Presentation is loading. Please wait.

Presentation is loading. Please wait.

Streaming Network Analytics System

Published byJoanna Snow Modified over 5 years ago

Similar presentations

Presentation on theme: "Streaming Network Analytics System"— Presentation transcript:

1 Streaming Network Analytics System
Cisco Knowledge Network Presentation Serpil Bayraktar Distinguished Engineer 2/28/2018

2 Streaming Network Analytics System SNAS
An open source project under Linux Foundation Networking Umbrella A framework to collect, track and access tens of millions of routing objects (routers, peers, prefixes) in real time Allows you to interact, visualize, and analyze routing data in a simple way Streaming Network Analytics System SNAS Short and relevant: Stay focused on what your audience cares about. Think about what you want them to know, feel and do. Then, say what you need to say and no more.  Bold and human: Be confident in your ideas and in the words you use to express them. Use clear, natural language to connect with your audience and make your message stick. Show what’s possible and make it real: We call this Dreaming and Doing. When we do it right it's powerful, inspiring, convincing and persuasive. To learn more, download the brand language guidelines: 

3 Linux Foundation Open Source Networking Stack
Svcs Application Layer / App Server Product, Services & Workloads Standards Management & Control Network Data Analytics Orchestration, Management, Policy Cloud & Virtual Management Network Control System Integration & Test Automation Infrastructure Operating Systems IO Abstraction & Data Path Disaggregated Hardware CI/CD Automation of Network + Infrastructure + Cloud + Apps + IOT Linux Foundation Hosted Outside Linux Foundation

4 Background

5 Network Analytics Data Types
Types of data used for analytics: Device stats/logs/error counters/queue statistics etc. SNMP/Pull Model Telemetry/Push Model IP traffic information and statistics Netflow/sFlow/IPFIX Routing/control/topology data* IGP/Internal network topology BGP/Variety of reachability information (services) Network Analytics Data Types *SNAS

6 Device vs Network View Device View:
Data is collected from each device after it is processed by the device Network View*: Data is collected from each device before it is processed (as received from the network) Device vs Network View *SNAS

7 Example: Device vs Network View
Device View R3 Collector R1/AS1 = 10/8 R2/AS2 = 10/8 10/8 AS1 eBGP eBGP BGP Example: Device vs Network View Network View* R3 R1/AS1 = 10/8 R2/AS2 = 10/8 10/8 AS1 10/8 AS2 eBGP Collector eBGP BMP *SNAS

8 Stateful Nature of Routing Protocols
Stateful = Processing data based on the state information of the client Routing protocols are session based Routers maintain the state and parameters of each session An initial exchange of full routing table is followed by individual updates as needed Routing data can be viewed as a “stream” between two devices which agreed on some session parameters and only during the life of the session* This is very different than “stateless” or snapshot data where data is not associated with session information. Stateful Nature of Routing Protocols *SNAS

9 SNAS

10 Collect, store, maintain, track and expose network centric routing data for analytics applications
Make routing data application developer friendly Produce lightweight packages that can run on a small server Project Objectives

11 Collect Network Wide Routing Data Securely and Efficiently
Egress Peers A Egress Peers B Edge1 Edge2 Collector RR Your Network We want Edge2 to stream all unfiltered routing packets as received from Egress Peers B Edge4 Edge3 Egress Peers C Egress Peers D

12 “BGP Monitoring Protocol”
BMP “BGP Monitoring Protocol” Data Collection

13 What is BMP BGP Monitoring Protocol (BMP) encapsulates BGP messages from one or more BGP peers into a single TCP stream to one or more collectors Efficient, [near] real-time, low memory/CPU on router, little to no service impact with peering Simplified configuration (one-time setup) with granular controls per peer All address families supported BMP Router XE/XR/JunOS BGP Peers BMP Collector Single stream eBGP/iBGP TCP BMP BGP IP BMP router is existing router, process runs on existing router. This is different than BGP peering… Pre-RIB, peer stat reports, open messages for the peer, peer down notifications,

14 Access to Multiple Monitoring Points via BMP
Input filters/ Import policy Import from other protocols Best path selection process Output filters/ Export policy BGP Peer1 BGP Peer3 Prefix: 10/8 Med: 8 AS Path: 1 Prefix: 10/8 AS Path: 2 4 3 Prefix: 10/8 Med: 10 AS Path: Unmodified Data Peer1: Prefix: 10/8 Med: 8 AS Path: Peer2: AS Path: After Filters Peer1: Prefix: 10/8 Med: 8 LocalPref: 99 AS Path: Peer2: Med: 8 LocalPref: 100 AS Path: After Best Path selection Prefix: 10/8 Med: 8 LocalPref: 99 AS Path: After Filters Peer2: Prefix: 10/8 AS Path: BGP Peer2

15 BMP Availability

16 SNAS Architecture Applications Collector MySQL DB
Parsed, Conditioned Data BMP Enabled Router BGP Peers Monitored TCP Stream Kafka Message Bus MySQL Consumer Flat File SNAS UI Grafana Applications Other Apps SNAS Architecture

17 Collector Parses BGP data Conditions the data
Produces the parsed (and raw) BGP data to Kafka using Kafka’s topic structure Data produced in tab delimited format Highly scalable, very small footprint IPv4, IPv6, Labeled IPv4/v6, BGP-LS (Segment Routing), L3VPN address families supported

18 Parsing BGP data requires deep knowledge of network packet format based on standards (RFCs)
Anyone who wants to do analytics using BGP data has to figure out how to parse it SNAS does the parsing for you A Word About Parsing

19 Example Parsed Data (REST API)

20 Example Parsed Data (Kafka API)
Tab-Delimited Converted to Json

21 Tracking Stateful Routing Data at Internet Speeds and Scales
Maintaining state for a very large number of peers and prefixes: 100s – 1000s of peers A typical Internet peer carrying 700K+ IPv4 prefixes Multiple monitoring points Processing very high number of packets with minimum delay: Updates/sec during initialization (routing table dump) generates tens of thousands of updates/sec Tracking Stateful Routing Data at Internet Speeds and Scales

22 Getting Started

23 Start Here SNAS Webpage: https://www.snas.io SNAS Repositories:

24 Installation http://www.snas.io/gettingstarte d/getting_started/
Step 1: Install AIO Container Step 2: Install UI Container Step 3: Start Feeding Data Configure a router to send BMP data Use public BGP data, Install MRT2BMP Application or Installation

25 All-In-One (aio) Container
Openbmpd - Latest collector (listening port is TCP 5000) MariaDB 10.2 – MySQL server (listening port TCP 3306) Apache Kafka High performing message bus (listening ports are TCP and 9092) Tomcat/DB_REST - Latest Rest interface into MySQL/MariaDB (listening port TCP 8001) SNAS MySQL Consumer - Latest Consumer that puts all data into MySQL

26 UI Container nginx - Web Server ui - SNAS UI

27 Router Configuration http://www.snas.io/docs/ Configuration:
XR, XE, JUNOS Router Configuration

28 XR Configuration

29 Demo Servers http://www.snas.io/demo/ SNAS UI Grafana
Grafana Demo Servers

30

Download ppt "Streaming Network Analytics System"

Similar presentations

MPLS VPN.

MPLS VPN.
Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:

Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:
Routing Basics.

Routing Basics.
1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.

1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.
CS540/TE630 Computer Network Architecture Spring 2009 Tu/Th 10:30am-Noon Sue Moon.

CS540/TE630 Computer Network Architecture Spring 2009 Tu/Th 10:30am-Noon Sue Moon.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,

IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,
Analysis of BGP Routing Tables

Analysis of BGP Routing Tables
Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.

Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.
A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University

A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
14 – Inter/Intra-AS Routing

14 – Inter/Intra-AS Routing
Feb 12, 2008CS573: Network Protocols and Standards1 Border Gateway Protocol (BGP) Network Protocols and Standards Winter 2007-2008.

Feb 12, 2008CS573: Network Protocols and Standards1 Border Gateway Protocol (BGP) Network Protocols and Standards Winter
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,

MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,
Class 3: SDN Stack Theophilus Benson. Outline Background – Routing in ISP – Cloud Computing SDN application stack revisited Evolution of SDN – The end.

Class 3: SDN Stack Theophilus Benson. Outline Background – Routing in ISP – Cloud Computing SDN application stack revisited Evolution of SDN – The end.
SMUCSE 8344 MPLS Virtual Private Networks (VPNs).

SMUCSE 8344 MPLS Virtual Private Networks (VPNs).
Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.

Wireshark and TCP/IP Basics ACM SIG-Security Lance Pendergrass.
Scaling IXPs Scalable Infrastructure Workshop. Objectives  To explain scaling options within the IXP  To introduce the Internet Routing Registry at.

Scaling IXPs Scalable Infrastructure Workshop. Objectives  To explain scaling options within the IXP  To introduce the Internet Routing Registry at.
NetworkProtocols. Objectives Identify characteristics of TCP/IP, IPX/SPX, NetBIOS, and AppleTalk Understand position of network protocols in OSI Model.

NetworkProtocols. Objectives Identify characteristics of TCP/IP, IPX/SPX, NetBIOS, and AppleTalk Understand position of network protocols in OSI Model.

Similar presentations

Ads by Google