Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern."— Presentation transcript:

1 1 A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern University

2 2 Motivation How do end users, with no special privileges, identify packet loss inside the network with one or two computers?

3 3 Motivation How do end users, with no special privileges, identify packet loss inside the network with one or two computers? Take-home –We propose three user-level loss rate diagnosis approaches –The combo of our approaches and Tulip [SOSP03] is much better than any single approach

4 4 Outline Motivation Related Works Lossy Link Diagnosis –Fragmentation Aided Diagnosis (FAD) Algebraic FAD Opportunistic FAD –Striped Probe Analysis (SPA) Evaluations Conclusions

5 5 Related Work I Internet Tomography –Multicast based (not practical) –Unicast based Mimic multicast L1L1 L2L2 L3L3 L4L4 S Virtual link The more cooperating end hosts, the shorter the virtual links

6 6 Related Work II Tulip [SOSP03] –Leverage on consecutive IPID –Tend to underestimate forward loss rates Suffer from the packet loss correlation x id id+1 Forward Loss SD x id id+2 Reverse Loss SD x id SD x ?

7 7 Outline Motivation Related Works Lossy Link Diagnosis –Fragmentation Aided Diagnosis (FAD) Algebraic FAD Opportunistic FAD –Striped Probe Analysis (SPA) Evaluations Conclusions

8 8 Link Diagnosis=> Forward Path Diagnosis If we can infer the loss rates of forward path F 1 and F 2, we can infer the link loss rate of l 3 F1F1 D SR1R1 R2R2 F2F2 l3l3 l2l2 l1l1 The more diagnosable forward path segments, the better the diagnosis granularity

9 9 Basic Idea of FAD SN PR P R SN P1P1 RP2P2 R P1P1 P2P2

10 10 Algebraic FAD Let p f and p r be the loss rate of the forward and reverse path respectively P R R P1P1 P2P2 (1 - p f ) × (1 - p r )=1 – p (1) (1 - p f ) 2 × (1 - p r )=1 – p’ (2) p and p’ are measurable. Solve p f and p r using (1) and (2)

11 11 How to Achieve FAD IP Fragmentation –Fragment a packet longer than MTU –Required to be supported in IPv4 –Some routers disable it for security reason Support of IP Fragmentation –64,320 router IP addresses probed by using Traceroute –About 80% of routers support IP fragmentation Degree of Rate Limiting on Responses –99% of routers allow a rate of 100 probes/s for ICMP Echo, ICMP Timestamp and TCP probes –Response to UDP probe is severely rate- limited

12 12 Opportunistic FAD F1F1 F2F2 +P F’ 2 F1F1 +P’ aaaaaaaa bbbbbbbb aaaaaaaabbbbbb aaaaaaaa cccccccccaaaaaaaacccccccc

13 13 Opportunistic FAD R’ Forward Loss F1F1 x F2F2 F’ 2 R No Loss SN F1F1 F2F2 F’ 2 F 1 +F 2 F 1 +F’ 2 SN Similar to Tulip, but OFAD allows large gap between fragments

14 14 Striped Probe Analysis (SPA) S sends a probe to D and we get the path p 1 -> p 2 S sends UDP packet with a certain TTL so that R returns an ICMP TTL-Exceeded response. Hence we get path p 1 -> p 3 S p1p1 p3p3 p2p2 DR S R D S p1p1 p2p2 p3p3

15 15 Striped Probe Analysis (SPA) S R S p1p1 p2p2 p3p3 P1P1 P2P2 (1) Loss on shared link D

16 16 Striped Probe Analysis (SPA) Success rate of p 1 ≈ n 1 × n 2 / ( n × n 12 ) –n : number of striped probes sent, –n 1 : number of P 1 received by D, –n 2 : number of P2 received by S, –n 12 : number of cases that both P 1 and P 2 are received Unbiased if packet loss has perfect correlation and loss rates of different links are independent S R S p1p1 p2p2 p3p3 P1P1 P2P2 (2) Loss on non-shared link D S R S p1p1 p2p2 p3p3 (1) Loss on shared link D

17 17 Summary RequirementAccuracy Tulip [SOSP03] Consecutive IPID (70%) Inaccurate w/ strong loss correlation FAD (AFAD & OFAD) IP fragmentation (80%) Accurate w/ weak or short loss correlation SPA ICMP TTL-Exceeded. Access from both end hosts Accurate w/ strong loss correlation The current Internet usually has strong but short loss correlation.

18 18 Outline Motivation Related Works Lossy Link Diagnosis –FAD –SPA Evaluations Conclusions

19 19 Evaluation Metrics Diagnosis Granularity –Weighted average of the lengths of the path’s diagnosable segments –For example, an 8-hop path has two diagnosable segments of length 3 and 5, and then the granularity of the path is (3 2 + 5 2 )/8 = 4.25 Accuracy –Estimation error: –Relative error:

20 20 Diagnosis Granularity SPA is best FAD ≈Tulip Combo of FAD and Tulip is better

21 21 Path-Level Accuracy Evaluation FAD > Tulip > SPA OFAD, Tulip and SPA tends to underestimate loss rates

22 22 More Evaluations Consistency Check Packet Probe Size Selection Lossy Link Distribution More in the technical report http://www.cs.northwestern.edu/~yzh734/ http://www.cs.northwestern.edu/~yzh734/

23 23 Conclusions and Recommendations We propose AFAD, OFAD and SPA which can conduct loss rate diagnosis without infrastructure Tulip, FAD and SPA have different working scenarios –The combination of them can achieve low diagnosis granularity and high accuracy Recommendations –OFAD+SPA, if we can control the two ends of an end-to-end path –OFAD+Tulip, if we can only control the source

24 24

25 25 Thanks! Questions?

26 26 Path-Level Accuracy of Combined Schemes

27 27

28 28 Path-Level Accuracy Evaluation

29 29 Path-Level Accuracy of Combined Schemes

30 30 IP Fragmentation Is Widely Supported Router Collection –64,320 router IP addresses probed by using traceroute from a machine Support of Different Probes Support of IP Fragmentation –90.3% of responsive routers support IP fragmentation –Altogether about 80% of routers support FAD. Degree of Rate Limiting on Responses –99% of routers allow a rate of 100 probes/s for ICMP Echo, ICMP Timestamp and TCP probes –UDP probe is severely rate-limited EchoTimestampUDPTCPAny 1 source85.3%69.2%64.5%71.7%88.2% 10 sources87.3%72.3%70.7%73.3%90.1%

31 31 Packet Transmission Correlation Choose 100 PlanetLab hosts and randomly measure 5000 paths Little loss correlation with enough gap

32 32 Forward Path Diagnosis => Link Diagnosis If we can infer the loss rates of forwarding path l 1 and P 1, we can infer the link loss rate of l 2 too. D

33 33 Opportunistic FAD n: number of R 12 received, n’: number of R’ 12 received X i = 0 when forward packet i is lost and X i =1 otherwise P(X 2 =1)≈P(X 2 =1|X 1 =1)≈n/(n+n’) R 12 P1P1 P2P2 P’ 2 R’ 12 P1P1 P2P2 P’ 2 x (1)(2)

34 34 Striped Probe Analysis (SPA) No fragmented packets needed ! S sends a probe to D and we get the path l 1 -> l 2 S sends UDP packet with a certain TTL so that R returns an ICMP TTL-Exceeded response. Hence we get path l 1 -> l 3 SR l1l1 l3l3 l2l2 S R D S l1l1 l2l2 l3l3 D

35 35 Striped Probe Analysis (SPA) S R S l1l1 l2l2 l3l3 P1P1 P2P2 D

36 36 Striped Probe Analysis (SPA) S R S l1l1 l2l2 l3l3 P1P1 P2P2 (1) No loss(2) Loss on shared link S R S l1l1 l2l2 l3l3 P1P1 P2P2 D D

37 37 Striped Probe Analysis (SPA) Success rate of l 1 ≈ n 1 × n 2 / ( n × n 12 ) –n : number of striped probes sent, –n 1 : number of P 1 received by D, –n 2 : number of P2 received by S, –n 12 : number of cases that both P 1 and P 2 are received Unbiased if packet loss has perfect correlation and loss rates of different links are independent S R S l1l1 l2l2 l3l3 S R S l1l1 l2l2 l3l3 P1P1 P2P2 (1) No loss(2) Loss on shared link(3) Loss on non-shared link S R DS l1l1 l2l2 l3l3 P1P1 P2P2 DD

Download ppt "1 A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern."

Similar presentations

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Computer Networks21-1 Chapter 21. Network Layer: Address Mapping, Error Reporting, and Multicasting 21.1 Address Mapping 21.2 ICMP 21.3 IGMP 21.4 ICMPv6.

Computer Networks21-1 Chapter 21. Network Layer: Address Mapping, Error Reporting, and Multicasting 21.1 Address Mapping 21.2 ICMP 21.3 IGMP 21.4 ICMPv6.
User-level Internet Path Diagnosis Ratul Mahajan, Neil Spring, David Wetherall and Thomas Anderson Designed by Yao Zhao.

User-level Internet Path Diagnosis Ratul Mahajan, Neil Spring, David Wetherall and Thomas Anderson Designed by Yao Zhao.
Network Layer Packet Forwarding IS250 Spring 2010

Network Layer Packet Forwarding IS250 Spring 2010
Internet Control Message Protocol (ICMP)

Internet Control Message Protocol (ICMP)
Internet Traffic Patterns Learning outcomes –Be aware of how information is transmitted on the Internet –Understand the concept of Internet traffic –Identify.

Internet Traffic Patterns Learning outcomes –Be aware of how information is transmitted on the Internet –Understand the concept of Internet traffic –Identify.
ICMP & ICMPv6 Referenced on RFC’s 792 and 2463 respectively. Frank Azevedo.

ICMP & ICMPv6 Referenced on RFC’s 792 and 2463 respectively. Frank Azevedo.
Server-based Inference of Internet Performance V. N. Padmanabhan, L. Qiu, and H. Wang.

Server-based Inference of Internet Performance V. N. Padmanabhan, L. Qiu, and H. Wang.
An Algebraic Approach to Practical and Scalable Overlay Network Monitoring Yan Chen, David Bindel, Hanhee Song, Randy H. Katz Presented by Mahesh Balakrishnan.

An Algebraic Approach to Practical and Scalable Overlay Network Monitoring Yan Chen, David Bindel, Hanhee Song, Randy H. Katz Presented by Mahesh Balakrishnan.
King : Estimating latency between arbitrary Internet end hosts Krishna Gummadi, Stefan Saroiu Steven D. Gribble University of Washington Presented by:

King : Estimating latency between arbitrary Internet end hosts Krishna Gummadi, Stefan Saroiu Steven D. Gribble University of Washington Presented by:
EEC-484/584 Computer Networks Lecture 10 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.

EEC-484/584 Computer Networks Lecture 10 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
Efficient Hop ID based Routing for Sparse Ad Hoc Networks Yao Zhao 1, Bo Li 2, Qian Zhang 2, Yan Chen 1, Wenwu Zhu 3 1 Lab for Internet & Security Technology,

Efficient Hop ID based Routing for Sparse Ad Hoc Networks Yao Zhao 1, Bo Li 2, Qian Zhang 2, Yan Chen 1, Wenwu Zhu 3 1 Lab for Internet & Security Technology,
Internet Networking Spring 2003

Internet Networking Spring 2003
Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.

Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.
User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.

User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.
Network Tomography (A presentation for STAT 593E) Mingyan Li Radha Sampigethaya.

Network Tomography (A presentation for STAT 593E) Mingyan Li Radha Sampigethaya.
Yao Zhao 1, Yan Chen 1, David Bindel 2 Towards Unbiased End-to-End Diagnosis 1.Lab for Internet & Security Tech, Northwestern Univ 2.EECS department, UC.

Yao Zhao 1, Yan Chen 1, David Bindel 2 Towards Unbiased End-to-End Diagnosis 1.Lab for Internet & Security Tech, Northwestern Univ 2.EECS department, UC.
Scalable and Deterministic Overlay Network Diagnosis Yao Zhao, Yan Chen Northwestern Lab for Internet and Security Technology (LIST) Dept. of Computer.

Scalable and Deterministic Overlay Network Diagnosis Yao Zhao, Yan Chen Northwestern Lab for Internet and Security Technology (LIST) Dept. of Computer.
Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.

Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.
CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College

CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College

Similar presentations

Ads by Google