Archipelago (Ark): CAIDA's active measurement infrastructure serving the network research community since 2007.
Please send questions or comments regarding Ark to firstname.lastname@example.org.
Current Monitor Status and Statistics
(click on map for interactive monitors map and graphs for statistics)
|Feb 2016||Ark Topology Query System slideset|
|Dec 2015||28 Ark monitors activated in 2015|
|Mar 2015||Ark Update: Present and Future slideset|
- reduce the effort needed to develop and deploy sophisticated large-scale measurements, and
- provide a step toward a community-oriented measurement infrastructure by allowing collaborators to run their vetted measurement tasks on a security-hardened distributed platform.
Ark is tailored specifically for active network measurement. This allows Ark to be simpler than some other general-purpose distributed experimental platforms, and it allows us to concentrate on providing facilities that directly address the needs of networking research. In particular, we provide a facility for communication and coordination that makes it easier to write distributed measurements that must work together to achieve a goal. We are working on providing a high-level API to ease the challenges of writing measurement tools. Our goal is to lower the barrier to bringing novel and interesting measurement techniques to life.
The following lists ongoing, ad hoc, and hosted measurements and experiments conducted on the Ark measurement infrastructure. In addition to scheduled measurements, we provide users with access and tools to enable execution of ad hoc measurements from the command-line or via a web interface through the Vela Ark Topo-on-Demand Service. Follow this link to see a list of historical measurements and experiments.
The Spoofer Project: In a collaboration with the Naval Postgraduate School (NPS) and Massachusetts Institute of Technology (MIT), Ark monitors participating in the Spoofer Project help measure the Internet's susceptibility to spoofed source address IP packets. The monitors gather data on IP spoofing by receiving potentially spoofed traffic and forwarding it on to the Spoofer Project's server at MIT for analysis. Ark Hosting sites interested in participating as receivers need to agree to the Acceptable Use Policy (AUP) for the Spoofer Project.
TCP Behavior Inference (Tbit): Assessing the deployment of TCP algorithms is integral to understanding the ability of TCP to perform. We are using Ark infrastructure to infer the deployment of TCP algorithms and features in the modern Internet using an approach based on the TCP Behavior Inference Tool (TBIT), with a current focus on the deployment of slow-start behaviors, as well as feasibility of blind in-window TCP attacks.
IPv4 and IPv6 stability: working with researchers at Simula Research Laboratory, we are studying IPv4 and IPv6 stability and performance: From dual-stacked Ark monitors, we are running measurements (high-frequency pings and traceroutes over IPv4 and IPv6) towards dual-stacked servers from the Alexa list. The objective is to compare the reachability and performance (in terms of RTT) of dual-stacked targets over IPv4 and IPv6.
Domain Name System (DNS) Health: Working with researchers at Verisign Labs, we are using nodes from CAIDA's Ark project to establish regular diagnostic monitoring from diverse perspectives, to establish a baseline of response behavior and quantify current connectivity issues as well as those that might emerge with a root key rollover. The Ark nodes not only provide a diverse path sampling to achieve our objectives but are also suited for rapid and flexible deployment, as they allow the installment of existing tools, rather than refactored or platform-specifics, which are constraints of similar platforms.
From each Ark node we periodically issue a series of diagnostic queries to each of the servers to which top-level domain (TLD) namespace has been delegated. The queries include transport-layer tests to detect connectivity issues over both TCP and UDP, PMTU bounding tests to identify servers affected by a smaller PMTU than the payload they attempt to send, version consistency tests to detect stale zone data from servers that are out of sync, and DNSSEC correctness and consistency tests. The diagnostic queries are performed three times daily, and results are aggregated and stored for both point-in-time (simultaneous consistency) and temporal analysis (behavioral changes over time).
TCP-HICCUPS: HICCUPS (Handshake-based Integrity Check of Critical Underlying Protocol Semantics), developed by researchers at the Naval Postgraduate School is a lightweight extension to TCP that helps end-hosts infer when their communication is being misinterpreted due to middlebox packet header modifications. By using HICCUPS, end-nodes can better cooperate with middleboxes and improve application performance. Measurement results from a SIGCOMM 2014 publication used HICCUPS on 58 Ark vantage points as part of an Internet-wide survey of Internet path behavior.
Researchers at the Université de Liège, Belgium have deployed tracebox on dual-stack Ark vantage points to compare middleboxes in IPv4 and IPv6 environments. From Ark vantage points, we probed all dual-stack servers, from the top 1 Million Alexa web site. The dataset collected allowed the researchers to build a path impairment oriented middlebox taxonomy that aims at categorizing the initial purpose of a middlebox policy as well as its potential unexpected complications. Measurement results are described in the NetSciCom 2015 publication.
To provide timely, regular data, several categories of measurements run on an ongoing basis driven by CAIDA's mission, in part, to provide macroscopic insights into Internet infrastructure, behavior, usage, and evolution.
Internet Topology Discovery: Using multiple teams of geographically distributed Ark monitors we dynamically and strategically divide up the probing work among teams to conduct coordinated, large-scale traceroute-based topology measurements. Supported by (DHS S&T contract N66001-12-C-0130) Cartographic Capabilities for Critical Cyberinfrastructure, we integrate these measurements with data analysis capabilities to provide comprehensive annotated Internet topology maps that will improve our ability to identify, monitor, and model critical cyberinfrastructure.
IPv4: Ark's parallelization allows us to obtain a traceroute measurement to all the routed /24 networks in the IPv4 address space in about 2-3 days for a team of 17-18 monitors probing over 10 million /24's (that is, the full routed address space subdivided into /24's) at 100pps. We currently have three teams active, and each team probes independently. We make these measurements available for download as The Ark IPv4 Routed /24 Topology Dataset.
IPv6: For each probed path, we collect the IP address, RTT, reply TTL, and ICMP responses for all hops, including intermediate hops. Each Ark monitor probes all announced IPv6 prefixes (/48 or shorter) once every 48 hours. One probing pass through all announced prefixes is called a cycle. In each cycle, a monitor probes only a single random destination in each prefix. Different monitors probe prefixes in independently-chosen random orders and probe to an independently-chosen random destination in each prefix. Prefixes are randomly ordered in such a way that a given monitor never probes the same prefix within 16 hours across cycle boundaries (a monitor can never re-probe a prefix within the same cycle, by definition). We make these measurements available for download as The Ark IPv6 Topology Dataset.
The team-probing experiment performs traceroute measurements using scamper, a powerful and flexible active measurement tool supporting IPv4, IPv6, traceroute, and ping. Scamper supports TCP-, UDP-, and ICMP-based measurements and Paris traceroute variations.
Congestion: As described in (NSF award CNS-1414177) Mapping Interconnection in the Internet: Colocation, Connectivity and Congestion, we are running measurements to detect congestion on interdomain links of the networks hosting the Ark monitors. These measurements will inform analysis of traffic congestion dynamics induced by evolving interconnection and traffic management practices of CDNs and ISPs.
- Time-Sequence Ping (TSP) involves sending a crafted sequence of pings along the path in question looking for a diurnal variation in delay potentially indicating congestion on a link.
- Border mapping using Ark vantage points to research and develop measurement techniques to accurately infer the presence of interdomain links for the network hosting the Ark vantage point. Our approach combines our experience in Internet-scale topology discovery and alias resolution, as well as our algorithms to infer routing relationships between networks, to accurately label interdomain routers with their owners.
In addition to ongoing measurements, researchers can execute ad hoc measurements on the Ark monitors via either a command-line interface or a web-browser interface.
The tod-client (topology on-demand) gives users working at a command-line shell a scriptable interface for performing IPv4 and IPv6 traceroute and ping measurements.
Vela: Web Interface: The Vela service provides access to Ark's topo-on-demand functionality via a web browser. Organizations access the Ark platform via the vela web interface to run "one-off" measurements. The interface allows users to select a subset of monitors (e.g., all Asian monitors, or one Ark monitor from each continent with IPv6 connectivity) using ping or traceroute.
The following organizations have run on-demand measurements on Ark:
- Department of Homeland Security (DHS S&T)
- Naval Postgraduate School (NPS)
- The Réseaux IP Européens Network Coordination Centre (RIPE NCC)
- Jacobs University, Bremen, Germany
- Eurocom, France
- Fraunhofer AISEC
- The University of Cape Town
Questions about Ark?
Please send questions or comments regarding Ark to email@example.com.