Hybrid Network Traffic Engineering Software (HNTES)
|
|
- Gervais Craig
- 5 years ago
- Views:
Transcription
1 Hybrid Network Traffic Engineering Software (HNTES) Malathi Veeraraghavan and Zhenzhen Yan University of Virginia Feb. 28, 2010 Abstract: This document defines the purpose of the Hybrid Network Traffic Engineering Software (HNTES) system, lists its functional requirements, and describes its high-level architecture. This is a revised version of the HYbrid Network Engineering Software (HYNES) document, dated Dec. 30, The software has been renamed to better reflect its purpose as a traffic engineering solution. 1 Introduction Today s ESnet offers two types of connectivity services, IP-routed datagram service and virtual circuit service. This work addresses the problem of traffic engineering in this hybrid network deployment. Traffic engineering can be loosely defined as techniques that enable the best use of the deployed resources. Given that most end-host applications run on TCP/IP, most traffic is directed to the IP-routed datagram service. Some of this traffic is served better with the virtual circuit service rather than the IProuted datagram service. There are two techniques to redirect certain types of traffic arriving at an IP router to the virtual-circuit service. The first is called Lambdastation 2, which has been implemented and demonstrated. In this approach, applications signal a Lambdastation server, which is deployed in site networks, before initiating a long flow. The Lambdastation server issues a create-reservation request to the On-Demand Secure Circuits and Advance Reservation System (OSCARS) Inter-Domain Controller (IDC) 3, which reserves a circuit and at the time of the scheduled request, provisions the circuit. The virtual circuit endpoint is typically a customer or provider edge IP router within a site. Using a policy based route configuration of the router, packets corresponding to the long flow are directed to the newly established virtual circuit. When the flow completes, the circuit is released. A second technique is a complementary method in which packets for predetermined long flows are automatically redirected to virtual circuits without any triggers from applications. Our software implementation of this technique is named Hybrid Network Traffic Engineering Software (HNTES). It uses a combination of data-plane actions for identifying flows for which circuits are appropriate along with control-plane actions to provision and release circuits. Unlike management-plane actions, the time scale of operation is much shorter. The goal is not to achieve optimal network topologies but rather to improve user performance metrics such as delays and jitter for mice flows without compromising throughput for elephant flows. The advantage of this approach over the application-triggered Lambdastation approach is that users do not need to modify their applications or run shell scripts that invoke circuit setup prior to application execution. The drawback however is that it is difficult to predict which flows are good candidates for circuits, which could be lead to under-utilization of circuits and/or less than satisfactory performance improvements. Section 2 identifies a set of functional requirements for the HNTES system, and Section 3 describes a high-level architecture for HNTES. Among the components identified, the Offline Flow Analysis Tool (OFAT) is a critical module since the success of this method depends upon the accuracy of flow-length predictions. Our current findings and work on the OFAT module is described in Section 4. An example deployment of HNTES within ESnet is used to illustrate various system procedures in Section 5. Finally, our plan for testing HNTES and evaluating its performance is described in Section 6. Source code for the HNTES modules will be made available to the community on our project web site 4. 1
2 2 HNTES requirements What is the purpose of HNTES, i.e., what are the functional requirements? The purpose of HNTES is traffic engineering, i.e., its goal is to improve usage efficiency of network resources while offering improved user performance. It should trigger circuit setup when IP datagrams of a set of predetermined flows arrive at a router, and cause subsequent packets of these flows to be rerouted to the newly established circuits. Circuit release should be initiated by this software when these flows are deemed completed. HNTES should support a user interface to allow human administrators or external software modules to provide information characterizing the flows suited for such redirection. Performance requirements of HNTES relate to the speed of execution of control-plane functions such as the addition of policy-based routes to reroute packets of certain flows to newly established circuits. These will be determined with experimentation. 3 HNTES architecture Figure 1: HNTES software architecture and interfaces Figure 1 shows the HNTES software architecture and its interfaces. It interfaces with the Inter-Domain Controller (IDC), which is the virtual circuit scheduler, and IP routers. It consists of several modules as described below: Offline Flow Analysis Tool (OFAT): This tool collects Netflow data from the routers, analyzes the data to find long flows, and populates the Monitored Flow Data Base (MFDB) with flow identifiers for long flows through the user-interface module. The circuit duration field is populated by OFAT. User-interface module: The purpose of this module is to allow two types of users, human administrators and software systems, such as the offline flow analysis tool, to enter information about flows that should be redirected to circuits whenever possible. We refer to these flows as monitored flows. This module will support a graphical interface for human users as well as a programmatic interface for software, such as the offline flow analysis tool. Information entered through this module is saved in the MFDB. All users should be authenticated. 2
3 Monitored-Flow Data Base (MFDB): The structure of this database (one per router) is as follows: Source IP address Flow identifiers Status Layer-2 Destination IP address Protocol Source port Destination port circuit endpoints Of monitored flow (not all fields are required for each flow) Monitored Redirected Disabled IP addresses and VLAN IDs Circuit duration Circuit rate Flow identifiers are subsets of the 5-tuple, source IP address, destination IP address, protocol, source port and destination port, which typically characterize flows. The Status field shows whether the flow is currently just being monitored or whether it has already been redirected to a circuit. It could be Disabled if the user who added this flow information decides to stop monitoring this flow. It is useful to store information for a disabled flow if there is a possibility that it will monitored again in the future. The Layer-2 circuit endpoints corresponding to each flow are computed by the initialization module. Finally, the circuit duration and rate desired for each flow should be precomputed and stored. Router-control interface module: This module is triggered by the user-interface module to configure the router (through its control port) to mirror monitored flows to a data-plane interface leading to the server on which the flow-monitoring module is executed. In other words, as packets are forwarded by the IP router to the normal data-plane interface as determined by its routing table, the packets from monitored flows are also mirrored to the flow-monitoring module. Flow-monitoring modules: One instance of this module is run per monitored router. When this module receives packets of a monitored flow, it continues monitoring for a certain preconfigured duration. If packets continue to arrive for this flow past this duration, it concludes that the flow is a long flow, and initiates the reservation and provisioning of a circuit between the Layer-2 circuit endpoints identified for that flow in the MFDB. It does this by sending a message to the IDC-interface module. For heavy flow volumes, a multiple node cluster implementation may be required for this module. These modules also update the MFDB entries based on observations of flow durations, and change the Status field of the flow. They initiate path termination by sending a message to the IDC interface module if the packets seen for a redirected flow start trickling down to a light rate. IDC-interface module: Upon receiving messages from the flow-monitoring modules, the IDCinterface module formulates IDCP SOAP messages 5 and requests the reservation and provisioning of circuits and release of circuits. In a circuit request, it passes the circuit endpoints (referred to as Layer-2 information in IDCP) as well as the flow identifier (subset of 5-tuple, source IP address, destination IP address, source port number, destination port number, IP protocol type), referred to as Layer-3 information in IDCP, to the IDC. The IDC configures policy based routes in the routers at the ends of circuits after circuit provisioning and release. Initialization module: This module computes the endpoints of Layer-2 circuits corresponding to each monitored flow. This information can be obtained from the IDC and/or routing information bases (RIBs) in routers. The initialization module also computes through some means an appropriate value for the circuit rate desired for each monitored flow and enters this information in the MFDB. 4 Offline flow analysis tool (OFAT) Several flow-classification techniques have been developed Most of them note that port-based classifications do not work because applications such as P2P do not use well-known port numbers. However, first, for our purpose, the goal of flow classification is just to identify long, fat flows not the 3
4 associated applications. Flows have to be long so that the overhead of circuit setup and router configuration is relatively low. Flows have to be fat, which means that the number of bytes sent within the duration has to be large enough to warrant the use of a dedicated circuit. Second, on ESnet, most of the long fat flows are generated by scientific applications run from servers with well-known IP addresses. Furthermore, scientific applications that generate long fat flows, such as GridFTP, have well-defined characteristics that can be exploited for flow identification. Therefore, we hypothesize that a generic scheme is not required for flow-length prediction. Instead, at least some of these flows can be characterized a priori by site administrators and/or automated tools. The feasibility of this approach rests on our ability to make such flow characterizations a priori. Through an analysis of Netflow data obtained from Internet2 routers, a few scientific applications have been identified as generating long flows. For example, consider the Unidata Local Data Manager (LDM) application 11. This is used by the Earth systems scientific community. Netflow data at the KANS router from five 5-min flow files showed the LDM flows listed in Table 1. Netflow is configured in Internet2 routers to report out on a flow that reaches 60sec in length. Each Netflow file consists of flow information exported from the router to a collector over a 5-minute interval. An examination of five consecutive 5-minute files showed multiple flow-export reports on the same flow as shown in Table 1. The source TCP port number is 388, which corresponds to the Unidata LDM application. A list of Unidata LDM Internet Data Distribution (IDD) servers is provided in 12. Of these, server idd.unidata.ucar.edu has an IP address As Internet2 anonymizes addresses by masking the last 11 bits, the /21 address corresponding to is , which is the source IP address in the flows listed in Table 1. Table 1: An example set of Unidata LDM flows srcip dstip srcport dstport protocol firstunix lastunix flowlength The above table has two columns called firstunix and lastunix. These are the unix seconds (number of seconds since standard epoch of 1/1/1970, 00:00:00) at which the first and last packets, respectively, of the flow were observed by the router. An examination of these two columns reveals that except for a few gaps, the router observed packets from this flow almost continuously. Netflow on Internet2 routers is configured to capture 1-in-100 packets. 4
5 Consider a second application, GridFTP. GridFTP uses a well-know port number, 2811, for its control TCP connection. Netflow data shows that this connection is short-lived, but the data connections, which do not use well-known port numbers are often long lived. An approach is to use packets sent on the control connection as a signal for an upcoming set of GridFTP data connections. As an example, an analysis of a 5-minute Netflow file collected at the CHIC Internet2 router (July 6, 2009) showed the following GridFTP control flow: srcip dstip srcport dstport protocol firstunix lastunix flowlength Next, we looked for long flows between the same two IP addresses soon after the time instant, , when the control flow packets were exchanged, and found the following (presumably, since these ports are unassigned) GridFTP data flows: srcip dstip srcport dstport protocol firstunix lastunix flowlength These GridFTP data flows were obtained by filtering out flows with flow lengths longer than the 95th percentile. The firstunix and lastunix columns indicate that a number of flows occurred in parallel. Due to address anonymization, it is unclear whether multiple hosts within a cluster were involved at both ends or whether they were single nodes. Recall that Internet2 Netflow is configured to report flows every 60 seconds, and thus the 5% flows have durations in the range shown. Many of these flows could be much longer, but as this data is extracted from a single 5-minute file, the flow concatenation step is not yet executed. In a striped GridFTP implementation, the server protocol interpreter (PI), which terminates the control connection could be executed on the head node of a cluster, while the Data Transfer Processes (DTP) are executed on other nodes of the cluster 13. This implies that packets whose source and destination IP addresses match a set of addresses associated with the control-connection addresses should be redirected to the circuit since the data TCP connections are the ones likely to be long. As soon as GridFTP control flow packets are detected, a circuit can be provisioned and the router configured to reroute packets whose IP addresses correspond to those in the associated set so that even data flow packets are rerouted. In another experiment, we wrote an R program to concatenate flows from consecutive 5-minute files to determine the actual length of flows. Since a report is exported for a flow every 60 secs, to determine the true length of long flows, several 5-minute Netflow files need to be analyzed. A whole day s Netflow (5-min) files were downloaded for the CHIC router. Only flows with lengths greater than or equal to 59 seconds were retained for this analysis. Each flow record reported by Netflow shows the time instant at which the first packet of a flow entered the router and the time instant at which the last packet entered. Since Netflow does 1-in-100 packet sampling, there can be gaps in the inter-packet arrival times for 5
6 packets counted within this record. Ignoring these gaps, we estimate flow length by subtracting firstunix from lastunix. Now when the same flow is identified in several consecutive 5-min files, the question is how to treat gaps. For example, consider Table 1. There is a gap of 181 seconds between the second and first flow records, but the immediately following few records show no gaps. Later, we see a 120 sec gap. These gaps may arise because of the 1-in-100 sampling issue, or possibly due to genuine gaps in packet emission by the source. Assuming circuit setup delays are 1 min, we arbitrarily decided to ignore gaps smaller than 5 mins for this analysis. With this assumption, our analysis of this one-day set of flows showed a total of distinct long flows. The longest flow duration was 5 hours. The fattest flow, i.e., the flow in which the most number of bytes were transferred, consisted of a transfer of bytes. The duration of this flow was sec, or 3.17 hours. The top ten fat flows are listed below. bytes srcip dstip srcport dstport protocol firstunix lastunix flow length Of these top ten flows, three are encapsulated (50: ESP; 47: GRE), five are ssh (port 22), one is Unidata LDM (port 388) and one is rsync (port 873). There are two long ssh flows to a University of Texas at Austin Texas Advanced Computing Center server ( ) from a Fermilab ( ) host. The address corresponds to NCSA (National Center for Supercomputing Applications) for two other ssh flows. The Unidata LDM flow is from NCAR (National Center for Atmospheric Research) with address The offline analysis tool can implement this type of flow length and flow width analysis algorithms and execute them on a daily basis. Some subset of the 5-tuple can be used per flow to configure the database for monitoring (described in Section 3). Our next step is to correlate long-flow information obtained for consecutive days. More broadly, flow analysis will be carried out to identify temporal patterns with which long fat flows arrive and terminate so that circuits can be reserved on a periodic basis in anticipation of specific long fat flows. If such predictions can be made for a significant fraction of long fat flows, it becomes less important to detect the start of the flows by live packet monitoring 14. 6
7 5 An illustrative example of HNTES deployment Figure 2: Illustration of HNTES procedures Figure 2 shows an illustrative example of how HNTES may be deployed by ESnet. Two ESnet site networks, SLAC and FNAL, are used as examples. Sites networks are shown to connect into the core network through the circuit switches. IP-access links are provisioned as static circuits from Provider Edge (PE) routers located at the sites through core circuit switches to core IP routers (shown with dashed lines in Figure 2). An OSCARS IDC is shown in the core network for handling dynamic virtual circuit scheduling, provisioning, and release. HNTES flow monitoring modules are shown to be deployed at the sites for monitoring long flows through ESnet-owned Provider Edge (PE) routers. A data-plane link connects the servers running the flow monitoring modules to their corresponding PE routers. The other HNTES modules can be deployed in a centralized manner anywhere within ESnet. Servers running the HNTES modules, including the flow monitoring modules, are connected to ESnet s IP-routed network. Several procedures will be executed by HNTES systems, a few of which are explained below. Monitored-flow configuration: When a user enters the description of one or more flows for monitoring and rerouting to circuits, HNTES updates its MFDB through the user-interface module. Through the router-control interface module, HNTES configures the PE routers to mirror packets matching the monitored flow identifiers in the MFDB to the flow-monitoring module servers. This update is done through the control port of the routers. Software developed for an NSF-funded project called CHEETAH to interface with a Force10 E600 system 15 will be reused in the router-control interface module. Layer-2 circuit endpoints identification: When information for a monitored flow is entered into the MFDB via the user-interface module, the latter notifies the initialization module. By obtaining routing data, either from the routers or from the IDC, the initialization module determines the Layer-2 circuit endpoints corresponding to each monitored flow. It also estimates circuit rates. Detected-flow actions: When a flow-monitoring module receives packets corresponding to a monitored flow, it will initiate the reservation and provisioning of a circuit by communicating with its corresponding IDC-interface module. If circuit setup is successful, OSCARS IDC will configure policy based routes in the PE routers to redirect packets from this flow to the newly established virtual circuit. 7
8 The flow-monitoring module changes the status of the monitored flow in the MFDB to redirected so that any administrative queries about flow states can be responded to correctly. Terminated-flow actions: HNTES continues to monitor redirected flows. If the rate of packet reception for a redirected flow is determined to be low, then the flow monitoring module will signal the IDC interface module asking it to initiate circuit termination. The IDC will release the circuit and initiate a reconfiguration of the policy-based route in its router for that flow. The flow-monitoring module updates the status of the flow in the MFDB, and if the time between circuit termination and the circuit reservation end time is greater than some predetermined value, it will send a message to the IDC-interface module to have it generate a cancel-reservation IDCP message. 6 HNTES testing and performance evaluation The HNTES system will be tested on the Tabletop testbed/long Island MAN 16 provided by ESnet. The time taken to complete various tasks will be measured carefully. Flow lengths could be on the order of a few minutes. If the time taken to set up a circuit and configure the routers is itself on the order of minutes, then flows with total durations on the same scale should not be candidates for redirection. Therefore, every attempt will be made to keep these configuration times short. An important question is to study how changes in the path latency affect TCP performance of redirected flows. Will changes in latency cause retransmission timeouts to vary wildly, causing either premature retransmissions or excessive delay? References 1 M. Veeraraghavan and Z. Yan, HYbrid Network Engineering Software (HYNES), Dec. 30, The Lambda Station Project. [Online]. Available: 3 On-Demand Secure Circuits and Advance Reservation System (OSCARS), 4 UVA Hybrid Networking Project, 5 Inter-domain Controller (IDC) Protocol Specification, Version 1.1, February 9, Laurent Bernaille, Renata Teixeira, Ismael Akodkenou, Augustin Soule, and Kave Salamatian. Traffic classification on the fly. ACM SIGCOMM Comput. Commun. Rev., 36(2):23 26, Andrew W. Moore and Denis Zuev. Internet traffic classification using Bayesian analysis techniques. In SIGMETRICS 05: Proceedings of the 2005 ACM SIGMETRICS international conference on Measurement and modeling of computer systems, pages 50 60, New York, NY, USA, ACM. 8 T. Auld, A.W. Moore, and S.F. Gull. Bayesian neural networks for internet traffic classification. Neural Networks, IEEE Transactions on, 18(1): , Jan J. Erman, A. Mahanti, and M. Arlitt. Qrp05-4: Internet traffic identification using machine learning. In Global Telecommunications Conference, GLOBECOM 06. IEEE, pages 1 6, Dec Thomas Karagiannis, Konstantina Papagiannaki, and Michalis Faloutsos. Blinc: multilevel traffic classification in the dark. In SIGCOMM 05: Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications, pages , New York, NY, USA, ACM. 11 Unidata Local Data Manager, 12 Unidata IDD site contact list, 8
9 13 William Allcock, John Bresnahan, Rajkumar Kettimuthu, Michael Link, Catalin Dumitrescu, Ioan Raicu, Ian Foster, The Globus Striped GridFTP Framework and Server, Proceedings of the 2005 ACM/IEEE SC 05 Conference (SC 05) paper Conversation with Brian Tierney, Dec. 18, M. E. McGinley, T. Li, M. Veeraraghavan, On Virtualizing Ethernet Switches, Proc. of IEEE ICCCN 2008, Aug. 3-7, St. Tomas, US Virgin Islands. 16 B. Tierney, The ARRA ANI Network Testbed Project, Feb 2, 2010, 9
Progress Report. Project title: Resource optimization in hybrid core networks with 100G systems
Progress Report DOE award number: DE-SC0002350 Name of the recipient: University of Virginia Project title: Resource optimization in hybrid core networks with 100G systems Principal investigator: Malathi
More informationZhengyang Liu University of Virginia. Oct 29, 2012
SDCI Net: Collaborative Research: An integrated study of datacenter networking and 100 GigE wide-area networking in support of distributed scientific computing Zhengyang Liu University of Virginia Oct
More informationTraffic engineering and GridFTP log analysis. Jan 17, 2013 Project web site:
Traffic engineering and GridFTP log analysis Zhenzhen Yan, Z. Liu, M. Veeraraghavan University of Virginia mvee@virginia.edu Chris Tracy, Chin Guok ESnet ctracy@es.net Jan 17, 2013 Project web site: http://www.ece.virginia.edu/mv/research/doe09/index.html
More informationProgress Report. Project title: Resource optimization in hybrid core networks with 100G systems
Progress Report DOE award number: DE-SC0002350 Name of the recipient: University of Virginia Project title: Resource optimization in hybrid core networks with 100G systems Principal investigator: Malathi
More informationHybrid Network Traffic Engineering System (HNTES) 2.0 Design Document
Hybrid Network Traffic Engineering System (HNTES) 2.0 Design Document M. Veeraraghavan and Z. Yan Chris Tracy University of Virginia ESnet May 15, 2011 The purpose of this document is to define a revised
More informationTerabit-scale hybrid networking
Terabit-scale hybrid networking SC program title: Terabit networking for extreme-scale science, FOA number DE-FOA-0000523 Applicant/Institution: University of Virginia Street Address/City/State/Zip POB
More informationA Hybrid Network Traffic Engineering System
A Hybrid Network Traffic Engineering System Zhenzhen Yan, Chris Tracy, and Malathi Veeraraghavan Dept. of Electrical and Computer Eng., University of Virginia Charlottesville, VA 22904 4743 Email: {zy4d,mvee}@virginia.edu
More informationEfficient Flow based Network Traffic Classification using Machine Learning
Efficient Flow based Network Traffic Classification using Machine Learning Jamuna.A*, Vinodh Ewards S.E** *(Department of Computer Science and Engineering, Karunya University, Coimbatore-114) ** (Assistant
More informationA Virtual Circuit Multicast Transport Protocol (VCMTP) for Scientific Data Distribution
A Virtual Circuit Multicast Transport Protocol (VCMTP) for Scientific Data Distribution Jie Li and Malathi Veeraraghavan University of Virginia Steve Emmerson University Corporation for Atmospheric Research
More informationImproved Classification of Known and Unknown Network Traffic Flows using Semi-Supervised Machine Learning
Improved Classification of Known and Unknown Network Traffic Flows using Semi-Supervised Machine Learning Timothy Glennan, Christopher Leckie, Sarah M. Erfani Department of Computing and Information Systems,
More informationOn using virtual circuits for GridFTP transfers
On using virtual circuits for GridFTP transfers Z. Liu, M. Veeraraghavan, Z. Yan, C. Tracy, J. Tie, I. Foster, J. Dennis, J. Hick, Y. Li and W. Yang University of Virginia (UVA), Charlottesville, VA 22904,
More informationTOWARDS HIGH-PERFORMANCE NETWORK APPLICATION IDENTIFICATION WITH AGGREGATE-FLOW CACHE
TOWARDS HIGH-PERFORMANCE NETWORK APPLICATION IDENTIFICATION WITH AGGREGATE-FLOW CACHE Fei He 1, 2, Fan Xiang 1, Yibo Xue 2,3 and Jun Li 2,3 1 Department of Automation, Tsinghua University, Beijing, China
More informationClassification of Traffic Flows into QoS Classes by Unsupervised Learning and KNN Clustering
KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS VOL. 3, NO. 2, April 2009 134 Copyright c 2009 KSII Classification of Traffic Flows into QoS Classes by Unsupervised Learning and KNN Clustering Yi
More informationA Hybrid Approach for Accurate Application Traffic Identification
A Hybrid Approach for Accurate Application Traffic Identification Thesis Defence December 21, 2005 Young J. Won yjwon@postech.ac.kr Distributed Processing & Network Management Lab. Dept. of Computer Science
More informationConfiguring Cisco IOS IP SLAs Operations
CHAPTER 39 This chapter describes how to use Cisco IOS IP Service Level Agreements (SLAs) on the switch. Cisco IP SLAs is a part of Cisco IOS software that allows Cisco customers to analyze IP service
More informationANI Testbed Project Update
ANI Testbed Project Update Brian Tierney ESnet Feb 2, 2011 Testbed Overview Progression Start out as a tabletop testbed Move to Long Island MAN when dark fiber is available Extend to WAN when 100 Gbps
More informationperfsonar Deployment on ESnet
perfsonar Deployment on ESnet Brian Tierney ESnet ISMA 2011 AIMS-3 Workshop on Active Internet Measurements Feb 9, 2011 Why does the Network seem so slow? Where are common problems? Source Campus Congested
More informationBLINC: Multilevel Traffic Classification in the Dark
BLINC: Multilevel Traffic Classification in the Dark Thomas Karagiannis, UC Riverside Konstantina Papagiannaki, Intel Research Cambridge Michalis Faloutsos, UC Riverside The problem of workload characterization
More informationin High-Speed Networks
Classifying Elephant and Mice Flows in High-Speed Networks Mariam Kiran Anshuman Chabbra (NSIT) Anirban Mandal (Renci) Presented at INDIS 2017 ESnet, LBNL 1 Funded under DE-SC0012636 Talk Agenda Current
More informationTunneling Activities Detection Using Machine Learning Techniques
Fabien Allard 1, Renaud Dubois 1, Paul Gompel 2 and Mathieu Morel 3 1 Thales Communications 160 Boulevard de Valmy BP 82 92704 Colombes Cedex FRANCE firstname.lastname@fr.thalesgroup.com 2 pgompel@gmail.com
More informationETSF05/ETSF10 Internet Protocols. Performance & QoS Congestion Control
ETSF05/ETSF10 Internet Protocols Performance & QoS Congestion Control Quality of Service (QoS) Maintaining a functioning network Meeting applications demands User s demands = QoE (Quality of Experience)
More informationGeneralization and Optimization of Feature Set for Accurate Identification of P2P Traffic in the Internet using Neural Network
Generalization and Optimization of Feature Set for Accurate Identification of P2P Traffic in the Internet using Neural Network S. AGRAWAL, B.S. SOHI Department of Electronics & Communication Engineering
More informationCan we trust the inter-packet time for traffic classification?
Can we trust the inter-packet time for traffic classification? Mohamad Jaber, Roberto G. Cascella and Chadi Barakat INRIA Sophia Antipolis, EPI Planète 2004, Route des Luciolles Sophia Antipolis, France
More informationOnline Traffic Classification Based on Sub-Flows
Online Traffic Classification Based on SubFlows Victor Pasknel de A. Ribeiro, Raimir Holanda Filho Master s Course in Applied Computer Sciences University of Fortaleza UNIFOR Fortaleza Ceará Brazil paskel@unifor.br,
More informationCharacterization of high-rate large-sized flows
Characterization of high-rate large-sized flows Tian Jin, Chris Tracy, Malathi Veeraraghavan University of Virginia Charlottesville, VA 22904 4743 Email: {tj3sr,mvee}@virginia.edu Energy Sciences Network
More informationDistributing weather data via multipoint layer-2 paths using DYNES
Distributing weather data via multipoint layer-2 paths using DYNES Malathi Veeraraghavan University of Virginia (UVA) mvee@virginia.edu Steve Emmerson Univ. Corp. of Atmospheric Research (UCAR) emmerson@ucar.edu
More informationOutline. Motivation. Our System. Conclusion
Outline Motivation Our System Evaluation Conclusion 1 Botnet A botnet is a collection of bots controlled by a botmaster via a command and control (C&C) channel Centralized C&C, P2P-based C&C Botnets serve
More informationPath-based networking: From POTS to SDN. Outline
Path-based networking: From POTS to SDN Malathi Veeraraghavan University of Virginia April 28, 2014 Talk at CUHK, Dept. of IE Thanks to the US DOE ASCR for grant DE-SC0007341, and NSF grants CNS-1116081,
More informationAn Efficient Elephant Flow Detection with Cost- Sensitive in SDN
An Efficient Elephant Flow Detection with Cost- Sensitive in SDN Peng Xiao *,, Wenyu Qu *, Heng Qi, Yujie Xu *, Zhiyang Li * * College of Information Science and Technology, Dalian Maritime University,
More informationIdentify P2P Traffic by Inspecting Data Transfer Behaviour
Identify P2P Traffic by Inspecting Data Transfer Behaviour Mingjiang Ye, Jianping Wu,KeXu,DahMingChiu 2 Department of Computer Science, Tsinghua University, Beijing, 84, P.R.China yemingjiang@csnet.cs.tsinghua.edu.cn,
More informationOn How to Provision Quality of Service (QoS) for Large Dataset Transfers
On How to Provision Quality of Service (QoS) for Large Dataset Transfers Zhenzhen Yan, Malathi Veeraraghavan Dept. of Electrical and Computer Engineering University of Virginia Charlottesville, VA, USA
More informationThe Abilene Observatory and Measurement Opportunities
The Abilene Observatory and Measurement Opportunities Rick Summerhill, Director Network Research, Architecture, and Technology, Internet2 CONMI Workshop / PAM 2005 Boston, MA March 30, 05 Outline History
More informationAnnual Report:
Annual Report: 0087487 Annual Report for Period:09/2001-09/2002 Submitted on: 07/06/2004 Principal Investigator: Veeraraghavan, Malathi. Award ID: 0087487 Organization: Polytechnic Univ of NY Title: Towards
More informationDesign patterns for data-driven research acceleration
Design patterns for data-driven research acceleration Rachana Ananthakrishnan, Kyle Chard, and Ian Foster The University of Chicago and Argonne National Laboratory Contact: rachana@globus.org Introduction
More informationDelay Controlled Elephant Flow Rerouting in Software Defined Network
1st International Conference on Advanced Information Technologies (ICAIT), Nov. 1-2, 2017, Yangon, Myanmar Delay Controlled Elephant Flow Rerouting in Software Defined Network Hnin Thiri Zaw, Aung Htein
More informationModelling direct application to network bandwidth provisioning for high demanding research applications
Modelling direct application to network bandwidth provisioning for high demanding research applications H. Wessing, Y. Yan and M. Berger Research Center COM Technical University of Denmark Bldg. 345V,
More informationIP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview
This module describes IP Service Level Agreements (SLAs). IP SLAs allows Cisco customers to analyze IP service levels for IP applications and services, to increase productivity, to lower operational costs,
More informationNetwork and SLA Monitoring Guide Release 7.3
[1]Oracle Communications IP Service Activator Network and SLA Monitoring Guide Release 7.3 E61099-02 June 2016 Oracle Communications IP Service Activator Network and SLA Monitoring Guide, Release 7.3 E61099-02
More informationUltraScience Net Update: Network Research Experiments
UltraScience Net Update: Network Research Experiments Nagi Rao, Bill Wing, Susan Hicks, Paul Newman, Steven Carter Oak Ridge National Laboratory raons@ornl.gov https://www.csm.ornl.gov/ultranet February
More informationPerformance of UMTS Radio Link Control
Performance of UMTS Radio Link Control Qinqing Zhang, Hsuan-Jung Su Bell Laboratories, Lucent Technologies Holmdel, NJ 77 Abstract- The Radio Link Control (RLC) protocol in Universal Mobile Telecommunication
More informationImpact of Short-lived TCP Flows on TCP Link Utilization over 10Gbps High-speed Networks
Impact of Short-lived TCP Flows on TCP Link Utilization over Gbps High-speed Networks Lin Xue, Chui-hui Chiu, and Seung-Jong Park Department of Computer Science, Center for Computation & Technology, Louisiana
More informationUsing ICMP to Troubleshoot TCP/IP Networks
Laura Chappell Using ICMP to Troubleshoot TCP/IP Networks Illustration: Norman Felchle Editor s Note: This article is based on Laura Chappell s upcoming book TCP/IP Analysis and Troubleshooting, which
More informationExtending dynamic Layer-2 services to campuses
Extending dynamic Layer-2 services to campuses Scott Tepsuporn and Malathi Veeraraghavan University of Virginia (UVA) mvee@virginia.edu Brian Cashman Internet2 bsc@internet2.edu April 1, 2015 FTW Intl.
More informationConfiguring Cisco IOS IP SLAs Operations
CHAPTER 50 This chapter describes how to use Cisco IOS IP Service Level Agreements (SLAs) on the switch. Cisco IP SLAs is a part of Cisco IOS software that allows Cisco customers to analyze IP service
More informationConfiguring Cisco IOS IP SLA Operations
CHAPTER 58 This chapter describes how to use Cisco IOS IP Service Level Agreements (SLA) on the switch. Cisco IP SLA is a part of Cisco IOS software that allows Cisco customers to analyze IP service levels
More informationKeywords Traffic classification, Traffic flows, Naïve Bayes, Bag-of-Flow (BoF), Correlation information, Parametric approach
Volume 4, Issue 3, March 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Special Issue:
More informationINTERNET TRAFFIC MEASUREMENT (PART II) Gaia Maselli
INTERNET TRAFFIC MEASUREMENT (PART II) Gaia Maselli maselli@di.uniroma1.it Prestazioni dei sistemi di rete 2 Overview Basic concepts Characterization of traffic properties that are important to measure
More informationESnet s Advanced Networking Initiative and Testbed
ESnet s Advanced Networking Initiative and Testbed Steve Cotter, Lawrence Berkeley National Lab ESnet Department Head GLIF Workshop 2010 Geneva, Switzerland October 13, 2010 The Energy Sciences Network
More informationETSF05/ETSF10 Internet Protocols. Performance & QoS Congestion Control
ETSF05/ETSF10 Internet Protocols Performance & QoS Congestion Control Quality of Service (QoS) Maintaining a functioning network Meeting applications demands User s demands = QoE (Quality of Experience)
More informationEnhancements and Performance Evaluation of Wireless Local Area Networks
Enhancements and Performance Evaluation of Wireless Local Area Networks Jiaqing Song and Ljiljana Trajkovic Communication Networks Laboratory Simon Fraser University Burnaby, BC, Canada E-mail: {jsong,
More informationAPPENDIX F THE TCP/IP PROTOCOL ARCHITECTURE
APPENDIX F THE TCP/IP PROTOCOL ARCHITECTURE William Stallings F.1 TCP/IP LAYERS... 2 F.2 TCP AND UDP... 4 F.3 OPERATION OF TCP/IP... 6 F.4 TCP/IP APPLICATIONS... 10 Copyright 2014 Supplement to Computer
More informationSE 4C03 Winter Final Examination Answer Key. Instructor: William M. Farmer
SE 4C03 Winter 2003 Final Examination Answer Key Instructor: William M. Farmer (1) [2 pts.] Both the source and destination IP addresses are used to route IP datagrams. Is this statement true or false?
More information"Filling up an old bath with holes in it, indeed. Who would be such a fool?" "A sum it is, girl," my father said. "A sum. A problem for the mind.
We were doing very well, up to the kind of sum when a bath is filling at the rate of so many gallons and two holes are letting the water out, and please to say how long it will take to fill the bath, when
More informationConfiguring AVC to Monitor MACE Metrics
This feature is designed to analyze and measure network traffic for WAAS Express. Application Visibility and Control (AVC) provides visibility for various applications and the network to central network
More informationUncovering Artifacts of Flow Measurement Tools
Uncovering Artifacts of Flow Measurement Tools Ítalo Cunha 1,2, Fernando Silveira 1,2, Ricardo Oliveira 3, Renata Teixeira 2, and Christophe Diot 1 1 Thomson 2 UPMC Paris Universitas 3 UCLA Abstract. This
More informationValidation of the Network-based Dictionary Attack Detection
Validation of the Network-based Dictionary Attack Detection Jan Vykopal vykopal@ics.muni.cz Tomáš Plesník plesnik@ics.muni.cz Institute of Computer Science Masaryk University Brno, Czech Republic Pavel
More informationOn the Stability of the Information Carried by Traffic Flow Features at the Packet Level
On the Stability of the Information Carried by Traffic Flow Features at the Packet Level Alice Este, Francesco Gringoli, Luca Salgarelli DEA, Università degli Studi di Brescia, Italy Email: @ing.unibs.it
More informationData & Computer Communication
Basic Networking Concepts A network is a system of computers and other devices (such as printers and modems) that are connected in such a way that they can exchange data. A bridge is a device that connects
More informationEvent-Based Software-Defined Networking: Build a Secure Science DMZ
White Paper Event-Based Software-Defined Networking: Build a Secure Science DMZ What You Will Learn As the need to efficiently move large data sets around the world increases, the Science DMZ - built at
More informationSELECTION OF METRICS (CONT) Gaia Maselli
SELECTION OF METRICS (CONT) Gaia Maselli maselli@di.uniroma1.it Computer Network Performance 2 Selecting performance metrics Computer Network Performance 3 Selecting performance metrics speed Individual
More informationvcmp for Appliance Models: Administration Version 13.0
vcmp for Appliance Models: Administration Version 13.0 Table of Contents Table of Contents Introduction to the vcmp System... 7 What is vcmp?... 7 Other vcmp system components... 8 BIG-IP license considerations
More informationProgrammable Software Switches. Lecture 11, Computer Networks (198:552)
Programmable Software Switches Lecture 11, Computer Networks (198:552) Software-Defined Network (SDN) Centralized control plane Data plane Data plane Data plane Data plane Why software switching? Early
More informationConfiguring IP Services
This module describes how to configure optional IP services. For a complete description of the IP services commands in this chapter, refer to the Cisco IOS IP Application Services Command Reference. To
More informationDynamic Routing Protocol Performance in a Fault-Tolerant Ethernet-based IP Network
Dynamic Routing Protocol Performance in a Fault-Tolerant Ethernet-based IP Network Jan Baranski, Marshall Crocker, Georgios Lazarou Department of Electrical and Computer Engineering Mississippi State University
More informationTowards Systematic Design of Enterprise Networks
Towards Systematic Design of Enterprise Networks Geoffrey Xie Naval Postgraduate School In collaboration with: Eric Sung, Xin Sun, and Sanjay Rao (Purdue Univ.) David Maltz (MSR) Copyright 2008 AT&T. All
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU München Master Course Computer Networks IN2097 Chapter 7 - Network Measurements Introduction Architecture & Mechanisms
More informationEXAM TCP/IP NETWORKING Duration: 3 hours With Solutions
SCIPER: First name: Family name: EXAM TCP/IP NETWORKING Duration: 3 hours With Solutions Jean-Yves Le Boudec January 2016 INSTRUCTIONS 1. Write your solution into this document and return it to us (you
More informationNetwork-Adaptive Video Coding and Transmission
Header for SPIE use Network-Adaptive Video Coding and Transmission Kay Sripanidkulchai and Tsuhan Chen Department of Electrical and Computer Engineering, Carnegie Mellon University, Pittsburgh, PA 15213
More informationReport on Transport Protocols over Mismatched-rate Layer-1 Circuits with 802.3x Flow Control
Report on Transport Protocols over Mismatched-rate Layer-1 Circuits with 82.3x Flow Control Helali Bhuiyan, Mark McGinley, Tao Li, Malathi Veeraraghavan University of Virginia Email: {helali, mem5qf, taoli,
More informationPART IV. Internetworking Using TCP/IP
PART IV Internetworking Using TCP/IP Internet architecture, addressing, binding, encapsulation, and protocols in the TCP/IP suite Chapters 20 Internetworking: Concepts, Architecture, and Protocols 21 IP:
More informationPerformance Monitors Setup Guide
Performance Monitors Setup Guide Version 1.0 2017 EQ-PERF-MON-20170530 Equitrac Performance Monitors Setup Guide Document Revision History Revision Date May 30, 2017 Revision List Initial Release 2017
More informationCOMPUTER NETWORK Model Test Paper
Model Test Paper Question no. 1 is compulsory. Attempt all parts. Q1. Each question carries equal marks. (5*5 marks) A) Difference between Transmission Control Protocol (TCP) and User Datagram Protocol.
More informationNfsight Ne*low- based Network Awareness Tool
LISA 10 Nov 7-12, 2010 San Jose, CA Nfsight Ne*low- based Network Awareness Tool Robin Berthier (University of Illinois at Urbana- Champaign) Michel Cukier (University of Maryland) Ma3 Hiltunen (AT&T Research)
More informationWeb File Transmission by Object Packaging Performance Comparison with HTTP 1.0 and HTTP 1.1 Persistent Connection
Web File Transmission by Performance Comparison with and Hiroshi Fujinoki, Murugesan Sanjay, and Chintan Shah Department of Computer Science Southern Illinois University at Edwardsville Edwardsville, Illinois
More informationBro-Osquery. Let Bro know about the hosts it monitors. Steffen Haas Department of Computer Science IT Security and Security Management (ISS)
Steffen Haas Department of Computer Science IT Security and Security Management (ISS) Bro-Osquery Bro Network Monitor https://www.bro.org Let Bro know about the hosts it monitors Osquery Host Monitor https://osquery.io/
More informationIntroduction to Mobile Ad hoc Networks (MANETs)
Introduction to Mobile Ad hoc Networks (MANETs) 1 Overview of Ad hoc Network Communication between various devices makes it possible to provide unique and innovative services. Although this inter-device
More informationDOE Award number: Name of recipient: Project Title: Principal investigator: Date of Report: Period covered by the report:
Progress Report DOE Award number: DE-SC0004909 Name of recipient: University of Massachusetts, Dartmouth Project Title: Coordinated Multi-layer Multi-domain Optical Network (COMMON) for Large- Scale Science
More informationProfiling the End Host
Profiling the End Host Thomas Karagiannis 1, Konstantina Papagiannaki 2, Nina Taft 2, and Michalis Faloutsos 3 1 Microsoft Research 2 Intel Research 3 UC Riverside Abstract. Profiling is emerging as a
More informationDiPerF: automated DIstributed PERformance testing Framework
DiPerF: automated DIstributed PERformance testing Framework Ioan Raicu, Catalin Dumitrescu, Matei Ripeanu, Ian Foster Distributed Systems Laboratory Computer Science Department University of Chicago Introduction
More informationApplication Layer Switching: A Deployable Technique for Providing Quality of Service
Application Layer Switching: A Deployable Technique for Providing Quality of Service Raheem Beyah Communications Systems Center School of Electrical and Computer Engineering Georgia Institute of Technology
More informationTracking the Evolution of Web Traffic:
The University of North Carolina at Chapel Hill Department of Computer Science 11 th ACM/IEEE International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (MASCOTS)
More informationA Deployable Framework for Providing Better Than Best-Effort Quality of Service for Traffic Flows
A Deployable Framework for Providing Better Than Best-Effort Quality of Service for Traffic Flows Proposal Presentation Raheem A. Beyah July 10, 2002 Communications Systems Center Presentation Outline
More informationSlicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)
Slicing a Network Advanced! Computer Networks Sherwood, R., et al., Can the Production Network Be the Testbed? Proc. of the 9 th USENIX Symposium on OSDI, 2010 Reference: [C+07] Cascado et al., Ethane:
More informationCan Passive Mobile Application Traffic be Identified using Machine Learning Techniques
Dublin Institute of Technology ARROW@DIT Dissertations School of Computing 2015-03-10 Can Passive Mobile Application Traffic be Identified using Machine Learning Techniques Peter Holland Dublin Institute
More informationExperiences with Dynamic Circuit Creation in a Regional Network Testbed
This paper was presented as part of the High-Speed Networks 2011 (HSN 2011) Workshop at IEEE INFOCOM 2011 Experiences with Dynamic Circuit Creation in a Regional Network Testbed Pragatheeswaran Angu and
More informationInternet Engineering Task Force (IETF) December 2014
Internet Engineering Task Force (IETF) Request for Comments: 7417 Category: Experimental ISSN: 2070-1721 G. Karagiannis Huawei Technologies A. Bhargava Cisco Systems, Inc. December 2014 Extensions to Generic
More informationTCP Congestion Control in Wired and Wireless networks
TCP Congestion Control in Wired and Wireless networks Mohamadreza Najiminaini (mna28@cs.sfu.ca) Term Project ENSC 835 Spring 2008 Supervised by Dr. Ljiljana Trajkovic School of Engineering and Science
More informationPiggybacking Network Functions on SDN Reactive Routing: A Feasibility Study
Piggybacking Network Functions on SDN Reactive Routing: A Feasibility Study Chang Liu *, Arun Raghuramu *, Chen-Nee Chuah *, and Balachander Krishnamurthy ** * University of California, Davis; **AT&T Labs-Research
More informationQoS Routing Extensions to OSPF
QoS Routing Extensions to OSPF Jani Lakkakorpi jani.lakkakorpi@nokia.com Abstract This paper briefly describes the extensions suggested to the OSPF [1] protocol to support QoS routes. These extensions
More informationArchitecture-Dependent Tuning of the Parameterized Communication Model for Optimal Multicasting
Architecture-Dependent Tuning of the Parameterized Communication Model for Optimal Multicasting Natawut Nupairoj and Lionel M. Ni Department of Computer Science Michigan State University East Lansing,
More informationEarly Application Identification
Early Application Identification Laurent Bernaille Renata Teixeira Kave Salamatian Université Pierre et Marie Curie - LIP6/CNRS Which applications run on my network? Internet Edge Network (campus, enterprise)
More informationQuiz. Segment structure and fields Flow control (rwnd) Timeout interval. Phases transition ssthresh setting Cwnd setting
Quiz v 10/30/2013 (Wednesday), 20 mins v Midterm question (available on website) v TCP basics Segment structure and fields Flow control (rwnd) Timeout interval v TCP Congestion control Phases transition
More informationG Robert Grimm New York University
G22.3250-001 Receiver Livelock Robert Grimm New York University Altogether Now: The Three Questions What is the problem? What is new or different? What are the contributions and limitations? Motivation
More information1 Connectionless Routing
UCSD DEPARTMENT OF COMPUTER SCIENCE CS123a Computer Networking, IP Addressing and Neighbor Routing In these we quickly give an overview of IP addressing and Neighbor Routing. Routing consists of: IP addressing
More informationWCCPv2 and WCCP Enhancements
WCCPv2 and WCCP Enhancements Release 12.0(11)S June 20, 2000 This feature module describes the Web Cache Communication Protocol (WCCP) Enhancements feature and includes information on the benefits of the
More informationArchna Rani [1], Dr. Manu Pratap Singh [2] Research Scholar [1], Dr. B.R. Ambedkar University, Agra [2] India
Volume 4, Issue 3, March 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Performance Evaluation
More informationChapter 8 LOCATION SERVICES
Chapter 8 LOCATION SERVICES Distributed Computing Group Mobile Computing Winter 2005 / 2006 Overview Mobile IP Motivation Data transfer Encapsulation Location Services & Routing Classification of location
More informationVanguard Managed Solutions
Vanguard Managed Solutions Vanguard Applications Ware IP and LAN Feature Protocols Traffic Monitor Notice 2004 Vanguard Managed Solutions, LLC 575 West Street Mansfield, Massachusetts 02048 (508) 261-4000
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU München Master Course Computer Networks IN2097 Prof. Dr.-Ing. Georg Carle Christian Grothoff, Ph.D. Dr. Nils
More informationvcmp for Appliance Models: Administration Version
vcmp for Appliance Models: Administration Version 12.1.1 Table of Contents Table of Contents Introduction to the vcmp System...7 What is vcmp?...7 Other vcmp system components...8 BIG-IP license considerations
More information