 |
 |
| |||||
 |
 |
 |
|
|
|
 |
 |
 |
« NANOG39 Home Diagnosing Network Disruptions with Network-Wide AnalysisYiyi Huang, Nick Feamster, and Jim Xu, Georgia Tech University; Anukool Lakhina, GuavusPresentation Date: February 6, 2007, 12:00 PM - 12:15 PMAbstract: To maintain high availability in the face of changing network conditions, network operators must quickly detect, identify, and react to events that cause network disruptions. One way to accomplish this goal is to monitor routing dynamics, by analyzing routing update streams collected from routers. Existing monitoring approaches typically treat streams of routing updates from different routers as independent signals, and report only the ``loud'' events (i.e., events that involve large volume of routing messages). In this paper, we examine BGP routing data from all routers in the Abilene backbone for six months and correlate them with a catalog of all known disruptions to its nodes and links. We find that many important events are not loud enough to be detected from a single stream. Instead, they become detectable only when multiple BGP update streams are simultaneously examined. This is because routing updates exhibit network-wide dependencies. This paper proposes using network-wide analysis of routing information to diagnose (i.e., detect and identify) network disruptions. To detect network disruptions, we apply a multivariate analysis technique on dynamic routing information, (\ie, update traffic from all the Abilene routers) and find that this technique can detect every reported disruption to nodes and links within the network with a low rate of false alarms. To identify the type of disruption, we jointly analyze both the network-wide static configuration and details in the dynamic routing updates; we find that our method can correctly explain the scenario that caused the disruption. Although much work remains to make network-wide analysis of routing data operationally practical, our results illustrate the importance and potential of such an approach. Nick Feamster Biography: Nick Feamster is an assistant professor in the College of Computing at Georgia Tech. He received his Ph.D. in Computer science from MIT in 2005, and his S.B. and M.Eng. degrees in Electrical Engineering and Computer Science from MIT in 2000 and 2001, respectively. His research focuses on many aspects of computer networking and networked systems, including the design, measurement, and analysis of network routing protocols, network security, anonymous communication systems, and adaptive streaming media protocols. His honors include award papers at SIGCOMM 2006 (network-level behavior of spammers), the NSDI 2005 conference (fault detection in router configuration), Usenix Security 2002 (circumventing web censorship using Infranet), and Usenix Security 2001 (web cookie analysis). Archived Files: NANOG39 Abstracts
|
| Home » Meetings » NANOG39 |
|
|
About NANOG | Meetings | Mailing List | Sponsors | Archives Governance | Resources | Scholarships | Site Map | NANOG Home Copyright © 2010 Merit Network, Inc. 1000 Oakbrook Drive, Suite 200, Ann Arbor, Michigan 48104-6794 Phone: (734) 527-5700 Fax: (734) 527-5790 E-mail: |
