Upload
gervais-tyler
View
214
Download
1
Embed Size (px)
Citation preview
Using Virtual Links to Discover Network TopologyBrett Holbert, Thomas F. La Porta
• Topology Discovery-Network topology may only be partially known-Want to reconstruct unknown areas• Leverage Previously Diagnosed Link Failures-Collected failure results over a period of time-Simultaneously failed paths share components
-Assumes only single failures•Merge Virtual Links to Obtain Topology Estimate
-Start with worst case of all virtual links separate-Merge links to refine estimated topology towards real topology
• Represent Areas of Unknown Network Topology-Traceroute blocked by some routers-Results in absence of some path information-Virtual links cover the unknown area [1]• Implementation-Virtual links implemented along source/destination paths-One real link may be a member of multiple virtual links-May also include known links-Assume know number of hops in a virtual link
Defense Threat Reduction Agency
Future Work• Continue Testing with Additional Network Types
-Increase % of unknown routers-Test on real-world network topologies
• Direct Network Comparison-Currently evaluating results based on network measures-Evaluate based on complete topology differences
-MAX COVERAGE [3], netCSI [4], etc.• Usefulness as Fault Diagnosis Input-Test estimated topologies as input to fault diagnosis tools-Failure-topology estimation cycle to refine results over time
References[1] Jin, X., Y, W.-P.K., Chan, S.-H.G., Wang, Y., “Network Topology
Inference Based on End-to-End Measurements,” IEEE JSAC, 2006.
[2] Yao, B., Ramesh, V., Chang, F. & Waddington, D., "Topology Inference in the Presence of Anonymous Routers," INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications. IEEE Societies , vol.1, 353- 363, 2003.
[3] R. R. Kompella, J. Yates, A. Greenberg, A. C. Snoeren, “Detection and Localization of Network Blackholes”, IEEE INFOCOM, 2007.
[4] Tati, S., Rager, S., La Porta, T. & Jun Ko, B., “netCSI: A Generic Fault Diagnosis Algorithm for Large Scale Failures in Computer Networks”, Network and Security Research Center, Department of Computer Science and Engineering, Pennsylvania State University, University Park, PA, USA, Tech., 2010.
Virtual Link Examples
• Merge Individual Links in Virtual Links-Determine which links are actually the same-Iteratively merge two links together• Remove Impossible Merging Options-Merges which would violate path length [2]-Merges which violate virtual link endpoints-Miscellaneous additional small restraints
•Metrics for Choosing Links to Merge-Links with greatest or least number of merging options
-Based on previous work with merging routers [2]-Links with most simultaneous failures
•Construct Estimated Topology-Known area remains the same-Unknown area rebuilt based on merges performed
-Merged links share endpoints
• Simulated Network-139 routers, 10 sources, 20 destinations, 600-800 links
-Paths exist between all sources and sources/destinations-5% of non-source/destination routers made unknown-Resulting network measures averaged over 10 topologies• Merging Algorithms-Merge by router with fewest/greatest number of options [2]
-Used as baseline from previous work-Merge by link with fewest/greatest number of options-Merge by link with most simultaneous failures, then fewest/greatest number of options
• Average Network Measures
Introduction Virtual Links
Merging Current Results
Known Links/Routers
Unknown Links/Routers
Virtual Links
# of Nodes
# of Links
Avg. Node Degree
Avg. ClusteringCoefficient
Avg. Path Length
Ground Truth 96.9 182.3 3.543 0.096 4.665
Router Min 110.2 205.8 3.540 0.081 4.406
Router Max 109.1 205.0 3.561 0.085 4.380
Link Min 99.8 185.5 3.503 0.093 4.598
Link Max 101.6 188.6 3.501 0.091 4.598
Fault-Link Min 100.7 186.9 3.499 0.091 4.603
Fault-Link Max 101.7 188.6 3.496 0.091 4.592