Section 1: Network monitoring based on flow measurement techniques



Similar documents
Section 2: Network monitoring based on flow measurement techniques

An Architecture for the Self-management of Lambda-Connections in Hybrid Networks

Lightpath Planning and Monitoring

Network traffic monitoring and management. Sonia Panchen 11 th November 2010

IPV6 流 量 分 析 探 讨 北 京 大 学 计 算 中 心 周 昌 令

Experiences with MPTCP in an intercontinental multipathed OpenFlow network

Viete, čo robia Vaši užívatelia na sieti? Roman Tuchyňa, CSA

TE in action. Some problems that TE tries to solve. Concept of Traffic Engineering (TE)

Redefine Network Visibility in the Data Center with the Cisco NetFlow Generation Appliance

Optimizing Enterprise Network Bandwidth For Security Applications. Improving Performance Using Antaira s Management Features

Network support for tele-education

Cisco NetFlow Generation Appliance (NGA) 3140

Comprehensive IP Traffic Monitoring with FTAS System

Scalable Extraction, Aggregation, and Response to Network Intelligence

Charter Text Network Design and Configuration

QOS IN NETWORK TRAFFIC MANAGEMENT

NetFlow: What is it, why and how to use it? Miloš Zeković, ICmyNet Chief Customer Officer Soneco d.o.o.

VPN Technologies: Definitions and Requirements

Monitoring backbone networks

Software Defined Networking to Improve Mobility Management Performance

CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY

Flow Analysis Versus Packet Analysis. What Should You Choose?

Network Management & Monitoring Overview

Details. Some details on the core concepts:

ESSENTIALS. Understanding Ethernet Switches and Routers. April 2011 VOLUME 3 ISSUE 1 A TECHNICAL SUPPLEMENT TO CONTROL NETWORK

J-Flow on J Series Services Routers and Branch SRX Series Services Gateways

Network congestion control using NetFlow

Network and Capacity Planning in SURFnet6

Network Traffic Analysis using HADOOP Architecture. Zeng Shan ISGC2013, Taibei

QoS Parameters. Quality of Service in the Internet. Traffic Shaping: Congestion Control. Keeping the QoS

Introduction. The Inherent Unpredictability of IP Networks # $# #

Network Functions Virtualization in Home Networks

APPLICATION NOTE 211 MPLS BASICS AND TESTING NEEDS. Label Switching vs. Traditional Routing

Overview of Network Measurement Tools

IPv6 Preparation and Deployment in Datacenter Infrastructure A Practical Approach

Building a better NetFlow

End-to-End Network Centric Performance Management

NetFlow Performance Analysis

Quality of Service in the Internet. QoS Parameters. Keeping the QoS. Traffic Shaping: Leaky Bucket Algorithm

Unified network traffic monitoring for physical and VMware environments

Restorable Logical Topology using Cross-Layer Optimization

NEN Community REANNZ. Design Statement: NEN Edge Device

Cisco IOS Flexible NetFlow Technology

Research on Errors of Utilized Bandwidth Measured by NetFlow

ETHERNET CONNECT. CONNECT YOUR BUSINESS WITH A FLEXIBLE, HIGH-PERFORMANCE NETWORK THAT S BUILT FOR RELIABILITY.

Analysis of traffic engineering parameters while using multi-protocol label switching (MPLS) and traditional IP networks

Network Performance Monitoring at Minimal Capex

Network Monitoring and Management NetFlow Overview

Customer White paper. SmartTester. Delivering SLA Activation and Performance Testing. November 2012 Author Luc-Yves Pagal-Vinette

CHAPTER 6. VOICE COMMUNICATION OVER HYBRID MANETs

A Hybrid Electrical and Optical Networking Topology of Data Center for Big Data Network

Voice over Internet Protocol (VoIP) systems can be built up in numerous forms and these systems include mobile units, conferencing units and

Enhancing BoD Services based on Virtual Network Topology Control

Chapter 9. IP Secure

ICTNPL5071A Develop planning strategies for core network design

Elevating Data Center Performance Management

ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B.

Local Area Networking technologies Unit number: 26 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: L/601/1547

Signature-aware Traffic Monitoring with IPFIX 1

BITAG Publishes Report: Differentiated Treatment of Internet Traffic

MPLS Layer 2 VPNs Functional and Performance Testing Sample Test Plans

Cisco Announces IPv6 Licensing Parity with IPv4 for Cisco Catalyst Series Switches

Facility Usage Scenarios

Internet Management and Measurements Measurements

Flow-Based Monitoring of GTP Traffic in Cellular Networks. Master of Science Thesis. E.H.T.B. Brands

Testing & Assuring Mobile End User Experience Before Production. Neotys

NGN Network Architecture

(MPLS) MultiProtocol Labling Switching. Software Engineering 4C03 Computer Network & Computer Security Dr. Kartik Krishnan Winter 2004.

How To Build A Network For Storage Area Network (San)

The Economics of Cisco s nlight Multilayer Control Plane Architecture

Study of Network Performance Monitoring Tools-SNMP

IP Storage On-The-Road Seminar Series

Gaining Operational Efficiencies with the Enterasys S-Series

Monitoring Network Traffic Using SPAN

Description: Objective: Upon completing this course, the learner will be able to meet these overall objectives:

Redundancy & the Netnod Internet Exchange Points

Advanced Computer Networks IN Dec 2015

plixer Scrutinizer Competitor Worksheet Visualization of Network Health Unauthorized application deployments Detect DNS communication tunnels

Performance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc

NetFlow Tips and Tricks

Networking Topology For Your System

CNE Network Assessment


ICTTEN5204A Produce technical solutions from business specifications

SECURE WEB GATEWAY DEPLOYMENT METHODOLOGIES

The Road to SDN: Software-Based Networking and Security from Brocade

Transcription:

Section 1: Network monitoring based on flow measurement techniques This research is performed within the scope of the SURFnet Research on Networking (RON) project (Activity 1.2 - Measurement Scenarios). Authors Michiel Uithol Vincent van Kooten Supervisors Aiko Pras Pieter-Tjerk de Boer Keywords: SURFnet, Flow measurement, Tools

2

Table of contents: Section one Introduction... 4 SURFnet... 4 Research questions... 5 Approach... 5 Conclusions... 6 Table of contents: Section two Chapter 1: Introduction... 3 Chapter 2: Target users... 4 Chapter 3: Measurement techniques... 6 Chapter 4: Flows and Flow formats... 9 Chapter 5: Tool requirements...17 Chapter 6: Tool summary...19 Chapter 7: Scenarios...25 Appendix A: Extra tool overview...29 Appendix B: Nprobe test report...38 Appendix C: Pmacct test report...40 Appendix D: NTop test report...43 Appendix E: Stager test report...49 Appendix F: Cacti test report...55 Appendix G: Flowscan+...60 Appendix H: Pmacct-fe test report...61 Appendix I: Different ways of traffic snooping...64 Acronyms...66 References...68 3

Introduction For our bachelor assignment at the, research into tools for IP flow measurement was performed. The research is restricted to open source software for collecting, processing and displaying the results of these flow measurements. In this document we will focus on the application of these flow measurements within SURFnet. More detailed descriptions of SURFnet and this assignment are provided below. The contribution of this report consists of providing the reader an overview in the current broad range of open source tools to perform and present traffic measurement. Choices have to be made in order to choose a tool that fits a certain situation. The report consists of two sections. Section one describes the research questions, the approach and the general conclusions of this bachelor assignment. This section is primarily intended for internal use within the. Section two describes measurement techniques, flow standards, open source tools for flow measurement, actual testing of these tools and scenarios for possible implementation options. This section is primarily intended for use and distribution within SURFnet. SURFnet SURFnet is an innovative computer network specially used for higher education and research in the Netherlands. The network is being maintained by the SURF foundation. Ongoing innovation has made SURFnet5 one of the world's most advanced networks with congestion-free connections to the major Dutch, European and transatlantic networks. Speed, reliability and security of the network are key issues. If everything goes according to the planning, SURFnet5 will be completely replaced by SURFnet6 at January 1 st 2006. SURFnet6 is heading in a new direction, as far as the technique and architecture of the network are concerned. The reason for this change is both technical and economical. A new type of usage has arisen: extremely large data streams between two fixed points in the network. In order to route this traffic in such a way that the normal internet traffic is not hampered, another type of network is needed. Above all, routers are very expensive, while the price of transmissions on links between these routers has decreased considerably. Because of these advances the idea has risen for a hybrid network, which is a combination of a traditional IP-network with revolutionary optical techniques. The optical techniques include lambda switching for the large data streams, so the routers will not be bothered with an extra load. Advantage of this new architecture is that fewer routers are needed. SURFnet6 will completely be built out of fibre links owned and managed by SURFnet. 4

Research questions The research network in the Netherlands is called SURFnet. The next generation of that network, SURFnet6, will be a managed dark fibre network that supports lambdaswitching. For this network an improved monitoring service might be required, which provides usage and performance figures to its users. In order to design such a service, research is needed on the following topics: - Determine which standards are available for exporting network information. - Investigate existing open source tools that can be used to present network usage figures. - Investigate different scenarios where monitoring is appropriate. Approach In order to answer research question one, the different user groups in the SURFnet situation have to be determined. The users will be specified together with their demands and wishes. Next background research on the field of traffic measurement has to be performed. By investigating the possibilities of the traffic measurement techniques the main focus of research will become clear. An in depth view of the selected measurement technique has to be provided. To answer the second research question, a search for usage measurement programs that are distributed under an open source license should be performed. Next phase consists of creating a list of requirements for the tools. Only the most promising tools will be selected for further testing. These tools will be described in individual reports. The last research question requires an investigation into scenarios. These example scenarios have to point out how tools can be used in practice and how the tools can fulfil SURFnet users needs. 5

Conclusions To answer the first research question, we determined the different users of SURFnet. With their wishes for measurement information in mind an overview was created of the possibilities to display throughput information. Our research shows that this can be displayed well using flow techniques. Flow measurements have different advantages over the current measurements based on the Simple Network Protocol (SNMP). Advantages include better insight into the network by showing traffic between specific points in the network. This is valuable information for the possible introduction of lambda paths. For this traffic a distinction can be made among the used services. Flow measurement also provides data mining possibilities e.g. how large the percentage of IPv6 usage is. More advantages are named in section two, chapter 4. Other techniques do not suffice because they do not provide enough detail in network traffic or demand too many resources. For the named advantages over other the standards we have chosen flow techniques to collect network information. After research into the different standards to export flow information, our final preference goes out to IP Flow Information Export (IPFIX). IPFIX is an initiative from the Internet Engineering Task Force (IETF) 1, an attempt at creating one standard for flow output. Although IPFIX is currently not widely available, we believe it will become a standard in the industry. In order to answer the second research question, an investigation into the currently available open source tools was performed. Requirements were made to select the most promising tools among the 33 found to process flow information. Tools surviving this selection were tested. For every tested tool a report was made, these can be found in section 2. The tools were tested on the various aspects that are required to install and run a tool in a network environment. Testing also revealed that not all tools surviving the primary selection are good enough to deploy in an actual network. To answer the third research question we engineered different possible scenarios. A selection was made among the tested tools, which should be able to present this data to the users. Sample scenarios display possibilities to perform traffic measurements in SURFnet. These scenarios also provide multiple possibilities for administrators to fulfil their own and the networks user s needs. An environment where such scenario s can be deployed is the new SURFnet6 where innovations in network statistics might be required. Currently only output figures for individual routers are available together with latency measurements. The flow extensions as suggested would be an improvement and gives the user more insight into the network. 1 The Internet Engineering Task Force is charged with developing and promoting Internet standards. It is an open, all-volunteer organization, with no formal membership or membership requirements. 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information