Preview only show first 10 pages with watermark. For full document please download

Collecting Information To Visualize Network Status

   EMBED

  • Rating

  • Date

    August 2018
  • Size

    1.1MB
  • Views

    10,007
  • Categories


Share

Transcript

14th JSPS/NRF Core University Program Seminar on Next Generation Internet i-Path : Network Transparency Project Shigeki Goto* Akihiro Shimoda*, Ichiro Murase* Dai Mochinaga**, and Katsushi Kobayashi*** * Waseda University ** Mitsubishi Research Institute Inc., *** National Institute of Advanced Science and Technology (AIST) 1 Agenda 1. Introduction – Background and Motivation – Applications 2. Overview of i-Path – Data Collection – New Software 3. More Applications 4. Conclusion Acknowledgement 2 The Goal of i-Path project  Accessible Information between the hosts  Observing the information disclosure policy of all stakeholders along the path 3 Introduction Background Growing demand for backbone bandwidth Network performance fluctuation (e.g. throughput) Routers keep rich information •Routing table, Link utilization •Temperature, Location, Contact point, Supply voltage etc. Not easy to collect right information and to utilize information along the path • Because of … – Observe the information disclosure policy – Status of network depends on variety of factors 4 Introduction Motivation • Disclosing information leads to improved End-to-End visibility • End-to-End visibility provides benefit to end hosts and network operators – Monitoring network status – Reporting events and troubleshooting – Reduction in operational cost • Providing transparency of underlying networks 5 Introduction Applications Enhanced Congestion Control Best peer selection in P2P communication applications Adjust optimal bit rate in VoD Dynamic network configuration (e.g. according to Time zones) Selection of the appropriate path (e.g. Not violating policies related to content management) 6 Overview Data Collection • Explicit Network Information Collection Along a Path • SIRENS *(Simple Internet Resource Notification Scheme) – Based on the cross layer approach    Bottleneck bandwidth Interface queue capacity Corruption losses etc. – Scalable network information measurement * K. Nakauchi and K. Kobayashi. An explicit router feedback framework for high bandwidth-delay product networks. Computer Networks, 51(7):1833–1846, 2007. 7 Overview Structure of shim-header Inserted between the network and transport headers 8 Overview Information Disclosure • Prohibit to access some Information on routers • Unwilling to disclose inside network status – Security – Cost • Each ISP has a disclosure policy • End hosts have their disclosure policy Negotiation: requests and responses OK to Disclose? OK to Disclose? OK to Disclose? 9 Observing Information Disclosure Policies Selective requests and responses  Policy: Alice & Bob allow to disclose beyond 3rd hop router.  Implementation: • Alice does not send req. for her neighbor & the next neighbor routers, i.e.,1st & 2nd hops. • Bob does not send back res. same as Alice, i.e., 6th & 7th hops.  Results: • Alice obtains 3-5 hops data. • Bob obtains 3-7 hops data 10 New Software Tools (a) Send a SIRENS request packet TCP Data TCP Data TCP Data TCP Data (b) Receive the request packet and reply Sender (c) Receive the reply packet and make xml files i-Path Router TCP Data Developed software Receiver TCP Data xml 11 Snapshot of the Visualization Tool • Dark colored (Blue) routers – Data Collection: Enabled • Gray colored routers – Data Collection: Not enabled or Not Exist 12 More applications Network Threat Detection S.Nogami, A.Shimoda and S.Goto, Detection of DDoS attacks by i-Path flow analysis, (in Japanese, to appear) 72nd National Convention of IPSJ, Mar. 2010. DDoS Packets destination: TARGET Source IP Address: Spoofed IP Address TARGET IP address : X.X.X.X Internet Attackers Back Scatter Packets destination: Spoofed IP Address Source: TARGET extraneous hosts/servers 13 More applications NAT traversal Different kind of NATs: full cone, restricted cone, port restricted cone, symmetric K.Tobe, A.Shimoda and S.Goto, NAT traversal with transparent routers, (in Japanese, to appear) 72nd National Convention of IPSJ, Mar. 2010 symmetric NAT 14 Current Status and Future Plans • i-Path project wiki http://i-path.goto.info.waseda.ac.jp/trac/i-Path/ • Dai Mochinaga, Katsushi Kobayashi, Shigeki Goto, Akihiro Shimoda, and Ichiro Murase, Collecting Information to Visualize Network Status, 28th APAN Network Research Workshop, pp.1—4, 2009. • Network application utilizing collected information • Demonstration on R&D testbed: JGN in Japan • Demonstration at SC09, Portland, OR, Nov. 2009 15 Conclusion • We proposed new method disclosing network information • i-Path – Offering end-to-end visibility, transparency – Observing privacy protection – Respecting disclosure policy 16 Acknowledgement This project is supported by National Institute of Information and Communications Technology (NICT), Japan. 17