1 A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern.

Slides:



Advertisements
Similar presentations
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Advertisements

Computer Networks21-1 Chapter 21. Network Layer: Address Mapping, Error Reporting, and Multicasting 21.1 Address Mapping 21.2 ICMP 21.3 IGMP 21.4 ICMPv6.
User-level Internet Path Diagnosis Ratul Mahajan, Neil Spring, David Wetherall and Thomas Anderson Designed by Yao Zhao.
Network Layer Packet Forwarding IS250 Spring 2010
Internet Control Message Protocol (ICMP)
Internet Traffic Patterns Learning outcomes –Be aware of how information is transmitted on the Internet –Understand the concept of Internet traffic –Identify.
ICMP & ICMPv6 Referenced on RFC’s 792 and 2463 respectively. Frank Azevedo.
Server-based Inference of Internet Performance V. N. Padmanabhan, L. Qiu, and H. Wang.
An Algebraic Approach to Practical and Scalable Overlay Network Monitoring Yan Chen, David Bindel, Hanhee Song, Randy H. Katz Presented by Mahesh Balakrishnan.
King : Estimating latency between arbitrary Internet end hosts Krishna Gummadi, Stefan Saroiu Steven D. Gribble University of Washington Presented by:
EEC-484/584 Computer Networks Lecture 10 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
Efficient Hop ID based Routing for Sparse Ad Hoc Networks Yao Zhao 1, Bo Li 2, Qian Zhang 2, Yan Chen 1, Wenwu Zhu 3 1 Lab for Internet & Security Technology,
Internet Networking Spring 2003
Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.
User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.
Network Tomography (A presentation for STAT 593E) Mingyan Li Radha Sampigethaya.
Yao Zhao 1, Yan Chen 1, David Bindel 2 Towards Unbiased End-to-End Diagnosis 1.Lab for Internet & Security Tech, Northwestern Univ 2.EECS department, UC.
Scalable and Deterministic Overlay Network Diagnosis Yao Zhao, Yan Chen Northwestern Lab for Internet and Security Technology (LIST) Dept. of Computer.
Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.
CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College
Petrozavodsk State University, Alex Moschevikin, 2003NET TECHNOLOGIES Internet Control Message Protocol ICMP author -- J. Postel, September The purpose.
Guide to TCP/IP, Third Edition
IP (Internet Protocol) –the network level protocol in the Internet. –Philosophy – minimum functionality in IP, smartness at the end system. –What does.
Chapter 9.
1 IP: putting it all together Part 2 G53ACC Chris Greenhalgh.
© 2002, Cisco Systems, Inc. All rights reserved..
IEEE Globecom 2010 Tan Le Yong Liu Department of Electrical and Computer Engineering Polytechnic Institute of NYU Opportunistic Overlay Multicast in Wireless.
Fall 2005Computer Networks20-1 Chapter 20. Network Layer Protocols: ARP, IPv4, ICMPv4, IPv6, and ICMPv ARP 20.2 IP 20.3 ICMP 20.4 IPv6.
1 Passive Network Tomography Using Bayesian Inference Lili Qiu Joint work with Venkata N. Padmanabhan and Helen J. Wang Microsoft Research Internet Measurement.
Chapter 81 Internet Protocol (IP) Our greatest glory is not in never failing, but in rising up every time we fail. - Ralph Waldo Emerson.
1 Internet Control Message Protocol (ICMP) Used to send error and control messages. It is a necessary part of the TCP/IP suite. It is above the IP module.
Internetworking Internet: A network among networks, or a network of networks Allows accommodation of multiple network technologies Universal Service Routers.
Internetworking Internet: A network among networks, or a network of networks Allows accommodation of multiple network technologies Universal Service Routers.
Internet Protocols. Address Resolution IP Addresses are not recognized by hardware. If we know the IP address of a host, how do we find out the hardware.
1 RFC Transmission of IPv6 Packets over IEEE Networks Speaker: Li-Wen Chen Date:
Towards Efficient Large-Scale VPN Monitoring and Diagnosis under Operational Constraints Yao Zhao, Zhaosheng Zhu, Yan Chen, Northwestern University Dan.
CSC 600 Internetworking with TCP/IP Unit 7: IPv6 (ch. 33) Dr. Cheer-Sun Yang Spring 2001.
A Light-Weight Distributed Scheme for Detecting IP Prefix Hijacks in Real-Time Lusheng Ji†, Joint work with Changxi Zheng‡, Dan Pei†, Jia Wang†, Paul Francis‡
1 Chapter 23 Internetworking Part 3 (Control Messages, Error Handling, ICMP)
Network Layer4-1 Datagram networks r no call setup at network layer r routers: no state about end-to-end connections m no network-level concept of “connection”
N. Hu (CMU)L. Li (Bell labs) Z. M. Mao. (U. Michigan) P. Steenkiste (CMU) J. Wang (AT&T) Infocom 2005 Presented By Mohammad Malli PhD student seminar Planete.
Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 19 Omar Meqdadi Department of Computer Science and Software Engineering University.
Ad Hoc On-Demand Distance Vector Routing (AODV) ietf
Uni Innsbruck Informatik th IETF, PMTUD WG: Path MTU Discovery Using Options draft-welzl-pmtud-options-01.txt Michael Welzl
1 IPv6: Packet Structures Dr. Rocky K. C. Chang 29 January, 2002.
Lect1..ppt - 01/06/05 CDA 6505 Network Architecture and Client/Server Computing Lecture 3 TCP and IP by Zornitza Genova Prodanoff.
Chapter 3 TCP and IP 1 Chapter 3 TCP and IP. Chapter 3 TCP and IP 2 Introduction Transmission Control Protocol (TCP) User Datagram Protocol (UDP) Internet.
Network Layer 3 Application Presentation Session Transport Network Data Link Physical OSI Model.
PATH DIVERSITY WITH FORWARD ERROR CORRECTION SYSTEM FOR PACKET SWITCHED NETWORKS Thinh Nguyen and Avideh Zakhor IEEE INFOCOM 2003.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 8 TCP/IP Suite Error and Control Messages.
Lecture#6:Connectivity Verification
Chapter 3 TCP and IP Chapter 3 TCP and IP.
Connectivity Verification
Monitoring Persistently Congested Internet Links
COMPUTER NETWORKS CS610 Lecture-33 Hammad Khalid Khan.
8 Network Layer Part V Computer Networks Tutun Juhana
Troubleshooting IP Communications
Lecture#7:Connectivity Verification
IP - The Internet Protocol
ECE 544 Protocol Design Project 2016
Chandrika Jayant Ethan Katz-Bassett
Lecture#6:Connectivity Verification
Net 323 D: Networks Protocols
IP - The Internet Protocol
Distributed Systems CS
CSE 313 Data Communication
ITIS 6167/8167: Network and Information Security
16EC Computer networks unit II Mr.M.Jagadesh
IP - The Internet Protocol
Distributed Systems CS
Presentation transcript:

1 A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern University

2 Motivation How do end users, with no special privileges, identify packet loss inside the network with one or two computers?

3 Motivation How do end users, with no special privileges, identify packet loss inside the network with one or two computers? Take-home –We propose three user-level loss rate diagnosis approaches –The combo of our approaches and Tulip [SOSP03] is much better than any single approach

4 Outline Motivation Related Works Lossy Link Diagnosis –Fragmentation Aided Diagnosis (FAD) Algebraic FAD Opportunistic FAD –Striped Probe Analysis (SPA) Evaluations Conclusions

5 Related Work I Internet Tomography –Multicast based (not practical) –Unicast based Mimic multicast L1L1 L2L2 L3L3 L4L4 S Virtual link The more cooperating end hosts, the shorter the virtual links

6 Related Work II Tulip [SOSP03] –Leverage on consecutive IPID –Tend to underestimate forward loss rates Suffer from the packet loss correlation x id id+1 Forward Loss SD x id id+2 Reverse Loss SD x id SD x ?

7 Outline Motivation Related Works Lossy Link Diagnosis –Fragmentation Aided Diagnosis (FAD) Algebraic FAD Opportunistic FAD –Striped Probe Analysis (SPA) Evaluations Conclusions

8 Link Diagnosis=> Forward Path Diagnosis If we can infer the loss rates of forward path F 1 and F 2, we can infer the link loss rate of l 3 F1F1 D SR1R1 R2R2 F2F2 l3l3 l2l2 l1l1 The more diagnosable forward path segments, the better the diagnosis granularity

9 Basic Idea of FAD SN PR P R SN P1P1 RP2P2 R P1P1 P2P2

10 Algebraic FAD Let p f and p r be the loss rate of the forward and reverse path respectively P R R P1P1 P2P2 (1 - p f ) × (1 - p r )=1 – p (1) (1 - p f ) 2 × (1 - p r )=1 – p’ (2) p and p’ are measurable. Solve p f and p r using (1) and (2)

11 How to Achieve FAD IP Fragmentation –Fragment a packet longer than MTU –Required to be supported in IPv4 –Some routers disable it for security reason Support of IP Fragmentation –64,320 router IP addresses probed by using Traceroute –About 80% of routers support IP fragmentation Degree of Rate Limiting on Responses –99% of routers allow a rate of 100 probes/s for ICMP Echo, ICMP Timestamp and TCP probes –Response to UDP probe is severely rate- limited

12 Opportunistic FAD F1F1 F2F2 +P F’ 2 F1F1 +P’ aaaaaaaa bbbbbbbb aaaaaaaabbbbbb aaaaaaaa cccccccccaaaaaaaacccccccc

13 Opportunistic FAD R’ Forward Loss F1F1 x F2F2 F’ 2 R No Loss SN F1F1 F2F2 F’ 2 F 1 +F 2 F 1 +F’ 2 SN Similar to Tulip, but OFAD allows large gap between fragments

14 Striped Probe Analysis (SPA) S sends a probe to D and we get the path p 1 -> p 2 S sends UDP packet with a certain TTL so that R returns an ICMP TTL-Exceeded response. Hence we get path p 1 -> p 3 S p1p1 p3p3 p2p2 DR S R D S p1p1 p2p2 p3p3

15 Striped Probe Analysis (SPA) S R S p1p1 p2p2 p3p3 P1P1 P2P2 (1) Loss on shared link D

16 Striped Probe Analysis (SPA) Success rate of p 1 ≈ n 1 × n 2 / ( n × n 12 ) –n : number of striped probes sent, –n 1 : number of P 1 received by D, –n 2 : number of P2 received by S, –n 12 : number of cases that both P 1 and P 2 are received Unbiased if packet loss has perfect correlation and loss rates of different links are independent S R S p1p1 p2p2 p3p3 P1P1 P2P2 (2) Loss on non-shared link D S R S p1p1 p2p2 p3p3 (1) Loss on shared link D

17 Summary RequirementAccuracy Tulip [SOSP03] Consecutive IPID (70%) Inaccurate w/ strong loss correlation FAD (AFAD & OFAD) IP fragmentation (80%) Accurate w/ weak or short loss correlation SPA ICMP TTL-Exceeded. Access from both end hosts Accurate w/ strong loss correlation The current Internet usually has strong but short loss correlation.

18 Outline Motivation Related Works Lossy Link Diagnosis –FAD –SPA Evaluations Conclusions

19 Evaluation Metrics Diagnosis Granularity –Weighted average of the lengths of the path’s diagnosable segments –For example, an 8-hop path has two diagnosable segments of length 3 and 5, and then the granularity of the path is ( )/8 = 4.25 Accuracy –Estimation error: –Relative error:

20 Diagnosis Granularity SPA is best FAD ≈Tulip Combo of FAD and Tulip is better

21 Path-Level Accuracy Evaluation FAD > Tulip > SPA OFAD, Tulip and SPA tends to underestimate loss rates

22 More Evaluations Consistency Check Packet Probe Size Selection Lossy Link Distribution More in the technical report

23 Conclusions and Recommendations We propose AFAD, OFAD and SPA which can conduct loss rate diagnosis without infrastructure Tulip, FAD and SPA have different working scenarios –The combination of them can achieve low diagnosis granularity and high accuracy Recommendations –OFAD+SPA, if we can control the two ends of an end-to-end path –OFAD+Tulip, if we can only control the source

24

25 Thanks! Questions?

26 Path-Level Accuracy of Combined Schemes

27

28 Path-Level Accuracy Evaluation

29 Path-Level Accuracy of Combined Schemes

30 IP Fragmentation Is Widely Supported Router Collection –64,320 router IP addresses probed by using traceroute from a machine Support of Different Probes Support of IP Fragmentation –90.3% of responsive routers support IP fragmentation –Altogether about 80% of routers support FAD. Degree of Rate Limiting on Responses –99% of routers allow a rate of 100 probes/s for ICMP Echo, ICMP Timestamp and TCP probes –UDP probe is severely rate-limited EchoTimestampUDPTCPAny 1 source85.3%69.2%64.5%71.7%88.2% 10 sources87.3%72.3%70.7%73.3%90.1%

31 Packet Transmission Correlation Choose 100 PlanetLab hosts and randomly measure 5000 paths Little loss correlation with enough gap

32 Forward Path Diagnosis => Link Diagnosis If we can infer the loss rates of forwarding path l 1 and P 1, we can infer the link loss rate of l 2 too. D

33 Opportunistic FAD n: number of R 12 received, n’: number of R’ 12 received X i = 0 when forward packet i is lost and X i =1 otherwise P(X 2 =1)≈P(X 2 =1|X 1 =1)≈n/(n+n’) R 12 P1P1 P2P2 P’ 2 R’ 12 P1P1 P2P2 P’ 2 x (1)(2)

34 Striped Probe Analysis (SPA) No fragmented packets needed ! S sends a probe to D and we get the path l 1 -> l 2 S sends UDP packet with a certain TTL so that R returns an ICMP TTL-Exceeded response. Hence we get path l 1 -> l 3 SR l1l1 l3l3 l2l2 S R D S l1l1 l2l2 l3l3 D

35 Striped Probe Analysis (SPA) S R S l1l1 l2l2 l3l3 P1P1 P2P2 D

36 Striped Probe Analysis (SPA) S R S l1l1 l2l2 l3l3 P1P1 P2P2 (1) No loss(2) Loss on shared link S R S l1l1 l2l2 l3l3 P1P1 P2P2 D D

37 Striped Probe Analysis (SPA) Success rate of l 1 ≈ n 1 × n 2 / ( n × n 12 ) –n : number of striped probes sent, –n 1 : number of P 1 received by D, –n 2 : number of P2 received by S, –n 12 : number of cases that both P 1 and P 2 are received Unbiased if packet loss has perfect correlation and loss rates of different links are independent S R S l1l1 l2l2 l3l3 S R S l1l1 l2l2 l3l3 P1P1 P2P2 (1) No loss(2) Loss on shared link(3) Loss on non-shared link S R DS l1l1 l2l2 l3l3 P1P1 P2P2 DD