Troubleshooting Network Performance with Alpine



Similar documents
Demystifying BGP: By Jeffrey Papen Thursday, May 15th, 2003

Border Gateway Protocol (BGP)

A Link Load Balancing Solution for Multi-Homed Networks

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Internet Protocol: IP packet headers. vendredi 18 octobre 13

LHCONE Site Connections

Intelligent Routing Platform White Paper

Multi-Homing Dual WAN Firewall Router

Inter-domain Routing Basics. Border Gateway Protocol. Inter-domain Routing Basics. Inter-domain Routing Basics. Exterior routing protocols created to:

Lab - Mapping the Internet

How To Build A Lightpath Network For Multiple Lightpath Projects

Firewall VPN Router. Quick Installation Guide M73-APO09-380

Using VDOMs to host two FortiOS instances on a single FortiGate unit

Best Practices for Eliminating Risk from Routing Changes

Troubleshooting and Maintaining Cisco IP Networks Volume 1

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE)

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January

Cisco IOS Flexible NetFlow Technology

HP Networking BGP and MPLS technology training

ETHEL THE AARDVARK GOES BGP ROUTING

How To Load Balance On A Bgg On A Network With A Network (Networking) On A Pc Or Ipa On A Computer Or Ipad On A 2G Network On A Microsoft Ipa (Netnet) On An Ip

PT Activity 8.1.2: Network Discovery and Documentation Topology Diagram

Routing & Traffic Analysis for Converged Networks. Filling the Layer 3 Gap in VoIP Management

Deploying in a Distributed Environment

DEGREE THESIS. Improving Network Performance by Implementing the Path Control Tools. Derick Kolle Nduge, Augustine Chika, Mohammednur Ibrahim

LiveAction: GUI-Based Management and Visualization for Cisco Intelligent WAN

Network Management Deployment Guide

NetFlow Aggregation. Feature Overview. Aggregation Cache Schemes

This document describes how the Meraki Cloud Controller system enables the construction of large-scale, cost-effective wireless networks.

Sage ERP Accpac Online

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs

Sage 300 ERP Online. Mac Resource Guide. (Formerly Sage ERP Accpac Online) Updated June 1, Page 1

ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B.

How To Understand and Configure Your Network for IntraVUE

Broadband Phone Gateway BPG510 Technical Users Guide

Common Services Platform Collector 2.5 Quick Start Guide

Traceroute The Internet s Diagnostic Tool

Border Gateway Protocol Best Practices

IP Routing Configuring Static Routes

Com.X Router/Firewall Module. Use Cases. White Paper. Version 1.0, 21 May Far South Networks

Datagram-based network layer: forwarding; routing. Additional function of VCbased network layer: call setup.

Table of Contents. Cisco How Does Load Balancing Work?

How To Get Started With Whatsup Gold

IP Routing Configuring RIP, OSPF, BGP, and PBR

Advanced BGP Policy. Advanced Topics

Network provider filter lab

Ford ANX Troubleshooting Procedure for use by Trading Partners

Border Gateway Protocol BGP4 (2)

Brocade to Cisco Comparisons

WHITE PAPER September CA Nimsoft For Network Monitoring

Bell Aliant. Business Internet Border Gateway Protocol Policy and Features Guidelines

NMS300 Network Management System

Zarząd (7 osób) F inanse (13 osób) M arketing (7 osób) S przedaż (16 osób) K adry (15 osób)

Evaluation guide. Vyatta Quick Evaluation Guide

AWS Direct Connect. User Guide API Version

Private IP Overview. Feature Description Benefit to the Customer

Introduction to Routing and Packet Forwarding. Routing Protocols and Concepts Chapter 1

Claudio Jeker. RIPE 41 Meeting Amsterdam, 15. January Using BGP topology information for DNS RR sorting

Report of Independent Auditors

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

BGP (Border Gateway Protocol)

Understanding Large Internet Service Provider Backbone Networks

Outline. EE 122: Interdomain Routing Protocol (BGP) BGP Routing. Internet is more complicated... Ion Stoica TAs: Junda Liu, DK Moon, David Zats

Chapter 4 Connecting to the Internet through an ISP

Application Description

Lab Organizing CCENT Objectives by OSI Layer

WHITE PAPER OCTOBER CA Unified Infrastructure Management for Networks

How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface

Overview of Inventory Management

co Characterizing and Tracing Packet Floods Using Cisco R

Lab Configuring Access Policies and DMZ Settings

IP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview

APPLICATION-AWARE ROUTING IN SOFTWARE-DEFINED NETWORKS

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

DD2491 p Load balancing BGP. Johan Nicklasson KTHNOC/NADA

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Tutorial: Options for Blackhole and Discard Routing. Joseph M. Soricelli Wayne Gustavus NANOG 32, Reston, Virginia

A Heterogeneous Internetworking Model with Enhanced Management and Security Functions

Introduction To Computer Networking

Network Level Multihoming and BGP Challenges

Route Optimization. rek Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks 1

BGP1 Multihoming and Traffic Engineering

Hands on Workshop. Network Performance Monitoring and Multicast Routing. Yasuichi Kitamura NICT Jin Tanaka KDDI/NICT APAN-JP NOC

Fireware How To Dynamic Routing

JNCIA-Junos Study Guide Part 2

Chapter 1 Configuring Basic Connectivity

SERVICE LEVEL AGREEMENT

BGP: Border Gateway Protocol

MPLS Network Design & Monitoring

PANDORA FMS NETWORK DEVICE MONITORING

2.0 Dual WAN Select Dual-WAN, you will see the following screen shot, Figure 0.1(Dual-WAN Screen Shot) Figure 0.1(Dual-WAN Screen Shot)

Beginning BGP. Peter J. Welcher. Introduction. When Do We Need BGP?

PREPARED FOR ABC CORPORATION

Border Gateway Protocol (BGP-4)

Computer Networks I Laboratory Exercise 1

About the Technical Reviewers

Transcription:

Troubleshooting Network Performance with Alpine Jeffrey Papen As a Network Engineer, I am often annoyed by slow Internet performance caused by network issues like congestion, fiber cuts, and packet loss. I would love to wave a magic wand at my DSL modem to re-route traffic down the fastest available path, but my only recourse is opening trouble tickets with my ISP. Waiting for my ISP to fix the problem often leaves me frustrated with their inability to avoid problem networks and identify faster paths. Single-homed networks (those having only one ISP, like my home LAN) must wait for their ISP to resolve network issues. Multi-homed networks (those having connections to multiple ISPs, like Yahoo! and Peak Web Hosting) offer significantly reduced problem resolution times by routing traffic around poorly performing networks. Previously, when users discovered problems getting to external networks, finding unique alternate paths was a complex process. Learning all available paths required logging into multiple routers and repeatedly executing the same diagnostic commands. Depending on the situation, rerouting traffic to test a candidate path could be as simple as adding static routes or could involve all kinds of network voodoo. Also, this highly invasive testing method carried the risk of degrading all network performance. I have often spent more than an hour finding a faster path to an important external network. Because rerouting traffic and testing alternate paths consumes extensive network engineering time and resources, giving users the ability to test available networking options without changing router configurations or affecting live network traffic is clearly advantageous for any multi-homed environment. In this article, I will describe the freeware application Alpine, which makes this troubleshooting process faster, easier, and less invasive. Alpine does not affect existing network traffic and requires no special user privileges, router access, or router configuration changes. Troubleshooting tasks that previously required an hour of manual configuration can now be done in less than 5 minutes. Alpine can be used by network engineers, sys admins, and users to research the performance for each available option and find the fastest path. How Alpine Works

Alpine's Web interface collects data, processes routes, and reports network path performance statistics. (See sidebar "Alpine Step by Step".) Zebra is a software-based routing daemon, similar to gated, that runs on UNIX servers. Zebra acts identically to other BGP routers, allowing it to learn each router's full routing table. Alpine uses the zebra daemon to learn Border Gateway Protocol (BGP) routes from all externally connected routers. (See Figure 1.) Although routers connected to different ISPs may learn multiple paths to the same destination, they only re-advertise their best path to BGP neighbors. While it would be convenient for routers to know every possible path for each Internet prefix, keeping the BGP routing table size manageable requires BGP to advertise only its best path for each routing table entry. Alpine will search zebra's BGP table for the prefix that most specifically matches the target IP address. (See Figure 2.) Because zebra's BGP table contains only the best route from each router, Alpine employs SNMP to learn every router's complete list of paths to the target prefix. SNMP read-only permission is the only router access Alpine requires. This routing data could also be obtained by accessing a router's commandline interface via telnet or SSH, however this method represents a larger security risk and the additional complexity of parsing multiple vendors' command-line interface output. After SNMP polling, Alpine displays each routing option's list of ISPs used to reach the target destination. Included are links to test each path's performance. Clicking on these links sends ping, traceroute, or mtr (Matt's Traceroute) diagnostic traffic out the specified ISP. (See Figures 3-5.) Filter-Based Forwarding When routers receive a packet, they examine its destination IP, look up in their routing table the correct outgoing interface based on that destination IP, and forward the packet out that interface. Filter-based forwarding allows routers to alter this default process. With filter-based forwarding, a router uses a firewall, or Access Control List (ACL), to match a packet's source IP, destination IP, protocol, port, or other fields. When the firewall matches a packet, the router overrides the default routing table's choice, forwarding the packet out a user-defined interface. Filter-based forwarding directs only selected packets to non-default paths, enabling testing of each candidate path's performance without affecting existing traffic. Without filter-based forwarding, traffic always follows the same path and networkwide rerouting remains the only method to test alternate paths. Rerouting all traffic is

potentially dangerous and may utilize worse performing paths or induce other network problems. Every major router vendor supports some filter-based forwarding. However, implementation differences can affect Alpine installations. While Juniper Networks implements hardware-based policy routing, imposing no performance impact, Cisco's software implementation requires the router's CPU to make each routing decision, potentially slowing overall system performance. (See Listings 1 and 2.) Alpine servers should connect to Cisco routers on a dedicated interface to avoid impacting other traffic. (See Figure 6.) Alpine Configuration The Alpine server is configured with one IP address for every BGP neighbor. The Web interface explicitly sets the correct source IP for the user-defined test application: ping, traceroute, or mtr. The router's filter-based forwarding matches on the source IP and reroutes traffic out the requested ISP rather than to the default BGP path. Because filter-based forwarding only matches on the packet's source IP, Alpine performance testing easily can be expanded to include any network application, such as HTTP requests or streaming media applications. All server traffic destined to external networks uses a single static default gateway. If the Alpine server's default gateway is the only router connected to external ISPs, the Alpine server requires no additional configuration. If there are multiple egress routers, the Alpine server needs the additional configuration of IPFW or IP chains. Rather than following the default gateway, IPFW explicitly sets the correct egress router. Understanding BGP and Alpine's Output Every BGP network belongs to an Autonomous System (AS) number. As networks throughout the Internet learn and exchange routing information, each BGP network prepends its AS number to create the prefix's AS path. The AS path is essentially a map showing which path traffic to this prefix will follow. Because the AS path appears as a cryptic string of numbers, Alpine displays (next to each AS number) either a user-defined description or a link to look up the AS number. For example, the AS path to my Alpine server might look like [701 2914 22208]. Traffic to the Alpine server would pass through UUNet to Verio and then to Peak Web Hosting. Unfortunately, BGP has no knowledge of round-trip latency or packet loss. When determining the "best" path to a prefix, BGP often relies on the misleading metric of AS path length. Because AS path length is the most common method for BGP route selection, many BGP networks influence other's routing decisions by prepending, or

AS padding, their AS number multiple times. AS padding may appear as a mistake or routing loop, but it is commonly used to make certain paths appear less preferable. When reading Alpine's output, the shortest AS path is not always the best performing path. To cross a single AS may require between 1 and 20 individual router hops. Only running traceroute or mtr exposes the hidden details behind each AS hop and the relative performance of each candidate path. Selecting an AS path containing wellknown ISPs may not always produce the fastest results either. These large networks face the same challenges and suffer the same outages as smaller or lesser-known ISPs. While Alpine offers a great tool for discovering ISPs' interconnectivity and network route performance, no single Internet view produces complete and accurate results. Alpine troubleshoots only the path taken from the local network to the destination. Asymmetric routing often directs return traffic via a completely different ISP. Accurate network troubleshooting would require multiple geographically dispersed Alpine servers testing traffic to and from the source and destination networks. Alpine cannot reroute traffic or change router configurations after discovering a better path. Filter-based forwarding reroutes only Alpine's diagnostic traffic. Administrators must manually configure routers to update the network path selection for all traffic. Because shifting traffic may saturate a previously well-performing network, always re-test the new path's performance after updating router configurations. Alpine versus Looking Glass Looking glass sites are Web sites that allow anyone to test performance and connectivity from outside their network. The typical looking glass server collects BGP route information from a single router that may not know every available path to the target network. A looking glass's traceroute and ping follow only the preferred BGP route to the target even when other routing options exist. Conclusion Alpine provides any user the ability to proactively discover and diagnose network problems. Alpine's simple GUI, flexible testing methods, and extensive diagnostic data empowers users to research and present solutions, not problems, to their network engineers and systems administrators. References http://alpine.peakwebhosting.com -- Alpine server and source code repository

http://www.zebra.org -- BGP daemon for UNIX servers http://www.freebsd.org -- IPFW http://www.juniper.net http://www.cisco.com http://www.bitwizard.nl/mtr/ -- Matt's Traceroute, arguably the best traceroute implementation to date. http://www.traceroute.org -- Excellent resource for traceroute tools and looking glass servers across the Internet. Jeffrey Papen is a UCLA Computer Science Engineering graduate and configures Yahoo!'s BGP peering and policy routing. Jeffrey also authored the NetFlow analysis tool TUNDRA and the bandwidth utilization and billing reconciliation package HappyDog. When not evangelizing Juniper Networks or multi-homing Peak Web Hosting, Jeffrey's three Siberian Huskies Alpine, Tundra, and Glacier take him for walks along the California coast. He can be reached at: jeffrey@papen.com.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information