network monitoring in high speed links
play

Network monitoring in high-speed links Algorithms and challenges - PowerPoint PPT Presentation

Aug 29, 2023 •259 likes •753 views

Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Network monitoring in high-speed links Algorithms and challenges Pere Barlet-Ros Advanced Broadband Communications Center (CCABA) Universitat

  1. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Network monitoring in high-speed links Algorithms and challenges Pere Barlet-Ros Advanced Broadband Communications Center (CCABA) Universitat Politècnica de Catalunya (UPC) http://monitoring.ccaba.upc.edu pbarlet@ac.upc.edu NGI course, 30 Nov. 2010 1 / 36

  2. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Outline Network monitoring 1 Addressing the technological barriers 2 Use cases 3 Addressing the social barriers 4 2 / 36

  3. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Outline Network monitoring 1 Introduction Active monitoring Passive monitoring Technological and social barriers Addressing the technological barriers 2 Use cases 3 Addressing the social barriers 4 3 / 36

  4. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Introduction to network monitoring Process of measuring network systems and traffic Routers, switches, servers, . . . Network traffic volume, type, topology, . . . Monitoring is crucial for network operation and management Traffic engineering, capacity planning, BW management Fault diagnosis, troubleshooting, performance evaluation Accounting, billing, security, . . . Network measurements are important for networking research Design and evaluation of protocols, applications, . . . Traffic modeling and characterization Network monitoring is very challenging and datasets scarce From technological and “social” standpoint 4 / 36

  5. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Classification Classification of network monitoring tools and methods Hardware vs. software Online vs. offline LAN vs. WAN Protocol level Active vs. passive 5 / 36

  6. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Active monitoring Active tools are based on traffic injection Probe traffic generated by a measurement device Response to probe traffic is measured Pros: Flexibility Devices can be deployed at the edge (e.g., end-hosts) No instrumentation at the core is needed Measurement does not directly rely on existing traffic Cons: Intrusiveness Probe traffic can degrade network performance Probe traffic can impact on the measurement itself Main usages Performance evaluation (e.g., ping) Bandwidth estimation (e.g., pathload) Topology discovery (e.g., traceroute) 6 / 36

  7. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Passive monitoring Traffic collection from inside the network Routers and switches (e.g., Cisco NetFlow) Passive devices (e.g., libpcap, DAG cards, optical taps) Pros: Transparency Network performance is not affected No additional traffic is injected Useful even with a single measurement point Cons: Complexity Requires administrative access to network devices Requires explicit presence of traffic under study Online collection and analysis is hard (e.g., sampling) Privacy concerns Multiple and diverse usages Traffic analysis and classification, . . . Anomaly and intrusion detection, . . . 7 / 36

  8. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Technological and social barriers Datasets and platforms for research purposes are limited Outdated datasets Academic traffic only Anonymized and without payloads Technological barriers Internet was designed without monitoring in mind Collection of Gb/s and storage of TB/day Links speeds increase at faster pace than processing speeds Building monitoring apps is error-prone and time-consuming Social barriers Lack of coordination between projects ISPs have no incentive to share information Privacy and competition concerns Monitoring hardware is expensive and difficult to manage 8 / 36

  9. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Outline Network monitoring 1 Addressing the technological barriers 2 Bloom filters Bitmap algorithms Direct bitmaps and variants Bitmaps over sliding windows Use cases 3 Addressing the social barriers 4 9 / 36

  10. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Technological challenges Few ns per packet Interarrivals 8 ns (40Gb/s), 32 ns (10Gb/s) Memory access times < 10 ns (SRAM), tens of ns (DRAM) Obtaining simple metrics becomes extremely challenging Approaches based on hash tables do not scale Core of most monitoring algorithms E.g., Active flows, flow size distribution, heavy hitter detection, delay, entropy, sophisticated sampling, . . . Probabilistic approach: trade accuracy for speed Extremely efficient compared to compute exact answer Fit in SRAM, 1 access/pkt Probabilistic guarantees (bounded error) 10 / 36

  11. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Bloom filters 1 Space-efficient data structure to test set membership Based on hashing (e.g., pseudo-random hash functions) Examples of usage in network monitoring Replace hash tables to check if a flow has already been seen Definition of flow is flexible Advantages Small memory (SRAM) is needed compared to hash tables Limitations False positives are possible Removals are not possible (counting variants can support them) 1 B. H. Bloom. Space/time trade-offs in hash coding with allowable errors. Commun. ACM, 13(7), 1970. 11 / 36

  12. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Bloom filters Parameters k : #hash functions m : size of the bitmap p : false positive rate n : #elements in the filter (max) Figure: Example of a bloom filter 2 2 A. Broder and M. Mitzenmacher. Network Applications of Bloom Filters: A Survey. Internet Mathematics, 1(4), 2005. 12 / 36

  13. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Direct bitmaps (linear counting) 3 Space-efficient algorithms to count the number of unique items E.g., useful to count the number of flows over a fixed time interval Basic idea Each flow hashes to one position (and all its packets) Counting the number of 1’s is inaccurate due to collisions Count the number of unset positions instead E.g., 20KB to count 1M flows with 1% error Estimate formulae Flow hashes to a given bit: p = 1 / b No flow hashes to a given bit: p z = ( 1 − p ) n ≈ ( 1 / e ) n / b Expected non-set bits: E [ z ] = bp z ≈ b ( 1 / e ) n / b Estimated number of flows: ˆ n = b ln ( b / z ) 3 K.-Y. Whang et al . A linear-time probabilistic counting algorithm for database applications. ACM Trans. Database Syst., 15(2), 1990. 13 / 36

  14. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Bitmap variants 4 Direct bitmaps scale linearly with the number of flows Variants: Virtual, multiresolution, adaptive, triggered bitmaps, . . . 4 C. Estan, G. Varghese, M. Fisk. Bitmap algorithms for counting active flows on high speed links. IEEE/ACM Trans. Netw. 14(5), 2006. 14 / 36

  15. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Bitmaps over sliding windows Timestamp Vector (TSV) 5 Vector of timestamps (instead of bits) O ( n ) query cost Countdown Vector (CDV) 6 Vector of small timeout counters (instead of full timestamps) Independent query and update processes O ( 1 ) query cost 5 H. Kim, D. O’Hallaron. Counting network flows in real time. In Proc. of IEEE Globecom, Dec. 2003. 6 J. Sanjuàs-Cuxart et al . Counting flows over sliding windows in high speed networks. In Proc. of IFIP/TC6 Networking, May 2009. 15 / 36

  16. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers CDV and TSV performance 30-min trace, 271 Mbps, 1 query/s, 50K/10s-1.8M/min flows 7 6 5 2.5 x 10 3 x 10 0.020 0.020 0.020 0.020 w = 10 s, average error TSV TSV w = 10 s, 95−percentile of error w = 300 s, average error TSV (extension) TSV (extension) w = 300 s, 95−percentile of error w = 600 s, average error CDV CDV 2.5 w = 600 s, 95−percentile of error 2 0.015 0.015 0.015 0.015 2 1.5 accesses/s relative error 0.010 0.010 0.010 0.010 Bytes 1.5 1 1 0.005 0.005 0.005 0.005 0.5 0.5 0.000 0.000 0.000 0.000 0 0 5 5 5 5 10 10 10 10 15 15 15 15 20 20 20 20 10 30 60 120 300 600 10 30 60 120 300 600 window window counter initialization value 7 A hash table would require several MBs with these settings 16 / 36

  17. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Outline Network monitoring 1 Addressing the technological barriers 2 Use cases 3 Load shedding Lossy difference aggregator Addressing the social barriers 4 17 / 36

  18. Network monitoring Addressing the technological barriers Use cases Addressing the social barriers Overload problem Previous solutions focus on a particular metric They are not valid for any (arbitrary) monitoring application Monitoring systems are prone to dramatic overload situations Link speeds, anomalous traffic, bursty traffic nature . . . Complexity of traffic analysis methods Overload situations lead to uncontrolled packet loss Severe and unpredictable impact on the accuracy of applications . . . when results are most valuable!! 18 / 36

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Software Defined Monitoring: Research Platform for High Speed Network Monitoring (31st NMRG

Software Defined Monitoring: Research Platform for High Speed Network Monitoring (31st NMRG

Software Defined Monitoring: Research Platform for High Speed Network Monitoring (31st NMRG Meeting Zrich, Switzerland) Luk Kekely , Viktor Pu, Jan Ko renek (kekely,pus,korenek@cesnet.cz) 14. 10. 2013 Czech NREN Cesnet PIONEER

684 views • 24 slides
Using Low-Speed Links for High-Speed Wireless Data Delivery Henning Schulzrinne Dept. of

Using Low-Speed Links for High-Speed Wireless Data Delivery Henning Schulzrinne Dept. of

Using Low-Speed Links for High-Speed Wireless Data Delivery Henning Schulzrinne Dept. of Computer Science Columbia University (with Stelios Sidiroglou and Maria Papadopouli) ORBIT Research Review - May 13, 2004 1 Overview Disconnected

226 views • 22 slides
High Speed Links in HEP @ Fermilab Alan G. Prosser Detector R&amp;D Advisory Group 12 April 2018

High Speed Links in HEP @ Fermilab Alan G. Prosser Detector R&amp;D Advisory Group 12 April 2018

High Speed Links in HEP @ Fermilab Alan G. Prosser Detector R&amp;D Advisory Group 12 April 2018 High Speed Links in HEP @ Fermilab Outline Some History of Link Development @ FNAL Anatomy of Link and Components (Versatile Link Plus)

272 views • 12 slides
Optical High-speed Links Institute for Data Processing and Electronics Marc Schneider, Djorn

Optical High-speed Links Institute for Data Processing and Electronics Marc Schneider, Djorn

Optical High-speed Links Institute for Data Processing and Electronics Marc Schneider, Djorn Karnick, Lars Eisenbltter, Yunlong Zhang, Julius Hartmann, Thomas Khner, Marc Weber 2017-10-17 www.kit.edu KIT The Research University in the

1.03k views • 19 slides
for the High Speed Monitoring of the Radioactive Concentration of Wastewater In Situ H. Fukui*,

for the High Speed Monitoring of the Radioactive Concentration of Wastewater In Situ H. Fukui*,

The 13 th SWWS Sep. 2016 Demonstration Testing of a System for the High Speed Monitoring of the Radioactive Concentration of Wastewater In Situ H. Fukui*, H. Oota*, H. Hirano*, T. Hatano** and H. Saito*** * Kajima Corporation ** National

501 views • 22 slides
HIGH SPEED UK ..connecting the nation Colin Elliff BSc CEng MICE Civil Engineering Principal,

HIGH SPEED UK ..connecting the nation Colin Elliff BSc CEng MICE Civil Engineering Principal,

HIGH SPEED UK ..connecting the nation Colin Elliff BSc CEng MICE Civil Engineering Principal, HSUK www.highspeeduk.co.uk HIGH SPEED 2 HS2 original concept: The HS2 Y Fast links to London &amp; Birmingham Heathrow spur

533 views • 31 slides
COMBILASER COMbination of non-contact, Stefan Kaierle high speed monitoring and non- Laser

COMBILASER COMbination of non-contact, Stefan Kaierle high speed monitoring and non- Laser

COMBILASER COMbination of non-contact, Stefan Kaierle high speed monitoring and non- Laser Zentrum destructive techniques Hannover e.V. applicable to LASER Based Manufacturing through a self- learning system Fact sheet Partners:

356 views • 12 slides
High Speed Traffic Analysis for High-Speed Traffic Analysis for Security: Challenges &amp;

High Speed Traffic Analysis for High-Speed Traffic Analysis for Security: Challenges &amp;

High Speed Traffic Analysis for High-Speed Traffic Analysis for Security: Challenges &amp; Approaches Security: Challenges &amp; Approaches C-DAC Asia-Pacific Advanced Network 32 nd Meeting, India Habitat Centre, New Delhi APAN 32nd Meeting,

647 views • 28 slides
UKLIGHT: projects at UCL Saleem Bhatti http://www.cs.ucl.ac.uk/staff/S.Bhatti/ 1 Challenges

UKLIGHT: projects at UCL Saleem Bhatti http://www.cs.ucl.ac.uk/staff/S.Bhatti/ 1 Challenges

UKLIGHT: projects at UCL Saleem Bhatti http://www.cs.ucl.ac.uk/staff/S.Bhatti/ 1 Challenges High-speed (multi-Gb/s) operation: network engineering for high-speed QoS at high speed within the core network QoS for individual

493 views • 16 slides
CBCN4103 CBCN4103 A LAN LAN is a high-speed data network that covers a relatively small

CBCN4103 CBCN4103 A LAN LAN is a high-speed data network that covers a relatively small

CBCN4103 CBCN4103 A LAN LAN is a high-speed data network that covers a relatively small geographic area. It typically connects workstations, personal computers, k l printers, servers, and other devices. LANs offer computer users many

742 views • 26 slides
Firewall Architectures for High-Speed Networks Errin W. Fulp DOE Network Research PI Meeting

Firewall Architectures for High-Speed Networks Errin W. Fulp DOE Network Research PI Meeting

Firewall Architectures for High-Speed Networks Errin W. Fulp DOE Network Research PI Meeting September 28, 2005 1 Project Objectives Methods that improve network firewall performance 1. Develop policy optim ization techniques Formal

221 views • 9 slides
Operationalizing Yarrp: High-Speed Active Network Topology Mapping from AWS

Operationalizing Yarrp: High-Speed Active Network Topology Mapping from AWS

Operationalizing Yarrp: High-Speed Active Network Topology Mapping from AWS https://yarrp.nps.tancad.net/ Justin P. Rohrer (jprohrer@nps.edu) Department of Computer Science US Naval Postgraduate School AIMS-KISMET, February 28, 2020 1

538 views • 16 slides
SMARTxAC SMARTxAC Collaboration agreement started on July 2003 h UPC (Technical University of

SMARTxAC SMARTxAC Collaboration agreement started on July 2003 h UPC (Technical University of

SMARTxAC: Traffic Monitoring and Analysis System for high-speed links Pere Barlet Josep Sol-Pareta Jordi Domingo-Pascual Advanced Broadband Communications Center (CCABA) {pbarlet, pareta, jordid}@ac.upc.es Technical University

561 views • 23 slides
Statewide High Speed Network networkMaryland TM Advisory Group Meeting January 15, 2008

Statewide High Speed Network networkMaryland TM Advisory Group Meeting January 15, 2008

Statewide High Speed Network networkMaryland TM Advisory Group Meeting January 15, 2008 Annapolis, MD Meeting Agenda Welcome &amp; Introductions State of the Network Status of Project Pricing Model Discussion Other Business 2

423 views • 29 slides
Statewide High Speed Network networkMaryland Advisory Group Meeting September 19, 2006

Statewide High Speed Network networkMaryland Advisory Group Meeting September 19, 2006

Statewide High Speed Network networkMaryland Advisory Group Meeting September 19, 2006 Annapolis, Maryland MEETING AGENDA Welcome &amp; Introductions State of the Network Status of Project Other Business 2 Welcome

421 views • 22 slides
Complex network planning methodology and framework Mitcsenkov Attila (BME TMIT, High Speed

Complex network planning methodology and framework Mitcsenkov Attila (BME TMIT, High Speed

Image: Sumitomo Electric Lightwave Computer aided network planning and techno-economic assessment of next generation optical access networks Complex network planning methodology and framework Mitcsenkov Attila (BME TMIT, High Speed Networks

851 views • 51 slides
U of I Social Media Conference Survey Results (240 Respondents) How proficient are you with

U of I Social Media Conference Survey Results (240 Respondents) How proficient are you with

U of I Social Media Conference Survey Results (240 Respondents) How proficient are you with social media? Which social media pla=orms do you use for work? Other includes: Blog Snapchat Reddit Flickr Tumblr Sina

380 views • 15 slides
ACHIEVING SOCIAL CHANGE THROUGH PARTICIPATION AND ACTION: AN ANALYSIS OF COMMUNITY-BASED RESEARCH

ACHIEVING SOCIAL CHANGE THROUGH PARTICIPATION AND ACTION: AN ANALYSIS OF COMMUNITY-BASED RESEARCH

ACHIEVING SOCIAL CHANGE THROUGH PARTICIPATION AND ACTION: AN ANALYSIS OF COMMUNITY-BASED RESEARCH AND RELATED THEORETICAL PERSPECTIVES Presented by: Anna M. Kleiner Department of Sociology and Criminal Justice Southeastern Louisiana

283 views • 6 slides
Welcome to the ESRD Network of the South Atlantic Supporting Gainful Employment of ESRD

Welcome to the ESRD Network of the South Atlantic Supporting Gainful Employment of ESRD

Welcome to the ESRD Network of the South Atlantic Supporting Gainful Employment of ESRD Patients: Vocational Rehabilitation Quality Improvement Activity April Webinar We will be starting the webinar momentarily April 18, 2018 2pm Supporting

880 views • 49 slides
The Dynamic Desktop Agenda 5 signs of a broken desktop Jonty Pearce, Editor, Call Centre

The Dynamic Desktop Agenda 5 signs of a broken desktop Jonty Pearce, Editor, Call Centre

The Dynamic Desktop Agenda 5 signs of a broken desktop Jonty Pearce, Editor, Call Centre Helper The Dynamic Desktop Paul White, CEO mplsystems Customer Case Study Richard Wilcox, Operations Manager, Express Medicals

145 views • 12 slides
Project Recap Jiasi Chen CS 179i: Project in Computer Science (Networks) Lectures: Monday

Project Recap Jiasi Chen CS 179i: Project in Computer Science (Networks) Lectures: Monday

Project Recap Jiasi Chen CS 179i: Project in Computer Science (Networks) Lectures: Monday 3:10-4pm in Spieth 1307 http://www.cs.ucr.edu/~jiasi/teaching/cs179i_winter16/ 1 Project Topics Security BitTorrent with TOR Personalized

259 views • 8 slides
Summary User-centric Social Social Multimedia Multimedia Computing From Users: user-perceptive

Summary User-centric Social Social Multimedia Multimedia Computing From Users: user-perceptive

Summary User-centric Social Social Multimedia Multimedia Computing From Users: user-perceptive Content User-centric Cross-Network multimedia content analysis Multimedia computing On Users: social multimedia User activity-based user

498 views • 22 slides
UW TechConnect Conference Key points to remember: v Networking event starts at 3:45 in the HUB

UW TechConnect Conference Key points to remember: v Networking event starts at 3:45 in the HUB

Welcome to our 5th annual UW TechConnect Conference Key points to remember: v Networking event starts at 3:45 in the HUB Ballroom v Use #uwtechconnect to connect on social v Be sure to check-in with your Husky Card Benchmarking and Analytics:

418 views • 17 slides
CSE 291D/234 Data Systems for Machine Learning Arun Kumar Topic 4: Data Sourcing and

CSE 291D/234 Data Systems for Machine Learning Arun Kumar Topic 4: Data Sourcing and

CSE 291D/234 Data Systems for Machine Learning Arun Kumar Topic 4: Data Sourcing and Organization for ML Chapters 8.1 and 8.3 of MLSys book 1 Data Sourcing in the Lifecycle Feature Engineering Data acquisition Serving Training &amp;

895 views • 70 slides

More recommend