Presentation is loading. Please wait.

Presentation is loading. Please wait.

Locating hosts by TULIP (Trilateration Utility for Locating IP hosts)

Published byIngrid Pettersson Modified over 5 years ago

Similar presentations

Presentation on theme: "Locating hosts by TULIP (Trilateration Utility for Locating IP hosts)"— Presentation transcript:

1 Locating hosts by TULIP (Trilateration Utility for Locating IP hosts)
Prepared by: Les CottrellSLAC, Faran JavedNIIT, Shahryar KhanNIIT,Umar KalimNIIT Internet2 fall members meeting San Diego, October 2007 This talk will define the Digital Divide, show why it matters, and then go on to show how we can measure it in terms of Internet performance. Results from the measurements will show worldwide improvement trends in round trip times as links move from satellite to terrestrial, throughput as the speed of links improve, losses and reachability as robustness is increased. Comparing the performance for developed vs. developing regions will show which regions are catching up, keeping up, or falling further behind, and how well the Internet performance correlates with UN and ITU development indices. We will close out with some results from case studies on Africa and South Asia.

2 Purpose Geo locate a host given its name or address
Uses ping (RTT) measurements from landmarks landmarks at known locations worldwide RTT roughly proportional to distance in many cases Distance (km) = alpha * RTT (ms) Velocity light in fibre ~ 0.6c or 1ms for 100km. Use min RTT to reduce effect of queueing Using distance from RTT, triangulate to get lat/long

3 Goals Platform agnostic (Java & Perl (CGI))
Open, non-proprietary (cf. Traceware, Edgescape) Minimize security concerns Include developing regions Sustainable robust service Minimize manual effort (keep databases current) Provide an API to enable other applications We also wanted to verify the locations of the hosts in the PingER database.

4 Uses of Locating Hosts Choose content to send (e.g. language, local store) Security: pin-point suspicious hosts Where to get replicated service (e.g. Grid) Information for maps (e.g. visualroute) Efficiency of routing For Digital Divide & world-wide collaborations

5 How to get the location They are complementary
Database (e.g. DNS, whois, Geo IP tools) Hard to keep up, may require subscription, maybe inaccurate, out-of-date or incomplete Traceroute and heuristics on names (Visual traceroute) RTTs (e.g. Octant from Cornell, Constraint based Geolocation from Belgium/Boston U) Neither are active any more (student projects pointing the way?) They are complementary Each has own strengths and weaknesses Could/should be used together to validate each other and make corrections.

6 Simple Methodology (1) Client Landmarks Reflector Target
Client loads (Java Webstart), runs Java applet gets target from user Client requests Reflector to get pings to target Reflector requests Landmarks to ping target, Landmarks Ping target Reflector (web server running CGI script) Target

7 Simple Methodology (2) Client Landmarks Reflector Target
Client analyses data, visualizes and provides to user Reflector send RTTs back to Client Landmarks send results back to Reflector Landmarks Ping target Reflector (web server running CGI script) Target

8 Landmarks Want good geographical coverage for world.
Need to be reliable, answer No connection, timeouts, 100%loss (24 excellent PlanetLabs) Respond quickly Not satellite connection Not a proxy SLAC/PingER reverse traceroute servers ~ 60, but more diverse, see PlanetLab ~ 150 landmarks Mainly in N. America and Europe

9 Security (lots of concerns)
Can be used for DoS attacks against a target Looks like a potential scan of the target vs many hosts Target ICMP replies to a large number of hosts CGI scripts (Perl) needs to be well vetted for holes Ability to discover & then blackhole abusers Only one TULIP client per host Landmarks and reflector both limit the number of running requests Centralized logging of all requests and results, plus analysis Look for anomalies Also discovers what landmarks are failing, who is requesting Possible privacy problems if locate a person’s host accurately (could add fuzz)

10 Problems Geostationary satellite connections
24Kmiles => RTT >370ms, heavily used in C. Asia and Africa IP name refers to multiple hosts (e.g. Google, Akamai, root name servers) in many locations Hosts move, have proxies etc. Indirect routing so RTT !~ distance E. Asia vs. Australia seen from US Security concerns Duration for measurements (50 seconds to complete, results start arriving earlier) Optimizing # of parallel requests from reflector, timeouts, tiering, remove poor landmarks Optimizing alpha in distance (km) = alpha * RTT (ms). Optimizing the choice of tier 0 landmarks, reliable & at edges, want very few, yet few false positives or mistakes N. America: SLAC/CA, BNL/NY, AMPATH/FL, TRIUMF/CA(Vancouver), Winnipeg/CA, Houston, Saint Louis, Chicago Europe: CERN/CH, ICTP/IT, DL/UK

11 Demo of early version www.slac.stanford.edu/comp/net/wan-mon/tulip
2 sets of landmarks: PlanetLabs & SLAC/PingER type Enter host name or address & Locate Site Raw results in Ping Results window Visualize results in map

12 Evaluation of early version
Use ~600 PingER hosts with “known” lat/long Hosts in over 130 countries Also validates PingER data Need landmarks close to targets 50% accurate to within 200 km, 70% within 1000km Ouch, not very successful, worse with RTT

13 Alpha = 48.54 RTT/Dist (km/ms)
Improvements Add more landmarks for better coverage: PlanetLab & more SLAC landmark deployment (especially in developing world) Understand outliers, correct PingER dB Outliers: Multi-homed, e.g. yahoo, root servers, Move: e.g. supercomp Not at site of ASN: e.g SLAC host in Arizona Indirect routing: SFO-LA-SEA-VIC Alpha = RTT/Dist (km/ms)

14 Look at Alpha Set alpha to right value to get correct distance from RTT and look at distributions Done for major US to N. America & major Europe to Europe sites

15 In progress Have stable version 1 Adding:
Adding: More landmark, filter out non-working instances Integrate PlanetLabs & other landmark databases Improved map visualization and zoom Optimizing timing parameters (parallel streams, timeouts, landmark choices, alpha …) Faster landmark response GeoIP Tool estimates Tiering Redo evaluation, compare with other methods

16 Tiering Want to reduce the traffic hitting a target
First find region target is in (tier 0 search) Use few best landmarks in region Highly responsive, at edges of region Determine most likely region (N. America, Europe, the rest) Then if client wants more detail use all landmarks in region to pin-point target Take 1/10 time for tier 0s vs all for N. America

17 More information/Questions
Acknowledgements: PlanetLab, SLAC reverse tracroute servers hosted in Africa, E. Asia, Latin America, Middle East, Russia, S. Asia TULIP Home Page: PingER (driving reason for tool) www-iepm.slac.stanford.edu/pinger, TULIP 1st Prize at All Asia Softec 2007

Download ppt "Locating hosts by TULIP (Trilateration Utility for Locating IP hosts)"

Similar presentations

Dude, where’s that IP? Circumventing measurement-based IP geolocation Presented by: Steven Zittrower.

Dude, where’s that IP? Circumventing measurement-based IP geolocation Presented by: Steven Zittrower.
Geolocation Les Cottrell – SLAC University of Helwan / Egypt, Sept 18 – Oct 3, 2010 Partially funded by DOE/MICS Field Work Proposal on Internet End-to-end.

Geolocation Les Cottrell – SLAC University of Helwan / Egypt, Sept 18 – Oct 3, 2010 Partially funded by DOE/MICS Field Work Proposal on Internet End-to-end.
PingER Management1 Error Reporting Model for Ping End-to-End Reporting (PingER Management)

PingER Management1 Error Reporting Model for Ping End-to-End Reporting (PingER Management)
MAGGIE NIIT- SLAC On Going Projects Measurement & Analysis of Global Grid & Internet End to end performance.

MAGGIE NIIT- SLAC On Going Projects Measurement & Analysis of Global Grid & Internet End to end performance.
1 Network Monitoring for SCIC Les Cottrell, SLAC For ICFA meeting September, 2005 Initially funded by DoE Field Work proposal. Currently partially funded.

1 Network Monitoring for SCIC Les Cottrell, SLAC For ICFA meeting September, 2005 Initially funded by DoE Field Work proposal. Currently partially funded.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.

1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.
LOGO 1 MAGGIE Measurement & Analysis of the Global Grid & Internet End-to-End Performance Monitoring A Research Collaboration by National University of.

LOGO 1 MAGGIE Measurement & Analysis of the Global Grid & Internet End-to-End Performance Monitoring A Research Collaboration by National University of.
1 ICFA/SCIC Network Monitoring Prepared by Les Cottrell, SLAC, for ICFA www.slac.stanford.edu/grp/scs/net/talk03/icfa-aug04.ppt.

1 ICFA/SCIC Network Monitoring Prepared by Les Cottrell, SLAC, for ICFA
Distributed Data Stores – Facebook Presented by Ben Gooding University of Arkansas – April 21, 2015.

Distributed Data Stores – Facebook Presented by Ben Gooding University of Arkansas – April 21, 2015.
1 Networks, advantages & types of What is a network? Two or more computers that are interconnected so they can exchange data, information & resources.

1 Networks, advantages & types of What is a network? Two or more computers that are interconnected so they can exchange data, information & resources.
A measurement study of vehicular internet access using in situ Wi-Fi networks Vladimir Bychkovsky, Bret Hull, Allen Miu, Hari Balakrishnan, and Samuel.

A measurement study of vehicular internet access using in situ Wi-Fi networks Vladimir Bychkovsky, Bret Hull, Allen Miu, Hari Balakrishnan, and Samuel.
Hands-on Networking Fundamentals

Hands-on Networking Fundamentals
 Zhichun Li  The Robust and Secure Systems group at NEC Research Labs  Northwestern University  Tsinghua University 2.

 Zhichun Li  The Robust and Secure Systems group at NEC Research Labs  Northwestern University  Tsinghua University 2.
Basics of Web Databases With the advent of Web database technology, Web pages are no longer static, but dynamic with connection to a back-end database.

Basics of Web Databases With the advent of Web database technology, Web pages are no longer static, but dynamic with connection to a back-end database.
PingER: Research Opportunities and Trends R. Les Cottrell, SLAC University of Malaya.

PingER: Research Opportunities and Trends R. Les Cottrell, SLAC University of Malaya.
Chapter 4. After completion of this chapter, you should be able to: Explain “what is the Internet? And how we connect to the Internet using an ISP. Explain.

Chapter 4. After completion of this chapter, you should be able to: Explain “what is the Internet? And how we connect to the Internet using an ISP. Explain.
Presenter’s Name NDT Administrator Tools Jakub Slawinski Rich Carlson Internet2 Fall Member Meeting October 9, 2007.

Presenter’s Name NDT Administrator Tools Jakub Slawinski Rich Carlson Internet2 Fall Member Meeting October 9, 2007.
An Efficient Approach for Content Delivery in Overlay Networks Mohammad Malli Chadi Barakat, Walid Dabbous Planete Project To appear in proceedings of.

An Efficient Approach for Content Delivery in Overlay Networks Mohammad Malli Chadi Barakat, Walid Dabbous Planete Project To appear in proceedings of.

Similar presentations

Ads by Google