Presentation is loading. Please wait.

Presentation is loading. Please wait.

Merit Network: Connecting People and Organizations Since 1966 CALEA Compliance – A Feasibility Study October 25, 2006 Mary Eileen McLaughlin Director –

Published byBlanche Burke Modified over 9 years ago

Similar presentations

Presentation on theme: "Merit Network: Connecting People and Organizations Since 1966 CALEA Compliance – A Feasibility Study October 25, 2006 Mary Eileen McLaughlin Director –"— Presentation transcript:

1 Merit Network: Connecting People and Organizations Since 1966 CALEA Compliance – A Feasibility Study October 25, 2006 Mary Eileen McLaughlin Director – Networking Merit Network, Inc.

2 Merit Network: Connecting People and Organizations Since 1966 Overview Merit believes it will need to be “Gateway compliant” for CALEA –Will need to have a device at the ingress/egress points of our network –In other words, where traffic enters or leaves AS- 237 –About 9 sites including private peering points We wanted to see if we could develop an architecture that –Met what we see today as the law’s requirements –Was cost effective and practical We’re not talking the legal pros/cons, or the expectations of law, or challenges

3 Merit Network: Connecting People and Organizations Since 1966 Goals of Experimental Framework Build a modest packet capture platform –Based on simple hardware and open-source software Test ability to capture a single data stream – In the presence of a moderate amount of background traffic Measure performance –Packet loss –Make decision on just how good performance has to be for Merit to say it is in conformance with the law cont.

4 Merit Network: Connecting People and Organizations Since 1966 Goals of Experimental Framework cont. Where will this solution ‘break’ –Or, until what level of aggregate bandwidth usage is this solution functional How well might this solution work with 10G cards compared to price/performance of commercial solutions Testing only traffic capture functionality, not –Transfer to law enforcement device –Re-aggregation of traffic –Other

5 Merit Network: Connecting People and Organizations Since 1966

6 Hardware/Software Dell Precision GX260 Workstation, 2 GIGE interfaces for management and sampling Pentium 4 3GHz 1GB RAM 7200 RPM disk Gentoo Linux OS Tcpdump/tethereal for packet capture -- both depend on pcap library –Testing whether tcpdump can handle the data rates Iperf as the traffic generator Some custom wrapper software to make it easier to manage the data collection activity

7 Merit Network: Connecting People and Organizations Since 1966 Experiment Architecture Merit Building Switch Traffic Capture Device Merit LAN IPERF Sink IPERF Source Ameritech SBC Cogent Merit DSL Mirror Port Fiber Out to net

8 Merit Network: Connecting People and Organizations Since 1966 Experiment Methodology Background traffic for the duration of the test: ~ 190-225Mbps (Sunday evening load), repeat for higher traffic load ~400Mbps (Monday afternoon) Phase 1 test: –Send data from source to sink using iperf –Attempt to capture traffic stream at capture device at Merit building –Measure actual number of packets transmitted at the source and compare with number of full packets captured –Measure for Short / medium / large TCP flow

9 Merit Network: Connecting People and Organizations Since 1966 10 sec Expt (~ 200Mbps Load) Pkts Sent Pkts Captured % Pkt Loss 15465420.007 26626590.004 36496450.006 46556490.009 56376340.004 Avg Test Traffic Data Rate: ~380Kbps Avg Transfer: ~ 500KB

10 Merit Network: Connecting People and Organizations Since 1966 5 min Expt (~200Mbps Load) Pkts SentPkts Captured % Pkt Loss 116425163260.006 216551164610.005 316622165330.005 416453163600.006 516515164340.005 Avg Test Traffic Data Rate: ~390Kbps Avg Transfer: ~ 14.1MB

11 Merit Network: Connecting People and Organizations Since 1966 30 min Expt (~200Mbps Load) Pkts SentPkts Captured % Pkt Loss 198893983150.006 298901982970.006 398961984040.006 499259985780.007 598488977120.008 Avg Test Traffic Data Rate: ~390Kbps Avg Transfer: ~ 83MB

12 Merit Network: Connecting People and Organizations Since 1966 5 min Expt (~400Mbps Load) Pkts SentPkts Captured % Pkt Loss 116389162790.007 216379162710.007 316381162580.008 416385162690.007 516336162190.007 Avg Test Traffic Data Rate: ~393Kbps Avg Transfer: ~ 14.1MB

13 Merit Network: Connecting People and Organizations Since 1966 Preliminary Conclusions and Discussion At a load of roughly 200Mbps there are less than 1% (0.006% - 0.007%) of the packets missing at the capture device –This seems to hold at least up to an aggregate load level of 400Mbps (bidirectional traffic mirrored onto a single port) But what about VoIP (UDP)? How does our lost packets compare with what might normally happen to a datastream across the same datapath? –A UDP stream along the same path at 380Kbps experienced roughly 1.5% packet loss –Thus, less than 1% packet loss for our mirrored traffic is well within a “normal” range –Should be sufficient for law enforcement

14 Merit Network: Connecting People and Organizations Since 1966 Discussion and Next Steps Simple hardware/software holds promise for at least the lower rate uplink capacities (definitely for OC3, GIGE type rates) Need to repeat experiments, systematically, and at different (higher) loads Future work includes –Examining 10Gig cards –Multiple sites concurrently; possibly on-campus –Price/performance comparison with commercial offerings, e.g., ENDACE hardware solution Perhaps have a combination of build & buy

Download ppt "Merit Network: Connecting People and Organizations Since 1966 CALEA Compliance – A Feasibility Study October 25, 2006 Mary Eileen McLaughlin Director –"

Similar presentations

How to Set Up, Secure and Manage A Network

How to Set Up, Secure and Manage A Network
Merit’s CALEA Compliance Architecture and Platform, “OpenCALEA” Mary Eileen McLaughlin, Merit - Director Technical Operations Manish Karir, Merit - Research.

Merit’s CALEA Compliance Architecture and Platform, “OpenCALEA” Mary Eileen McLaughlin, Merit - Director Technical Operations Manish Karir, Merit - Research.
ARP Traffic Study Jim Rees, Manish Karir Research and Development Merit Network Inc.

ARP Traffic Study Jim Rees, Manish Karir Research and Development Merit Network Inc.
Measurements of Congestion Responsiveness of Windows Streaming Media (WSM) Presented By:- Ashish Gupta.

Measurements of Congestion Responsiveness of Windows Streaming Media (WSM) Presented By:- Ashish Gupta.
1 Version 3 Module 8 Ethernet Switching. 2 Version 3 Ethernet Switching Ethernet is a shared media –One node can transmit data at a time More nodes increases.

1 Version 3 Module 8 Ethernet Switching. 2 Version 3 Ethernet Switching Ethernet is a shared media –One node can transmit data at a time More nodes increases.
CStream: Neighborhood Bandwidth Aggregation For Better Video Streaming Thangam Vedagiri Seenivasan Advisor: Mark Claypool Reader: Robert Kinicki 1 M.S.

CStream: Neighborhood Bandwidth Aggregation For Better Video Streaming Thangam Vedagiri Seenivasan Advisor: Mark Claypool Reader: Robert Kinicki 1 M.S.
Performance Analysis of Orb Rabin Karki and Thangam V. Seenivasan 1.

Performance Analysis of Orb Rabin Karki and Thangam V. Seenivasan 1.
Copyright © 2005 Department of Computer Science CPSC 641 Winter 20111 WAN Traffic Measurements There have been several studies of wide area network traffic.

Copyright © 2005 Department of Computer Science CPSC 641 Winter WAN Traffic Measurements There have been several studies of wide area network traffic.
Wide Area Networks School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 11, Thursday 3/22/2007)

Wide Area Networks School of Business Eastern Illinois University © Abdou Illia, Spring 2007 (Week 11, Thursday 3/22/2007)
Multiple constraints QoS Routing Given: - a (real time) connection request with specified QoS requirements (e.g., Bdw, Delay, Jitter, packet loss, path.

Multiple constraints QoS Routing Given: - a (real time) connection request with specified QoS requirements (e.g., Bdw, Delay, Jitter, packet loss, path.
Network Traffic Measurement and Modeling CSCI 780, Fall 2005.

Network Traffic Measurement and Modeling CSCI 780, Fall 2005.
1 Chapter 8 Local Area Networks - Internetworking.

1 Chapter 8 Local Area Networks - Internetworking.
04/26/2004CSCI 315 Operating Systems Design1 Computer Networks.

04/26/2004CSCI 315 Operating Systems Design1 Computer Networks.
Reduced TCP Window Size for VoIP in Legacy LAN Environments Nikolaus Färber, Bernd Girod, Balaji Prabhakar.

Reduced TCP Window Size for VoIP in Legacy LAN Environments Nikolaus Färber, Bernd Girod, Balaji Prabhakar.
Stanford University August 22, 2001 TCP Switching: Exposing Circuits to IP Pablo Molinero-Fernández Nick McKeown Stanford University.

Stanford University August 22, 2001 TCP Switching: Exposing Circuits to IP Pablo Molinero-Fernández Nick McKeown Stanford University.
Reduced TCP Window Size for Legacy LAN QoS Niko Färber July 26, 2000.

Reduced TCP Window Size for Legacy LAN QoS Niko Färber July 26, 2000.
Hardware & Software Needed For LAN and WAN

Hardware & Software Needed For LAN and WAN
TCP/IP Reference Model Host To Network Layer Transport Layer Application Layer Internet Layer.

TCP/IP Reference Model Host To Network Layer Transport Layer Application Layer Internet Layer.
Low Latency Wireless Video Over 802.11 Networks Using Path Diversity John Apostolopolous Wai-tian Tan Mitchell Trott Hewlett-Packard Laboratories Allen.

Low Latency Wireless Video Over Networks Using Path Diversity John Apostolopolous Wai-tian Tan Mitchell Trott Hewlett-Packard Laboratories Allen.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

Similar presentations

Ads by Google