tra ba nt.zuric h.ibm.c o m'> <a ddre ss>9.4.68.154</ a ddre ss> <lo c a tio n> <c ity>Zuric h</ c ity> <sta te >Ce ntra l CH</ sta te > <c o untry>Switze rla nd</ c o untry> </ lo c a tio n> <syste m> <o s>io s</ o s> <ve rsio n>12.4</ ve rsio n> </ syste m> <inte rfa c e id='F a stE the rne t0/ 0'> <c a pa c ity>100Mbits</ c a pa c ity> <ta g >inte rna l</ ta g > </ inte rfa c e > <inte rfa c e id='F a stE the rne t0/ 1'> <c a pa c ity>100Mbits</ c a pa c ity> <ta g >c usto me r</ ta g > </ inte rfa c e > <ta g s> <ta g >e dg e </ ta g > </ ta g s> </ pro be >
11
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
<!-- Mo nito r ho w muc h tra ffic is se nd --> <!-- be twe e n I P blo c ks. --> <msr id='tra ffic _ma trix'> <pa ra ms> <!-- De fa ult pa ra me te r va lue s --> <pa ra m id='c o lle c to r_a ddre ss'>lo c a lho st</ pa ra m> <pa ra m id='c o lle c to r_po rt'>2055</ pa ram> <pa ra m id='c o lle c to r_tra nspo rt'>tc p</ pa ra m> </ pa ra ms> <!-- Pro be e le me nt c ha in --> <c o nfig le t> </ c o nfig le t> <rule s> </ rule s> </ msr> <!-- Pro b e e le me nt c ha in --> <c o nfig le t> <pe > <na me >e xpo rte r</ na me > <pa ra ms> <pa ram id='labe l'>T M_E XPORT E R</ para m> <pa ra m id='de stina tio n'>$c o lle c to r_a ddre ss</ pa ra m> <pa ra m id='po rt'>$c o lle c to r_po rt</ pa ra m> <pa ra m id='tra nspo rt'>$c o lle c to r_tra nspo rt</ pa ra m> </ pa ra ms> </ pe > <pe > <na me >flo w_c a c he </ na me > <pa ra ms> <pa ra m id='la b e l'>T M_CACHE </ pa ra m> <pa ra m id='re c o rd'>SRC_DST _PRE F I X_RE C</ pa ra m> <pa ra m id='e xpo rt'>T M_E XPORT E R</ pa ra m> </ pa ra ms> </ pe > <pe > <na me >inte rfa c e </ na me > <pa ra ms> <pa ra m id='mo nito r'>T M_CACHE </ pa ra m> <pa ra m id='inte rfa c e '>$inte rfa c e ->id</ pa ra m> <pa ra m id='dire c tio n'>o utput</ pa ra m> </ pa ra ms> </ pe > </ c o nfig le t> <rule s> <inte rfa c e > if ( $inte rfa c e .ta g e q “e xte rna l" a nd $pro be .ta g e q "e dg e " ) { re turn 1; } e lse { re turn 0; } </ inte rfa c e > </ rule s>
12
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
Lists the measurements and the probes in which to enable these measurements. Is the user interface and can be generated through a GUI.
<!-- Pro be s to apply me a sure me nts o n --> <pro be id='wasse n.zuric h.ibm.c o m'></ pro be > <pro be id='traba nt.zuric h.ibm.c o m'></ pro be > <!-- Me a sure me nts --> <msr id='tra ffic _ma trix'> <pa ra ms> <!-- o ve rwrite de fa ult va lue s --> <pa ra m id='c o lle c to r_a ddre ss'>9.4.68.204</ pa ra m> <pa ra m id='c o lle c to r_po rt'>2055</ pa ram> <pa ra m id='c o lle c to r_tra nspo rt'>udp</ pa ra m> </ pa ra ms> </ msr> <msr id='app_mo nito ring '> <pa ra ms> <!-- o ve rwrite de fa ult va lue s --> <pa ra m id='c o lle c to r_a ddre ss'>9.4.68.205</ pa ra m> <pa ra m id='c o lle c to r_po rt'>2055</ pa ram> <pa ra m id='c o lle c to r_tra nspo rt'>udp</ pa ra m> </ pa ra ms> </ msr>
13
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
– express configuration in terms of measurement objectives. – focus on measurements instead of devices.
14
Zurich Research Laboratory
X Dimitropoulos | Systems Department | IBM Research
– abstract configuration of probes and hide low-level details. – focus on measurement services that satisfy the
– generate and set configuration automatically.
– Incorporate error-checking techniques. – Develop libraries for typical measurements. – Use NetConf. – Configuration optimization.