1 Hybrid network traffic engineering system (HNTES) Zhenzhen Yan, Chris Tracy, Malathi Veeraraghavan University of Virginia and ESnet April 23, 2012

Slides:

Advertisements

Similar presentations

Internetworking II: MPLS, Security, and Traffic Engineering

Advertisements

4 IP Address (IPv4)  A unique 32-bit number  Identifies an interface (on a host, on a router, …)  Represented in dotted-quad notation

QoS Solutions Confidential 2010 NetQuality Analyzer and QPerf.

1 Chin Guok ESnet Network Engineer David Robertson DSD Computer Software Engineer Lawrence Berkeley National Laboratory.

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )

Jan 13, 2006Lahore University of Management Sciences1 Protection Routing in an MPLS Network using Bandwidth Sharing with Primary Paths Zartash Afzal Uzmi.

Traffic Engineering With Traditional IP Routing Protocols

December 20, 2004MPLS: TE and Restoration1 MPLS: Traffic Engineering and Restoration Routing Zartash Afzal Uzmi Computer Science and Engineering Lahore.

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 ECSE-6961:Internet Protocols Quiz 1: Solutions Time: 60 min (strictly enforced) Points: 50 YOUR.

Shivkumar KalyanaramanRensselaer Q1-1 ECSE-6600: Internet Protocols Quiz 1 Time: 60 min (strictly enforced) Points: 50 YOUR NAME: Be brief, but DO NOT.

1IMIC, 8/30/99 Constraint-Based Unicast and Multicast: Practical Issues Bala Rajagopalan NEC C&C Research Labs Princeton, NJ

A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.

1 Interconnection ECS 152A. 2 Interconnecting with hubs r Backbone hub interconnects LAN segments r Extends max distance between nodes r But individual.

Efficient agent-based selection of DiffServ SLAs over MPLS networks Thanasis G. Papaioannou a,b, Stelios Sartzetakis a, and George D. Stamoulis a,b presented.

A General approach to MPLS Path Protection using Segments Ashish Gupta Ashish Gupta.

MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,

COS 420 Day 16. Agenda Assignment 3 Corrected Poor results 1 C and 2 Ds Spring Break?? Assignment 4 Posted Chap Due April 6 Individual Project Presentations.

1 IP Forwarding Relates to Lab 3. Covers the principles of end-to-end datagram delivery in IP networks.

Routing of Outgoing Packets with MP-TCP draft-handley-mptcp-routing-00 Mark Handley Costin Raiciu Marcelo Bagnulo.

WAN Technologies.

DataLink Layer1 Ethernet Technologies: 10Base2 10: 10Mbps; 2: 200 meters (actual is 185m) max distance between any two nodes without repeaters thin coaxial.

A Virtual Circuit Multicast Transport Protocol (VCMTP) for Scientific Data Distribution Jie Li and Malathi Veeraraghavan University of Virginia Steve Emmerson.

Net Optics Confidential and Proprietary Net Optics appTap Intelligent Access and Monitoring Architecture Solutions.

1 Multi-Protocol Label Switching (MPLS). 2 MPLS Overview A forwarding scheme designed to speed up IP packet forwarding (RFC 3031) Idea: use a fixed length.

End-to-end resource management in DiffServ Networks –DiffServ focuses on singal domain –Users want end-to-end services –No consensus at this time –Two.

Traffic Engineering for ISP Networks Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

NetFlow: Digging Flows Out of the Traffic Evandro de Souza ESnet ESnet Site Coordinating Committee Meeting Columbus/OH – July/2004.

Computer networks Funded projects (GRA openings) NSF SDCI: 2 years left DOE HNTES: 4 years left (new grant awarded) NSF CC-NIE (new): 3 years NSF SCRP:

The University of Bolton School of Games Computing & Creative Technologies LCT2516 Network Architecture CCNA Exploration LAN Switching and Wireless Chapter.

Polytechnic University1 The internetworking solution of the Internet Prof. Malathi Veeraraghavan Elec. & Comp. Engg. Dept/CATT Polytechnic University

6/1/991 Internetworking connectionless and connection-oriented networks Malathi Veeraraghavan Mark Karol Polytechnic UniversityBell Laboratories

Review: –Ethernet What is the MAC protocol in Ethernet? –CSMA/CD –Binary exponential backoff Is there any relationship between the minimum frame size and.

ASCR/ESnet Network Requirements an Internet2 Perspective 2009 ASCR/ESnet Network Requirements Workshop April 15/16, 2009 Richard Carlson -- Internet2.

TeraPaths TeraPaths: Establishing End-to-End QoS Paths through L2 and L3 WAN Connections Presented by Presented by Dimitrios Katramatos, BNL Dimitrios.

April 4th, 2002George Wai Wong1 Deriving IP Traffic Demands for an ISP Backbone Network Prepared for EECE565 – Data Communications.

1 An update on HNTES Thanks to the US DOE ASCR for grants DE-SC and DE- SC (UVA), and for DE-AC02- 05CH11231 (ESnet) Thanks to Brian Tierney,

QoS provisioning for large, high-rate file transfers Zhenzhen Yan, Malathi Veeraraghavan, Chris Tracy, and Chin Guok University of Virginia and ESnet Apr.

Trajectory Sampling for Direct Traffic Oberservation N.G. Duffield and Matthias Grossglauser IEEE/ACM Transactions on Networking, Vol. 9, No. 3 June 2001.

1MPLS QOS 10/00 © 2000, Cisco Systems, Inc. rfc2547bis VPN Alvaro Retana Alvaro Retana

1 Hybrid network traffic engineering system (HNTES) Zhenzhen Yan, M. Veeraraghavan, Chris Tracy University of Virginia ESnet June 23, 2011 Please send.

Cisco Network Devices Chapter 6 powered by DJ 1. Chapter Objectives At the end of this Chapter you will be able to:  Identify and explain various Cisco.

An Approach to IP Network Traffic Engineering NANOG Miami, FL Chris Liljenstolpe Cable & Wireless

MPLS VPN Presented by : Md. Shafiqur Rahman Divisional Engineer (A & C) Moghbazar, Dhaka-1217.

1 Hybrid network traffic engineering system (HNTES) Project 1 Zhenzhen Yan, Zhengyang Liu, Chris Tracy, Malathi Veeraraghavan University of Virginia and.

High-Speed Policy-Based Packet Forwarding Using Efficient Multi-dimensional Range Matching Lakshman and Stiliadis ACM SIGCOMM 98.

1 Hybrid network traffic engineering system (HNTES) Zhenzhen Yan, Zhengyang Liu, Chris Tracy, Malathi Veeraraghavan University of Virginia and ESnet March.

Yaping Zhu with: Jennifer Rexford (Princeton University) Aman Shaikh and Subhabrata Sen (ATT Research) Route Oracle: Where Have.

1 Traffic Engineering of High-Rate Large-sized Flows Acknowledgment: UVA work is supported by DOE ASCR grants DE-SC and DE-SC , and NSF grants,

Ethernet switch Hosts Can talk using Ethernet addresses only.

TeraPaths: A QoS Enabled Collaborative Data Sharing Infrastructure for Petascale Computing Research The TeraPaths Project Team Usatlas Tier 2 workshop.

Internet2 Dynamic Circuit Services and Tools Andrew Lake, Internet2 July 15, 2007 JointTechs, Batavia, IL.

5: DataLink Layer5-1 Interconnecting with hubs r Backbone hub interconnects LAN segments r Extends max distance between nodes r Multi-tier design provides.

1 Hybrid network traffic engineering system (HNTES) Zhenzhen Yan, Zhengyang Liu, Chris Tracy, Malathi Veeraraghavan University of Virginia and ESnet Jan.

1 Revision to DOE proposal Resource Optimization in Hybrid Core Networks with 100G Links Original submission: April 30, 2009 Date: May 4, 2009 PI: Malathi.

1 Resource Optimization in Hybrid Core Networks with 100G Links Malathi Veeraraghavan University of Virginia [Collaboration with Admela Jukan] Date: Sep.

MPLS Introduction How MPLS Works ?? MPLS - The Motivation MPLS Application MPLS Advantages Conclusion.

Multiprotocol Label Switching (MPLS) Routing algorithms provide support for performance goals – Distributed and dynamic React to congestion Load balance.

Multi-protocol Label Switching (MPLS) RFC 3031 MPLS provides new capabilities: QoS support Traffic engineering VPN Multiprotocol support.

Practice Test Questions QUESTION 1 Which two actions must you perform to enable and use window scaling on a router? (Choose two.) A. Execute the.

Past research work and research work in progress on elephant flows

Link Layer 5.1 Introduction and services

Establishing End-to-End Guaranteed Bandwidth Network Paths Across Multiple Administrative Domains The DOE-funded TeraPaths project at Brookhaven National.

Chapter 4 Data Link Layer Switching

Hubs Hubs are essentially physical-layer repeaters:

Network Virtualization

EE 122: Lecture 7 Ion Stoica September 18, 2001.

1 Multi-Protocol Label Switching (MPLS). 2 MPLS Overview A forwarding scheme designed to speed up IP packet forwarding (RFC 3031) Idea: use a fixed length.

Chapter 5 Data Link Layer – Hub, Switch

Hybrid network traffic engineering system (HNTES)

Presentation transcript:

1 Hybrid network traffic engineering system (HNTES) Zhenzhen Yan, Chris Tracy, Malathi Veeraraghavan University of Virginia and ESnet April 23, Thanks to the US DOE ASCR program office and NSF for UVA grants DE-SC002350, DE-SC , OCI and ESnet grant DE-AC02-05CH11231 Project web site:

Problem statement A hybrid network supports both IP-routed and circuit services on: –Separate networks as in ESnet4, or –An integrated network as in ESnet5 A hybrid network traffic engineering system (HNTES) is designed to move science data flows off the IP-routed network to circuits Problem statement: Design HNTES 2 The “What” question

Two reasons for using circuits 1.Offer scientists rate-guaranteed connectivity 2.Isolate science flows from general-purpose flows 3 Reason Circuit scope Rate-guaranteed service Science flow isolation End-to-end (inter-domain) ✔✔ Per provider (intra-domain) ✖✔ The “Why” question

Rest of the slides: Focus on the “How” question Usage within domains for science flow isolation Policy based routes added in ingress routers to move science flows to MPLS LSPs 4 AC D B E Customer networks Peer/transit provider networks Customer networks Provider network IP router/ MPLS LSR IP-routed pathsMPLS LSPs IDC HNTES HNTES: Hybrid Network Traffic Engineering System

HNTES Design questions  What type of flows should be redirected off the IP-routed network? What are key components of a hybrid network traffic engineering system? Prove/disprove underlying hypothesis of design through ESnet NetFlow data analysis 5

First considered these options Dimensions –size (bytes): elephant and mice –rate: cheetah and snail –duration: tortoise and dragonfly –burstiness: porcupine and stingray 6 Kun-chan Lan and John Heidemann, A measurement study of correlations of Internet flow characteristics. ACM Comput. Netw. 50, 1 (January 2006),

working answer alpha flows should be redirected what are alpha flows? –flows with high sending rates in any part of the lifetime number of bytes in any T-sec interval  H bytes if H = 1 GB and T = 60 sec –throughput exceeds 133 Mbps alpha flows are –responsible for burstiness –caused by transfers of large files over high bottleneck-link rate paths who generates this type of flows? –scientists who move large sized datasets invest in high-end computers, high-speed disks, parallel file systems, and high access link speeds 7 S. Sarvotham, R. Riedi, and R. Baraniuk, “Connection-level analysis and modeling of nework traffic,” in ACM SIGCOMM Internet Measurement Workshop 2001, November 2001, pp. 99–104.

Design questions What type of flows should be redirected off the IP-routed network?  What are key components of a hybrid network traffic engineering system? Prove/disprove underlying hypothesis of design through ESnet NetFlow data analysis 8

Components of HNTES 9 AC D B E Customer networks Peer/transit provider networks Provider network IDC HNTES FAM RCIM IDCIM FAM: Flow Analysis Module IDCIM: IDC Interface Module RCIM: Router Control Interface Module

Three tasks executed by HNTES 10 online: upon flow arrival offline: periodic process (e.g., every hour or every day) alpha flow identification Circuit Provisioning Policy Based Route (PBR) configuration at ingress/egress routers Offline flow analysis Online flow analysis End-host assisted Rate-unlimited MPLS LSPs initiated offline Rate-unlimited MPLS LSPs initiated online Rate-specified MPLS LSPs initiated online Set offline Set online FAM: Flow Analysis Module IDCIM: IDC Interface Module RCIM: Router Control Interface Module

alpha flow identification Possible online methods –Method 1: Today’s routers support packet classification into flows and have the ability to measure rates (for rate policing) But there is no mechanism for them to inform a management system when high-rate flows arrive –Method 2: NetFlow: routers group packets into flows and send reports to a collector (files created at collector every 5 mins) Raw netflow packets from the router can be collected by a host (or via a flow-fanout from current collector) –New flow information can be obtained every 60 sec (active timeout interval) –Identify high rate flows 11

online alpha flow identification methods contd. Method 3: –Port mirror packets to external server and run algorithms to detect high-rate flows. –Cons: does not scale with link rate May need many external servers –Deployment seems impractical: need a cluster of servers per ESnet router 12

Proposed solutions Solution 1 –Strictly offline –Analyze NetFlow data on a daily basis and identify source/destination hosts (/32) or subnets (/24) that are capable of sourcing/sinking data at high rates  prefix flows Solution 2: Hybrid (NetFlow and Mirroring) –Combine offline scheme for /32 and /24 prefix flow ID, with –Online scheme NetFlow with 10 sec reporting, OR 0-length packet mirroring to external server for online detection of raw IP flows (5-tuple) whose IDs match offline configured prefix flow IDs 13

HNTES three tasks (revisit) 14 online: upon flow arrival offline: periodic process (e.g., every hour or every day) alpha flow identification Circuit Provisioning Policy Based Route (PBR) configuration at ingress/egress routers Offline flow analysis Online flow analysis End-host assisted Rate-unlimited MPLS LSPs initiated offline Rate-unlimited MPLS LSPs initiated online Rate-specified MPLS LSPs initiated online Set offline Set online

Circuit Provisioning Circuits –rate-specified per-alpha flow specific circuits are desirable if goal is rate guarantee –but if circuits are only intra-domain with the purpose of isolating science flows, it is sufficient to configure routers to redirect multiple alpha flows to same rate-unlimited LSP –set up such LSPs a priori between all ingress- egress router pairs of provider’s network that have seen alpha flows based on offline analysis 15

Three tasks executed by HNTES 16 online: upon flow arrival offline: periodic process (e.g., every hour or every day) alpha flow identification Circuit Provisioning Policy Based Route (PBR) configuration at ingress/egress routers Offline flow analysis Online flow analysis End-host assisted Rate-unlimited MPLS LSPs initiated offline Rate-unlimited MPLS LSPs initiated online Rate-specified MPLS LSPs initiated online Set offline Set online

PBR configuration Online: –Commit operation in JunOS can take on the order of minutes based on the size of the configuration file –Sub-second configuration times for OpenFlow switches? Offline: –Cannot configure routes for 5 tuple raw IP flows as ports are ephemeral –Configuring PBRs for /32 or /24 prefix flows implies some beta flows will also be redirected to the science LSPs 17

HNTES design solutions All offline solution (discussed next) Hybrid online-offline solution –hybrid alpha flow identification –offline circuit provisioning –online PBR configuration for 5-tuple raw IP flows Pros/cons of hybrid scheme: –Pro: beta flows will not be redirected to VCs (avoid alpha flow effects) –Con: some alpha flows will end before redirection 18

Review of current (all offline) HNTES design Flow analysis module analyzes NetFlow reports on a daily basis (offline) –Prefix flow identifiers determined for subnets (/24) or hosts (/32) that can source-sink alpha flows Pairwise rate-unlimited LSPs provisioned between ingress-egress routers for which prefix flows were identified PBRs set at routers (both directions) for prefix flow redirection –Entries aged out of PBR table to keep it from growing too large 19

Design questions What type of flows should be redirected off the IP-routed network? What are key components of a hybrid network traffic engineering system?  Prove/disprove underlying hypothesis of design through ESnet NetFlow data analysis 20

Hypothesis Key assumption in offline solution: –Computing systems that run the high-speed file transfer applications will likely have static public IP addresses, which means that prefix flow identifier based offline mechanisms will be effective in redirecting alpha flows. –Flows with previously unseen prefix flow identifiers will appear but such occurrences will be relatively rare 21

NetFlow data analysis NetFlow data over 7 months (May-Nov 2011) collected at ESnet site PE router Three steps –UVA wrote R analysis and anonymization programs –ESnet executed on NetFlow data –Joint analysis of results 22

alpha flow identification algorithm alpha flows: high rate flows –NetFlow reports: subset where bytes sent in 1 minute > H bytes (1 GB) –Raw IP flows: 5 tuple based aggregation of NetFlow reports on a daily basis –Prefix flows: /32 and /24 src/dst IP aggregation on a daily basis Age out PBR entries –if for “A” aggregation intervals, no raw IP flows corresponding to a prefix flow appear 23

Analyses Analyses: –Characterize alpha flows raw IP flows 125 (/24) prefix flows 1548 (/32) prefix flows –Study effectiveness of offline solution 24

Characteristics of alpha flows 25 Both alpha-bytes and alpha-time peaked on day 89 –2.65 TB –9.3 hours Number of raw IP flows in a day: –One prefix flow had 1240 constituent alpha raw IP flows

Number of new prefix flows daily 26 For most days only 0 or 1 new prefix flow. When new collaborations start or new data transfer nodes are brought online, new prefix flows will occur

Percent of alpha bytes that would have been redirected All 7 months: 27 Aging parameter /24/32 782%67% 1487%73% 3091%82% never92%86% /24 Aging parameter /32 When new collaborations start or new data transfer nodes are brought online, new prefix flows will occur, and so matched rates will drop

Effect of aging parameter on PBR table size For operational reasons, and forwarding latency, this table should be kept small With aging parameter =30, curve is almost flat 28 Aging parameter

Full mesh of LSPs required or just a few? Number of super-prefix flows (ingress-egress router based aggregation of prefix flows) per month: 29 MonthMayJunJulyAugSepOctNov total repeated new Represents number of LSPs needed from ESnet site PE router to indicated numbers of egress routers

Conclusions From current analysis: –Hypothesis is true –Offline design appears feasible IP addresses of sources that generate alpha flows relatively stable Most alpha bytes would have been redirected in the analyzed data set –/24 seems better option than /32 –30 days aging parameter seems best: tradeoff of PBR size and effectiveness 30

Ongoing work NetFlow analyses –other routers’ NetFlow data –quantify redirected beta flow bytes which will experience competition with alpha flows –utilization of MPLS LSPs –multiple simultaneous alpha flows on same LSPs –match with known data doors ANI testbed experiments –Out of order packets when PBR added –OpenFlow –Rate-unlimited LSPs Other HNTES designs –Hybrid design –End-application assisted design (Lambdastation, Terapaths) 31