User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.

Slides:

Advertisements

Similar presentations

Data-Plane Accountability with In-Band Path Diagnosis Murtaza Motiwala, Nick Feamster Georgia Tech Andy Bavier Princeton University.

Advertisements

IP Router Architectures. Outline Basic IP Router Functionalities IP Router Architectures.

COS 461 Fall 1997 Routing COS 461 Fall 1997 Typical Structure.

Ningning HuCarnegie Mellon University1 Optimizing Network Performance In Replicated Hosting Peter Steenkiste (CMU) with Ningning Hu (CMU), Oliver Spatscheck.

Part IV: BGP Routing Instability. March 8, BGP routing updates  Route updates at prefix level  No activity in “steady state”  Routing messages.

User-level Internet Path Diagnosis Ratul Mahajan, Neil Spring, David Wetherall and Thomas Anderson Designed by Yao Zhao.

CS 408 Computer Networks Congestion Control (from Chapter 05)

Chapter 20 Network Layer: Internet Protocol Stephen Kim 20.1.

UNIT-IV Computer Network Network Layer. Network Layer Prepared by - ROHIT KOSHTA In the seven-layer OSI model of computer networking, the network layer.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

Advanced Computer Networking Congestion Control for High Bandwidth-Delay Product Environments (XCP Algorithm) 1.

Detecting Traffic Differentiation in Backbone ISPs with NetPolice Ying Zhang Zhuoqing Morley Mao Ming Zhang.

15-441: Computer Networking Lecture 26: Networking Future.

1 A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern.

CS335 Networking & Network Administration Tuesday, May 11, 2010.

Examining IP Header Fields

Internet Networking Spring 2003

1 TVA: A DoS-limiting Network Architecture Xiaowei Yang (UC Irvine) David Wetherall (Univ. of Washington) Thomas Anderson (Univ. of Washington)

1 Emulating AQM from End Hosts Presenters: Syed Zaidi Ivor Rodrigues.

1 CCNA 2 v3.1 Module 8. 2 TCP/IP Suite Error and Control Messages CCNA 2 Module 8.

Ningning HuCarnegie Mellon University1 A Measurement Study of Internet Bottlenecks Ningning Hu (CMU) Joint work with Li Erran Li (Bell Lab) Zhuoqing Morley.

Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.

Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.

Bandwidth Estimation: Metrics Mesurement Techniques and Tools By Ravi Prasad, Constantinos Dovrolis, Margaret Murray and Kc Claffy IEEE Network, Nov/Dec.

Gursharan Singh Tatla Transport Layer 16-May

PALMTREE M. Engin TozalKamil Sarac The University of Texas at Dallas.

NET-REPLAY: A NEW NETWORK PRIMITIVE Ashok Anand Aditya Akella University of Wisconsin, Madison.

IP Addressing INTW What is an IP address? An unique identifier for a computer or device (host) on a TCP/IP network A 32-bit binary number usually.

Guide to TCP/IP, Third Edition

ICMP (Internet Control Message Protocol) Computer Networks By: Saeedeh Zahmatkesh spring.

Chapter 4. After completion of this chapter, you should be able to: Explain “what is the Internet? And how we connect to the Internet using an ISP. Explain.

ICMP : Internet Control Message Protocol. Introduction ICMP is often considered part of the IP layer. It communicates error messages and other conditions.

© 2002, Cisco Systems, Inc. All rights reserved..

Wireless TCP Prasun Dewan Department of Computer Science University of North Carolina

Switching breaks up large collision domains into smaller ones Collision domain is a network segment with two or more devices sharing the same Introduction.

A METHOD FOR INCONSPICUOUS TRACEROUTE Jonathan Haber.

Copyright © 2003 OPNET Technologies, Inc. Confidential, not for distribution to third parties. Session 1341: Case Studies of Security Studies of Intrusion.

Bob Knowledge Plane -- Scaling of the WHY App Bob Braden, ISI 24 Sept 03.

CS551: End-to-End Packet Dynamics Paxon’99 Christos Papadopoulos (

Lecture 6 Page 1 Advanced Network Security Review of Networking Basics Advanced Network Security Peter Reiher August, 2014.

Networks and Protocols CE Week 7b. Routing an Overview.

COP 5611 Operating Systems Spring 2010 Dan C. Marinescu Office: HEC 439 B Office hours: M-Wd 2:00-3:00 PM.

Packet switching network Data is divided into packets. Transfer of information as payload in data packets Packets undergo random delays & possible loss.

Detection of Routing Loops and Analysis of Its Causes Sue Moon Dept. of Computer Science KAIST Joint work with Urs Hengartner, Ashwin Sridharan, Richard.

N. Hu (CMU)L. Li (Bell labs) Z. M. Mao. (U. Michigan) P. Steenkiste (CMU) J. Wang (AT&T) Infocom 2005 Presented By Mohammad Malli PhD student seminar Planete.

Deadline-based Resource Management for Information- Centric Networks Somaya Arianfar, Pasi Sarolahti, Jörg Ott Aalto University, Department of Communications.

Monitoring Troubleshooting TCP/IP Chapter 3. Objectives for this Chapter Troubleshoot TCP/IP addressing Diagnose and resolve issues related to incorrect.

Computer Networking Lecture 18 – More TCP & Congestion Control.

Interconnect Networks Basics. Generic parallel/distributed system architecture On-chip interconnects (manycore processor) Off-chip interconnects (clusters.

ERICSON BRANDON M. BASCUG Alternate - REGIONAL NETWORK ADMINISTRATOR HOW TO TROUBLESHOOT TCP/IP CONNECTIVITY.

Péter Hága Eötvös Loránd University, Hungary European Conference on Complex Systems 2008 Jerusalem, Israel.

1 Network Simulation and Testing Polly Huang EE NTU

TCP continued. Discussion – TCP Throughput TCP will most likely generate the saw tooth type of traffic. – A rough estimate is that the congestion window.

QoS in Mobile IP by Preethi Tiwari Chaitanya Deshpande.

Queue Scheduling Disciplines

Internet Traffic Engineering Motivation: –The Fish problem, congested links. –Two properties of IP routing Destination based Local optimization TE: optimizing.

TCP/IP1 Address Resolution Protocol Internet uses IP address to recognize a computer. But IP address needs to be translated to physical address (NIC).

Bandwidth estimation: metrics, measurement techniques, and tools Presenter: Yuhang Wang.

Reading for next class No new reading, but there will be a quiz Ch 4.1 – 4.23: Internet applications.

PATH DIVERSITY WITH FORWARD ERROR CORRECTION SYSTEM FOR PACKET SWITCHED NETWORKS Thinh Nguyen and Avideh Zakhor IEEE INFOCOM 2003.

Unique Access Solutions OAM – an end-user perspective Presented by: Yaakov (J) Stein RAD Data Communications Ltd.

1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 8 TCP/IP Suite Error and Control Messages.

June 11, 2002 Abilene Route Quality Control Initiative Aaron D. Britt Guy Almes Route Optimization.

Reverse Traceroute Ethan Katz-Bassett, Harsha V. Madhyastha, Vijay K. Adhikari, Colin Scott, Justine Sherry, Peter van Wesep, Arvind Krishnamurthy, Thomas.

Network Tools and Utilities

588 Section 3 Neil Spring April 20, 1999.

RESOLVING IP ALIASES USING DISTRIBUTED SYSTEMS

Pong: Diagnosing Spatio-Temporal Internet Congestion Properties

Building A Network: Cost Effective Resource Sharing

Congestion Control (from Chapter 05)

Presentation transcript:

User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson

The network is a black box…...so what can I do 1.We want the users to be able to diagnose their paths 2.Communicate information to ISP or NOC to improve the network

TULIP: User-level path diagnosis Objectives: Detect performance faults that affect a user’s flows. This involves a measure of the magnitude of the fault (queuing delay, loss) and the localization of the faulty link. Detect performance faults that affect a user’s flows. This involves a measure of the magnitude of the fault (queuing delay, loss) and the localization of the faulty link.

How TULIP does it Ideal Architecture – Packet based solutions Ideal Architecture – Packet based solutions Each router the packet traverses adds a certain number of information to the packet: timestamp, global address of the router’s input interface. Each router the packet traverses adds a certain number of information to the packet: timestamp, global address of the router’s input interface. Issue: Packet size increases at each hop. A packet loss involves a loss of all the information. Corruption of a packet might yield to incorrect diagnosis data (allthough most corruption are treated as losses)

Because things are never ideal Basic architecture sufficient for data collection Basic architecture sufficient for data collection Assets: Fixed packet size and sufficient information… Assuming : stationarity of paths (paths between source and destination don’t change too often)

Diagnosis tools in use in TULIP Out-of-band measurement probes (or TTL based search) Out-of-band measurement probes (or TTL based search) obtain the Sample TTL and Interface ID obtain the Sample TTL and Interface ID ICMP ICMP Router timestamp Router timestamp IP identifiers IP identifiers Approximation of the per-flow counter Approximation of the per-flow counter

How to detect path loss/reordering Sending two probes to determine the behavior of the remote router

Packet queuing An ICMP timestamp is used to determine the queuing delays within a router (median)

The TULIP methods To perform the measurement, TULIP uses two “scanning” methods. To perform the measurement, TULIP uses two “scanning” methods. Binary search (reduces diagnostic traffic but at a cost of diagnosis time) Binary search (reduces diagnostic traffic but at a cost of diagnosis time) Parrallel search (interleaves measurements to different routers by cycling through them in nodes) Parrallel search (interleaves measurements to different routers by cycling through them in nodes)

Network Load and Diagnosis Time Because of the relative stationary behavior of a router, with an approximative diagnosis time of 10/30 min, TULIP can provide accurate results. Because of the relative stationary behavior of a router, with an approximative diagnosis time of 10/30 min, TULIP can provide accurate results. The load for Binary search is B/W and for parrallel LB/W (lower bound) The load for Binary search is B/W and for parrallel LB/W (lower bound) L: # of measurable routers B: Bandwitdth cost of the probes W: Wait time (usually 1s)

Diagnosing granularity The granularity is the weighted average of the lengths of its diagnosable segments. The granularity is the weighted average of the lengths of its diagnosable segments ’2’ Rank(G)=2 1 2

Various granularity for different measurements 50 % of the paths have a granularity less than 3 hops (75% <4) TULIP matches ideal tomography implementation

Validation Compared results with Planet Lab coupled with a tomography system Compared results with Planet Lab coupled with a tomography system Use a measure “rate delta” that computes the difference between the rate at the far end minus that at the near end of a segment. Use a measure “rate delta” that computes the difference between the rate at the far end minus that at the near end of a segment. Negative values implies a lack of consistency (values spawn a range too large)

Reordering Results 85 % of the results are consistent for forward path 75 % for round trip (due to the asymmetric nature of some paths)

Loss results 85% again of non negative deltas Round trip counterpart less affected by asymmetry than the Reordering diagnosis (because loss usually occurs close to the destination)

Queuing Results ICMP message generation has a poor timestamp resolution (the two median within 2ms of each other – One from TCPDump on planet lab and one from TULIP). Forward path shows that queuing delay is consistent (very few negative values) Round trip reflects the variability in the return path

The last mile… First hops from user is the bottleneck First hops from user is the bottleneck

Persistance of a fault We check for how many iterations, TULIP yields similar results 80% of the path show faults persisting long enough for TULIP to diagnose them (typical time a binary search takes to locate a fault : 6 runs)

Conclusions Network Operators would be able to diagnose links efficiently Network Operators would be able to diagnose links efficiently And a user too … if the world was populated entirely by Computer nerds. And a user too … if the world was populated entirely by Computer nerds.

Issues… Multiple TULIP users could reduce the accuracy of the probing method, the per flow counter Multiple TULIP users could reduce the accuracy of the probing method, the per flow counter An application doesn’t experience the network the same way an active measurement does. (TCP, application dependant as well as flags) An application doesn’t experience the network the same way an active measurement does. (TCP, application dependant as well as flags)

…and possible improvements Per flow counter at the router level (unrealistic) Per flow counter at the router level (unrealistic) Hash source address and IPID (for flow) Hash source address and IPID (for flow) ICMP timestamp have reception time as well as transmission time (allows the calculation of the delay the packet is processed at the router) ICMP timestamp have reception time as well as transmission time (allows the calculation of the delay the packet is processed at the router)