Presentation is loading. Please wait.

Presentation is loading. Please wait.

POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 4. Active Monitoring Techniques.

Published byDoreen Little Modified over 8 years ago

Similar presentations

Presentation on theme: "POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 4. Active Monitoring Techniques."— Presentation transcript:

1 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 4. Active Monitoring Techniques

2 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (2) 4. Active Monitoring Techniques  ICMP-based method  Diagnose network problems  Availability / Round-trip delay / Round-trip packet loss  TCP-based method  One-way bandwidth / Round trip bandwidth  Bulk transfer rate  UDP-based method  One-way packet loss / Round trip bandwidth

3 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (3) 4. Active Monitoring - ICMP  Internet Control Message Protocol (ICMP), RFC 792  The purpose of ICMP messages is to provide feedback about problems in the IP network environment  Delivered in IP packets  ICMP message format  4 byte of ICMP header and optional message

4 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (4) 4. Active Monitoring - ICMP Functions  To announce network errors  If a network, host, port is unreachable, ICMP Destination Unreachable Message is sent to the source host  To announce network congestion  When a router runs out of buffer queue space, ICMP Source Quench Message is sent to the source host  To assist troubleshooting  ICMP Echo Message is sent to a host to test if it is alive - used by ping  To announce timeouts  If a packet’s TTL field drops to zero, ICMP Time Exceeded Message is sent to the source host - used by traceroute

5 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (5) 4. Active Monitoring - ICMP Drawbacks  ICMP messages may be blocked (i.e., dropped) by firewall and processed at low priority by router  ICMP has also received bad press by being used in many denial of service attacks and because of the number of sites generating monitoring traffic  As a consequence some ISPs disable ICMP even though this potentially causes poor performance and does not comply with RFC1009 (Internet Gateway Requirements)  In spite of these limitations, ICMP is still most widely used in active network measurements

6 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (6) 4. Active Monitoring - Ping  A simple application that runs on a host, typically supplied as part of the host's operating system  Uses ICMP ECHO_REQUEST and ECHO_RESPONSE packets  Provides round-trip time and packet loss  For average measurement, run ping at regular intervals so as to measure the site's latency and packet loss

7 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (7) 4. Active Monitoring – Ping Example

8 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (8) 4. Active Monitoring - Traceroute  Produces a hop-by-hop listing for each router along the path to the target host  For each hop, it prints the round-trip time for the router  Algorithm: uses ICMP and TTL field in the IP header  Send an ICMP packet with TTL=1  First router sends back ICMP TIME_EXCEEDED  Then send ICMP packet with TTL=2 and hear back from the second router  Continue till the destination is reached or TTL expires (default max TTL=30)  It shows you only the forward path  The reverse path is seldom the same  To trace the reverse path one must run traceroute on the remote host (reverse traceroute server, Looking Glass Server).

9 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (9) 4. Active Monitoring – Traceroute Example

10 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (10) Measurement Method Example via Ping Ping (ICMP) – Availability, RT Loss, RTT Delay Measurement Test Machine Measurement Test Machine Gigabit Ethernet Backbone Network RSM Period : 10 min. Packet Size : 40 bytes Packet Generator (ICMP) Customer SLA DB

11 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (11) Measurement Method Example via TCP TCP – Throughput Measurement Source Machine Measurement Source Machine Measurement Destination Machine Measurement Destination Machine NTP Synchronized hosts TCP local time : t1 local time : t2 t1 t2 Throughput (Mbps) = t2( ㎲ ) – t1( ㎲ ) 10 5 x 8 100 KB

12 POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (12) Measurement Method Example via UDP UDP – One Way Loss Measurement Source Machine Measurement Source Machine Measurement Destination Machine Measurement Destination Machine NTP Synchronized hosts UDP 100 KB One way Loss = 100 - x 100 (%) Sent Packet Counts Received Packet Counts 1 Packet (1000 Byte)

Download ppt "POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 4. Active Monitoring Techniques."

Similar presentations

Computer Networks21-1 Chapter 21. Network Layer: Address Mapping, Error Reporting, and Multicasting 21.1 Address Mapping 21.2 ICMP 21.3 IGMP 21.4 ICMPv6.

Computer Networks21-1 Chapter 21. Network Layer: Address Mapping, Error Reporting, and Multicasting 21.1 Address Mapping 21.2 ICMP 21.3 IGMP 21.4 ICMPv6.
Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.

Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.
CSCI 4550/8556 Computer Networks Comer, Chapter 23: An Error Reporting Mechanism (ICMP)

CSCI 4550/8556 Computer Networks Comer, Chapter 23: An Error Reporting Mechanism (ICMP)
Internet Control Message Protocol (ICMP)

Internet Control Message Protocol (ICMP)
1 TDC365-03 TDC 365 Network Interconnections Technologies Lecture #4 Notes Spring, 2009.

1 TDC TDC 365 Network Interconnections Technologies Lecture #4 Notes Spring, 2009.
CPSC 441 Tutorial - Network Tools 1 Network Tools CPSC 441 – Computer Communications Tutorial.

CPSC 441 Tutorial - Network Tools 1 Network Tools CPSC 441 – Computer Communications Tutorial.
1 Internet Networking Spring 2002 Tutorial 4 ICMP (Internet Control Message Protocol)

1 Internet Networking Spring 2002 Tutorial 4 ICMP (Internet Control Message Protocol)
The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.

The Network Layer Chapter 5. The IP Protocol The IPv4 (Internet Protocol) header.
Internet Control Message Protocol (ICMP). Introduction The Internet Protocol (IP) is used for host-to-host datagram service in a system of interconnected.

Internet Control Message Protocol (ICMP). Introduction The Internet Protocol (IP) is used for host-to-host datagram service in a system of interconnected.
Chapter 5 The Network Layer.

Chapter 5 The Network Layer.
Internet Control Message Protocol (ICMP)

Internet Control Message Protocol (ICMP)
1 CCNA 2 v3.1 Module 8. 2 TCP/IP Suite Error and Control Messages CCNA 2 Module 8.

1 CCNA 2 v3.1 Module 8. 2 TCP/IP Suite Error and Control Messages CCNA 2 Module 8.
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Internet Control Message Protocol (ICMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Internet Control Message Protocol (ICMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.
Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.

Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.
1 Internet Control Message Protocol (ICMP) RIZWAN REHMAN CCS, DU.

1 Internet Control Message Protocol (ICMP) RIZWAN REHMAN CCS, DU.
1 ICMP : Internet Control Message Protocol Computer Network System Sirak Kaewjamnong.

1 ICMP : Internet Control Message Protocol Computer Network System Sirak Kaewjamnong.
Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Defining the IP Packet Delivery Process INTRO v2.0—4-1.

Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Defining the IP Packet Delivery Process INTRO v2.0—4-1.
Network Monitoring School of Electronics and Information Kyung Hee University. Choong Seon HONG Selected from ICAT 2003 Material of James W. K. Hong.

Network Monitoring School of Electronics and Information Kyung Hee University. Choong Seon HONG Selected from ICAT 2003 Material of James W. K. Hong.
CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College

CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College
TCP/IP Protocol Suite 1 Chapter 9 Upon completion you will be able to: Internet Control Message Protocol Be familiar with the ICMP message format Know.

TCP/IP Protocol Suite 1 Chapter 9 Upon completion you will be able to: Internet Control Message Protocol Be familiar with the ICMP message format Know.

Similar presentations

Ads by Google