Similar documents
1.- L a m e j o r o p c ió n e s c l o na r e l d i s co ( s e e x p li c a r á d es p u é s ).

H ig h L e v e l O v e r v iew. S te p h a n M a rt in. S e n io r S y s te m A rc h i te ct







Campus Sustainability Assessment and Related Literature

i n g S e c u r it y 3 1B# ; u r w e b a p p li c a tio n s f r o m ha c ke r s w ith t his å ] í d : L : g u id e Scanned by CamScanner





ACE-1/onearm #show service-policy client-vips


Practice Writing the Letter A


SCO TT G LEA SO N D EM O Z G EB R E-




I n la n d N a v ig a t io n a co n t r ib u t io n t o eco n o m y su st a i n a b i l i t y





proxy cert request dn, cert, Pkey, VOMS cred. (short lifetime) certificate: dn, ca, Pkey mod_ssl pre-process: parameters->

Workload Management Services. Data Management Services. Networking. Information Service. Fabric Management

Overview of Spellings on


PSTN. Gateway. Switch. Supervisor PC. Ethernet LAN. IPCC Express SERVER. CallManager. IP Phone. IP Phone. Cust- DB

Online Department Stores. What are we searching for?


CREATE SHAPE VISUALIZE


How To Know If You Are A Good Or Bad Person

Open Source Software Open Standards

<?xml version="1.0" encoding="utf-8"?> <soapenv:envelope xmlns:soapenv="

AN EVALUATION OF SHORT TERM TREATMENT PROGRAM FOR PERSONS DRIVING UNDER THE INFLUENCE OF ALCOHOL P. A. V a le s, Ph.D.


Put the human back in Human Resources.


B R T S y s te m in S e o u l a n d In te g r a te d e -T ic k e tin g S y s te m


EM EA. D is trib u te d D e n ia l O f S e rv ic e


3 k t h R e m e A c c e s s b t t t V T T c h t h p V T. Cl ic e ot rad io ut on nex o PN unnel yp e and oose e ap rop riat e PN unnel Int erfac e. 4.

California Treasures Phonics Scope and Sequence K-6

UNIK4250 Security in Distributed Systems University of Oslo Spring Part 7 Wireless Network Security

d e f i n i c j i p o s t a w y, z w i z a n e j e s t t o m. i n. z t y m, i p o jі c i e t o


e-global Logistics Harald Lundestad February 14, 2001

Using Predictive Modeling to Reduce Claims Losses in Auto Physical Damage

1. Oblast rozvoj spolků a SU UK 1.1. Zvyšování kvalifikace Školení Zapojení do projektů Poradenství 1.2. Financování

JCUT-3030/6090/1212/1218/1325/1530

R e t r o f i t o f t C i r u n i s g e C o n t r o l

B a rn e y W a r f. U r b a n S tu d ie s, V o l. 3 2, N o. 2, ±3 7 8



Bewährte Six Sigma Tools in der Praxis

A n d r e w S P o m e r a n tz, M D

Thuraya XT-LITE Simple. Reliable. Affordable.

M P L S /V P N S e c u rity , C is c o S y s te m s, In c. A ll rig h ts re s e rv e d.

CIS CO S Y S T E M S. G u ille rm o A g u irre, Cis c o Ch ile , C is c o S y s te m s, In c. A ll rig h ts re s e rv e d.

With Rejoicing Hearts/ Con Amor Jovial. A Fm7 B sus 4 B Cm Cm7/B


Understanding, Modelling and Improving the Software Process. Ian Sommerville 1995 Software Engineering, 5th edition. Chapter 31 Slide 1

w ith In fla m m a to r y B o w e l D ise a se. G a s tro in te s tin a l C lin ic, , K a s h iw a z a, A g e o C ity, S a ita m a

Public Health is Like..

Victims Compensation Claim Status of All Pending Claims and Claims Decided Within the Last Three Years


HR DEPARTMENTAL SUFFIX & ORGANIZATION CODES

Beverlin Allen, PhD, RN, MSN, ARNP

How To Be A Successful Thai



Software Quality Requirements and Evaluation, the ISO Series

NAMA FILM Aleksinackih rudara 39A Beograd, Serbia Tel/Fax: Mobile: princip@eunet.rs

CUSTOMER INFORMATION SECURITY AWARENESS TRAINING


Voxeo CXP Analyzer Report Samples


U S B Pay m e n t P r o c e s s i n g TM

MS IN EARLY CHILDHOOD STUDIES


W h a t is m e tro e th e rn e t

A Comparison of Jolly Phonics and Jolly Grammar with the Six Phases of Letters and Sounds

Workload Management Services. Data Management Services. Networking. Information Service. Fabric Management

B I N G O B I N G O. Hf Cd Na Nb Lr. I Fl Fr Mo Si. Ho Bi Ce Eu Ac. Md Co P Pa Tc. Uut Rh K N. Sb At Md H. Bh Cm H Bi Es. Mo Uus Lu P F.

C e r t ifie d Se c u r e W e b

III Bienal de Autismo Página 1 / 43

LYXOR ASSET MANAGEMENT THE POWER TO PERFORM IN ANY MARKET


Lockheed Martin s Move to Assurance: Software Safety and Security Certification Best Practices (BP)

WAR NING S E C TION 1 : INTR ODUC TION HIG H V OLT AG E S C AN K ILL TC -V2 digital controller. 1.1 S afety P reca utions (WAR NING S )

Transcription:

Device I n s t r u m en t a t io n E x a m p l es : I P S L A s & N et F l o w Presented by Emmanuel Tychon Techni cal M ark eti ng Eng i neer TU D resden, J anuary 1 7 th 2 0 0 7 1.

C is co I O S I P S L A s 2

M Today s M u l t i m e di a Q os R e q u i r e m e n t s ( E x am p l e s ) T r a f f i c T y p e M a x i m u m P a c k e t L o s s M a x i m u m O n e -W a y L a t e n c y a x. J i t t e r V o I P (l and l ine q ual ity ) 1 % 1 2 0 m s 3 0 m s V i d e o - c o n f e r e n c i n g 1 % 2 0 0 m s 5 0 m s S t r e a m i n g v i d e o ( o n e w a y v i d e o ) 2 % 5 s N/A (assuming the receive buffer is l arge eno ugh) How to measure? 3

A r c h i t e c t u r e O v e r v i e w IP SLAs is a f e at u r e t o t e st t h e n e t w o r k m e t r ic s an d t o v al id at e SLAs. IPSLA R e s p o n d e r IPSLA-T e s t R o u t e r IPSLA Se n d e r IP H o s t M a n a g e m e n t ( o p t i o n a l ) T a r g e t s 4

K I P S L A O p e r at i on w i t h R e s p on de r [ 1 / 2 ] IPSLA Sender C o nt ro l M es s a g e As k R ec ei v er t o O p en Po rt 2 0 2 0 o n U D P) IPSLA R es p o nder C o nt ro l Ph a s e Pro b i ng Ph a s e IPSLA-C o n t r o l IPSLA-T e s t R es p o nder Sa y s O Sendi ng T es t Pa c k et s D o ne: St o p Li s t eni ng U D P, 1 9 6 7 St a rt Li s t eni ng o n U D P Po rt 2 0 2 0 U D P, 2 0 2 0 5

U D P J i t t e r O p e r at i on Measures t h e d el ay, d el ay v ari an c e ( j i t t er) an d p ac k et l o ss b y g en erat i n g p eri o d i c U D P t raf f i c. Measures: p er-d i rec t i o n j i t t er, p er-d i rec t i o n p ac k et -l o ss an d ro un d t ri p t i m e. D et ec t an d rep o rt o ut -o f -seq uen c e an d c o rrup t ed p ac k et s. O n e-w ay d el ay req ui res C i sc o I O S 1 2.2 ( 2 ) T o r l at er an d c l o c k sy n c h ro n i z at i o n b et w een so urc e an d d est i n at i o n. A l w ay s req ui res I P S L A resp o n d er. S t art i n g C i sc o I O S 1 2.3 ( 4 ) T, t h e o p erat i o n c an m easure MO S an d I C P I F sc o res f o r V o I P. 6

p e P2 U D P J i t t e r - M e as u r e m e n t E x am p l e Send Pa c k et s i 1 P1 S Tx = s e n t t s t a m f o r p a c k e t x. P2 R ec ei v e p a c k et s i 2 P1 ST2 ST1 IPSLA R ef l ec t ed p a c k et s P1 i 4 P2 IP C o r e R T2 R T1 R es p o nder R ep l y t o p a c k et s P1 i 3 P2 RTx = r e c e i v e t s t a m p f o r p a c k e t x. dx = p r o c e s s i n g t i m s p e n t b e t w e e n p a c k e t a r r i v a l a n d t r e a t m e n t. A T1 A T2 R T1 + d 1 R T2+ d 2 A Tx = r e c e i v e t s t a m p f o r p a c k e t x. E a c h p a c k et c o nt a i ns ST x, R T x, AT x, dx a nd t h e s o u rc e c a n no w c a l c u l a t e: J i t t ersd = ( R T 2 -R T 1 ) -( ST 2 -ST 1 ) = i 2 -i 1 J i t t erd S = ( AT 2 -AT 1 ) -( ( R T 2 + d2 ) -( R T 1 + d1 ) ) = i 4 -i 3 7

U D P J i t t e r O p e r at i on ( E x am p l e ) Simulating G.711 V o I P c all. Us e R T P / UD P p o r ts 16 3 8 4 and ab o v e, th e p ac k e t s iz e is 172 b y te s ( 16 0 b y te s o f p ay lo ad, 12 b y te s f o r R T P h e ad e r ). P ac k e ts ar e s e nt e v e r y 2 0 millis e c o nd s ( d e f ault inte r v al). M ar k e d w ith D SC P v alue o f 8 ( T O S e q uiv ale nt 0 x 2 0 ). R uns e v e r y minute ( d e f ault f r e q ue nc y ) ip sla 1 u d p-j it t e r 1 0. 0. 0. 2 1 6 3 8 4 n u m -pac k e t s 1 0 0 0 r e q u e st -d at a-siz e 1 7 2 t o s 2 0 ip sla sc h e d u le 1 st ar t -t im e n o w A B C A = 2 0 m s B = 2 0 s ( 1 0 0 0 x 2 0 m s ) C = 4 0 s ( 6 0 s 2 0 s ) 8

N et F l o w 9

M M M W h at i s N e t F l ow? NetFlow S u b inter f ace S u ppor t E g r es s NetFlow A ccou nting NetFlow v 9 NetFlow P L S E g r es s NetFlow P L S E g r es s NetFlow A ccou nting P L S A war e NetFlow NetFlow S u ppor t per V lan M ax imu m M as k A g g r eg ate O u tpu t NetFlow NetFlow M u lticas t S u ppor t NetFlow P olicy R ou ting NetFlow R eliab le E x por t ( S C TP ) O u tpu t S ampled NetFlow NetFlow B r id g ed Flow S tatis tics R and om S ampled NetFlow NetFlow A g g r eg ation NetFlow Data E x por t S ampled NetFlow Data E x por t NetFlow Dynamic Top NetFlow E x por t of B G P Nex t H op Talk er s C L I NetFlow M u ltiple E x por t NetFlow ex por t with B G P A S NetFlow I npu t Filter s NetFlow Data E x por t Flowmas k NetFlow TO S -b as ed NetFlow f or I P v 6 u nicas t Tr af f ic Flex ib le NetFlow R ou ter A g g r eg ation NetFlow I npu t Filter s with mu lti-s ampling r ates NetFlow L ayer 2 f or S ecu r ity M onitor ing NetFlow Data E x por t v er s ion 5 NetFlow M I B and Top Talk er s S ampled NetFlow NetFlow Top Talk er s NetFlow Data E x por t v er s ion 8 NetFlow Top Talk er s C L I NetFlow M inimu m P r ef ix M as k f or R ou ter - b as ed A g g r eg 10

Q V e r s i on 5 F l ow F or m at U sag e PP aa cc kk et CC ou nn t BB yy te CC ou nn t SS ou rc e II P P Address DD esti nn aa ti on II P P Address F rom/ To Ti me of D ay Port U ti li z ati on os SS ta rt sy su pt ii mm e EE nn d sy su pt ii mm e II nn pu t ii ff II nn dex OO uu tpu t ii ff II nn dex TT yy pe of SS erv ii cc e TT CC P P FF ll aa gg s PP rotoc ol SS ou rc e TT CC P P // UU DD P P PP ort DD esti nn aa ti on TT CC P P // UU DD P P PP ort Next Hop Address SS ou rc e AS Nu mm bb er DD est. AS Nu RR outi mm bb er ng SS ou rc e PP ref ii x MM aa sk DD est. PP ref ii x MM aa sk A p p li cati on R outi ng and Peeri ng Flow Keys 11

F l e x i b l e N e t F l ow H i g h L e v e l C on c e p t s an d A dv an t ag e s Flexible NetFlow feature allows user configurable NetFlow record form ats, selecting from a collection of fields: K e y N o n -k e y C o u n t e r T i m e s t a m p A dv antages: T a i l o r a c a c h e f o r s p e c i f i c a p p l i c a t i o n s, n o t c o v e r e d b y e x i s t i n g 2 1 N e t F l o w f e a t u r e s B e t t e r s c a l a b i l i t y s i n c e f l o w r e c o r d c u s t o m r e d u c e s n u m b e r o f f l o w s t o m o n i t o r D i f f e r e n t N e t F l o w c o n f i g u r a t i o n : P e r s u b i n t e r f a c e P e r d i r e c t i o n ( i n g r e s s / e g r e s s ) P e r s a m E t c. p l e r i z a t i o n f o r p a r t i c u l a r a p p l i c a t i o n 12

M M F l e x i b l e N e t F l ow M u l t i p l e M on i t or s w i t h U n i q u e K e y F i e l ds Traf f i c F l o w o n i t o r 1 F l o w o n i t o r 2 K ey F i el d s P ack et 1 N o n-k ey F i el d s K ey F i el d s P ack et 1 N o n-k ey F i el d s S o urce IP 3. 3. 3. 3 P ack ets S o urce IP 3. 3. 3. 3 P ack ets D es ti nati o n IP 2. 2. 2. 2 B y tes D es t IP 2. 2. 2. 2 T i m es tam ps S o urce P o rt 2 3 T i m es tam ps Input Interface E th ernet 0 D es ti nati o n O o rt 2 2 07 8 N ex t H o p A d d res s S Y N F l ag 0 L ay er 3 P ro to co l T C P - 6 T O S B y te 0 Input Interface E th ernet 0 Tr af f ic A nalys is C ach e S ecu r ity A nalys is C ach e S o u r c e I P 3. 3. 3. 3 D e s t. I P 2. 2. 2. 2 S o u r c e P o r t 23 D e s t. P o r t 22078 I n p u t P r o t o c o l T O S I / F E 6 0 0 P k t s 1100 S o u r c e I P 3. 3. 3. 3 D e s t. I P I n p u t I / F F l a g E 2. 2. 2. 2 0 0 P k t s 11000 13

C on f i g u r e a U s e r -D e f i n e d F l ow R e c or d C onf i g ure the Ex p orter Router(config)#flow exporter my-e x p o r t e r Router(config-flow-exporter)#d es tina tion 1. 1. 1. 1 C onf i g ure the F low R ecord Router(config)#flow record my-r e c o r d Router(config-flow-record )#m a tch ipv 4 icm p ty pe Router(config-flow-record )#m a tch ipv 4 icm p cod e Router(config-flow-record )#collect counter b y tes C onf i g ure the F low M oni tor Router(config)#flow m onitor my-mo n i t o r Router(config-flow-m onitor)#exporter my-e x p o r t e r Router(config-flow-m onitor)#record my-r e c o r d C onf i g ure the I nterf ace Router(config)#int s 3 / 0 Router(config-if)#ip flow m onitor my-mo n i t o r input 14

M O O O I P v 4 I P ( S o u r c e o r D e s t i n a t i o n ) P r o t o c o l F r a g m F l a g s I D F l e x i b l e F l ow K e y P r e f i x ( S o u r c e o r D e s t i n a t i o n ) a s k ( S o u r c e o r D e s t i n a t i o n ) M i n i m u m -M a s k ( S o u r c e o r D e s t i n a t i o n ) F r a g m f f s e t e n t a t i o n e n t a t i o n To t a l L e n g t h P a y l o a d S i z e P a c k e t S e c t i o n ( H e a de r ) P a c k e t S e c t i o n ( P a y l o a d) TTL p t i o n s V e r s i o n P r e c e de n c e D S C P H e a de r L e n g t h TO S I n p u t R o ut i n g D e s t i n a t i o n A S P e e r A S Tr a f f i c I n de x F o r w a r di n g S t a t u s I s -M I G B G P N e x t H o p F l o w S a m P N e x t H o p I n t erf ac e u t p u t u l t i c a s t p l e r I D D i r e c t i o n T ran sp o rt D e s t i n a t i o n P o r t S o u r c e P o r t I C M I C M I G M P Ty p e TC P A C K N u m TC P H e a de r L e n g t h TC P W P C o de P Ty p e TC P S e q u e n c e N u m b e r b e r i n do w -S i z e TC P S o u r c e P o r t TC P D e s t i n a t i o n P o r t TC P U r g e n t P o i n t e r TC P F l a g : A C K TC P F l a g : C W TC P F l a g : E C E TC P F l a g : F I N TC P F l a g : P S H TC P F l a g : RS T TC P F l a g : S Y N TC P F l a g : U RG U D P M L e n g t h e s s a g e R U D P S o u r c e P o r t U D P D e s t i n a t i o n P o r t 15

F l e x i b l e F l ow N on -K e y A n y o f t h e p o t en t i al k ey f i el d : w i l l b e t h e v al ue o f t h e f i rst p ac k et i n t h e f l o w P l us C o un t ers T i m est am p I P v 4 B y te s B y te s L o ng B y te s Sq uar e Sum P ac k e t P ac k e t L o ng s y s Up T ime F ir s t P ac k e t s y s Up T ime F ir s t P ac k e t To t a l L e n g t h M i n i m u m To t a l L e n g t h M a x i m u m TTL M i n i m u m TTL M a x i m u m 16

17