Presentation is loading. Please wait.

Presentation is loading. Please wait.

Characterizing VLAN-Induced Sharing in a Campus Network

Similar presentations

Presentation on theme: "Characterizing VLAN-Induced Sharing in a Campus Network"— Presentation transcript:

1 Characterizing VLAN-Induced Sharing in a Campus Network
Mukarram Bin Tariq, Ahmed Mansy Nick Feamster, Mostafa Ammar {mtariq, amansy, feamster,

2 Virtual LANs (VLANs) Multiple LANs on top of a single physical network
Typically map to IP subnets Flexible design of IP subnets Administrative ease Sharing infrastructure among separate networks, e.g., for departments, experiments Sharing: IP networks may depend on same Ethernet infrastructure VLAN2 VLAN3 VLAN1 VLAN Core Ethernet

3 Problems: Informal Operator’s Survey
Lack of cross-layer visibility “I wish for insight. Better visibility into operational details” “[users] can end up on ports configured for the wrong VLAN …. difficult for end users to determine why their network isn't working ("but I have a link light!”)” Need for diagnostic tools for VLANs “deploy tomography tool [for the campus to isolate faulty switches]” Swap categories and quotes… fix animation bubble.. quotes delivery is monotone Shared failure modes among networks “Using only the information the switch can give [is difficult to determine] to which VLAN or VLANs are the busy ones”

4 Key Questions and Contributions
How to obtain visibility in sharing of Ethernet among IP networks? EtherTrace: A tool for discovery of Ethernet devices on IP path Passive discovery using bridge tables Does not require CDP or LLDP How much sharing is there in a typical network? Analysis of VLAN in Georgia Tech network 1358 Switches, 1542 VLANs Find significant sharing How much does Ethernet visibility help? Network tomography 2x improvement in binary tomography using Ethernet visibility

5 EtherTrace: Maps IP to Ethernet Paths
Frames arrive on same port for off-path switches Due to spanning tree, frames from H1 and H2 are received on separate ports of same VLAN for switches that are on the path C B D E F A H1 H2 A B C D Frames arrive on separate ports for on-path switches EtherTrace automates discovery of Ethernet path by analyzing bridge and ARP tables, and iterating for each IP hop in IP traceroute F E Works well for stable networks Available at:

6 Georgia Tech Campus Network Dataset
Data sources Dataset 1358 Switches 31 Routers 79 monitoring nodes Bridge tables obtained every 4 hours ARP tables obtained every hour IP traceroutes among monitoring nodes every 5 minutes One-day snapshot on March 25, 2008 Analysis Obtain Ethernet devices for IP traceroutes using EtherTrace Quantify the sharing of Ethernet devices among IP hops and paths

7 Ethernet Hops Shared among IP Hops
Maximum IP hops on an Ethernet interface: considering disjoint only 57% of Ethernet Hops are shared by more than 2 disjoint IP Hops On average, an Ethernet Hop affects ~30 IP hops ~4 considering disjoint IP hops only

8 Application: Improving Accuracy with Cross-layer Sharing Visibility
Experiment Simulate failure of a random Ethernet hop Determine IP paths that are affected by the failure Use binary tomography to determine the hop that has fault Metric Using IP level information only Incorporating layer-2 visibility Accuracy: Is failed hop in the diagnosed set of hops? Fraction of times faulty edge in diagnosed set 54% 100% Specificity: How big is the diagnosed set relative to number of failed hops? Size of Diagnosed Set Average 3.7 1.48 95th %-ile 9 1

9 Summary Surprising amount of sharing
On average, an Ethernet hop affects ~30 IP hops 57% of Ethernet hops affect two or more disjoint IP hops Failure of an Ethernet device affects (on average) as many IP paths as failure of an IP device Two orders of magnitude more Ethernet devices Cross-layer visibility improves diagnosis 2x improvement in accuracy and specificity EtherTrace:

10 Comparison of Dependency of IP Paths on Ethernet and IP devices
On average, a switch or switch interface is critical to similar number of IP paths as a router or IP interface, although there are two orders of magnitude more layer-2 devices

11 Common Reasons for Sharing
Departments and groups sharing buildings and layer-2 infrastructure, but have independent routers and firewalls LAWN---a network for roaming hosts---spans the entire campus using VLANs

12 Application: Improving Accuracy with Cross-layer Sharing Insight
We can improve fault-localization accuracy by using layer-2 topology information Experiment Simulate failure of a random layer-2 edge Determine IP paths that are broken by the failure Use Binary tomography to determine the network segment that has fault Conventional Approach: Use Layer-3 path elements as dependencies Cross-layer Approach: Use layer-2 elements determined with EtherTrace as dependencies Metrics Accuracy: diagnosed segment contains the failed network element Specificity: ratio of actual number of elements that failed to the number of layer-2 elements in diagnosed segment

13 EtherTrace Collect Bridge tables from switches using SNMP
Table has entries of form <MAC, port, vlan-id> Collect ARP tables from Routers Given IP traceroute between two hosts find layer-2 path elements as: De-alias router IP addresses Obtain MAC addresses IP addresses on each IP hop Obtain Layer-2 switches and ports for each IP hop

Download ppt "Characterizing VLAN-Induced Sharing in a Campus Network"

Similar presentations

Ads by Google