DOCSLIB.ORG

Techniques for Monitoring and Measuring Virtualized Networks

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Techniques for Monitoring and Measuring Virtualized Networks June 22, 2018 Techniques for Monitoring and Measuring Virtualized Networks Aman Shaikh & Vijay Gopalakrishnan AT&T Labs ‐ Research © 2018 AT&T Intellectual Property. All rights reserved. AT&T, Globe logo, Mobilizing Your World and DIRECTV are registered trademarks and service marks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks are the property of their respective owners. Outline Introduction and Background • Service‐provider and datacenter networks • Introduction to Network Function Virtualization (NFV) – Software Defined Networking (SDN) Challenges • General challenges in network measurements • Challenges specific to NFV Measurement and monitoring • What and how of data collection • Data collection and tools in today’s cloud • Measurement applications: trouble‐shooting, performance improvement, verification • Leveraging SDN and end‐hosts for measurements Summary • Additional Resources 2 Introduction and Background Why the move towards SDN and NFV 3 Network Traffic Trends* Unprecedented growth in data traffic • Ten‐fold increase in traffic volume b/w 2014 and 2019 Large number of diverse devices • Devices becoming mobile • 11.5 billion devices, including 3B IoT devices by 2019 Multitude of Demanding applications • ¾ of the data traffic will be video by 2019 Growth of Cloud Computing • Variable demand, transient applications *Source: Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update 2014‐2019 4 Traditional Networking Technology trends Introducing, modifying, or scaling networking services is difficult Proprietary, fixed High spatial and The cost of reserving The cost and lack of function, and hardware temporal variability in the space and energy skilled professionals to nature of network “demand”, especially for a variety of network integrate and maintain appliances closer to the edge equipment network services 5 Concrete Example: Cellular Network Architecture • Hardware appliances supporting • Statically provisioned at a few specific cellular network functions central locations – specialized, expensive – hard to predict load at edge, cannot repurpose 6 Problems with Traditional deployments Inefficient load distribution Path Inflation Performance Impacts Limited Customization 7 Problems with Traditional deployments Inefficient load distribution Path Inflation Performance Impacts Limited Customization 4 Problems with Traditional deployments City A Inefficient load distributionCity A Path InflationCity B City B User Cellular User Network Data center Cellular hosting S/P‐ Network Internet GWs Server Performance Impacts Limited CustomizationData center hosting S/P‐GWs Internet Server 4 Problems with Traditional deployments Inefficient load distributionCity A Path Inflation City B User Cellular Network Data center hosting S/P‐ Internet GWs Server Performance Impacts Limited Customization 4 Problems with Traditional deployments Inefficient load distributionCity A Path Inflation City B User Cellular Network Data center hosting S/P‐ Internet GWs Server Performance Impacts Limited Customization Diverse Devices Diverse applications Diverse NFs Transcoder Smartphone Fleet tracking IDS Firewall Smart meter 4 Moving towards SDN and NFV • Take advantage of advances in Cloud technology • Network elements are applications running on a common hardware platform • Reduce capital and energy expenses by consolidating network elements • Software as a driver to change the innovation cycle • Reduce time to market customer targeted and tailored services 12 How does it work? Virtual Machine Virtual Machine Virtual Machine Virtual Machine Virtual Network Virtual Network Virtual Network Virtual Network Function Function Function Function Virtual Switch Server Platform Physical Network 13 Key NFV technology Strengths and Weaknesses NFV Design Principles Separation of software from hardware • Enable software to evolve independent from hardware, and vice versa Flexible deployment of network functions • Deploy automatically network‐function software on a pool of hardware resources • Run different functions at different times in different data centers Dynamic service provisioning • Scale the NFV performance dynamically and on a grow‐as‐you‐ need basis • Fine granularity control based on the current network conditions 15 Technical Requirements Performance Manageability – Keep the degradation as small as possible – Different from data center networking, where – Understand the maximum achievable the hardware resources are almost equivalent performance of the underlying programmable – Support sharing spare resources and elastic hardware provisioning of network services effectively Reliability and Stability Security – Minimize service reliability and service level – Share underlying networking and storage, run in agreement impacts when evolving to NFV other’s data center, outsource to 3rd party – Ensure service stability when reconfiguring or – Introduction of new elements, such as relocating software‐based virtual appliances orchestrators and hypervisors 16 Problem with Software‐based Packet Processing 17 Enter DPDK (Data Plane Development Kit) 40 31.2 User‐space software libraries for accelerating packet processing L3 30 20 workloads on Commercial Off The Shelf (COTS) hardware platform Core 10 (Mpps) 1.1 Per Performance 0 Linux DPDK High‐performance, community‐driven solution Platform • Delivers 25X performance jump over Linux DPDK Sample Customer ISV Eco-System • Open Source, BSD License; Vibrant community support and Applications Applications Applications Packet adoption; EAL ETHDEV LPM FrmWork EXACT MALLOC E1000 IGB • Comprehensive NFV and Intel architecture support DISTRIB MATCH IXGBE I40e MBUF Extns ACL • User space application development; multiple models VMXNET3 FM 10K MEMPOOL Classify KNI XENVIRT Cisco VIC* RING • Over two‐dozen pre‐built sample applications PCAP Mellanox* POWER METER TIMER Broadcom* IVSHMEM Core (PMDs: Native & SCHED Libs Platform Virtual) QoS Host of other techniques to improve performance User Space • Software prefetch, Core‐thread affinity, vector instructions, KNI IGB_UIO VFIO Algorithmic optimizations, Hardware offload, Bulk Functions 18 How does DPDK work? User‐Space DPDK App Driver constantly polls the NIC for packet core is packet processing (Poll‐based) pegged at 100% use (Event‐based) VNF Application VNF Application • Takes advantage of multiple cores on modern CPU DPDK User • Not all cores used for computation; Dedicate a (few) core(s) Dataplane Space Dataplane for packet processing 2. System Call (read) Socket Socket API • Gets around limitations with interrupt driven packet API 3. System Call processing (used by traditional NIC drivers) (write) Kernel 1. DMA 2. DMA Space Write Read Provides memory management libraries for skb_buf 1. Interrupt 4. DMA efficient packet copy & DMA • Allocate large chunk of memory in application mapped to Ethernet Driver API Ethernet Driver API DPDK NIC NIC NIC • Raw packets copied directly into application memory Packet Buffer Driver Packet Buffer 19 Need for Interface Sharing Physical Servers Virtualized Servers ? Network Network 20 Software‐Based Sharing Utilizes emulation techniques to provide a logical I/O hardware device to the VM • Interposes itself between the driver running in the guest OS and the underlying hardware (via emulation or split‐driver) Features • Parses the I/O commands • Translates guest addresses into host physical addresses • Ensures that all referenced pages are present in memory • Maps multiple I/O requests from VMs into a single I/O stream for underlying hardware Examples • Open VSwitch (Layer‐2), Juniper Contrail (Layer‐3) Drawback • Poor performance * Source: Intel White Paper on SR‐IOV 21 Direct Assignment Bypasses the VM I/O emulation layer to write directly to the memory space of a virtual machine • Akin to servers’ ability to safely DMA data to directly to/from host memory • Uses enhancements like Intel VT‐d • Results in throughput improvement for the VMs Drawback • Limited scalability; a physical device can only be assigned to one VM * Source: Intel White Paper on SR‐IOV 22 Single Root I/O Virtualization (SR‐IOV) PCI‐SIG Standard to find middle ground between direct attached & software‐based Standardizes a way to bypass the hypervisor involvement in data movement • SR‐IOV capable device appears as multiple devices, Physical or Virtual Functions (PF / VF) • Provides independent memory space, interrupts, and DMA streams for each virtual machine • SR‐IOV assigns one or more VF to a virtual machine • SR‐IOV enables hypervisor bypass by providing the ability for VMs to attach to a VF * Source: Intel White Paper on SR‐IOV 23 Using SR‐IOV and DPDK Existing VNF implementations rely on this approach for performance! 24 Pros and Cons of these approaches Software‐based sharing High level of flexibility and control, easy extensibility Preferred approach with virtualization because of recovery and migration Recent efforts on getting better performance Supports only subset of functions provided by the network card (NIC) Significant CPU overhead SR‐IOV Provides good network performance and sharing of network interface Requires support in the BIOS as well as in the operating system/hypervisor Orchestration limitations; no easy way to migrate VMs Networking restrictions in a cloud environment (because of hypervisor bypass) 25 NFV platforms/building blocks Vector Packet Processor (VPP)‐ Originally from Cisco, but currently open source (fd.io) • DPDK based data plane, features implemented as graph, Large code base
Load more

Recommended publications
  • ECE 435 – Network Engineering Lecture 15
    ECE 435 { Network Engineering Lecture 15 Vince Weaver http://web.eece.maine.edu/~vweaver [email protected] 25 March 2021 Announcements • Note, this lecture has no video recorded due to problems with UMaine zoom authentication at class start time • HW#6 graded • Don't forget HW#7 • Project Topics due 1 RFC791 Post-it-Note Internet Protocol Datagram RFC791 Source Destination If other than version 4, Version attach form RFC 2460. Type of Service Precedence high reliability Routine Fragmentation Offset high throughput Priority Transport layer use only low delay Immediate Flash more to follow Protocol Flash Override do not fragment CRITIC/ECP this bit intentionally left blank TCP Internetwork Control UDP Network Control Other _________ Identifier _______________________ Length Header Length Data Print legibly and press hard. You are making up to 255 copies. _________________________________________________ _________________________________________________ _________________________________________________ Time to Live Options _________________________________________________ Do not write _________________________________________________ in this space. _________________________________________________ _________________________________________________ Header Checksum _________________________________________________ _________________________________________________ for more info, check IPv4 specifications at http://www.ietf.org/rfc/rfc0791.txt 2 HW#6 Review • Header: 0x000e: 4500 = version(4), header length(5)=20 bytes ToS=0 0x0010: 0038 = packet length (56 bytes) 0x0012: 572a = identifier 0x0014: 4000 = fragment 0100 0000 0000 0000 = do not fragment, offset 0 0x0016: 40 = TTL = 64 0x0017: 06 = Upper layer protocol (6=TCP) 0x0018: 69cc = checksum 0x001a: c0a80833 = source IP 192.168.8.51 0x001e: 826f2e7f = dest IP 130.111.46.127 • Valid IPs 3 ◦ 123.267.67.44 = N ◦ 8.8.8.8 = Y ◦ 3232237569 = 192.168.8.1 ◦ 0xc0a80801 = 192.168.8.1 • A class-A allocation is roughly 224=232 which is 0.39% • 192.168.13.0/24.
    [Show full text]
  • "Mutually Controlled Routing with Independent Isps"
    Mutually Controlled Routing with Independent ISPs Ratul Mahajan David Wetherall Thomas Anderson Microsoft Research University of Washington University of Washington and Intel Research Abstract – We present , an Internet routing pro- Our intent is to develop an interdomain routing proto- Wiser tocol that enables ISPs to jointly control routing in a way col that addresses these problems at a more basic level. that produces efficient end-to-end paths even when they We aim to allow all ISPs to exert control over all routes act in their own interests. is a simple extension to as large a degree as possible, while still selecting end- Wiser of BGP, uses only existing peering contracts for mone- to-end paths that are of high quality. This is a difficult tary exchange, and can be incrementally deployed. Each problem and there are very few examples of effective me- ISP selects paths in a way that presents a compromise diation in networks, despite competitive interests having between its own considerations and those of other ISPs. long been identified as an important factor [8]. Done over many routes, this allows each ISP to improve While it is not a priori obvious that it is possible to its situation by its own optimization criteria compared to succeed at this goal, our earlier work on Nexit [28] sug- the use of BGP today. We evaluate using a router- gests that efficient paths are, in fact, a feasible outcome of Wiser level prototype and simulation on measured ISP topolo- routing across independent ISPs in realistic network set- gies. We find that, unlike Internet routing today, tings.
    [Show full text]
  • FRR - a New Quagga Fork with a More Open Development
    FRR - A new Quagga fork with a more open development Martin Winter [email protected] 1 What is FRR ? (for the not so technical People) ‣ Open Source (GPLv2+) Routing Stack ‣ Implements RIP, RIPng, OSPF (v2&v3), ISIS, BGP, PIM, LDP ‣ Fork of Quagga ‣ Works on Linux and most BSD based systems ‣ For use in many Clouds as virtual routers, white box vendors and network providers (full routing stack) 2 FRR - Why a new fork? Community Driven Faster Development Open Development Model 3 FRR - Who is behind the Fork? 4 FRR - What’s different? ‣ Methodical vetting of submissions ‣ More automated testing of contributions ‣ Github centered development ‣ Elected Maintainers & Steering Committee ‣ Common Assets held in trust by Linux Foundation 5 FRR – Current Status First stable version (2.0) – out very soon BGP Zebra LDP (new) ‣ Performance & Scale fixes ‣ MPLS Support IPv4/v6 for static ‣ RFC 5036 (LDP Specification) LSPs ‣ AddPath Support ‣ RFC 4447 (Pseudowire Setup and Maintenance using LDP) ‣ Remote-AS internal/external ‣ 32-bit route-tags Support ‣ RFC 4762 – (Virtual Private LAN ‣ Nexthop Tracking Service (VPLS) using LDP) ‣ BGP Hostname support ‣ RFC 5549 (unnumbered) Support ‣ RFC 6720 - The Generalized TTL ‣ Update Groups Security Mechanism (GTSM) for ‣ RFC 5549 (unnumbered) Support LDP ‣ Nexthop tracking ‣ RFC 7552 - Updates to LDP for OSPF V2/V3 IPv6 ‣ 32-bit route-tags ‣ OpenBSD Support restored Others Testing ‣ 32-but route-tags ‣ JSON Support ‣ Dejagnu unittests changed to pytest ‣ RFC 5549 (unnumbered) Support ‣ VRF Lite (Linux VRF device support) for BGP and Zebra ‣ Topology Tests 6 ‣ Snapcraft Packaging FRR - Links ‣ Website (very soon!) • http://www.frrouting.org ‣ Github • http://github.com/freerangerouting/frr.git ‣ Issue Tracker • https://github.com/freerangerouting/frr/issues ‣ New feature list, test results etc (until web is up) • https://github.com/freerangerouting/frr/wiki 7.
    [Show full text]
  • Openflow: Enabling Innovation in Campus Networks
    OpenFlow: Enabling Innovation in Campus Networks Nick McKeown Tom Anderson Hari Balakrishnan Stanford University University of Washington MIT Guru Parulkar Larry Peterson Jennifer Rexford Stanford University Princeton University Princeton University Scott Shenker Jonathan Turner University of California, Washington University in Berkeley St. Louis This article is an editorial note submitted to CCR. It has NOT been peer reviewed. Authors take full responsibility for this article’s technical content. Comments can be posted through CCR Online. ABSTRACT to experiment with production traffic, which have created an This whitepaper proposes OpenFlow: a way for researchers exceedingly high barrier to entry for new ideas. Today, there to run experimental protocols in the networks they use ev- is almost no practical way to experiment with new network ery day. OpenFlow is based on an Ethernet switch, with protocols (e.g., new routing protocols, or alternatives to IP) an internal flow-table, and a standardized interface to add in sufficiently realistic settings (e.g., at scale carrying real and remove flow entries. Our goal is to encourage network- traffic) to gain the confidence needed for their widespread ing vendors to add OpenFlow to their switch products for deployment. The result is that most new ideas from the net- deployment in college campus backbones and wiring closets. working research community go untried and untested; hence We believe that OpenFlow is a pragmatic compromise: on the commonly held belief that the network infrastructure has one hand, it allows researchers to run experiments on hetero- “ossified”. geneous switches in a uniform way at line-rate and with high Having recognized the problem, the networking commu- port-density; while on the other hand, vendors do not need nity is hard at work developing programmable networks, to expose the internal workings of their switches.
    [Show full text]
  • Laboratory 2 ARP; Zebra Routing Daemon Part1. Introduction
    Facultatea de Electronică şi Telecomunicaţii Communications Network Laboratory 1 Laboratory 2 ARP; Zebra routing daemon Part1. Introduction ARP Address Resolution Protocol, ARP, is used by a system, which wants to send data an IP address on the local network, and it doesn’t know the destination MAC address. Systems keep an ARP look-up table where they store information about the association between the IP and MAC addresses. If the MAC address is not in the ARP table, then ARP protocol is used it knowing the destination IP addresss. ARP operation for communications inside the local network: • System checks its ARP table for the MAC address associated with the IP address. • If the MAC address is not in the ARP table, an ARP request is broadcasted in the local network, requesting the MAC address for the specified IP address. • The machine with the requested IP address will reply with an ARP packet containing its MAC address. • Thepacket is sent to the learned MAC address. ARP operation for communication between hosts located in different networks • System determines that the IP address does not belong to the local network and decides to send the packet to the gateway. It has to determine the MAC address of the gateway. • It broadcast an ARP request asking for the MAC address of the IP address belonging to the gateway. It knows the gateway’s IP address from the static route specifying the default gateway. • The gateway will reply with its MAC address. • The packet is sent to the gateway. • The gateway will be in charge with sending the packet to the next hop towards the destination.
    [Show full text]
  • Virtually Eliminating Router Bugs
    Virtually Eliminating Router Bugs Eric Keller∗ Minlan Yu∗ Matthew Caesar† Jennifer Rexford∗ ∗ Princeton University, Princeton, NJ, USA † UIUC, Urbana, IL, USA [email protected] {minlanyu, jrex}@cs.princeton.edu [email protected] ABSTRACT 1. INTRODUCTION Software bugs in routers lead to network outages, security The Internet is an extremely large and complicated dis- vulnerabilities, and other unexpected behavior. Rather than tributed system. Selecting routes involves computations across simply crashing the router, bugs can violate protocol se- millions of routers spread over vast distances, multiple rout- mantics, rendering traditional failure detection and recovery ing protocols, and highly customizable routing policies. Most techniques ineffective. Handling router bugs is an increas- of the complexity in Internet routing exists in protocols im- ingly important problem as new applications demand higher plemented as software running on routers. These routers availability, and networks become better at dealing with tra- typically run an operating system, and a collection of proto- ditional failures. In this paper, we tailor software and data col daemons which implement the various tasks associated diversity (SDD) to the unique properties of routing proto- with protocol operation. Like any complex software, routing cols, so as to avoid buggy behavior at run time. Our bug- software is prone to implementation errors, or bugs. tolerant router executes multiple diverse instances of routing software, and uses voting to determine the output to publish 1.1 Challenges in dealing with router bugs to the forwarding table, or to advertise to neighbors. We de- sign and implement a router hypervisor that makes this par- The fact that bugs can produce incorrect and unpredictable allelism transparent to other routers, handles fault detection behavior, coupled with the mission-critical nature of Inter- and booting of new router instances, and performs voting in net routers, can produce disastrous results.
    [Show full text]
  • IEEE Workshop on Open-Source Software Networking (OSSN) CALL for PAPERS
    IEEE Workshop on Open-Source Software Networking (OSSN) CALL FOR PAPERS SEOUL, KOREA – June 6 2016 http://opennetworking.kr/ossn The IEEE International Workshop on Open-Source Software Networking (OSSN 2016) will be held on June 6, 2016 in Seoul Korea along with the 2nd IEEE International Conference on Network Softwarization (NetSoft 2016, sites.ieee.org/netsoft). The OSSN workshop aims to provide a venue for sharing experiences on developing and operating open-source software-centric networking tools and platforms. It intends to cover various aspects for open-source collaboration community of professionals from academia and industry. Full and short (work-in-process) papers are solicited to discuss experiences on development, deployment, operation, and experimental studies around the overall lifecycle of open-source software networking. Topics of Interest Authors are invited to submit papers that fall into any topics related with open-source software networking. Topics of interest include, but are not limited to, the following: • SDN (Software Defined Networking): ONOS, Open Daylight, Ryu, … • NFV (Network Function Virtualization): OPNFV, OpenMano, … • Switching: Open vSwitch, Open Switch, Open Network Linux, Indigo, … • Routing: Click, Zebra, Quagga, XORP, VyOS, Project Calico, … • Wireless: OpenLTE, OpenAirInterface, … • Cloud and Analytics: OpenStack Neutron, Docker networking, Hadoop, Spark, … • Monitoring and Messaging: Catti, Nagios, Zabbix, Zenoss, Ntop, Kafka, RabbitMQ, … • Security and Utilities: Snort, OpenVPN, Netfilter, IPtables, Wireshark, NIST Net, … • Development and Simulation: NetFPGA, GNU radio, ns-3, … Paper Submission Authors are invited to submit only original papers (written in English) not published or submitted for publication elsewhere. Full papers can be up to 6 pages while short (work-in-progress) papers are up to 4 pages.
    [Show full text]
  • Challenges in Testing How Opensourcerouting Tests Quagga
    Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) Sevilla, Spain Feb 10-12, 2016 Challenges in Testing How OpenSourceRouting tests Quagga Martin Winter Feb 10, 2016 1 Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) Who is OpenSourceRouting ? ‣ Who is Open Source Routing ? • www.opensourcerouting.org • Project by NetDEF (Network Device Education Foundation) - www.netdef.org - Non-Profit Company based in California • Working on Quagga Routing ‣ Who is Martin Winter ? • Co-Founder of NetDEF • Focusing on Testing Quagga • Previously worked for Equipment Vendor & large ISP 2 Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) What is Quagga ? ‣ Routing Protocol Stack • RIP / RIPNG / OSPFv2 / OSPFv3 / ISIS / BGP / PIM • Running on Linux / FreeBSD / NetBSD / OpenBSD / Solaris • Used on low-end OpenWRT boxes, physical and virtual software routers, SDN deployments, distributed routers • Originally derived from Zebra • GPLv2+ Open Source / “Community” owned & controlled 3 Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) Quagga Community How it works today No single entity behind Quagga No Large community of “contributers” “Owner” Maintainer = person with commit access Main source git on Savannah Simple Single master branch with Git Model development branch merged into every few months Email Code
    [Show full text]
  • Vyos Documentation Release Current
    VyOS Documentation Release current VyOS maintainers and contributors Jun 04, 2019 Contents: 1 Installation 3 1.1 Verify digital signatures.........................................5 2 Command-Line Interface 7 3 Quick Start Guide 9 3.1 Basic QoS................................................ 11 4 Configuration Overview 13 5 Network Interfaces 17 5.1 Interface Addresses........................................... 18 5.2 Dummy Interfaces............................................ 20 5.3 Ethernet Interfaces............................................ 20 5.4 L2TPv3 Interfaces............................................ 21 5.5 PPPoE.................................................. 23 5.6 Wireless Interfaces............................................ 25 5.7 Bridging................................................. 26 5.8 Bonding................................................. 27 5.9 Tunnel Interfaces............................................. 28 5.10 VLAN Sub-Interfaces (802.1Q)..................................... 31 5.11 QinQ................................................... 32 5.12 VXLAN................................................. 33 5.13 WireGuard VPN Interface........................................ 37 6 Routing 41 6.1 Static................................................... 41 6.2 RIP.................................................... 41 6.3 OSPF................................................... 42 6.4 BGP................................................... 43 6.5 ARP................................................... 45 7
    [Show full text]
  • Zebra 2.0 and Lagopus: Newly-Designed Routing Stack On
    Zebra 2.0 and Lagopus: newly-designed routing stack on high-performance packet forwarder Kunihiro Ishiguro∗, Yoshihiro Nakajimay, Masaru Okiz, Hirokazu Takahashiy ∗ Hash-Set, Tokyo, Japan y Nippon Telegraph and Telephone Corporation, Tokyo, Japan z Internet Initiative Japan Inc, Tokyo, Japan e-mail: [email protected], [email protected], [email protected], [email protected] Abstract First GNU Zebra architecture and its issues Zebra 2.0 is the new version of open source networking When we designed the first GNU Zebra, the biggest ambition software which is implemented from scratch. Zebra 2.0 was to make multi-process networking software work. The is designed to supports BGP/OSPF/LDP/RSVP-TE and co- first GNU Zebra is made from a collection of several dae- working with Lagopus as fast packet forwarder with Open- mons that work together to build the routing table. There may Flow API. In this new version of Zebra, it adapts new archi- be several protocol-specific routing daemons and Zebra’s ker- tecture which is mixture of thread model and task completion nel routing manager. Figure 1 shows the architecture of the model to achieve maximum scalability with multi-core CPUs. first GNU Zebra. RIB (Routing Information Base) / FIB (For- Zebra has separate independent configuration manager that warding Information Base) and the interface manager are sep- supports commit/rollback and validation functionality. The configuration manager understand YANG based configuration arated into an isolated process called ’zebra’. All of protocol model so we can easily add a new configuration written in handling is also separated to it’s own process such as ’ripd’, YANG.
    [Show full text]
  • The Dawn of Open-Source Routing
    VYATTA, INC. | Release Notes Vyatta Release 2.0 February 2007 Document Part No. A0-0081-10-02 Vyatta Suite 160 One Waters Park Drive San Mateo, CA 94403 vyatta.com VYATTA, INC. | Release Notes Contents • New in This Release • Behavior Changes • Upgrade Notes • Resolved Issues • Known Issues New in This Release • IPsec VPN. This release introduces support for IPsec VPN. This IPsec VPN implementation allows small to large enterprises and enterprise branch offices to deploy a high-performance, robust, integrated routing and security solution for site-to-site secure communications. Vyatta’s implementation employs standard cryptographic and hash algorithms and is interoperable with other standards-based IPsec VPN products. • Bug fixes. A number of issues have been resolved with Release 2.0. A summary list of these is provided in the “Resolved Issues” section, which begins on page H2. Behavior Changes There are no behavior changes in this release. Upgrade Notes Release 1.1.2 can be upgraded to Release 2.0 using an ordinary package upgrade. Release 2.0 configuration files are not compatible with configuration files from Release 1.0.3 and earlier. Therefore, existing configurations from Release 1.0.x must be migrated to the new release. Users are strongly urged to consult the Release 2.0 upgrade procedure available in the Subscription Knowledge Base located on the Vyatta Customer Care Center web site (http://www2.vyatta.com/support) for instructions on how to most easily migrate existing Release 1.0.x configurations to Release 2.0. /..1 VYATTA,
    [Show full text]
  • Beyond the Best: Real-Time Non-Invasive Collection of BGP Messages
    Beyond the Best: Real-Time Non-Invasive Collection of BGP Messages Stefano Vissicchio Luca Cittadini Maurizio Pizzonia Luca Vergantini Valerio Mezzapesa Maria Luisa Papagni Dipartimento di Informatica e Automazione, Universita` degli Studi Roma Tre, Rome, Italy fvissicch,ratm,pizzonia,verganti,mezzapes,[email protected] Abstract Despite such a rich set of potential applications, cur- Interdomain routing in the Internet has a large impact rent BGP monitoring practices are quite limited: very of- on network traffic and related economic issues. For this ten, they employ open source BGP daemon implementa- reason, BGP monitoring attracts both academic and in- tions to establish extra BGP peerings with border routers. dustrial research interest. The most common solution for The daemon acts as a route collector, in the sense that collecting BGP routing data is to establish BGP peerings it collects information received via those extra peerings, between border routers and a route collector. dumps it in some format, and stores it for future analy- The downside of this approach is that it only allows ses. For example, this is the approach adopted by Route- us to trace changes of routes selected as best by routers: Views [20] to collect BGP data for the Internet commu- this drawback hinders a wide range of analyses that need nity. Such a practice has two major drawbacks: (i) it is access to all BGP messages received by border routers. only able to collect those routes that have been selected In this paper, we present an effective technique en- as best by the routers that peer with the collector; and abling fast, non-invasive and scalable collection of all (ii) it is only able to collect BGP messages after ingress BGP messages received by border routers.
    [Show full text]