Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 June 2015 Validating Inter-Domain SLAs with a Programmable Traffic Control System Elisa Boschi

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 June 2015 Validating Inter-Domain SLAs with a Programmable Traffic Control System Elisa Boschi"— Presentation transcript:

1 1 June 2015 Validating Inter-Domain SLAs with a Programmable Traffic Control System Elisa Boschi elisa.boschi@hitachi-eu.comelisa.boschi@hitachi-eu.com Matthias Bossardt bossardt@tik.ee.ethz.chbossardt@tik.ee.ethz.ch Thomas Dübendorfer duebendorfer@tik.ee.ethz.chduebendorfer@tik.ee.ethz.ch IWAN 2005

2 1 June 2015 MOTIVATION Services (VoIP, multimedia streaming…) require a minimum level of performance –Negotiated in Service Level Agreements When Service Level Agreements cross ISP boundaries: –how to validate the compliance of network services to the guarantees in an SLA Problems –ISPs have minimal information about characteristics and performance of other networks –Performance of specific path portions

3 1 June 2015 SCENARIO (jitter measurement)  Requires dynamic configuration of devices located in different domains –Major security concerns

4 1 June 2015 HOW CAN WE ACHIEVE THIS Deploying measurement logic on distributed programmable Traffic Processing Devices (TPDs) –Attached to routers –Located in several Autonomous Systems Almost abitrary service logic (flexibility) Configuration on-demand of TPDs on the end-to- end path Delegation of partial management capabilities to network users –Security against misuse...

5 1 June 2015 „GOLDEN RULES“ TRAFFIC OWNERSHIP: traffic control is restricted to the „owner“ of source IP address or destination IP address Source and destination IP addresses cannot be modified The TTL field of IP packets cannot be modified The packet rate must not increase. The amount of traffic leaving the TPD must be equal or less than the amount of traffic entering it.

6 1 June 2015 TRAFFIC CONTROL SYSTEM (TCS) A user registers with the Traffic Control Service Provider (TCSP) The TCSP manages the Traffic Control services –Checks user‘s identity –Verifies the IP Addresses ownership with Internet Number Authorities –Sets up contracts with ISPs ISPs attach Traffic Processing Devices to (some of) their routers –Enable their network management system to program and configure them

7 1 June 2015 NODE ARCHITECTURE The router is extended with a programmable Traffic Processing Device (TPD)

8 1 June 2015 DEPLOYMENT PROCESS The deployment process is subdivided in layers For each service a layer offers, a service descriptor specifies –The mapping to sub-services –Mandatory and optional parameters –Restrictions Deployment logic on each layer maps the service request to services provided by the layer below –Based on service descriptors

9 1 June 2015 SERVICE REQUEST

10 1 June 2015 DELAY VARIATION DEPLOYMENT (1/2) The service offered by the TCSP and the required parameters are described in a service descriptor The service request contains –User identification –Parameter values: src and dest address Uplink I/F of A to ISP1 Downlink I/F from ISPn to Z Collector address ….

11 1 June 2015 DELAY VARIATION DEPLOYMENT (2/2) The TCSP –selects the ISPs according to the Restrictions BGP path from A to Z –AS numbers are taken from the Context Database –Maps the request to sub-services The ISPs –select the Traffic Processing Devices Only on egress routers from prevAS to next AS and on uplink and downlink I/Fs

12 1 June 2015 SERVICE COMPONENTS deployed on all TPDs Timestamp, packet ID, paket size are exported to the collector

13 1 June 2015 CONCLUSIONS Guarantees given in an inter-domain SLA can be validated Measurement services are executed on a programmable TCS –The TCS safely delegates partial control over TPDs to network user –Measurement logic is deployed to TPDs in different ASs –Highly modular (  reusability of components) –Secure against misuse („golden rules“) Other metrics possible Other services possible (DDoS mitigation)

14 1 June 2015 SCALABILITY CONSIDERATIONS Scaling factors –# service subscribers –# ISPs deploying the service –# service components installed / user –Bandwidth  Service logic and state per TPD –Memory needed is modest  Signalling effort –Small messages to few thousands ISPs not a bottleneck  Traffic processing capacity –HW solutions (FPGA) allow packet filtering at 10Gbps

15 1 June 2015 STATE OF THE ART in inter-domain measurement NIMI: SW system for building measurement infrastructures. Tools can be added (wrapper) IPMP: Active measurement protocol based on packet probes suited to measure delay at router level 6QM: Measurements are configured by sending an XML- based document to controllers on the end-to-end path Generally missing: –Flexible system to automatically deploy the service to the appropriate device –Adequate guarantees for network data privacy and against misuse

16 1 June 2015 INTER-DOMAIN QoS MODELS BILATERAL –2 providers interconnect at one or more points and agree on a set of metrics, methods... –Just 2, no reausability COOPERATIVE –Set of rules a cooperating group of ISPs has to follow –Standards needed THIRD-PARTY –Composes end-to-end results, responsible for site-to-site measurement –More flexible

17 1 June 2015 OUTLINE Motivation Scenario: inter-domain jitter measurement Traffic Control System Node Architecture Deployment process Conclusions

18 1 June 2015 BACK TO THE SCENARIO: JITTER MEASUREMENT

19 1 June 2015 components

20 1 June 2015 SERVICE REQUEST

21 1 June 2015 5 GOLDEN RULES (explaination) –Such rerouting could wreak havoc easily (causing routing loops, interference with other routing mechanisms, transparent source spoofing, or “forwarding” of attack traffic). –as it aims to set an upper bound of network resources a packet is able to use. –we need to prevent that the service can cause amplifying network-like effects. The amount of the network traffic leaving the traffic processing device must be equal or less compared to the amount of traffic entering it. I.e. packet size may only stay the same or become smaller.

Download ppt "1 June 2015 Validating Inter-Domain SLAs with a Programmable Traffic Control System Elisa Boschi"

Similar presentations

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.

Holding the Internet Accountable David Andersen, Hari Balakrishnan, Nick Feamster, Teemu Koponen, Daekyeong Moon, Scott Shenker.
Chapter 1: Introduction to Scaling Networks

Chapter 1: Introduction to Scaling Networks
RIP V1 W.lilakiatsakun.

RIP V1 W.lilakiatsakun.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Jaringan Komputer Dasar Network Layer dan IP (1) Aurelio Rahmadian.

Jaringan Komputer Dasar Network Layer dan IP (1) Aurelio Rahmadian.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
William Stallings Data and Computer Communications 7 th Edition Chapter 13 Congestion in Data Networks.

William Stallings Data and Computer Communications 7 th Edition Chapter 13 Congestion in Data Networks.
Page 1 / 14 The Mesh Comparison PLANET’s Layer 3 MAP products v.s. 3 rd ’s Layer 2 Mesh.

Page 1 / 14 The Mesh Comparison PLANET’s Layer 3 MAP products v.s. 3 rd ’s Layer 2 Mesh.
1 EL736 Communications Networks II: Design and Algorithms Class3: Network Design Modeling Yong Liu 09/19/2007.

1 EL736 Communications Networks II: Design and Algorithms Class3: Network Design Modeling Yong Liu 09/19/2007.
MPLS: The Magic Behind the Myths Grenville Armitage Lucent Technologies.

MPLS: The Magic Behind the Myths Grenville Armitage Lucent Technologies.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.

Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.
CS 414 - Spring 2012 CS 414 – Multimedia Systems Design Lecture 15 –QoS Admission, QoS Negotiation, and Establishment of AV Connections Klara Nahrstedt.

CS Spring 2012 CS 414 – Multimedia Systems Design Lecture 15 –QoS Admission, QoS Negotiation, and Establishment of AV Connections Klara Nahrstedt.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Securing the Border Gateway Protocol (S-BGP) Dr. Stephen Kent Chief Scientist - Information Security.

Securing the Border Gateway Protocol (S-BGP) Dr. Stephen Kent Chief Scientist - Information Security.
CPSC 601.43 Topics in Multimedia Networking A Mechanism for Equitable Bandwidth Allocation under QoS and Budget Constraints D. Sivakumar IBM Almaden Research.

CPSC Topics in Multimedia Networking A Mechanism for Equitable Bandwidth Allocation under QoS and Budget Constraints D. Sivakumar IBM Almaden Research.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 13: Troubleshoot TCP/IP.
Differentiated Services. Service Differentiation in the Internet Different applications have varying bandwidth, delay, and reliability requirements How.

Differentiated Services. Service Differentiation in the Internet Different applications have varying bandwidth, delay, and reliability requirements How.
Resource Management – a Solution for Providing QoS over IP Tudor Dumitraş, Frances Jen-Fung Ning and Humayun Latif.

Resource Management – a Solution for Providing QoS over IP Tudor Dumitraş, Frances Jen-Fung Ning and Humayun Latif.

Similar presentations

Ads by Google