“OpenCALEA” Pragmatic Cost Effective CALEA Compliance Manish Karir, Merit - Research and Development.

Slides:

Advertisements

Similar presentations

Ethernet Switch Features Important to EtherNet/IP

Advertisements

TCP/IP MODEL Maninder Kaur

Pathload A measurement tool for end-to-end available bandwidth Manish Jain, Univ-Delaware Constantinos Dovrolis, Univ-Delaware Sigcomm 02.

Switching Topic 4 Inter-VLAN routing. Agenda Routing process Routing VLANs – Traditional model – Router-on-a-stick – Multilayer switches EtherChannel.

Merit’s CALEA Compliance Architecture and Platform, “OpenCALEA” Mary Eileen McLaughlin, Merit - Director Technical Operations Manish Karir, Merit - Research.

Merit Network: Connecting People and Organizations Since 1966 CALEA Compliance – A Feasibility Study October 25, 2006 Mary Eileen McLaughlin Director –

1 Version 3 Module 8 Ethernet Switching. 2 Version 3 Ethernet Switching Ethernet is a shared media –One node can transmit data at a time More nodes increases.

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )

Performance Analysis of Orb Rabin Karki and Thangam V. Seenivasan 1.

Internet Traffic Patterns Learning outcomes –Be aware of how information is transmitted on the Internet –Understand the concept of Internet traffic –Identify.

1 Version 3 Module 8 Ethernet Switching. 2 Version 3 Ethernet Switching Ethernet is a shared media –One node can transmit data at a time More nodes increases.

Modifying the SCSI / Fibre Channel Block Size Presented by Keith Bonneau, John Chrzanowski and Craig O’Brien Advised by Robert Kinicki and Mark Claypool.

Internetworking School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 4, Tuesday 1/30/2007)

Copyright © 2005 Department of Computer Science CPSC 641 Winter LAN Traffic Measurements Some of the first network traffic measurement papers were.

Service Providers & Data Link & Physical layers Week 4 Lecture 1.

1 TCP Traffic Analysis in cooperation with Motorola Todd DeSantis and David Loose Advisor: Professor Mark Claypool Co-Advisor: Professor Robert Kinicki.

Local Area Networks Part II. 2 Introduction Many times it is necessary to connect a local area network to another local area network or to a wide area.

Networking Components

GigE Knowledge. BODE, Company Profile Page: 2 Table of contents  GigE Benefits  Network Card and Jumbo Frames  Camera - IP address obtainment  Multi.

FSM7328S / FSM7352S Product Training Managed Layer 3 Stackable Switching at Layer 2 Pricing Demetrios Coulis March, 2005.

Practical TDMA for Datacenter Ethernet

Building a massively scalable serverless VPN using Any Source Multicast Athanasios Douitsis Dimitrios Kalogeras National Technical University of Athens.

1 MODEM LINK PROPERTY ADVERTISEMENT. 2 Smart Modems Modem's transmitting and receiving link rates can be varied over time due to the following: –Adaptive.

Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.

CECS 5460 – Assignment 3 Stacey VanderHeiden Güney.

Network Architecture and Protocol Concepts. Network Architectures (1) The network provides one or more communication services to applications –A service.

Document Number ETH West Diamond Avenue - Third Floor, Gaithersburg, MD Phone: (301) Fax: (301)

Chapter 4: Managing LAN Traffic

COEN 252 Computer Forensics

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.

Lecture 2 TCP/IP Protocol Suite Reference: TCP/IP Protocol Suite, 4 th Edition (chapter 2) 1.

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

1 GAIA VoIP traffic generator and analyzer Presentation by Amrut Bang Ashish Deshpande Vijay Gabale Santosh Patil Sponsored by GS Lab Pvt. Ltd Pune Institute.

ACM 511 Chapter 2. Communication Communicating the Messages The best approach is to divide the data into smaller, more manageable pieces to send over.

Overview of the ORBIT Radio Grid Testbed for Evaluation of Next-Generation Wireless Network Protocols D.Raychaudhuri, M.ott, S.Ganu, K.ramachandran, H.Kremo,

COEN 252 Computer Forensics Collecting Network-based Evidence.

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

Local Area Networks: Internetworking

© 2010 IBM Corporation Plugging the Hypervisor Abstraction Leaks Caused by Virtual Networking Alex Landau, David Hadas, Muli Ben-Yehuda IBM Research –

TCP/IP TCP/IP LAYERED PROTOCOL TCP/IP'S APPLICATION LAYER TRANSPORT LAYER NETWORK LAYER NETWORK ACCESS LAYER (DATA LINK LAYER)

Module 8: Ethernet Switching

Computer Emergency Notification System (CENS)

1 Measuring Congestion Responsiveness of Windows Streaming Media James Nichols Advisors: Prof. Mark Claypool Prof. Bob Kinicki Reader: Prof. David Finkel.

Transport Layer COM211 Communications and Networks CDA College Theodoros Christophides

Cisco 3 - Switching Perrine. J Page 16/4/2016 Chapter 4 Switches The performance of shared-medium Ethernet is affected by several factors: data frame broadcast.

802.11n Sniffer Design Overview Vladislav Mordohovich Igor Shtarev Luba Brouk.

Packet Capture and Analysis: An Introduction to Wireshark 1.

NETWORK HARDWARE CABLES NETWORK INTERFACE CARD (NIC)

An Introduction to Networking

STORE AND FORWARD & CUT THROUGH FORWARD Switches can use different forwarding techniques— two of these are store-and-forward switching and cut-through.

Network Sniffer Anuj Shah Advisor: Dr. Chung-E Wang Department of Computer Science.

BNL PDN Enhancements. Perimeter Load Balancers Scaleable Performance Fault Tolerance Server Maintainability User Convenience Perimeter Security.

Protocol Layering Chapter 11.

Department of Computer Science & Engineering 5. Acknowledgments 4. Conclusions 3. Evaluation2. Contribution 1. Introduction REU 2008-Packet Sniffer Jose.

Internetworking School of Business Eastern Illinois University © Abdou Illia, Spring 2016 (February 3, 2016)

Computer Network Architecture Lecture 3: Network Connectivity Devices.

POSTECH DP&NM Lab Detailed Design Document NetFlow Generator 정승화 DPNM Lab. in Postech.

1 Apricot2001 Effectiveness of VLAN Chan Wai Kok Faculty of Information Technology Salim Beg Faculty of Engineering.

Connect communicate collaborate Performance Metrics & Basic Tools Robert Stoy, DFN EGI TF, Madrid September 2013.

What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.

High Speed Optical Interconnect Project May08-06

Solving Real-World Problems with Wireshark

“OpenCALEA” Pragmatic Cost Effective CALEA Compliance

100% Exam Passing Guarantee & Money Back Assurance

Introduction to Packet Sniffing using Ethereal

Data Link Issues Relates to Lab 2.

Dynamic Packet-filtering in High-speed Networks Using NetFPGAs

Networking Theory (part 2)

Carey Williamson Department of Computer Science University of Calgary

Networking Theory (part 2)

Presentation transcript:

“OpenCALEA” Pragmatic Cost Effective CALEA Compliance Manish Karir, Merit - Research and Development

Experimentation Goals 1.Develop an experimental reference architecture as a model for CALEA compliance 2.Determine what level of compliance is possible at a reasonable price point 3.Experiment with simple hardware/software in order to determine suitability for compliance 4.How well will this solution scale (10G cards, multiple sites) compared to price/performance of commercial solutions 5.Gain a technical understanding of what is required to be CALEA compliant 6.Build open source tools that others can use/contribute towards

Approach 1.Build and deploy a packet capture platform –Experimental Architecture 1 -- Dell Precision GX260 Workstation, 2 GIGE interfaces for management and sampling, Pentium 4 3GHz, 1GB RAM, Linux –Experimental Architecture 2 -- Dell PowerEdge860 1U server, Dual Pentium 2.8GHz, 1 GIGE interface(mgmt), 1myricom 10GIGE adapter, 1GB RAM, Linux –Tcpdump/tethereal for packet capture -- both depend on pcap library, custom utilities to format packets appropriately for LEA –Iperf as the traffic generator 2.Test ability to capture a single data stream in the presence of varying amounts of live background network traffic 3.Metrics: packet loss, cost

Experiment 1 Architecture

Experiment 1 Methodology 1.Background traffic for the duration of the test: ~ Mbps (Sunday evening load) 2.Repeat for higher traffic load ~400Mbps (Monday afternoon) 3.Test –Send data from source to sink using iperf –Attempt to capture traffic stream at capture device (full packet captures not just headers) –Measure actual number of packets transmitted at the source and compare with number of full packets captured –Measure for Small/Medium/Large UDP flow

Experiment 1 Results ExperimentNetwork Load Avg Packet Loss % 10 sec UDP- 390kbps 200Mbps< min UDP - 390kbps 200Mbps< min UDP - 390kbps 200Mbps< min UDP - 390kbps 400Mbps< 1.0

Experiment 2 Architecture

Experiment 2 Methodology 1.Scale up experiment 1 architecture to links that carry over 2Gbps of traffic – Use of better hardware platform: Dell 1U server – 10GiGE Myricom Ethernet Adapter 2.Test ability to deliver the captured packets to LEA – Simple custom software which operates similar to tcpdump but additionally can transmit packets to LEA 3.Test ability to operate in the presence of complications. (Such as VLANS ~40vlans mirrored on single interface) 4.Measure ability to capture higher bitrate streams in presence of higher background traffic

Experiment 2 Results UDP stream with average background network load of Gbps ExperimentStream Bitrate Avg Packet Loss % 5min UDP - 25K packets 1Mbps~0.0 5 min UDP - 127K packets 5 Mbps~0.0 5 min UDP - 255K packets 10Mbps< min UDP - 636K packets 25 Mbps< 1.0

Experiment 2 Results UDP stream with average background network load of > 2.5Gbps ExperimentPacket Loss at Tap Packet Loss at LEA 5min UDP - 100kbps < 1% 5min UDP - 200kbps < 1% 5min UDP - 400kbps < 1% 5 min UDP - 1Mbps < 1%

Experiment Conclusions 1.Return Path Characteristics are Important - otherwise there can be packet loss on path to LEA. 2.Check for MTU -- Encapsulation can lead to packet size > 1,500Bytes. (MTU should be able to support jumbo frames on the path to LEA). 3.Packet capture at > 2Gbps network load appears to be feasible. 4.Hardware/software cost: ~ $2,500 (server $ Gige I/F card, $1200) 5.Need to Verify: Is there any data impairment during the capture/transfer/writing process?

OpenCALEA Software Toolset Tap Tool: 1.Tap: Perform packet capture –Receive packets via libpcap interface –Create new UDP packet in appropriate format –Encapsulate captured packet into new packet –Timestamp information to UDP packet –Send to LEA collection IP address –Send the packet header information on separate UDP port 2.Example Usage:./tap -d i any -c -f "host and port 5001"

OpenCALEA Software Toolset LEA Receiver Tool (Consistent with standard): 3.Example of LEA collection function implementation: lea_collect –Receive UDP packets sent by tap –Remove encapsulation –Create standard libpcap packet based on timestamps and encapsulated packet –Write packet to file –Write packet header information sent by tap 4.Example Usage:./lea_collect -f capture-file.pcap

OpenCALEA Software Toolset User Front End (in development): 5.calea_controller: Responsible for initiating a tap on remote tap devices but issuing the appropriate command 6.calea_collector: Responsible for listening for commands from calea_controller and initiating the tap with the appropriate filters

Conclusions 1.A cost-effective CALEA solution was developed and tested 2.The solution has performed well in initial testing 3.The solution appears to be -Consistent with technical requirements -Cost effective -Practical 4.Soon!