a suite of schemes for user-level network diagnosis without infrastructure
DESCRIPTION
A Suite of Schemes for User-level Network Diagnosis without Infrastructure. Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern University. Motivation. How do end users, with no special privileges, identify packet loss inside the network with one or two computers?. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/1.jpg)
1
A Suite of Schemes for User-level Network Diagnosis without Infrastructure
Yao Zhao, Yan ChenLab for Internet and Security Technology, Northwestern Univ
ersity
![Page 2: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/2.jpg)
2
Motivation
• How do end users, with no special privileges, identify packet loss inside the network with one or two computers?
![Page 3: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/3.jpg)
3
Motivation
• How do end users, with no special privileges, identify packet loss inside the network with one or two computers?
• Take-home– We propose three user-level loss rate
diagnosis approaches– The combo of our approaches and
Tulip [SOSP03] is much better than any single approach
![Page 4: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/4.jpg)
4
Outline
• Motivation• Related Works• Lossy Link Diagnosis
– Fragmentation Aided Diagnosis (FAD)• Algebraic FAD• Opportunistic FAD
– Striped Probe Analysis (SPA)
• Evaluations• Conclusions
![Page 5: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/5.jpg)
5
Related Work I
• Internet Tomography– Multicast based (not practical)– Unicast based
• Mimic multicast
L1 L2 L3 L4
S
Virtua
l link
The more cooperating end
hosts, the shorter the virtual links
![Page 6: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/6.jpg)
6
Related Work II
• Tulip [SOSP03]– Leverage on consecutive IPID– Tend to underestimate forward loss
rates• Suffer from the packet loss correlation
x
id
id+1
Forward Loss
S D
xid
id+2
Reverse Loss
S D
xid
S D
x
?
![Page 7: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/7.jpg)
7
Outline
• Motivation• Related Works• Lossy Link Diagnosis
– Fragmentation Aided Diagnosis (FAD)• Algebraic FAD• Opportunistic FAD
– Striped Probe Analysis (SPA)
• Evaluations• Conclusions
![Page 8: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/8.jpg)
8
Link Diagnosis=> Forward Path Diagnosis
• If we can infer the loss rates of forward path F1 and F2, we can infer the link loss rate of l3
F1
DS R1 R2
F2
l3l2l1
• The more diagnosable forward path segments, the better the diagnosis granularity
![Page 9: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/9.jpg)
9
Basic Idea of FAD
S NP R
P
R
S NP1 RP2R
P1
P2
![Page 10: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/10.jpg)
10
Algebraic FAD
• Let pf and pr be the loss rate of the forward and reverse path respectively
P
R
R
P1
P2
(1 - pf)×(1 - pr)=1 – p (1)
(1 - pf)2×(1 - pr)=1 – p’ (2)
p and p’ are measurable. Solve pf and pr using (1) and (2)
![Page 11: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/11.jpg)
11
How to Achieve FAD
IP Fragmentation– Fragment a packet longer than MTU– Required to be supported in IPv4– Some routers disable it for security reason
• Support of IP Fragmentation– 64,320 router IP addresses probed by using Tr
aceroute– About 80% of routers support IP fragmentation
• Degree of Rate Limiting on Responses– 99% of routers allow a rate of 100 probes/s for
ICMP Echo, ICMP Timestamp and TCP probes– Response to UDP probe is severely rate-limited
![Page 12: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/12.jpg)
12
Opportunistic FAD
F1 F2+ P
F’2F1+ P’
aaaaaaaa bbbbbbbb aaaaaaaabbbbbb
aaaaaaaa ccccccccc aaaaaaaacccccccc
![Page 13: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/13.jpg)
13
Opportunistic FAD
R’
Forward Loss
F1
xF
2
F’2R
No Loss
S NF
1
F2
F’2 F1+F2
F1+F’2
S N
Similar to Tulip, but OFAD allows large gap between fragments
![Page 14: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/14.jpg)
14
Striped Probe Analysis (SPA)
• S sends a probe to D and we get the path p1->p2
• S sends UDP packet with a certain TTL so that R returns an ICMP TTL-Exceeded response. Hence we get path p1->p3
S
p1
p3
p2DR
S
R
D S
p1
p2 p3
![Page 15: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/15.jpg)
15
Striped Probe Analysis (SPA)
S
R
S
p1
p2 p3
P1 P2
(1) Loss on shared link
D
![Page 16: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/16.jpg)
16
Striped Probe Analysis (SPA)
• Success rate of p1≈n1×n2 / (n×n12) – n: number of striped probes sent, – n1: number of P1 received by D, – n2: number of P2 received by S, – n12: number of cases that both P1 and P2 are received
• Unbiased if packet loss has perfect correlation and loss rates of different links are independent
S
R
S
p1
p2 p3
P1 P2
(2) Loss on non-shared link
D
S
R
S
p1
p2 p3
(1) Loss on shared link
D
![Page 17: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/17.jpg)
17
Summary
Requirement Accuracy
Tulip [SOSP03]
Consecutive IPID (70%)Inaccurate w/ strong loss correlation
FAD (AFAD & OFAD)
IP fragmentation (80%)Accurate w/ weak or short loss correlation
SPAICMP TTL-Exceeded. Access from both end hosts
Accurate w/ strong loss correlation
The current Internet usually has strong but short loss correlation.
![Page 18: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/18.jpg)
18
Outline
• Motivation
• Related Works
• Lossy Link Diagnosis– FAD– SPA
• Evaluations
• Conclusions
![Page 19: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/19.jpg)
19
Evaluation Metrics
• Diagnosis Granularity– Weighted average of the lengths of the
path’s diagnosable segments– For example, an 8-hop path has two
diagnosable segments of length 3 and 5, and then the granularity of the path is (32 + 52)/8 = 4.25
• Accuracy– Estimation error: – Relative error:
![Page 20: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/20.jpg)
20
Diagnosis GranularitySPA
is best
FAD ≈Tulip
Combo of FAD and
Tulip is better
![Page 21: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/21.jpg)
21
Path-Level Accuracy Evaluation
FAD > Tulip > SPA
OFAD, Tulip and SPA tends to underestimate
loss rates
![Page 22: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/22.jpg)
22
More Evaluations
• Consistency Check
• Packet Probe Size Selection
• Lossy Link Distribution• More in the technical report
http://www.cs.northwestern.edu/~yzh734/
![Page 23: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/23.jpg)
23
Conclusions and Recommendations
• We propose AFAD, OFAD and SPA which can conduct loss rate diagnosis without infrastructure
• Tulip, FAD and SPA have different working scenarios– The combination of them can achieve low diagn
osis granularity and high accuracy
• Recommendations– OFAD+SPA, if we can control the two ends of a
n end-to-end path– OFAD+Tulip, if we can only control the source
![Page 24: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/24.jpg)
24
![Page 25: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/25.jpg)
25
Thanks!
Questions?
![Page 26: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/26.jpg)
26
Path-Level Accuracy of Combined Schemes
![Page 27: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/27.jpg)
27
![Page 28: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/28.jpg)
28
Path-Level Accuracy Evaluation
![Page 29: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/29.jpg)
29
Path-Level Accuracy of Combined Schemes
![Page 30: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/30.jpg)
30
IP Fragmentation Is Widely Supported
• Router Collection– 64,320 router IP addresses probed by using traceroute from a
machine• Support of Different Probes
• Support of IP Fragmentation– 90.3% of responsive routers support IP fragmentation– Altogether about 80% of routers support FAD.
• Degree of Rate Limiting on Responses– 99% of routers allow a rate of 100 probes/s for ICMP Echo,
ICMP Timestamp and TCP probes– UDP probe is severely rate-limited
Echo Timestamp UDP TCP Any
1 source 85.3% 69.2% 64.5% 71.7% 88.2%
10 sources 87.3% 72.3% 70.7% 73.3% 90.1%
![Page 31: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/31.jpg)
31
Packet Transmission Correlation
• Choose 100 PlanetLab hosts and randomly measure 5000 paths
• Little loss correlation with enough gap
![Page 32: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/32.jpg)
32
Forward Path Diagnosis => Link Diagnosis
• If we can infer the loss rates of forwarding path l1 and P1, we can infer the link loss rate of l2 too.
D
![Page 33: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/33.jpg)
33
Opportunistic FAD
• n: number of R12 received, n’: number of R’12 received
• Xi = 0 when forward packet i is lost and Xi =1 otherwise
• P(X2=1)≈P(X2=1|X1=1)≈n/(n+n’)
R12
P1
P2
P’2
R’12
P1
P2
P’2
x
(1) (2)
![Page 34: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/34.jpg)
34
Striped Probe Analysis (SPA)
• No fragmented packets needed !
• S sends a probe to D and we get the path l1->l2
• S sends UDP packet with a certain TTL so that R returns an ICMP TTL-Exceeded response. Hence we get path l1->l3
S R
l1
l3
l2
S
R
D S
l1
l2 l3
D
![Page 35: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/35.jpg)
35
Striped Probe Analysis (SPA)
S
R
S
l1
l2 l3
P1 P2
D
![Page 36: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/36.jpg)
36
Striped Probe Analysis (SPA)
S
R
S
l1
l2 l3
P1 P2
(1) No loss (2) Loss on shared link
S
R
S
l1
l2 l3
P1 P2
D D
![Page 37: A Suite of Schemes for User-level Network Diagnosis without Infrastructure](https://reader035.vdocuments.site/reader035/viewer/2022062322/568150a8550346895dbeb8a2/html5/thumbnails/37.jpg)
37
Striped Probe Analysis (SPA)
• Success rate of l1≈n1×n2 / (n×n12) – n: number of striped probes sent, – n1: number of P1 received by D, – n2: number of P2 received by S, – n12: number of cases that both P1 and P2 are received
• Unbiased if packet loss has perfect correlation and loss rates of different links are independent
S
R
S
l1
l2 l3
S
R
S
l1
l2 l3
P1 P2
(1) No loss (2) Loss on shared link (3) Loss on non-shared link
S
R
D S
l1
l2 l3
P1 P2
D D