1 / 18

Measurement in aar net3

Measurement in aar net3. 4 July 2004. The new network. AARNet3 is currently being deployed replacing the ATM oriented AARNet2 network with STM-64 inter-capital links Redundant network design Direct transit to US carriers and peering in the US at 4 US PoPs, including commodity and R&E links

virgil
Télécharger la présentation

Measurement in aar net3

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Measurement in aarnet3 4 July 2004

  2. The new network • AARNet3 is currently being deployed replacing the ATM oriented AARNet2 network with STM-64 inter-capital links • Redundant network design • Direct transit to US carriers and peering in the US at 4 US PoPs, including commodity and R&E links • Dual STM-4 as well as current dual STM-1 for receipt of commodity traffic • Dual STM-64s for R&E traffic

  3. New network design • Redundancy & Resilience • Support for IPv4 and IPv6 • unicast and multicast • Traffic Accounting and Monitoring • End to end performance measures • Support QoS (diffserv) • Support for large traffic flows, jumbo frames

  4. International Connections

  5. Topology

  6. Operational Focus Measurement has a broad operational focus • continually monitor performance of network • troubleshoot networking issues • routing and paths • DOS attacks • to manage and engineer upstream arrangements • to effectively gauge QoS and latency on the network • to measure SLAs • redundant and distributed measurement

  7. Edge measurements • Delivery of service to the customer edge rather than to the region • AARNet equipment (both router and monitoring machine) at customer premises • Allows scaling of measurement infrastructure which was previously regionally based • Allows quick centralised intervention

  8. Traffic Accounting and Monitoring • Flow based accounting has been in use since 1997 within AARNet • Differentiate traffic into classes for billing and provide information for troubleshooting, network planning and security • Scaling issues require accounting function to be moved to the edge of the network in AARNet3 • edge routers under AARNet control • some 40-50 servers will be deployed in the network

  9. Edge Traffic Accounting and Monitoring • Use anycast addressing for flow exports so data supplied to a central collector in an emergency • Centralise reporting to a national based server • Also provides AARNet with measurement device on network edge to improve performance monitoring • Flow based systems have been impacted with increased probing/scanning activities over past 18 months

  10. Flow measurements …even with extensive inbound packet filtering on Netbios and Windows file sharing inbound flows are twice that of outbound…

  11. Flow based measurements • Useful for detection of bots/infections • A large number of inbound attacks seem to be the result of outbound traffic patterns • Early warning to stem the flows quickly • Also considering using some darknet space to monitor • Not without problems with high flow rates creating large amounts of data – sometimes more than the traffic itself!

  12. Other Passive measurements • Peer route updates – now easily accessible through SNMP • BGP through zebra/quagga • SNMP derived traffic data to correlate • General polling of network availability – interface status, peer status etc

  13. Active Measurements • ICMP – rate limiting and ACLs are affecting usefulness of ICMP measurements. • UDP QoS – echoping with precedence set • HTTP gets • Multicast Beacon • NLANR AMP project – building an Australian Mesh • Traceroute and tcptraceroute • On demand iperf and other measurements • Plenty of tools available but little infrastructure for collation of measurements

  14. Visualisation and presentation • Many measurements but require quick visualisation of results • Eg Smokeping graphs on http requests

  15. Impartiality? • Need systems which have confidence of users • Home grown systems might not provide this comfort for various reasons • May be running some appliances as a check and supplement against home spun solutions.

  16. NLANR AMP • NLANR AMP project – building an Australian Mesh • Currently only one active AMPlet • Machines ready for service • http://watt.nlanr.net/active/amp-aarn/ • New portable software available

  17. The challenges ahead… • Deployment of measurement infrastructure • Central and redundant collation and presentation of results • Distribution of systems • Extensibility of tests as network grows • Measuring high bandwidth applications across high latency links.

  18. Thankyou!

More Related