D4.2 Broadband Bottleneck Analysis and Capacity Planning

Project deliverable CELTIC TRAMMS

D4.2 - Broadband bottleneck analysis and capacity planning Public 1 (64)

TTRRAAMMMMSS –– TTRRAAFFFFIICC MMEEAASSUURREEMMEENNTTSS AANNDD MMOODDEELLSS IINN MMUULLTTII--SSEERRVVIICCEE NNEETTWWOORRKKSS

DDEELLIIVVEERRAABBLLEE 44..22:: BBRROOAADDBBAANNDD BBOOTTTTLLEENNEECCKK AANNAALLYYSSIISS AANNDD CCAAPPAACCIITTYY PPLLAANNNNIINNGG

Identifier: Deliverable D4.2 Class: Report Version: V06 Version Date: 24/06/2009 Distribution: Public Responsible Partner:



TTAABBLLEE OOFF CCOONNTTEENNTTSS

ACRONYMS ..................................................................................................................................3 1. TESTBEDS FOR BOTTLENECK ANALYSIS DEVELOPMENT: STATE OF THE ART 8

1.1. NETWORK INFRASTRUCTURE AND AVAILABLE TOOLS .................................8 1.1.1. Core and transit network capacity planning............................................................................ 8 1.1.2. Access network capacity planning.......................................................................................... 8 1.1.3. Application-layer capacity planning ........................................................................................ 8

1.2. ANALYTICAL TOOLS .................................................................................................9 1.2.1. Simulation tools....................................................................................................................... 9

1.2.1.1. MATE (Cariden) ............................................................................................9 1.2.1.2. SP Guru Network Planner (OPNET) .......................................................13 1.2.1.3. Traffic Explorer (Packet Design) ..............................................................17 1.2.1.4. Design Expert (Netformx)..........................................................................21 1.2.1.5. IP/MPLSView (Wandl) ...............................................................................23 1.2.1.6. NetScope (TurboSoft) ................................................................................25

1.2.2. Emulation tools ..................................................................................................................... 28 1.2.2.1. Network emulation......................................................................................28 1.2.2.1.1. GEM (Spirent).............................................................................................28 1.2.2.1.2. Shunra Virtual Enterprise (Shunra) .........................................................32 1.2.2.2. Access Network emulation........................................................................37 1.2.2.2.1. DSL (Spirent) ..............................................................................................37 1.2.2.3. Application-level traffic emulation ............................................................41 1.2.2.3.1. Avalanche (Spirent) ..................................................................................41 1.2.2.3.2. Network Tester (Agilent) ...........................................................................47

2. TRAMMMS Testbed for bottleneck analysis: Experimental set up .................................52 2.1. Network setup and requirements for experimental work ..............................................52

2.1.1. Testbeds for simulated traffic analysis ................................................................................. 52 2.1.2. Testbeds for field traffic analysis .......................................................................................... 54

2.2. Tools developed for TRAMMS ....................................................................................56 2.2.1. Netauditor ............................................................................................................................. 56 2.2.2. BGP probe ............................................................................................................................ 58 2.2.3. One Way Delay measurements based on GPS synchronization ......................................... 60 2.2.4. Bandwidth Available in Real Time (BART) ........................................................................... 61



ACRONYMS ADSL Asymmetric Digital Subscriber Line

API Application Programming Interface

AS Autonomous System

ATM Asynchronous Transfer Mode

BER Bit Error Rate

BGP Border Gateway Protocol

BPON Broadband Passive Optical Network

CCC Circuit Cross Connect

CIDR Classless Inter-Domain Routing

CIFS Common Internet File System

CoS Class of Service

CPD Customer Premises Equipment

CRC Cyclic Redundancy Check

CRM Customer Relationship Management

CSPF Constrained Shortest Path First

CSV Certified Server Validation

DDoS Distributed Denial of Service

DHCP Dynamic Host Configuration Protocol

Diffserv Differentiated Services

DSCP Differentiated Services Code Point

DSL Digital Subscriber Line

DUT Device Under Test

ECMP Equal-Cost Multi-Path

EIGRP Enhanced Interior Gateway Routing Protocol

EPON Ethernet Passive Optical Network

ERP Enterprise Resource Planning

FPGA Field Programmable Gate Array

FRR Fast ReRoute

FTP File Transfer Protocol

GbE Gigabit Ethernet

Gbps Gigabit per second

GFP Generic Framing Procedure

GPON Gigabit Passive Optical Network

GUI Graphical User Interface

HPC High Performance Computing

HSRP Hot Standby Router Protocol

HTML HyperText Markup Language

HTTP HyperText Transfer Protocol

HTTP HyperText Transfer Protocol



HTTPS HyperText Transfer Protocol Secure

ICMP Internet Control Message Protocol

IDS / IPS Intrusion Detection System / Intrusion Prevention System

IGMP Internet Group Management Protocol

IGP Interior Gateway Protocol

IGRP Interior Gateway Routing Protocol

ILM Interim Local Management

IM Instant Messaging

IP Internet Protocol

IPSec Internet Protocol Security

IPTV Internet Protocol Television

IPv4, IPv6 Internet Protocol version 4, and 6 respectively

IS-IS Intermediate System to Intermediate System

iWARP Internet Wide Arear RDMA Protocol

LAN Local Area Network

LCAS Link Capacity Adjustment Scheme

LDP Label Distribution Protocol

LLQ Low Latency Queuing

LSP Label Switched Path

MAC Media Access Control

Mbps Megabit per second

MDI Media Delivery Index

MGCP Media Gateway Control Protocol

MNS Microsoft Network System

MOS Mean Opinion Score

MPEG Moving Picture Experts Group

MPLS MultiProtocol Label Switching

NFS Network File System

NNTP Network News Transfer Protocol

OSI Open System Interconnection

OSPF Open Shortest Path First

OSPF-TE Open Shortest Path First – Traffic Engineering

OTN Optical Transport Network

P2P Peer-to-Peer

PCAP Packet CAPture

PIM-DM Protocol Independent Multicast – Dense Mode

PIM-SM Protocol Independent Multicast – Sparce Mode

PIM-SSM Protocol Independent Multicast – Source Specific Multicast

PNNI Private Network-to-Network Interface

PON Passive Optical Network

POP3 Post Office Protocol version 3



PVP Permanent Virtual Path

QoS Quality of Service

RIP Routing Information Protocol

RIPng Routing Information Protocol next generation

RSVP Resource ReSerVation Protocol

RTP Real-time Transport Protocol

RTSP Real-time Streaming Protocol

SDH Synchronous Digital Hierarchy

SFP Small Form Factor Pluggable

SHDSL Single-pair High-speed Digital Subscriber Line

SIP Session Initiation Protocol

SLA Service Level Agreement

SNMP Simple Network Management Protocol

SOA Service Oriented Application

SOAP Simple Object Access Protocol

SONET Synchronous Optical Network

SPF Shortest Path First

SPT Shortest Path Tree

SRLG Shared-Risk Link Group

SSH Secure SHell

SSL Secure Socket Layer

STP Spanning Tree Protocol

TCL Tool Command Language

TCP Transmission Control Protocol

TDM Time-Division Multiplexing

TLS Transparent LAN Services

ToS Type of Service

UDP User Datagram Protocol

URL Uniform Resource Locator

VDSL Very high bit-rate Digital Subscriber Line

VCAT Virtual conCATenation

VLAN Virtual Local Area Network

VNC Virtual Network Computing

VNE Virtual Network Environment

VNN Virtual Network Navigator

VoD Video on Demand

VoIP Voice on IP

VPL Virtual Private LAN

VPLS Virtual Private LAN Service

VPN Virtual Private Network

VRRP Virtual Router Redundancy Protocol



WAN Wide Area Network

WFQ Weighted Fair Queuing

XFP 10 Gigabit Small Form Factor Pluggable

XML Extensive Markup Language



EEXXEECCUUTTIIVVEE SSUUMMMMAARRYY

Capacity planning is the science of estimating the resources of a network (space,

computer hardware, software and connection infrastructure resources) that will be needed over some future period of time. A typical capacity concern is whether resources will be able to handle an increasing number of requests as either the number of users or interactions increase or if the infrastructure is able to cope with the requirements in terms of packet-loss, latency and jitter of the services (VoIP, IPTV, etc.) traversing it. Capacity planning tools help users meet the anticipated need for adding new capacity just-in-time to avoid having unused resources for long periods of time and/or for QoS network policies redefinition in order to guarantee network SLAs in parallel with traffic growth and new services deployment. Having a look at the importance of the capacity planning tools, this documents analyses in depth the behavior of these tools divided into different groups:

• Simulation tools

• Emulation tools

o Network emulation

o Access network emulation

o Application-level traffic emulation

Moreover, the document describes the testbeds for bottleneck analysis showing the difference between testbeds for simulated traffic analysis and testbeds for field traffic analysis.

And finally, the document details the fundamental aspects of the tools developed for TRAMMS:

• Netauditor

• BGP probe

• One Way Delay measurements based on GPS synchronization

• Bandwidth Available in Real Time (BART)



1. TESTBEDS FOR BOTTLENECK ANALYSIS DEVELOPMENT: STATE OF THE ART

1.1. NETWORK INFRASTRUCTURE AND AVAILABLE TOOLS

Capacity planning is the science of estimating the resources of a network (space, computer hardware, software and connection infrastructure resources) that will be needed over some future period of time. A typical capacity concern is whether resources will be able to handle an increasing number of requests as either the number of users or interactions increase or if the infrastructure is able to cope with the requirements in terms of packet-loss, latency and jitter of the services (VoIP, IPTV, etc.) traversing it. Capacity planning tools help users meet the anticipated need for adding new capacity just-in-time to avoid having unused resources for long periods of time and/or for QoS network policies redefinition in order to guarantee network SLAs in parallel with traffic growth and new services deployment.

The capacity planning can be separated into three main groups:

1.1.1. Core and transit network capacity planning

The core and transit capacity planning focuses on the lower layers (1-3) of the OSI model applied to the core and transit networks. These tools allow the definition of scenarios based on different topologies, routing protocols configurations, load level of the links, protection strategies, etc.

In order to perform these analyses, two different types of tools can be considered. The

first ones, the simulation tools, allow the collection of the actual network information and import of the data to the tool. This way, the collected information can be used as a starting point to perform different simulations. Using these type of tools, users can come up with a plan for handling different ‘what if’ scenarios, changing the parameters of diverse protocols, QoS policies configuration, simulating the failure of a link or node, etc. These applications contribute to optimize core and transit network design to address per CoS SLA guarantee in terms of availability, packet-loss, latency, jitter, etc., both under normal circumstances and after a network failure.

On the other hand, network emulation tools also work on lower OSI layers, allowing

the emulation of diverse impairments (latency, jitter, packet loss…) that can be present in a network. This way, users are able to verify the behaviour of any service traversing the emulated network, which could recreate a real-world network where the service will be deployed.

1.1.2. Access network capacity planning Conversely to core and network capacity planning tools, there are no specific access

network simulation tools that recreate the behaviour of a GPON FTTH network or DOCSIS based cable network, for instance. In the access network, the focus is on network emulation tools that exclusively work on the physical layer (the first layer of the OSI model) of point to point access network like xDSL networks (VDSL2, ADSL2+, etc.). These tools emulate impairments related to copper lines, such as crosstalk or white noise. No network emulation tools have been developed for multiaccess access networks like Wimax, DOCSIS, GPON, etc.

1.1.3. Application-layer capacity planning

Application-level capacity planning takes into account the higher layers (4-7) of the OSI model, so traffic will be analyzed up to the application level. The tools that perform this type of analysis allow the user to perform simulations recreating different application traffic such as



real-time voice, video, data, P2P traffic, DDoS atacks, etc., in order to asses how a network or device is able to handle different applications under different load scenarios.

The deep packet inspection, as a technology that is able to inspect and take actions

based on the content of the packet (up to the application level) can be used to predict and solve bottleneck issues. For example, it may be possible to predict the type and amount of traffic within a small period of time and correlate the traffic conditions with the bottlenecks of the network. The subscriber and aggregated traffic are been currently studied in the Work Package 3 of this project, monitoring the traffic with the Packet Logic system from Procera Networks. PacketLogic is a state-of-the-art deep packet inspection (DPI) solution that offers an extensive feature-richness in the software modules LiveView, Filtering, Traffic Shaping, Statistics and WebStatistics. Procera, Narus, and Ellacoya are front-runners in development of this technology, having placed equipment throughout the world.

On the other hand, the increasing threats such as viruses, worms and spyware that can

overload a network and cause bottlenecks can be detected using deep packet inspection.

1.2. ANALYTICAL TOOLS

1.2.1. Simulation tools

1.2.1.1. MATE (Cariden)

The MATE framework, inside Cariden’s capacity planning and traffic engineering products, provides a process for gathering and accessing data, visualizing the network, demand estimation, interacting with simulations and optimizations, and creating reports and action plans.

Packages and modules:

MATE is packaged into network-specific packages with specialized modules: • The IGP Simulation Package • The IGP Metric Optimization Package • The MPLS Simulation Package • The Explicit Routing Optimization Package • The Demand Deduction Module • The BGP Simulation Module • The Capacity Analysis Module • The Network Interface

Features:

Data collection / exportation

MATE Network Interface enables to gather network topology information. Netflow collectors (e.g. Arbor, Adlex) can be used to build the traffic matrices.

User Interface

MATE offers a graphical view of network topology and traffic. It allows an interactive design work. Through the graphical view of the tool, the user can change the topology of the network and the link properties.



The tool provides topology views and near real-time traffic reports that can be accessed via web browser.

Figure 1: MATE’s user interface.

Analysis and simulation

Cariden’s MATE is a capacity planning tool useful to determine capacity bottlenecks, explore ‘what-if’ scenarios, evaluate additional links and nodes, analyze layer 1 vs. layer 3 protection, determine whether peering links are sufficient to withstand failures, examine effect of IGP changes on peer and customer traffic, perform a single-provider multiple-AS analysis and traffic engineering, determine IGP metrics to balance traffic (evaluating weekly, when topology changes or after disastrous failures), diagnose severity of failures…

Starting with the features of the different modules, the IGP Simulation Package lets the user perform simulations under normal conditions or under failures (differentiating, if the user wants, the classes of service). In these simulations, several changes can be made as, for instance, the failure of single nodes, SRLGs or single circuits. It can also simulate multiple bandwidth levels fixing, for example, multiple times of day. The IGP used can be either OSPF or IS-IS. In addition, the tool can be configured to be Diffserv aware, and it also supports ECMP.

Demands Deduction Module estimates the point-to-point demands between specific nodes based on link utilization measurements, total node in/out traffic and measured demands (e.g. Netflow or Juniper DCU).

MATE’s Network Interface allows the SNMP access to the network (no router features or configurations are required). For the network discovery, OSPF and IS-IS routing tables are used. The process consists of querying routers for more information and taking a snapshot of the actual traffic levels (including BGP session).

The MPLS Simulation Package simulates MPLS network under normal conditions or adding different failures (failure sets, bandwidth levels and other parameters can be fixed). This package supports two versions of MPLS tunnel routing:

Dynamic tunnel routing using CSPF

Explicit tunnel routing using primary, and optionally secondary, paths

Using this package, the user can perform real IP MPLS simulations.



With the BGP Simulation Module, network nodes may be defined to belong to different ASes and the IP Simulation tool will simulate BGP routing between these ASes. Collapsed ASes allow simulation of traffic to and from them with unknown topology (for example, peers, transit ASes and customers). This module’s failover matrices specify explicitly the behaviour of the traffic failing over between border circuits to or from collapsed ASes, when topology information is not sufficient for a complete BGP simulation.

The Metric Optimization Package

is based on the traffic engineering for pure IP networks. This package shows latency policies and is used to optimize the metrics for normal or failure operations. It offers an automated calculation of IGP metrics to meet objectives (QoS, latency bounds, etc.). The aim is to minimize the maximum worst-case link utilization and/or minimize the number of links with normal or failure utilization above a certain percentage. With a right usage of the package, SPF metrics can be optimized within 80-95% of the theoretical efficiency.

It is also useful in MPLS network to optimize routing in LDP network and improve routing in Dynamic/CSPF MPLS networks.

Figure 2: Metric optimization settings

Figure 3: Worst-case link utilization,

Before optimization (latency based metrics)

After optimization (15 out of 100 metrics changed)



The Explicit Routing Optimization Package allows the calculation of MPLS explicit paths (primary, and optionally, secondary paths). As the previous module, the objective is to minimize the maximum worst-case link utilization and/or minimize the number of links with normal or failure utilization above a certain percentage, but unlike the Metric Optimization Package, it has another objective that is to maximize disjointness with the corresponding primary path. So, with this package, the explicit routing can be optimized within the 90-95% of the theoretical efficiency. This application is useful for optimize explicit paths based on actual IP traffic and routing, not just LSP bandwidths.

The Capacity Analysis Module is used to calculate optimal, protocol-independent routing in a network in normal operations or failure conditions (including multi-commodity-flow routing).

So the usage of this module turns around the identification of bottlenecks. The selection of the network whose capacities must constrain the network traffic provides guidance in capacity planning. It also gives an indication of how close any given real routing simulation can approach the maximum efficiency in the network.

Figure 4: Bottleneck analysis. As the image

shows, links of the net are coloured in a different ways depending on the usage of

each link.

Reports and alerts

The reporting functionality of the tools collects the information about network general information (topology, bandwidth and demands summary), usage (simulation summary, and circuit and interface utilization results in normal and worst cases), demands (demand statistics including QoS and routing) and tunnels (tunnel statistics of routing, traffic, failures, etc.). These reports can also be accessed by the web browser showing a general view of management, operations (monitoring traffic anomalies) and capacity planning (reporting developing trends).

Figure 5: WAN latency metrics



1.2.1.2. SP Guru Network Planner (OPNET) OPNET's SP Guru Network Planner is a software product to model Layer 2/3

networks, including routers, switches, firewalls, protocols, and traffic demands. This tool supports “what if” analysis such as survivability, capacity planning and traffic engineering.


SP Guru Network Planner is an OPNET solution for capacity planning. To complement the tool, there are some other solutions (independent but with the possibility to join each other) depending on user needs. Some of the mentioned solutions are listed below:

SP Sentinel SP Sentinel is a software appliance for ensuring network integrity,

security and policy-compliance. It performs systematic configuration audits, analyzing an up-to-date model of the production network to diagnose device misconfigurations, policy violations, inefficiencies and security gaps.

SP Guru Transport Planner This tool is a network planning solution that enables service providers and network equipment manufacturers to design resilient optical and SDH/SONET networks. It has a multi-layered network presentation, broad technology support, and cutting edge optimization and design capabilities.

OPNET nCompass for Service Providers This tool provides a graphical visualization of large, heterogeneous production networks, including devices, their interconnectivity, traffic and status. nCompass for Service Providers unifies data from a wide range of network management tools, providing views for navigation and analysis. nCompass for Service Providers’s geographical network dashboard is dynamically updated with real-time operational information. Third-party tools and programmed scripts can be launched from its console for deeper drill-down and assisted troubleshooting.

Features:


SP Guru Network Planner can create a virtual network environment in different ways:

Manual creation

Partial automation

Full automation

The manual creation is useful especially for small scale networks as well as for incremental changes to topology.

The partial automation imports the data from multiple sources (using eXpress Data Import, XDI). It constructs the virtual network using the configuration files.

And the last one, the full automation, means that the whole network information can be collected by the network manager tools (VNE Server, for example, gathers data from a variety of sources and communicates with SP Guru Network Planner across network) and the collected information can be imported to the SP Guru Network to Planner.

User Interface

The tool provides a network virtual environment to study the network’s behaviour by means of a graphical view.



Figure 6: User interface. Network links are different coloured depending on the usage of the link and the arrow width of the links are different depending on the throughput.

The tool shows routes between selected nodes (graphically represented by a dotted line) or from one source to all destination nodes’ interfaces (including loopbacks).

It contains several options to change the view of the virtual network. The user can hide or show objects of different types, add background maps (filling in the information about the location: latitude and longitude of each node), visualize the protocol configuration, visualize IGP metrics (new in 14.5 version of the tool) or even show a bird’s eye viewer.

In connection with the interface, it contains layouts for different working ways: circular, hierarchical or schematic. It also allows the view of BPG peers, IP interface status, IP routing domains, IP QoS configuration and IP tunnel configuration.

The tool provides “drag and drop” approach to build the virtual network.

Moreover, it contains a palette, which is a collection of OPNET objects like nodes, links, paths or subnets and provides the user the possibility to create them with any combination of objects (Cisco devices, Ethernet workstations, servers, hubs, switches, links or a custom-made device).

The opened projects in SP Guru Network Planner can contain one or more scenarios so the user can compare the results between them.


The objects that are represented in the graphical view have their own attributes. This attributes define the object and that way, the user can control their behaviour.

Figure 7: The picture contains a node and shows the changes that can be made in that node. Several values can be manually changed: name, protocol information, security, QoS parameters…

To analyse the traffic in the network, the tool identifies device or link load representing

the percentage of capacity being used, shows the flow visualized as a demand objects



providing detail performance statistics of delay, end-to-end response time and jitter, and represents different types of application traffic in specific cases.

The tool allows the selection of the traffic, so that the user can view, organize and select network objects that have traffic associated. To edit the traffic, the user can select traffic flows to forecast, roll-up, delete, export traffic or add volume.

The information about the links in the network can be imported from some management platforms, but the link loads can be set manually too. The tool represents the utilization of individual links and the values can be represented as traffic levels for each time period.

The flows in the network can be shown between any source and destination in the network in bit/sec and packet/sec and it can also contain port, protocol, ToS and SLA information. Not only unicast but also multicast flows are supported. This data, as the link data, can be imported from management platforms, but the user can add as well new flows manually. The traffic demand changes regularly so the tool makes possible to edit its attributes.

SP Guru derives a traffic matrix based on routing tables, link loads and constrains. Moreover, the tool allows converting load to flows, something that is useful when only link loads and flow data is available.

In connection with the network behaviour, it is possible to capture the latency, queue depth, convergence or protocol effects.

The flow analysis, as the image bellow shows, simulates the routing and forwarding behaviour of the network. The tool supports IP/MPLS, ATM and Frame Relay networks. This analysis is useful to study the routing and evaluate changes of routing protocols, perform capacity planning and traffic trending studies, design resilient networks and analyze the impact of failures, assess QoS configuration and VoIP readiness, and perform, in general, traffic engineering studies.

Figure 8: Flow analysis. The colour of each link shows the usage level



Figure 9: The user can simulate link failures and see the consequences in the network

The user can see the consequences of a link failure in the traffic distribution. When performing a general simulation, there is a possibility to simulate a failure of set of devices, links or shared risk groups. That way, the user can see how traffic is routed around failures, the consequences of failures in the traffic distribution and which failure cases cause the most problems.

The SP Guru Network Planner contains specific actions for different protocols. It offers the chance to modify and configure different layer protocols as for instance:

IP o RIP, RIPng, OSPF, IGRP, EIGRP, ISIS, BGP o Equal-Cost Multi-Path (ECMP) o IP Multicast o HSRP o VRRP o VLANs o QoS/Diffserv

MPLS o RSVP, LDP, OSPF-TE, ISIS-TE, CSPF o Diffserv Aware Traffic Engineering o Layer-2 and Layer-3 MPLS VPNs, VPLS

ATM o Distance Vector, PNNI, VNN o PVP

Frame Relay

Concerning quality of service, the tool provides a scalable solution for studying QoS. It has a support for Diffserv traffic and multiple queuing algorithms such as WFQ or LLQ. It also facilitates VoIP readiness assessment feature, offers the chance to configure packet sizes and calculates information such as average queue depth and inter-packet delay (jitter).

The traffic load can be imported with a breakdown by traffic class, so the link usages turn into CoS-based link utilizations and additionally, this load can be converted into class-based flows.

In connection with the traffic engineering, the tool enables to automate offline MPLS traffic engineering. It offers a possibility to fix the size of LSPs to optimize LSP routes as well as change IGP metrics to optimize them. For this last case, the user can fix a maximum utilization threshold, inspect the current network and that way, finally, find a solution that satisfies utilization constrains.



There is another possibility for MPLS traffic engineering called MPLS tactical TE. This feature brings the chance to make a choice to reroute LSPs and flows from a given link. This specific LSP route can be selected from a set of candidates (alternative paths) that meet specific constrains. That way, the congestion on a specific link can be alleviated without the need of reroute every LSPs.

Figure 10: The tool brings the chance to design layer 2 and layer 3 VPNs providing views for studying logical VPN topologies. The traffic flows can be deployed per route target.

Another feature of this tool is that IPv6 is supported. This feature allows to evaluate readiness of network OS on devices for IPv6 deployment and simulate traffic and network configuration migration from IPv4 to IPv6.

Reports and alerts

SP Guru Network Planner counts on over 100 reports in which the user can be the results of the analysis and simulations. That means that the tool provides the user with information about the configuration, statistics of utilization, delay and packet-loss, network costs. The information of the reports is divided into different categories including failure analysis, configuration, traffic throughput and utilization, inventory, performance, validation and protocol metrics, and it can be printed or exported in HTML, XML, CSV or spreadsheet format.

1.2.1.3. Traffic Explorer (Packet Design)

Traffic Explorer is a tool for making a network-wide traffic analysis, providing visibility into the whole network showing per-application or CoS traffic flowing over the links. The tool enables to perform a daily, weekly and monthly monitoring, troubleshooting, planning and maintenance activities.


Traffic Explorer comprises the following components:

• Distributed flow recorders that collect flow records from key traffic sources in the network

• A centralized flow analyzer and modeller engine that computes traffic flows across the entire network topology using routing intelligence from Route Explorer

• X-Windows, VNC and Web Browser client software



Figure 11: Traffic explorer’s components

Features:

User Interface

Traffic Explorer has a graphical interface. It visualizes animations showing how individual routing changes impacted traffic flows across the entire network.


Traffic Explorer shows the traffic flow per-application or CoS over every link in the network and gives end-to-end visibility of all traffic network-wide.

Users are able to interact with an ‘as-running’ model of the network, where actual traffic flow information is dynamically overlaid on a real-time, layer-3 topology map. They can make changes on the ‘as-running’ network, using the actual routed topology and traffic loads, with detailed information on application and Class of Service composition, either at the current time or from historical data.

Traffic Explorer lets network engineers perform a daily, weekly and monthly monitoring, troubleshooting, planning and maintenance activities. They can see utilization and bandwidth by application or CoS for all links on the network (not just directly monitored via Netflow).

The tool allows performing a route cause analysis. It recognized the actual routed path through the network for every flow and shows the impact of routing changes or failures, as they happen, on network-wide traffic, highlighting traffic shifts that often result in network hot spots and impact application performance.

Figure 12: Traffic and routing events are correlated for faster

root cause analysis



Traffic Explorer detects the increases in link usage and determines whether the increase is due to new traffic loads on the network or if the impact of the routing change somewhere else in the network. The tool also shows the impact of every routing change on network-wide traffic, including total traffic volume and the number of flows and hops affected.

With Traffic Explorer, engineers can simulate network changes, such as adding or failing routers, interfaces and peerings; adding or moving prefixes; and adjusting IGP metrics, BGP policy configurations or link capacities, applications or services.

Traffic Explorer lets engineers perform failure impact analysis, showing how the network would respond in various situations. The tool simulates link or router failures and shows the impact on network-wide traffic across all links on the topology map.

Figure 13: Engineers can simulate diverse changes in the network. For instance, they can model downing routers and

peering and analyzing the network's behaviour to determine if sufficient fault tolerance and redundancy is provisioned,

particularly for critical application or CoS traffic

Using the tool, engineers can view historical traffic trends including overall network volumes, per link volume or utilization anywhere in the network, even breakdowns by exit router or next hop address.

Traffic Explorer lets engineers analyze and manipulate a network-wide traffic matrix, showing traffic volumes between every source/destination pair in the network. Detailed capacity projections can be accomplished by exporting the full traffic matrix to a spreadsheet, adjusting any source/destination traffic volume based on internal initiatives or forecasted loads, and then importing the updated matrix to see the impact on network-wide link utilizations.

New applications or CoS deployments can be tested on the ‘as-running’ network, before they are deployed, by adding the expected traffic loads between appropriate nodes to existing traffic volumes, and viewing the combined traffic load on every link.

Traffic Explorer can monitor peering or transit traffic to ensure it is within contracted ranges, as well as analyze, identify and justify new peering relationships. The tool also provides the intelligence to optimize their peering traffic.



Figure 14: Engineers can view the traffic by destination AS, neighbour AS, transit AS, Exit Router or Community

Traffic Explorer’s BGP configurations let the user modify BGP configurations to move traffic between various existing and potential neighbour providers, showing how actual traffic loads will be affected. New peering relationships can be simulated, allowing operators to see the impact on traffic across their entire network. Since the tool understands full end-to-end routing (both IGP and BGP), it can show the impact of peering and transit traffic when making unrelated changes to the core of their network.

The tool allows network managers to define traffic groups that represent users, departments, locations or specific applications, and monitor network usage by each group. Aggregate or per link traffic usage by group can be viewed directly, as well as exported to external programs such as a spreadsheet or billing application.

Figure 15: Traffic Explorer enables usage tracking by user-

defined traffic groups

Reports and alerts

Traffic Explorer can send alerts whenever routing changes specific application or CoS traffic is beyond user specified thresholds, letting know what happened, where it happened and what kind of traffic was affected. It also allows replaying historical events.



1.2.1.4. Design Expert (Netformx)

DesignXpert is a design and quoting software platform. It facilitates the design of different networks, including converged voice-and-data networks, complex MPLS overlay and HPC networks, Managed Services and Network Engineering Services by automating and validating the entire opportunity-to-order process.


Besides DesignXpert, Netformx features extra modules:

MPLS Designer

KowledgeBase

Enterprise AutoDiscovery

Features:

User Interface

The tool provides a graphical interface which can be presented as a typical graphical view or as a tabular view.

Figure 16: Design Expert’s user interface


DesignXpert software handles the whole end-to-end process, streamlining every step and linking automatically to each succeeding step. Every subsequent action or revision ripples through and updates the design. The tool provides network designers the chance to convert customer requirements into deployable solutions from simple to complex networks such as VoIP, MPLS, MNS or HPC.



Network design professionals access a vast library of smart components, and, using a drag-an-drop action, can build network topology diagrams. Each component is an intelligent object. That means that each object is not just a graphic representation. Every object has its own properties such as linking protocols, actual physical size and datasheet properties that represent how a real-world network element would behave in an actual network. Netformx Smart Library components simulate actual network equipment, enabling full system-level network design, validation and pricing.

DesignXpert automates the steps of the network design and quoting process:

• Customer requirements gathering and documentation

• Discover the existing network infrastructure (using Enterprise AutoDiscovery).

• Definition (design) of the technical solution

• Pricing and margin analysis

• Customer technical and financial proposal (quote, statement-of-work, solutions visualization)

• Implementation (transfer to fulfillment or provisioning)

One of the extra modules mentioned on the previous section, MPLS Designer, streamlines the entire cycle of proposing, designing and provisioning MPLS/IP VPN services. It guides network designers through the process of turning customer requirements into a technical plan, then following through with a detailed proposal. Once the proposal is accepted, the software provides the pertinent documentation.

MPLS Designer allows to change design parameters given in a table format, including: • Routing and Switching (BGP, EIGRP, OSPF) • Partial and full mesh networks • Access and speed • Access options: IPSec, Frame Relay, DSL and Wireless • Connectivity matrix and VRFs • Quality of Service and Class of Service definitions • Routing protocols • Secure internet access • Remote access • Extranet connectivity • Diversity • Value added services

MPLS Designer requires DesignXpert to run.

At the heart of DesignXpert is the Netformx KnowledgeBase, a network device library, including more than 147,000 components, and associated configuration rules and current prices. Weekly updates to the Netformx KnowledgeBase keep the repository current with the latest devices, physical configuration rules and best practices. In addition to network vendor-supplied public content, Netformx can incorporate customer-specific content into the Netformx KnowledgeBase to accommodate proprietary items such as service offerings, corporate practices and promotional pricing.

Enterprise AutoDiscovery (EAD) is an SNMP/SSH/Telnet-based audit and multi-vendor network discovery feature of DesignXpert that enables design professionals to capture an accurate baseline of existing IP and SNMP-enabled devices in any network.



1.2.1.5. IP/MPLSView (Wandl)

IP/MPLSView is WANDL's Traffic Engineering and Network Management solution for IP and/or MPLS networks. This system addresses the mayor areas of network planning including analysis, design, optimization and simulation.

Features:


From a set of network configuration files and other optimal data, the Multi-Vendor Parser constructs the network topology, aware of multi-protocols, layers, ASes, routing areas and VPNs.

This network data can be imported

into the tool or collected directly by the system itself in conjunction with IP/MPLSView’s Network Manager online module. Tariff and pricing data can be imported too.

Alternatively, the user can

manually construct any network topology via IP/MPLSView’s advanced graphical interface.

So the network can be designed

from scratch or on top of an existing network configuration.

Figure 17: IP/MPLS View models any architecture designed by the user

User Interface

IP/MPLSView provides a graphical user interface. The tool shows routing, utilization, protocol-specific and other reports from the client interface or from the web.

Analysis and simulation To perform a traffic load analysis, the tool offers a view of current or historical charts.

The user can use the tool to pinpoint

bottlenecks or underutilized links from the topology map in large networks, simulate new demands before they are placed on the real network (perform capacity planning) and optimize routing parameters (metrics…).

Figure 18: Network analysis. Users can identify bottlenecks observing colours.

IP/MPLSView automates network designs. It automatically determines where to purchase

links to satisfy traffic for resiliency against any failure scenario. The user can use it to identify and prevent potential bottlenecks, performing a simulation to show traffic routes for many ‘what-if’ scenarios and identify which trunks will become congested under various failure conditions.



Moreover, the user can analyze how traffic is rerouted and the effect on network links (e.g. worst-case trunk utilization), performing simulations with single, double or even triple failures.

Using this tool, the user can experiment with changing parameters, protocols, topology…

and simulate network migration, network expansion or the merging of multiple networks as a way for validate changes before deployment.

Some of the protocols supported by the tool are the ones which follow:

• IGP: OSPF, IS-IS, IGRP, EIGRP, RIP • Static Routes, Policy-based Routing • BGP, LDP/TDP, RSVP-TE, VoIP (SIP, H.323) • Multicast: PIM-SM, -DM, -SSM • CoS, IPv4, IPv6

Figure 19: LSP Path calculation

Concerning MPLS-TE, the tool allows

different simulation and designs. The user can simulate LSP tunnels (including backup tunnels), automate Fast ReRoute (FRR) design, automate the design of diverse paths for primary and backup tunnels and optimize LSP Paths that have become suboptimal over time.

With the tool, VPNs can be modelled

and created. The user can perform VPN simulation, use the system to generate VPN traffic and perform card failure simulations. On the configuration files, VPN-specific integrity checks can be run. The tool supports different VPN types as L3VPN, L2Martini, L2Kompella, VPLS-LDP, VPLS-BGP, TLS and CCC.

Figure 20: VPN Wizard for creating and editing VPNs

The tool lets the user model and analyze BGP so that Route Reflector design and

analysis can be performed, BGP routing tables can be imported, and BGP peering analysis and iBGP policy evaluation can be performed.

In connection with the Class of Service, the tool permits the analysis of it allowing to

model CoS classes and policies, letting the user model different queueing schemes and define application flow based on CoS (this enables the modelling of VoIP or VoD) and enabling the analysis of packet-loss and delay statistics per CoS.

IP/MPLSView can simulate multicast flows based on user-defined multicast groups and

demands, the effect of RP selection on the distribution tree and on link utilization and SPT switchover.

Reports and alerts Once the user is satisfied with the MPLS-TE or VPN design, respective LSP and VPN

configlets (configuration file statements) can be generated in text or XML format and pushed to



the network using P/MPLSView’s Service Activation Module and then, generated configlets can be loaded back to the network.

Figure 21: Report manager

1.2.1.6. NetScope (TurboSoft)

The NetScope product range offers an enterprise-wide solution that provides instant and historical per-second visibility and control of application performance.


NetScope is divided into different modules:

NetScope Reporter: reporting solution

NetScope Alerter: alerting solution

NetScope FastTrack: network management solution

NetScope Analyser: network monitoring solution

NetScope Services: QoS solution

Features:

User Interface

NetScope provides a graphical user interface. It visualizes the state of the whole network showing the status and different parameters that characterize it.


NetScope Analyser is a network monitoring solution that provides per-second visibility into network traffic both in real time and historically. This module allows seeing how the network traffic is made up offering per second resolution which can be retained for historical analysis.

NetScope Analyser gives the user the insight to regain control of the network and to keep

business critical applications such as VoIP, Citrix and ERP operating optimally. It offers a detailed knowledge of network traffic content.



Figure 22: The user can zoom in on individual data streams NetScope FastTrack offers an extensive network management solution, combining the

benefits of instant control of application performance and dynamic allocation of network resources with visualisation and analysis tools.

NetScope FastTrack features instant control of application performance and dynamic

allocation of network resources to ensure the control of the network. To maintain and enhance performance, some applications’ bandwidth can be prioritized and lower priority or unwanted traffic can be shaped, capped or blocked as desired.

Additionally, NetScope FastTrack uses many of the extensive monitoring and

visualisation tools also found in NetScope Analyser, including traffic visualisation down to a per second resolution for both real time and historical analysis.

Netscape Services is Turbosoft Networks’ managed QoS solution, for maintaining and

achieving optimal performance from network infrastructure. NetScope Services are available as a one off network health check, or as an ongoing service.

Reports and alerts

NetScope Reporter and Alerter is a web based network reporting and alerting tool that delivers graphical reports on current and historical network activity and timely alerts on network status. Real time monitoring and full visualisation of traffic delivers the detailed insight into the status of the network for maintaining the performance of critical systems and coping with changes in demand for network resources within an organisation.



Figure 23: Network activity report. Tag usage.

Netscope offers network administrators the why, what, who and when of network activity

reporting based on predefined parameters or user generated parameters. The tool allows the user to isolate traffic that's important, categorising by username, application, protocol and port.

The tool collects and aggregates network activity data on a per second basis spanning

some years. The user can access to immediate and historical data to perform a long term traffic analysis and trending.

NetScope's advanced alerting features keep watch over the network, notifying of issues

and events that require attention when they occur. Additionally it provides network health functionality, offering quick and simple indicators of overall network health.

Figure 24: Network activity report. Link activity.

NetScope Reporter analyses data stored within its database to generate graphical

reports either automatically or on demand. The user can choose from numerous predefined reports or create user specified parameters such as devices and time periods.

Using the tool the user can select from a predefined list or create individual alerts

tailored to the user’s requirements. Alerts criteria covers issues such as the addition of new users to the network, the appearance of new traffic, bandwidth oversubscription, bandwidth



availability above or bellow a critical point, traffic on specified ports or addresses and traffic spikes.

Figure 25: Alert log

The tool enables to configure alerts to be sent based on traffic conditions. These alerts can be set up to be sent via e-mail or sms.

1.2.2. Emulation tools

1.2.2.1. Network emulation

1.2.2.1.1. GEM (Spirent)

Spirent’s GEM enables to test applications, devices, protocols, solution and services under dynamic delay and impairment conditions. Using GEM, the user can evaluate the performance of emerging technologies, characterize breaking points of a new service, validate new products or solutions before deployment and discover and define minimum required Service Level Agreements.

The tool emulates the “real world” effects of Layer 1/2 delay and impairments on Layer 3

devices and applications.


Appearance:

Figure 26: Appearance of different models (MAUI left, HAWAII right):

Maui model Hawaii model Supports speeds up to 2.66Gbps Up to 4 interface blades Hot swappable copper/optical SFP

modules (optional wavelengths available) Support for Ethernet, SONET, SDH, OTN,

Fibre Channel Fast Ethernet Interface for Remote Control Supports speeds up to 11.3Gbps

Up to 2 interface blades Hot swappable copper/optical SFP and XFP

modules Optional wavelengths available Supports Ethernet, SONET, SDH, OTN,

Fibre Channel Fast Ethernet Interface for Remote Control



Features:


Live network conditions can be recorded to be imported into a GEM emulator and that way, recreate those delay and impairment conditions in the lab.

User Interface

Using a HTML Based GUI (no need client software to install), GEM enables to define the network topology, devices and traffic flows directly from the GUI using drag and drop configuration.

It supports Service Frame Colours such as:

Green –conforms to Committed Rate Yellow –conforms to Excess Rate Red –does not conform to Committed or Excess Rate

Figure 27: HTML based GUI

Analysis and simulation The tool has a flexible FPGA design and offers the possibility to upgrade with new features. It performs a hardware based Layer 1 impairment emulation. These impairments can be, for instance, that frames can be dropped based upon a user specified probability (selectively MPEG-4 I, P or B packets can be dropped), the Ethernet CRC of frames can be corrupted based on user-specified probability, Ethernet frames can be variably delayed around the line or network flow delay can be fixed based on a user defined probability (parameters as maximum or minimum value of delay, or maximum positive or negative change of delay can be fixed by the user), Ethernet frames can be reordered or duplicated, any burst of bytes within the Ethernet frame can be corrupted or modified based on a user specified offset from the start of the frame and a user defined error rate (between 1E-12 and 1E-2) or bit rotation (comma aligner) can be fixed.



Figure 28: Example: the tool lets to use unmanaged switch to connect more than 2 devices to 2-port

Spirent GEM.

The tool can support full 1GbE/10GbE line-rate all the time (even at 64 byte frame size) and chain multiple impairments at same time (corruption, jitter, duplication, reorder, drop, modification, errors).

Figure 29: Network representation and impairment profile

GEM is able to dynamically change impairment profile without stopping test. The user can

perform an advanced filtering, selecting impairments based on values in Ethernet frames. It emulates ‘real-world’ effects of layer 1/2 delay and impairments on layer 3 devices and applications, supporting auto configuration of test beds. Multi-protocol is also supported on the same platform (Fibre Channel, SONET/SDH and Ethernet). The frames have unlimited size and can be reordered and duplicated up to 12KB. It also supports a complete automation with TCL library.

The tool supports random impairments as well as targeted ones. Random impairments are based upon any of the following distributions: periodic, poisson, gaussian, uniform. Targeted impairments, on the other hand, were defined by the stablishment of:

VLAN tag MPLS label MAC address IP address TCP port Any other field in the Ethernet, IP, TCP, UDP or RTP header Any other information up to 2,000 bytes deep within the Ethernet frame.

The tool is based on Metro Ethernet Forum Bandwidth Profiles and allows the

configuration of the following parameters: Committed Information Rate (CIR) Committed Burst Size (CBS) Excess Information Rate (EIR) Excess Burst Size (EBS)



The optional IPTV feature on GEM can be used to characterize video performance under specific impairments. The tool allows to correlate mean quality scores with specific impairment conditions and drop MPEG 2 (H.262) and MPEG 4 (H.264) I, P or B frames.

The user can select a MPEG 2/4 I, P, B packets for possible drop, choose the number of

times to trigger a selection (1-15, infinite), choose drop probability for selected packets (rate and distribution) and choose selection offset.

The Dynamic Search Filter (DSF), an optional feature on GEM, searches for a user defined pattern throughout an entire TCP/UDP payload and triggers an impairment event. When a match is found, the packet is subjected to a specified impairment. Trigger event can be limited to specified number of times (e.g.,1, 2, 3 …or infinite). This optional DSF feature can be useful for characterizing video performance under specific impairments. A specific MPEG I, B or P frames can be targeted for impairment. This feature can also be used to characterize new TCP implementations for acceleration performance. A specific TCP packet with specific FTP data string can be targeted and the packet dropped. The user can specify the trigger to occur only once to prevent TCP session from closing.

It’s interesting for the user to record live network conditions and import them into a GEM emulator. To do this, the user has to setup Stand-alone Profiler application on network client, capture delay and packet loss between the Profiler application and multiply user defined target machines using ICMPs, take the Profiler logs back to lab to be loaded into GEM emulator for Playback and test applications or services under current network conditions. The tool allows to record network delay and loss characteristics for over 30 days between Profiler application and more than 50 user defined Targets, define Targets by IP address or URL, configure ICMP packet length (64-1518), configure DSCP field (0-255), set ICMP interval down to 100ms, start sessions manually or automatically by scheduling date/time and duration and view delay and impairment graphs real time or for post analysis.

Profiler logs can be uploaded to GEM and played back the captured impairments (one log per GEM Network Profile). The user relies on some options such as playback delay values as measured by the Spirent Profiler or increase delay values during playback by a user defined factor for performance testing, repeat log files for longer playback sessions, ignore packet drop and assign to Network Profile in opposite direction for bi-directional support.

The GEM Router Mode allows users to connect devices to Spirent GEM of the same or different subnets.

Capture Replay, available as an option on Hawaii Blades, allows to capture up to

1GByte/sec at full line rate using filters or triggers, replay this or other pre-captured traffic on the GEM and apply impairments. Capture and/or replay can occur before or after impairments are applied and troubleshoot network or application performance issues using trigger conditions.

This option can isolate top talkers/applications using network bandwidth, capture data

inline at up to true line rate in both directions, use extensive Filtering (layer 2 -layer 7) capability for focused capture and capture traffic for multiple Network Profiles simultaneously and download captured data for analysis (PCAP file format). It has a Capture Buffer which captures up to 8Gbits or 1GByte of traffic. The captures can be made before and/or after emulator introduces impairments. Captured packets include precise hardware based time-stamps with 16ns accuracy. Previously captured files can be uploaded to be replayed by GEM (PCAP) at up to true line rate (PCAP files can be modified prior to upload). The traffic can be replayed at captured rate or user defined rate, as background traffic along with through traffic, with or without impairments (including modification). Multiple captured files can be replayed simultaneously with multiple Network Profiles, single time or ‘n’ times, or forever.

The playback profiler imports and playbacks custom network scenarios with user defined

impairment tables including control parameters such as delay, drop, reorder, CRC error or corruption. The playback control is provided for each individual GEM Network Profile and works with other features such as bandwidth control.



The user can use the network playback profiler to test new technologies, protocols or applications with virtually limitless control for any dynamic or “bursty” network scenario, high or even very low frequency delay change and impairment events and custom statistical impairment distributions.

The tool allows the user to choose the source for impairments: table or GEM GUI. The

impairment tables can be played and repeated once, 2 to 255 times or forever. Custom impairment tables can be individually uploaded and controlled for each GEM Network Profile.

Supported applications: o Real Time Applications

IPTV, VoIP, Interactive Gaming o Storage

Disaster Recovery, Business Continuity, ILM Planning, Storage Extension, Data Center/ Server Migration

o Networked Applications (Throughput / Performance / Error Recovery) Database, Transaction Processing, Distributed Software Applications

o Satellite Communications o Converged Networks

Next Generation SONET/SDH (VCAT, LCAS, GFP) TDM over Packet, Timing over Packet (Circuit Emulation, Pseudo Wire) MPLS, Metro Ethernet

o Service Level Agreement (SLA) Characterization o Acceleration (WAN, TCP, Application) o PON (GPON, (G)EPON, BPON) o iWARP(10Gig Ethernet)

Reports and alerts

The GEM Reporter is able to produce reports based on statistics from GEM Emulator. It shows bandwidth, delay and packet loss statistics for all Network Profiles. It also turns the reports into pdf documents for a later analysis.

1.2.2.1.2. Shunra Virtual Enterprise (Shunra)

Shunra Virtual Enterprise is a network emulation solution that creates a virtual network environment in a performance and pre-deployment network lab. It delivers a way to test the performance of applications and network equipment under a wide variety of network impairments.


HW platforms:

STJ: The STJ appliance limits bandwidth and impairs multiple traffic flows using 10/100Mbps Ethernet interfaces

STN: The STN appliance limits bandwidth and impairs multiple traffic flows using 10/100Mbps and 1Gbps Ethernet interfaces

STA: The STA appliance limits bandwidth and impairs multiple traffic flows using 1Gbps and 10Gbps Ethernet interfaces



Figure 30: Appearance of different models

Modules:

• VE Modeller: model and simulate

• VE Network Catcher: captures network conditions to import them into the VE Modeller

• VE Desktop User Interface

• VE Reporter

Figure 31: The Shunra Virtual Enterprise solution architecture

Features:


Shunra VE’s network recording software captures and imports production network conditions, such as latency, jitter and packet loss, directly into the user’s network model. When Shunra VE replays these recordings it recreates the same conditions that exist on the production network.


Shunra VE delivers a network solution that creates a virtual network environment. It delivers a way to test the performance of applications and network equipment under a wide variety of network impairments (as if they were running in a real-life production environment).



Using Shunra VE the network manager will understand the impact that the network and

applications have on each other’s performance and on the remote end-users’ experiences, and uncover and resolve production related problems.

In addition to the empirical experience, Shunra VE provides a range of graphically reports

and drill-down analysis capabilities. These help to isolate and resolve the root causes of network and application problems, and determine whether any modifications to the application, network or infrastructure are needed.

Shunra VE combines a hardware appliance with a software. This creates a network simulation solution that includes detailed reports and root cause analysis.

At the heart of Shunra VE is a network appliance that functions as a bridge or router. It changes the speed at which network traffic travels across the local area network, exposing data packets to the same network impairments to which they would be subjected on the wide area network.

The Shunra VE network appliance is controlled through a Microsoft Visio based modeler. The modeler gives the possibility to create any network topology and run any scenario.

Figure 32: Users can simulate multiple branch offices Once the network model is created, the user can activate the test scenario. At this point,

applications, network services or infrastructures connected to the appliance will behave as if it were subjected to the conditions defined in the model. The user can edit network parameter at any time, to create current, future, worst case or “what-if” scenarios and replay or reconfigure these scenarios over and over again.



Figure 33: WAN settings

Figure 34: Gateway parameters The tool delivers capabilities to emulate a wide range of network impairments including latency, jitter, bandwidth, congestion, packet loss, BER, fragmentation, duplication, disconnection, re-ordering, data corruption and modification. The user can also emulate any network topology including client/server, multiple branch offices with distributed data centers, full mesh networks, complex N-Tier network topologies, internet and eCommerce. And a wide range of network technology simulations can be made including MPLS, Ethernet, QoS, Frame Relay, wireless and cellular networks, satellite networks, IPv4 and IPv6.

Shunra VE is also useful for troubleshooting production problems that occurred in the past. Since Shunra VE stores 30 days worth of production network conditions, the user can rewind the recording to the time that the problem occurred and see what happened with the network at that time.



With every test, Shunra VE provides detailed drill-down analysis and reports on application and network performance, which tell the user where and when will have performance problems (in the network or the application).

The tool provides reports and analysis

on: Application performance over the

network Application availability over the

network Application performance thresholds

against a range and combination of network conditions Individual transaction performance measurements and drill down information.

____________________________________

Figure 35: Impairments activity

The tool allows to analyze performance of business processes under a range of network capacity, end user load and other production conditions.

Capacity planning delivers a set of expected performance metrics per network bandwidth for various end-user. Performance is measured against service level objectives defining network requirements in a graphical report. The tool, over a emulated network, allows the testing of VoIP. That way, the user is able to test, validate and tune VoIP hardware and architecture.

Shunra VE includes an XML-based open API which enables it to automatically manage other third party lab resources, or be managed by them. These resources include PCs running batch scripts, FTP clients, custom developed or off-the-shelf testing tools, traffic generators, network sniffers, and network management systems.

Reports and alerts

Shunra VE provides a graphically diagnostic reporting capabilities on application and network performance. All reports can be exported to Microsoft Office documents or published in HTML. An executive summary report in Microsoft Word is also provided. Additionally, all Shunra VE test results are stored in a central repository for easy version comparison, change control, and future reference by the project team.



Figure 36: Network activity reports. Service level data, transaction response time, etc.

1.2.2.2. Access Network emulation

1.2.2.2.1. DSL (Spirent)

Spirent’s DSL solutions allows the emulation and different impairment generation related to the physical layer of the OSI model. Spirent has developed a series of noise and impairment generators to permorm diverse tests. That way these tools allow users to perform the emulation of impairments of copper lines such as crosstalk or noise.

Features:

Spirent provides DSL solutions for:

• ADSL, ASDL2, ADSL2+

• HDSL, HDSL2, HDSL4 and SHDSL

• ISDN and SDSL

• VDSL and VDSL2

• Solutions to meet the requirements of standards bodies: ATIS, DSL Forum, ETSI and ITU-T

• Programmable solutions allow custom test cases for evaluation beyond conformance requirements



Solutions:

Spirent provides diverse DSL solutions. Some of them are listed below:

• DLS-5D10: DSL Service Modelling and Noise Tool

• DLS-400S: G.SHDSL Wireline Simulator

• DLS-A2PE Integrated System: European ADSL2+ and ADSL2++ Testing

• DLS-V2A Integrated System: North American VDSL2 Wireline and Noise Testing Solution

DLS-5D10

The DLS-5D10 provides two primary functions: DLS Performance Predictor DLS Noise File Development for Performance Testing

Using the Performance Predictor, the DLS-5D10 predicts xDSL “rate vs. reach” under a

range of operational conditions and allows the user to configure: Cable Properties (standard and definable) Crosstalk Modem Models and Properties (including transmitter and receiver) Technology Mix (number and type of disturbers)

The performance of the DUT can then be measured in several ways including max. bit

rate, noise (or signal) margin, as well as reach and Shannon’s Gap. Results are represented in a graphical or tabular format.

Figure 37: DLS-5D10 GUI

The Noise File Development application of DLS-5D10 calculates the Power Spectral Density (PSD) of crosstalk noise and creates a noise profile that can be quickly saved and downloaded to the DLS-5500 Noise Generator.



The DLS-5D10 allows users to build libraries of standards-based or customized noise files for testing device performance. These libraries can include any combination of Alien, Self or Mixed noises.

Figure 38: Performance and Noise Margin Prediction shows the rate vs. reach

DLS-400S

Spirent's DLS-400S Wireline Simulator is a pre-configured wireline simulator designed

to provide a test solution for the ITU-T G.991.2/G.shdsl standards.

The combination of DLS-400S and DLS-5500 Noise Impairment Series products provide a complete simulation of ITU-T G.shdsl (Annex A) test loops. Using these tools, users have the ability to custom program wireline lengths and add noise impairments.

Test loops provided by a single chassis DLS-400S system configuration will allow the user to simulate the preconfigured G.shdsl (Annex A) loops: Ø, S, BT1-C, BT1-R, BT2-C, BT2-R & C4. DLS-A2PE Integrated System

DLS-A2PE is an ADSL2++ lab test solution for the European market, consisting of the DLS-410E wireline simulator and the DLS-5200EP noise generation system. This integrated system provides a Layer-l test platform for ADSL, including ADSL, ADSL2, ADSL2+, and ADSL2++.

The system enables repeatable test results, not only between different sets of test

equipment but also between different test labs.



Figure 39: Following this diagram, the user is allowed to perform a physical layer test for ADSL2+

and ADSL2++ including wireline simulation, noise generation, traffic generation and analysis DLS-V2A Integrated System

The DLSV2A Integrated System, which includes the DLS-8130 and DLS-5500 system, allows performing test beds for VDSL2 applications on North American copper pair networks.

The system is designed for conformance/performance testing in accordance with ITU-T North American VDSL2 Initiative ITU-T Recommendation G.993.2. It allows the testing of next-generation multi-functional xDSL chipsets that provide rate-adaptive capabilities across variations of ADSL and VDSL technologies, including ADSL1, ADSL2, ADSL2+, VDSL1 and VDSL2.

The DLS-V2A product set features of loop configurations across various standards while providing extensive capabilities for testing many other high bandwidth applications such as Ethernet in the First Mile (EFM) Copper.



Figure 40: The figure displays the DLS 410B ADSL2+ wireline simulator that, when connected to the front panel input ports of the VDSL2 wireline solution, allows users the option of simulating ITU-T G.992.5,

TR067, and TR-100 North American test loops.

1.2.2.3. Application-level traffic emulation

1.2.2.3.1. Avalanche (Spirent)

Spirent’s Avalanche appliance solution provides capacity, security and performance testing for network infrastructures, Web application infrastructure and Triple Play services ensuring Quality of Service and Quality of Experience.


Besides Avalanche 2900, there are other solutions available:

• Avalanche 220: The Avalanche 220, a portable version of Spirent’s Avalanche 2900 load testing appliance, allows to conduct high-performance, protocol-accurate load testing wherever the user is, helping to ensure that devices, applications and infrastructures will operate correctly under real-world conditions.

• Avalanche Analyzer: Avalanche Analyzer is a reporting tool that allows analyzing and displaying data generated by Spirent’s Avalanche testing appliances.

• Reflector: The Avalanche and Reflector load testing appliances challenge even the largest networks to perform under real-world conditions. Avalanche can simulate a



virtually unlimited number of users interacting with Web applications, receiving and sending mail, viewing streaming media and can simultaneously generate DDoS attacks. Reflector can accurately emulate large Web, mail and streaming server installations. Combined with Avalanche, Reflector helps to test the capacity of any equipment connected between the two systems.

Figure 41: Avalanche, combined with Reflector, is utilized to simulate both client behavior as well as

end infrastructure behavior.

• Reflector 220: The Reflector 220 is a portable version of Spirent’s Reflector

application infrastructure emulation appliance. Combined with Spirent’s Avalanche 220

load appliance, the Reflector 220 allows the emulation of complex multi-tier Web sites, as well as large application and data server environments, in the field. The Reflector 220 provides a solution for emulating application infrastructures in remote locations.

Appearance:

Figure 42: Appearance of different models:

Model 220 Model 2900

Features:


The Spirent Avalanche 2900 is a 1Gbps and 10Gbps line rate Layer 4-7 stateful traffic performance solution that is capable of high throughput security testing of over 3Gbps of bulk encrypted traffic. Avalanche users have the ability to test devices to their limits at line rate simulating daily traffic and understand the impact of worse case scenarios. It provides the capability to generate traffic allowing trunk ports to be directly tested or determine the impact of multiple GgE ports being aggregated over 10Gbps.

The user can test applications and network systems at multi-gigabit speeds and go beyond expected peak volumes.

Using the tool, testers are able to specify variable loads such as user sessions, new user

sessions per second, transactions, transactions per second, connections or connections per second. One load profile can be specified for an entire test, or a separate load profile can be defined for each group of emulated users. This approach enables different actions, network characteristics and loads to be specified for each group of simulated users. In addition, up to eight simultaneous users can use the resources of Avalanche 2900 appliance.

Infrastructure under test Avalanche Reflector



Avalanche can be used in tandem with the Reflector test appliances to provide accurate multi-protocol responses to the requests it generates. Together, the two systems test the capacity of any device or network connected between them.

Figure 43: Complete end-to-end user and application emulation. Subscribers and servers can be emulated using Avalanche and Reflector.

Avalanche supports the configuration of user behaviours. The system interacts with sites using dynamic and interactive content, HTML links and fill-in online forms. Multiple types of browsers can be emulated, providing detailed control over browser connection behaviour, SSL versions, authentication and browser client headers. User behaviour such as think times and “clickaways” (HTTP aborts) can be emulated, and the system also supports HTTP basic and proxy authentication. Avalanche sends requests that include dynamically filled-in fields from a list of provided values, or values captured from a previous response such as order numbers, session IDs or transaction IDs. Avalanche supports high-performance testing of Web services to ensure that mission-critical services will perform under heavy loads. The system can also verify received content by searching for one or more strings in a response and it can identify potential points of failure by stress-testing the infrastructure.

Avalanche supports all major protocols, including HTTP 1.0/1.1, HTTPS, FTP, streaming

media, IPv6, voice (SIP), mail (SMTP/POP3), DNS, SSL, Telnet, 802.1Q VLAN tagging, IPSec, 802.1x, and PPPoE. External traffic can also be imported, replayed and amplified to support non-native protocols and traffic flows. Protocol support enables to test for performance-sensitive network activities such as web applications, Triple Play, voice, mail, streaming media, Video on Demand, file transfer and capacities of next generation content aware networks.



Figure 44: The tool offers real-time statistics across all protocols, as well as information about

different features such as maximum bandwidth incoming/outgoing, maximum new opened TCP connections per second or maximum opened concurrent TCP connections.

Applications

o Network Performance Testing

Provides performance and capacity testing on a variety of network devices including: Firewall, Application Firewall, Load Balancer, Cache, Proxy, URL Filter, Content Filter, Anti-Virus, Anti-Spyware, Reverse-Proxy, SSL Accelerator, HTTP/HTTPS Accelerator, SMTP Relay, IDS/IPS, IPSec VPN Gateway and SSL VPN Gateway

Figure 45: Avalanche and Reflector testing the network performance

o Application Server Performance Testing Validates the performance of several types of real servers including Web Server,

Application Server, Mail Server, DHCP Services, FTP Server, DNS Server, Telnet Server, RTSP/RTP QuickTime Streaming Server, Multicast Server and more.

Reflector

Load Balancer

Content Switch

SSL Accelerator

Avalanche

Firewall



o Web Application Testing Performs Web application testing including Web services, SOA, ERP and CRM

applications with Avalanche’s application testing capability to support cookies, session ID, dynamic link, automatic redirect, additional header, content validation, SOAP message, think time, variable think time and variable assignment.

o Triple Play Testing

Performs Triple Play testing, validates Triple Play service from the user’s point of view

with realistic voice calling and unicast and multicast video streaming, and simulates Internet data traffic using static IP address or IP address assigned by DHCP over PPPoE, VLAN and Stacked VLANs.

o Security Testing

Provides extensive testing for secure network communication, vulnerability assessment

and user authentication including: IPSec, SSL, 802.1x, Network Access Control (NAC) and RADIUS

Figure 46: Real-time statistics of HTTP

Figure 47: Real-time statistics of TCP



Figure 48: A summary of real-time statistics

Figure 49: Real-time statistics on Reflector

Reports and alerts

Avalanche Analyzer is an analysis tool that generates detailed reports and graphs (pdf or html presentation reports) from Avalanche results files. It performs analysis of the data, including min, max, average, protocol level details, TCP errors and trends info in graphical and textual views.



Figure 50: Network activity report summary

1.2.2.3.2. Network Tester (Agilent)

Network Tester is a solution for testing the real-world performance of network security, Triple Play and application-aware devices. It is a Layer 4-7 performance solution that creates a mix of application traffic through the simultaneously emulation of real voice, video, data, P2P traffic and multiple DDoS, spam and virus attacks on a single port.

Appearance:

Figure 51: The Agilent Network Tester Layer 4-7 Solution

Features:

User Interface

Network Tester’s graphical user interface allows users to create and execute real-world test scenarios. The user can drag and stack configurable protocol bricks to create multi-protocol traffic profiles combined with malicious attacks (without the need of scripting).


Network equipment manufacturers, service providers and network operators can use Network Tester to analyze application-aware devices to obtain real-world performance characteristics under peak levels of load and stress the network, as expected in real network environments.



Network Tester uses real Internet Data, VoIP, VoD and IPTV traffic. Combined with DoS attacks, malicious exploits and traffic impairments, the tool subjects the devices to complex traffic conditions. In addition, Network Tester is able to simulate proprietary protocols such as Peer-to-Peer, IM and On-line Gaming. That way, it can generate real-world mixes of Internet Data, VoIP, Streaming Video, IPTV and P2P traffic on the same interface.

Network Tester can simultaneously emulate multiple Denial of Service, worm, virus and

spam attacks to measure its impact on legitimate traffic performance. The generation of the traffic can be over integrated IPSec, IPSecv6, PPPoE, DHCP, 802.1x and VLANs. It can emulate tens of thousands of real clients and servers to measure device capacity, scalability and performance under load.

The tool reports real-time and granular QoE statistics, including MOS and MDI for Triple Play services, providing accurate insight into the device application layer performance. The tool supports different protocols such as :

• Application protocols: o HTTP, HTTPS, FTP, SMTP, POP3, DNS, Telnet, RTSP, RTP, IGMP,

Transport Stream, SIP, H.323, MGCP, SNMP, NFS, CIFS, ICMP, Traceroute, NNTP, DHCP, Jabber

• Integrated network access protocols:

o IPSec VPN, PPPoE, DHCP, 802.1x, VLANs

The String Editor of the tool permits the randomization of parameters such as URLs, spam subject lines, and e-mail file attachments. Network Tester’s Transaction Variability feature enables users to change parameters on the fly, without stopping the test.

Network Tester end-to-end (E2E) test capability allows to validate real-world performance and scalability of distributed network infrastructures, ensure device interoperability and guarantee network and service resilience to stress and malicious attacks. Real transactions can be generated between remote locations to emulate real-world traffic over complete network infrastructure.

Network performance and QoE statistics can be collected and analyzed in real time providing a picture of distributed network system performance, robustness and scalability.

Network Tester provides integration of application data, voice and video protocols with DoS attacks and other malicious exploits such as worm and virus infected traffic payload. Protocol and transaction mixing capabilities allow the creation of multi-protocol weighted traffic profiles that emulate real-world network environments. This provides a test solution that stresses all application aware device’s protocol specific processing features and options.

Network Tester’s supported protocols include Internet data, VoIP, VoD and IPTV protocols and is complemented with Capture/Replay feature for emulating proprietary applications such as Peer-to-Peer, File Sharing or On-line Gaming. VLAN support and access protocols such as IPSec, PPPoE, DHCP and 802.1x are also available with IPv6 capability.

Network Tester combines real-world application traffic generation with passive analysis features. It uses integrated Agilent Triple Play Analyzer, state of the art protocol and QoE analysis tool to monitor test traffic and provide real-time insight into all aspects of protocols and data services performance and quality (from the end user perspective). Triple Play Analyzer, running on Network Tester controller, calculates and tracks voice and video MOS and MDI scores in real-time on per call and per stream basis as well as performs packet and protocol analysis. This also includes ability to decode, view and listen to any voice and video stream in real-time for instant service quality assessment.



With Network Tester, users can simulate thousands of clients and servers to stress a device to its limits and generate and measure thousands of transactions per second or millions of user sessions.

Network Tester allows the user to validate the real-world performance limits of application-aware devices including firewalls, service-aware routers, session controllers and content servers. It has the ability to surround devices with real voice, video and data traffic with IPsec encryption and multiple DoS attacks.

Applications:

o Firewall testing

The NetPressure application covers network security and contents networking test needs. A broad range of protocols covers applications such as web, email, news, file transfer/sharing, instant messaging and streaming. Multiple protocols can be mixed on a single port to create tests. Fully integrated access protocols and VLAN are supported and stateful traffic can be generated over IPsec, PPPoE, DHCP and 802.1x without the need for scripts.

Firewalls use timers and keep state information. NetPressure's real-time control lets the user dynamically change parameters while the test is running (there is no need to stop and restart the test).

o VoIP testing

The NetPressure application covers network security emulating both H.323 and SIP calls (including both signaling and data) on a single port for realistic system testing. It mixes stateful VoIP and data application traffic on a single port to verify prioritization and ensure VoIP QoS and introduces DoS attacks and measures the impact on VoIP performance. The application scales VoIP traffic to emulate thousands of calls per second and simultaneous calls to determine the performance limits of the system. It measures real performance using stateful traffic, from a mix of applications, over both IPv6 and IPv4. The support for IPsec and IPsecv6 are integrated into the test plan environment.

Figure 52: VoIP testing

o Session border controller testing

NetworkTester complements VoIP test tools. The NetPressure application extends the test coverage, giving the confidence that the SBC (Session Border Controller) is ready to face the real world. It emulates both H.323 and SIP calls (including both signaling and voice packets)



on a single port for realistic system testing, introduces DoS attacks and measure the impact on VoIP performance. Mixes stateful VoIP and data application traffic over both IPv4 and IPv6 on each port to verify firewalling and intrusion prevention, and to ensure VoIP QoS. Moreover, the application scales VoIP traffic to emulate several calls per second and simultaneous calls to determine SBC performance limits. It is able to simulate proprietary protocols by capturing bidirectional traffic, create custom "protocol bricks", replay the traffic in a stateful manner, and multiply the traffic across multiple addresses to simulate many users and measure SBC scalability. The support for IPsec (and IPsecv6) is integrated into the test plan environment. SNMP traffic load can be added to verify SBC stability and indifference to Management Plane stress.

Figure 53: Session Border Controller testing

o E-mail virus / spam filter

The NetPressure application covers network security with transaction variability features, such as the emulation of large quantities of spam with dynamically varying content. It tests the performance of the virus filter with Client Profiles, which let the emulation of both legitimate email and email containing virus attachments. It scales the test up to reach the limits of the email filter.

o Triple play

NetworkTester offers high-speed data, VoIP and video testing on a single port, within a single test system. It emulates thousands of real users, changes the traffic application mix and measures the impact of data applications on voice and video performance.

The tool allows the user to add other multi-play applications, such as Instant Messaging, to complete the Multi-Play application mix. That way, mixes of application traffic can be emulated to characterize system performance limits and Quality of Experience under expected loads.

Proprietary protocols such as network games and P2P applications can be simulated and scaled using NetworkTester's Capture/Replay capability. Multiple sessions can be emulated on many different addresses to multiply application clients and servers. Many users can be emulated playing games, sharing files and using common messaging services. This capability enables to quantify the effectiveness of Application Traffic Management methods such as P2P



rate limiting, layer-7 packet classification and tagging, and application prioritization. For example, the user can measure the real-time performance impact of application-aware firewalls that can recognize and filter undesirable traffic.

With Network Tester, the user can add DoS attacks, spam and virus attachments to the application traffic mix. The tool shows the Quality of Experience degradation, whether VoIP call set-up time suffers or whether the system is able to maintain the priority of real-time traffic when detects attacks.

NetworkTester integrates VLANs and access protocols such as IPsec, IPsecv6, DHCP, PPPoE and 802.1x into a single NetPressure application, allowing to emulate voice, video and data applications, including proprietary protocols and attacked traffic, over combinations of access protocols, VPN tunnels, VLANs, and IPv4 and IPv6 address ranges.

Figure 54: Triple-Play testing



2. TRAMMMS Testbed for bottleneck analysis: Experimental set up

2.1. Network setup and requirements for experimental work

2.1.1. Testbeds for simulated traffic analysis Initially bottleneck analysis can be checked by means of simulations. A good set of

simulating tools for network behaviour has been described in previous section. With the objective of checking the usefulness of TRAMMS tools to detect bottlenecks, a combination of routing and link capacity measurements was developed and showed in the recent CELTIC event (Paris, 2009).

The main component of the this work is described in next section: A BGP probe that

supplies routing information from several border routers to feed a central repository; in fact, more than one single BGP repository could be fed but, for the test, only one management center was set up:

Scenario

Three adjacent autonomous systems were simulated (see figure) with three border routers exchanging routing information one another. Within each AS (autonomous system), the routes from every internal node to another external one may be dynamically modified. Such modifications are “announced” to the border routers at fixed intervals. In fact this scenario is simulated and can be changed to reproduce instabilities in the AS-AS links.

The purpose of this is accelerating the vision of what can be real situations that could take

several days, even months to happen.

Figure 55: Scheme of network simulated for BGP repository



Network All routes announced by the border routers are in fact simulated. This is achieved by

means of BGPsim, an open source software that emulates AS behaviour and the production of withdraws, new routes, etc. Such behaviour can be described by a local file that can, in turn, be modified to analyse different situations. Once the BGPsim is started, an AS behaviour is emulated as far as AS-AS routing concerns. Thus a failure of all routing form one AS to a neigbour can be simulated either total or partial. This is useful to represent the very realistic situation of an AS having two border routers, acting one as backup of the other to link that AS to a neigbour one.

In order to represent the network behaviour, in fact, three different BGPsim are used so

that each AS can be emulated independently (by means of their particular configuration file). A quagga instance is then required to emulate all the AS behaviour: A border router. Thus each AS is simulated by

a. A configuration file to determine the BGP behaviour b. BGPsim that runs that behaviour and announces withdraws or new routes c. A Quagga (virtual machine) that is run like a real border router for the simulated

AS. So, three routers are running independently, in three virtual machines. Each one is connected to an AS also simulated by another virtual machine running a BGPsim following its configuration file directives. Finally, all three routers are connected to reproduce the BGP behaviour. This operation is achieved by means of a (virtual) bridge; thus a network composed of three AS is obtained:

Figure 56: Virtual networks connections for the BGP arrangement Although the AS are simulated, the border routes are as real as any quagga device. Their

connection is also achieved by a virtual bridge but this is not relevant as far as routin information exchange concerns: All announces issued from AS#1 reach AS#2 and AS#3 (the

BGPsim

Config file

BGPsim

Config file

BGPsim

Config file

Bridge



same applies for any relashionship between other AS). Then a continous updating of routing tables within every AS is obtained and so a coherent status maintained.

Management network and roting exploitation

Even though the three AS were simulated, real border routers interact like in real world.

Furthermore, for the purpose of generating a BGP repository, real probes are used to capture routing announcements: A probe (described in next section) is connected to each (simulated) border router, then all announcements are supplied to a central management system that

1. Checks for coherence 2. Produces a unified view of the AS-AS routing

This view is represented (GUI) so that an operator can realize whether the situation

needs a rearrangement, migth lead to traffic troubles or can be automatically managed by the bordr routers. In fact, just by modifying the configuration BGPsim files, a wide range of situations can be analysed.

A complete log file is recorded to be used as “post mortem” analysis tool allowing for a

time diagram that illustrates bottlenecks formation possibly dues to bad routing choices.

2.1.2. Testbeds for field traffic analysis

Measurements of QoE are not precise enough to conclude significant decisions. The values one can reach with current techniques are too vague and certainly slow.

The integration of measurements and management of networks based on that values is

not covered yet. It requires extra investment on expensive equipment. To make it feasible for the operator

to introduce QoE measurements, TELNET RI proposes to take profit of already deployed equipment over working networks. As this equipment is remotely updateable the inconvenience for the operator is minimal.

Scenario Network

Netauditor is an evolution of the device CM100-IB by TELNET-RI (media converter with in

band management) that is actually installed in an ethernet network of Telefónica.



Figure 57: Test-bed for netauditort

Over this network Telefónica allows medium and big companies to build up their on private networks.

On the drawing two private networks are represented. The “yellow company”, established

in Barcelona, Valencia and Madrid, and the “blue company” settled down in Barcelona and Valencia.

Every settlement counts on a CPE (EDC in Spanish) at the LAN of the customer

premises. This is connected to the CM100-IB slave over fast Ethernet. This device acts as a demarcation point for the operator and defines its field of

responsibility. The slave device reaches the CM100-IB master over a long fiber cable at the central

offices, where the master device is connected to a MPLS switch.

Management network

Every master device is installed at the central offices of the operator and is manageable

over an extra network. The slave devices are managed “in band”, over the fiber cable.



There are good chances to get the product installed into a real network of a main operator in Spain during 2009. Sharing the results collected there depends on the operator itself.

2.2. Tools developed for TRAMMS

2.2.1. Netauditor Telnet manufactures demarcation points that are naturally used for network deployment

by the operators. We aim to improve the existing equipment and to convert it into demarcation point plus a QoE measuring probe for a similar price.

This way the operator increases significantly the visibility of the network, without having to cope with additional investment.

Telnet demarcation points are integrated into the management systems of important operators in Spain, so there is no need to invest into an extra network in order to gather the QoE information and manage accordingly the traffic network. Netauditor highlights are:

• Measurement over the whole path

• Constant monitoring in real time from the central offices

• Collection of historical statistics

• Provides the operator with visibility on the use of the network by the customer. It allows the operator to detect bottlenecks, as well as underused paths. Thus he can react commercially faster and offering his customers a better suited service.

Functional aspects

The aim is to characterize the quality of the customer traffic between one LAN and the LAN on the other edge.

EDC

slave

master

EBA

EDC

slave

master

1 2

Figure 58: QoS measurement with netauditort



The operator needs to guarantee a minimum QoS up to the edge of his network according to the contract signed with the customer.

Unfortunately not every edge of the network is delimited by a TELNET device, so there

will be paths of the network with less visibility.

The parameters measured to assure the IP performance are IP jitter, latency, packet loss, packets out of order and quality throughput.

TELNET understands quality throughput as the maximum traffic rate that is able not only to traverse the network but also respecting the QoS parameters accorded.

Management and data network impact

The operator allows TELNET to inject probe frames, but the throughput has to be as low as the customer traffic is always preserved and prioritised.

All links have to be separately testable, in order to be able to isolate failure. The configuration of the system is extremely easy and “plug & play”.

The amount of data travelling over the data network and management network is limited

so that the SNMP system runs smoothly on every condition.

WP4 – Algorithm design

TELNET-RI has participated very close to the UAM within the design of algorithms, with

periodic meetings and collaborative work. During this part of the development the task of TELNET-RI consisted of mainly specifying the design criteria for the UAM to think of algorithms that can be implemented on the HW platform developed by TELNET RI. Thus, TELNET RI would be able to keep the product at a reasonable price and the development on feasible timing.

In similar way, and together with the operator Euskaltel, the quality parameters to be

measured and the precision required have been defined to satisfy the needs of the operator.

In fact two phases have been identified for measuring the quality of service of traffic passing by. The first one involves classifying the traffic and the second selecting the parameters that affect the experience of the user sending that flow.

That way the main classes of traffic and their more indicative parameters have been

searched, measured and tested.

An architecture of devices acting as satellites around one central equipment has been also used. It allows keeping down the prices of satellites, passing the most complicated calculus to the central node, keeping at the same time high measurement precision and wire speed.

WP4 – HW development and algorithm implementation

TELNET provided the human and economical resources to count on a HW platform by the end of 2008.



The algorithms of the UAM have been integrated into the platform and field testing will be possible during 2009.

2.2.2. BGP probe The purpose of analysing bottlenecks and determine their possible origin in routing

errors requires that a device sends BGP information (routing tables and announcements) to a central system. This is accomplished by a probe linked to the border router that does not interact with the rest of routers but just litsents:

Figure 59: Software architecture of the BGP repository formation The Design of the probes aimed at being simple, flexible and not expensive. Thus a

general purpose hardware platform was chosen:

• Minimal hardware requirement of having two Ethernet ports. • Little memory requirement (2 Gbytes) to store the application. • Robust platform with tow versions: For rack installation and for table.

Figure 60 shows a view of the probe. As for the software, the BGP probes are based on open software (quagga) with little

modifications to capture routing information (without propagating it to other routers) and send it to a centralized management system whenever this one asks for updating announcements or routing tables. This is illustrated in Figure 61.



Figure 60: Hardware platform of the BGP probe

Figure 61: Software architecture of BGP capture by means of the BGP probes BGP repository construction As Figure 60 shows, the purpose of building anBGP repository up is achieved

connecting one or mor BGP probes to a central system that either periodically or assynchronously asks for BGP information (announcements and routing tables) to the probe(s)

This way, operators can investigate if routing malfunction has happened. Besides, for

the demo shown in Figure 55, a prototype of such central system was developed to create alarms whenever a critical number of AS-AS routes were announced for a given link.

AS#1

AS#2

AS#3

Border router BGP probe



2.2.3. One Way Delay measurements based on GPS synchronization

There is nowadays an increasing interest in the surveillance of IP networks, in order to

assess its appropriate performance. This interest arouses for the needing both from users and operators to monitor the Quality of Service of the Internet connection. The aim of QoS monitoring is to assure that the levels of quality agreed with the provider are fulfilled (Service Level Agreement compliance). In a SLA, both parts of the agreement established certain levels of quality that must be satisfied by the provider of the service. Those levels of quality are commonly measured in terms of delay and capacity, among others. For this reasons, it is of crucial interest to have accurate measurements of the One Way Delays in IP networks. Measuring OWD is a very challenging task and reams and reams have been written on the subject. Nowadays there is no way to measure OWD accurately without synchronizing both ends of the measurement. There have been several approaches to perform this synchronization, but the only one fulfilling the precision needed by SLA compliance must use a Common Time Source based on GPS modules.

Developed solution UAM has developed two approaches for a Common Time Source synchronization

based on GPS modules to monitor One Way Delay for SLA compliance purposes, with a tradeoff between cost of the solution and its precision. On the one hand we have a software solution based on a Linux Kernel module that timestamps with high precision (in the order of µs.) packets on their arrival. This software solution has less precision than the hardware solution, but it has lower cost, as it would only need a conventional PC and a GPS module (see Figure 62).

Figure 62: Software OWD monitoring solution

On the other hand there is a hardware based solution that makes use of a Field Programmable Gate Array and a Linux driver (see Figure). It is able to timestamp packets both on arrival and departure with an accuracy of nanoseconds, having also the advantage of being upgradeable to 10 Gbps.



GPS

Ethernet PCI Card

Memory

GPS ControlPPS

Ethernet Interface 1Gb

Ethernet Receiver

Ethernet Sender

PCI BusPCI module

FPGA

Figure 63: Hardware OWD monitoring solution Delay measurement Figure 64 shows a sketch of the testbed used in the 4th Annual Celtic Event of 2009

that took place in Paris. There was a FPGA like that one shown in Figure 63 in Madrid sending and timestamping user configurable burst of UDP packets. These packets were received in Paris through a conventional Internet connection and timestamped on arrival both by the hardware and software solutions, computing and graphing the elapsed time between timestamping on departure and arrival.

Figure 64: Demo testbed used in the Celtic Event 2009

2.2.4. Bandwidth Available in Real Time (BART)

BART is a new method for estimating the end-to-end available bandwidth over a network path. It estimates bandwidth quasi-continuously, in real-time. The method has also



been implemented as a tool. BART relies on self-induced congestion, and repeatedly samples the available bandwidth of the network path with sequences of probe-packet trains, sent at randomized rates. BART requires little computation for each sample which makes it lightweight with respect to memory requirements, and adds only a small amount of probe traffic to the network path.

With restricted access to traffic statistics recorded by intermediate network nodes the

estimation of available end-to-end bandwidth is only feasible by active probing of the network path. This kind of active measurement only requires access to the sender and receiver hosts. By injecting probe traffic into the network, and then analyzing the observed effects of cross traffic on the probes, BART can estimate the available bandwidth. As a side effect it also estimates the link capacity of the tight link.

Some of the features of BART are: • It produces an estimate quickly • Estimation stability can be traded for agility • Tuning is largely automatic, that is there are few parameters that need manual

adjustment. Nevertheless BART may be tuned according to the specific needs of the measurement application, such as agility vs. stability of the estimate; or to characteristics of the bottleneck link.

• The memory requirements are minimal, as only the previous estimate and the new measurement are needed to calculate the new estimate of the available bandwidth.

When passive monitoring of network traffic is not possible other methods for analyzing

network traffic and paths are needed. In the TRAMMS project, BART (“Bandwidth Available in Real Time”) [2-8] is used for this purpose. BART is a method for estimation of end-to-end available bandwidth and in principle BART utilizes active probing in order to determine the point of congestion; this point defines the available bandwidth. If the probes are sent at such a high rate that congestion occurs the probing rate is above the available bandwidth and wise versa if the probes does not cause congestion the rate is below the available bandwidth. The concept of active probing is visualized in Figure 65.

Figure 65: Illustration of how BART utilizes active probing.

BART uses the inter-packet strain ε, shown in Figure 65, as an indicator on whether the

probe packets sent with rate u caused congestion or not. The strain is zero for the uncongested network and rises linearly with increasing input rate u during overload. For each measurement sample ε BART updates the estimate of available bandwidth and bottleneck link capacity using a Kalman filter.

The BART Kalman filter

In a Kalman filter-based approach [1] the system state X, in this case the available bandwidth and link capacity, is estimated from repeated measurements of the inter-packet strain ε. The system is influenced by a control input u, in this case the probe-packet rate. For each new measurement sample ε above zero a new system state estimate x̂ is calculated. The process is illustrated in Figure 66. The update of the old system state using the new



measurement sample is done using weights which is based on the variance of the sample as well as other tunable filter parameters.

Figure 66: The filtering process.

The estimator, depicted in Figure 66, requires a model describing how the system state

X relates to the inter-packet separation strain ε. The model used in BART is shown in Figure 67. In principle, the inter-packet strain is zero if the probe-packet rate is below the available bandwidth while it increases linearly when sending probe packets at increasing rates above the available bandwidth. The system state X is actually a two field vector describing the sloping line shown in Figure 67. The definition of the available bandwidth using BART terminology is the probing rate u that corresponds to the point where ε deviates from zero.

An additional feature of the underlying model is that it can also be shown that the slope

of the line in the overload range is the inverse of the bottleneck capacity.

Figure 67: The BART measurement model.

Using the model shown in Figure 67, the estimator tries to predict the system state. The prediction of the system state is then corrected using the measurement sample, if ε is above zero. This process is repeated for each new measurement sample thus tracking the available bandwidth and link capacity in real time.

Evaluation of BART BART has been evaluated in several scenarios and settings such as in laboratory

networks, over Internet paths and in networks where the bottleneck has been an 802.11b or HSPA link. Most of the results have been published in academic conferences such as in references [2-8]. The results indicate that BART estimates the end-to-end available bandwidth as well as the bottleneck link capacity with the desired accuracy. Further, BART outperforms

u

ε

0 AB

x̂

x̂ new estimator

X

u ε system



pathChirp [9] – a similar tool that also produces estimates of bandwidth in real time – in terms of accuracy and response to rapid changes in available bandwidth.

Using the model shown in Figure 67, the estimator tries to predict the system state. The

prediction of the system state is then corrected using the measurement sample, if ε is above zero. This process is repeated for each new measurement sample thus tracking the available bandwidth and link capacity in real time.

BART has been evaluated in several scenarios and settings such as in laboratory

networks, over Internet paths and in networks where the bottleneck has been an 802.11b or HSPA link. Most of the results have been published in academic conferences such as in references [2-8]. The results indicate that BART estimates the end-to-end available bandwidth as well as the bottleneck link capacity with the desired accuracy. Further, BART outperforms pathChirp [9] – a similar tool that also produces estimates of bandwidth in real time – in terms of accuracy and response to rapid changes in available bandwidth.

Figure 68: Setting for BART evaluation in operator networkl. The proposed measurement setup is illustrated in Figure 68. BART measurement

nodes are linked to routers at different places in the operator access network. Traffic-log nodes are attached to the links using taps (e.g. fiber taps or Ethernet taps depending on network). Using the BART nodes it is possible to estimate the available bandwidth between the two, and using log nodes along the network path with taps hooked to the link the true available bandwidth can be estimated by subtracting the cross-traffic load from the known link capacity. This way, BART can be evaluated in operational networks having real users.

D4.2 Broadband Bottleneck Analysis and Capacity Planning

Documents

Transcript of D4.2 Broadband Bottleneck Analysis and Capacity Planning