Syslog Performance: Data Modeling and Transport

Size: px
Start display at page:

Download "Syslog Performance: Data Modeling and Transport"

Transcription

1 Syslog Performance: Data Modeling and Transport Mohammad Rajiullah, Reine Lundin, Anna Brunstrom, and Stefan Lindskog Department of Computer Science, Karlstad University SE Karlstad, Sweden {mohammad.rajiullah reine.lundin anna.brunstrom Abstract Syslog is one of the basic methods for event logging in computer networks. Log messages that are generated by syslog can be used for a number of purposes, including optimizing system performance, system auditing, and investigating malicious activities in a computer network. Considering all these attractive uses, both timeliness and reliability is needed when syslog messages are transported over a network. The unreliable transport protocol UDP was specified in the original syslog specification; later a reliable transport service based on TCP was also proposed. However, TCP is a costly alternative in terms of delay. In our previous work, we introduced the partially reliable extension of, PR-, as a transport service for syslog, trading reliability against timeliness by prioritizing syslog messages. In this work, we first model syslog data using real syslog traces from an operational network. The model is then used as input in the performance evaluation of PR-. In the experiments, real congestion is introduced in the network by running several competing flows. Although PR- clearly outperformed TCP and in our previous work, our present evaluations show that PR- performance is largely influenced by the syslog data size characteristics. I. INTRODUCTION We are now probably observing the highest growth of computers attached to networks both in numbers and sizes since the inception of the Internet. There is a continuous deployment of network servers, workstations, routers or other networking devices. As a result, the need for security and reliability in a computer network is more important than ever. Log messages, generated in a computer network, can be a significant element for providing increased security and reliability. An event log is a record of a specific event that occurred in the system. Logs are generated from various sources, such as firewalls, switches, routers, wireless access points, operating systems or applications including intrusion detection systems and anti-malware programs. A system administrator can use these logs for trouble shooting purposes. Nowadays, logs have become vital elements for many other purposes, e.g., optimizing system performance, recording user actions, supporting system wide forensic analysis of malicious activities, etc. Taking all these attractive uses into account, reliable, secure, and timely delivery of log messages over the network becomes very important. The syslog protocol [] has been proposed and used for basic log management in computer networks since the early days of Internet. Simply speaking, syslog allows a machine or device to send event notification messages over networks to any predefined collector. This collector is called the syslog server. The User Datagram Protocol (UDP) [2] was specified as a transport service for syslog messages in the earliest specification of the syslog protocol [] when a centralized log management approach was used. Since UDP is an unreliable transport protocol, log messages containing critical alerts may be lost without notice. RFC 395 [3] proposed the connection oriented protocol, Transmission Control Protocol (TCP) [5] as a transport service to provide reliability in message delivery. The widely used syslog-ng system [4] uses TCP as the default underlying transport service. However, TCP causes high delays during loss recovery, which may not always be affordable due to the need of a timely reporting of critical events. A detailed description of potential drawbacks of UDP and TCP as transport services for syslog messages can be found in our previous work [8]. In addition to TCP, secure syslog transport over the Transport Layer Security (TLS) has been standardized in RFC 5425 [6], and a Datagram TLS (DTLS) secure transport has recently been specified in RFC 62 [7]. Log messages are inherently prioritized. During loss recovery, some messages are more important than others. Additionally, some messages have certain lifetimes after which they are no longer useful. For example, various applications may generate periodic status messages which are normally useful only for a short time period. The concept of prioritization becomes important during congestion periods allowing network resources to be prioritized for transporting the most crucial and fresh messages. In our previous work [8], we proposed and evaluated the use of the existing and standardized partially reliable extension of the Stream Control Transmission Protocol () [9], PR- [], as an underlying transport service for timely and reliable delivery of syslog messages over a network. PR- uses all the advanced transport related features in and uniquely supports (re)transmission policies on a per message basis. Since each syslog message is characteristically prioritized, according to the source that generates it and its importance level, PR- was used to provide different reliability policies for different syslog messages according to their priority levels. By using PR-, we in [8] saw a significant improvement of the average transfer delay for syslog messages as compared to TCP. Since PR- prioritizes more important messages over the rest, some messages that are lost and not important may never be recovered. The loss of a message is, however, notified to the receiver. Basically, by trading reliability against timeliness during loss recovery, time

2 and network capacity can be saved for important log messages. The performance of PR- was evaluated in an artificial loss based simplistic network scenario. However, in the present Internet, packet losses mainly occur due to congestion when a number of flows compete for resources. Moreover, in the referenced work, a synthetic work load of fixed message sizes was used. In this work, we first analyze a syslog trace file from a real operational network. Based on the trace, we determine several important parameters, such as message size distribution and arrival pattern. Besides, we introduce a shared network in the evaluation where PR- must compete with other flows for network resources. In the experiment results, we can see a large influence of message size distribution on the PR- performance. The remainder of this paper is organized as follows. Background and related work are described in Section II. In Section III, the characteristics of syslog data using real syslog traces are modeled. In Section IV, the performance of PR- in a shared network for syslog transport is evaluated. Finally, some concluding remarks are given in Section V. II. BACKGROUND In this section, we briefly describe the syslog protocol as well as PR- as a transport service for syslog messages. A. Syslog In UNIX like operating systems, kernels and/or applications generate several messages and alerts that are either saved locally or sent over the network as syslog messages. According to the BSD syslog specification [], an originator that creates syslog messages may forward them to a collector or syslog server. In addition, one or more devices may be used as relays between an originator and a collector. Various communication devices, such as routers, switches, and VPN connectors as well as operating systems and applications may work as originators for generating syslog messages for system related information or alerts. For instance, an alert may be generated when a router finds one of its interfaces is down. Besides, firewalls can generate syslog messages when it blocks a TCP or connection. All of these devices may be configured in such a way that they send specified syslog messages to external devices that works as a centralized syslog server and collects all the received messages for further analysis. This allows an administrator simply log in to the syslog server and monitor the whole system under surveillance rather than separately to go through a large number of devices. The most current specification of the syslog protocol was standardized in March 29 in RFC 5424 []. This specification uses a layered architecture where the specification of the message structure is separated from the transport of the message. A syslog message that can be seen on the wire as a payload normally has three distinguishable parts. The first part is called the PRI. This part specifies the priority of a syslog message according to the associated facility and severity values of the corresponding event that generates this message. Common examples of facilities are operating system daemons or processes that generate log messages. Each different type of facility is assigned a decimal number. For example, a facility value of 4 is given to all log messages generated from security or authorization related sources. Each facility that generates a log message also specifies a severity level for it. For example, a severity level of signifies an emergency condition when a system is unstable, whereas a severity level of 7 simply signifies a debug level message. To calculate the priority value of a message, its facility value is first multiplied by 8 and then added to the severity value. For example, a facility value of 5 (clock daemon) and a severity value of 5 (notice) will produce a priority value of 25. We use the severity value from PRI to prioritize a syslog message. Messages with severity values from to 3, which denote emergency, alert, critical, and error level, are marked as important messages and the rest as normal messages. The second part of the message contains a hostname or the IP address from which the message is transmitted. This part also includes a timestamp when the message is generated. The third part, finally, is the content of the syslog message which often contains information about the process that generates the message. One of the fundamental ideas with the syslog protocol is the simplicity of implementation. Any device that is configured to send syslog messages does so even without any explicit knowledge about the receiver. A syslog server, on the other hand, cannot request a specific device to send syslog messages. This operational simplicity has greatly helped for the wide deployment of the syslog protocol. Additionally, syslog is a simplex protocol. It does not give any acknowledgement from the application layer for the message deliveries. A separate, reliable transport may provide this functionality at the transport layer. B. PR- as a Syslog Transport PR- is an extension of and accommodates all of its features. We include a brief description of some of these features below. is a connection oriented protocol like TCP. is message oriented whereas TCP is byte oriented. If an application sends messages that are sufficiently smaller than the path maximum transmission unit (MTU), a number of these small messages can be bundled into a single packet. A message or control information is referred to as a chunk when it is put inside a packet as payload. Besides, inside a packet, control information can be bundled together with user messages. This message based abstraction is particularly suitable for the syslog protocol, since syslog messages are semantically independent. can be configured to multiplex segments over multiple independent streams to reduce TCP s Head of Line (HOL) blocking problem [2]. Moreover, if unordered delivery is used, a receiver can immediately deliver a received message to the upper layer even if the arrival of the message is unordered. This is also useful for independent syslog messages.

3 Syslog clients may generate an unlimited amount of messages. Using UDP as a transport protocol for these syslog messages may not be appropriate if the network is not properly managed, since UDP does not have any congestion control. TCP or plain, on the other hand, may increase the message transfer delay during congestion periods as they are fully reliable. According to RFC 5424 [], message-prioritization based on the severity values should be considered when syslog messages need to be discarded; further sending will otherwise be blocked. PR- may thus be an appropriate transport service to implement such an idea. PR- uses a (re)transmission policy on a per message basis. The idea is that PR- considers a particular application specific reliability policy for every message. Timed reliability is an example of an application specific reliability policy. In such a policy, a certain lifetime is given for every application message. Upon expiration of this lifetime, PR- does not consider any (re)transmission of the message. For syslog messages, a lifetime can be determined according to the severity level of each message. If messages are lost due to congestion, only those messages for which the lifetime has not yet expired will be retransmitted. The advantages are that overall message transfer time will be improved and a timely delivery of important messages is possible. In this way, PR- can improve the system performance. PR- supports prioritization by using a special control chunk named FORWARD CUMULATIVE TSN or forward tsn. The idea is as follows. When a sender abandons a message to (re)transmit, it sends a forward tsn chunk to the receiver. This chunk simply tells the receiver to forward its cumulative ACK point, which means that the receiver must not expect the abandoned message anymore. Besides, PR- adjusts all the congestion related variables even though it may not retransmit any lost messages. Note that a PR- receiver is always unaware of any particular prioritization policy taken at the sender. Several existing works [3 8] have used PR- for various applications such as real time multimedia streaming, IPTV transmission, SIP signaling, etc. III. SYSLOG DATA In this section, the distribution of message length, interarrival time and important messages from a syslog database sample are investigated and modeled. The sample was captured at the syslog server at the Computer Science Department network at Karlstad University, Sweden between August 28 and December 2, and consists of more than 3.5 million syslog messages. A. Message Length Distribution A syslog message normally consists of the priority, header and content. However, the format of the stored syslog records in the database do not reveal if headers were included or not in the sent syslog messages. By using Wireshark to capture syslog messages on the network for a one day session, it was observed that the header was included in some messages, but not in all. The average length of the priority and header part was calculated from the Wireshark session to be 3.5 bytes Content length [bytes] Fig. : The content length density distribution. The content length distribution from the syslog database sample is plotted in Fig.. From the pattern in the figure it seems reasonable to model the behavior of the content length distribution with a normal distribution. The normal distribution is given by the bell-shaped probability density function f(x) = (x µ)2 e 2σ 2 () 2πσ 2 where µ is the mean and σ is the standard deviation of the distribution. Using maximum likelihood estimation the mean and standard deviation of () can be estimated with the mean and standard deviation of the content length distribution. This gives µ = 7.5 bytes and σ = 3.2 bytes. After adding the priority and header part of 3.5 bytes, the total mean becomes 85 bytes for the message length. To show how the normal distribution fits to the content length distribution, the corresponding two cumulative distributions are plotted in Fig. 2. The maximum error between the two cumulative distributions is 23.4 % and the mean error is. %. B. Inter-arrival Time Distribution The inter-arrival time distribution for the syslog database sample is plotted in Fig. 3. However, since the timestamp granularity in the syslog database is of the time scale of seconds, a smaller plot of the Wireshark sample, having a time scale of microseconds, is also given in the figure. In Fig. 3, the leftmost spike for the syslog database sample reaches up to 76.9 % and the corresponding spike for the Wireshark sample reaches up to 4.2 %. The other spikes in the graphs are probably generated by the applications that send syslog messages on a regular basis. From the pattern of the plots in Fig. 3, it seems reasonable to model the behavior of the inter-arrival time distribution with an

4 Content length [bytes] Fig. 2: The normal and content length cumulative distributions Time [s] Time [s] Fig. 3: The inter-arrival time density distribution for the whole sample (big graph) and the Wireshark sample (small graph). exponential distribution. The exponential distribution is given by the probability density function f(x) = λe λx (2) where λ > is the rate parameter of the distribution. Using maximum likelihood estimation, the rate parameter of (2) can be estimated with the inverse of the mean of the interarrival time distribution. Thus, for the Wireshark sample, having the finest time granularity, the mean of the inter-arrival time distribution is.73 s, giving λ =.36 s. To show how the exponential distribution fits to the inter-arrival time distribution, the corresponding two cumulative distributions are plotted in Fig. 4. The maximum error between the two cumulative distributions is 9.7 % and the mean error is. % Time [s] Fig. 4: The exponential and interarrival time cumulative distributions. C. Important Message Distribution The number of important and normal messages per day for our syslog database sample is plotted in Fig. 5. From this sample, the fraction of important messages is 7.6 %. In [2], the authors used two syslog database samples. The first sample was captured during heavy loads and contained % of important messages, while the second sample was captured during light loads and contained.4 %. Hence, the authors used in their experiments the assumption that during heavy loads the fraction of important messages increases. We examine the spikes in our database sample for similar trends. During heavy loads, the largest load spike in Fig. 5 has a fraction of 5.3 %, at day 255, while the second largest load spike has a fraction of 2.9 %, at day 87. Thus, in our system we cannot draw the conclusion that heavier loads increase the fraction of important messages, but consistent with [2] we can see that the fraction of important messages may vary greatly. IV. EXPERIMENTAL EVALUATION In this section, we first describe the experiment setup that we use to evaluate the performance of PR- for transporting syslog messages, followed by our experiment results. A. Experiment Setup We adopt a single bottleneck, emulation based experiment for the performance evaluations. We use three computers. All of these three machines have the same hardware configuration of 4 GB RAM and an Intel Core 2 duo processor (2.6 GHz). The Dummynet traffic shaper [9] is set up in the middle machine to introduce physical delays and bandwidth limitations in the network. Both end machines are configured with FreeBSD 8.. Based on the findings in Section III, we have created a syslog message generator application. The lengths of the generated messages are drawn from a normal

5 865 normal messages. Additionally, we perform each experiment with 3 repetitions to allow for 95 % confidence intervals. The network related parameters are summarized in Table. 855 TABLE I: Network related parameters. Number of messages Normal messages Important messages Parameter Value(s) One way Delay: ms Queue size: 38 KB Bandwidth: Mbps (Up and Down) # of background flows: 5 and Time [day] Fig. 5: Fraction of important and normal messages per day. distribution of mean 85 and standard deviation 3. Besides, since we see an exponential distribution of the inter-arrival times of syslog messages in the traces, our application creates messages according to a Poisson arrival process. We do not, however, use the obtained mean for inter-arrival times in the experiment, since we are in this case interested to see how the evaluated protocols behave during congestion. To avoid having to use an excessive amount of background flows or a very small bandwidth to create congestion, we instead use a shorter mean inter-arrival time of 2 ms. Our application generates two main types of messages: important and normal. According to our analysis in section III, we use several distributions of important messages starting from % to 25 %. In this experiment, we use a timed reliability based PR- policy. In such a policy, a certain lifetime is given for every application message. Upon expiration of this lifetime, PR- does not consider any (re)transmission of this message. Our expectation is that even under heavy congestion in the network, important messages should reach the receiver whereas normal messages have a smaller or no chance. We use a time-to-live (TTL) value of 5, ms for important messages and a TTL of 2 ms for normal messages. We use the same application settings on top of various transport services such as TCP,, and PR-. Both and PR- use unordered delivery, since syslog generates semantically independent messages. Additionally, in each run, syslog messages are sent from the server to the client. In the experiment, we have several competing background flows in the network. These are greedy TCP flows. In consequence, a foreground flow being any of the evaluated protocols, TCP,, or PR-, must compete with the background flows for network resources. We vary the number of background flows to differ the congestion level in the network. We measure average message delay for both important and B. Experiment Results Fig. 6 shows the performance of PR- along with and TCP for different number of background flows. Since the PR- graphs for important and normal messages visually overlap, we only put the graphs for important messages. In both cases, although PR- performs better than TCP for smaller fractions of important messages, it surprisingly performs worse than. PR- is expected to outperform the fully reliable, since it can ignore retransmission of normal messages if they are lost. Two factors have been changed from our previous work; the network settings and the distribution of message sizes. Hence, we perform another experiment using the same synthetic workload that we used before in our present network settings to isolate the phenomena that is influencing the PR- results most. We use a fixed message size of 25 bytes and keep the same average send rate as we used in the first experiment. In addition, we keep the number of background flows to 2. The results from this experiment are given in Fig. 7. In this figure, a subgraph is included to distinguish the results of PR- from. Here we see that PR- outperforms both TCP and by prioritizing important messages over normal messages during (re)transmission. This shows that the message size distribution has a major influence on the PR- results. Based on a detailed analysis of the trace files from our experiments, we have identified that during loss recovery, the existing forward tsn mechanism becomes inefficient. For our scenario where the message size distribution is normal and the mean is not very large, we identify two cases. Firstly, as each message can be of different size and can be placed alone in a packet, the messages have different loss probabilities when the byte based queue at the network is full; in consequence, this can produce a non consecutive loss pattern. In this case, the forward tsn mechanism cannot tell a receiver to forward the cumulative TSN across several TSNs or messages. Instead, it does it separately for individual lost messages, since the delivered message(s) must be cumulatively acknowledged before the forward tsn for the next lost message can be transmitted. On the contrary, fully reliable can retransmit multiple messages together, and becomes faster. Secondly, if there is a backlog created in the send buffer at the transport layer, many messages can be bundled into a single packet, since the mean of the message size distribution

6 Average delay [s] TCP Average delay [s].5.5 TCP Average delay [sec] (a) 5 background flows Fig. 7: Average delay performance using a fixed message size of 25 bytes with 2 background flows. Average delay [s] TCP (b) 2 background flows Fig. 6: Average delay performance for different important message distributions. is quite small. As a result, when even a single packet is lost, many consecutive messages are lost. In such a case, when a single packet is lost, and if many messages are bundled into that packet, we loose many messages with several importance levels. Thus, if all the messages are normal, then a forward tsn chunk can tell a receiver to forward the cumulative ACK point across all these messages. As a result, PR- can be faster than by ignoring to retransmit messages. However, when we have a mixture of reliable and unreliable messages, the forward tsn mechanism becomes slow. This is due to the fact that it only sends a forward tsn chunk to the receiver for an unreliable lost message when the preceding reliable message is confirmed to be delivered. Hence, PR- suffers from a considerable delay. This is also true when we have a fixed message size of 25 bytes; however, the resulting delay is limited, since at most five messages can be bundled into a single packet. V. CONCLUSION In this paper, we first model the characteristics of syslog data using real traces from an operational network. Then, we investigate the performance of PR- for transporting syslog messages using the derived model in a network scenario where multiple flows compete for network resources. However, unlike what we have shown in our previous work [8], PR- noticeably performs worse than. After a detailed analysis of the traces from our experiments, we have identified that the existing forward tsn mechanism in PR- becomes inefficient if an application generates message sizes with small mean according to a normal distribution. We are currently working on improving the forward tsn mechanism and aim to implement and evaluate our solution. Besides, we are planning to obtain syslog traces from a larger network to further understand the characteristics of syslog data. ACKNOWLEDGMENT The work was carried out within the Compare Business Innovation Centre phase 2 project, funded partly by the European Regional Development Fund. REFERENCES [] J. Postel, RFC 364: The BSD Syslog protocol, August, 2. [2] J. Postel, RFC 768: User Datagram Protocol (UDP), August, 98. [3] D. New and M. Rose, RFC 395:Reliable Delivery for syslog, November, 2. [4] Syslog New Generation (Syslog-ng). network-security/syslog-ng/, visited February 27, 2. [5] J. Postel, RFC 793: Transmission control protocol, September, 98. [6] F. Miao et al., RFC 5425: Transport Layer Security (TLS) Transport Mapping for Syslog, March 29. [7] J. Salowey et al., RFC 62: Datagram Transport Layer Security (DTLS) Transport Mapping for Syslog, October, 2.

7 [8] M. Rajiullah, A. Brunstrom, and S. Lindskog, Priority Based Delivery of PR- Messages in a Syslog Context, in International Workshop on Autonomic Networking and Self-Management in the Access Networks (SELFMAGICNETS 2), 2. [9] R. Stewart, Q. Xie, and K. Morneault, RFC 496: Stream control transmission protocol, September, 27. [] R. Stewart, M. Ramalho, Q. Xie, and M. Tuexen, RFC 3758: Stream Control Transmission Protocol () Partial Reliability Extension, may, 24. [] R. Gerhards et al., RFC 5424: The syslog Protocol, March, 29. [2] G. D. Marco et al., as a transport for SIP: a case study, In 7th World Multiconference on Systemics, Cybernetics and Informatics (SCI), pp , Orlando, FL, USA, July, 23. [3] T. Maeda, M. Kozuka, and Y. Okabe, Reliable Streaming Transmission Using PR-, in Ninth Annual International Symposium on Applications and the Internet, SAINT 9, pp , IEEE, 29. [4] H. Sanson, A. Neira, L. Loyola, and M. Matsumoto, PR- for real time H. 264/AVC video streaming, in The 2th International Conference on Advanced Communication Technology (ICACT), vol., pp , IEEE, 2. [5] H. Wang, Y. Jin, W. Wang, J. Ma, and D. Zhang, The performance comparison of PR-, TCP and UDP for MPEG-4 multimedia traffic in mobile network, in International Conference on Communication Technology Proceedings, ICCT, vol., pp , IEEE, 23. [6] M. Molteni and M. Villari, Using with partial reliability for MPEG-4 multimedia streaming, in European BSD Conference, 22. [7] S. Kim, S. Koh, and Y. Kim, Performance of for IPTV Applications, in The 9th International Conference on Advanced Communication Technology, vol. 3, pp , IEEE, 27. [8] X. Wang and V. Leung, Applying PR- to transport SIP traffic, in Global Telecommunications Conference, GLOBECOM 5, vol. 2, pp. 5 78, IEEE, 26. [9] L. Rizzo, Dummynet: a simple approach to the evaluation of network protocols, ACM SIGCOMM Computer Communication Review, vol. 27, no., pp. 3 4, 997. [2] H. Tsunoda et el., A Prioritized Retransmission Mechanism for Reliable and Efficient Delivery of Syslog Messages, in Proceedings of Seventh Annual Communication and Services Research Conference, pp , Washington, DC, USA, 29.

Performance Analysis and Improvement of PR-SCTP in an Event Logging Context

Performance Analysis and Improvement of PR-SCTP in an Event Logging Context Performance Analysis and Improvement of PR-SCTP in an Event Logging Context Mohammad Rajiullah Faculty of Economic Sciences, Communication and IT Computer Science Karlstad University Studies 2012:44 Performance

More information

Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation

Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation Improving the Performance of TCP Using Window Adjustment Procedure and Bandwidth Estimation R.Navaneethakrishnan Assistant Professor (SG) Bharathiyar College of Engineering and Technology, Karaikal, India.

More information

An enhanced TCP mechanism Fast-TCP in IP networks with wireless links

An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Wireless Networks 6 (2000) 375 379 375 An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Jian Ma a, Jussi Ruutu b and Jing Wu c a Nokia China R&D Center, No. 10, He Ping Li Dong Jie,

More information

TCP - Introduction. Features of TCP

TCP - Introduction. Features of TCP TCP - Introduction The Internet Protocol (IP) provides unreliable datagram service between hosts The Transmission Control Protocol (TCP) provides reliable data delivery It uses IP for datagram delivery

More information

Performance Comparison of SCTP and TCP over Linux Platform

Performance Comparison of SCTP and TCP over Linux Platform Performance Comparison of SCTP and TCP over Linux Platform Jong-Shik Ha, Sang-Tae Kim, and Seok J. Koh Department of Computer Science, Kyungpook National University, Korea {mugal1, saintpaul1978, sjkoh}@cs.knu.ac.kr

More information

Computer Networks. Chapter 5 Transport Protocols

Computer Networks. Chapter 5 Transport Protocols Computer Networks Chapter 5 Transport Protocols Transport Protocol Provides end-to-end transport Hides the network details Transport protocol or service (TS) offers: Different types of services QoS Data

More information

A Passive Method for Estimating End-to-End TCP Packet Loss

A Passive Method for Estimating End-to-End TCP Packet Loss A Passive Method for Estimating End-to-End TCP Packet Loss Peter Benko and Andras Veres Traffic Analysis and Network Performance Laboratory, Ericsson Research, Budapest, Hungary {Peter.Benko, Andras.Veres}@eth.ericsson.se

More information

High-Speed TCP Performance Characterization under Various Operating Systems

High-Speed TCP Performance Characterization under Various Operating Systems High-Speed TCP Performance Characterization under Various Operating Systems Y. Iwanaga, K. Kumazoe, D. Cavendish, M.Tsuru and Y. Oie Kyushu Institute of Technology 68-4, Kawazu, Iizuka-shi, Fukuoka, 82-852,

More information

Transport Layer Protocols

Transport Layer Protocols Transport Layer Protocols Version. Transport layer performs two main tasks for the application layer by using the network layer. It provides end to end communication between two applications, and implements

More information

Quantifying the Performance Degradation of IPv6 for TCP in Windows and Linux Networking

Quantifying the Performance Degradation of IPv6 for TCP in Windows and Linux Networking Quantifying the Performance Degradation of IPv6 for TCP in Windows and Linux Networking Burjiz Soorty School of Computing and Mathematical Sciences Auckland University of Technology Auckland, New Zealand

More information

Performance Analysis of IPv4 v/s IPv6 in Virtual Environment Using UBUNTU

Performance Analysis of IPv4 v/s IPv6 in Virtual Environment Using UBUNTU Performance Analysis of IPv4 v/s IPv6 in Virtual Environment Using UBUNTU Savita Shiwani Computer Science,Gyan Vihar University, Rajasthan, India G.N. Purohit AIM & ACT, Banasthali University, Banasthali,

More information

Applications. Network Application Performance Analysis. Laboratory. Objective. Overview

Applications. Network Application Performance Analysis. Laboratory. Objective. Overview Laboratory 12 Applications Network Application Performance Analysis Objective The objective of this lab is to analyze the performance of an Internet application protocol and its relation to the underlying

More information

Network Friendliness of Mobility Management Protocols

Network Friendliness of Mobility Management Protocols Network Friendliness of Mobility Management Protocols Md Sazzadur Rahman, Mohammed Atiquzzaman Telecommunications and Networks Research Lab School of Computer Science, University of Oklahoma, Norman, OK

More information

MPEG-4 Video Transfer with SCTP-Friendly Rate Control Mohamed N. El Derini

MPEG-4 Video Transfer with SCTP-Friendly Rate Control Mohamed N. El Derini MPEG-4 Video Transfer with SCTP-Friendly Rate Control Mohamed N. El Derini elderini@ieee.org Amr A.Elshikh elshikha@emro.who.int Faculty of Engineering, Alexandria University, Egypt Computer Science and

More information

A Multi-level Security Mechanism for Secure Data Transmission in SCTP

A Multi-level Security Mechanism for Secure Data Transmission in SCTP Research Journal of Applied Sciences, Engineering and Technology 7(10): 2123-2128, 2014 ISSN: 2040-7459; e-issn: 2040-7467 Maxwell Scientific Organization, 2014 Submitted: July 6, 2013 Accepted: September

More information

Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi

Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi 1. Introduction Ad hoc wireless networks pose a big challenge for transport layer protocol and transport layer protocols

More information

Per-Flow Queuing Allot's Approach to Bandwidth Management

Per-Flow Queuing Allot's Approach to Bandwidth Management White Paper Per-Flow Queuing Allot's Approach to Bandwidth Management Allot Communications, July 2006. All Rights Reserved. Table of Contents Executive Overview... 3 Understanding TCP/IP... 4 What is Bandwidth

More information

Research on Errors of Utilized Bandwidth Measured by NetFlow

Research on Errors of Utilized Bandwidth Measured by NetFlow Research on s of Utilized Bandwidth Measured by NetFlow Haiting Zhu 1, Xiaoguo Zhang 1,2, Wei Ding 1 1 School of Computer Science and Engineering, Southeast University, Nanjing 211189, China 2 Electronic

More information

Encapsulating Voice in IP Packets

Encapsulating Voice in IP Packets Encapsulating Voice in IP Packets Major VoIP Protocols This topic defines the major VoIP protocols and matches them with the seven layers of the OSI model. Major VoIP Protocols 15 The major VoIP protocols

More information

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1)

Lecture Objectives. Lecture 07 Mobile Networks: TCP in Wireless Networks. Agenda. TCP Flow Control. Flow Control Can Limit Throughput (1) Lecture Objectives Wireless and Mobile Systems Design Lecture 07 Mobile Networks: TCP in Wireless Networks Describe TCP s flow control mechanism Describe operation of TCP Reno and TCP Vegas, including

More information

APPENDIX 1 USER LEVEL IMPLEMENTATION OF PPATPAN IN LINUX SYSTEM

APPENDIX 1 USER LEVEL IMPLEMENTATION OF PPATPAN IN LINUX SYSTEM 152 APPENDIX 1 USER LEVEL IMPLEMENTATION OF PPATPAN IN LINUX SYSTEM A1.1 INTRODUCTION PPATPAN is implemented in a test bed with five Linux system arranged in a multihop topology. The system is implemented

More information

A Performance Study of VoIP Applications: MSN vs. Skype

A Performance Study of VoIP Applications: MSN vs. Skype This full text paper was peer reviewed by subject matter experts for publication in the MULTICOMM 2006 proceedings. A Performance Study of VoIP Applications: MSN vs. Skype Wen-Hui Chiang, Wei-Cheng Xiao,

More information

Throughput Analysis of WEP Security in Ad Hoc Sensor Networks

Throughput Analysis of WEP Security in Ad Hoc Sensor Networks Throughput Analysis of WEP Security in Ad Hoc Sensor Networks Mohammad Saleh and Iyad Al Khatib iitc Stockholm, Sweden {mohsaleh, iyad}@iitc.se ABSTRACT This paper presents a performance investigation

More information

TCP in Wireless Mobile Networks

TCP in Wireless Mobile Networks TCP in Wireless Mobile Networks 1 Outline Introduction to transport layer Introduction to TCP (Internet) congestion control Congestion control in wireless networks 2 Transport Layer v.s. Network Layer

More information

Secure SCTP against DoS Attacks in Wireless Internet

Secure SCTP against DoS Attacks in Wireless Internet Secure SCTP against DoS Attacks in Wireless Internet Inwhee Joe College of Information and Communications Hanyang University Seoul, Korea iwjoe@hanyang.ac.kr Abstract. The Stream Control Transport Protocol

More information

Low-rate TCP-targeted Denial of Service Attack Defense

Low-rate TCP-targeted Denial of Service Attack Defense Low-rate TCP-targeted Denial of Service Attack Defense Johnny Tsao Petros Efstathopoulos University of California, Los Angeles, Computer Science Department Los Angeles, CA E-mail: {johnny5t, pefstath}@cs.ucla.edu

More information

Final for ECE374 05/06/13 Solution!!

Final for ECE374 05/06/13 Solution!! 1 Final for ECE374 05/06/13 Solution!! Instructions: Put your name and student number on each sheet of paper! The exam is closed book. You have 90 minutes to complete the exam. Be a smart exam taker -

More information

D1.2 Network Load Balancing

D1.2 Network Load Balancing D1. Network Load Balancing Ronald van der Pol, Freek Dijkstra, Igor Idziejczak, and Mark Meijerink SARA Computing and Networking Services, Science Park 11, 9 XG Amsterdam, The Netherlands June ronald.vanderpol@sara.nl,freek.dijkstra@sara.nl,

More information

Using Fuzzy Logic Control to Provide Intelligent Traffic Management Service for High-Speed Networks ABSTRACT:

Using Fuzzy Logic Control to Provide Intelligent Traffic Management Service for High-Speed Networks ABSTRACT: Using Fuzzy Logic Control to Provide Intelligent Traffic Management Service for High-Speed Networks ABSTRACT: In view of the fast-growing Internet traffic, this paper propose a distributed traffic management

More information

Publication III. c 2003 IEEE. Reprinted with permission.

Publication III. c 2003 IEEE. Reprinted with permission. Publication III G. Camarillo, H. Schulzrinne, and R. Kantola. Evaluation of Transport Protocols for the Session Initiation Protocol. IEEE Network, Vol. 17, No. 5, Pages 40-46, September 2003. c 2003 IEEE.

More information

VMWARE WHITE PAPER 1

VMWARE WHITE PAPER 1 1 VMWARE WHITE PAPER Introduction This paper outlines the considerations that affect network throughput. The paper examines the applications deployed on top of a virtual infrastructure and discusses the

More information

Performance Analysis of AQM Schemes in Wired and Wireless Networks based on TCP flow

Performance Analysis of AQM Schemes in Wired and Wireless Networks based on TCP flow International Journal of Soft Computing and Engineering (IJSCE) Performance Analysis of AQM Schemes in Wired and Wireless Networks based on TCP flow Abdullah Al Masud, Hossain Md. Shamim, Amina Akhter

More information

Advanced Computer Networks Project 2: File Transfer Application

Advanced Computer Networks Project 2: File Transfer Application 1 Overview Advanced Computer Networks Project 2: File Transfer Application Assigned: April 25, 2014 Due: May 30, 2014 In this assignment, you will implement a file transfer application. The application

More information

Using UDP Packets to Detect P2P File Sharing

Using UDP Packets to Detect P2P File Sharing 188 IJCSNS International Journal of Computer Science and Network Security, VOL.7 No.8, August 27 Using UDP Packets to Detect P2P File Sharing Tsang-Long Pao and Jian-Bo Chen Tatung University, Taipei,

More information

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols Guide to TCP/IP, Third Edition Chapter 3: Data Link and Network Layer TCP/IP Protocols Objectives Understand the role that data link protocols, such as SLIP and PPP, play for TCP/IP Distinguish among various

More information

Access Control: Firewalls (1)

Access Control: Firewalls (1) Access Control: Firewalls (1) World is divided in good and bad guys ---> access control (security checks) at a single point of entry/exit: in medieval castles: drawbridge in corporate buildings: security/reception

More information

Streaming Audio and Video

Streaming Audio and Video Streaming Audio and Video CS 360 Internet Programming Daniel Zappala Brigham Young University Computer Science Department Streaming Audio and Video Daniel Zappala 1/27 Types of Streaming stored audio and

More information

LCMON Network Traffic Analysis

LCMON Network Traffic Analysis LCMON Network Traffic Analysis Adam Black Centre for Advanced Internet Architectures, Technical Report 79A Swinburne University of Technology Melbourne, Australia adamblack@swin.edu.au Abstract The Swinburne

More information

TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) Internet Protocol (IP)

TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) Internet Protocol (IP) TCP over Multi-hop Wireless Networks * Overview of Transmission Control Protocol / Internet Protocol (TCP/IP) *Slides adapted from a talk given by Nitin Vaidya. Wireless Computing and Network Systems Page

More information

Sage ERP Accpac Online

Sage ERP Accpac Online Sage ERP Accpac Online Mac Resource Guide Thank you for choosing Sage ERP Accpac Online. This Resource Guide will provide important information and instructions on how you can get started using your Mac

More information

Sage 300 ERP Online. Mac Resource Guide. (Formerly Sage ERP Accpac Online) Updated June 1, 2012. Page 1

Sage 300 ERP Online. Mac Resource Guide. (Formerly Sage ERP Accpac Online) Updated June 1, 2012. Page 1 Sage 300 ERP Online (Formerly Sage ERP Accpac Online) Mac Resource Guide Updated June 1, 2012 Page 1 Table of Contents 1.0 Introduction... 3 2.0 Getting Started with Sage 300 ERP Online using a Mac....

More information

An Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks

An Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks An Experimental Study of Cross-Layer Security Protocols in Public Access Wireless Networks Avesh K. Agarwal Wenye Wang Department of Electrical and Computer Engineering North Carolina State University,

More information

Performance measurements of STANAG 5066 and Applications Running over STANAG 5066

Performance measurements of STANAG 5066 and Applications Running over STANAG 5066 Performance measurements of STANAG 5066 and Applications Running over STANAG 5066 Steve Kille CEO September 14 th 2009 Why Measure? The End Goal is to run Applications and Services over HF Radio Maximize

More information

Influence of Load Balancing on Quality of Real Time Data Transmission*

Influence of Load Balancing on Quality of Real Time Data Transmission* SERBIAN JOURNAL OF ELECTRICAL ENGINEERING Vol. 6, No. 3, December 2009, 515-524 UDK: 004.738.2 Influence of Load Balancing on Quality of Real Time Data Transmission* Nataša Maksić 1,a, Petar Knežević 2,

More information

Outline. TCP connection setup/data transfer. 15-441 Computer Networking. TCP Reliability. Congestion sources and collapse. Congestion control basics

Outline. TCP connection setup/data transfer. 15-441 Computer Networking. TCP Reliability. Congestion sources and collapse. Congestion control basics Outline 15-441 Computer Networking Lecture 8 TCP & Congestion Control TCP connection setup/data transfer TCP Reliability Congestion sources and collapse Congestion control basics Lecture 8: 09-23-2002

More information

Optimizing TCP Forwarding

Optimizing TCP Forwarding Optimizing TCP Forwarding Vsevolod V. Panteleenko and Vincent W. Freeh TR-2-3 Department of Computer Science and Engineering University of Notre Dame Notre Dame, IN 46556 {vvp, vin}@cse.nd.edu Abstract

More information

Names & Addresses. Names & Addresses. Hop-by-Hop Packet Forwarding. Longest-Prefix-Match Forwarding. Longest-Prefix-Match Forwarding

Names & Addresses. Names & Addresses. Hop-by-Hop Packet Forwarding. Longest-Prefix-Match Forwarding. Longest-Prefix-Match Forwarding Names & Addresses EE 122: IP Forwarding and Transport Protocols Scott Shenker http://inst.eecs.berkeley.edu/~ee122/ (Materials with thanks to Vern Paxson, Jennifer Rexford, and colleagues at UC Berkeley)

More information

Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment

Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment Using TrueSpeed VNF to Test TCP Throughput in a Call Center Environment TrueSpeed VNF provides network operators and enterprise users with repeatable, standards-based testing to resolve complaints about

More information

5. DEPLOYMENT ISSUES Having described the fundamentals of VoIP and underlying IP infrastructure, let s address deployment issues.

5. DEPLOYMENT ISSUES Having described the fundamentals of VoIP and underlying IP infrastructure, let s address deployment issues. 5. DEPLOYMENT ISSUES Having described the fundamentals of VoIP and underlying IP infrastructure, let s address deployment issues. 5.1 LEGACY INTEGRATION In most cases, enterprises own legacy PBX systems,

More information

Internet Management and Measurements Measurements

Internet Management and Measurements Measurements Internet Management and Measurements Measurements Ramin Sadre, Aiko Pras Design and Analysis of Communication Systems Group University of Twente, 2010 Measurements What is being measured? Why do you measure?

More information

Network Performance Evaluation of Latest Windows Operating Systems

Network Performance Evaluation of Latest Windows Operating Systems Network Performance Evaluation of Latest dows Operating Systems Josip Balen, Goran Martinovic, Zeljko Hocenski Faculty of Electrical Engineering Josip Juraj Strossmayer University of Osijek Osijek, Croatia

More information

AN IMPROVED SNOOP FOR TCP RENO AND TCP SACK IN WIRED-CUM- WIRELESS NETWORKS

AN IMPROVED SNOOP FOR TCP RENO AND TCP SACK IN WIRED-CUM- WIRELESS NETWORKS AN IMPROVED SNOOP FOR TCP RENO AND TCP SACK IN WIRED-CUM- WIRELESS NETWORKS Srikanth Tiyyagura Department of Computer Science and Engineering JNTUA College of Engg., pulivendula, Andhra Pradesh, India.

More information

ANALYSIS OF LONG DISTANCE 3-WAY CONFERENCE CALLING WITH VOIP

ANALYSIS OF LONG DISTANCE 3-WAY CONFERENCE CALLING WITH VOIP ENSC 427: Communication Networks ANALYSIS OF LONG DISTANCE 3-WAY CONFERENCE CALLING WITH VOIP Spring 2010 Final Project Group #6: Gurpal Singh Sandhu Sasan Naderi Claret Ramos (gss7@sfu.ca) (sna14@sfu.ca)

More information

WEB SERVER PERFORMANCE WITH CUBIC AND COMPOUND TCP

WEB SERVER PERFORMANCE WITH CUBIC AND COMPOUND TCP WEB SERVER PERFORMANCE WITH CUBIC AND COMPOUND TCP Alae Loukili, Alexander Wijesinha, Ramesh K. Karne, and Anthony K. Tsetse Towson University Department of Computer & Information Sciences Towson, MD 21252

More information

TCP for Wireless Networks

TCP for Wireless Networks TCP for Wireless Networks Outline Motivation TCP mechanisms Indirect TCP Snooping TCP Mobile TCP Fast retransmit/recovery Transmission freezing Selective retransmission Transaction oriented TCP Adapted

More information

Quality of Service Analysis of site to site for IPSec VPNs for realtime multimedia traffic.

Quality of Service Analysis of site to site for IPSec VPNs for realtime multimedia traffic. Quality of Service Analysis of site to site for IPSec VPNs for realtime multimedia traffic. A Network and Data Link Layer infrastructure Design to Improve QoS in Voice and video Traffic Jesús Arturo Pérez,

More information

Internet Infrastructure Measurement: Challenges and Tools

Internet Infrastructure Measurement: Challenges and Tools Internet Infrastructure Measurement: Challenges and Tools Internet Infrastructure Measurement: Challenges and Tools Outline Motivation Challenges Tools Conclusion Why Measure? Why Measure? Internet, with

More information

Requirements of Voice in an IP Internetwork

Requirements of Voice in an IP Internetwork Requirements of Voice in an IP Internetwork Real-Time Voice in a Best-Effort IP Internetwork This topic lists problems associated with implementation of real-time voice traffic in a best-effort IP internetwork.

More information

MOBILITY AND MOBILE NETWORK OPTIMIZATION

MOBILITY AND MOBILE NETWORK OPTIMIZATION MOBILITY AND MOBILE NETWORK OPTIMIZATION netmotionwireless.com Executive Summary Wireless networks exhibit uneven and unpredictable performance characteristics which, if not correctly managed, can turn

More information

Adopting SCTP and MPLS-TE Mechanism in VoIP Architecture for Fault Recovery and Resource Allocation

Adopting SCTP and MPLS-TE Mechanism in VoIP Architecture for Fault Recovery and Resource Allocation Adopting SCTP and MPLS-TE Mechanism in VoIP Architecture for Fault Recovery and Resource Allocation Fu-Min Chang #1, I-Ping Hsieh 2, Shang-Juh Kao 3 # Department of Finance, Chaoyang University of Technology

More information

Protagonist International Journal of Management And Technology (PIJMT) Online ISSN- 2394-3742. Vol 2 No 3 (May-2015) Active Queue Management

Protagonist International Journal of Management And Technology (PIJMT) Online ISSN- 2394-3742. Vol 2 No 3 (May-2015) Active Queue Management Protagonist International Journal of Management And Technology (PIJMT) Online ISSN- 2394-3742 Vol 2 No 3 (May-2015) Active Queue Management For Transmission Congestion control Manu Yadav M.Tech Student

More information

Lecture 15: Congestion Control. CSE 123: Computer Networks Stefan Savage

Lecture 15: Congestion Control. CSE 123: Computer Networks Stefan Savage Lecture 15: Congestion Control CSE 123: Computer Networks Stefan Savage Overview Yesterday: TCP & UDP overview Connection setup Flow control: resource exhaustion at end node Today: Congestion control Resource

More information

ECE 578 Term Paper Network Security through IP packet Filtering

ECE 578 Term Paper Network Security through IP packet Filtering ECE 578 Term Paper Network Security through IP packet Filtering Cheedu Venugopal Reddy Dept of Electrical Eng and Comp science Oregon State University Bin Cao Dept of electrical Eng and Comp science Oregon

More information

Voice over IP. Demonstration 1: VoIP Protocols. Network Environment

Voice over IP. Demonstration 1: VoIP Protocols. Network Environment Voice over IP Demonstration 1: VoIP Protocols Network Environment We use two Windows workstations from the production network, both with OpenPhone application (figure 1). The OpenH.323 project has developed

More information

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4) Chapter 3 TCP/IP Networks 3.1 Internet Protocol version 4 (IPv4) Internet Protocol version 4 is the fourth iteration of the Internet Protocol (IP) and it is the first version of the protocol to be widely

More information

Voice-Over-IP. Daniel Zappala. CS 460 Computer Networking Brigham Young University

Voice-Over-IP. Daniel Zappala. CS 460 Computer Networking Brigham Young University Voice-Over-IP Daniel Zappala CS 460 Computer Networking Brigham Young University Coping with Best-Effort Service 2/23 sample application send a 160 byte UDP packet every 20ms packet carries a voice sample

More information

Network congestion control using NetFlow

Network congestion control using NetFlow Network congestion control using NetFlow Maxim A. Kolosovskiy Elena N. Kryuchkova Altai State Technical University, Russia Abstract The goal of congestion control is to avoid congestion in network elements.

More information

Burst Testing. New mobility standards and cloud-computing network. This application note will describe how TCP creates bursty

Burst Testing. New mobility standards and cloud-computing network. This application note will describe how TCP creates bursty Burst Testing Emerging high-speed protocols in mobility and access networks, combined with qualityof-service demands from business customers for services such as cloud computing, place increased performance

More information

SIP Registration Stress Test

SIP Registration Stress Test SIP Registration Stress Test Miroslav Voznak and Jan Rozhon Department of Telecommunications VSB Technical University of Ostrava 17. listopadu 15/2172, 708 33 Ostrava Poruba CZECH REPUBLIC miroslav.voznak@vsb.cz,

More information

A Transport Protocol for Multimedia Wireless Sensor Networks

A Transport Protocol for Multimedia Wireless Sensor Networks A Transport Protocol for Multimedia Wireless Sensor Networks Duarte Meneses, António Grilo, Paulo Rogério Pereira 1 NGI'2011: A Transport Protocol for Multimedia Wireless Sensor Networks Introduction Wireless

More information

Effects of Interrupt Coalescence on Network Measurements

Effects of Interrupt Coalescence on Network Measurements Effects of Interrupt Coalescence on Network Measurements Ravi Prasad, Manish Jain, and Constantinos Dovrolis College of Computing, Georgia Tech., USA ravi,jain,dovrolis@cc.gatech.edu Abstract. Several

More information

TCP and Wireless Networks Classical Approaches Optimizations TCP for 2.5G/3G Systems. Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme

TCP and Wireless Networks Classical Approaches Optimizations TCP for 2.5G/3G Systems. Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Chapter 2 Technical Basics: Layer 1 Methods for Medium Access: Layer 2 Chapter 3 Wireless Networks: Bluetooth, WLAN, WirelessMAN, WirelessWAN Mobile Networks: GSM, GPRS, UMTS Chapter 4 Mobility on the

More information

The new frontier of the DATA acquisition using 1 and 10 Gb/s Ethernet links. Filippo Costa on behalf of the ALICE DAQ group

The new frontier of the DATA acquisition using 1 and 10 Gb/s Ethernet links. Filippo Costa on behalf of the ALICE DAQ group The new frontier of the DATA acquisition using 1 and 10 Gb/s Ethernet links Filippo Costa on behalf of the ALICE DAQ group DATE software 2 DATE (ALICE Data Acquisition and Test Environment) ALICE is a

More information

TCP over Wireless Networks

TCP over Wireless Networks TCP over Wireless Networks Raj Jain Professor of Computer Science and Engineering Washington University in Saint Louis Saint Louis, MO 63130 Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse574-10/

More information

Measure wireless network performance using testing tool iperf

Measure wireless network performance using testing tool iperf Measure wireless network performance using testing tool iperf By Lisa Phifer, SearchNetworking.com Many companies are upgrading their wireless networks to 802.11n for better throughput, reach, and reliability,

More information

Digital Audio and Video Data

Digital Audio and Video Data Multimedia Networking Reading: Sections 3.1.2, 3.3, 4.5, and 6.5 CS-375: Computer Networks Dr. Thomas C. Bressoud 1 Digital Audio and Video Data 2 Challenges for Media Streaming Large volume of data Each

More information

1. The subnet must prevent additional packets from entering the congested region until those already present can be processed.

1. The subnet must prevent additional packets from entering the congested region until those already present can be processed. Congestion Control When one part of the subnet (e.g. one or more routers in an area) becomes overloaded, congestion results. Because routers are receiving packets faster than they can forward them, one

More information

Data Networks Summer 2007 Homework #3

Data Networks Summer 2007 Homework #3 Data Networks Summer Homework # Assigned June 8, Due June in class Name: Email: Student ID: Problem Total Points Problem ( points) Host A is transferring a file of size L to host B using a TCP connection.

More information

Improved Multiple File Transfer Protocol using Extended features of SCTP

Improved Multiple File Transfer Protocol using Extended features of SCTP Vol.2, Issue.3, May-June 2012 pp-1034-1038 ISSN: 2249-6645 Improved Multiple File Transfer Protocol using Extended features of SCTP Prabhanshu Jaiswal 1,Gaurav Agrawal 2,Pushpendra Singh 3, Dr. A.K. Sharma

More information

Tutorial 1 (Week 6) Introduction

Tutorial 1 (Week 6) Introduction COMP 333/933 Computer Networks and Applications Tutorial (Week 6) Introduction Problem Set, Question 7 Suppose two hosts, A and B are separated by, kms and are connected by a direct link of R = Mbps. Suppose

More information

ICOM 5026-090: Computer Networks Chapter 6: The Transport Layer. By Dr Yi Qian Department of Electronic and Computer Engineering Fall 2006 UPRM

ICOM 5026-090: Computer Networks Chapter 6: The Transport Layer. By Dr Yi Qian Department of Electronic and Computer Engineering Fall 2006 UPRM ICOM 5026-090: Computer Networks Chapter 6: The Transport Layer By Dr Yi Qian Department of Electronic and Computer Engineering Fall 2006 Outline The transport service Elements of transport protocols A

More information

Application Note. Windows 2000/XP TCP Tuning for High Bandwidth Networks. mguard smart mguard PCI mguard blade

Application Note. Windows 2000/XP TCP Tuning for High Bandwidth Networks. mguard smart mguard PCI mguard blade Application Note Windows 2000/XP TCP Tuning for High Bandwidth Networks mguard smart mguard PCI mguard blade mguard industrial mguard delta Innominate Security Technologies AG Albert-Einstein-Str. 14 12489

More information

Module 11: TCP/IP Transport and Application Layers

Module 11: TCP/IP Transport and Application Layers Module 11: TCP/IP Transport and Application Layers 11.1 TCP/IP Transport Layer 11.1.1 Introduction to the TCP/IP transport layer The primary duties of the transport layer are to transport and regulate

More information

NETWORK LAYER/INTERNET PROTOCOLS

NETWORK LAYER/INTERNET PROTOCOLS CHAPTER 3 NETWORK LAYER/INTERNET PROTOCOLS You will learn about the following in this chapter: IP operation, fields and functions ICMP messages and meanings Fragmentation and reassembly of datagrams IP

More information

IP - The Internet Protocol

IP - The Internet Protocol Orientation IP - The Internet Protocol IP (Internet Protocol) is a Network Layer Protocol. IP s current version is Version 4 (IPv4). It is specified in RFC 891. TCP UDP Transport Layer ICMP IP IGMP Network

More information

MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN

MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN MONITORING OF TRAFFIC OVER THE VICTIM UNDER TCP SYN FLOOD IN A LAN Kanika 1, Renuka Goyal 2, Gurmeet Kaur 3 1 M.Tech Scholar, Computer Science and Technology, Central University of Punjab, Punjab, India

More information

Simple Network Management Protocol

Simple Network Management Protocol A Seminar Report on Simple Network Management Protocol Submitted in partial fulfillment of the requirement for the award of degree Of Computer Science SUBMITTED TO: SUBMITTED BY: www.studymafia.org www.studymafia.org

More information

15-441: Computer Networks Homework 2 Solution

15-441: Computer Networks Homework 2 Solution 5-44: omputer Networks Homework 2 Solution Assigned: September 25, 2002. Due: October 7, 2002 in class. In this homework you will test your understanding of the TP concepts taught in class including flow

More information

USING LOCAL NETWORK AUDIT SENSORS AS DATA SOURCES FOR INTRUSION DETECTION. Integrated Information Systems Group, Ruhr University Bochum, Germany

USING LOCAL NETWORK AUDIT SENSORS AS DATA SOURCES FOR INTRUSION DETECTION. Integrated Information Systems Group, Ruhr University Bochum, Germany USING LOCAL NETWORK AUDIT SENSORS AS DATA SOURCES FOR INTRUSION DETECTION Daniel Hamburg,1 York Tüchelmann Integrated Information Systems Group, Ruhr University Bochum, Germany Abstract: The increase of

More information

Internet Protocol: IP packet headers. vendredi 18 octobre 13

Internet Protocol: IP packet headers. vendredi 18 octobre 13 Internet Protocol: IP packet headers 1 IPv4 header V L TOS Total Length Identification F Frag TTL Proto Checksum Options Source address Destination address Data (payload) Padding V: Version (IPv4 ; IPv6)

More information

Analysis of IP Network for different Quality of Service

Analysis of IP Network for different Quality of Service 2009 International Symposium on Computing, Communication, and Control (ISCCC 2009) Proc.of CSIT vol.1 (2011) (2011) IACSIT Press, Singapore Analysis of IP Network for different Quality of Service Ajith

More information

Allocating Network Bandwidth to Match Business Priorities

Allocating Network Bandwidth to Match Business Priorities Allocating Network Bandwidth to Match Business Priorities Speaker Peter Sichel Chief Engineer Sustainable Softworks psichel@sustworks.com MacWorld San Francisco 2006 Session M225 12-Jan-2006 10:30 AM -

More information

Adaptive DCF of MAC for VoIP services using IEEE 802.11 networks

Adaptive DCF of MAC for VoIP services using IEEE 802.11 networks Adaptive DCF of MAC for VoIP services using IEEE 802.11 networks 1 Mr. Praveen S Patil, 2 Mr. Rabinarayan Panda, 3 Mr. Sunil Kumar R D 1,2,3 Asst. Professor, Department of MCA, The Oxford College of Engineering,

More information

A Comparative Analysis of TCP Tahoe, Reno, New-Reno, SACK and Vegas

A Comparative Analysis of TCP Tahoe, Reno, New-Reno, SACK and Vegas A Comparative Analysis of TCP Tahoe, Reno, New-Reno, SACK and Vegas Abstract: The purpose of this paper is to analyze and compare the different congestion control and avoidance mechanisms which have been

More information

RARP: Reverse Address Resolution Protocol

RARP: Reverse Address Resolution Protocol SFWR 4C03: Computer Networks and Computer Security January 19-22 2004 Lecturer: Kartik Krishnan Lectures 7-9 RARP: Reverse Address Resolution Protocol When a system with a local disk is bootstrapped it

More information

TDM services over IP networks

TDM services over IP networks Keyur Parikh Junius Kim TDM services over IP networks 1. ABSTRACT Time Division Multiplexing (TDM) circuits have been the backbone of communications over the past several decades. These circuits which

More information

4 High-speed Transmission and Interoperability

4 High-speed Transmission and Interoperability 4 High-speed Transmission and Interoperability Technology 4-1 Transport Protocols for Fast Long-Distance Networks: Comparison of Their Performances in JGN KUMAZOE Kazumi, KOUYAMA Katsushi, HORI Yoshiaki,

More information

Internet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering

Internet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls

More information

Lab Exercise 802.11. Objective. Requirements. Step 1: Fetch a Trace

Lab Exercise 802.11. Objective. Requirements. Step 1: Fetch a Trace Lab Exercise 802.11 Objective To explore the physical layer, link layer, and management functions of 802.11. It is widely used to wireless connect mobile devices to the Internet, and covered in 4.4 of

More information

A Survey on Congestion Control Mechanisms for Performance Improvement of TCP

A Survey on Congestion Control Mechanisms for Performance Improvement of TCP A Survey on Congestion Control Mechanisms for Performance Improvement of TCP Shital N. Karande Department of Computer Science Engineering, VIT, Pune, Maharashtra, India Sanjesh S. Pawale Department of

More information