QoS measurements Sven Tafvelin Chalmers university of Technology Gothenburg, Sweden.

Slides:

Advertisements

Similar presentations

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Advertisements

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

CISCO NETWORKING ACADEMY Chabot College ELEC Address Resolution Protocol.

The 9th Israel Networking Day 2014 Scaling Multi-Core Network Processors Without the Reordering Bottleneck Alex Shpiner (Technion/Mellanox) Isaac Keslassy.

Operating System Customization

MonNet status Sven Tafvelin Chalmers. RouterDWDM Original configuration.

Network (Internet) Neutrality CMPT 771 Qiang (Scott) Zhang.

Computer Networks Fall, 2007 Prof Peterson. CIS 235: Networks Fall, 2007 Western State College  What is “store and forward”?  What is a buffer / queue?

I NTERNET A NONYMITY By Esra Erdin. Introduction Types of Anonymity Systems TOR Overview Working Mechanism of TOR I2P Overview Working Mechanism of I2P.

Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.

National Center for Supercomputing Applications Adam Slagell, Jun Wang and William Yurcik, National Center for Supercomputing Applications (NCSA) University.

Fast binary and multiway prefix searches for pachet forwarding Author: Yeim-Kuan Chang Publisher: COMPUTER NETWORKS, Volume 51, Issue 3, pp , February.

Passive traffic measurement Capturing actual Internet packets in order to measure: –Packet sizes –Traffic volumes –Application utilisation –Resource utilisation.

Licentiate Seminar: On Measurement and Analysis of Internet Backbone Traffic Wolfgang John Department of Computer Science and Engineering Chalmers University.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Connecting LANs, Backbone Networks, and Virtual LANs

HiVision SNMP Software.

Toward Prevention of Traffic Analysis Fengfeng Tu 11/26/01.

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Layering and the TCP/IP protocol Suite  The TCP/IP Protocol only contains 5 Layers in its networking Model  The Layers Are 1.Physical -> 1 in OSI 2.Network.

Chapter Seven Advanced Shell Programming. 2 Lesson A Developing a Fully Featured Program.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Troubleshooting Your Network Networking for Home and Small Businesses.

IP Telephony Network Design

+ Building a Peer-to-Peer Network Lab 6. + Objective Create a simple peer-to-peer network between two PCs dentify the proper cable to connect the two.

What is FORENSICS? Why do we need Network Forensics?

XP New Perspectives on Microsoft Office Access 2003 Tutorial 12 1 Microsoft Office Access 2003 Tutorial 12 – Managing and Securing a Database.

NECP: the Network Element Control Protocol IETF WREC Working Group November 11, 1999.

Common Devices Used In Computer Networks

By Anthony W. Hill & Course Technology1 Common End User Problems.

1. There are different assistant software tools and methods that help in managing the network in different things such as: 1. Special management programs.

Firewall and Internet Access Mechanism that control (1)Internet access, (2)Handle the problem of screening a particular network or an organization from.

Top-Down Network Design Chapter Nine Developing Network Management Strategies Oppenheimer.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

1 Pieter Meulenhoff KPN Research ROOT2002 I-Mode Performance Monitoring Use of ROOT in telecommunications at KPN Pieter Meulenhoff.

UIC ERTMS World Conference

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 2: Configuring Network Protocols.

Fall 2005Computer Networks20-1 Chapter 20. Network Layer Protocols: ARP, IPv4, ICMPv4, IPv6, and ICMPv ARP 20.2 IP 20.3 ICMP 20.4 IPv6.

A Level ICT Unit Implementing CBIS’s. Support Installing a new system is disruptive and the support program will need to be planned well in advance.

MonNet – a project for network and traffic monitoring Detection of malicious Traffic on Backbone Links via Packet Header Analysis Wolfgang John and Tomas.

Doc.: IEEE 802 ec-12/0006r0 Submission Liaison presentation to SC6 regarding Internet Security Date: 2012-February-13 Authors: IEEE 802 LiaisonSlide 1.

IP ADDRESSING, SUBNETTING & VLSM 1. Decimal vs. Binary Numbers – Decimal numbers are represented by the numbers 0 through 9. – Binary numbers are represented.

Analysis of Internet Backbone Traffic and Header Anomalies Observed Wolfgang John and Sven Tafvelin Dept. of Computer Science and Engineering Chalmers.

Review: –Ethernet What is the MAC protocol in Ethernet? –CSMA/CD –Binary exponential backoff Is there any relationship between the minimum frame size and.

Heuristics to Classify Internet Backbone Traffic based on Connection Patterns Wolfgang John and Sven Tafvelin Dept. of Computer Science and Engineering.

15.1 Chapter 15 Connecting LANs, Backbone Networks, and Virtual LANs Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or.

Working with Active Directory Sites BAI516. Logical Versus Physical Structure Logical Forest Trees Domains OUs Leaf objects Physical IP Subnets/Sites.

The Internet The History and Future of the Internet.

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

Denial of Service DoS attacks try to deny legimate users access to services, networks, systems or to other resources. There are DoS tools available, thus.

Administering Group Policy Chapter Eleven. Exam Objectives in this Chapter  Plan a Group Policy strategy using Resultant Set of Policy Planning mode.

1 Version 3.1 Module 6 Routed & Routing Protocols.

The Devil and Packet Trace Anonymization Authors: Ruoming Pang, Mark Allman, Vern Paxson and Jason Lee Published: ACM SIGCOMM Computer Communication Review,

CSE5803 Advanced Internet Protocols and Applications (13) Introduction Existing IP (v4) was developed in late 1970’s, when computer memory was about.

Release 16/7/2009 Internetworking Devices Chapter 10 Jetking Infotrain Ltd.

Chapter 5. An IP address is simply a series of binary bits (ones and zeros). How many binary bits are used? 32.

Ethernet Basics – 7 IP Addressing. Introducing IP Addressing  IP address (TCP/IP address)  Not unique (but should be), user assigned  Layer 3  4 byte.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.

Network Troubleshooting CT NWT NameTP No. Gan Pei ShanTP Tan Ming FattTP Elamparithi A/L ThuraisamyTP Tan Ken SingTP

1 CMPT 471 Networking II OSPF © Janice Regan,

Internet Architecture

LESSON Networking Fundamentals Understand IPv4.

Network Layer COMPUTER NETWORKS Networking Standards (Network LAYER)

Packets & Routing Lower OSI layers (1-3) concerned with packets and the network Packets carry data independently through the network, and into other networks…

ARP and RARP Objectives Chapter 7 Upon completion you will be able to:

Connecting Networks Repeater: physical layer Bridge: data link layer

Application Layer Mobility Management Scheme for Wireless Internet

IPv6 Addressing By Aman Agrawal Archisman Bhattacharya

Presentation transcript:

QoS measurements Sven Tafvelin Chalmers university of Technology Gothenburg, Sweden

QoS measurements is the same as network measurements In order to understand how QoS is working we need to understand how the network is working. In order to understand we need to observe the traffic.

MonNet MonNet is a passive measurement project based on traces of network traffic primarily processed afterwards. The traffic will be caught on Sunet 10 Gbit/s backbone The volume is so large that the work will be done in campaigns.

RouterDWDM Original configuration

RouterDWDM Measurement configuration Measurem. comp Splitters G-bit Ethernet switch

These are some reflections while starting the project

What can the traces be used for? Network statistics (of course) What type of traffic is the network used for Changes of network usage over time Application behaviour on the net Delay properties Network stability Network forensics

Performance issues In general a 10 Gbit/s connection can potentially generate very much trace data at a speed which even fast computers have problems to sustain. We have 6 fast disks used in parallel and have received sustained write speed of about 480 Mbyte/s corresponding to 3.8 Gbit/s which is substantially less than 10 Gbit/s.

Performance issues (2) On the other hand: We will not store user data The links are generally not fully loaded

Trace formats are incompatible(1) There is no standard on trace formats. The number of alternatives is large and many exist in incompatible versions also: PCAP – from the libpcap DAG/ERF – from Endace equipment FR, FR+, TSH – from NLANR CRL – from Coral/CoralReef Etc etc

Trace formats are incompatible(2) There exist conversion programs between some of these formats but converting usually means loosing information. We can only keep information which can be represented in both formats.

Trace sanitization and desensitation Immediately after (or in parallel) when the trace is caught it need to be processed. Sanitization means that the trace is processed: Obvious start/end problems are adjusted Time stamp information is improved as much as possible Correctness is checked Traces may need to be merged

Desensitation Often the equipment will catch more information than is allowed: Surplus information need to be removed IP# need to be anonymized

Ethics issues There are people who regard Internet as the last bastion of total freedom and therefore don’t want traffic traces taken at all. The current political debate is going in the other direction. Police, authorities etc will be able to get rather detailed information about Internet traffic.

Trace anonymization There is a (vague?) connection between the IP# recorded in the packets and the person behind the keyboard. Therefore there is a general vish to anonymize the IP# without destroying the value when traffic should be analyzed.

Trace anonymization(2) Trace anonymization is regarded as important. This means that the IP# in the trace should systematically be replaced by a pseudonym IP#. We want the replacement to be prefix preserving. This means that if two IP#s belong to the same subnet the pseudonyms will also seem to belong to the same subnet.

Trace anonymization(3) There are two well known methods for prefix preserving anonymization: 1) TCPdpriv is almost a standard which every new proposal is measured against. It is prefix preserving but there is a major problem: The pseudonym IP# depends on the order of original IP#s. Therefore the same IP# will get different pseudonyms in different traces! This makes it impossible to merge two traces for example.

Trace anonymization(4) 2) Crypto-PAn solves this problem. It uses encryption algorithms and given a certain key it will always translate an IP# into the same pseudonym IP# and be prefix preserving on all levels. If the key is not known the pseudonym IP# cannot be inverted.

MonNet current status Equipment according to the earlier picture is installed. Before measurements can start we are waiting for an OK from a research ethics committee. In the best case it will arrive within 2 weeks.