Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Traffic Engineering of High-Rate Large-sized Flows Acknowledgment: UVA work is supported by DOE ASCR grants DE-SC002350 and DE-SC0007341, and NSF grants,

Published byRobert Kennedy Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Traffic Engineering of High-Rate Large-sized Flows Acknowledgment: UVA work is supported by DOE ASCR grants DE-SC002350 and DE-SC0007341, and NSF grants,"— Presentation transcript:

1 1 Traffic Engineering of High-Rate Large-sized Flows Acknowledgment: UVA work is supported by DOE ASCR grants DE-SC002350 and DE-SC0007341, and NSF grants, OCI- 1038058, OCI-1127340, and CNS-1116081, and ESnet work is supported by DOE grant DE-AC02-05CH11231 Tian Jin, Chris Tracy, Malathi Veeraraghavan, Zhenzhen Yan University of Virginia and ESnet mvee@virginia.edu, ctracy@es.net July 8-11, 2013

2 Outline Problem statement & Motivation –Example of ESnet measured load –Adverse effects of “alpha flows” Hybrid Network Traffic Engineering System (HNTES) HNTES evaluation –NetFlow data collection –Effectiveness –Afflicted-flow packet percentage 2

3 Problem statement Flows generated by high-rate large-sized file transfers are called alpha flows –thresholds used in this paper: 1 GB in  1 min Previous work shows that alpha flows –are the cause of burstiness of IP traffic Experiment shows adverse effects of alpha flows on real-time A/V flows Problem: How can a provider identify such alpha flows within their network and direct them to separate QoS-controlled VCs? 3

4 Motivation: ESnet4 Core network for US Dept. of Energy Labs StarLight MAN LAN (32 A of A) PNNL FNL ORNL LLNL GA BNL LANL IP router Lab Optical node SDN router Lab Link MAN NLR 10G 30/40/50G SDN IP 50 40 30 40 50 30 50 40 Steve Cotter, Chin Guok, Joe Metzger, Bill Johnston Brookhaven National Laboratory

5 Traffic surges on ESnet interface 5 Link rate: 10 Gbps Outgoing traffic Incoming traffic 9 Gbps Jan. 12, 2013

6 Motivation: Adverse effects of alpha flows Used DOE 100G testbed Hosts: high-performance diskpts 6 BNL NEWY ping flow (delay-sensitive) TCP (alpha) flow UDP flow (background) buffer buildups

7 Impact of alpha flows on real-time flows 7 Impact on ping flow delay –significant in 1-queue configuration –negligible in 2-queue configuration Need separate virtual queue for alpha flow packets Pings: 1 per sec Delay: 60 ms in 1-queue case Delay: 2.1 ms in 2-queue case UDP flow TCP flow 3 Gbps 6 Gbps

8 Outline Problem statement & Motivation  Hybrid Network Traffic Engineering System (HNTES) HNTES evaluation –NetFlow data collection –Effectiveness –Afflicted-flow packet percentage 8

9 Hybrid network traffic engineering system (HNTES) - Intradomain identification/redirection of alpha flows 9 Three steps –Analysis of NetFlow reports from ingress routers to identify address prefixes of completed alpha flows –IDC creates L3 circuits between ingress-egress router pairs and configures QoS –IDC sets firewall filters to direct future alpha flows with matching address prefixes to L3 circuits Aging parameter (A): age out rules corresponding to prefixes for which no alpha flows have been observed

10 Outline Problem statement & Motivation Hybrid Network Traffic Engineering System (HNTES) HNTES evaluation –NetFlow data collection –Effectiveness –Afflicted-flow packet percentage 10

11 Data collection for HNTES evaluation: NetFlow data from 4 routers were collected for 7 months (214 days) 11 router-1 & router-2: provider-edge (PE) routers router-3: core router (REN peering) router-4: core router (commercial peering) OP: observation point

12 Effectiveness Analysis Two types of effectiveness –Cumulative effectiveness (C i ): percent of alpha bytes (bytes reported in alpha NetFlow reports) that would have been redirected in period (1,i) –Daily effectiveness (E i ): percent of alpha bytes that would have been redirected on day i Choose aging parameter for: –High effectiveness –Stability in firewall-filter size 12

13 Aging parameter: tradeoff effectiveness with size of firewall filter graphs for router 1 (similar for other routers) 30 days is good compromise for aging parameter 13 Firewall filter size stable with aging parameter 30 Cumulative effectiveness > 90%

14 Cumulative effectiveness (/24) 14 Provider edge routers (single customers) Peering routers (router-3: REN; router-4: commercial) Why is cumulative effectivness lower for peering routers, esp. router-4? Boxplots for 214 values each router-1 omitted as it is similar to router-2 Cumulative effectiveness

15 Effectiveness comparisons 15 Obs. 1: higher effectiveness for /24 than for /32 Obs. 2: higher effectiveness for router-1 and router-2 than for router-3 and router-4 Obs. 3: fewer alpha prefix IDs for router-3 and router-4

16 Explanations 16 Obs. 1 : data-transfer node clusters are typically located in the same /24 subnet; thus, repetition is greater with /24 than /32 Obs. 2 and obs. 3: Higher effectiveness for routers 1 & 2: downloads from supercomputing facilities are repetitive (a scientist accesses the same data transfer nodes) Lower effectiveness for routers 3 & 4: fewer uploads to DoE labs than downloads from DOE labs expect few, if any, scientific data transfers from commerical peers (router-4)

17 Outline Problem statement & Motivation Hybrid Network Traffic Engineering System (HNTES) HNTES evaluation –NetFlow data collection –Effectiveness –Afflicted-flow packet percentage 17

18 Afflicted-flow packets B: set of non-alpha NetFlow reports for flows that share alpha prefix IDs Divide B into four subsets in sequence –C: non-alpha reports of alpha flows –D  B-C: data-transfer reports (heuristic) –W  B-C-D: well-known ports –L: leftover = B-C-D-W Afflicted flows: W+L 18

19 Afflicted-flow packets Tradeoff: /24 vs /32 –/32 has lower effectiveness: large % of afflicted-flow packets will be impacted when an alpha flow is not redirected –/24 has higher afflicted-flow packet percentage: small % of afflicted-flow packets are adversely impacted Recommend /24 address prefixes for firewall filters 19 Percentage of afflicted-flow packets in samples of beta-flow (non- alpha flow) packets; across the 214-day period

20 Conclusions Hypothesis: Most high-speed data transfer nodes have static IP addresses, and alpha flows are created repeatedly between the same source-destination subnets –Validated for flows generated by dataset downloads as observed at edge routers HNTES solution of determining src-dest address prefixes of completed alpha flows & using these prefixes to set firewall filters for future alpha-flow redirection is effective for downloads from DOE labs Less effective for uploads esp. from commercial peering links – But alpha-flow causing uploads are fewer 20

Download ppt "1 Traffic Engineering of High-Rate Large-sized Flows Acknowledgment: UVA work is supported by DOE ASCR grants DE-SC002350 and DE-SC0007341, and NSF grants,"

Similar presentations

Traffic Dynamics at a Commercial Backbone POP Nina Taft Sprint ATL Co-authors: Supratik Bhattacharyya, Jorjeta Jetcheva, Christophe Diot.

Traffic Dynamics at a Commercial Backbone POP Nina Taft Sprint ATL Co-authors: Supratik Bhattacharyya, Jorjeta Jetcheva, Christophe Diot.
Storage System Integration with High Performance Networks Jon Bakken and Don Petravick FNAL.

Storage System Integration with High Performance Networks Jon Bakken and Don Petravick FNAL.
Policy-based Congestion Management for an SMS Gateway Alberto Gonzalez (KTH) Roberto Cosenza (Infoflex) Rolf Stadler (KTH) June 8, 2004, Policy Workshop.

Policy-based Congestion Management for an SMS Gateway Alberto Gonzalez (KTH) Roberto Cosenza (Infoflex) Rolf Stadler (KTH) June 8, 2004, Policy Workshop.
Detectability of Traffic Anomalies in Two Adjacent Networks Augustin Soule, Haakon Ringberg, Fernando Silveira, Jennifer Rexford, Christophe Diot.

Detectability of Traffic Anomalies in Two Adjacent Networks Augustin Soule, Haakon Ringberg, Fernando Silveira, Jennifer Rexford, Christophe Diot.
FLAME: A Flow-level Anomaly Modeling Engine

FLAME: A Flow-level Anomaly Modeling Engine
S305 – Network Infrastructure Chapter 5 Network and Transport Layers Part 2.

S305 – Network Infrastructure Chapter 5 Network and Transport Layers Part 2.
Router Architecture : Building high-performance routers Ian Pratt

Router Architecture : Building high-performance routers Ian Pratt
1 Chin Guok ESnet Network Engineer David Robertson DSD Computer Software Engineer Lawrence Berkeley National Laboratory.

1 Chin Guok ESnet Network Engineer David Robertson DSD Computer Software Engineer Lawrence Berkeley National Laboratory.
Traffic Engineering With Traditional IP Routing Protocols

Traffic Engineering With Traditional IP Routing Protocols
Traffic Engineering Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.

Traffic Engineering Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.
Lan Nguyen Mounika Namburu 1.  DDoS Defense Research  A2D2 Design ◦ Subnet Flooding Detection using Snort ◦ Class -Based Queuing ◦ Multi-level Rate.

Lan Nguyen Mounika Namburu 1.  DDoS Defense Research  A2D2 Design ◦ Subnet Flooding Detection using Snort ◦ Class -Based Queuing ◦ Multi-level Rate.
A Novel Approach for Transparent Bandwidth Conservation David Salyers, Aaron Striegel University of Notre Dame Department of Computer Science and Engineering.

A Novel Approach for Transparent Bandwidth Conservation David Salyers, Aaron Striegel University of Notre Dame Department of Computer Science and Engineering.
1 End-to-End Detection of Shared Bottlenecks Sridhar Machiraju and Weidong Cui Sahara Winter Retreat 2003.

1 End-to-End Detection of Shared Bottlenecks Sridhar Machiraju and Weidong Cui Sahara Winter Retreat 2003.
1 Emulating AQM from End Hosts Presenters: Syed Zaidi Ivor Rodrigues.

1 Emulating AQM from End Hosts Presenters: Syed Zaidi Ivor Rodrigues.
Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.

Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
Reduced TCP Window Size for Legacy LAN QoS Niko Färber July 26, 2000.

Reduced TCP Window Size for Legacy LAN QoS Niko Färber July 26, 2000.
1 Scheduling calls with known holding times Reinette Grobler * Prof. M. Veeraraghavan University of Pretoria Polytechnic University

1 Scheduling calls with known holding times Reinette Grobler * Prof. M. Veeraraghavan University of Pretoria Polytechnic University
CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.

CECS 474 Computer Network Interoperability Tracy Bradley Maples, Ph.D. Computer Engineering & Computer Science Cal ifornia State University, Long Beach.
Reading Report 14 Yin Chen 14 Apr 2004 Reference: Internet Service Performance: Data Analysis and Visualization, Cross-Industry Working Team, July, 2000.

Reading Report 14 Yin Chen 14 Apr 2004 Reference: Internet Service Performance: Data Analysis and Visualization, Cross-Industry Working Team, July, 2000.

Similar presentations

Ads by Google