OWAMP March 10 th 2011, OSG All Hands Meeting, Network Performance Jason Zurawski – Internet2.

Slides:

Advertisements

Similar presentations

One-way Delay Measurement Vladimir Smotlacha TF-NGN, October 2002.

Advertisements

Network Time Protocol (NTP) August 9 th 2011, OSG Site Admin Workshop Jason Zurawski – Internet2 Research Liaison.

4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

SIMPLEStone – A presence server performance benchmarking standard SIMPLEStone – A presence server performance benchmarking standard Presented by Vishal.

Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.

Monitoring System Monitors Basics Monitor Types Alarms Actions RRD Charts Reports.

Web Proxy Server Anagh Pathak Jesus Cervantes Henry Tjhen Luis Luna.

© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

Installing Samba Vicki Insixiengmay Jonathan Krieger.

CIS679: RTP and RTCP r Review of Last Lecture r Streaming from Web Server r RTP and RTCP.

Performance Measurement Tools August 9 th 2011, OSG Site Admin Workshop Jason Zurawski – Internet2 Research Liaison.

Performance Measurement Tools March 10 th 2011, OSG All Hands Workshop - Network Performance Jason Zurawski, Internet2.

1Federal Network Systems, LLC CIS Network Security Instructor Professor Mort Anvair Notice: Use and Disclosure of Data. Limited Data Rights. This proposal.

Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:

2007/01/031 Bandwidth Test Controller Speaker ： Po-Chou Chen Cheng-Lin Tsai Advisor ： Quincy Wu Date ： 2008/01/03.

BWCTL March 10 th 2011, OSG All Hands Meeting, Network Performance Jason Zurawski – Internet2.

ICMP : Internet Control Message Protocol. Introduction ICMP is often considered part of the IP layer. It communicates error messages and other conditions.

Chapter 6: Packet Filtering

Denial-of-Service Attacks Justin Steele Definition “A "denial-of-service" attack is characterized by an explicit attempt by attackers to prevent legitimate.

BWCTL August 9 th 2011, OSG Site Admin Workshop Jason Zurawski – Internet2 Research Liaison.

Silberschatz, Galvin and Gagne  Operating System Concepts Chapter 3: Operating-System Structures System Components Operating System Services.

Tony McGregor RIPE NCC Visiting Researcher The University of Waikato DAR Active measurement in the large.

Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.

1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.

OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.

OWAMP August 10 th 2010, OSG Site Admin Workshop - Network Performance Jason Zurawski, Internet2.

05-Apr-2006 OWAMP and BWCTL: Installation and Configuration Jeff Boote Network Performance Workshop.

10-Jun-2005 OWAMP and BWCTL: Installation and Configuration Jeff Boote Network Performance Workshop.

22-Sept-2005 Google Summer of Code Projects: Lightweight Precision Timestamps Jeff Boote.

Error and Control An IP datagram travels from node to node on the way to its destination Each router operates autonomously Failures or problems may occur.

Module 7: Advanced Application and Web Filtering.

10-Jun-2005 OWAMP (One-Way Active Measurement Protocol) Jeff Boote Network Performance Workshop.

PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.

CCNA4 v3 Module 6 v3 CCNA 4 Module 6 JEOPARDY K. Martin.

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

DoS/DDoS attack and defense

Lecture 15 Page 1 CS 236 Online Evaluating Running Systems Evaluating system security requires knowing what’s going on Many steps are necessary for a full.

14-Nov-07 OWAMP (One-Way Latencies) BWCTL (Bandwidth Test Control) Jeff Boote Network Performance Tools BOF-SC07.

10-Jun-05 BWCTL (Bandwidth Test Control) Jeff Boote Network Performance Workshop.

IP packet filtering Breno de Medeiros. Florida State University Fall 2005 Packet filtering Packet filtering is a network security mechanism that works.

Securing Access to Data Using IPsec Josh Jones Cosc352.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

Connect communicate collaborate Performance Metrics & Basic Tools Robert Stoy, DFN EGI TF, Madrid September 2013.

BWCTL August 10 th 2010, OSG Site Admin Workshop - Network Performance Jason Zurawski, Internet2.

By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.

Fermilab Scientific Computing Division Fermi National Accelerator Laboratory, Batavia, Illinois, USA. Off-the-Shelf Hardware and Software DAQ Performance.

VMware ESX and ESXi Module 3.

NAT、DHCP、Firewall、FTP、Proxy

The Transport Layer Implementation Services Functions Protocols

Deterministic Communication with SpaceWire

BWCTL (Bandwidth Test Control)

Securing the Network Perimeter with ISA 2004

Distributed Computing

Chapter 2: System Structures

OWAMP (One-Way Active Measurement Protocol)

Operating System Structure

Understanding the OSI Reference Model

Deployment & Advanced Regular Testing Strategies

Software Architecture in Practice

(bandwidth control) Jeff Boote Internet2

Presentation by Wyatt Zacharias

OWAMP One-Way Active Measurement Protocol (Sample Implementation)

BWCTL (Bandwidth Test Control)

A tool for locating QoS failures on an Internet path

Chapter 2: Operating-System Structures

Chapter 2: Operating-System Structures

CSE 486/586 Distributed Systems Time and Synchronization

Presentation transcript:

OWAMP March 10 th 2011, OSG All Hands Meeting, Network Performance Jason Zurawski – Internet2

Tutorial Agenda: – Network Performance Primer - Why Should We Care? (15 Mins) – Getting the Tools (10 Mins) – Use of the BWCTL Server and Client (30 Mins) – Use of the OWAMP Server and Client (30 Mins) – Use of the NDT Server and Client (30 Mins) – Diagnostics vs Regular Monitoring (30 Mins) – Network Performance Exercises (1 hr 30 Mins) Agenda 2 – 5/5/2015, © 2010 Internet2

OWAMP is: – Command line client application – Policy and scheduling daemon – Used to determine one way latencies between hosts. Implementation of the OWAMP protocol as defined by – Command Protocol to speak between client and server, server and server – Test protocol Different attempts to do this in the past: – Surveyor – RIPE OWAMP: What is it 3 – 5/5/2015, © 2011 Internet2

Passive Measurements (e.g. SNMP) – Higher polling interval may mask queue depths – Active probing gives a better picture of real traffic Round Trip Measurements: – Hard to isolate the direction of a problem – Congestion and queuing can be masked in the final measurement – Can be done with a single ‘beacon’ (e.g. using ICMP responses) One Way Measurements: – Direction of a problem is implicit – Detects asymmetric behavior – See congestion or queuing in one direction first (normal behavior) – Requires ‘2 Ends’ to measure properly Why One Way Latency? 4 – 5/5/2015, © 2011 Internet2

Supports authentication and authorization of the users that will test Used to configure the parameters of a test – Endpoint controlled port numbers – Extremely configurable send schedule – Configurable packet sizes Used to start/stop tests Used to retrieve results – Provisions for dealing with partial session results in the event of a failure OWAMP Control Protocol 5 – 5/5/2015, © 2011 Internet2

“Lightweight” compared to the control protocol Uses UDP as the transport protocol, since the protocol needs to be able to measure individual packet delivery times Supports varying packet sizes Data needed to calculate experimental errors on the final result is in every packet Packets can be “open”, “authenticated”, or “encrypted” OWAMP Test Protocol 6 – 5/5/2015, © 2011 Internet2

Applications – Daemon (owampd) – Clients (owping, powstream) Open Source License & Development – Modified BSD ( ) – Mailing lists for developer communication – come join us! Protocol Abstraction Library – Will support development of new clients – Add custom ‘hooks’ into the policy (e.g. add authentication via OpenID or similar) Sample Implementation 7 – 5/5/2015, © 2011 Internet2

Meant to operate like traditional “ping” owping client requests OWD tests from an OWAMP server (owampd) Client can be ‘sender’ or ‘receiver’ – Both directions are tested unless otherwise specified Communication can be “open”, “authenticated”, or “encrypted” Supports the setup of many tests concurrently Supports the storage of results on the server for later retrieval Functionality (owping client) 8 – 5/5/2015, © 2011 Internet2

Accepts requests for OWD tests Responds with accepted/denied Tests are formally started with a StartSessions message from the client. Runs tests Sessions with packets received at the server are buffered for later retrieval Functionality (owampd server) 9 – 5/5/2015, © 2011 Internet2

OWPING Example 10 – 5/5/2015, © 2011 Internet2

OWAMP GUIs - Mesh 11 – 5/5/2015, © 2011 Internet2

OWAMP GUIs – Delay/Loss Plot 12 – 5/5/2015, © 2011 Internet2

OWAMP GUIs - Jitter 13 – 5/5/2015, © 2011 Internet2

Each connection is “classified” (authentication) Each classification is associated with a set of hierarchical limits – Bandwidth (bandwidth) – Session buffer (disk) – Data retention (delete_on_fetch) – Connection policy (allow_open_mode) (no time dependent dimension to resource allocation in owampd) Resource Allocation 14 – 5/5/2015, © 2011 Internet2

Architecture 15 – 5/5/2015, © 2011 Internet2

Clock requirement is the strongest – Doesn’t work well in virtualized environments – Doesn’t work well when machine is doing heavier testing (e.g. BWCTL), results may be suspect NTP (ntpd) synchronized clock on the local system – Specific configuration requirements as specified in NTP talk… – Strictly speaking, owamp will work without ntp. However, your results will be meaningless in many cases OWAMP Requirements 16 – 5/5/2015, © 2011 Internet2

NTP (ntpd) synchronized clock on the local system – Configure NTP properly (don’t rely on system defaults!) – Strictly speaking, owamp will work without NTP. However, your results will be meaningless in many cases – More info here: P P General Requirements – Time Source 17 – 5/5/2015, © 2011 Internet2

Source Code – All modern Unix distributions (Free BSD/Linux) – OS X Packages – Support for CentOS 5.5 (x86) – Packages have been shown to operate on similar systems (CentOS, Fedora, RHEL, and x86_64 architecture) General Requirements – Support 18 – 5/5/2015, © 2011 Internet2

“Bare Metal” – virtualization is tricky Stable System Clock – Temperature controlled environment – No power management of CPU – Reduction of “background” services – may institute noise No strict requirements for CPU, Memory, Bus speed – More tasking schedules will require more capable hardware Hardware 19 – 5/5/2015, © 2011 Internet2

Time: – NTP issues predominate the problems – Determining an accurate timestamp “error” is in many ways more difficult than getting a “very good” timestamp – Working as an “open” server requires UTC time source (For predefined test peers, other options available) Firewalls: – Port filter trade-off Administrators like pre-defined port numbers Vendor manufactures would probably like to “prioritize” test traffic Owampd allows a range of ports to be specified for the receiver Operational Concerns 20 – 5/5/2015, © 2011 Internet2

Third-Party DoS source – Compromised server may send packets to other locations. DoS target – Excessive traffic will harm measurement results – Someone might attempt to affect statistics web pages to see how much impact they can have Resource consumption – Time slots – Memory (primary and secondary) – Network bandwidth Policy/Security Considerations 21 – 5/5/2015, © 2011 Internet2

Restrict overall bandwidth to something relatively small – Most OWAMP sessions do not require much Limit “open” tests to ensure they do not interfere with precision of other tests Policy Recommendations 22 – 5/5/2015, © 2011 Internet2

Currently available – – Mail lists: – users users – announce announce Availability 23 – 5/5/2015, © 2011 Internet2

Testing OWAMP: – Log on to testbed – Test from one host to another: owping HOSTNAME – Try different hosts. Try longer tests. What happens when we use: -c (number of packets to send, try 1000) -t (test to HOSTNAME only) -f (test from HOSTNAME only) Hands On 24 – 5/5/2015, © 2011 Internet2

OWAMP March 10 th 2011, OSG All Hands Meeting, Network Performance Jason Zurawski – Internet2 For more information, visit 25 – 5/5/2015, © 2011 Internet2