Presentation is loading. Please wait.

Presentation is loading. Please wait.

Current Practice for Network Analysis in CSTNet Chunjing Han CSTNET, CNIC

Published byMorris Henry Modified over 8 years ago

Similar presentations

Presentation on theme: "Current Practice for Network Analysis in CSTNet Chunjing Han CSTNET, CNIC"— Presentation transcript:

1 Current Practice for Network Analysis in CSTNet Chunjing Han CSTNET, CNIC chjhan@cstnet.cn

2 2 Copyright © 2008 CSTNET. All rights reserved. Agenda III IT service and IT government in CSTNet I Network management infrastructure Traffic and routing analysis II Network management infrastructure DDoS detection, traceback, analysis and mitigation

3 3 Copyright © 2008 CSTNET. All rights reserved. Network management infrastructure Devices and links The basic network management system by snmp, icmp, tacacs and so on Incident Management Problem Management Configuration Management Change Management Network layer Device and performance data Network analysis system: traffic analysis route analysis DDos attack analysis Call center

4 4 Copyright © 2008 CSTNET. All rights reserved. Traffic analysis and report system in CSTNet  An integrated and intelligent infrastructure  Aggregated the different routers in multilayer network  The institutes and custom objects are the base analysis elements  Evaluate the network updates plan from the traffic report

5 5 Copyright © 2008 CSTNET. All rights reserved. The structure of traffic report : traffic matrix Network, interface, router, AS, institute and custom object are the cell elements of the row and column in the traffic matrix. The elements of the row: application, topTalk, protocol and so on The elements of the column: network, interface, router, AS, institute and custom object

6 6 Copyright © 2008 CSTNET. All rights reserved. Traffic Matrix NetworkRouterInterfaceASInstitutesProfile(Custom Object) NetworkTraffic exchange analysis between networks Network traffic transit between Routers Network traffic transit between interfaces Different AS traffic analysis on the Network Distribution between institutes in this network RouterRouter traffic transit between routers Traffic exchange analysis between routers Where and which AS do the traffic of the router go Distribution institutes traffic analysis in the special router Special object traffic analysis in the special router InterfaceInterface traffic distribution between networks Traffic exchange analysis between interfaces How much traffic is been changed between different AS Distribution institutes traffic analysis in the special interface Special object traffic analysis in the special interface

7 7 Copyright © 2008 CSTNET. All rights reserved. Traffic Matrix NetworkRouterInterfaceASInstitutesProfile(Custom Object) ASNetwork traffic transit between AS Which do routs traffic go to the AS Which do interfaces traffic go to the AS AS traffic evaluation and potential Peer which do institutes traffic go to the AS Costom objects analysis in the special AS Number InstitutesWhich network is used by the institute Router analysis which traffic include the institute Interface traffic analysis by this institute Which do AS transit with by this institute Which institutes exchange traffic by this institute Coustom object analysis exchange traffic with the institute ProfileWhich network is used by the object Router traffic analysis which traffic include the object Interface traffic analysis which traffic include the object which do AS transit with by this object Institute analysis exchange traffic with the object Traffic exchange between objects

8 8 Copyright © 2008 CSTNET. All rights reserved. Application, protocol, topTalker and abnormal event Matrix NetworkRouterInterfaceASInstitutesProfile(Custom Object) Application√√√√√√ Protocol√√√√√√ TopTalker√√√√√√ Abnormal event √√√√√√

9 9 Copyright © 2008 CSTNET. All rights reserved. Transit analysis between institutes in CAS

10 10 Copyright © 2008 CSTNET. All rights reserved. TopTalker institutes traffic analysis between CERNet and CSTNet

11 11 Copyright © 2008 CSTNET. All rights reserved. Why need the route analysis system  A key component of a complete Network & Application Service Management Solution  Discovered that a major site was being routed to another via an expensive international WAN link

12 12 Copyright © 2008 CSTNET. All rights reserved. How to find the root cause ISP 1 ISP 2 Router misconfiguration: routing to only ISP 2 despite intact links to both ISPs Despite physical redundant connections to ISP1 and ISP2, no traffic was being sent through ISP1 If the link to ISP2 failed, all internet connectivity would have been lost

13 13 Copyright © 2008 CSTNET. All rights reserved. Topology and route visualization Reducing time to analyze difficult network problems

14 14 Copyright © 2008 CSTNET. All rights reserved. Route event analysis History navigator Route change records Historical routing events are easily replayed

15 15 Copyright © 2008 CSTNET. All rights reserved. Route event analysis Which AS announce the new routes? The root reason we find ! Any recorded time period can be selected and analyzed

16 16 Copyright © 2008 CSTNET. All rights reserved. Network simulation  Know how changes will affect your network before making them

17 17 Copyright © 2008 CSTNET. All rights reserved. Establish a dynamic baseline of typical traffic patterns in different zones of the network Comparing real-time network activity against this dynamic baseline, to flag all anomalies Mitigation detection DDos mitigation

18 18 Copyright © 2008 CSTNET. All rights reserved. What force us to concern the IT service management Dynamic and more complex network environment (link update, change routers, misconfiguration) Serialize the key network application, provide the reliable service for institutes Improve the IT security, strengthen risk-resisting ability Visualization Control Automation

19 19 Copyright © 2008 CSTNET. All rights reserved. IT Service Management in CSTNet  IT Infrastructure library  A service desk to deal with trouble ticket, service and change request  Event, problem, configuration and change

20 20 Copyright © 2008 CSTNET. All rights reserved. 20 Service Support basics Incidents Reactive Service Requests Incident Management Proactive Root cause of related incidents When understood, becomes a Known Error Problem Management Any change to a CI “standard” or preapproved changes CAB Change Management Large or bundled changes planned, designed, built and tested together Subject to change management Release Management Router, switch, link, card,Server Software Related documentation Relationships between CIs Managed Elements of a service CMDB Configuration Management Incident Problem Change Release Configuration Item Configuration Item Service Desk in CSTNet Single Point of Contact for users of IT Services

21 21 Copyright © 2008 CSTNET. All rights reserved. Future work Improve the performance of traffic analysis Route-flow fusion A way to mitigate the DDos detection and guarantee the key scientific application traffic Strength the IT government and provide the best management service

22 22 Copyright © 2008 CSTNET. All rights reserved.

Download ppt "Current Practice for Network Analysis in CSTNet Chunjing Han CSTNET, CNIC"

Similar presentations

Network Monitoring System In CSTNET Long Chun China Science & Technology Network.

Network Monitoring System In CSTNET Long Chun China Science & Technology Network.
WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.

WEB AND WIRELESS AUTOMATION connecting people and processes InduSoft Web Solution Welcome.
Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.

Top-Down Network Design Chapter Nine Developing Network Management Strategies Copyright 2010 Cisco Press & Priscilla Oppenheimer.
Chapter 3: Planning a Network Upgrade

Chapter 3: Planning a Network Upgrade
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
Network Management Basics Network management requirements OSI Management Functional Areas –Network monitoring: performance, fault, accounting –Network.

Network Management Basics Network management requirements OSI Management Functional Areas –Network monitoring: performance, fault, accounting –Network.
CREATING CERTAINTY Intelligent router tool, designed to create certainty in your network. 1COPYRIGHT © 2010 SERTUS NETWORKS LIMITED - ALL RIGHTS RESERVED.

CREATING CERTAINTY Intelligent router tool, designed to create certainty in your network. 1COPYRIGHT © 2010 SERTUS NETWORKS LIMITED - ALL RIGHTS RESERVED.
Assignment 3 LTEC 4550 Cason Parker. Network Hub A Network Hub is a device that connects other devices together using Ethernet cables. Hubs are unintelligent.

Assignment 3 LTEC 4550 Cason Parker. Network Hub A Network Hub is a device that connects other devices together using Ethernet cables. Hubs are unintelligent.
Use Cases for I2RS I2RS Interim Meeting Nicolai Leymann, Deutsche Telekom AG 19.04.2013.

Use Cases for I2RS I2RS Interim Meeting Nicolai Leymann, Deutsche Telekom AG
CIT 470: Advanced Network and System Administration

CIT 470: Advanced Network and System Administration
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
1 Experiments and Tools for DDoS Attacks Roman Chertov, Sonia Fahmy, Rupak Sanjel, Ness Shroff Center for Education and Research in Information Assurance.

1 Experiments and Tools for DDoS Attacks Roman Chertov, Sonia Fahmy, Rupak Sanjel, Ness Shroff Center for Education and Research in Information Assurance.
Signalling Systems System which allows various network components to exchange information –In particular, it supports call / connection control network.

Signalling Systems System which allows various network components to exchange information –In particular, it supports call / connection control network.
Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.

Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.
1© Copyright 2015 EMC Corporation. All rights reserved. SDN INTELLIGENT NETWORKING IMPLICATIONS FOR END-TO-END INTERNETWORKING Simone Mangiante Senior.

1© Copyright 2015 EMC Corporation. All rights reserved. SDN INTELLIGENT NETWORKING IMPLICATIONS FOR END-TO-END INTERNETWORKING Simone Mangiante Senior.
Network Management Management Tools –Desirable features Management Architectures Simple Network Management Protocol.

Network Management Management Tools –Desirable features Management Architectures Simple Network Management Protocol.
Understanding Network Failures in Data Centers: Measurement, Analysis and Implications Phillipa Gill University of Toronto Navendu Jain & Nachiappan Nagappan.

Understanding Network Failures in Data Centers: Measurement, Analysis and Implications Phillipa Gill University of Toronto Navendu Jain & Nachiappan Nagappan.
ITIL: Why Your IT Organization Should Care Service Support

ITIL: Why Your IT Organization Should Care Service Support
Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Faten Yahya Ismael.  It is technology creates a network that is physically public, but virtually it’s private.  A virtual private network (VPN) is a.

Similar presentations

Ads by Google