Jigsaw: Solving the Puzzle of Enterprise 802.11 Analysis Yu-Chung Cheng John Bellardo, Peter Benko, Alex C. Snoeren, Geoff Voelker, Stefan Savage.

Slides:

Advertisements

Similar presentations

– Wireless PHY and MAC Stallings Types of Infrared FHSS (frequency hopping spread spectrum) DSSS (direct sequence.

Advertisements

University of Calgary – CPSC 441

Internet Traffic Patterns Learning outcomes –Be aware of how information is transmitted on the Internet –Understand the concept of Internet traffic –Identify.

20 – Collision Avoidance, : Wireless and Mobile Networks6-1.

11 Diagnosing and improving Wireless Networks Patrick Verkaik Mikhail Afanasyev Yuvraj Agarwal Yu-Chung Cheng Stefan Savage Alex C. Snoeren Geoffrey.

6: Wireless and Mobile Networks6-1 Chapter 6: Wireless and Mobile Networks Background: r # wireless (mobile) phone subscribers now exceeds # wired phone.

1 Elements of a wireless network network infrastructure wireless hosts r laptop, PDA, IP phone r run applications r may be stationary (non- mobile) or.

11 Automating Cross-Layer Diagnosis of Enterprise Wireless Networks Yu-Chung Cheng Mikhail Afanasyev Patrick Verkaik Jennifer Chiang Alex C. Snoeren.

Spanning Tree and Wireless EE122 Discussion 10/28/2011.

1. 2 Enterprise WLAN setting 2 Vivek Shrivastava Wireless controller Access Point Clients Internet NSDI 2011.

5-1 Data Link Layer r What is Data Link Layer? r Wireless Networks m Wi-Fi (Wireless LAN) r Comparison with Ethernet.

Observing Home Wireless Experience through WiFi APs MobiCom ‘13 September 2013 A.Patro, S. Govindan, S. Banerjee University of Wisconsin Madison Presented.

DOMINO: Relative Scheduling in Enterprise Wireless LANs Wenjie Zhou (Co-Primary Author), Dong Li (Co-Primary Author), Kannan Srinivasan, Prasun Sinha 1.

Low Latency Wireless Video Over Networks Using Path Diversity John Apostolopolous Wai-tian Tan Mitchell Trott Hewlett-Packard Laboratories Allen.

Design Considerations & Emerging Standards.  Carrier Sense Multiple Access / Collision Detect.  Practical limit on Nodes per collision domain.

TCP Behavior across Multihop Wireless Networks and the Wired Internet Kaixin Xu, Sang Bae, Mario Gerla, Sungwook Lee Computer Science Department University.

CSE 461 University of Washington1 Topic How do nodes share a single link? Who sends when, e.g., in WiFI? – Explore with a simple model Assume no-one is.

BMWnet Wshnt.kuas.edu.tw Mesh Networks Prof. W.S. Hwang.

6: Wireless and Mobile Networks6-1 Elements of a wireless network network infrastructure wireless hosts r laptop, PDA, IP phone r run applications r may.

Adapted from: Computer Networking, Kurose/Ross 1DT066 Distributed Information Systems Chapter 6 Wireless, WiFi and mobility.

ECE 4450:427/527 - Computer Networks Spring 2015

VoIP Packets In the Air and Over the Wire J. Scott Haugdahl CTO

High Performance, Easy to Deploy Wireless. Agenda Foundry Key Differentiators Business Value Product Overview Questions.

Wi-Fi Wireless LANs Dr. Adil Yousif. What is a Wireless LAN  A wireless local area network(LAN) is a flexible data communications system implemented.

CS640: Introduction to Computer Networks Aditya Akella Lecture 22 - Wireless Networking.

Wireless LAN Advantages 1. Flexibility 2. Planning 3. Design

ECE 424 Embedded Systems Design Networking Connectivity Chapter 12 Ning Weng.

MAC layer Taekyoung Kwon. Media access in wireless - start with IEEE In wired link, –Carrier Sense Multiple Access with Collision Detection –send.

9/19/20151 Automating Cross-Layer Diagnosis of Enterprise Wireless Networks Geoffrey M. Voelker Mikhail Afanasyev, John Bellardo, Peter Benko, Yu-Chung.

2006/12/04NTU/nslab1 Jigsaw: Solving the Puzzle of Enterprise Analysis YuChung ChengYuChung Cheng, John Bellardo, P´eter Benk¨o Alex C. Snoeren,

1 Architecture and Techniques for Diagnosing Faults in IEEE Infrastructure Networks Atul Adya, Victor Bahl, Ranveer Chandra, Lili Qiu Microsoft.

10/1/2015 9:14 PM1 TCP in Mobile Ad-hoc Networks ─ Split TCP CSE 6590.

CSE 461 University of Washington1 Topic How do nodes share a single link? Who sends when, e.g., in WiFI? – Explore with a simple model Assume no-one is.

Written by Yu-Chung Cheng, John Bellardo, Peter Benko, Alex C. Snoeren, Geoffrey M. Voelker and Stefan Savage Written by Yu-Chung Cheng, John Bellardo,

MOJO: A Distributed Physical Layer Anomaly Detection System for WLANs Richard D. Gopaul CSCI 388.

Wireless Hotspots: Current Challenges and Future Directions CNLAB at KAIST Presented by An Dong-hyeok Mobile Networks and Applications 2005.

Wireless and Mobility The term wireless is normally used to refer to any type of electrical or electronic operation which is accomplished without the use.

1 Other LANs Token Rings Wireless –Wireless LAN (802.11, WiFi) –Broadband Wireless (802.16) –Bluetooth.

Time This powerpoint presentation has been adapted from: 1) sApr20.ppt.

Characterizing Home Wireless Performance: The Gateway View Ioannis Pefkianakis* H. Lundgren^, A. Soule^, J. Chandrashekar^, P. Guyadec^, C. Diot^, M. May^,

Outsourcing Coordination and Management of Home Wireless Access Points through an Open API Ashish Patro Prof. Suman Banerjee University of Wisconsin Madison.

Time Synchronization Protocols in Wireless Sensor Networks.

Outsourcing Coordination and Management of Home Wireless Access Points through an Open API Ashish Patro* Prof. Suman Banerjee University of Wisconsin Madison.

WIRELESS COMMUNICATION Husnain Sherazi Lecture 1.

Characterizing Home Wireless Performance: The Gateway View Ioannis Pefkianakis* H. Lundgren^, A. Soule^, J. Chandrashekar^, P. Guyadec^, C. Diot^, M. May^,

Challenges in (managing) Wireless Networks. Different types Licensed vs. unlicensed spectrum UWB GPRS Bluetooth Asymmetric networks (data on TV.

1 Chapter 4. Protocols and the TCP/IP Suite Wen-Shyang Hwang KUAS EE.

MAC Sublayer MAC layer tasks: – Control medium access – Roaming, authentication, power conservation Traffic services – DCF (Distributed Coordination.

Optimization Problems in Wireless Coding Networks Alex Sprintson Computer Engineering Group Department of Electrical and Computer Engineering.

Doc.: IEEE /0768r0 Submission September 2003 Charles R. Wright, Azimuth Systems A Technique for Fast Passive Scanning Charles R. Wright Azimuth.

1 Chapter 4 MAC Layer – Wireless LAN Jonathan C.L. Liu, Ph.D. Department of Computer, Information Science and Engineering (CISE), University of Florida.

Observing Home Wireless Experience through WiFi APs MobiCom ‘13 September 2013 A.Patro, S. Govindan, S. Banerjee University of Wisconsin Madison Presented.

DSSS PHY packet format Synchronization SFD (Start Frame Delimiter)

COMPUTER NETWORKS Hwajung Lee. Image Source:

IEEE Wireless LAN. Wireless LANs: Characteristics Types –Infrastructure based –Ad-hoc Advantages –Flexible deployment –Minimal wiring difficulties.

MAC Protocols for Sensor Networks

Cognitive Wi-Fi.

Outline What is Wireless LAN Wireless Transmission Types

CSE 486/586 Distributed Systems Time and Synchronization

The Network Beacon Announcement scanning method

Medium Access Control (MAC) Sub-layer

CS 457 – Lecture 7 Wireless Networks

WiFi Networks: IEEE b Wireless LANs

Wireless LAN Security 4.3 Wireless LAN Security.

Slobodan Milanko Manweiler, J., Franklin, P., & Choudhury, R. R. (2012, March). RxIP: Monitoring the health of home wireless networks. In INFOCOM, 2012.

Jigsaw: Solving the Puzzle of Enterprise Analysis

basics Richard Dunn CSE July 2, 2003.

WiFi Networks: IEEE b Wireless LANs

Network Basics and Architectures Neil Tang 09/05/2008

IEEE Wireless Local Area Networks (RF-LANs)

Presentation transcript:

Jigsaw: Solving the Puzzle of Enterprise Analysis Yu-Chung Cheng John Bellardo, Peter Benko, Alex C. Snoeren, Geoff Voelker, Stefan Savage

2 Enterprise ? Easy. Blanket the building with APs for 100% coverage

3 A familiar story... “The wireless is being flaky.” “Flaky how?” “Well, my connections got dropped earlier and now things seem very sloooow.” “OK, we will take a look” “Wait, wait … it’s ok now” “Mmm… well let us know if you have any more problems.” Now what? Employee Support

4 What are the problems?  Contention with nearby wireless devices?  Bad AP channel assignments?  Microwave ovens?  Congestions in the Internet?  Bad interaction between TCP and ?  Rogue access points?  Poor choice of APs (weak signal)?  Incompatible user software/hardware?  DoS attack?! …… Need to monitor the wireless network across time, locations, channels, and protocol layers

5 How to monitor ? MeasurementLimitations AP tracesOnly packets that AP sees 1 passive snifferLimited coverage N passive sniffers in 1 channel Limited frequency (roaming, broadband interference, AP channel assignments) N passive sniffers of all channels Need synchronized traces

6 Jigsaw  Measure real large wireless networks  Collect every possible information PHY/Link/IP/TCP/App layer trace Collect every single wireless packet  Need many sniffers for 100% coverage  Provide global view of wireless networks across time, locations, channels, and protocol layers

7 New CSE building at UCSD  150k square feet  4 floors  >500 occupants  150 faculty/staff  350 students  Building-wide WiFi  39 access points  b/g Channel 1, 6, 11  active clients anytime  Daily traffic ~5 GB

8 UCSD passive monitor system  Overlays existing WiFi network  Series of passive sniffers  Blanket deployment over 4 floors  39 sensor pods (156 radios)  4 radios per pod, cover all channels in use  Captures all activities Including CRC/PHY events  Stream back over wired network to a centralized storage

9 Jigsaw design Traces synchronization and unification L2 state reconstruction TCP flow reconstruction

10 Synchronization  Create a virtual global clock  To keep unification working  Critical evidence for analysis If A and B are transmitting at the same time they could interfere If A starts transmitting after B has started then A can’t hear B  Require fine time-scales (10-50us)  NTP is >100 usec accuracy  HW clocks (TSF) have 100PPM stability Time (s) TSF diff (us) TSF diff of two sniffers

11 Traces synchronization and unification  Sniffers label packets w/ local timestamp (TSF)  Need a global clock  Estimate the offset between TSF and the global clock for each sniffer

12 Trace unification (ideal) Time

13 Trace unification (reality) Time JFrame 1JFrame 4JFrame 5JFrame 3JFrame 2 Jigsaw unified trace

14 Challenge: sync at large-scale  How to bootstrap?  Goal: estimate the offset between TSF and the global clock for each sniffer  Time reference from one sniffer to the other  Sync across channels  Dual radios on same sniffer slaved to same clock  Manage TSF clock skews  Continuously re-adjust offsets when unifying frames ToTo 1234 ∆t 1 ∆t 2

15 Jigsaw in action  Jigsaw unifies 156 traces into one global trace  Covers 99% of AP frames, 96% of client frames StartsJan 24,2006 (Tuesday) Duration24 hr Total APs107 (39 CSE) CSE Clients1026 Active CSE clients anytime Total Events2,700M PHY/CRC Errors48% Valid Frames52% JFrames530M Events per Jframe 2.97

16 L2-ACK Beacon Synchronized Valid packets CRC errors PHY errors

17 Jigsaw syncs 99% frames < 20us  Measure sync. quality by max dispersion per Jframe  20 us is important threshold  back-off time is 20 us  inter frame time is 50 us  Sufficient to infer many events

18 Hidden terminal problems  Infer transmission failure by absence of ACK  Estimate conditional probability of loss given simultaneous transmission by some hidden- terminal senderreceiverhidden terminal  How much packet is lost due to hidden- terminal? ?

19 Hidden Terminal Problems  10% of sender-receiver pairs have over 10% losses due to hidden terminals

20 Trace analysis b/g interactions ARP Broadcast Storms TCP loss rate in wireless vs. in Internet Microwave Ovens

21 Moving forward  Developed “Jigsaw” that allows  24x7 monitor system in UCSD CSE w/ 156 sniffers  Global fine-grained view of large wireless network (time, locations, channels)  Jigsaw software will be available shortly  Ongoing work  Root cause diagnoses of end-to-end performance in wireless networks  Standard wireless problem analysis Ex. Exposed terminal problems

22 Q & A Live traffic monitoring and more information at