International Open Workshop on Optical Communications Systems and Networks Multilayer Traffic Monitoring for efficient network planning, operating and troubleshooting Josep Solé-Pareta pareta@ac.upc.edu jsole@talaianetworks.com
Outline of this presentation Specific technology/innovation developed at UPC and currently commercialized by Talaia Networks Specific technology/tool that UPC contributed to develop in DICONET project Joining both technologies 09/05/2014 International Open Workshop on Optical Communications Systems and Networks 2
International Open Workshop on Optical Communications Systems and Networks Multilayer Traffic Monitoring for efficient network planning, operating and troubleshooting Color Your Network Superior Network Monitoring and Visibility TALAIA Networks S.L. (www.talaianetworks.com) UPC Spin off company Harnessing 20 Years of Research Current deployments in academic networks Presence in Barcelona, Grenoble, Rome 3
Network Monitoring: Probes Approach Probes (Hardware or Virtualised) DPI Applications Identified! Deep Packet Inspection (DPI) Full visibility where deployed Expensive, Not Scalable DPI DPI DPI DPI DPI Probes must be managed! DPI is heavy DPI 09/05/2014 International Open Workshop on Optical Communications Systems and Networks 4
Network Monitoring: Network Data approach Standard Network Data Natively Provided by Routers (NetFlow, SNMP) Affordable, Scalable Not effective for Ops or Planning NetFlow NetFlow NetFlow NetFlow is light NetFlow NetFlow Applications not Identified! Plixer Scrutinizer 09/05/2014 International Open Workshop on Optical Communications Systems and Networks 5
Talaia Approach: put Intelligence, not probes LightWeight DPI ONE «lightweight DPI» trains a Machine Learning Algorithm Application Identified with a Precision > 95% (proved!) Cost Effective Only Lightweight Data Sources: NetFlow ONE «Lightweight DPI» NetFlow Lweight DPI NetFlow NetFlow Applications Identified! Standard Router data (NetFlow) + Machine Learning Algorithm = Identified Applications Applications always Identified Effective for Troubleshooting and Planning 09/05/2014 Continuous Identification NetFlow International Open Workshop on Optical Communications Systems and Networks NetFlow Technical Specs: Up to 200,000 Flows/s per server -Linux Ubuntu Server 12.04.2 LTS NetFlow: v5, v9, IPFIX IPv6 support Up to 5,000 Network Partitions (views) Supported DPI libraries: ndpi, Libprotoident, PACE Intelligence Enhanced NetFlow Lweight DPI NetFlow Collector 6
Talaia Products Main Features Application View: Identification of Application groups and specific applications Multitenancy: thousands of independent views on the networks, flexibly defined (Routers, Interface, Subnets) Top Talkers (Hosts and Peers sending/receiving more traffic for each view) Autozoom (subnetworks sending/receiving more traffic for each view): automatically detected without need of administrative input Anomaly detection and classification: automatic discovery of security threats, with mechanism to reduce false positives Geolocation: Geographic identification of biggest traffic sources/destinations for each view Access to full NetFlow archive for accurate drill down and confirmation of hypothesis 09/05/2014 International Open Workshop on Optical Communications Systems and Networks 7
Talaia Products Main Features 09/05/2014 International Open Workshop on Optical Communications Systems and Networks 8
Outline of this presentation Specific technology/innovation developed at UPC and currently commercialized by Talaia Networks Main features Value proposition towards end-customers Market/business opportunity Specific technology/tool that UPC contributed to develop in DICONET project Main features Value proposition towards end-customers Joining both technologies 09/05/2014 Value proposition Potential end-customers Market/business opportunity International Open Workshop on Optical Communications Systems and Networks 15
Talaia Networks monitoring solutions: Innovation meets Usability Innovation Application Identification Done using Standard Network data only Algorithm inside: Network Security «Intelligence Enhanced NetFlow» Detection without predefined signatures Algorithm inside: «Frequent Itemset Mining» Automatic Root Cause Analysis Algorithm inside: 09/05/2014 Main features: Accurate applications classification, anomaly detection and classification, etc. «Autozoom» International Open Workshop on Optical Communications Systems and Networks Usability Network Performance Management Identify Applications groups (e.g. P2P, streaming, VoIP) Identify single Applications (e.g. Bit Torrent, Quick time, Skype) Thousands of configurable network partitions «views» Multi Tenancy: 1 user 1toNviews From global maps to single hosts Support for Network Planning Identify new application uptakes Months of uncompressed historic data 16
Talaia Networks monitoring solutions: Competitors and Competitive Advantage Value proposition towards end-customer: Cost-effective and highly accurate IP traffic monitoring tool, useful for operation and planning (charging and billing?) An order of magnitude cheaper than probes based solutions Network Visibility Higher Network Visibility Enabled by Machine Learning Intelligence High Network Visibility comparable to probes based solutions! Plixer Scrutinizer Lower CAPEX and OPEX comparable to standard NetFlow based solutions! 09/05/2014 International Open Workshop on Optical Communications Systems and Networks Cost (CAPEX, OPEX) 17
Talaia Networks monitoring solutions Market/business opportunities: Academic network operators, private ISPs, corporate networks (SaaS), etc. 09/05/2014 International Open Workshop on Optical Communications Systems and Networks 18
Outline of this presentation Specific technology/innovation developed at UPC and currently commercialized by Talaia Networks Specific technology/tool that UPC contributed to develop in DICONET project Joining both technologies 09/05/2014 International Open Workshop on Optical Communications Systems and Networks 19
DICONET Dynamic Impairment The DICONET consortium Constraint Optical Networking Consortium: 5 industrial partners: ADVA, Alcatel Lucent, ECI, Huawei, T Systems 7 academic partners / research institutes: AIT, Create NET, ENST, IBBT, RACTI, UEssex, UPC 9 May 2014 20
DICONET EU project goal Development of algorithms/tools to overcome the limitations of transparent and translucent optical networks: Impairment Aware Routing and Wavelength Assignment algorithms Algorithms for optimized monitoring equipment and regenerators placement Algorithms for failure localization Integration with GMPLS based control plane Network Planning and Operation Tool (NPOT) ControlPlane architectures foria optical networking 9 May 2014 21
What is DICONET NPOT? (1/2) Network Planning and and Operation Tool Tool (NPOT) DICONET Planning Mode Operation Mode Distributed Integration Scheme Centralized Integration Scheme Offline Offline IA-RWA IA-RWA (Offline (Offline Rahyab Rahyab AIT) AIT) Regen. Regen. Placement Placement (COR2P- (COR2P- ENST) ENST) Monitor Monitor Placement Placement (MeMoTA (MeMoTA ENST) ENST) Online IA-RWA (KSDP Engine AIT) Online IA-RWA (KSDP Engine AIT) Monitor Placement (MeMoTA ENST) Monitor Placement (MeMoTA ENST) Online Online IA-RWA IA-RWA (MP (MP CTI) CTI) Monitor Monitor Placement Placement (MeMoTA (MeMoTA ENST) ENST) 20 September 2010 9
Planning mode: What is DICONET NPOT? (2/2) The main goal of this mode is to plan the network given the initial (or predicted) demand set (traffic matrix), network topology and considering the impact of physical layer impairments. Planning mode modules: Offline IA RWA Regenerator placement (for Translucent networks) Optical Monitor placement (Failure localization) Operation mode: In the operation mode, the NPOT is integrated in the physical impairment aware control plane (i.e. control plane integration schemes). Operation mode modules: Online IA RWA Failure localization 9 May 2014 22
Results on experimental IA control plane performance evaluation Experimental scenarios Centralized approach evaluation Setup time with and without the FPGA hardware acceleration for QoT calculations 9 May 2014 23 23
Results on experimental IA control plane performance evaluation Experimental scenarios Network initially loaded with 10 50 bidirectional QoT-compliant Lightpaths between randomly selected nodes: 1+1 protected (30%), restorable (70%) Increasing LP restoration time due to the sequential NPOT behavior: 72% of the LPs restored < 5 s In the scenario with 30 bidirectional active light paths Average primary light path distance: 452 Km Average backup ligh path distance: 630 Km 9 May 2014 24 24
Outline of this presentation Specific technology/innovation developed at UPC and currently commercialized by Talaia Networks Main features Value proposition towards end-customers Market/business opportunity Specific technology/tool that UPC contributed to develop in DICONET project Main features Value proposition towards end-customers Joining both technologies 09/05/2014 Value proposition Potential end-customers Market/business opportunity International Open Workshop on Optical Communications Systems and Networks 25
NPOT: Network Planning and Operation Tool Main features NPOT integrates in a common platform cross-layer algorithms (it was the key innovation of DICONET) In operation mode, NPOT provides online IA-RWA and the Failure Localization modules. NPOT can be also used in off-line mode for planning The NPOT core is the QoT estimator*. The various components of the tool consult the QoT estimator to make physical layer aware decisions For the RWA process, whether online or offline, NPOT uses the QoT estimator either as a quality metric during the routing and wavelength assignment process or after the routing and wavelength assignment has taken place, to evaluate and validate the computed solution * QoT estimator utilizes updated global network information stored in two external databases, namely the Physical Parameters Database (PPD) and the Traffic Engineering Database (TED) 09/05/2014 International Open Workshop on Optical Communications, Systems and Networks 26
NPOT: Network Planning and Operation Tool Value proposition towards the network operators NPOT NPOT provides dynamic and impairment-aware networking operation that maximizes the utilization of the existing WDM infrastructure NPOT is applicable to both the planning and operational phases of a core optical network (either transparent or translucent) with features not limited to the control and management planes, but also take advantage of the optical layer in an integrated cross-layer manner NPOT provides resource optimization, dynamicity and resilience provisioning, which outline a network that offers cost effectiveness NPOT effectively utilizes today s (WDM networks) technologies to optimize the network, and paves the way for a smooth migration to the next generation core networks driven by technological evolution... 09/05/2014 International Open Workshop on Optical Communications, Systems and Networks 27
Outline of this presentation Specific technology/innovation developed at UPC and currently commercialized by Talaia Networks Main features Value proposition towards end-customers Market/business opportunity Specific technology/tool that UPC contributed to develop in DICONET project Main features Value proposition towards end-customers Joining both technologies 09/05/2014 Value proposition Potential end-customers Market/business opportunity International Open Workshop on Optical Communications Systems and Networks 28
Joining both technologies Technological evolution conducts to Flexible/Elastic Optical Networks SDN/OpenFlow based Control Plane New IP network architectures (MPLS, LISP, RINA, etc.) Network Virtualization Cognitive Networks etc. 09/05/2014 International Open Workshop on Optical Communications, Systems and Networks 29
Joining both technologies Value proposition In this evolutionary context, we propose to increase the knowledge of the network behavior, introducing the Multilayer Traffic/Signal Monitoring concept Based on integrating of both Talaia-TM and NPOT in a single device To be designed as an appliance embedded in the network routers and switches The exploitation of this concept can lead to an efficient planning, operation and troubleshooting of the network 09/05/2014 International Open Workshop on Optical Communications, Systems and Networks 30
Integrating both Talaia TM and NPOT In the operation mode, potential topics to be addressed are: Automatic triggering of connection demands (setup/teardown demands) based on the traffic prediction Fast Connections/Optical Path rerouting, and Bandwidth reallocation, including enhanced traffic grooming mechanisms Increase the degree of dynamicity with higher bit rates, mixed transmission characteristics, and flexigrid network components Network resources optimization: Traffic Engineering Accurate QoS provisioning: Application discrimination, SLA accomplishment Reduction of the energy consumption: Adaptation to the fully powered systems to the load 09/05/2014 International Open Workshop on Optical Communications, Systems and Networks 31
Joining both technologies Potential end-customers Network devices Manufacturers/Vendors Network Operators Other main actors of the Networking panorama Market/business opportunity Project proposal in the H2020 framework: Research and Innovation Actions Fill in the innovation gap between the research and the industry, which in Europe is extremely deep (deeper than in Asia and USA) 09/05/2014 International Open Workshop on Optical Communications, Systems and Networks 32
About the CCABA Director: Gabriel Junyent Academic staffs: ~ 25 Students: ~ 40 QoS IP network Trials Tests Traffic monitoring and analysis Routing New architectures Trials Optical networking Interworking Radio communications Tests Optical communications http://www.ccaba.upc.edu/
International Open Workshop on Optical Communications Systems and Networks Multilayer Traffic Monitoring for efficient network planning, operating and troubleshooting Josep Solé-Pareta pareta@ac.upc.edu jsole@talaianetworks.com