Presentation is loading. Please wait.

Presentation is loading. Please wait.

Measuring Large Traffic Aggregates on Commodity Switches Lavanya Jose, Minlan Yu, Jennifer Rexford Princeton University, NJ 1.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Measuring Large Traffic Aggregates on Commodity Switches Lavanya Jose, Minlan Yu, Jennifer Rexford Princeton University, NJ 1."— Presentation transcript:

1 Measuring Large Traffic Aggregates on Commodity Switches Lavanya Jose, Minlan Yu, Jennifer Rexford Princeton University, NJ 1

2 Motivation Large traffic aggregates?  manage traffic efficiently  understand traffic structure  detect unusual activity 2

3 Aggregate at fixed prefix-length? Top 10 /24 prefixes (by how much traffic they send)  could miss individual heavy users Top 10 IP addresses …  could miss heavy subnets where each individual user is small 3

4 19 12 111 7 52 21 129 9354 00** 000* 0000 0001001000110100010101100111 01**010*011* 01** 40 0*** 0 1*** 40 **** All the IP prefixes >= a fraction T of the link capacity Aggregate at all prefix-lengths? (Heavy Hitters) HH: sends more than T= 10% of link cap. 100 4

5 Hierarchical Heavy Hitters All the IP prefixes >= a fraction T of the link capacity after excluding any HHH descendants. 19 12 111 7 52 21 129 9354 00** 000* 0000 0001001000110100010101100111 01**010*011* 01** 40 0*** 0 1*** 40 **** HH: sends more than T= 10% of link cap. 100 HHH: 5

6 Related Work Offline analysis on raw packet trace [ AutoFocus ]  accurate but slow and expensive Streaming algorithms on Custom Hardware [ Cormode’08, Bandi’07, Zhang’04, Sketch-Based ]  accurate, fast but not commodity Our Work: Commodity, fast and relatively accurate 6

7 Why commodity switches?  cheap, easy to deploy  let “network elements monitor themselves” Commodity OpenFlow switches  available from multiple vendors (HP, NEC, and Quanta)  deployed in campuses, backbone networks  wildcard rules with counters to measure traffic PriorityPrefix RuleCount 1 0010 0***... 15 2 001* ****... 5 HHH on Commodity- Using OpenFlow 7

8 TCAM Controller Software Fetch Counts Install Rules Constraints  <= N Prefix Rules SRC IP SRC IP 0010 0 100 increment count PriorityPrefix RuleCount 1 0010 0*** 15 2 001* **** 5 OpenFlow Measurement Framework 8 Switch  Measuring Interval M  No pkts to Controller

9 Monitoring HHHes 19 12 111 7 52 21 129 9354 00** 000* 0000 0001001000110100010101100111 01**010*011* 01** 40 0*** 0 1*** 40 **** PriorityPrefix RuleCount 1 000011 2 010*12 3 0***17 HHH: after excluding any descendant prefix rules TCAM: priority matching 9

10 Detecting New HHHes Monitor children of HHHes Use at most 2/T rules 19 12 111 7 52 21 129 9354 00** 000* 0000 0001001000110100010101100111 01**010*011* 01** 40 0*** 0 1*** 40 **** 910 3 2 10

11 Iteratively adjust wildcard rules:  Expand If count > T, install rule for child instead.  Collapse If count < T, remove rule. 0*** **** 00** 000*001* 01** 010*011* 1*** 10**11** 100*101*110*111* 75 70 0 5 23 5 50 5000 00** 000* 0000 0001001000110100010101100111 01**10**11** 01** 80 0*** PriorityPrefix RuleCount 1 0***80 2 ****0 PriorityPrefix RuleCount 1 001*72 2 000*5 3 ****3 PriorityPrefix RuleCount 1 00**77 2 01**3 3 ****0 Identifying New HHHes 11

12 Using Leftover Rules Why left over rules?  May not be 1/T HHHes.  May still be discovering new HHHes How to use leftover rules?  To monitor HHHes close to threshold  Data shows 2-3 new HHHes/ interval (a few secs) 19 1 7 52 21 128 9353 00** 000* 0000 0001001000110100010101100111 01**010*011* 01** 40 0*** 0 1*** 40 **** 11 12 11 9 12 10 12

13 Real packet trace (400K pkts/ sec) from CAIDA  Measured HHHes for T=5% and T=10%  Measuring interval M from 1-60s Evaluation - Method 13

14 Evaluation - Results 20 rules to identify 88-94% of the 10%- HHHes Accurate  Gets ~9 out of 10 HHHes  Uses left over TCAM space to quickly find HHHes  Large traffic aggregates usually stable Fast  Takes a few intervals for 1-2 new HHHes  Meanwhile aggregates at coarse levels 12 111 000* 0000 0001 14

15 Stepping back… not just for HHHes Framework  Adjusting <= N wildcard rules  Every measuring interval M  Only match and increment per packet Can solve problems that require  Understanding a baseline of normal traffic  Quickly pinpointing large traffic aggregates 15

16 Conclusion Solving HHH problem with OpenFlow  Relatively accurate, Fast, Low overhead  Algorithm with expanding /collapsing Future work  multidimensional HHH  Generic framework for measurement Explore algorithms for DoS, large traffic changes etc. Understand overhead Combine results from different switches 16

Download ppt "Measuring Large Traffic Aggregates on Commodity Switches Lavanya Jose, Minlan Yu, Jennifer Rexford Princeton University, NJ 1."

Similar presentations

Towards Software Defined Cellular Networks

Towards Software Defined Cellular Networks
SIMPLE-fying Middlebox Policy Enforcement Using SDN

SIMPLE-fying Middlebox Policy Enforcement Using SDN
Programming Protocol-Independent Packet Processors

Programming Protocol-Independent Packet Processors
VCRIB: Virtual Cloud Rule Information Base Masoud Moshref, Minlan Yu, Abhishek Sharma, Ramesh Govindan HotCloud 2012.

VCRIB: Virtual Cloud Rule Information Base Masoud Moshref, Minlan Yu, Abhishek Sharma, Ramesh Govindan HotCloud 2012.
New Directions in Traffic Measurement and Accounting Cristian Estan – UCSD George Varghese - UCSD Reviewed by Michela Becchi Discussion Leaders Andrew.

New Directions in Traffic Measurement and Accounting Cristian Estan – UCSD George Varghese - UCSD Reviewed by Michela Becchi Discussion Leaders Andrew.
Nanxi Kang Princeton University

Nanxi Kang Princeton University
Programmable Measurement Architecture for Data Centers Minlan Yu University of Southern California 1.

Programmable Measurement Architecture for Data Centers Minlan Yu University of Southern California 1.
OpenSketch Slides courtesy of Minlan Yu 1. Management = Measurement + Control Traffic engineering – Identify large traffic aggregates, traffic changes.

OpenSketch Slides courtesy of Minlan Yu 1. Management = Measurement + Control Traffic engineering – Identify large traffic aggregates, traffic changes.
PARIS: ProActive Routing In Scalable Data Centers Dushyant Arora, Theophilus Benson, Jennifer Rexford Princeton University.

PARIS: ProActive Routing In Scalable Data Centers Dushyant Arora, Theophilus Benson, Jennifer Rexford Princeton University.
A Fast and Compact Method for Unveiling Significant Patterns in High-Speed Networks Tian Bu 1, Jin Cao 1, Aiyou Chen 1, Patrick P. C. Lee 2 Bell Labs,

A Fast and Compact Method for Unveiling Significant Patterns in High-Speed Networks Tian Bu 1, Jin Cao 1, Aiyou Chen 1, Patrick P. C. Lee 2 Bell Labs,
Incremental Consistent Updates Naga Praveen Katta Jennifer Rexford, David Walker Princeton University.

Incremental Consistent Updates Naga Praveen Katta Jennifer Rexford, David Walker Princeton University.
OpenFlow-Based Server Load Balancing GoneWild

OpenFlow-Based Server Load Balancing GoneWild
Scalable Flow-Based Networking with DIFANE 1 Minlan Yu Princeton University Joint work with Mike Freedman, Jennifer Rexford and Jia Wang.

Scalable Flow-Based Networking with DIFANE 1 Minlan Yu Princeton University Joint work with Mike Freedman, Jennifer Rexford and Jia Wang.
Flowspace revisited OpenFlow Basics Flow Table Entries Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action.

Flowspace revisited OpenFlow Basics Flow Table Entries Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action.
Profiling Network Performance in Multi-tier Datacenter Applications

Profiling Network Performance in Multi-tier Datacenter Applications
1 Reversible Sketches for Efficient and Accurate Change Detection over Network Data Streams Robert Schweller Ashish Gupta Elliot Parsons Yan Chen Computer.

1 Reversible Sketches for Efficient and Accurate Change Detection over Network Data Streams Robert Schweller Ashish Gupta Elliot Parsons Yan Chen Computer.
1 13-Jun-15 S Ward Abingdon and Witney College LAN design CCNA Exploration Semester 3 Chapter 1.

1 13-Jun-15 S Ward Abingdon and Witney College LAN design CCNA Exploration Semester 3 Chapter 1.
Efficient IP-Address Lookup with a Shared Forwarding Table for Multiple Virtual Routers Author: Jing Fu, Jennifer Rexford Publisher: ACM CoNEXT 2008 Presenter:

Efficient IP-Address Lookup with a Shared Forwarding Table for Multiple Virtual Routers Author: Jing Fu, Jennifer Rexford Publisher: ACM CoNEXT 2008 Presenter:
Reverse Hashing for High-speed Network Monitoring: Algorithms, Evaluation, and Applications Robert Schweller 1, Zhichun Li 1, Yan Chen 1, Yan Gao 1, Ashish.

Reverse Hashing for High-speed Network Monitoring: Algorithms, Evaluation, and Applications Robert Schweller 1, Zhichun Li 1, Yan Chen 1, Yan Gao 1, Ashish.
Reverse Hashing for Sketch Based Change Detection in High Speed Networks Ashish Gupta Elliot Parsons with Robert Schweller, Theory Group Advisor: Yan Chen.

Reverse Hashing for Sketch Based Change Detection in High Speed Networks Ashish Gupta Elliot Parsons with Robert Schweller, Theory Group Advisor: Yan Chen.

Similar presentations

Ads by Google