Instructions for Access to Summary Traffic Data by GÉANT Partners and other Organisations



Similar documents
Multicast monitoring and visualization tools. A. Binczewski R. Krzywania R. apacz

CAREN NOC MONITORING AND SECURITY

mbits Network Operations Centrec

Assignment One. ITN534 Network Management. Title: Report on an Integrated Network Management Product (Solar winds 2001 Engineer s Edition)

SolarWinds Certified Professional. Exam Preparation Guide

Configuring SNMP Cisco and/or its affiliates. All rights reserved. 1

Using The Paessler PRTG Traffic Grapher In a Cisco Wide Area Application Services Proof of Concept

NMS300 Network Management System

One software solution to monitor your entire network, including devices, applications traffic and availability.

Network Monitoring. Easy, failsafe, and complete visibility of your network. Our customers have the same view as our NOC technicians.

NetFlow use cases. ICmyNet / NetVizura. Miloš Zeković, milos.zekovic@soneco.rs. ICmyNet Chief Customer Officer Soneco d.o.o.

SolarWinds Network Performance Monitor powerful network fault & availabilty management

SolarWinds Network Performance Monitor

PANDORA FMS NETWORK DEVICE MONITORING

Unified network traffic monitoring for physical and VMware environments

A message from Plixer International:

SolarWinds Network Performance Monitor

Service Description. Data collection from PE routers is available only for services in the Czech Republic.

Network Management Deployment Guide

perfsonar MDM updates for LHCONE: VRF monitoring, updated web UI, VM images

Cisco NetFlow TM Briefing Paper. Release 2.2 Monday, 02 August 2004

Features Overview Guide About new features in WhatsUp Gold v12

Per-Packet Load Balancing

Network Monitoring Comparison

Network performance monitoring. Performance Monitor Usage Guide

PANDORA FMS NETWORK DEVICES MONITORING

Getting Started with VoIP Reports

Scrutinizer. Getting Started Guide. A message from Plixer International:

Integrated Traffic Monitoring

NetFlow Tracker Overview. Mike McGrath x ccie CTO mike@crannog-software.com

EiS Kent Schools Broadband (KPSN) Network Performance Monitor Usage Guide March 2014

Nokia Siemens Network NetAct For Juniper. Mobile Broadband Ethernet and IP Assurance

Edu. Network Management Framework: A Distributed Virtual NOC Architecture. DVNOC Model. Octavian RUSU octavian@iasi.roedu.net

IPv6 network management

1 Data Center Infrastructure Remote Monitoring

How To Create A Distributed Virtual Network Control System

CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY

Smart Business Architecture for Midsize Networks Network Management Deployment Guide

NetFlow Analytics for Splunk

ENC Enterprise Network Center. Intuitive, Real-time Monitoring and Management of Distributed Devices. Benefits. Access anytime, anywhere

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

SOLARWINDS NETWORK PERFORMANCE MONITOR

Recommendations for Network Traffic Analysis Using the NetFlow Protocol Best Practice Document

SOLARWINDS ENGINEER S TOOLSET FAST FIXES TO NETWORK ISSUES

#41 D A N T E I N P R I N T. TEN-155 Multicast: MBGP and MSDP monitoring. Jan Novak Saverio Pangoli

SNMP Monitoring: One Critical Component to Network Management

Report of Independent Auditors

IPv6 network management. Where and when?

HP IMC User Behavior Auditor

A FAULT MANAGEMENT WHITEPAPER

Network Monitoring with SNMP

TMA Management Suite. For EAD and TDM products. ABOUT OneAccess. Value-Adding Software Licenses TMA

Monitoring and analyzing audio, video, and multimedia traffic on the network

How To Manage Ipv6 Networks On A Network With Ipvv6 (Ipv6) On A Pc Or Ipv4 (Ip6) (Ip V6) Or Ip V6 ( Ipv5) ( Ip V5

Network device management solution.

RUGGEDCOM NMS. Monitor Availability Quick detection of network failures at the port and

Network device management solution

Monitoring Traffic manager

SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP)

IPv6 network management. 6DEPLOY. IPv6 Deployment and Support

technical brief Optimizing Performance in HP Web Jetadmin Web Jetadmin Overview Performance HP Web Jetadmin CPU Utilization utilization.

Emerald. Network Collector Version 4.0. Emerald Management Suite IEA Software, Inc.

Traffic Monitoring in a Switched Environment

pt360 FREE Tool Suite Networks are complicated. Network management doesn t have to be.

Network Monitoring with SNMP

Using IPM to Measure Network Performance

Features Overview Guide About new features in WhatsUp Gold v14

Configuring SNMP and using the NetFlow MIB to Monitor NetFlow Data

1. INTERFACE ENHANCEMENTS 2. REPORTING ENHANCEMENTS

Network Analysis Modules

Configuring and Managing Token Ring Switches Using Cisco s Network Management Products

Tue Apr 19 11:03:19 PDT 2005 by Andrew Gristina thanks to Luca Deri and the ntop team

Monitoring Tools for Network Services and Systems

Quick Start for Network Agent. 5-Step Quick Start. What is Network Agent?

Running custom scripts which allow you to remotely and securely run a script you wrote on Windows, Mac, Linux, and Unix devices.

Cover. White Paper. (nchronos 4.1)

Traffic Analysis With Netflow. The Key to Network Visibility

Implementing and Maintaining Microsoft SQL Server 2008 Integration Services

NetFlow v9 Export Format

Lightpath Planning and Monitoring

AlliedWare Plus OS How To Use sflow in a Network

Cisco Change Management: Best Practices White Paper

Monitoring Your Network

About Network Data Collector

Introduction to Netsight

1. INTERFACE ENHANCEMENTS 2. REPORTING ENHANCEMENTS

How to configure an Advanced Expert Probe as NetFlow Collector

ACCESSNET -T IP NMS. Network Management System.

UltraFlow -Cisco Netflow tools-

Application Notes for Configuring Dorado Software Redcell Enterprise Bundle using SNMP with Avaya Communication Manager - Issue 1.

Transcription:

Contract Number: IST-2000-26417 Project Title: Deliverable D8 : Instructions for Access to Summary Traffic Data by GÉANT Partners and other Organisations Contractual Date: 31 May 2002 Actual Date: 14 August 2002 Work Package: WP9 Nature of Deliverable: O - Other Dissemination Level: PU - Public Author: Dai Davies, Roberto Sabatino ABSTRACT: There are a number of traffic monitoring tools deployed and being deployed on the GÉANT network. In addition, there are further developments planned to refine and integrate such tools. This deliverable gives an overview of the reports available, the tools and reviews development paths. It addresses the specific question of the availability of these tools to access by organisations other than GÉANT partners. -i-

CONTENTS 1 Executive Summary... 1 2 Summary of Reporting... 1 2.1 Monthly Report... 1 2.2 On-Line Tools... 1 2.3 InterMapper... 2 2.4 Cricket... 2 2.5 Weather Map... 3 2.6 Taksometro...3 2.7 Purgatorio... 4 2.8 Multicast Beacon... 4 2.9 Multicast Per Group Monitoring... 4 2.10 DoS Detection Tool... 4 2.11 Looking Glass... 5 2.12 Access Policy... 5 3 Future Developments... 6 -ii-

1 EXECUTIVE SUMMARY Contract Number IST-2000-26417 This deliverable summarises the reports and on-line tools that deal with the traffic monitoring of GÉANT, and relates these to the studies reported on in D9.4 Testing of Traffic Measurement Tools. It specifies the Access policy for these tools and reviews future developments. 2 SUMMARY OF REPORTING 2.1 Monthly Report The principal source of traffic reporting is the monthly report. This report contains information regarding:- - Faults + history - Availability of access circuits and trunks - Traffic on access circuits + history - Traffic on interconnects (Abilene, Infonet, NACSIS) + history - Traffic on trunks + history - Traffic through GTREN + history There is also a Management Summary of events, plans, escalations, and the service itself. Until December 2001, this report was made available in an online version and by paper copy to the Access Port Managers. From December 2001 onwards, it has been made available as a PDF document from the DANTE web site. From July 2002, it is planned to reintroduce paper distribution of the report, but in a more efficient format. The traffic statistics recorded and reported in the monthly report are based on the Info- Vista and HP Open View software packages operated by CS Communication Systeme. 2.2 On-Line Tools In addition to the monthly review report, a number of on-line tools are deployed on the network. Deliverable D9.4 provided an overview of the types of traffic measurement methods and tools which could be considered for this type of network. At present, some of the tools considered in D9.4 (NetFlow (used by Purgatorio) and Abuse/DoS Detection) are deployed on the network. In general, the tools available have generally been developed within DANTE and have not been developed on a "productised" basis. Thus, there is no long-term guarantee that these specific tools will continue to be used. In the context of GÉANT, with the one exception Charter Mapper`, the tools are deployed using workstations in the Points of Presence. These capture data from the routers and pre-process the data. It is the intention to deploy these at appropriate Points of Presence where a GÉANT router is provided, but, at the time of writing (June 2002), deployment is not yet complete. A current list of tools and their functions is tabulated in figure 1 below; -1-

Figure 1 : Tools and Functions Contract Number IST-2000-26417 Tool Description Current Access Control InterMapper Real time monitoring of network links Access to NRENs, some connectivity suppliers by access list Cricket General tool for long term monitoring. Several Unrestricted instances currently installed. Weather Map Real time visualisation of link usage. Password protected Taksometro Framework for long term network monitoring. Consists of several monitoring modules. DANTE office. GÉANT NOC Purgatorio Monitoring tool, creates traffic matrices between peering networks. DANTE office GÉANT NOC Multicast Beacon Real time tool for multicast monitoring which creates Unrestricted many multicast related matrices between internal network nodes and external peerings. Multicast Per Real time monitoring tool logging multicast groups Unrestricted Group Monitoring announced in the network. DoS Detection Real time DoS detection and reporting tool. DANTE staff. Tool Looking Glass Restricted access to network tools that can collect real time network path characteristics and/or network equipment status. Password protected. 2.3 InterMapper InterMapper provides real time monitoring of network links. Access is provided to NRENs and to some connectivity suppliers by means of a controlled access list. InterMapper is a low-cost, commercially available, network monitoring tool which runs on the Macintosh. It uses standard protocols (SNMP, ping, and others) to monitor network status and provide, on a network map, information about circuit status, traffic, and errors. It does this by polling network devices at a fixed interval, typically every few minutes. Historical traffic data can be gathered on any circuit in the network and charted. In principle any item about which information is made available via SNMP (such as router internal temperature) can be monitored and charted, although this is not done in DANTE's usage of this tool. Any device or circuit on the map may be clicked to provide a popup with more detailed information. Remote access to the tool is via the web. Authorised users are presented with the same network map and charts as on the local computer. The maps are clickable also in the same way, providing the same information as available locally. The GEANT NOC keeps a copy of the map on a browser at all times, to supplement its other tools. Access is available also to NRENs who may wish to check traffic loads. At DANTE InterMapper runs on a system with 3 screens, which provides enough space to monitor GEANT and its components as well as many data charts. It provides a quick overview of many aspects of GEANT behaviour, and is a cheap tool to use due to low cost and ease of use in setting up maps and charts. 2.4 Cricket Cricket is a general tool for long term monitoring. Several instances are currently installed. The result is available in graphical form only. For each monitored object, there are graphs showing statistics over the last 42 hours (daily), last 10 days (weekly), last 42 days (monthly) and last 15 months (yearly). All Juniper and CISCO routers in GEANT PoPs are monitored: -2-

- for their physical interfaces: input and output traffic (in bits per second); input and output unicast packets per second; discarded and erroneous packets; (experimental) 95th percentile of the traffic on the interface. - for Juniper router modules/units/cards (where applicable) and CISCO chassis: processor load; temperature; memory usage. The tool consists of two parts: collector and browser. Both run on the same server (stats.dante.org.uk). Two instances of the collector (one for router interfaces, the other for processor load, temperature and memory usage) run periodically (every 10 minutes), collect the data from the routers using the SNMPv2 protocol and feed a special local round-robin database. The browser is a CGI script running from a web server. The browser provides data visualisation, navigation between routers and their monitored data, and various time ranges. Cricket is configured using a hierarchical (modular) configuration file tree. The process of configuration of every object is highly automated. The configuration tree comprises 1.2MB of files. The round-robin database is a tree of binary non-growing files. The current size of the database is 350MB. Access to the web-based browser is currently allowed to anyone. 2.5 Weather Map Weather Map provides real-time visualisation of link usage. Access is password protected. The weathermap relies on traffic statistics collected by the taksometro network traffic monitoring tool. The tool extracts the utilisation of the links and access ports from the taksometro database and displays them on a geographical map. This way the weathermap captures the near real time conditions of the network. This information is very useful for operators and users of the network, providing a convenient overview of the "weather" on the network. The weathermap is currently running on ws1 in Germany and is password protected. 2.6 Taksometro Taksometro provides a framework for long term network monitoring. It consists of several monitoring modules. It is available in the DANTE office and the GÉANT NOC. The network provides services to its users. Both the network administrators and its users demand to see how the network performs. Network performance is measured by the network equipment while this information can be requested by external entities for the purpose of network management. Taksometro provides an extensible framework for retrieving performance attributes from the network and generates reports while it lets the user navigate the reports by a web interface. Features of the tool are the hiding of the heterogeneity of the network equipment from the user (thus automating the retrieval of the information), the provision of an access control mechanism and the extension of the polling mechanism by the use of modules. Modules incorporate logic of how to request information from the network and how to present the reports to the user. Currently there are modules for monitoring Class of Service attributes (bandwidth usage, packet loss, packet delay and jitter), multicast volumes and circuit errors. The tool apart from supporting GEANT is also used to support other projects such as EUMEDCONNECT and CAESAR. The tool is managed on two sites on the UK and DE PoP and can be accessed at; http://taksometro.geant.net http://ws1.uk.geant.net. Dante and the GEANT NOC can access all the reports produced by the tool, while CAESAR project participants can access CAESAR specific reports. The tool maintains a database of around 135MB and the data span a period of one year. -3-

2.7 Purgatorio Purgatorio is a monitoring tool which creates traffic matrices between peering networks. It is available in the DANTE office and the GÉANT NOC. The GEANT network provides Internet connectivity to many NRENs. Research networks exchange traffic amongst themselves usually as part of collaborative work. Routers are capable of exporting traffic statistics that include reports of the traffic sent and received by source and destination hosts. Purgatorio collects this information from all the network access points where the NRENs are connected and analyses it. The tool produces matrices of the amount of traffic flown from all the NREN to all the other NRENs. The user, by the use of a web interface, can navigate the matrices requesting old data up to the present time. The tool is installed in two sites and can be reached at http://purgatorio.geant.net and http://ws2.fr.geant.net. DANTE and the GEANT NOC have access to the reports. The tools maintains a database of around 25MB, while data are typically kept for a period of one year. 2.8 Multicast Beacon Multicast Beacon is a real time tool for multicast monitoring which creates many multicast related matrices between internal network nodes and external peerings. Its availability is unrestricted. The NLANR Multicast Beacon is active measurement software that monitors the performance of a multicast-enabled network. It relies on a number of agents spread over the network that communicate with a central server-manager. The beacon-agents simultaneously send and receive multicast packets carrying a packet sequence number and a timestamp. The beacon-agents receive the packets from all others. From the packet sequence numbers and timestamp the agent can determine packet loss, duplication and reordering, one way delay and jitter, all of which are reported to a central server. In GÉANT two Beacon servers have been deployed: one for monitoring the status of the core network in respect of multicasting and the other to help NRENs and operations to debug multicast connectivity with GÉANT. Both multicast Beacon servers are running on ws1 in France and are freely accessible. 2.9 Multicast Per Group Monitoring This is a real time monitoring tool which logs the multicast groups announced in the network. Its availability is unrestricted. Multicast exploits the network functionality where a single source of information is received by multiple receivers. Receivers are listening to a multicast group address where information is sent to by the source. The network makes sure it optimally transmits, and without duplicating the source flow, the information to all the receivers. The per group monitoring tool contacts the routers and retrieves information regarding which multicast groups are forwarded by the router and the bandwidth consumption of each group. A user by the user of a web interface can request reports of which NRN receives which groups, and how the group are routed via the routers. The tool can be reached at http://ws1.se.geant.net. DANTE is currently the only organisation with access to the reports produced by the tool. Statistics are typically kept for a year. 2.10 DoS Detection Tool -4-

This is a real time DoS detection and reporting tool. It is only available to DANTE staff. End networks are usually the subject of Denial of Service (DoS) attacks; a hacker gains unauthorised access to a local area network or an unrelated number of hosts, and commands them to send special traffic to an end network or end host, in order to consume its resources making it unavailable. The tool constantly monitors the routers in the GEANT network, analyses the traffic forwarded by the routers and tries to find patterns that suggest a DoS attack is taking place. If there is an indication of such an attack it informs the interested users by e-mail. The users then looks at the information included in the email and take further decision on how the attack should be extinguished, usually with the cooperation of the directly connected networks where the attack is originating from. E-mails regarding the indication of an attack are send to DANTE. The tool is installed on ws2 in the DE PoP. The tool maintains an SQL database where authorised users can request information of DoS attacks. The database stores data for two days. 2.11 Looking Glass This offers restricted access to network tools that can collect real time network path characteristics and/or network equipment status. Its availability is password protected. The implemented looking glass is based on the rancid looking glass implementation that works with Cisco and Juniper routers. The looking glass is a CGI script for viewing results of simple and sanity-checked queries executed on remote routers. This looking glass gives a controlled view to the routers, and helps with the debugging of routing problems with GÉANT peerings. Looking Glass runs at DANTE and is password protected. 2.12 Access Policy For the on-line tools, in general, access to the data is via a Web Interface and on a need to access basis. This is partly for reasons of security and partly to deal with workstation loading. In addition, the human interface on some of the packages is not well developed but is designed for access by technical experts only. There are, today, four classes of access: i. Unrestricted ii. Single password protection iii. Based on network access lists iv. Restricted to DANTE and GÉANT NOC The first class of access is not advertised and because of concerns about security and traffic loading, is being phased out. Ad-hoc access to individual packages is generally possible, e.g. for specific projects or trouble-shooting purposes. In these cases, it is organised via a special password or network access list. Requests for ad-hoc access should be made to the DANTE Operations Manager (vincent.berkhout@dante.org.uk). The monthly reports (see 2.1 above) are provided to all members of the GÉANT consortium and to the European Commission. -5-

3 FUTURE DEVELOPMENTS Contract Number IST-2000-26417 There are two directions for development. The first relates to rationalisation and refinement of the current set of tools. The tools used by the NOC are configurable professional tools. Those deployed in the network often have more advanced, but less accessible, functionality. It is the intention to harmonise the access available and to produce a more unified set of tools. The future direction of development will be to implement real time monitoring within the network. -6-

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information