Chelebi: Subnet-level Internet Mapper Mehmet H. Gunes University of Nevada, Reno.

Slides:



Advertisements
Similar presentations
University of Nevada, Reno Router-level Internet Topology Mapping CS790 Presentation Modified from Dr. Gunes slides by Talha OZ.
Advertisements

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Computer Networks21-1 Chapter 21. Network Layer: Address Mapping, Error Reporting, and Multicasting 21.1 Address Mapping 21.2 ICMP 21.3 IGMP 21.4 ICMPv6.
By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.
Internet Topology Mapping
Router-level Internet Topology Mapping By Talha OZ.
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
Internet Control Message Protocol (ICMP)
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
King : Estimating latency between arbitrary Internet end hosts Krishna Gummadi, Stefan Saroiu Steven D. Gribble University of Washington Presented by:
An Effective Placement of Detection Systems for Distributed Attack Detection in Large Scale Networks Telecommunication and Security LAB. Dept. of Industrial.
Measurement in the Internet. Outline Internet topology Bandwidth estimation Tomography Workload characterization Routing dynamics.
Subnetting.
User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.
Heuristics for Internet Map Discovery R. Govindan, H. Tangmunarunkit Presented by Zach Schneirov.
Practical Network Support for IP Traceback Internet Systems and Technologies - Monitoring.
Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.
Measuring ISP topologies with Rocketfuel Ratul Mahajan Neil Spring David Wetherall University of Washington ACM SIGCOMM 2002.
1 Network Topology Measurement Yang Chen CS 8803.
PALMTREE M. Engin TozalKamil Sarac The University of Texas at Dallas.
INTERNET TOPOLOGY MAPPING INTERNET MAPPING PROBING OVERHEAD MINIMIZATION  Intra- and inter-monitor redundancy reduction IBRAHIM ETHEM COSKUN University.
Support Protocols and Technologies. Topics Filling in the gaps we need to make for IP forwarding work in practice – Getting IP addresses (DHCP) – Mapping.
Presentation Title Subtitle Author Copyright © 2002 OPNET Technologies, Inc. TM Introduction to IP and Routing.
S305 – Network Infrastructure Chapter 5 Network and Transport Layers.
INTERNET MEASUREMENT INTERNET MAPPING OVERHEAD MINIMIZATION  Intra- and inter-monitor redundancy reduction IBRAHIM ETHEM COSKUN University of Nevada,
The Network Layer. Network Projects Must utilize sockets programming –Client and Server –Any platform Please submit one page proposal Can work individually.
S305 – Network Infrastructure Chapter 5 Network and Transport Layers.
TRACENET M.Engin TozalKamil Sarac The University of Texas at Dallas.
Measuring ISP Toplogies with Rocketfuel Neil Spring, Ratul Mahajan, and David Wetherall Presented By: David Deschenes March 25, 2003.
Computer Networks. IP Addresses Before we communicate with a computer on the network we have to be able to identify it. Every computer on a network must.
Quantifying the Causes of Path Inflation Neil Spring, Ratul Mahajan, and Thomas Anderson Presented by Luv Kohli COMP November 24, 2003.
Cisco – Chapter 11 Routers All You Ever Wanted To Know But Were Afraid to Ask.
Objectives: Chapter 5: Network/Internet Layer  How Networks are connected Network/Internet Layer Routed Protocols Routing Protocols Autonomous Systems.
Advanced Networking Lab. Given two IP addresses, the estimation algorithm for the path and latency between them is as follows: Step 1: Map IP addresses.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Chapter 5 Network Layer.
S305 – Network Infrastructure Chapter 5 Network and Transport Layers.
1 IP : Internet Protocol Computer Network System Sirak Kaewjamnong.
Infrastructure adapted from Mark Crovella and Balachander Krishnamurthy.
1 Countering DoS Through Filtering Omar Bashir Communications Enabling Technologies
Internet Protocols. Address Resolution IP Addresses are not recognized by hardware. If we know the IP address of a host, how do we find out the hardware.
Lecture 14 Internet Measurements. 2 Web of interconnected networks Grows with no central authority Autonomous Systems optimize local communication efficiency.
Internet Measurements. 2 Web of interconnected networks Grows with no central authority Autonomous Systems optimize local communication efficiency The.
Routing protocols. Static Routing Routes to destinations are set up manually Route may be up or down but static routes will remain in the routing tables.
Lecture 14: Internet Measurement CS 765: Complex Networks.
Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)
KAIS T On the problem of placing Mobility Anchor Points in Wireless Mesh Networks Lei Wu & Bjorn Lanfeldt, Wireless Mesh Community Networks Workshop, 2006.
Internet Protocols. ICMP ICMP – Internet Control Message Protocol Each ICMP message is encapsulated in an IP packet – Treated like any other datagram,
Lecture 17 Internet Measurements. 2 Web of interconnected networks Grows with no central authority Autonomous Systems optimize local communication efficiency.
1 An Arc-Path Model for OSPF Weight Setting Problem Dr.Jeffery Kennington Anusha Madhavan.
Routing Algorithms and IP Addressing Routing Algorithms must be ▪ Correctness ▪ Simplicity ▪ Robustness ▪ Stability ▪ Fairness ▪ Optimality.
Location Privacy Protection for Location-based Services CS587x Lecture Department of Computer Science Iowa State University.
INTERNET MEASUREMENT INTERNET MAPPING OVERHEAD MINIMIZATION  Intra- and inter-monitor redundancy reduction IBRAHIM ETHEM COSKUN University of Nevada,
University of Nevada, Reno Resolving Anonymous Routers Hakan KARDES CS 790g Complex Networks.
Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 1 Cisco Networking Training (CCENT/CCT/CCNA R&S) Rick Rowe Ron Giannetti.
PeerNet: Pushing Peer-to-Peer Down the Stack Jakob Eriksson, Michalis Faloutsos, Srikanth Krishnamurthy University of California, Riverside.
Spring 2000CS 4611 Routing Outline Algorithms Scalability.
Internet Measurements. 2 Web of interconnected networks Grows with no central authority Autonomous Systems optimize local communication efficiency The.
S305 – Network Infrastructure Chapter 5 Network and Transport Layers.
Communication Networks Recitation 11. Multicast & QoS Routing.
Router-level Internet Topology Discovery Mehmet H. Gunes.
Lecture 2: Internet Measurement CS 790g: Complex Networks.
Lecture 13 – Network Mapping
Network Tools and Utilities
Routing Information Protocol (RIP)
What Are Routers? Routers are an intermediate system at the network layer that is used to connect networks together based on a common network layer protocol.
RESOLVING IP ALIASES USING DISTRIBUTED SYSTEMS
Intra-Domain Routing Jacob Strauss September 14, 2006.
ECE 544 Protocol Design Project 2016
Measured Impact of Crooked Traceroute
Lecture 26: Internet Topology CS 765: Complex Networks.
Presentation transcript:

Chelebi: Subnet-level Internet Mapper Mehmet H. Gunes University of Nevada, Reno

Goal Build an efficient system that produces a map of the Internet such that – Alias IP addresses that belong to the same router, – Star (*) occurrences that stand for the same router, – IPs that belong to the same subnet are identified. Subnet-level Internet mapping 2

Outline Goal – Subnet-level Internet Mapping Issues – Anonymous Routers Resolution Structural Graph Indexing – Subnet Inference Distance Preservation – Alias IP Addresses Resolution Ally, Analytical & Probe based (APAR) Chelebi – Mapping System – Outer Space 3D Visualization Subnet-level Internet mapping 3

Anonymous Routers Anonymous routers do not respond to traceroute probes and appear as  in traceroute output – Same router may appear as  in multiple traces. Subnet-level Internet mapping : Anonymous Routers 4 y: S – L – H – x x: H – L – S – y y: S –  – H – x x: H –  – S – y S L H y x S L H y x y S 11 22 H x Current daily raw topology data sets include ~ 20 million path traces with ~ 20 million occurrences of  s along with ~ 500K public IP addresses The raw topology data is far from representing the underlying sampled network topology

Anonymous Router Resolution Subnet-level Internet mapping : Anonymous Routers 5 UKCN LHAW S d e f Sampled network d e f S U L C A W Resulting network Traces d -  - L - S - e d -  - A - W -  - f e - S - L -  - d e - S - U -  - C -  - f f -  - C -  -  - d f -  - C -  - U - S - e

Previous Approaches Basic heuristics – IP: Combine anonymous nodes between same known nodes [Bilir 05] Limited resolution – NM: Combine all anonymous neighbors of a known node [Jin 06] High false positives Subnet-level Internet mapping : Anonymous Routers 6 UK C N L HA W S x y z Sampled network x y z S U L C A W After resolution x y z S U L C A W H x y z S U L C A W Resulting network

Previous Approaches More theoretic approaches – Graph minimization [Yao 03] Combine  s as long as they do not violate two accuracy conditions: (1) Trace preservation condition and (2) distance preservation condition High complexity O(n 5 ) – n is number of  s – ISOMAP based dimensionality reduction [Jin 06] Build an nxn distance matrix then use ISOMAP to reduce it to a nx5 matrix Distance: (1) hop count or (2) link delay High complexity O(n3) – n is number of nodes – Semisupervised Spectral Clustering [Shavitt 08] A node will not be chosen to be an unknown root if it shares two or more neighbors with an unknown root. Nodes that share two or more neighbors are usually very close to each other, and it is difficult to distinguish between them even manually. After splitting them into unknowns, these nodes will have at least one common unknown node. – This makes the task of cleanly separating the unknowns impossible Subnet-level Internet mapping : Anonymous Routers 7

Structural Graph Indexing (SGI) Structural Graph Indexing – A graph data mining technique Index all pre-defined substructures in a graph data Use of SGI for anonymous router resolution – Apply SGI to collected path traces – Merge anonymous routers using identified structures Trace Preservation Condition – Don’t merge anonymous routers within the same trace Subnet distance as tie-breaker Subnet-level Internet mapping : Anonymous Routers 8

Common Structures due to ARs 9 A x C y2 A x C Parallel  -substring y1 y3 y1 y3     DA wx C y E z DA wx C y E z Star     A C x y D w F v E z A C x y D w F v E z Complete Bipartite        A C x y D w E z A C x y D w E z Clique        Subnet-level Internet mapping : Anonymous Routers

Graph Indexing based Resolution Indexing Phase parallel star bipartite clique Subnet-level Internet mapping : Anonymous Routers 10 Resolution Phase parallel clique bipartite star

Outline Goal – Subnet-level Internet Mapping Issues – Anonymous Routers Resolution Structural Graph Indexing – Subnet Inference Distance Preservation – Alias IP Addresses Resolution Ally, Analytical & Probe based (APAR) Chelebi – Mapping System – Outer Space 3D Visualization Subnet-level Internet mapping 11

Subnet Inference Subnet-level Internet mapping : Subnet Inference 12 IP2 IP3 IP1 IP2IP3 IP1 (observed topology)(inferred topology)(underlying topology) CD AB CD AB Subnet resolution Identify IP addresses that are connected over the same medium Improve the quality of resulting topology map CD AB CD AB

Subnet Inference Approach Subnet-level Internet mapping : Subnet Inference V.P. /30 /31 /24 /28 / / / / / / / / / / / / / /31

Subnet Inference Approach Inferring Subnets Cluster IP addresses into maximal subnets up to a given size (e.g. /22) Distance analysis on candidate subnets to break them down as necessary IP1 IP2 IP3 IP4 IP5 IP6 IP7 IP8 IP9 Completeness: Ignore candidate subnets that have less than one quarter of their IP addresses present after additional probing /25 /29 /26 /30 /31 /27 A /27 subnet can have up to 2 5 IP addresses. /22 Subnet-level Internet mapping : Subnet Inference 14

Inference with Distance Matrix Obtain distance of each IP from 8 vantage points (VP) Only one IP at a subnet might be at a distance ‘hop-1’ per VP IPs after per-destination and per-packet load-balancers – Get minimum hop (seen at any ICMP Paris Traceroute) of an IP per VP – IP hops after a LB has lower trust Two rounds of computations Compensate for diamond asymmetry if per-destination LB Subnet-level Internet mapping : Subnet Inference 15 VP:12345…672 IP105400…7 IP200350…7 IP325040…6 …

Outline Goal – Subnet-level Internet Mapping Issues – Anonymous Routers Resolution Structural Graph Indexing – Subnet Inference Distance Preservation – Alias IP Addresses Resolution Ally, Analytical & Probe based (APAR) Chelebi – Mapping System – Outer Space 3D Visualization Subnet-level Internet mapping 16

IP Alias Resolution 17 S L U C N W A s.2 l.1 s.3 u.1 l.3 u.3 h.1 k.3 h.2 a.3 u.2 k.1 c.4 a.1 a.2 w.3 c.3 w.1 c.2 n.1 n.3 w.2 l.2 K c.1 k.2 h.3 d h.4 s.1 e f n.2 H Traces d - h.4 - l.3 - s.2 - e d - h.4 - a.3 - w.3 - n.3 - f e - s.1 - l.1 - h.1 - d e - s.1 - u.1 - k.1 - c.1 - n.1 - f f - n.2 - c.2 - k.2 - h.2 - d f - n.2 - c.2 - k.2 - u.2 - s.3 - e Subnet-level Internet mapping : IP Aliases

IP Alias Resolution 18 UKCN LHAW S d e f Sampled network Sample map without alias resolution s.3 s.1 s.2 l.3 l.1 u.1 u.2 k.1 c.1n.1 n.2 k.2 c.2 w.3 a.3 h.2 h.4 h.1 e d f n.3 Traces d - h.4 - l.3 - s.2 - e d - h.4 - a.3 - w.3 - n.3 - f e - s.1 - l.1 - h.1 - d e - s.1 - u.1 - k.1 - c.1 - n.1 - f f - n.2 - c.2 - k.2 - h.2 - d f - n.2 - c.2 - k.2 - u.2 - s.3 - e Subnet-level Internet mapping : IP Aliases

19 Previous Approaches Dest = A B Dest = B A, ID=100 Dest = B B, ID=99 B, ID=103 A B A B Source IP Address Based Method [Pansiot 98] – Relies on a particular implementation of ICMP error generation. IP Identification Based Method (ally) [Spring 03] – Relies on a particular implementation of IP identifier field, – Many routers ignore direct probes. DNS Based Method [Spring 04] – Relies on similarities in the host name structures sl-bb21-lon-14-0.sprintlink.net sl-bb21-lon-8-0.sprintlink.net – Works when a systematic naming is used. Record Route Based Method [Sherwood 06] – Depends on router support to IP route record processing Subnet-level Internet mapping : IP Aliases

Analytical Alias Resolution 20 MIT UTD no response no response Aliases … Subnet-level Internet mapping : IP Aliases

Analytical & Probe-based Alias Resolution There is possibility of – incorrect subnet assumption, Two /30 subnets assumed as a /29, – incorrect alignment of path traces. IP 4 and IP 8 are thought of as aliases. To prevent false positives, some conditions are defined – Trace preservation, – Distance preservation (probing component of APAR), – Completeness, – Common neighbor. 21 a sample network a cd b ef IP 1 IP 2 IP 9 IP 3 IP 4 IP 8 IP 7 Subnet-level Internet mapping : IP Aliases

Outline Goal – Subnet-level Internet Mapping Issues – Anonymous Routers Resolution Structural Graph Indexing – Subnet Inference Distance Preservation – Alias IP Addresses Resolution Ally, Analytical & Probe based (APAR) Chelebi – Mapping System – Outer Space 3D Visualization Subnet-level Internet mapping 22

Chelebi Mapping System Subnet-level Internet mapping : Chelebi Mapping System 23 Chelebi Server Route Views AS IP query IP range DNS server DNS query DNS names PlanetLab Node Paris ICMP trace Path Traces Region 1Region 2Region 3Region 8 PlanetLab Node Paris ICMP trace Path Traces … PlanetLab Node

Chelebi Mapping System Request the IP address range from the server – user defined, RouteViews etc. Distributed bulk reverse DNS lookup by VPs, – if a name assigned to an IP it is more likely that it is in use Gather alive IPs data at server and redistribute IPs to be probed – Each destination is traced from each of the 8 regions Partial trace each destination IP by VPs and send data to server – Stack ADT for “to be probed” list new incoming IPs probed first – Stopping condition is if the last two IPs have already been probed by the same VP Subnet-level Internet mapping 24

Outer Space 3D Visualization – Multiple zoom levels Autonomous System-level Router-level Subnet-level Subnet-level Internet mapping : Chelebi Mapping System 25 idea

Questions Subnet-level Internet mapping 26

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.