netcheck: network diagnoses from blackbox traces yanyan zhuang, eleni gessiou nyu poly, university...
TRANSCRIPT
NetCheck: Network Diagnoses from Blackbox Traces
Yanyan Zhuang, Eleni GessiouNYU Poly,
University of British Columbia
Motivation
• Ping– Only reachability
• Wireshark– Applicationor network-specific knowledge
• Network Config Analysis– Detailed network knowledge – HW + config
• …
Goal
• Diagnose network problems in large and complex applications
• Without modifying the original application
Syscall trace from strace
Challenges
• Accuracy: ambiguity in order reconstruction
• Efficiency: exploring an exponential space of possible orderings
• Network complexity: diagnosing issues in real networks
NetCheck Overview
Finding deviations from the model of the network (Deutsch’s Fallacies)network is reliable, latency is zero, etc.
Priority & Dependency of syscalls
e.g.
Fault diagnoses
Rules summary
Example of rule (1): when a client is behind a NAT, (i) the client uses a private IP, (ii) the peer socket address in server’s accept is not the client’s IP
Evaluation
• Reproduce reported bugs from bug trackers (Python, Apache, Ruby, Firefox, etc.)– A total of 71 bugs– Correct analysis of 95.7% bugs
• Twenty faults observed in practice on a live network(Seattle Testbed)– 90% of cases correctly detected
Runtime performance overhead
Best: O(l)
Worst: O(nl)
Conclusion
• Derives a plausible global traces ordering as a proxy for the ground truth
• Uses a model of expected and simple network behavior to identify and diagnose unexpected behavior