monitoring a evpn vxlan fabric with bgp monitoring
play

Monitoring a EVPN-VxLAN fabric with BGP Monitoring Protocol Davide - PowerPoint PPT Presentation

Dec 23, 2023 •109 likes •410 views

Monitoring a EVPN-VxLAN fabric with BGP Monitoring Protocol Davide Pucci Giacomo Casoni davide.pucci@os3.nl giacomo.casoni@os3.nl Vivek Venkatraman Attilla de Groot Donald Sharp Cumulus Networks Cumulus Networks Cumulus Networks Border

  1. Monitoring a EVPN-VxLAN fabric with BGP Monitoring Protocol Davide Pucci Giacomo Casoni davide.pucci@os3.nl giacomo.casoni@os3.nl Vivek Venkatraman Attilla de Groot Donald Sharp Cumulus Networks Cumulus Networks Cumulus Networks

  2. Border Gateway Protocol (BGP) BGP is the de-facto Internet routing AS #1 AS #2 protocol . Pulls intra-Autonomous System prefixes, relying on iBGP . AS #3 Exchanges these internal prefixes with neighbouring Autonomous Systems to enable proper routing, relying on eBGP . 1.0.0.0/8 2

  3. BGP in Data Centers Third-wave applications moved most of RFC 7938 the traffic to a east-west direction . Use of BGP for Routing This change introduced the need of in Large-Scale Data more elastic Data Centers . Centers All the switches represent a ( private ) Autonomous System . August 2016 3

  4. BGP-based tunneling with EVPN / VxLAN MP-BGP introduced the possibility to extend BGP behaviour. RFC 7209 Ethernet Virtual Private Network Requirements for ( EVPN ) makes use of it to build an Ethernet VPN (EVPN) overlay network relying on the physical -------------------- structure, by adopting Virtual Extensible LANs ( VxLAN ), encapsulating layer-2 VLAN-like packets in layer-4 messages. May 2014 4

  5. BGP monitoring solutions Route collectors: ad-hoc BGP peering sessions ➔ ◆ not scalable, no information regarding actual routes received Screen scraping ➔ ◆ manual, not feasible for our use case IP duplication ➔ ◆ lack of filtering options, TCP stream reassembling 5

  6. Monitoring BGP RFC 7854 BGP Monitoring Protocol ( BMP ) is a BGP Monitoring Protocol BGP extension which makes BGP (BMP) speakers forward BGP packets to -------------------- BMP servers. June 2016 6

  7. Monitoring BGP / Dual mode Monitoring mode Mirroring mode Once BMP session is up, the client sends Mainly for troubleshooting purpose, this all the routes stored in the Adj-RIB-In mode provides full-fidelity view of all ( -out ) of those peers using standard BGP messages received from its peers, Update messages, encapsulated in without state compression: as soon as Route Monitoring messages. the client receives / generates a raw BGP Ongoing monitoring is done by packet, it sends it out to the BMP server. propagating route changes in BGP Update PDU s as well. 7

  8. Is BMP an effective solution for monitoring EVPN -based overlay networks?

  9. BMP applicability / Use cases Main bulk of BGP monitoring research focused on BGP prefix hijacking given the usual applications of EVPN-VxLAN , such case is not relevant to our research ➔ The following monitoring use cases have being identified instead: VM movements history MAC flapping Infrastructure convergence time Inconsistencies in MAC Mobility estimations counters BGP sessions status Prefixes authority history 9

  10. BMP applicability / Collectors and requirements BMP is a fairly new protocol: it is still lacking of open implementations OpenBMP has questionable EVPN support ➔ Wireshark capable of parsing BMP, but allowing limited capabilities ➔ A custom solution is needed, to achieve the following capabilities: parsing BMP / BGP EVPN messages: other protocols not important for the ➔ presented use case analyze and draw statistics from data ➔ visualize results ➔ It has been built in Python , using the ELK (ElasticSearch and Kibana) stack, for storage and debugging [1] [1] EVPN-BMP-Listener (https://github.com/giacomo270197/EVPN-BMP-Listener) 10

  11. BMP applicability / FRR-based client From: streambinder <posta@davidepucci.it> Date: Tue, 16 Jun 2020 14:50:37 +0200 Subject: [PATCH] bgpd: bmp: add support for L2VPN/EVPN routes --- The FRR suite already bgpd/bgp_bmp.c | 122 +++++++++++++++++++++++++++++++++++++---------- bgpd/bgp_bmp.h | 10 +++- implemented BMP, but only to 2 files changed, 105 insertions(+), 27 deletions(-) track IP uni/multicast routes. diff --git a/bgpd/bgp_bmp.c b/bgpd/bgp_bmp.c index fb4c50e3e..7c4746948 100644 --- a/bgpd/bgp_bmp.c +++ b/bgpd/bgp_bmp.c we extended the FRR suite ➔ @@ -164,9 +174,16 @@ static uint32_t bmp_qhash_hkey (const struct bmp_queue_entry *e) to make BMP support this key = prefix_hash_key((void *)&e->p); key = jhash(&e->peerid, offsetof(struct bmp_queue_entry, refcount) - use case as well [2] offsetof(struct bmp_queue_entry, peerid), key); + if (e->afi == AFI_L2VPN && e->safi == SAFI_EVPN) + key = jhash(&e->rd, + offsetof(struct bmp_queue_entry, rd) - + offsetof(struct bmp_queue_entry, refcount) + + PSIZE(e->rd.prefixlen), key); + + ... [2] lib: prefix: add prefix_rd type (https://github.com/FRRouting/frr/pull/6582) bgpd: bmp: add support for L2VPN/EVPN routes (https://github.com/FRRouting/frr/pull/6590) 11

  12. BMP applicability / FRR-based client contd IP RIB SUPPORTED EVPN RIB UNSUPPORTED It is a normal table collecting all the It is a two-layer table: routes announced over IP (v4 / v6). 1. per-RD / VRF discrimination 2. normal IP-like routes 192.168.0.0 / 24 via swp1 10.10.10.1:01 192.168.0.0 / 24 via swp1 192.168.1.0 / 24 via swp2 10.10.10.2:02 192.168.1.0 / 24 via swp2 ... ... 192.168.0.0 / 24 via swp2 12

  13. Proof of concept / The environment 13

  14. Use cases / VM movements and convergence Detect events for a given MAC using time deltas: ➔ using time delta mean, standard deviation, number of messages and ◆ user input we can detect which messages indicate a new event Allows to detect when and where to a VM was moved ➔ The difference between the time the first BMP message was received and ➔ the last one gives a measurement for the convergence time of the network 14

  15. Use cases / VM movements and convergence MAC 44:38:39:ff:00:19 Convergence time mean 1.46s Convergence time stdev 0.25s 15

  16. Use cases / VM movements and convergence 16

  17. Use cases / MAC flapping EVPN type-2 messages are used to distribute MAC reachability information ➔ A given MAC address should be reachable from a single address, in the case ➔ of our simulation, the anycast address assigned to the two pairs of leaf switches If the same MAC address is advertised by more than one, this could be an ➔ indication of misconfiguration: this “ makes the network more vulnerable and wastes network resources ”. [3] [3] https://juniper.net/documentation/en_US/junos/topics/task/configuration/configuring-mac-mobility-settings.html 17

  18. Use cases / MAC flapping Red nodes have been invalidated Blue nodes are currently active Labels represent Next Hop network address and time of creation 18

  19. Use cases / MAC flapping 19

  20. Use cases / MAC Mobility counter The MAC Mobility counter keeps track of how many times a MAC address has ➔ been moved across Ethernet segments Irregularities in a MAC Mobility counter for a given MAC can be indications of ➔ large network latencies or VM management misconfigurations MAC Mobility counter should not decrease (other than when it wraps ➔ around), nor increase unusually quickly 20

  21. Use cases / MAC Mobility counter 21

  22. Use cases / MAC Mobility counter 22

  23. Use cases / BGP Sessions A couple (bgp_id1, bgp_id2) , regardless of items order, defines a session ➔ BGP sessions are ➔ established sending the BGP OPEN message: it carries both peers involved BGP IDs ◆ ◆ terminated sending the BGP NOTIFICATION CEASE message: it carries only the BGP ID of the peer triggering the termination, thanks to the BMP header 23

  24. Use cases / BGP Sessions In the case presented, leaf02 (BGP ID 10.10.10.2 ) has gone down. All its neighbours reported the peer down event to the BMP server. 24

  25. Use cases / Prefixes authority A prefix, in EVPN, is exchanged as a type-5 ( IP Prefix Route ) route ➔ Carried along with the BGP UPDATE NLRI , it is the AS_PATH path attribute ➔ ◆ regardless of the receiver of the message, such attribute can be leveraged to know which peer announced such prefix ( i.e. , prefix authority) Tracking such announcements allows to infer whether a certain prefix has ➔ been moved in terms of authority 25

  26. Use cases / Prefixes authority 26

  27. BMP impact on network design The only requisite of a BMP server is its reachability from the client BGP speaker: for convenience, the BMP connection would be done via a management ➔ network , so to isolate and manage monitoring on an isolated environment and network segment apart for this consideration, the addition of the BMP server in the topology ➔ has no impact at all, as it is logically separated by the effective BGP logical network 27

  28. Conclusions BMP client limitations FRR-side ➔ ◆ we overcame these by extending the existing implementation Lack of open BMP server solutions ➔ ◆ this was addressed by developing our own ad-hoc BMP server, parser and analyzer Identified a specific set of use cases ➔ ◆ all of them were successfully fulfilled in the test environment, by deploying our BMP server / client solutions 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Running OpenStack over a VXLAN Fabric Andre Pech Arista

Running OpenStack over a VXLAN Fabric Andre Pech Arista

Running OpenStack over a VXLAN Fabric Andre Pech Arista Networks Overview VXLAN Refresher Why VXLAN? Network Design Requirements Key

315 views • 19 slides
2016 Coordinated Monitoring Schedule 1 Navigation of Coordinated Monitoring website

2016 Coordinated Monitoring Schedule 1 Navigation of Coordinated Monitoring website

2016 Coordinated Monitoring Schedule 1 Navigation of Coordinated Monitoring website https://cms.lcra.org/ 2 FY16 Monitoring in the San 2015 Routine 2016 Routine Monitoring Antonio River Monitoring Monitoring Program Station

705 views • 34 slides
Surveillance Programs - GLNPO Cooperative Monitoring Coordinated Science and Monitoring

Surveillance Programs - GLNPO Cooperative Monitoring Coordinated Science and Monitoring

Great Lakes Monitoring and Surveillance Programs - GLNPO Cooperative Monitoring Coordinated Science and Monitoring Initiative Open Lake Water Quality Monitoring Biological Monitoring Water Quality Surveys

1.04k views • 39 slides
Fuel Monitoring Presentation Fuel Monitoring We specialize in fuel monitoring also can customize

Fuel Monitoring Presentation Fuel Monitoring We specialize in fuel monitoring also can customize

Fuel Monitoring Presentation Fuel Monitoring We specialize in fuel monitoring also can customize any tracking product: We provides fuel monitoring comprehensive solutions for Vehicles and Generators with very comprehensive reports: Offering

256 views • 8 slides
Coastal Monitoring Update Clive Moon Engineering Manager - Environment Coastal Monitoring

Coastal Monitoring Update Clive Moon Engineering Manager - Environment Coastal Monitoring

Coastal Monitoring Update Clive Moon Engineering Manager - Environment Coastal Monitoring Background to monitoring Climate change Wales Coastal Monitoring Centre Recent Monitoring Next steps Why? 45 km of coastline 4

534 views • 18 slides
Forest M onitoring (informal monitoring and Formal monitoring) Valerie Vauthier, REM director/

Forest M onitoring (informal monitoring and Formal monitoring) Valerie Vauthier, REM director/

Forest M onitoring (informal monitoring and Formal monitoring) Valerie Vauthier, REM director/ investigator mail@rem.org.uk Types of monitoring Certification Bodies (FSC) Others Formal remote sensing monitoring conservation,

379 views • 17 slides
DRSI Sharepoint Monitoring and Audit Folders FOLDERS SAMPLE ATTACHMENTS: Monitoring/TA

DRSI Sharepoint Monitoring and Audit Folders FOLDERS SAMPLE ATTACHMENTS: Monitoring/TA

DRSI Sharepoint Monitoring and Audit Folders FOLDERS SAMPLE ATTACHMENTS: Monitoring/TA Correspondence &amp; Monitoring Reports Event Profiles Tracking of Individual Monitoring Exhibits Related to Individual Findings/Concerns

86 views • 5 slides
Continuous Distributed Monitoring Monitoring A Short Survey Graham Cormode AT&amp;T Labs

Continuous Distributed Monitoring Monitoring A Short Survey Graham Cormode AT&amp;T Labs

Continuous Distributed Monitoring Monitoring A Short Survey Graham Cormode AT&amp;T Labs Distributed Monitoring There are many scenarios where we need to track events: Network health monitoring within a large ISP Collecting and

662 views • 43 slides
Fix VxLAN Issue in SFC Integration by Using Eth+NSH and VxLAN-gpe+NSH Hybrid Mode Yi Yang, Intel

Fix VxLAN Issue in SFC Integration by Using Eth+NSH and VxLAN-gpe+NSH Hybrid Mode Yi Yang, Intel

Fix VxLAN Issue in SFC Integration by Using Eth+NSH and VxLAN-gpe+NSH Hybrid Mode Yi Yang, Intel (yi.y.yang@intel.com) Agenda VxLAN Issue in OVSDB+SFC How to Fix Current VxLAN issue by Eth+NSH Demo Introduction Demo Next

191 views • 18 slides
Telephone Monitoring and Management Software Telephone Monitoring and Management Software

Telephone Monitoring and Management Software Telephone Monitoring and Management Software

Telephone Monitoring and Management Software Telephone Monitoring and Management Software TELECHECK is a PC based call monitoring system, adds utility to your customer by capturing and managing outgoing telephone calls data. It speedily provides

184 views • 16 slides
What does monitoring look like? A VSP Primer Monitoring - HRCD and other methods Brian

What does monitoring look like? A VSP Primer Monitoring - HRCD and other methods Brian

What does monitoring look like? A VSP Primer Monitoring - HRCD and other methods Brian Cochrane, Keith Folkerts, Ken Pierce VSP Regional Information Session on VSP Implementation Veterans Memorial Museum, Chehalis December 4, 2018

417 views • 29 slides
KAFKA STREAMS CLOUD MONITORING AWS CLOUD MONITORING AWS APP CLOUD MONITORING AWS HTTP APP

KAFKA STREAMS CLOUD MONITORING AWS CLOUD MONITORING AWS APP CLOUD MONITORING AWS HTTP APP

FROM USE CASE TO PRODUCTION KAFKA STREAMS CLOUD MONITORING AWS CLOUD MONITORING AWS APP CLOUD MONITORING AWS HTTP APP CLOUD MONITORING AWS METRICS NRDB HTTP APP CLOUD MONITORING SCHDLR JOBS AWS NRDB METRICS HTTP WORKER CLOUD

1.43k views • 124 slides
Monitoring Update: USGS Monitoring Efforts 2009 - 2014 In Cooperation With: U.S. Department of

Monitoring Update: USGS Monitoring Efforts 2009 - 2014 In Cooperation With: U.S. Department of

Monitoring Update: USGS Monitoring Efforts 2009 - 2014 In Cooperation With: U.S. Department of the Interior U.S. Geological Survey Outline Lower Boise Tributary monitoring 2009-2012 Fivemile and Tenmile Creeks WY2009 Indian Creek

431 views • 20 slides
MONITORING DEHCR BUREAU OF COMMUNITY DEVELOPMENT MONITORING PROCESS On

MONITORING DEHCR BUREAU OF COMMUNITY DEVELOPMENT MONITORING PROCESS On

MONITORING DEHCR BUREAU OF COMMUNITY DEVELOPMENT MONITORING PROCESS On site Visit or Desktop Monitoring at least once during the Performance Period 30 Day

436 views • 29 slides
Developing a Framework for Updating Private Forests Monitoring Strategy Outline Monitoring

Developing a Framework for Updating Private Forests Monitoring Strategy Outline Monitoring

Developing a Framework for Updating Private Forests Monitoring Strategy Outline Monitoring Program: goals, background, strategy objectives Stakeholders: interests, role, timing and inclusion process Methods to prioritize monitoring

506 views • 22 slides
COMPARATIVE VACUUM MONITORING (CVM) TECHNOLOGY STRUCTURAL MONITORING SYSTEMS ASX: SMN CVM

COMPARATIVE VACUUM MONITORING (CVM) TECHNOLOGY STRUCTURAL MONITORING SYSTEMS ASX: SMN CVM

COMPARATIVE VACUUM MONITORING (CVM) TECHNOLOGY STRUCTURAL MONITORING SYSTEMS ASX: SMN CVM is a tested and proven technology for in -situ, real time monitoring of metal fatigue and structural faults in metal and composite materials in wide

607 views • 44 slides
SAFETY: OPERATOR TRAINING People typically underes,mate the dangers associated with jump star,ng

SAFETY: OPERATOR TRAINING People typically underes,mate the dangers associated with jump star,ng

Safety Presenta,on JNC1224 Jump Starter SAFETY: OPERATOR TRAINING People typically underes,mate the dangers associated with jump star,ng and oIen neglect to provide proper training for operators. Operator training on the proper use of the

174 views • 14 slides
O&quot;s Redding

O&quot;s Redding

O&quot;s Redding h,p://thehoboride.blogspot.com/2011/12/this-day-in-rock-history- december-10.html Early Life O&quot;s Redding was born on Sept 9 th , 1941.

385 views • 27 slides
Java vs C/C++ Cliff Click www.azulsystems.com/blogs Java vs C/C++ &quot;I declare a

Java vs C/C++ Cliff Click www.azulsystems.com/blogs Java vs C/C++ &quot;I declare a

Java vs C/C++ Cliff Click www.azulsystems.com/blogs Java vs C/C++ &quot;I declare a Flamewar!!!!&quot; Flamewar!!!!&quot; Lots of noise &amp; heat Not many facts Lots of obvious mistakes being made Situation is more subtle

369 views • 25 slides
Coalitions Powerpoint Presentation Billings Area 2011 1 In Level 1 we talked about STARTING

Coalitions Powerpoint Presentation Billings Area 2011 1 In Level 1 we talked about STARTING

Coalitions Powerpoint Presentation Billings Area 2011 1 In Level 1 we talked about STARTING coalitions. In Level 2 we will talk about MAINTAINING coalitions. Go through Level 1 &amp; Level 2 Objectives. Level 1 objectives: * Describe the

669 views • 31 slides
D EVICES IN N ETWORK : Intro D EVELOPMENT OF CDP AND LLDP Theory Module S IMULATION M ODULES FOR

D EVICES IN N ETWORK : Intro D EVELOPMENT OF CDP AND LLDP Theory Module S IMULATION M ODULES FOR

D ISCOVERING N EIGHBORING D EVICES IN N ETWORK : Intro D EVELOPMENT OF CDP AND LLDP Theory Module S IMULATION M ODULES FOR OMN E T++ Testing Outro Vladimr VESEL , Tom Rajca 4 TH OMN E T++ C OMMUNITY S UMMIT 7 TH -8 TH S EPTEMBER 2017,

397 views • 10 slides
Quantifying the Effectiveness of First-Hop Redundancy Protocols in IP Networks Paul Bourne

Quantifying the Effectiveness of First-Hop Redundancy Protocols in IP Networks Paul Bourne

Click to edit Master title style Quantifying the Effectiveness of First-Hop Redundancy Protocols in IP Networks Paul Bourne Neville Palmer &amp; Jan S krabala 20 August 2018 Click to edit Master title style Presentation Outline S

364 views • 10 slides
FINANCIAL AID The Need to Know for Students GREETINGS! Deanna Foley Financial Aid Advisor

FINANCIAL AID The Need to Know for Students GREETINGS! Deanna Foley Financial Aid Advisor

FINANCIAL AID The Need to Know for Students GREETINGS! Deanna Foley Financial Aid Advisor FAFSA DEADLINE May 1 st is the deadline for the PA State grant, but other institutions may have earlier deadlines You can renew your FAFSA

444 views • 22 slides
GLOBAL MARKETS IN 2018 Equities, Bonds, Cryptocurrencies, and Gold Monty Guild, Founder and

GLOBAL MARKETS IN 2018 Equities, Bonds, Cryptocurrencies, and Gold Monty Guild, Founder and

GLOBAL MARKETS IN 2018 Equities, Bonds, Cryptocurrencies, and Gold Monty Guild, Founder and Chief Investment Officer BOOTH 225 GRADING THE GLOBAL BACKDROP 12400 Wilshire Blvd. Los Angeles CA 90025 Booth 225 www.guildinvestment.com

155 views • 12 slides

More recommend