Wide-Area Internet Measurement at MIT: Data Collection and Analysis - - PowerPoint PPT Presentation

▶

Oct 04, 2022 128 likes •285 views

Wide-Area Internet Measurement at MIT: Data Collection and Analysis Nick Feamster, Dave Andersen, Hari Balakrishnan M.I.T. Laboratory for Computer Science {feamster,dga,hari}@lcs.mit.edu Collection: Infrastructure and Data Topology: 31 widely

SLIDE 1

Wide-Area Internet Measurement at MIT: Data Collection and Analysis

Nick Feamster, Dave Andersen, Hari Balakrishnan

M.I.T. Laboratory for Computer Science

{feamster,dga,hari}@lcs.mit.edu

SLIDE 2

Collection: Infrastructure and Data

Topology: 31 widely distributed nodes (RON testbed)

Stratum 1 NTP servers, CDMA time sync

Active Probes

Periodic pairwise probes; local logging for 1-way loss and delay. Failure: 3 consecutive lost probes, >2 minutes

Failure-triggered traceroutes Daily pairwise traceroutes over testbed topology iBGP Feeds at 8 measurement hosts (Zebra)

AS 7015 AS 174 AS 1 AS 10578

Border Router

AS 3 (MIT)

iBGP eBGP Monitor

These change!

Data pushed to centralized measurement box.

SLIDE 3

General Issues with Data

Changes in connectivity

IP renumbering sometimes breaks BGP sessions Upstream providers change

Home-brew tools (sometimes buggy...keep raw files!) Management

Continuous collection vs. archival (snapshots take space) MySQL Table Corruption, Disk failures, etc. Collection machine downtime (power outages, moves, etc.) Complaints (pre-emption: DNS TXT record, mailing Nanog, etc.)

Collection subtleties

Keeping track of downtimes, session resets, etc. hosts are not firewalled Some hosts located in "core" (e.g., GBLX hosts) iBGP sessions to border router on the same LAN

SLIDE 4

BGP Monitor Overview http://bgp.lcs.mit.edu/

General BGP update summaries by:

Time period Origin AS, AS Path Prefix (exact, all subnets, etc.)

Graph and List Outputs Useful for diagnosis in practice

www.merit.edu/mail.archives/nanog/2002-11/msg00230.html

SLIDE 5

Diurnal BGP Update Activity from Level3

100 200 300 400 500 600 00:00:00 2003/12/01 00:00:00 2003/12/02 00:00:00 2003/12/03 00:00:00 2003/12/04 00:00:00 2003/12/05 00:00:00 2003/12/06 00:00:00 2003/12/07 00:00:00 2003/12/08 Updates Date Updates from 12/01/2003 -- 00:00:00 to 12/08/2003 -- 00:00:00 for AS 701,3356,7018 701 Announcements 3356 Announcements 7018 Announcements

SLIDE 6

Project 1: Failure Characterization Study

"Measuring the Effects of Internet Path Faults on Reactive Routing"

N. Feamster, D. Andersen, H. Balakrishnan, M.F. Kaashoek

In Proc. SIGMETRICS 2003

Location: Where do failures appear? Duration: How long do failures last? Correlation: Do failures correlate with BGP instability?

SLIDE 7

Relating Path Failures and BGP messages

BGP Messages F ailures 6:00am 12:00pm

◊ ◊ ◊ ◊◊

b b b b b b b b b b

Technique 1: Cross-correlation of time-based signals Technique 2: Consider a failure and look for BGP (and vice versa)

SLIDE 8

Do failures correlate with routing instability?

Failures typically occur several minutes before BGP activity.

0.05 0.1 0.15 0.2 0.25 0.3 0.35 0.4 0.45

5 10 15 20 Cross-Correlation Time with respect to BGP message (minutes) CCI Greece Korea Nortel

SLIDE 9

Which failures correlate with instability?

Failures that appear near end hosts are less likely to coincide with BGP instability. 60% of failures that appeared at least three hops from an end host coincided with at least one BGP message. 22% of failures within one hop of an end host coincided with at least one BGP message.

Just because an ISP is reachable doesn’t mean its customers are reachable!

SLIDE 10

To put it another way...

0.2 0.4 0.6 0.8 1 2 4 6 8 10 12 14

Cumulative Probability of Seeing BGP Time after failure (min)

CCI Greece Korea Nortel

SLIDE 11

Surprise: BGP messages precede failures!

0.2 0.4 0.6 0.8 1

5 10 15

Cumulative Probability of Seeing BGP Time before/after failure (min)