Download presentation
Presentation is loading. Please wait.
1
Monitoring MIPv6 Traffic with IPFIX
Youngseok Lee*, Soonbyoung Choi*, and Jaehwa Lee+ *Dept. of Computer Engineering, Chungnam National University, Korea {lee, + Korea Telecom, Korea 25th October 2006
2
Contents Introduction Motivation IPFIX
Proposed scheme for monitoring MIPv6 traffic Conclusion CNU IPOM 2006
3
Introduction Mobile IPv6 (MIPv6) Handover in MIPv6
Mobility with IP layer Uninterruptible communication with MIPv6 Handover in MIPv6 Movement detection at L2 Address configuration Care-of-address is associated with home address Location update Exchanging Binding Update (BU) and Binding Acknowledgement (BA) Route optimization (RO) Default in MIPv6 CNU IPOM 2006
4
Motivation: New Challenges of Traffic Measurement in MIPv6
Mobility of nodes mobile traffic Traffic to be monitored is moving Monitored at every MIPv6 access routers Multiple addresses with mobile nodes Home address, Care-of-Address Measurement and analysis more complicated Handover traffic Tunneled IPv6 traffic Destination option CNU IPOM 2006
5
Flow-level vs. Packet-level Measurement
Correct results Not easy to support high-speed line rate Expensive for deployment and management in a large scale network Flow-level measurement Easy to deployment Generate useful traffic statistics with a significantly small amount of measurement data Suitable for a large-scale network CNU IPOM 2006
6
IETF IPFIX (IP Flow Information eXport)
Flow-level traffic measurement Based on Cisco NetFlow v9 Flexible and extensible template architecture IPv6 traffic monitoring Intrusion detection QoS measurement CNU IPOM 2006
7
MIPv6 Traffic Monitoring with IPFIX
Measurement points At MIPv6 access routers Objects to be monitored IPv6 flow Handover events (BU/BA) Tunneled IPv6 traffic Under IPFIX architecture Router exports IPFIX flows IPFIX collector/analyzer receives IPFIX flows IPFIX template and data flow set CNU IPOM 2006
8
IPFIX-based Traffic Measurement Architecture
IPv6 Network CN IPFIX Flow Collector IPv6 Router IPv6 flow before handover IPFIX flow data MIPv6 Access Router with IPFIX HA 2. BU/BA 3. Tunneled IPv6 flow AP MN MN CNU IPOM 2006
9
IPFIX Template for MIPv6 Traffic
IPv6 data traffic IPv6 flow template IPv6 src/dst addresses Already used in Cisco NetFlow version 9 MIPv6 control traffic MIPv6 handover flow template Binding Update Binding Acknowledgement Handover IPv6 data traffic tunneled IPv6 flow template Handover IPv6 traffic without/before RO CNU IPOM 2006
10
IPFIX Template for IPv6 Flow
Version=10 Length = Total Length Export Time IPFIX Header Sequence Number Source ID Set ID Length Template ID = 256 Field Count = 10 Src IPv6 addr = 27 Field Length = 16 dst IPv6 addr = 28 Field Length = 16 Src port = 7 Field Length = 4 dst port = 11 Field Length = 4 Next Header = 193 Field Length = 4 IPFIX Template FlowLabel = 31 Field Length = 4 First time = 22 Field Length = 4 Last time = 21 Field Length = 4 Template ID 256 : Plain IPv6 flow OctetDeltaCount = 1 Field Length = 4 packetDeltaCount = 2 Field Length = 4 CNU IPOM 2006
11
MIPv6HomeAgentAddress = 202
IPFIX Template for BU/BA Flow Version=10 Length = Total Length Export Time Sequence Number Observation Domain ID Set ID Length Template ID = 257 Field Count = 14 Src IPv6 addr = 27 Field Length = 16 Basic template dst IPv6 addr = 28 Field Length = 16 L4SrcPort = 7 Field Length = 4 L4DstPort = 11 Field Length = 4 NextHeader = 193 Field Length = 4 FlowLabel = 31 Field Length = 4 First time = 22 Field Length = 4 Last time = 21 Field Length = 4 OctetDeltaCount = 1 Field Length = 4 packetDeltaCount = 2 Field Length = 4 MIPv6messageType = 200 Field Length = 4 Extension Field MIPv6CareOfAddress = 201 Field Length = 16 MIPv6HomeAgentAddress = 202 Field Length = 16 MIPv6HomeAddress = 203 Field Length = 16 CNU IPOM 2006
12
IPFIX Template for Tunneled IPv6 Flow
Version=10 Length = Total Length Export Time Sequence Number Observation Domain ID Set ID Length Template ID = 258 Field Count = 13 Src IPv6 addr = 27 Field Length = 16 Basic template dst IPv6 addr = 28 Field Length = 16 L4SrcPort = 11 Field Length = 4 L4DstPort = 11 Field Length = 4 NextHeader = 193 Field Length = 4 FlowLabel = 31 Field Length = 4 First time = 22 Field Length = 4 Last time = 21 Field Length = 4 OctetDeltaCount = 1 Field Length = 4 packetDeltaCount = 2 Field Length = 4 IPv6TunnelSrcAddr = 300 Field Length = 16 Extension Field IPv6TunnelDstAddr = 301 Field Length = 16 TunnelProto = 302 Field Length = 4 CNU IPOM 2006
13
Experiments MIPv6 testbed at CNU, Korea Collected flows
HA: Linux PC routers with MIPL 2.0 MN: Linux Laptops with MIPL 2.0 Collected flows IPv6 data flow BU/BA MIPv6 handover flow Tunneled IPv6 data flow CNU IPOM 2006
14
Experimental Testbed iperf sender iperf receiver IPv6 Network IPFIX
CN IPFIX Flow Collector IPv6 Router IPFIX flow data iperf tcp connection MIPv6 Access Router with IPFIX HA AP iperf receiver MN CNU IPOM 2006
15
Time-sequence Graph of TCP Connection with iperf
2nd Handover Tunneled IPv6 Flow 1st Handover IPv6 Flow CNU IPOM 2006
16
Basic IPv6 Traffic flow label, firt/last time, octets, packets CNU
< Basic IPv6 packet > b c5 bd 7f 00 0e 0c a8 62 3e 86 dd 60 00 c 06 3f db d a c1 b7 7e 0040 e a0 16 cf a 8f dd d b1 9b f8 >> data Version Length Export time Sequence number Observation domain ID Set id TID = 256 Field count = 10 2001:220:804:20::1 2001:220:804:100::4 56278 5001 6 1979 < IPFIX flow for basic IPv6 traffic> b 26 c a f0 86 dd 60 00 ac 11 3f ff fe 7b 26 c2 82 0b 13 ba 00 ac e c 9f a 00 1b c b a c 00 00 00a c 00b 00c db d ff 00d0 fc 7a 3b 58 fc 7a 3f 2b f 00e IPv6 addrs ports Next header flow label, firt/last time, octets, packets CNU IPOM 2006
17
MIPv6 Handover Message BA/BU, CoA, HAA, HA CNU IPOM 2006
< Binding Update packet > e 0c a b c5 bd 7f 86 dd 60 00 c b ff fe c5 bd 7f c b 03 a ad c b b b ff fe c5 bd 7f Version Length Export time Sequence number Observation domain ID Set id TID = 257 Field count = 14 2001:220:804:100::1 2001:220:804:120:209:5bff:fec5:bd7f 43 94 1 2 2001:220:804:100::4 Version Length Export time Sequence number Observation domain ID Set id TID = 257 Field count = 14 2001:220:804:120:209:5bff:fec5:bd7f 2001:220:804:100::1 60 110 1 2001:220:804:100::4 < Binding Acknowledgement packet > b c5 bd 7f 00 0e 0c a dd 60 00 b 3f b ff fe c5 bd 7f b 01 b b < IPFIX flow for Handover message (Binding Ack) > 00b 00c b ff fe c5 bd 7f 00d c 00 00e e 00f b ff 0100 fe c5 bd 7f f9 b6 BU BA HoA BA/BU, CoA, HAA, HA CNU IPOM 2006
18
Tunneled IPv6 Traffic CNU IPOM 2006 < Tunneled IPv6 packet >
b c5 bd 7f 00 0e 0c a dd 60 00 b4 29 3f b ff fe c5 bd 7f c 06 3f 20 01 db d6 b 28 0e dd b7 7e e a0 d5 fa a 8f dd e3 1e 04 b1 f1 7b >> >> data Version Length Export time Sequence number Observation domain ID Set id TID = 258 Field count = 13 2001:220:804:20::1 2001:220:804:100::4 56278 5001 6 2179 2001:220:804:100::1 2001:220:804:120:209:5bff:fec5:bd7f 41 < IPFIX flow for tunneled IPv6 traffic > c c ce b d 00a b ff fe c5 bd 7f 00b Tunnel src Tunnel dst Next header Tunnel Endpoints Next header = IPv6 CNU IPOM 2006
19
Conclusion New traffic monitoring method for MIPv6 networks Useful for
Based on the IPFIX standard Defined new IPFIX templates for handover message and tunneled flows Useful for MIPv6 handover pattern analysis MIPv6 handover performance analysis Work in progress MIPv6 traffic analyzer Extension to route optimization Extension to FMIPv6 CNU IPOM 2006
20
References [1] D. Johnson, C. Perkins, and J. Arkko, “Mobility Support in IPv6,” IETF RFC3775, June 2004. [2] Cisco NetFlow, [3] J. Quittek, T. Zseby, B. Claise, and S. Zander, “Requirements for IP Flow Information Export (IPFIX),” IETF RFC3917, Oct [4] nProbe, CNU IPOM 2006
![References [1] D. Johnson, C. Perkins, and J. Arkko, Mobility Support in IPv6, IETF RFC3775, June](http://slideplayer.com/slide/13261574/79/images/20/References+%5B1%5D+D.+Johnson%2C+C.+Perkins%2C+and+J.+Arkko%2C+Mobility+Support+in+IPv6%2C+IETF+RFC3775%2C+June.jpg "[2] Cisco NetFlow, [3] J. Quittek, T. Zseby, B. Claise, and S. Zander, Requirements for IP Flow Information Export (IPFIX), IETF RFC3917, Oct [4] nProbe, CNU. IPOM")
Similar presentations
