Visualizing Traffic On Network Topology PDF Free Download

2y ago

56 Views

1 Downloads

1.23 MB

25 Pages

Report/dmca

Download PDF

Transcription

NTT Communications’ two large networksAS2914 ： ntt.net Global Tier-1 backboneAS4713 ： OCN (for Japanese domestic)U.S.VerioKoreaNTT KoreaHong KongNTT Com AsiaTaiwanNTT Taiwanntt.netAS2914EuropeNTT EuropeNTT ComThailandMalaysiaNTT MSCCopyright 2012 NTT CommunicationsAS 4713AustraliaNTT Australia2

Our Motivation 1 Visualizing Traffic on Single Point– When traffic increases or decreases, we would like to know whatis happening on NetworkIn Tokyo, Traffic Down!! Looking at Multi Point Traffic leads to understandingIn Osaka, Traffic UP!!Failover occursCopyright 2012 NTT Communications4

Our Motivation 2 Visualizing Traffic on Multi-Point– Operators imagine topology in their brain, then search for trafficgraph in specified regionOsakaTokyoLooking at Traffic on Routing Topology leads to far better/fastunderstanding.Copyright 2012 NTT Communications5

Things to Consider- Routing Topology changes dynamically- Routing Topology may differ between internal network and externalnetwork- Routing Topology may differ between IPv4 and IPv6- Monitor routing protocol continuously as well as Monitor Flow Traffic- Monitor separate routing protocol for internal/external network- Monitor separate routing protocol for IPv4/IPv6 networkCopyright 2012 NTT Communications7

Monitoring Internal Routing Protocol(OSPFv2/OSPFv3)Method(1)Login to Router(2)SNMP(3)Join NetworkCopyright 2012 NTT CommunicationsPros and ConsGood:Comparably fastLittle load to routerBad:Different output format by vendor, need many parserComparably difficult to get login permissionProtocol message is not possible to be monitoredGood:Standardized output format (Except OSPFv3)Comparably easy to get SNMP access (read-only)Bad:Load given to routerComparably slowProtocol message is not possible to be monitoredOSPFv3OSPFv2Good:Comparably fastA little load to routerProtocol message is monitoredBad:Need protocol stack (difficult implementation)Difficult management, Topology may change by joining network9

Monitoring External Routing Protocol(BGP/BGP4 )MethodPros and Cons(1)Login to RouterGood:Comparably fastLittle load to routerBad:Different output format by vendor, need many parserComparably difficult to get login permissionProtocol message is not possible to be monitored(2)SNMPGood:Comparably easy to get SNMP accessBad:Vendor-specific MIBLoad given to routerComparably slowProtocol message is not possible to be monitored(3)Join NetworkGood:Comparably fastA little load to routerProtocol message is monitoredEasy managementBad:Need protocol stack (difficult implementation)Copyright 2012 NTT CommunicationsBGPBGP4 10

Flow Technology for Traffic MonitoringNetflowsFlowIPv4IPv6Version 5OKNGVersion 9OKOKVersion 2OKOKVersion 4OKOKVersion 5OKOKOKOKIPFIXRecent Flow technologies can handle IPv6 traffic information.11

Visualizing or Routing ProtocolInternalExternalMonitor Flow- Analyze OSPF/OSPFv3Link State DatabaseIPv4- Enumerate all interfacesIPv6of Network Links- Extract Flow ofspecified interface- Calculate InterfaceTraffic, then map ontolinks- Analyze BGP/BGP4 Routing Table andIPv4AttributesIPv6- Enumerate all AS Pathby Origin AS- Extract Origin AS foreach flow- Calculate Traffic foreach origin AS, then maponto AS Path12

Monitoring System (Internal Topology)AREA 0FlowMonitoring SystemFlowSeed RouterOSPF Monitoring- All routers send Flow to Monitoring System- System monitors OSPF link state database on one of the routersCopyright 2012 NTT Communications13

Monitoring System (Internal Topology) cont’dAREA 0FlowMonitoring SystemFlowAREA 101AREA 102AREA 103OSPFMonitoring- All routers send Flow to Monitoring System- System monitors OSPF link state database on one of the routers in Each AREACopyright 2012 NTT Communications14

Monitoring System (External Topology)AS 65001FlowMonitoring SystemiBGPiBGPFlowiBGPiBGPBGP Monitoring(iBGP)Route Reflector- Edge routers send Flow to Monitoring System- System monitors BGP routing table by iBGP peer with Route ReflectorCopyright 2012 NTT Communications15

Monitoring System (External Topology) cont’dAS 65001AS 65002FlowMonitoring SystemFlowBGP Monitoring(eBGP)- Edge routers send Flow to Monitoring System-System monitors BGP routing table by eBGP peer with one of the Edge routerCopyright 2012 NTT Communications16

Use Case – AS Path Change DetectionDemonstration Onsite

Future Work Automation– Detect Interface Failover– Detect AS-Path Change,,,etc– Detect Asymmetric Routing Monitor other IP routing protocols– IS-IS– Static Monitor other layers– MPLS– L2, VLAN, Static Network– L1Copyright 2012 NTT Communications23

Conclusion Successful in visualizing traffic on routing topology– Monitor routing protocol as well as flow Different routing protocol must be monitored depending on whatkind of network to visualize (internal/external, ipv4/ipv6) Topology visualization is useful for– Better view– Easy operation– Fast trouble shootingCopyright 2012 NTT Communications24

Successful in visualizing traffic on routing topology – Monitor routing protocol as well as flow Different routing protocol must be monitored depending on what kind of network to visualize (internal/external, ipv4/ipv6) Topology visualization is useful f