Balanced Path Generation and Reliability Extension for In-band Network Telemetry

Download
2021-5
ŞİMŞEK, GÖKSEL
Network monitoring is one of the key aspects to ensure communication reliability in case of failures and malicious activities and has several design issues depending on the system characteristics. As traditional monitoring solutions usually rely on periodic updates between the network controller and ordinary nodes, scalability re- mains a challenge, especially for large-scale systems. A recent solution, the In-Band Network Telemetry (INT) framework, allows data packets to probe the nodes while traversing the network. Accordingly, INT allows special packets to carry accumulated performance information of multiple switches, reducing the overhead between the controller and other nodes. Even though INT may significantly reduce the communi- cation overhead, there are several design problems to achieve effective usage of the INT framework. These design problems are (i) minimization of the control overhead, (ii) guaranteeing the freshness of telemetry information and (iii) minimization of the redundancy. In this work, we formulate requirements as an optimization problem, Balanced Simple INT path generation Problem (BSIP), to generate balanced, simple INT paths. Due to the optimization problem’s search space complexity, we propose a heuristic, Graph Partitioned INT (GPINT), to find balanced paths to forward in-band telemetry information to satisfy these three requirements. Furthermore, we customize the INT framework to support custom and dynamic measurement ranges to achieve flexible monitoring. With this customization, the controller gains the ability to adapt measurement requests according to the network conditions. We present an extensive analysis of our approach, GPINT, and compare it with a recent study that uses Euler’s method for path generation. Our numerical results show that GPINT outperforms its opponent in terms of all three requirements. To verify our claims made in numerical analysis, we deploy path generator approaches on a simulation environment and test with various settings. The simulation results show the importance of the defined re- quirements and verify GPINT’s performance observed in numerical analysis. During the simulations, we realize that the INT framework is prone to packet losses and may cause partial information blackouts while obtaining a holistic view. Therefore, we propose a data recovery architecture as an auxiliary module to monitoring systems. We thoroughly test the recovery module in our simulations and measure its efficiency.

Suggestions

Analysis of recent attacks on SSL/TLS protocols
Özden, Duygu; Cenk, Murat; Department of Cryptography (2016)
Transport Layer Security(TLS) and its predecessor Secure Socket Layer(SSL) are two important cryptographic, certificate based protocols that satisfy secure communication in a network channel. They are widely used in many areas such as online banking systems, online shopping, e-mailing, military systems or governmental systems. Being at the center of secure communication makes SSL and TLS become the target of attackers and an important field of study for researchers. So many vulnerabilities and attacks towar...
Dependability design for distributed real-time systems with broadcast communication /
Kartal, Yusuf Bora; Schmidt, Şenan Ece; Department of Electrical and Electronics Engineering (2014)
The operation of distributed systems relies on the timely exchange of message data via dependable communication networks. Previous works suggest hardware redundancy for potential faults in the underlying network infrastructure to achieve dependability. However, software faults and faults that cannot be resolved on the hardware level are not considered in the existing literature. This work proposes a new method for software fault-tolerant communication in distributed real-time systems with communication netw...
Architectural design of an access control system for enterprise networks
Kirimer, Burak; Özgit, Attila (2007-11-09)
Client computers in enterprise networks have the potential to be the source of serious security problems, especially when their hardware and software components are out of physical administrative control. Besides, services in the network may have client configuration requirements. We propose a system composed of a policy management and enforcement server and client agents, which authenticates the client users and checks their computer configurations before allowing their access to services. The information ...
Implementation and Evaluation of Age-Aware Downlink Scheduling Policies in Push-Based and Pull-Based Communication
Oğuz, Tahir Kerem; Ceran Arslan, Elif Tuğçe; Uysal, Elif; Girici, Tolga (2022-5-01)
As communication systems evolve to better cater to the needs of machine-type applications such as remote monitoring and networked control, advanced perspectives are required for the design of link layer protocols. The age of information (AoI) metric has firmly taken its place in the literature as a metric and tool to measure and control the data freshness demands of various applications. AoI measures the timeliness of transferred information from the point of view of the destination. In this study, we exper...
Implementation and evaluation of the dependability plane for the dynamic distributed dependable real time industrial protocol ((D₃RIP))
Sezer, Ömer Berat; Schmidt, Şenan Ece; Schmidt, Kalus Werner; Department of Electrical and Electronics Engineering (2013)
Dynamic Distributed Dependable Real Time Ethernet Industrial Protocol (D3RIP) is a real time industrial communication protocol that runs over shared-medium Ethernet with COTS hardware. The protocol consists of an interface layer that enables time slotted communication and a coordination layer that guarantees collision avoidance and timely delivery of real time messages generated by the control application. At the current development stage, these two layers of the protocol are fully implemented and tested. T...
Citation Formats
G. ŞİMŞEK, “Balanced Path Generation and Reliability Extension for In-band Network Telemetry,” M.S. - Master of Science, Middle East Technical University, 2021.