|
Talk Title and Presenter
|
Abstract
|
NeTraMet Streams, DNS Response
Nevil Brownlee
slides (HTML)
|
While at CAIDA earlier this year I began looking at 5-minute distributions of stream sizes and lifetimes. This talk will discuss the measurement techniques used, and consider how these distributions vary with time, and with the level of overall traffic load. I also examined root-server and gtld-server
DNS traffic.
|
|
The RIPE-NCC Routing Information Service
Henk Uijterwaal
|
The RIPE-NCC Routing Information Service,
Antony Antony, Thomas Franchetti, Daniel Karrenberg, and Henk Uijterwaal
Routing decisions between ASs is derived from reachability information
exchanged via routing protocols (BGP) between these AS's as well as local
policies. The Routing Information Service (RIS) is a new project at the
RIPE-NCC. The RIS collects time-stamped BGP updates from default-free
border routes of many ASs, at topologically interesting network points.
These updates are stored in a database that can be queried interactively
by the community. The information stored in the RIS can be used, amongst
other things, to understand network reachability from remote locations for
tracing routing problems of the past, for reality checks of routing
policies registered in the various Routing Registries. and for statistical
or scientific analysis.
This presentation will introduce the RIS project in more detail and show
results of recent analyses of the RIS data.
|
Understanding the Large-Scale Dynamics of Internet Routing Protocols
Craig Labovitz and
Abha Ahuja
slides (HTML)
|
In this talk, we will explore many of myths that surround the fault-tolerance and reliability of the Internet backbone infrastructure. Based on several years of experimental Internet infrastructure measurements, we will demonstrate that Internet backbone routing does not posses many of its traditionally assumed capabilities, including fast re-routing after failures, and improved fault-tolerance through redundant provider connections. Finally, we will provide insight into both the origins and impact of routing path failures in the Internet.
|
Magellan: A Tool for Unicast Fault Isolation
Cengiz Alaettinoglu,
Ramesh Govindan, and
John Mehringer
slides (HTML)
|
Magellan is an end-user tool that monitors the Internet routing system
and employs heuristics for Unicast Routing Fault Isolation. The
motivating questions for Magellan are why do I not have connectivity to
CNN.com when I had it yesterday? Or why is it more slow today? Magellan
uses tcpdump and figures out the interesting sites from the user's
site, it then uses traceroutes to these sites to dynamically monitor
paths. It infers location of faults by first correlating path
histories. The basic idea is to infer that some router in the disjoint
part of the old path must have caused the path change. It then
correlates path changes for other destinations that have a common
segment with this path. By sequentially testing the links and routers
in this segment, it tries to pin down the fault.
In this talk, we are going to describe Magellan's architecture, demo
its use and show some interesting results we captured with Magellan.
|
Impact of Policy on Internet Paths
Ramesh Govindan, with Hongsuda
Tangmunarunkit, Scott Shenker, and Deborah Estrin
slides (.pdf)
|
The impact of routing policy on Internet paths is poorly understood.
In theory, policy can inflate shortest-router-hop paths.
To our knowledge, the extent of this inflation has not been
previously examined.
Using a simplified model of routing policy in the Internet,
we obtain approximate indications of the impact of policy routing
on Internet paths.
Our findings suggest that routing policy does impact the length
of Internet paths significantly.
For instance, in our model of routing policy, some 20% of
Internet paths are inflated by more than five router-level hops. |
Views of the Internet BGP Routing Table
Geoff Huston
slides (HTML)
slides (.pdf)
|
The work is based on a multi-year series of snapshots of the details of a default-free perspective of the Internet's BGP. The talk will show the long term growth trends of the BGP routing table and provide some interpretation of these trends. The most evident recent trend is a return to exponential growth in the size of the BGP routing table, and the correlation of this to the spread of multi-homing practices in the Internet environment is explored.
|
ISP Backbone Traffic Inference Methods
to Support Traffic Engineering
Olivier Goldschmidt
slides (HTML)
|
A major headache for Internet Service Providers is to estimate the
end-to-end traffic volumes on their backbone network.
Reliable traffic estimates between ingress and egress points are
essential to traffic engineering purposes such as ATM PVC (Permanent
Virtual Circuits) or LSP (Label Switched Paths) layout and sizing.
In this talk we present robust methods for inferring end-to-end
traffic when only fragmental information, such as baselining (SNMP) on
backbone links and reading probes (IP accounting and/or Netflow) at
selected routers, is known. Together with network topology and IP
routing between ingress and egress points, we develop an algorithm
based on mathematical programming techniques to infer end-to-end
traffic volumes. We illustrate our methods with empirical data.
|
The Study and Characterization of Traffic Flows at the POP-level in a Tier-1 Backbone
Nina Taft
slides (HTML)
|
We use packet trace data and BGP routing information to study traffic
flows across the Sprint IP backbone at the POP-to-POP level.
By doing so, we identify the characteristics of traffic streams between
metropolitan areas. Such characterization is important for traffic
engineering purposes since it provides valuable information for
implementing load balancing and routing policies, which in turn
improves the scalability of policy routing and planning.
We have developed tools that use BGP routing information to
determine the ingress and egress POP for each packet that traverses the
backbone. These tools enable us to build a traffic matrix that
captures the intensity of traffic flows at various levels of
granularity between pairs of POPs. Such POP-to-POP traffic matrices
differ from the typical traffic matrices studied today which examine
traffic at the AS, link or router level. We examine the dynamics
of such matrices by observing the rate at which traffic matrices
fluctuate.
Characterization of POPs is useful for topology planning and resource
provisioning. We thus examine time-of-day statistics and load balancing
properties of POPs. We find that POPs behave quite differently from one
another, which indicates that a simple model for POP-level traffic is not
sufficient for capturing the complexity of POP behaviour. The load
balancing property we examine from our data is that of distributing the
packet streams equitably across a set of POPs.
We examine the behavior of these POP-level flows at a number of
different time granularities and flow granularities. For time
granularities, we compare the behavior of average measurements taken
over a set of different measurement intervals. Since traffic
engineering decisions are often made using long-term averages, we
compare the behavior of short-term averages with that of long-term
averages. For example, we find that 30-minute averages are a good
granularity level to predict behavior on either a minute or hourly
time scale.
We also develop filters for aggregating packets at different levels of
flow granularity. Packets are aggregated into larger streams using
similar source or destination address prefix masks. For example, all
packets with the same 8-bit mask are aggregated into a single
stream. We compare the variability of such streams for different
amounts of aggregation (i.e., varying prefix masks) in order to
develop an understanding of how to engineer the traffic flowing
through the backbone.
|
Deriving the Traffic Demands on the AT&T IP Backbone
Jennifer Rexford
slides (HTML)
|
Engineering a large IP backbone network without an accurate,
network-wide view of the traffic demands is challenging. Shifts in
user behavior, changes in routing policies, and failures of network
elements can result in significant (and sudden) fluctuations in load.
This talk presents a model of traffic demands to support traffic
engineering and performance debugging of large Internet Service
Provider networks. By defining a traffic demand as a volume of load
originating from an ingress link and destined to a set of egress
links, we can capture and predict how routing affects the traffic
traveling between domains. To infer the traffic demands, we propose a
measurement methodology that combines flow-level measurements
collected at all ingress links with reachability information about all
egress links. We discuss how to cope with situations where practical
considerations limit the amount and quality of the necessary data.
Specifically, we show how to infer interdomain traffic demands using
measurements collected at a smaller number of edge links --- the
peering links connecting to neighboring providers. We report on our
experiences in deriving the traffic demands in the AT&T IP Backbone,
by collecting, validating, and joining very large and diverse sets of
usage, configuration, and routing data over extended periods of time.
For more details refer to:
http://www.research.att.com/~jrex/papers/sigcomm00.ps
|
Hermes: Integration and Visualization of Routing Registries Info and
BGP Routing Data
Andrea Carmignani
slides (HTML)
|
Hermes is a visual system for dynamically exploring and analyzing Autonomous Systems and their interconnections. It relies on a three-tiers architecture, a repository of routing information coming from heterogeneous sources, and on a sophisticated graph drawing engine based on the GDToolkit library (http://www.dia.uniroma3.it/~gdto).
The user interacts with a subgraph (called map) of the graph of all ASes
interconnections. Each exploration step enriches the map with new ASes and connections. Further, for each displayed AS the user can request information like the AS name and description, its BGP routing policies, the AS-macros the specific AS belongs to, and the source this information comes from.
The top-tier client collects the user requests and forwards them to a middle-tier server. The requests are translated into queries to a local repository (the bottom tier), which is updated off-line from a plurality of sources like APNIC, ARIN, BELL, CABLE&WIRE, CANET, MCI, RADB, RIPE, VERIO, and the routing BGP data provided by the Route views project of the Oregon University. Such data are integrated into a single E-R schema. The visualization may help identifying incongruities.
Further details can be found at: http://www.dia.uniroma3.it/~hermes/
|
Macrosopic Insights to the Internet from
skitter Data
Brad Huffaker
slides (HTML)
|
The robustness and reliability of the Internet is highly dependent on
efficient, stable connectivity and routing among networks
comprising the global infrastructure. To provide macroscopic insights
into Internet topology and performance, the Cooperative
Association for Internet Data Analysis (CAIDA) has developed
and deployed the skitter tool to
dynamically discover and depict global Internet
topology and measure performance across specific paths.
We are developing a systematic approach to visualizing
the multi-dimensional parameter space covered by
skitter measurements aggregated on a daily basis. In
this paper we discuss our techniques and apply
them to selected daily skitter snapshots.
|
Traffic Matrix Analysis for Bit Cost Optimization
Lance Tatman and
Bill Woodcock
|
This presentation reports on a study of routing economics observed
relative to the network infrasructure of a multi-homed ISP. Continuous
Netflow traffic traces and RIB snapshots were collected and source/
destination pair bit counts were analyzed in light of AS path
information to periodically rank each other autonomous system by
terminating and transiting traffic volume. This information, combined
with dollar-cost information, was used to derive per-bit delivery
costs for both preexisting and hypothetical peering and transit
adjacencies with other autonomous systems. We believe that this is a
practical and profitable means of continuously evaluating the worth of
new and existing providers and peers in a commercial network, and
provides a means of iteratively optimizing for lower per-bit delivery
costs in an economic climate currently piloted by the seats of
operators' pants.
In sum we present a methodology for accounting and managing an
ISP's highest priced recurring cost.
|
Lessons in Maintaining A Route Views Server
David Meyer
slides (HTML)
|
The University of Oregon Route Views service ( route-views.oregon-ix.net) is widely used both for operational purposes by ISPs as well as a source of data for Internet researchers. The server currently has EBGP multi-hop peerings service providers at 42 points around the world, carries more than 1.6M paths, and has averaged more than 1800 connections per day over the last year.
This talk describes the history of the University of Oregon Route Views server, and outlines some of problems and challenges unique to fielding a large scale, highly available (non-Looking Glass ) Route Views service. Among these are:
Acceptable Use
Memory scaling
Data export
"Dead" Peer detection and resolution
Contact maintenance
NLRI Support
Security
Finally, we outline some of the things that could help the sustainability of services of this kind.
|
A "Spectrum Analyzer" for IP-layer network paths
Constantinos Dovrolis
slides (PostScript)
|
Spectrum analyzers have been used for decades by electrical engineers
to analyze the physical-layer transmission properties, at the frequency/
bandwidth domain, of cables and other propagation media.
In this talk, I will show how the same basic ideas of "spectrum
measurements and analysis" can be also performed at the IP-layer
for a network path. The underlying mechanism is to "probe" a network
path with a large number of packet-pairs (of various packet sizes)
and also with a large number of packet-trains (of increasing lengths).
The *dispersion* that the packet-pairs and packet-trains encounter
in the path can provide a visual representation of the path's
throughput characteristics.
How can we use such an "IP-layer spectrum analyzer"?
First, to measure the bottleneck-bandwidth of the path
(as we showed in [1], this is a quite hard parameter to measure
when the path is significantly loaded).
Second, to get a visual representation of the load in the path,
in terms of both its rate, and its variability (burstiness).
Third, to detect seriously under-buffered paths.
Fourth, to verify throughput-based SLAs (provided by diffserv,
link-sharing technologies etc).
Some of these ideas are discussed in detail in:
[1] C.Dovrolis, P.Ramanathan (U-Wisconsin) and D.Moore (CAIDA)
"What do packet dispersion techniques measure?"
(to appear in Infocom 2001).
The paper is currently being revised for the conference final version.
You can download a previous version from:
http://www.cc.gatech.edu/fac/Constantinos.Dovrolis/Talks/isma00_talk.ps
|
Estimating Bandwidth and Other Network Properties
Bruce Mah and
Allen Downey
slides (.pdf)
|
Along with other participants in this session, I
will describe the pathchar/clink/pchar family
of network characterization tools. We will
give some details of their operation and
implementation, as well as their shortcomings
and some alternatives and future directions.
|
Bandwidth estimation session
Allen Downey
slides (PostScript)
|
Among the topics to be discussed will be ongoing work on
variants of pathchar: pchar, clink, and netchar.
|
Investigation of Global Network Routing Behavior
BJ Premore
slides (HTML)
|
The Border Gateway Protocol (BGP) is the de facto standard
inter-domain protocol used in today's global Internet, and its
behavior is not well understood. As part of a collection of
high-performance and scalable network simulation tools called SSFNet,
we have built an implementation of BGP which we expect will help shed
some light on problems such as routing instability and convergence.
This model has been constructed with the intention of aiding
researchers whose goal is a better understanding of BGP and its
interaction in the large-scale networking environment. It has already
been used to demonstrate oscillatory behaviors described in previous
research (Varadhan, Govindan and Estrin; Griffin and Wilfong) and
delayed convergence properties (Labovitz, Ahuja, Bose, Jahanian).
Currently we are using the simulator to further study convergence
behaviors under varying topologies, policy choices, internal AS
structures (iBGP), among other characteristics.
Reference: http://www.ssfnet.org/
|
On Inferring Autonomous System Relationships in the Internet
Lixin Gao
slides (HTML)
|
Interdomain routing in the Internet is coordinated by the
Border Gateway Protocol (BGP). BGP allows each autonomous system (AS)
to choose its own policy in selecting routes and propagatingreachability information to others. These routing policies are constrained
by the contractual commercial agreements between administrative
domains. For example, an AS sets its policy so that
it does not provide transit services between its providers.
Such policies imply that connectivity alone can not fully
characterize the structural properties of the Internet.
We propose an augmented AS graph representation
that classifies AS relationships into customer-to-provider, peer-to-peer,
and sibling-to-sibling relationships. We classify the types of routes
that can appear in BGP routing tables based on the relationships between
the ASes in the path and present heuristic algorithms that infer AS
relationships from BGP routing tables. The algorithms are tested on
publicly available BGP routing tables that contains close to 1 million
route entries. The algorithms infer that more than 90.5% of the connected
AS pairs have customer-to-provider relationships, less than 1.5% of the
connected AS pairs have sibling-to-sibling relationships,
and less than 8% of the connected AS pairs have peer-to-peer
relationships. We verify our inference results with AT&T internal
information on its relationship with neighboring ASes.
99% of our inference results are confirmed by the AT&T internal
information. We also verify our inferred sibling-to-sibling relationships
with the information acquired from the WHOIS lookup
service~\cite{whois:00}. More than half of our inferred sibling-to-sibling
relationships are confirmed by the WHOIS lookup service.
To the best of our knowledge, there has been no publicly
available information about inter-AS relationships and
this is the first attempt in understanding and inferring AS relationships
in the Internet. We show evidences that some routing table entries
stem from unusual AS relationships or router misconfiguration.
Furthermore, we demonstrate that inferred AS relationships have many
applications including enhancing the reliability of Internet routing.
|
The Internet's 'Core'
Andre Broido
and kc claffy
slides (HTML)
|
We discuss techniques for assessing which
portions of the global Internet are
characterized by the highest degree of `connectivity',
both in central/backbone and access/delivery
components of the topology.
We describe several combinatorial approaches,
including:
- extracting the core component of the
Internet from which bidirectional connectivity
is most readily captured by measurement;
- ordering `node centrality' by the lengths
of shortest paths originating from them;
- comparing access points by the number of
nodes/prefixes/ASes and/or the size of address space
that depend wholly or in part on this access point
for their global connectivity.
We will also present tables showing the top 50
`most connected' nodes, at various
levels of Internet node granularity.
|
Graphs That Make the Net Work
Andre Broido
and kc claffy
slides (HTML)
|
We describe fundamentals of drawing
Internet graphs at various layers,
and problems in gathering and analyzing
routing and topology data in graph form.
Using skitter topology data and
route views BGP table data
We present graphs of connected components,
AS path lengths, use of prepending,
outdegree vs indegree of ASes,
prefix length distributions of routing
tables. We also introduce and demonstrate
the utility of a new unit of routing
and connectivity analysis: the BGP atom.
|
Bandwidth Estimation Experiment
Andre Broido
slides (HTML)
|
We probe CAIDA monitor champagne.caida.org (located on the UIUC network)
with traceroute (UDP) packets
of increasing size. The path which connects CAIDA network with the monitor goes through vBNS, which
at the moment of writing has OC-12 and OC-48.
This experiment tests coarse-grained bandwidth-dependent network properties.
A total of 65
traceroutes with packet data sizes of 1,2, ...65 kilobytes are sent.
The RTTs of these packets are then graphed.
|
Cooperative Association for Internet Data Analysis (CAIDA)