Packet Capture Questions and considerations Henrik Wessing JRA2 Task 4

Slides:



Advertisements
Similar presentations
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Advertisements

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
© 2006 Cisco Systems, Inc. All rights reserved. Module 4: Implement the DiffServ QoS Model Lesson 4.8: Understanding WAN Link Efficiency Mechanisms.
1 Measurement based traffic engineering Poul Heegaard, Telenor R&D / NTNU Dept. Telematics.
By Aaron Thomas. Quick Network Protocol Intro. Layers 1- 3 of the 7 layer OSI Open System Interconnection Reference Model  Layer 1 Physical Transmission.
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
Shadow Configurations: A Network Management Primitive Richard Alimi, Ye Wang, Y. Richard Yang Laboratory of Networked Systems Yale University.
Configuration of a Site-to-Site IPsec Virtual Private Network Anuradha Kallury CS 580 Special Project August 23, 2005.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
Measuring Performance Chapter 12 CSE807. Performance Measurement To assist in guaranteeing Service Level Agreements For capacity planning For troubleshooting.
Passive traffic measurement Capturing actual Internet packets in order to measure: –Packet sizes –Traffic volumes –Application utilisation –Resource utilisation.
Firewalls and VPNS Team 9 Keith Elliot David Snyder Matthew While.
Network based IP VPN Architecture using Virtual Routers Jessica Yu CoSine Communications, Inc. Feb. 19 th, 2001.
Internet Traffic Management Prafull Suryawanshi Roll No - 04IT6008.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Public IP Telephony Introduction to VoIP Cisco Networking Academy Program.
© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.
1 Performance Evaluation of Ring- based Peer-to-Peer Virtual Private Network (RING-P2P-VPN) Hiroyuki Ohsaki Graduate School of Information Sci. & Tech.
GN2 Performance Monitoring & Management : AA Needs – Nicolas Simar - 2 nd AA Workshop Nov 2003 Malaga, Spain GN2 Performance Monitoring & Management.
Internet Traffic Management. Basic Concept of Traffic Need of Traffic Management Measuring Traffic Traffic Control and Management Quality and Pricing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Identifying Application Impacts on Network Design Designing and Supporting Computer.
POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 5. Passive Monitoring Techniques.
IPSec in a Multi-OS Environment. What is IPSec? IPSec stands for Internet Protocol Security It is at a most basic level a way of adding security to your.
Ethernet Circuit. Ethernet Circuit Concepts Circuit switching features –End to end quality of service –End to end Layer 2 security –Granular bandwidth.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Identifying Application Impacts on Network Design Designing and Supporting.
TCP/IP Protocols Contains Five Layers
Generic Routing Encapsulation GRE  GRE is an OSI Layer 3 tunneling protocol: Encapsulates a wide variety of protocol packet types inside.
ATM Technologies. Asynchronous Transfer Mode (ATM) Designed by phone companies Single technology meant to handle –Voice –Video –Data Intended as LAN or.
Data and Computer Communications Chapter 11 – Asynchronous Transfer Mode.
DATA COMMUNICATION (ELA…) ASYNCHRONOUS TRANSFER MODE (ATM) 1.
Real-time Flow Management 2 BOF: Remote Packet Capture Extensions Jürgen Quittek NEC Europe Ltd, Heidelberg, Germany Georg Carle GMD.
1 Virtual Private Networks (VPNs) and IP Security (IPSec) G53ACC Chris Greenhalgh.
Nicolas Simar – DANTE - Sequin: Monitoring Infrastructure Monitoring Premium IP.
Vladimír Smotlacha CESNET High-speed Programmable Monitoring Adapter.
FreeS/WAN & VPN Cory Petkovsek VPN: Virtual Private Network – a secure tunnel through untrusted networks. IP Security (IPSec): a standardized set of authentication.
- 1 IPv6 Quality of Service Measurement Issues and Solutions Alessandro Bassi Hitachi Europe SAS RIPE 50 meeting Stockholm, 2 nd May 2005.
UNIVERSITY OF JYVÄSKYLÄ 2005 Multicast Admission Control in DiffServ Networks Department of Mathematical Information Technology University of Jyväskylä.
PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.
1 Lecture 13 IPsec Internet Protocol Security CIS CIS 5357 Network Security.
Virtual Private Networks Ed Wagner CS Overview Introduction Types of VPNs Encrypting and Tunneling Pro/Cons the VPNs Conclusion.
Security IPsec 1 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Company LOGO Network Management Architecture By Dr. Shadi Masadeh 1.
Connect. Communicate. Collaborate GN2 Activities and the LOBSTER Project Nicolas Simar, DANTE TNC 2005, Poznan, June 2005.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
November 10, 2010IETF 79 – Beijing, China A method for IP multicast performance monitoring draft-cociglio-mboned-multicast-pm-01 Alessandro Capello Luca.
K. Salah1 Security Protocols in the Internet IPSec.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
March 22, 2010IETF 77 – Anaheim, USA1 A method for IP multicast performance monitoring draft-cociglio-mboned-multicast-pm-00 Alessandro Capello Luca Castaldelli.
Unique Packet Identifiers for Multipoint Monitoring of QoS Parameters Juraj Giertl, František Jakab Gorazd Baldovský, Ján Genči.
The Network Layer Role Services Main Functions Standard Functions
VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.
Ready-to-Deploy Service Function Chaining for Mobile Networks
Cisco Networking Academy Program
Virtual Private Networks
IPSec Detailed Description and VPN
Shadow Configurations: A Network Management Primitive
CS408/533 Computer Networks Text: William Stallings Data and Computer Communications, 6th edition Chapter 1 - Introduction.
Cisco Exam Braindumps
Cisco Networking Academy Program
Cisco Networking Academy Program
Network Virtualization
Trends in Network and Service Monitoring
תרגול 11 – אבטחה ברמת ה-IP – IPsec
Virtual Private Network
Security Protocols in the Internet
Virtual Private Networks
EE 122: Lecture 18 (Differentiated Services)
Requirements Definition
Presentation transcript:

Packet Capture Questions and considerations Henrik Wessing JRA2 Task 4 DTU / Nordunet JRA2 T4 meeting, Poznan 30th of November, 2016

Overall architecture and starting point: Monitoring MD VPN L2VPNs –Point-to-Point tunnelling L3VPNs (IPv4/IPv6) – Private IP networks VPLS –Virtual Private LAN Service Network To The Lab (tunneling to the labs)

Initial questions? What exactly do we need to monitor and who request this? Should monitoring information be used for: NREN/GEANT operation? End user for immediate verification of link? Documentation for long term validation of SLA? Parameters Delay, jittr, packet loss ratio Resolution: nsec, usec or msec. Average and burst throughput Granularity All packets (header and fingerprint) captured or just a subset How much to capture for a statistical acceptable result.

Active or passive probing Active Probing: Allows for inserting timestamped traffic wherever needed Will impact overall bandwidth of flow Monitoring packets should have exactly same priority Should use ”insignificant” bandwidth Passive Probing: Capture, identify and timestamp customer traffic several places in network. Identification in multitechnology environment complex and will probably need hashing Hybrid Active probes in customer domain Well defined packets to identify and capture

Granularity Monitoring per interface or higher order flows Interface bandwidth Hardware solutions probably required for 10G and 100G+ flows Napatech solutions ? Which information can be provided from current hardware to the capture implementations? Per customer flow: Software based solution

Passive mode packet identification Capture all or subset of packets Utilise MPLS/VLAN header if possible Utilise TCP/UDP sequence number if available Or use IP Payload fingerprint (also if e.g. IPSec or fragments IPSec) Capture all and subset of e.g. hashes could be used to reduce traffic to aggregator.

Active mode packet identification Special type packets/frames can be inserted for easy identification and capture. IP header type could be used. Packets timestamped at the insertion probe Jitter and delay calculated locally Max/min/avg. delay and packet count forwarded to aggregator. Discussion: Can the simpler identification justify the impact on the channel Is it relevant to compare overhead from collector to aggrgator traffic with overhead from inband monitoring? By not capturing and processing customer data, do we have a better security story to tell?

Packet capture implementations Hardware or software Platform Are we just supporting Linux? Implementationof software C variants Java Python Other choices What can we learn for WiFiMon (GN4-1 SA3)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.