Network Sensing Network Monitoring and Diagnosis Technologies



Similar documents
Audio Coding Algorithm for One-Segment Broadcasting

VoIP Conferencing. The latest in IP technologies deliver the next level of service innovation for better meetings. Global Collaboration Services

Technologies Supporting Smart Meter Networks

Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues

High-Performance IP Service Node with Layer 4 to 7 Packet Processing Features

Remote Copy Technology of ETERNUS6000 and ETERNUS3000 Disk Arrays

QoS issues in Voice over IP

Power Noise Analysis of Large-Scale Printed Circuit Boards

An Introduction to VoIP Protocols

Network Virtualization for Large-Scale Data Centers

Broadband Networks. Prof. Dr. Abhay Karandikar. Electrical Engineering Department. Indian Institute of Technology, Bombay. Lecture - 29.

IP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview

Application Notes. Introduction. Contents. Managing IP Centrex & Hosted PBX Services. Series. VoIP Performance Management. Overview.

Avaya ExpertNet Lite Assessment Tool

GR2000: a Gigabit Router for a Guaranteed Network

SIP Trunking and Voice over IP

1. Public Switched Telephone Networks vs. Internet Protocol Networks

Application Notes. Contents. Overview. Introduction. Echo in Voice over IP Systems VoIP Performance Management

A Passive Method for Estimating End-to-End TCP Packet Loss

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Region 10 Videoconference Network (R10VN)

Flow Analysis Versus Packet Analysis. What Should You Choose?

Rev Technology Document

Cover. White Paper. (nchronos 4.1)

Application Note. Pre-Deployment and Network Readiness Assessment Is Essential. Types of VoIP Performance Problems. Contents

Inter-Cell Interference Coordination (ICIC) Technology

Discussion Paper Category 6 vs Category 5e Cabling Systems and Implications for Voice over IP Networks

Corporate Network System Using VoIP Technology

Active Monitoring of Voice over IP Services with Malden

ANALYSIS OF LONG DISTANCE 3-WAY CONFERENCE CALLING WITH VOIP

Private Cloud Using Service Catalog

Cisco Networks (ONT) 2006 Cisco Systems, Inc. All rights reserved.

Integration of Supervisory Control and Data Acquisition Systems Connected to Wide Area Networks

Understanding Latency in IP Telephony

Bluetooth voice and data performance in DS WLAN environment

IP Office Technical Tip

Visio Enabled Solution: One-Click Switched Network Vision

Influence of Load Balancing on Quality of Real Time Data Transmission*

Synchronization Essentials of VoIP WHITE PAPER

Indepth Voice over IP and SIP Networking Course

VPN over Satellite A comparison of approaches by Richard McKinney and Russell Lambert

Analysis of QoS parameters of VOIP calls over Wireless Local Area Networks

Achieving Integrated IT Service Management

Requirements of Voice in an IP Internetwork

Frequently Asked Questions

Clearing the Way for VoIP

White paper. Reliable and Scalable TETRA networks

Analysis of Effect of Handoff on Audio Streaming in VOIP Networks

920MHz Band Multi-hop Wireless Network System

12 Quality of Service (QoS)

Adding New Level in KDD to Make the Web Usage Mining More Efficient. Abstract. 1. Introduction [1]. 1/10

Behavior Analysis of TCP Traffic in Mobile Ad Hoc Network using Reactive Routing Protocols

Applications. Network Application Performance Analysis. Laboratory. Objective. Overview

(Refer Slide Time: 02:17)

TDM services over IP networks

Site Survey and RF Design Validation

Voice Over IP. Priscilla Oppenheimer

Improving Quality of Service

MultiDSLA. Measuring Network Performance. Malden Electronics Ltd

Need for Signaling and Call Control

Attenuation (amplitude of the wave loses strength thereby the signal power) Refraction Reflection Shadowing Scattering Diffraction

Network Traceability Technologies for Identifying Performance Degradation and Fault Locations for Dependable Networks

White Paper: Voice Over IP Networks

System Management and Operation for Cloud Computing Systems

Curso de Telefonía IP para el MTC. Sesión 2 Requerimientos principales. Mg. Antonio Ocampo Zúñiga

How To Provide Qos Based Routing In The Internet

Integration of PRIMECLUSTER and Mission- Critical IA Server PRIMEQUEST

IT Data Communication and Networks (Optional)

Cloud Computing Based on Service- Oriented Platform

an interconnected collection of autonomous computers interconnected = able to exchange information

MOBILITY AND MOBILE NETWORK OPTIMIZATION

Power Supply and Demand Control Technologies for Smart Cities

On-Demand Virtual System Service

Fax Transmission Analyzer Option

Ethernet. Ethernet Frame Structure. Ethernet Frame Structure (more) Ethernet: uses CSMA/CD

Network Connection Considerations for Microsoft Response Point 1.0 Service Pack 2

High-Speed Thin Client Technology for Mobile Environment: Mobile RVEC

Performance Evaluation of VoIP Services using Different CODECs over a UMTS Network

Data Networking and Architecture. Delegates should have some basic knowledge of Internet Protocol and Data Networking principles.

PERFORMANCE ANALYSIS OF VOIP TRAFFIC OVER INTEGRATING WIRELESS LAN AND WAN USING DIFFERENT CODECS

5. DEPLOYMENT ISSUES Having described the fundamentals of VoIP and underlying IP infrastructure, let s address deployment issues.

Fundamentals of Telecommunications

Monitoring VoIP Call Quality Using Improved Simplified E-model

Network Technology Supporting an Intelligent Society: WisReed

Sample Network Analysis Report

First Semester Examinations 2011/12 INTERNET PRINCIPLES

Research and Development of IP and Optical Networking

Network Simulation Traffic, Paths and Impairment

Home Gateway Enabling Evolution of Network Services

Ten top problems network techs encounter

Performance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc

Transcription:

Network Sensing Network Monitoring and Diagnosis Technologies Masanobu Morinaga Yuji Nomura Takeshi Otani Motoyuki Kawaba (Manuscript received April 7, 2009) Problems that occur in the information and communication technology (ICT) systems (network services) deployed on Internet protocol (IP) networks may originate in the network, the s, or even the data (content), which makes troubleshooting difficult and lengthens the required for system restoration. In response to this situation, we have been developing monitoring and diagnosis techniques for network services based on the capture of pets flowing through the network. These highly sensitive techniques can detect problems that affect network service users and can quickly determine the cause and location of a problem without imposing an unnecessary load on the network. In this paper, we present a number of integrated monitoring and diagnosis techniques for network services that can be used to determine the causes and locations of network problems, diagnose delays in services that span multiple s, and detect sound-quality degradation in IP telephony services. 1. Introduction IP networks such as the Internet and intranets have become indispensable elements of today s social and business infrastructure, and various ICT systems are operated on them. Since problems in ICT systems may lead to interruptions in business, maintaining a prompt response to such problems and an appropriate service level are important. However, the services provided by ICT systems using IP networks (hereafter network services ) may encounter a type of failure known as a silent failure, which is not determined as an error by the system, or they may be subject to the simultaneous generation of large numbers of error logs. Therefore investigating the root cause may be complicated, with the result that identifying the cause and location of the problem is often difficult and consuming. There are several reasons for this. One reason is that network systems do not directly monitor user traffic, and another reason is that it is difficult to diagnose whether the cause of a network service problem is in the network, or due to a shortage of resources, or due to the content itself. Conversely, by implementing failure diagnosis based on the direct monitoring of user traffic, it is expected that system restoration from network service problems will be faster, and the service level will be also improved. The authors of this paper have been working on the development of technologies for network quality management that are intended to support the stable operation of network services, and up to now we have engaged in research and development mainly on the network monitoring and diagnosis technologies that form the basis of the quality management technologies. In this paper, with regard to the technologies for diagnosing the causes of network service problems, we will begin in the next section by introducing an approach to network monitoring FUJITSU Sci. Tech. J., Vol. 45, No. 4, pp. 431 437 (October 2009) 431

and diagnosis based on pet captures, to clarify the type of analysis. Following this, we will introduce a number of individual implementation technologies to analyze the causes of each respective problem. 2. Approach to monitoring and diagnosis For monitoring and analysis with the objective of identifying the cause of a problem, statistical history information that can be acquired through management methods based on a common Management Information Base (MIB) alone is in many cases insufficient for analyzing the root causes of problems such as quality degradation. 1) For more detailed analysis of the root causes of problems such as quality and performance degradation, it is important to analyze the detailed behavior of individual pets transmitted over networks (analysis of fields of IP, TCP, UDP headers, etc.). In the case of services such as IP telephony services, quality degradation inherent in the content (the audio signals transmitted/received as the payload) may be perceptible to the users, so the analysis of the content itself is also important. In this way, identifying the root causes of problems requires techniques that involve the analysis of entire transmitted pets. In this context, we have worked on an approach to monitoring and diagnosis of IP network services by capturing pets transmitted over networks. Because many of the network services that need to be monitored and diagnosed are constructed in an open way in multi-vendor environments, it is difficult to understand their internal configuration and system behavior. As shown in Figure 1, the network services themselves are configured on tiers of system and service hierarchies, so problems with these services may have a number of different causes and locations. Accordingly, analyzing the causes Content Client PC Server 1 Server 2 User Base IP network Wide-area IP network Call IT system Authentication Center internal IP network Server 3 Vertical axis Drill-down (System hierarchy, service hierarchy) Network Horizontal axis Identification (Network device configuration, interconnection, etc.) Figure 1 Approach for monitoring and diagnosis. 432 FUJITSU Sci. Tech. J., Vol. 45, No. 4, (October 2009)

and locations of network problems requires a systematic analyzing technology by dividing the analysis into two components, namely, the horizontal axis, which is for identifying the location of the problem in the network configuration; and the vertical axis, which is for investigating the cause in more detail while drilling down note)i the service and system hierarchies. In the following sections, with regard to the diagnosis of the causes and locations of network service failure and quality degradation by means of capturing pets inside a network, we will first present technologies for identifying problems in networks and terminals/s as the horizontal axis. After that, we will describe technologies for drilling down and diagnosing the causes of problems generated in terminals or s as the vertical axis. 3. Identifying problems in networks To enable recovery from a failure, both the location and the cause of the problem must be identified. This section presents several techniques that can be used to identify the location and cause of a problem in a network and explains the approaches to these respective techniques. As a basic means of locating a problem, a technique called network tomography (hereafter tomography ) is common. 2) This technique provides a method of locating a given failure based on a correlation between the network topology and whether or not any failure is generated in the communications passing through the network. This has the advantage of making it possible to locate a failure in a network where direct monitoring cannot be conducted. For example, it enables the identification of silent failures that are hard to discover using traditional note)i To move from summary information to detailed data by focusing on the subject of analysis in order to identify the cause. device monitoring techniques based on MIB. To give a simple explanation of the principle of tomography, suppose a case in which two communications A and B exist, where A passes through L1 and L2 and B through L1 and L3 (Figure 2). If the same failure is detected in both communications A and B, the location of the failure is likely to be L1, a path shared by A and B [Figure 2 (a)]. Conversely, if a failure is detected only in communication A, the location can be inferred to be L2 [Figure 2 (b)]. This type of tomography is a widely known method. Traditionally, the most common solution was reduction to an optimization problem called a set covering problem, which has the disadvantage of making it hard to achieve sufficient computation speed and accuracy at the same. We have developed a technology for using the relation of connections between links and nodes in a network, which is not used in conventional set covering problems. This only requires computation to trace the relation of connections for each node, in contrast to the conventional method computing for each link, and means that the failure can be located more quickly. The technique described above allows real, high-accuracy locating of a failure even in a large-scale network with large volumes of traffic. L2 L3 Communication A (failure) (a) L1 failure Failure Communication B (failure) L1 Figure 2 Network tomography example. L2 L3 Communication A (failure) Failure (b) L2 failure L1 Communication B (normal) FUJITSU Sci. Tech. J., Vol. 45, No. 4, (October 2009) 433

The next point is our study of the causes of problems. Problems in ICT systems including clients, networks, and s can be roughly classified into performance problems and service outages. Of these, performance problems are generally caused by the following three phenomena. 1) Pet loss 2) Delay 3) Throughput reduction While pet loss is generated mainly in networks, it may also cause delay or throughput reduction and so technologies that can accurately measure pet loss are extremely important. As a means to accurately measure pet loss, an advanced technology for accurately distinguishing pet loss from out-of-order pets, retransmission due to outs and failure to capture, etc., has already been developed. Regarding service outage, it has proven difficult to infer the root cause when the cause is a routing problem or an L2 loop. To address this issue, we have already developed a path visualization technology that uses Open Shortest Path First (OSPF) to obtain accurate routing information and a technology to accurately diagnose the loop location while a L2 loop occurs. 4. Identifying problems in a network and client/ Applying tomography as described in the previous section makes it possible to identify where a problem exists between a client/ and a network. For example, in Figure 2 (a), if L2 and L3 are on the same subnet and are each connected by a single terminal, the problem can be assumed to be in L2 or the terminal. If the cause is delay or throughput reduction rather than pet loss, the terminal can be presumed to be the cause because the probability of these causes is low in local area networks. In reality, however, not all topologies are simple enough to allow identification as in Figure 2 (a). If the topology is unknown and the cause of the problem is a delay, both the network and the terminal are possible locations of the cause, which makes identification difficult. Accordingly, we have developed a technology to measure the delay for each layer. Specifically, the delay in a lower layer is measured, such as an ACK response to TCP data, which is unlikely to be affected by a terminal or application delay. Similarly, the delay is measured for a request and response on layer 7, such as HTTP, in which an application delay is reflected. Using these two delay measurement technologies, the cause of the delay can be assumed to be in the network when the delay on the lower layer is constantly large, thereby enabling highly accurate identification. The causes of the performance problems that show up as throughput reduction phenomena are mostly the effects of TCP window flow control due to an increased delay or because of insufficient effective network bandwidth. In either case, the cause is presumed to be in the network and the abovementioned delay measurement technologies allow the cause to be identified as either a delay or bandwidth insufficiency. 5. Drill-down of problems in s Slower processing in a may be perceived by users as a network service delay when no network delay occurs. In order to pinpoint the cause and location of a system slowdown, it is essential to analyze both the network delay and the processing. In general, it is not a simple task to measure the processing of an individual. In a simple client- system configuration, the a spends in the processing of a network service can be determined by simply subtracting the network delay from the network service delay, that is, the roundtrip delay of a user s request. However, in a commonly used multi-tier system (a three-tier system including Web s, application s and DB s, for example), the processing of the individual 434 FUJITSU Sci. Tech. J., Vol. 45, No. 4, (October 2009)

s must be determined taking into account the invocation path along which the s operations are processed across the system. For this reason, we have developed a technology 3) to detect the invocation path of each service processing, and calculate the processing of the individual s via a more detailed analysis of the pets exchanged between them (Figure 3). Primarily, this technology identifies each invocation path by recognizing the sequence of messages flowing through multiple s to process a service, referring to predefined appearance patterns of the messages contained in the pets. Combining this sequence recognition with TCP sequence analysis allows computation of the processing of each. Thus, this technology can identify the location of a network service delay across multiple s. 6. Drill-down of problems in content In recent years, the telephony services provided on IP networks (IP telephony services) have become widespread. In IP telephony services, users experience network service quality (speech quality in this case) in real. The speech communication quality of IP telephony services consists of the quality of the network such as pet loss and the quality of the content (audio signal) itself. 4),5) It is possible to use the aforementioned method of detecting a failure and identifying its cause/location to detect the causes of degradation of network quality. However, there were no adequate methods to detect degradation of an audio signal. Accordingly, a novel acoustic signal processing technology is developed, in which cause-specific degradations of audio signal are detected by analysis of the digital speech payload of captured pets. Since echoes and noise are reported as dominant degradation factors of speech communication quality, the technology aims to detect echoes and noise by processing signals. An echo is a reflection of the speaker s own voice and comes b to the speaker as an annoying received sound. And it can be detected Client Web Application DB Client Web Application Data 1 Request Request Data 2 Data 2 (resend) Loss TCP sequence analysis Web processing Response Application processing Response Request Response DB processing Network delay t Data 1 Data 2 Server processing t Figure 3 Analysis of request/response messages among multiple s. FUJITSU Sci. Tech. J., Vol. 45, No. 4, (October 2009) 435

by using acoustical similarities between the transmitted signal and received signal. However, to detect an echo precisely, interferences with the other party s voice and bground noise in the echo detection should be taken into account. Therefore, our technology specifies the frequency bands in which the interference is comparatively low, and evaluates similarities only in these bands so as to avoid incorrectly detecting echoes. In addition, there is no method to detect unnatural noises caused by problems with the network appliance. Particularly there is a demand to detect a pulse noise caused by inadequate connection of a circuit and a humming noise resulting from electromagnetic wave interference generated in the power supply circuit. Therefore we have also developed a technology to detect the pulse noise and the humming noise by -frequency domain analysis of an audio signal. For the acoustic analysis, the preprocessing of captured pets prior to analysis is important. Echo analysis requires preprocessing that groups incoming and outgoing pets into pairs of -series data. However, RTP sessions, which transmit content, may contain non-audio signals such as Dual-Tone Multi-Frequency (DTMF) signals as well as audio signals. Thus, analyzing the signals as a mixture of audio signals and non-audio signals may generate a -series displacement of pairs of incoming and outgoing pets. As a result, this may lower the accuracy of detection. To address this problem, we have developed a filtering technology that performs real- separation between audio and nonaudio signals at the of capturing pets, and synchronizes and extracts the pairs of incoming and outgoing -series data. Combining the aforementioned technologies for monitoring IP phone networks enables network administrators to acquire information in real about the degradation of speech on a cause-specific basis, and as a result, administrators may be able to promptly respond to problems. 7. Conclusion In this paper, as monitoring and diagnosis technologies, we have introduced approaches to a number of technologies for systematically diagnosing the causes of problems in network services based on pet capture. Networks are projected to continue increasing in terms of complexity and sophistication, while the terminals connected to these networks and the services configured across entire networks are also expected to undergo further diversification. In addition, these diversified services will result in a dramatic increase in the volume of traffic handled by networks. The systematic technologies for diagnosing the causes of problems presented in this paper are considered to have the potential to provide a strong foundation that can be applied to these future networks. From now on, in the interests of monitoring and diagnosis of future networks, which will be developed constantly while becoming more sophisticated and diverse and increasing in capacity, we intend to continue our research on the development of new technologies that include further increasing the speed and capacity of processes and the control of autonomous quality management by networks themselves. References 1) Satoshi Nojima et al.: Health-Care Technology for Networks Autonomous and High-Availability Network. (in Japanese), FUJITSU, Vol. 56, No. 4, pp. 313 318 (2005). 2) Toru Hasegawa et al.: Measurement Techniques for Quality and Failure Location over Large Scale Networks. (in Japanese), The Journal of the Institute of Electronics, Information, and Communication Engineers, Vol. 91, No. 2, pp. 92 97 (2008). 3) Riichiro Take: Real- System Behavior Visualization Technology for Managing Complex Distributed Application Systems. (in Japanese), FUJITSU, Vol. 59, No. 1, pp. 33 38 (2008). 4) TTC: JJ-201.01 A Method for Speech Quality Assessment of IP Telephony (5th Edition). (in Japanese), August 2008. 5) ITU-T Recommendation G.107 (05/2000): The E-model, a computational model for use in transmission planning. 436 FUJITSU Sci. Tech. J., Vol. 45, No. 4, (October 2009)

Masanobu Morinaga Mr. Morinaga received B.E. and M.E. degrees in Electronic Engineering from Kyushu University, Fukuoka, Japan, in 1991 and 1993, respectively. He joined, Kawasaki, Japan in 1993, where he has been engaged in research and development of network operations and management systems. He is a member of the Information Processing Society of Japan. Takeshi Otani Mr. Otani received B.S. and M.S. degrees in Electronic Engineering from Hokkaido University, Sapporo, Japan in 1998 and 2000, respectively. He joined, Kawasaki, Japan in 2000, where he has been engaged in research and development of speech enhancement algorithms and speech communication systems. He is a member of the Institute of Electronics, Information and Communication Engineers (IEICE). Yuji Nomura Mr. Nomura received B.E. and M.E. degrees in Information Engineering from Hokkaido University, Sapporo, Japan in 1992 and 1994, respectively. He joined, Kawasaki, Japan in 1994 and has been engaged in research and development of enterprise network management systems. He is a member of the Institute of Electronics, Information and Communication Engineers (IEICE) of Japan. Motoyuki Kawaba Mr. Kawaba received an M.E. degree in Information Engineering from the University of Tokyo, Tokyo, Japan in 1991. He joined Fujitsu Laboratories Ltd., Kawasaki, Japan in 1991 and has been engaged in research and development of performance modeling and analysis of wide-area distributed systems. FUJITSU Sci. Tech. J., Vol. 45, No. 4, (October 2009) 437

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information