Detecting Traffic Differentiation in Backbone ISPs with NetPolice Ying Zhang Zhuoqing Morley Mao Ming Zhang.

Slides:

Advertisements

Similar presentations

QoS Strategy in DiffServ aware MPLS environment Teerapat Sanguankotchakorn, D.Eng. Telecommunications Program, School of Advanced Technologies Asian Institute.

Advertisements

IPv6 Victor T. Norman.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.

1 Locating Internet Bottlenecks: Algorithms, Measurement, and Implications Ningning Hu (CMU) Li Erran Li (Bell Lab) Zhuoqing Morley Mao (U. Mich) Peter.

Advanced Networks 1. Delayed Internet Routing Convergence 2. The Impact of Internet Policy and Topology on Delayed Routing Convergence.

CSCI 4550/8556 Computer Networks Comer, Chapter 23: An Error Reporting Mechanism (ICMP)

IP Protocol - Introduction Dr. Farid Farahmand. Introduction TDM transport networks are not sufficient for data communications Low utilization TDM networks.

11 TROUBLESHOOTING Chapter 12. Chapter 12: TROUBLESHOOTING2 OVERVIEW  Determine whether a network communications problem is related to TCP/IP.  Understand.

University of Massachusetts at Amherst 1 Flooding Attacks by Exploiting Persistent Forwarding Loops Jianhong Xia, Lixin Gao and Teng Fei University of.

User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.

Detecting Traffic Differentiation in Backbone ISPs with NetPolice Patrick Wong Yinzhi Cao.

Heuristics for Internet Map Discovery R. Govindan, H. Tangmunarunkit Presented by Zach Schneirov.

Ningning HuCarnegie Mellon University1 A Measurement Study of Internet Bottlenecks Ningning Hu (CMU) Joint work with Li Erran Li (Bell Lab) Zhuoqing Morley.

Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.

Measuring ISP topologies with Rocketfuel Ratul Mahajan Neil Spring David Wetherall University of Washington ACM SIGCOMM 2002.

Routing of Outgoing Packets with MP-TCP draft-handley-mptcp-routing-00 Mark Handley Costin Raiciu Marcelo Bagnulo.

SG12 Regional Group for Africa Meeting 18 th to 19 th of July, 2013 Ouagadougou, Burkinafaso By Yvonne UMUTONI Quality of Service Development Group (QSDG)

1 Network Topology Measurement Yang Chen CS 8803.

An Effective Defense Against Spam Laundering Paper by: Mengjun Xie, Heng Yin, Haining Wang Presented at:CCS'06 Presentation by: Devendra Salvi.

PALMTREE M. Engin TozalKamil Sarac The University of Texas at Dallas.

MATE: MPLS Adaptive Traffic Engineering Anwar Elwalid, et. al. IEEE INFOCOM 2001.

Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Defining the IP Packet Delivery Process INTRO v2.0—4-1.

INTERNET TOPOLOGY MAPPING INTERNET MAPPING PROBING OVERHEAD MINIMIZATION  Intra- and inter-monitor redundancy reduction IBRAHIM ETHEM COSKUN University.

CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College

Guide to TCP/IP, Third Edition

Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing

Internet Protocol (IP)

NAROS : Host-Centric IPv6 Multihoming with Traffic Engineering A solution to perform traffic engineering in a IPv6 multihomed end-site, using a multi-addressing.

Towards Highly Reliable Enterprise Network Services via Inference of Multi-level Dependencies Paramvir Bahl, Ranveer Chandra, Albert Greenberg, Srikanth.

1 Multi-Protocol Label Switching (MPLS). 2 MPLS Overview A forwarding scheme designed to speed up IP packet forwarding (RFC 3031) Idea: use a fixed length.

Distributed Denial of Service CRyptography Applications Bistro Presented by Lingxuan Hu April 15, 2004.

POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 2. Network Monitoring Metrics.

Introduction to Networks CS587x Lecture 1 Department of Computer Science Iowa State University.

POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 4. Active Monitoring Techniques.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 9 Basic Router Troubleshooting.

Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.

© Jörg Liebeherr (modified by M. Veeraraghavan) 1 ICMP: A helper protocol to IP The Internet Control Message Protocol (ICMP) is the protocol used for error.

PC1 LAN GW SP RTR1 SP RTR2 DST 4 * 25 ms 21 ms dst [ ] 4. A third packet is sent with TTL=3, which decrements at each hop, and expires after RTR2,

Quality of Service (QoS) Monitoring and Functions of Internet ITU Regional Standardization Forum for Africa (Kampala, Uganda, June 2014) Yvonne UMUTONI.

1 Internet Control Message Protocol (ICMP) Used to send error and control messages. It is a necessary part of the TCP/IP suite. It is above the IP module.

1 Countering DoS Through Filtering Omar Bashir Communications Enabling Technologies

A Measurement Study on the Impact of Routing Events on End-to-End Internet Path Performance Feng Wang 1, Zhuoqing Morley Mao 2 Jia Wang 3, Lixin Gao 1,

CSC 600 Internetworking with TCP/IP Unit 7: IPv6 (ch. 33) Dr. Cheer-Sun Yang Spring 2001.

Module 10: How Middleboxes Impact Performance

April 4th, 2002George Wai Wong1 Deriving IP Traffic Demands for an ISP Backbone Network Prepared for EECE565 – Data Communications.

Error and Control An IP datagram travels from node to node on the way to its destination Each router operates autonomously Failures or problems may occur.

1 A Framework for Measuring and Predicting the Impact of Routing Changes Ying Zhang Z. Morley Mao Jia Wang.

1 Chapter 23 Internetworking Part 3 (Control Messages, Error Handling, ICMP)

Trajectory Sampling for Direct Traffic Oberservation N.G. Duffield and Matthias Grossglauser IEEE/ACM Transactions on Networking, Vol. 9, No. 3 June 2001.

Internet Protocol: Routing IP Datagrams Chapter 8.

N. Hu (CMU)L. Li (Bell labs) Z. M. Mao. (U. Michigan) P. Steenkiste (CMU) J. Wang (AT&T) Infocom 2005 Presented By Mohammad Malli PhD student seminar Planete.

Measuring the Capacity of a Web Server USENIX Sympo. on Internet Tech. and Sys. ‘ Koo-Min Ahn.

Yaping Zhu with: Jennifer Rexford (Princeton University) Aman Shaikh and Subhabrata Sen (ATT Research) Route Oracle: Where Have.

1 12-Jan-16 OSI network layer CCNA Exploration Semester 1 Chapter 5.

QoS in Mobile IP by Preethi Tiwari Chaitanya Deshpande.

1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.

A Measurement Study on the Impact of Routing Events on End-to-End Internet Path Performance Feng Wang 1, Zhuoqing Morley Mao 2 Jia Wang 3, Lixin Gao 1,

1 Effective Diagnosis of Routing Disruptions from End Systems Ying Zhang Z. Morley Mao Ming Zhang.

An End-to-End Service Architecture r Provide assured service, premium service, and best effort service (RFC 2638) Assured service: provide reliable service.

Chapter 10 Congestion Control in Data Networks and Internets 1 Chapter 10 Congestion Control in Data Networks and Internets.

Bandwidth estimation: metrics, measurement techniques, and tools Presenter: Yuhang Wang.

Network Layer IP Address.

PATH DIVERSITY WITH FORWARD ERROR CORRECTION SYSTEM FOR PACKET SWITCHED NETWORKS Thinh Nguyen and Avideh Zakhor IEEE INFOCOM 2003.

Introduction and Overview of Network and Telecommunications (contd.)

PlanetSeer: Internet Path Failure Monitoring and Characterization in Wide-Area Services Ming Zhang, Chi Zhang Vivek Pai, Larry Peterson, Randy Wang Princeton.

RESOLVING IP ALIASES USING DISTRIBUTED SYSTEMS

1 Multi-Protocol Label Switching (MPLS). 2 MPLS Overview A forwarding scheme designed to speed up IP packet forwarding (RFC 3031) Idea: use a fixed length.

2019/5/2 Using Path Label Routing in Wide Area Software-Defined Networks with OpenFlow ICNP = International Conference on Network Protocols Presenter：Hung-Yen.

An Empirical Evaluation of Wide-Area Internet Bottlenecks

Presentation transcript:

Detecting Traffic Differentiation in Backbone ISPs with NetPolice Ying Zhang Zhuoqing Morley Mao Ming Zhang

CONTENTS INTRODUCTION TRAFFIC DIFFRENTIATION METHODLOGY IMPLEMENTATION REDUCING NOISE EFFECTS EXPERIMENTAL RESULTS SYSTEM EVALUATION CONCLUSION

INTRODUCTION AIM: In this paper, we consider the problem of detecting traffic differentiation in backbone ISPs. PURPOSE: The ability to detect traffic differentiation enables customers to develop appropriate strategies for improving their application performance.

INTRODUCTION …contd CHALLENGES: To build such a system, we face two key challenges: i) Unlike in the case of broadband ISPs, most end hosts are not directly connected to backbone ISPs. We need to intelligently select probing destinations to cover the relevant internal paths of backbone ISPs while complying with the requirement of limited network and CPU resources on end hosts; ii) Measurement data taken from end host is susceptible to various types of noise on the host or in the network. We need to ensure our detection results are not distorted by noise.

TRAFFIC DIFFERENTIATION ISP may provide differentiated services based on: 1.Application type 2.Routing information 3.Availability of resources.

TRAFFIC DIFFERENTIATION …contd

METHODOLOGY NetPolice detects traffic differentiation inside a particular ISP by launching probes from a distributed set of end systems. For this purpose, we have to decide on: PATH SELECTION. LOSS RATE MEASUREMENT. DIFFERENTIATION SELECTION.

METHODOLOGY ….contd PATH SELECTION:

METHODOLOGY ….contd PATH SELECTION PROBLEMS: Given a target ISP, a list of probing sources, and all the destination prefixes on the Internet, a naive approach is to probe all the prefixes from all the sources. This may lead to both wasteful probes that do not traverse the target ISP and redundant probes that traverse the same internal paths multiple times. SOLUTION: 1. Each three-tuple (src, ingress, egress) is traversed at least R times by probes to different destinations. 2.Each three-tuple (ingress, egress, dst) is traversed at least R times by probes from different sources; 3.A probing source does not send more than m probes.

METHODOLOGY ….contd LOSS RATE MEASUREMENT: NetPolice measures loss rate in order to detect differentiation schemes based on rate- limiting in backbone ISPs. NetPolice measures the loss rate as follows: 1.To reduce probing overhead, NetPolice only probes the hops that map to an ingress or an egress of a target ISP instead of all the hops along the path, given that we are only interested in detecting differentiation inside the ISP. 2.To measure the loss rate to a particular hop, NetPolice sends probe packets with pre-computed TTL (Time-to-Live) value which will trigger ICMP time exceeded response from that hop. Finally, we subtract the measured loss rate of the ingress from that of the egress to obtain the loss rate of the internal path.

METHODOLOGY ….contd To detect content-based differentiation, we measure loss rate of an internal path using different application traffic. We select five representative applications with distinct QoS (Quality of Service) requirements: HTTP (default port 80), BitTorrent (P2P file sharing,port 6881), SMTP ( , port 25), PPLive (video streaming, port 4004), and VoIP (port 5060).

METHODOLOGY ….contd DIFFERENTIATION DETECTION: NetPolice detects differentiation by observing the performance differences measured along the same ISP internal path using different types of probe traffic. We also take a sufficiently large number of loss rate measurements to ensure that the observed performance differences accurately reflect how an ISP treats different types of Traffic.

IMPLEMENTATION NetPolice has 3 major components: Path Selector. Probers. Differentiation Detector.

IMPLEMENTATION …contd

How to Traceroute Effectively CPU utilization affects results Only use data when load average < 65%

How to Traceroute Effectively Routers might drop our probes if we send too fast Probe interval = 1 sec

How to Traceroute Effectively We might inadvertently measure reverse-path loss Increase probe size : response size ratio – Probe length = 1000 bytes

How to Traceroute Effectively Paths with high loss rate could have inflated reverse path losses Filter out data over lossy paths (6%)

Experiments Content-based differentiation – 4 of 18 ISPs Routing-based differentiation – 10 of 18 ISPs TOS correlation Other factors… e.g. load Proof-of-concept implementation on a router – It’s possible to do this differentiation…

Content-based differentiation Observed differentiation Validation with two-ended controlled probing – Low error between one-ended versus control

Routing-based differentiation 7 of 10 ISPs give customers’ traffic higher priority

TOS correlation Some ISPs use the TOS field – Small percent of pairs – Not applied to all routers in an ISP

Impact of load Loss rate: proxy for load See higher incidences of content and routing differentiation

Conclusion Our system shows that ISPs do content- and routing-based differentiation – Load is a factor Future work – include delay in addition to loss rate