How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik

Size: px
Start display at page:

Download "How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik nino.ciurleo@garr.it"

Transcription

1 How NOC manages and controls inter-domain traffic? 5 th tf-noc meeting, Dubrovnik

2 Agenda Inter-domain traffic: o how does NOC monitor and control it? Common case as example: new BGP peer activation -> new uncontrolled traffic balance Tools: o Control plane bgpviz (Ripe RIS) -> partial or limited information o Traffic port counters -> indistinct traffic Class usage counters -> AS peer stats only Netflow data -> AS origin per port stats How to collect AS origin data o Implementation Example: GARR AsTracker

3 Inter-domain traffic border traffic BGP protocol

4 Inter-domain traffic peers differ in: policy cost type of traffic

5 Inter-domain traffic: asymmetries

6 Inter-domain traffic: balancing

7 Common case: new peering

8 New traffic balance Due to unpredictable reason (often commercial policy) some traffic moves from some peer to new one

9 New traffic balance Interface counters show how much traffic swapped on new peer, but what traffic is moved from old peers to new one?

10 Available helpful tools: Control plane obgpviz (Ripe RIS) Traffic oport counters ofirewall filter counters onetflow data deployment effort ascending order

11 Ripe RIS / BGPViz Worldwide distributed route servers collect bgp routes Historical world bgp data. bgp update graphical visualization

12 Ripe RIS / BGPViz It help to understand inter-domain traffic reroutes Limits: few collection points (RIS route servers) = some ASes only no traffic amount information

13 Ripe RIS / BGPViz Make a request about a worldwide announced network timeslot selection

14 Ripe RIS / BGPViz

15 Ripe RIS / BGPViz update LOG example: changing path from to changing path from to changing path from to changing path from to changing path from to changing path from to changing path from to changing path from to changing path from to changing path from to changing path from to changing path from to changing path from to

16 Interface counters got by snmp protocol interface aggregated traffic o no details about moved traffic

17 Class usage counters Source and Destination Class Usage as-path based counters useful for IXP peering o peer aggregate traffic number of class usage limited

18 Netflow data IP flow data: got by Netflow protocol IP flow (unidirectional) data: o protocol o IP addresses, o TCP/UDP ports, o AS numbers, o input/output interfaces, o TCP flags, o counters(bytes, pkts, flows) two choices: AS peer or AS origin It is possible to get worldwide AS stats ~ AS stats historical data (RRD files) per interface AS stats, good for analysis on: o balancing o asymmetries o re-routing

19 How to collect AS data implementation example = GARR AsTracker AS ranks single flow deep analysis simple AS stats multi AS (stacked) stats per user-as couple analysis

20 GARR AsTracker Real-time views Historical views data grouped by type: research commodity peer national IXPs direct peering Aggregates: by group stacked

21 GARR AsTracker backend: o make RRD o fill a database with AS stats for ranking pourpose o written in C language frontend o GUI: AS live ranking graph generation aggregations deep flow inspection o written in php (nfsen plugin)

22 GARR AsTracker homepage (live) all group aggregate "stacked" (some ASes) peer view

23 GARR AsTracker AS Traffic ranks: by peer by group general one week one month three months

24 GARR AsTracker deep flow inspection: o by site lookup function o by flow

25 GARR AsTracker AsTracker is used for: load balancing and billing policies control inter-domain routing troubleshooting Network planning

26 Example of use: new BGP peer = new traffic balance Telia + GlobalCrossing + Level3 New peering: Cogent

27 Tiscali AS example Telia (dismissed in september) Level3 GlobalCrossing Cogent (activated in november)

28 Tiscali AS example All TISCALI incoming traffic flows through GlobalCrossing All upcoming traffic is balanced flows through all commodity peers (GlobalCrossing, Level3 and Cogent)

29 Tiscali AS example

30 Tiscali AS example Traffic "close" to Rome goes through Cogent: RT.RM2-RE0>show route inet.0: destinations, routes ( active, 5 holddown, 614 hidden) + = Active Route, - = Last Active, * = Both /15 *[BGP/170] 2w6d 14:15:08, MED 11010, localpref 100 AS path: I > to via ge-4/1/0.44 [BGP/170] 2w3d 13:36:53, MED 0, localpref 100, from AS path: I > via so-4/0/0.0 [BGP/170] 1w1d 05:16:08, MED 2503, localpref 100, from AS path: I > via so-4/0/0.0 HOT POTATO!

31 Tiscali AS example Traffic "close" to Milan goes through Level3: RT.MI2-RE0> show route inet.0: destinations, routes ( active, 10 holddown, 249 hidden) + = Active Route, - = Last Active, * = Both /15 *[BGP/170] 2w3d 13:43:03, MED 0, localpref 100, from AS path: I > to via so-0/0/0.0 to via so-5/2/0.0 [BGP/170] 1w1d 05:22:18, MED 2503, localpref 100, from AS path: I > via so-3/0/0.0 [BGP/170] 2w6d 14:21:18, MED 11010, localpref 100, from AS path: I > via so-4/0/0.0 HOT POTATO!

32 Thanks for listening Questions?

33

34 Netflow data In case of IXP peerings, it is possible to understand what peer send our AS traffic with mac layer accounting data. This feature is supported by Netflow version 9 and IPFIX protocols only.

35

Cisco IOS Flexible NetFlow Technology

Cisco IOS Flexible NetFlow Technology Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application

More information

NfSen Plugin Supporting The Virtual Network Monitoring

NfSen Plugin Supporting The Virtual Network Monitoring NfSen Plugin Supporting The Virtual Network Monitoring Vojtěch Krmíček krmicek@liberouter.org Pavel Čeleda celeda@ics.muni.cz Jiří Novotný novotny@cesnet.cz Part I Monitoring of Virtual Network Environments

More information

Flow Analysis Versus Packet Analysis. What Should You Choose?

Flow Analysis Versus Packet Analysis. What Should You Choose? Flow Analysis Versus Packet Analysis. What Should You Choose? www.netfort.com Flow analysis can help to determine traffic statistics overall, but it falls short when you need to analyse a specific conversation

More information

Introduction. The Inherent Unpredictability of IP Networks # $# #

Introduction. The Inherent Unpredictability of IP Networks # $# # Introduction " $ % & ' The Inherent Unpredictability of IP Networks A major reason that IP became the de facto worldwide standard for data communications networks is its automated resiliency based on intelligent

More information

DDoS Mitigation Techniques

DDoS Mitigation Techniques DDoS Mitigation Techniques Ron Winward, ServerCentral CHI-NOG 03 06/14/14 Consistent Bottlenecks in DDoS Attacks 1. The server that is under attack 2. The firewall in front of the network 3. The internet

More information

! JANOG36!BoF!! maoke@bbix.net! paolo@pmacct.net!! JANOG36!mee:ng,!Kitakyushu!!Jul!2015!

! JANOG36!BoF!! maoke@bbix.net! paolo@pmacct.net!! JANOG36!mee:ng,!Kitakyushu!!Jul!2015! ! JANOG36!BoF!! maoke@bbix.net! paolo@pmacct.net!! JANOG36!mee:ng,!Kitakyushu!!Jul!2015! Introduc:on! JANOG36!mee:ng,!Kitakyushu!!Jul!2015! pmacct!is!openjsource,!free,!gpl ed!sooware! libpcap MySQL PgSQL

More information

Viete, čo robia Vaši užívatelia na sieti? Roman Tuchyňa, CSA

Viete, čo robia Vaši užívatelia na sieti? Roman Tuchyňa, CSA Viete, čo robia Vaši užívatelia na sieti? Roman Tuchyňa, CSA What is ReporterAnalyzer? ReporterAnalyzer gives network professionals insight into how application traffic is impacting network performance.

More information

The Value of Flow Data for Peering Decisions

The Value of Flow Data for Peering Decisions The Value of Flow Data for Peering Decisions Hurricane Electric IPv6 Native Backbone Massive Peering! Martin J. Levy Director, IPv6 Strategy Hurricane Electric 22 nd August 2012 Introduction Goal of this

More information

Monitoring and Troubleshooting BGP Neighbor Sessions

Monitoring and Troubleshooting BGP Neighbor Sessions Application Note Monitoring and Troubleshooting BGP Neighbor Sessions Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2000 or 888 JUNIPER www.juniper.net Part Number:

More information

Flow Analysis. Make A Right Policy for Your Network. GenieNRM

Flow Analysis. Make A Right Policy for Your Network. GenieNRM Flow Analysis Make A Right Policy for Your Network GenieNRM Why Flow Analysis? Resolve Network Managers Challenge as follow: How can I know the Detail and Real-Time situation of my network? How can I do

More information

Internet Routing Protocols Lecture 04 BGP Continued

Internet Routing Protocols Lecture 04 BGP Continued Internet Routing Protocols Lecture 04 BGP Continued Advanced Systems Topics Lent Term, 008 Timothy G. Griffin Computer Lab Cambridge UK Two Types of BGP Sessions AS External Neighbor (EBGP) in a different

More information

Understanding and Optimizing BGP Peering Relationships with Advanced Route and Traffic Analytics

Understanding and Optimizing BGP Peering Relationships with Advanced Route and Traffic Analytics Understanding and Optimizing BGP Peering Relationships with Advanced Route and Traffic Analytics WHITE PAPER Table of Contents Introduction 3 Route-Flow Fusion 4 BGP Policy Visibility 5 Traffic Visibility

More information

NetFlow: What is it, why and how to use it? Miloš Zeković, milos.zekovic@soneco.rs. ICmyNet Chief Customer Officer Soneco d.o.o.

NetFlow: What is it, why and how to use it? Miloš Zeković, milos.zekovic@soneco.rs. ICmyNet Chief Customer Officer Soneco d.o.o. NetFlow: What is it, why and how to use it?, milos.zekovic@soneco.rs Soneco d.o.o. Serbia Agenda What is NetFlow? What are the benefits? How to deploy NetFlow? Questions 2 / 22 What is NetFlow? NetFlow

More information

Border Gateway Protocol BGP4 (2)

Border Gateway Protocol BGP4 (2) Border Gateway Protocol BGP4 (2) Professor Richard Harris School of Engineering and Advanced Technology (SEAT) Presentation Outline Border Gateway Protocol - Continued Computer Networks - 1/2 Learning

More information

Monitoring backbone networks

Monitoring backbone networks R O N E N N M A N I A D U C A T I O E T W O R K Ro Net Edu Monitoring backbone networks Manuel Șubredu, Valeriu Vraciu RoEduNet Chișinău, September 9, 2014 Agenda Why? What? How? Tools? Facts! Why? A picture

More information

NetFlow & BGP multi-path: quo vadis?

NetFlow & BGP multi-path: quo vadis? NetFlow & BGP multi-path: quo vadis? Paolo Lucente Elisa Jasinska Netnod, Stockholm Agenda About Netflix About pmacct Brief digression on BGP ADD-PATHS Putting all

More information

TELCO challenge: Learning and managing the network behavior

TELCO challenge: Learning and managing the network behavior TELCO challenge: Learning and managing the network behavior M.Sc. Ljupco Vangelski CEO, Scope Innovations Kiril Oncevski NOC, ISP Neotel Skopje Presentation overview Challenges for the modern network monitoring

More information

pmacct: introducing BGP natively into a NetFlow/sFlow collector

pmacct: introducing BGP natively into a NetFlow/sFlow collector pmacct: introducing BGP natively into a NetFlow/sFlow collector Paolo Lucente the pmacct project AS286 http://www.pmacct.net/ SwiNOG #19 meeting, Berne, 29 th Sep 2009 pmacct:

More information

Scalable Extraction, Aggregation, and Response to Network Intelligence

Scalable Extraction, Aggregation, and Response to Network Intelligence Scalable Extraction, Aggregation, and Response to Network Intelligence Agenda Explain the two major limitations of using Netflow for Network Monitoring Scalability and Visibility How to resolve these issues

More information

J-Flow on J Series Services Routers and Branch SRX Series Services Gateways

J-Flow on J Series Services Routers and Branch SRX Series Services Gateways APPLICATION NOTE Juniper Flow Monitoring J-Flow on J Series Services Routers and Branch SRX Series Services Gateways Copyright 2011, Juniper Networks, Inc. 1 APPLICATION NOTE - Juniper Flow Monitoring

More information

Visualizing Traffic on Network Topology

Visualizing Traffic on Network Topology Visualizing Traffic on Network Topology NTT Communications, Kazunori Kamiya NTT Laboratories, Hiroshi Kurakami Agenda Company Introduction Motivation and Goals Things to consider Method of visualizing

More information

An overview of traffic analysis using NetFlow

An overview of traffic analysis using NetFlow The LOBSTER project An overview of traffic analysis using NetFlow Arne Øslebø UNINETT Arne.Oslebo@uninett.no 1 Outline What is Netflow? Available tools Collecting Processing Detailed analysis security

More information

IXP Manager Workshop. 27 th Euro-IX Forum October 25 th 2015 Berlin, Germany

IXP Manager Workshop. 27 th Euro-IX Forum October 25 th 2015 Berlin, Germany IXP Manager Workshop 27 th Euro-IX Forum October 25 th 2015 Berlin, Germany Barry O Donovan & Nick Hilliard, INEX Ireland s Internet Neutral Exchange Point operations@inex.ie What is IXP Manager? Full

More information

CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY

CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY CISCO INFORMATION TECHNOLOGY SEPTEMBER 2004 1 Overview Challenge To troubleshoot capacity and quality problems and to understand

More information

Network Monitoring and Management NetFlow Overview

Network Monitoring and Management NetFlow Overview Network Monitoring and Management NetFlow Overview These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/)

More information

ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B.

ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B. ICND2 NetFlow Question 1 What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring B. Network Planning C. Security Analysis D. Accounting/Billing Answer: A C D NetFlow

More information

Network Monitoring On Large Networks. Yao Chuan Han (TWCERT/CC) james@cert.org.tw

Network Monitoring On Large Networks. Yao Chuan Han (TWCERT/CC) james@cert.org.tw Network Monitoring On Large Networks Yao Chuan Han (TWCERT/CC) james@cert.org.tw 1 Introduction Related Studies Overview SNMP-based Monitoring Tools Packet-Sniffing Monitoring Tools Flow-based Monitoring

More information

Doing Don ts: Modifying BGP Attributes within an Autonomous System

Doing Don ts: Modifying BGP Attributes within an Autonomous System Doing Don ts: Modifying BGP Attributes within an Autonomous System Luca Cittadini, Stefano Vissicchio, Giuseppe Di Battista Università degli Studi RomaTre IEEE/IFIP Network Operations and Management Symposium

More information

Maintaining Non-Stop Services with Multi Layer Monitoring

Maintaining Non-Stop Services with Multi Layer Monitoring Maintaining Non-Stop Services with Multi Layer Monitoring Lahav Savir System Architect and CEO of Emind Systems lahavs@emindsys.com www.emindsys.com The approach Non-stop applications can t leave on their

More information

Watch your Flows with NfSen and NFDUMP 50th RIPE Meeting May 3, 2005 Stockholm Peter Haag

Watch your Flows with NfSen and NFDUMP 50th RIPE Meeting May 3, 2005 Stockholm Peter Haag Watch your Flows with NfSen and NFDUMP 50th RIPE Meeting May 3, 2005 Stockholm Peter Haag 2005 SWITCH What I am going to present: The Motivation. What are NfSen and nfdump? The Tools in Action. Outlook

More information

nfdump and NfSen 18 th Annual FIRST Conference June 25-30, 2006 Baltimore Peter Haag 2006 SWITCH

nfdump and NfSen 18 th Annual FIRST Conference June 25-30, 2006 Baltimore Peter Haag 2006 SWITCH 18 th Annual FIRST Conference June 25-30, 2006 Baltimore Peter Haag 2006 SWITCH Some operational questions, popping up now and then: Do you see this peek on port 445 as well? What caused this peek on your

More information

BGP Router Startup Message Flow

BGP Router Startup Message Flow LEG: Brief BGP Router Startup Message Flow This sequence diagram was generated with EventStudio System Designer (http://www.eventhelix.com/eventstudio). The Border Gateway Protocol (BGP) is an inter-autonomous

More information

Overview. Why use netflow? What is a flow? Deploying Netflow Performance Impact

Overview. Why use netflow? What is a flow? Deploying Netflow Performance Impact Netflow 6/12/07 1 Overview Why use netflow? What is a flow? Deploying Netflow Performance Impact 2 Caveats Netflow is a brand name like Kleenex. It was developed by Cisco Juniper uses the term cflowd for

More information

Redefine Network Visibility in the Data Center with the Cisco NetFlow Generation Appliance

Redefine Network Visibility in the Data Center with the Cisco NetFlow Generation Appliance White Paper Redefine Network Visibility in the Data Center with the Cisco NetFlow Generation Appliance What You Will Learn Modern data centers power businesses through a new generation of applications,

More information

Network forensics 101 Network monitoring with Netflow, nfsen + nfdump

Network forensics 101 Network monitoring with Netflow, nfsen + nfdump Network forensics 101 Network monitoring with Netflow, nfsen + nfdump www.enisa.europa.eu Agenda Intro to netflow Metrics Toolbox (Nfsen + Nfdump) Demo www.enisa.europa.eu 2 What is Netflow Netflow = Netflow

More information

Network Performance Monitoring at Minimal Capex

Network Performance Monitoring at Minimal Capex Network Performance Monitoring at Minimal Capex Some Cisco IOS technologies you can use to create a high performance network Don Thomas Jacob Technical Marketing Engineer About ManageEngine Network Servers

More information

Understanding Route Aggregation in BGP

Understanding Route Aggregation in BGP Understanding Route Aggregation in BGP Document ID: 5441 Contents Introduction Prerequisites Requirements Components Used Conventions Network Diagram Aggregate Without the as set Argument Aggregate with

More information

Lecture 18: Border Gateway Protocol"

Lecture 18: Border Gateway Protocol Lecture 18: Border Gateway Protocol" CSE 123: Computer Networks Alex C. Snoeren HW 3 due Wednesday! Some figures courtesy Mike Freedman Lecture 18 Overview" Path-vector Routing Allows scalable, informed

More information

IPV6 流 量 分 析 探 讨 北 京 大 学 计 算 中 心 周 昌 令

IPV6 流 量 分 析 探 讨 北 京 大 学 计 算 中 心 周 昌 令 IPV6 流 量 分 析 探 讨 北 京 大 学 计 算 中 心 周 昌 令 1 内 容 流 量 分 析 简 介 IPv6 下 的 新 问 题 和 挑 战 协 议 格 式 变 更 用 户 行 为 特 征 变 更 安 全 问 题 演 化 流 量 导 出 手 段 变 化 设 备 参 考 配 置 流 量 工 具 总 结 2 流 量 分 析 简 介 流 量 分 析 目 标 who, what, where,

More information

Global Network Mobility NANOG 31

Global Network Mobility NANOG 31 Ben Abarbanel cbbrouting@boeing.com Global Network Mobility NANOG 31 Implementing Global Network Mobility What is Connexion by Boeing? Summary of the problem Network and Service Challenges BGP as a mobility

More information

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes NetFlow Aggregation This document describes the Cisco IOS NetFlow Aggregation feature, which allows Cisco NetFlow users to summarize NetFlow export data on an IOS router before the data is exported to

More information

Passively Detecting Remote Connectivity Issues Using Flow Accounting. 2nd EMANICS Workshop on Netflow/IPFIX usage in network management

Passively Detecting Remote Connectivity Issues Using Flow Accounting. 2nd EMANICS Workshop on Netflow/IPFIX usage in network management Passively Detecting Remote Connectivity Issues Using Flow Accounting 2nd EMANICS Workshop on Netflow/IPFIX usage in network management 08.10.2009 Jacobs University Bremen, Germany Tim Kleefass, Simon Leinen

More information

Introduction to Cisco IOS Flexible NetFlow

Introduction to Cisco IOS Flexible NetFlow Introduction to Cisco IOS Flexible NetFlow Last updated: September 2008 The next-generation in flow technology allowing optimization of the network infrastructure, reducing operation costs, improving capacity

More information

BGP overview BGP operations BGP messages BGP decision algorithm BGP states

BGP overview BGP operations BGP messages BGP decision algorithm BGP states BGP overview BGP operations BGP messages BGP decision algorithm BGP states 1 BGP overview Currently in version 4. InterAS (or Interdomain) routing protocol for exchanging network reachability information

More information

Interdomain Routing. Project Report

Interdomain Routing. Project Report Interdomain Routing Project Report Network Infrastructure improvement proposal To Company A Team 4: Zhang Li Bin Yang Md. Safiqul Islam Saurabh Arora Network Infrastructure Improvement Interdomain routing

More information

Operation and Technical Best Practice. IXP Automation and Operational Efficiency

Operation and Technical Best Practice. IXP Automation and Operational Efficiency Operation and Technical Best Practice IXP Automation and Operational Efficiency IXP Cornerstones Governance Business Technical Technical Management Governance Development Business Technical Initial Setup

More information

Interdomain Routing. Outline

Interdomain Routing. Outline Interdomain Routing David Andersen 15-744 Spring 2007 Carnegie Mellon University Outline What does the Internet look like? Relationships between providers Enforced by: Export filters and import ranking

More information

The use of SNMP and other network management tools in UNINETT. Arne Øslebø arne.oslebo@uninett.no March 4, 2014

The use of SNMP and other network management tools in UNINETT. Arne Øslebø arne.oslebo@uninett.no March 4, 2014 The use of SNMP and other network management tools in UNINETT Arne Øslebø arne.oslebo@uninett.no March 4, 2014 1 UNINETTs network GEANT 3 4 What is monitored? Link status Are all connections up? General

More information

Advanced BGP Policy. Advanced Topics

Advanced BGP Policy. Advanced Topics Advanced BGP Policy George Wu TCOM690 Advanced Topics Route redundancy Load balancing Routing Symmetry 1 Route Optimization Issues Redundancy provide multiple alternate paths usually multiple connections

More information

Class of Service (CoS) in a global NGN

Class of Service (CoS) in a global NGN Class of Service (CoS) in a global NGN Zukunft der Netze Chemnitz 2009 8. Fachtagung des ITG-FA 5.2 Thomas Martin Knoll Chemnitz University of Technology Communication Networks Phone 0371 531 33246 Email

More information

TECHNOLOGY WHITE PAPER. Correlating SDN overlays and the physical network with Nuage Networks Virtualized Services Assurance Platform

TECHNOLOGY WHITE PAPER. Correlating SDN overlays and the physical network with Nuage Networks Virtualized Services Assurance Platform TECHNOLOGY WHITE PAPER Correlating SDN overlays and the physical network with Nuage Networks Virtualized Services Assurance Platform Abstract Enterprises are expanding their private clouds and extending

More information

NetStream (Integrated) Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date 2012-9-6

NetStream (Integrated) Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date 2012-9-6 (Integrated) Technology White Paper Issue 01 Date 2012-9-6 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means

More information

Traffic analysis with NetFlow

Traffic analysis with NetFlow Traffic analysis with NetFlow Paolo Lucente http://www.pmacct.net/ RIPE Regional meeting, Dubrovnik Sep 2011 Traffic analysis with NetFlow Agenda o o whoami: Paolo & pmacct Ramblings:

More information

NetFlow & BGP multi-path: quo vadis?

NetFlow & BGP multi-path: quo vadis? NetFlow & BGP multi-path: quo vadis? Paolo Lucente Elisa Jasinska NANOG61, Bellevue Agenda About Netflix About pmacct Brief digression on BGP ADD-PATHS Putting all

More information

perfsonar MDM release 3.0 - Product Brief

perfsonar MDM release 3.0 - Product Brief perfsonar MDM release 3.0 - Product Brief In order to provide the fast, reliable and uninterrupted network communication that users of the GÉANT 2 research networks rely on, network administrators must

More information

IAB IPv6 Multi-Homing BOF. Jason Schiller Senior Internet Network Engineer IP Core Infrastructure Engineering UUNET / MCI

IAB IPv6 Multi-Homing BOF. Jason Schiller Senior Internet Network Engineer IP Core Infrastructure Engineering UUNET / MCI IAB IPv6 Multi-Homing BOF Jason Schiller Senior Internet Network Engineer IP Core Infrastructure Engineering UUNET / MCI Multi-homing Problems Inbound to the destination traffic engineering is needed Current

More information

Grids & networks monitoring - practical approach

Grids & networks monitoring - practical approach Session 2 Networking for the Grid Grids & networks monitoring - practical approach Jedrzej Jajor Cezary Mazurek Wiktor Procyk INGRID 2007 Instrumenting the Grid Outline Introduction to monitoring Tools:

More information

NetFlow/IPFIX Various Thoughts

NetFlow/IPFIX Various Thoughts NetFlow/IPFIX Various Thoughts Paul Aitken & Benoit Claise 3 rd NMRG Workshop on NetFlow/IPFIX Usage in Network Management, July 2010 1 B #1 Application Visibility Business Case NetFlow (L3/L4) DPI Application

More information

Introduction to Netflow

Introduction to Netflow Introduction to Netflow Mike Jager Network Startup Resource Center mike.jager@synack.co.nz These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International license (http://creativecommons.org/licenses/by-nc/4.0/)

More information

APNIC elearning: BGP Attributes

APNIC elearning: BGP Attributes APNIC elearning: BGP Attributes Contact: training@apnic.net erou04_v1.0 Overview BGP Attributes Well-known and Optional Attributes AS Path AS Loop Detection ibgp and ebgp Next Hop Next Hop Best Practice

More information

Embedded BGP Routing Monitoring. Th. Lévy O. Marcé

Embedded BGP Routing Monitoring. Th. Lévy O. Marcé Embedded BGP Routing Monitoring Th. Lévy O. Marcé Introduction & Motivations Off-line BGP routing monitoring initiatives (i.e based on router logs) already exist: Periodic report : The CIDR Report Objective

More information

BGP Best Path Selection Algorithm

BGP Best Path Selection Algorithm BGP Best Path Selection Algorithm Document ID: 13753 Contents Introduction Prerequisites Requirements Components Used Conventions Why Routers Ignore Paths How the Best Path Algorithm Works Example: BGP

More information

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January 29. 2007

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January 29. 2007 Multihoming and Multi-path Routing CS 7260 Nick Feamster January 29. 2007 Today s Topic IP-Based Multihoming What is it? What problem is it solving? (Why multihome?) How is it implemented today (in IP)?

More information

A FAULT MANAGEMENT WHITEPAPER

A FAULT MANAGEMENT WHITEPAPER ManageEngine OpManager A FAULT MANAGEMENT WHITEPAPER Fault Management Perception The common perception of fault management is identifying all the events. This, however, is not true. There is more to it

More information

SDN AND SECURITY: Why Take Over the Hosts When You Can Take Over the Network

SDN AND SECURITY: Why Take Over the Hosts When You Can Take Over the Network SDN AND SECURITY: Why Take Over the s When You Can Take Over the Network SESSION ID: TECH0R03 Robert M. Hinden Check Point Fellow Check Point Software What are the SDN Security Challenges? Vulnerability

More information

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.

Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes. RimApp RoadBLOCK goes beyond simple filtering! Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes. However, traditional

More information

Netflow Application Upgrade

Netflow Application Upgrade Netflow Application Upgrade 1 Agenda What is netflow? Existing Netflow Applications Searching for New Netflow Application(s) Recommended Netflow Applications Pricing 2 What is netflow? Observation point:

More information

IPv6 networks management. Simon.Muyal@renater.fr

IPv6 networks management. Simon.Muyal@renater.fr IPv6 networks management Simon.Muyal@renater.fr Contribs Bernard Tuy, Renater Simon Muyal, Renater Ralf Wolter, Cisco Patrick Grossetête, Cisco Munechika Sumikawa, Hitachi Patrick Paul, 6WIND Simon Muyal

More information

MANTICORE: Providing Users with a Logical IP Network Service

MANTICORE: Providing Users with a Logical IP Network Service MANTICORE: Providing Users with a Logical IP Network Service Victor Reijs (HEAnet) MANTICORE Partners (self funded project): Agenda MANTICORE vision MANTICORE-I implementation Infrastructure as a Service

More information

Lab 4.1.2 Characterizing Network Applications

Lab 4.1.2 Characterizing Network Applications Lab 4.1.2 Characterizing Network Applications Objective Device Designation Device Name Address Subnet Mask Discovery Server Business Services 172.17.1.1 255.255.0.0 R1 FC-CPE-1 Fa0/1 172.17.0.1 Fa0/0 10.0.0.1

More information

Global Network Mobility RIPE 48

Global Network Mobility RIPE 48 John Bender Don Bowman cbbrouting@boeing.com Global Network Mobility RIPE 48 Implementing Network Mobility Summary What is Connexion by Boeing? Network and Service Challenges BGP as a mobility solution

More information

Traffic & Peering Analysis

Traffic & Peering Analysis Traffic & Peering Analysis or how I learned to stop worrying and love route hijacking Pete Crocker pete@packetdesign.com Agenda Alternate methods of traffic / peering analysis Traffic Matrices Pros & Cons

More information

HP Networking BGP and MPLS technology training

HP Networking BGP and MPLS technology training Course overview HP Networking BGP and MPLS technology training (HL046_00429577) The HP Networking BGP and MPLS technology training provides networking professionals the knowledge necessary for designing,

More information

SonicOS 5.8: NetFlow Reporting

SonicOS 5.8: NetFlow Reporting SonicOS 5.8: NetFlow Reporting Document Scope Rapid growth of IP networks has created interest in new business applications and services. These new services have resulted in increases in demand for network

More information

TF-NOC Flash presentation. 5 th TF-NOC meeting Dubrovnik, 15 th February 2012. GARR Giovanni Cesaroni

TF-NOC Flash presentation. 5 th TF-NOC meeting Dubrovnik, 15 th February 2012. GARR Giovanni Cesaroni TF-NOC Flash presentation 5 th TF-NOC meeting Dubrovnik, 15 th February 2012 GARR Giovanni Cesaroni Network Current Backbone infrastructure: GARR-G 2002 > nowdays About 60 GARR PoP 90% in Universities

More information

CS 457 Lecture 19 Global Internet - BGP. Fall 2011

CS 457 Lecture 19 Global Internet - BGP. Fall 2011 CS 457 Lecture 19 Global Internet - BGP Fall 2011 Decision Process Calculate degree of preference for each route in Adj-RIB-In as follows (apply following steps until one route is left): select route with

More information

Accounting and Routing in the Internet

Accounting and Routing in the Internet Accounting and Routing in the Internet Introduction There has been discussion of proposals to engage in the collection of traffic flow measurement information for monitoring and to support charging and

More information

Internet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering

Internet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls

More information

Cisco NetFlow TM Briefing Paper. Release 2.2 Monday, 02 August 2004

Cisco NetFlow TM Briefing Paper. Release 2.2 Monday, 02 August 2004 Cisco NetFlow TM Briefing Paper Release 2.2 Monday, 02 August 2004 Contents EXECUTIVE SUMMARY...3 THE PROBLEM...3 THE TRADITIONAL SOLUTIONS...4 COMPARISON WITH OTHER TECHNIQUES...6 CISCO NETFLOW OVERVIEW...7

More information

Introduction to Routing

Introduction to Routing Introduction to Routing How traffic flows on the Internet Philip Smith pfs@cisco.com RIPE NCC Regional Meeting, Moscow, 16-18 18 June 2004 1 Abstract Presentation introduces some of the terminologies used,

More information

and reporting Slavko Gajin slavko.gajin@rcub.bg.ac.rs

and reporting Slavko Gajin slavko.gajin@rcub.bg.ac.rs ICmyNet.Flow: NetFlow based traffic investigation, analysis, and reporting Slavko Gajin slavko.gajin@rcub.bg.ac.rs AMRES Academic Network of Serbia RCUB - Belgrade University Computer Center ETF Faculty

More information

Multi-Gigabit Intrusion Detection with OpenFlow and Commodity Clusters

Multi-Gigabit Intrusion Detection with OpenFlow and Commodity Clusters Multi-Gigabit Intrusion Detection with OpenFlow and Commodity Clusters Copyright Ali Khalfan / Keith Lehigh 2012. This work is the intellectual property of the authors. Permission is granted for this material

More information

Tutorial: Options for Blackhole and Discard Routing. Joseph M. Soricelli Wayne Gustavus NANOG 32, Reston, Virginia

Tutorial: Options for Blackhole and Discard Routing. Joseph M. Soricelli Wayne Gustavus NANOG 32, Reston, Virginia Tutorial: Options for Blackhole and Discard Routing Joseph M. Soricelli Wayne Gustavus NANOG 32, Reston, Virginia Caveats and Assumptions The views presented here are those of the authors and they do not

More information

CS 40, Lecture 3: Internet economics. Ramesh Johari

CS 40, Lecture 3: Internet economics. Ramesh Johari CS 40, Lecture 3: Internet economics Ramesh Johari Outline Contracts: transit and peer Example 1: Peering and pricing Example 2: Exchanges Example 3: Hot potato routing Example 4: 95 th percentile pricing

More information

Inter-domain Routing Basics. Border Gateway Protocol. Inter-domain Routing Basics. Inter-domain Routing Basics. Exterior routing protocols created to:

Inter-domain Routing Basics. Border Gateway Protocol. Inter-domain Routing Basics. Inter-domain Routing Basics. Exterior routing protocols created to: Border Gateway Protocol Exterior routing protocols created to: control the expansion of routing tables provide a structured view of the Internet by segregating routing domains into separate administrations

More information

Description: Objective: Upon completing this course, the learner will be able to meet these overall objectives:

Description: Objective: Upon completing this course, the learner will be able to meet these overall objectives: Course: Building Cisco Service Provider Next-Generation Networks, Part 2 Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,750.00 Learning Credits: 38 Description: The Building Cisco Service Provider

More information

IK2205 Inter-domain Routing

IK2205 Inter-domain Routing IK2205 Inter-domain Routing Lecture 5 Voravit Tanyingyong, voravit@kth.se Outline Redundancy, Symmetry, and Load Balancing Redundancy Symmetry Load balancing Scenarios Controlling Routing Inside the AS

More information

APNIC elearning: BGP Basics. Contact: training@apnic.net. erou03_v1.0

APNIC elearning: BGP Basics. Contact: training@apnic.net. erou03_v1.0 erou03_v1.0 APNIC elearning: BGP Basics Contact: training@apnic.net Overview What is BGP? BGP Features Path Vector Routing Protocol Peering and Transit BGP General Operation BGP Terminology BGP Attributes

More information

NetFlow Tracker Overview. Mike McGrath x ccie CTO mike@crannog-software.com

NetFlow Tracker Overview. Mike McGrath x ccie CTO mike@crannog-software.com NetFlow Tracker Overview Mike McGrath x ccie CTO mike@crannog-software.com 2006 Copyright Crannog Software www.crannog-software.com 1 Copyright Crannog Software www.crannog-software.com 2 LEVELS OF NETWORK

More information

BGP Prefix Hijack: An Empirical Investigation of a Theoretical Effect Masters Project

BGP Prefix Hijack: An Empirical Investigation of a Theoretical Effect Masters Project BGP Prefix Hijack: An Empirical Investigation of a Theoretical Effect Masters Project Advisor: Sharon Goldberg Adam Udi 1 Introduction Interdomain routing, the primary method of communication on the internet,

More information

Enabling NetFlow and NetFlow Data Export (NDE) on Cisco Catalyst Switches

Enabling NetFlow and NetFlow Data Export (NDE) on Cisco Catalyst Switches Enabling NetFlow and NetFlow Data Export (NDE) on Cisco Catalyst Switches Revised 2/1/2007 Introduction...2 Requirements...2 Catalyst 4500 Series...2 Enabling NetFlow...2 Configuring a NetFlow Destination...3

More information

Agenda. NRENs, GARR and GEANT in a nutshell SDN Activities Conclusion. Mauro Campanella Internet Festival, Pisa 9 Oct 2015 2

Agenda. NRENs, GARR and GEANT in a nutshell SDN Activities Conclusion. Mauro Campanella Internet Festival, Pisa 9 Oct 2015 2 Agenda NRENs, GARR and GEANT in a nutshell SDN Activities Conclusion 2 3 The Campus-NREN-GÉANT ecosystem CAMPUS networks NRENs GÉANT backbone. GÉANT Optical + switching platforms Multi-Domain environment

More information

NetFlow Analytics for Splunk

NetFlow Analytics for Splunk NetFlow Analytics for Splunk User Manual Version 3.5.1 September, 2015 Copyright 2012-2015 NetFlow Logic Corporation. All rights reserved. Patents Pending. Contents Introduction... 3 Overview... 3 Installation...

More information

COMPSCI 314: SDN: Software Defined Networking

COMPSCI 314: SDN: Software Defined Networking COMPSCI 314: SDN: Software Defined Networking Nevil Brownlee n.brownlee@auckland.ac.nz Lecture 23 Current approach to building a network Buy 802.3 (Ethernet) switches, connect hosts to them using UTP cabling

More information

Network Monitoring and Traffic CSTNET, CNIC

Network Monitoring and Traffic CSTNET, CNIC Network Monitoring and Traffic Analysis in CSTNET Chunjing Han Aug. 2013 CSTNET, CNIC Topics 1. The background of network monitoring 2. Network monitoring protocols and related tools 3. Network monitoring

More information

Data Analysis Load Balancer

Data Analysis Load Balancer Data Analysis Load Balancer Design Document: Version: 1.0 Last saved by Chris Small April 12, 2010 Abstract: The project is to design a mechanism to load balance network traffic over multiple different

More information

Globally Distributed Content (Using BGP to Take Over the World)

Globally Distributed Content (Using BGP to Take Over the World) Globally Distributed Content (Using BGP to Take Over the World) Horms (Simon Horman) horms@vergenet.net November 2001 http://supersparrow.org/ 1 Introduction Electronic content is becoming increasingly

More information