Tramms D4.2

Project deliverable CELTIC TRAMMS
D4.2 - Broadband bottleneck analysis and capacity planning Public 1 (64)

T TR RA AM MM MS S T TR RA AF FF FI IC C M ME EA AS SU UR RE EM ME EN NT TS S A AN ND D M MO OD DE EL LS S I IN N M MU UL LT TI I- -S SE ER RV VI IC CE E
N NE ET TW WO OR RK KS S

D DE EL LI IV VE ER RA AB BL LE E 4 4. .2 2: : B BR RO OA AD DB BA AN ND D B BO OT TT TL LE EN NE EC CK K A AN NA AL LY YS SI IS S A AN ND D C CA AP PA AC CI IT TY Y
P PL LA AN NN NI IN NG G

Identifier: Deliverable D4.2
Class: Report
Version: V06
Version Date: 24/06/2009
Distribution: Public
Responsible Partner:


T TA AB BL LE E O OF F C CO ON NT TE EN NT TS S
ACRONYMS .................................................................................................................................. 3
1. TESTBEDS FOR BOTTLENECK ANALYSIS DEVELOPMENT: STATE OF THE
ART 8
1.1. NETWORK INFRASTRUCTURE AND AVAILABLE TOOLS................................. 8
1.1.1. Core and transit network capacity planning............................................................................ 8
1.1.2. Access network capacity planning.......................................................................................... 8
1.1.3. Application-layer capacity planning ........................................................................................ 8
1.2. ANALYTICAL TOOLS ................................................................................................. 9
1.2.1. Simulation tools....................................................................................................................... 9
1.2.1.1. MATE (Cariden) ............................................................................................ 9
1.2.1.2. SP Guru Network Planner (OPNET) ....................................................... 13
1.2.1.3. Traffic Explorer (Packet Design) .............................................................. 17
1.2.1.4. Design Expert (Netformx).......................................................................... 21
1.2.1.5. IP/MPLSView (Wandl) ............................................................................... 23
1.2.1.6. NetScope (TurboSoft) ................................................................................ 25
1.2.2. Emulation tools ..................................................................................................................... 28
1.2.2.1. Network emulation...................................................................................... 28
1.2.2.1.1. GEM (Spirent)............................................................................................. 28
1.2.2.1.2. Shunra Virtual Enterprise (Shunra)......................................................... 32
1.2.2.2. Access Network emulation........................................................................ 37
1.2.2.2.1. DSL (Spirent) .............................................................................................. 37
1.2.2.3. Application-level traffic emulation ............................................................ 41
1.2.2.3.1. Avalanche (Spirent) .................................................................................. 41
1.2.2.3.2. Network Tester (Agilent) ........................................................................... 47
2. TRAMMMS Testbed for bottleneck analysis: Experimental set up................................. 52
2.1. Network setup and requirements for experimental work.............................................. 52
2.1.1. Testbeds for simulated traffic analysis ................................................................................. 52
2.1.2. Testbeds for field traffic analysis .......................................................................................... 54
2.2. Tools developed for TRAMMS .................................................................................... 56
2.2.1. Netauditor ............................................................................................................................. 56
2.2.2. BGP probe ............................................................................................................................ 58
2.2.3. One Way Delay measurements based on GPS synchronization......................................... 60
2.2.4. Bandwidth Available in Real Time (BART) ........................................................................... 61

ACRONYMS

ADSL Asymmetric Digital Subscriber Line
API Application Programming Interface
AS Autonomous System
ATM Asynchronous Transfer Mode
BER Bit Error Rate
BGP Border Gateway Protocol
BPON Broadband Passive Optical Network
CCC Circuit Cross Connect
CIDR Classless Inter-Domain Routing
CIFS Common Internet File System
CoS Class of Service
CPD Customer Premises Equipment
CRC Cyclic Redundancy Check
CRM Customer Relationship Management
CSPF Constrained Shortest Path First
CSV Certified Server Validation
DDoS Distributed Denial of Service
DHCP Dynamic Host Configuration Protocol
Diffserv Differentiated Services
DSCP Differentiated Services Code Point
DSL Digital Subscriber Line
DUT Device Under Test
ECMP Equal-Cost Multi-Path
EIGRP Enhanced Interior Gateway Routing Protocol
EPON Ethernet Passive Optical Network
ERP Enterprise Resource Planning
FPGA Field Programmable Gate Array
FRR Fast ReRoute
FTP File Transfer Protocol
GbE Gigabit Ethernet
Gbps Gigabit per second
GFP Generic Framing Procedure
GPON Gigabit Passive Optical Network
GUI Graphical User Interface
HPC High Performance Computing
HSRP Hot Standby Router Protocol
HTML HyperText Markup Language
HTTP HyperText Transfer Protocol
HTTP HyperText Transfer Protocol
HTTPS HyperText Transfer Protocol Secure
ICMP Internet Control Message Protocol
IDS / IPS Intrusion Detection System / Intrusion Prevention System
IGMP Internet Group Management Protocol
IGP Interior Gateway Protocol
IGRP Interior Gateway Routing Protocol
ILM Interim Local Management
IM Instant Messaging
IP Internet Protocol
IPSec Internet Protocol Security
IPTV Internet Protocol Television
IPv4, IPv6 Internet Protocol version 4, and 6 respectively
IS-IS Intermediate System to Intermediate System
iWARP Internet Wide Arear RDMA Protocol
LAN Local Area Network
LCAS Link Capacity Adjustment Scheme
LDP Label Distribution Protocol
LLQ Low Latency Queuing
LSP Label Switched Path
MAC Media Access Control
Mbps Megabit per second
MDI Media Delivery Index
MGCP Media Gateway Control Protocol
MNS Microsoft Network System
MOS Mean Opinion Score
MPEG Moving Picture Experts Group
MPLS MultiProtocol Label Switching
NFS Network File System
NNTP Network News Transfer Protocol
OSI Open System Interconnection
OSPF Open Shortest Path First
OSPF-TE Open Shortest Path First Traffic Engineering
OTN Optical Transport Network
P2P Peer-to-Peer
PCAP Packet CAPture
PIM-DM Protocol Independent Multicast Dense Mode
PIM-SM Protocol Independent Multicast Sparce Mode
PIM-SSM Protocol Independent Multicast Source Specific Multicast
PNNI Private Network-to-Network Interface
PON Passive Optical Network
POP3 Post Office Protocol version 3
PVP Permanent Virtual Path
QoS Quality of Service
RIP Routing Information Protocol
RIPng Routing Information Protocol next generation
RSVP Resource ReSerVation Protocol
RTP Real-time Transport Protocol
RTSP Real-time Streaming Protocol
SDH Synchronous Digital Hierarchy
SFP Small Form Factor Pluggable
SHDSL Single-pair High-speed Digital Subscriber Line
SIP Session Initiation Protocol
SLA Service Level Agreement
SNMP Simple Network Management Protocol
SOA Service Oriented Application
SOAP Simple Object Access Protocol
SONET Synchronous Optical Network
SPF Shortest Path First
SPT Shortest Path Tree
SRLG Shared-Risk Link Group
SSH Secure SHell
SSL Secure Socket Layer
STP Spanning Tree Protocol
TCL Tool Command Language
TCP Transmission Control Protocol
TDM Time-Division Multiplexing
TLS Transparent LAN Services
ToS Type of Service
UDP User Datagram Protocol
URL Uniform Resource Locator
VDSL Very high bit-rate Digital Subscriber Line
VCAT Virtual conCATenation
VLAN Virtual Local Area Network
VNC Virtual Network Computing
VNE Virtual Network Environment
VNN Virtual Network Navigator
VoD Video on Demand
VoIP Voice on IP
VPL Virtual Private LAN
VPLS Virtual Private LAN Service
VPN Virtual Private Network
VRRP Virtual Router Redundancy Protocol
WAN Wide Area Network
WFQ Weighted Fair Queuing
XFP 10 Gigabit Small Form Factor Pluggable
XML Extensive Markup Language


E EX XE EC CU UT TI IV VE E S SU UM MM MA AR RY Y

Capacity planning is the science of estimating the resources of a network (space,
computer hardware, software and connection infrastructure resources) that will be needed over
some future period of time. A typical capacity concern is whether resources will be able to
handle an increasing number of requests as either the number of users or interactions increase
or if the infrastructure is able to cope with the requirements in terms of packet-loss, latency and
jitter of the services (VoIP, IPTV, etc.) traversing it. Capacity planning tools help users meet the
anticipated need for adding new capacity just-in-time to avoid having unused resources for long
periods of time and/or for QoS network policies redefinition in order to guarantee network SLAs
in parallel with traffic growth and new services deployment. Having a look at the importance of
the capacity planning tools, this documents analyses in depth the behavior of these tools
divided into different groups:
Simulation tools
Emulation tools
o Network emulation
o Access network emulation
o Application-level traffic emulation

Moreover, the document describes the testbeds for bottleneck analysis showing the
difference between testbeds for simulated traffic analysis and testbeds for field traffic analysis.

And finally, the document details the fundamental aspects of the tools developed for
TRAMMS:
Netauditor
BGP probe
One Way Delay measurements based on GPS synchronization
Bandwidth Available in Real Time (BART)

1. TESTBEDS FOR BOTTLENECK ANALYSIS DEVELOPMENT:
STATE OF THE ART
1.1. NETWORK INFRASTRUCTURE AND AVAILABLE TOOLS

Capacity planning is the science of estimating the resources of a network (space,
computer hardware, software and connection infrastructure resources) that will be needed
over some future period of time. A typical capacity concern is whether resources will be able
to handle an increasing number of requests as either the number of users or interactions
increase or if the infrastructure is able to cope with the requirements in terms of packet-loss,
latency and jitter of the services (VoIP, IPTV, etc.) traversing it. Capacity planning tools help
users meet the anticipated need for adding new capacity just-in-time to avoid having unused
resources for long periods of time and/or for QoS network policies redefinition in order to
guarantee network SLAs in parallel with traffic growth and new services deployment.

The capacity planning can be separated into three main groups:
1.1.1. Core and transit network capacity planning

The core and transit capacity planning focuses on the lower layers (1-3) of the OSI
model applied to the core and transit networks. These tools allow the definition of scenarios
based on different topologies, routing protocols configurations, load level of the links, protection
strategies, etc.

In order to perform these analyses, two different types of tools can be considered. The
first ones, the simulation tools, allow the collection of the actual network information and
import of the data to the tool. This way, the collected information can be used as a starting point
to perform different simulations. Using these type of tools, users can come up with a plan for
handling different what if scenarios, changing the parameters of diverse protocols, QoS
policies configuration, simulating the failure of a link or node, etc. These applications contribute
to optimize core and transit network design to address per CoS SLA guarantee in terms of
availability, packet-loss, latency, jitter, etc., both under normal circumstances and after a
network failure.

On the other hand, network emulation tools also work on lower OSI layers, allowing
the emulation of diverse impairments (latency, jitter, packet loss) that can be present in a
network. This way, users are able to verify the behaviour of any service traversing the emulated
network, which could recreate a real-world network where the service will be deployed.

1.1.2. Access network capacity planning

Conversely to core and network capacity planning tools, there are no specific access
network simulation tools that recreate the behaviour of a GPON FTTH network or DOCSIS
based cable network, for instance. In the access network, the focus is on network emulation
tools that exclusively work on the physical layer (the first layer of the OSI model) of point to
point access network like xDSL networks (VDSL2, ADSL2+, etc.). These tools emulate
impairments related to copper lines, such as crosstalk or white noise. No network emulation
tools have been developed for multiaccess access networks like Wimax, DOCSIS, GPON, etc.

1.1.3. Application-layer capacity planning

Application-level capacity planning takes into account the higher layers (4-7) of the
OSI model, so traffic will be analyzed up to the application level. The tools that perform this type
of analysis allow the user to perform simulations recreating different application traffic such as
real-time voice, video, data, P2P traffic, DDoS atacks, etc., in order to asses how a network or
device is able to handle different applications under different load scenarios.

The deep packet inspection, as a technology that is able to inspect and take actions
based on the content of the packet (up to the application level) can be used to predict and solve
bottleneck issues. For example, it may be possible to predict the type and amount of traffic
within a small period of time and correlate the traffic conditions with the bottlenecks of the
network. The subscriber and aggregated traffic are been currently studied in the Work Package
3 of this project, monitoring the traffic with the Packet Logic system from Procera Networks.
PacketLogic is a state-of-the-art deep packet inspection (DPI) solution that offers an extensive
feature-richness in the software modules LiveView, Filtering, Traffic Shaping, Statistics and
WebStatistics. Procera, Narus, and Ellacoya are front-runners in development of this
technology, having placed equipment throughout the world.

On the other hand, the increasing threats such as viruses, worms and spyware that can
overload a network and cause bottlenecks can be detected using deep packet inspection.

1.2. ANALYTICAL TOOLS
1.2.1. Simulation tools
1.2.1.1. MATE (Cariden)
The MATE framework, inside Caridens capacity planning and traffic engineering
products, provides a process for gathering and accessing data, visualizing the network,
demand estimation, interacting with simulations and optimizations, and creating reports and
action plans.

Packages and modules:
MATE is packaged into network-specific packages with specialized modules:
The IGP Simulation Package
The IGP Metric Optimization Package
The MPLS Simulation Package
The Explicit Routing Optimization Package
The Demand Deduction Module
The BGP Simulation Module
The Capacity Analysis Module
The Network Interface

Features:
Data collection / exportation
MATE Network Interface enables to gather network topology information. Netflow
collectors (e.g. Arbor, Adlex) can be used to build the traffic matrices.

User Interface
MATE offers a graphical view of network topology and traffic. It allows an interactive
design work. Through the graphical view of the tool, the user can change the topology of the
network and the link properties.
The tool provides topology views and near real-time traffic reports that can be
accessed via web browser.

Figure 1: MATEs user interface.

Analysis and simulation
Caridens MATE is a capacity planning tool useful to determine capacity bottlenecks,
explore what-if scenarios, evaluate additional links and nodes, analyze layer 1 vs. layer 3
protection, determine whether peering links are sufficient to withstand failures, examine effect
of IGP changes on peer and customer traffic, perform a single-provider multiple-AS analysis
and traffic engineering, determine IGP metrics to balance traffic (evaluating weekly, when
topology changes or after disastrous failures), diagnose severity of failures
Starting with the features of the different modules, the IGP Simulation Package lets the
user perform simulations under normal conditions or under failures (differentiating, if the user
wants, the classes of service). In these simulations, several changes can be made as, for
instance, the failure of single nodes, SRLGs or single circuits. It can also simulate multiple
bandwidth levels fixing, for example, multiple times of day. The IGP used can be either OSPF
or IS-IS. In addition, the tool can be configured to be Diffserv aware, and it also supports
ECMP.
Demands Deduction Module estimates the point-to-point demands between specific
nodes based on link utilization measurements, total node in/out traffic and measured
demands (e.g. Netflow or Juniper DCU).
MATEs Network Interface allows the SNMP access to the network (no router features
or configurations are required). For the network discovery, OSPF and IS-IS routing tables are
used. The process consists of querying routers for more information and taking a snapshot of
the actual traffic levels (including BGP session).
The MPLS Simulation Package simulates MPLS network under normal conditions or
adding different failures (failure sets, bandwidth levels and other parameters can be fixed).
This package supports two versions of MPLS tunnel routing:
Dynamic tunnel routing using CSPF
Explicit tunnel routing using primary, and optionally secondary, paths
Using this package, the user can perform real IP MPLS simulations.
With the BGP Simulation Module, network nodes may be defined to belong to different
ASes and the IP Simulation tool will simulate BGP routing between these ASes. Collapsed
ASes allow simulation of traffic to and from them with unknown topology (for example, peers,
transit ASes and customers). This modules failover matrices specify explicitly the behaviour
of the traffic failing over between border circuits to or from collapsed ASes, when topology
information is not sufficient for a complete BGP simulation.

The Metric Optimization Package
is based on the traffic engineering for
pure IP networks. This package shows
latency policies and is used to optimize
the metrics for normal or failure
operations. It offers an automated
calculation of IGP metrics to meet
objectives (QoS, latency bounds, etc.).
The aim is to minimize the maximum
worst-case link utilization and/or
minimize the number of links with normal
or failure utilization above a certain
percentage. With a right usage of the
package, SPF metrics can be optimized
within 80-95% of the theoretical
efficiency.
It is also useful in MPLS network to
optimize routing in LDP network and
improve routing in Dynamic/CSPF MPLS
networks.

Figure 2: Metric optimization settings

Figure 3: Worst-case link utilization,
Before optimization (latency based metrics)

After optimization (15 out of 100 metrics changed)
The Explicit Routing Optimization Package allows the calculation of MPLS explicit
paths (primary, and optionally, secondary paths). As the previous module, the objective is to
minimize the maximum worst-case link utilization and/or minimize the number of links with
normal or failure utilization above a certain percentage, but unlike the Metric Optimization
Package, it has another objective that is to maximize disjointness with the corresponding
primary path. So, with this package, the explicit routing can be optimized within the 90-95%
of the theoretical efficiency. This application is useful for optimize explicit paths based on
actual IP traffic and routing, not just LSP bandwidths.

The Capacity Analysis Module is
used to calculate optimal, protocol-
independent routing in a network in
normal operations or failure conditions
(including multi-commodity-flow routing).
So the usage of this module turns
around the identification of bottlenecks.
The selection of the network whose
capacities must constrain the network
traffic provides guidance in capacity
planning. It also gives an indication of
how close any given real routing
simulation can approach the maximum
efficiency in the network.

Figure 4: Bottleneck analysis. As the image
shows, links of the net are coloured in a
different ways depending on the usage of
each link.

Reports and alerts
The reporting functionality of the tools collects the information about network general
information (topology, bandwidth and demands summary), usage (simulation summary, and
circuit and interface utilization results in normal and worst cases), demands (demand
statistics including QoS and routing) and tunnels (tunnel statistics of routing, traffic, failures,
etc.). These reports can also be accessed by the web browser showing a general view of
management, operations (monitoring traffic anomalies) and capacity planning (reporting
developing trends).

Figure 5: WAN latency metrics

1.2.1.2. SP Guru Network Planner (OPNET)

OPNET's SP Guru Network Planner is a software product to model Layer 2/3
networks, including routers, switches, firewalls, protocols, and traffic demands. This tool
supports what if analysis such as survivability, capacity planning and traffic engineering.

SP Guru Network Planner is an OPNET solution for capacity planning. To
complement the tool, there are some other solutions (independent but with the possibility to
join each other) depending on user needs. Some of the mentioned solutions are listed below:

SP Sentinel SP Sentinel is a software appliance for ensuring network integrity,
security and policy-compliance. It performs systematic configuration audits, analyzing
an up-to-date model of the production network to diagnose device misconfigurations,
policy violations, inefficiencies and security gaps.
SP Guru Transport Planner This tool is a network planning solution that enables
service providers and network equipment manufacturers to design resilient optical and
SDH/SONET networks. It has a multi-layered network presentation, broad technology
support, and cutting edge optimization and design capabilities.
OPNET nCompass for Service Providers This tool provides a graphical
visualization of large, heterogeneous production networks, including devices, their
interconnectivity, traffic and status. nCompass for Service Providers unifies data from a
wide range of network management tools, providing views for navigation and analysis.
nCompass for Service Providerss geographical network dashboard is dynamically
updated with real-time operational information. Third-party tools and programmed
scripts can be launched from its console for deeper drill-down and assisted
troubleshooting.
Features:
SP Guru Network Planner can create a virtual network environment in different ways:
Manual creation
Partial automation
Full automation
The manual creation is useful especially for small scale networks as well as for
incremental changes to topology.
The partial automation imports the data from multiple sources (using eXpress Data
Import, XDI). It constructs the virtual network using the configuration files.
And the last one, the full automation, means that the whole network information can be
collected by the network manager tools (VNE Server, for example, gathers data from a
variety of sources and communicates with SP Guru Network Planner across network) and the
collected information can be imported to the SP Guru Network to Planner.

User Interface
The tool provides a network virtual environment to study the networks behaviour by
means of a graphical view.

Figure 6: User interface. Network links are
different coloured depending on the usage of the
link and the arrow width of the links are different
depending on the throughput.
The tool shows routes between
selected nodes (graphically represented
by a dotted line) or from one source to all
destination nodes interfaces (including
loopbacks).
It contains several options to
change the view of the virtual network.
The user can hide or show objects of
different types, add background maps
(filling in the information about the
location: latitude and longitude of each
node), visualize the protocol
configuration, visualize IGP metrics (new
in 14.5 version of the tool) or even show
a birds eye viewer.

In connection with the interface, it contains layouts for different working ways: circular,
hierarchical or schematic. It also allows the view of BPG peers, IP interface status, IP routing
domains, IP QoS configuration and IP tunnel configuration.
The tool provides drag and drop approach to build the virtual network.
Moreover, it contains a palette, which is a collection of OPNET objects like nodes,
links, paths or subnets and provides the user the possibility to create them with any
combination of objects (Cisco devices, Ethernet workstations, servers, hubs, switches, links
or a custom-made device).
The opened projects in SP Guru Network Planner can contain one or more scenarios
so the user can compare the results between them.

The objects that are represented in the graphical view have their own attributes. This
attributes define the object and that way, the user can control their behaviour.

Figure 7: The picture contains a node and shows the changes that can be made in that node.
Several values can be manually changed: name, protocol information, security, QoS parameters

To analyse the traffic in the network, the tool identifies device or link load representing
the percentage of capacity being used, shows the flow visualized as a demand objects
providing detail performance statistics of delay, end-to-end response time and jitter, and
represents different types of application traffic in specific cases.
The tool allows the selection of the traffic, so that the user can view, organize and
select network objects that have traffic associated. To edit the traffic, the user can select
traffic flows to forecast, roll-up, delete, export traffic or add volume.
The information about the links in the network can be imported from some
management platforms, but the link loads can be set manually too. The tool represents the
utilization of individual links and the values can be represented as traffic levels for each time
period.
The flows in the network can be shown between any source and destination in the
network in bit/sec and packet/sec and it can also contain port, protocol, ToS and SLA
information. Not only unicast but also multicast flows are supported. This data, as the link
data, can be imported from management platforms, but the user can add as well new flows
manually. The traffic demand changes regularly so the tool makes possible to edit its
attributes.
SP Guru derives a traffic matrix based on routing tables, link loads and constrains.
Moreover, the tool allows converting load to flows, something that is useful when only link
loads and flow data is available.
In connection with the network behaviour, it is possible to capture the latency, queue
depth, convergence or protocol effects.
The flow analysis, as the image bellow shows, simulates the routing and forwarding
behaviour of the network. The tool supports IP/MPLS, ATM and Frame Relay networks. This
analysis is useful to study the routing and evaluate changes of routing protocols, perform
capacity planning and traffic trending studies, design resilient networks and analyze the
impact of failures, assess QoS configuration and VoIP readiness, and perform, in general,
traffic engineering studies.

Figure 8: Flow analysis. The colour of each link shows the usage level


Figure 9: The user can simulate link
failures and see the consequences in the
network

The user can see the
consequences of a link failure in
the traffic distribution. When
performing a general simulation,
there is a possibility to simulate a
failure of set of devices, links or
shared risk groups. That way, the
user can see how traffic is routed
around failures, the
consequences of failures in the
traffic distribution and which
failure cases cause the most
problems.
The SP Guru Network Planner contains specific actions for different protocols. It offers
the chance to modify and configure different layer protocols as for instance:
IP
o RIP, RIPng, OSPF, IGRP, EIGRP, ISIS, BGP
o Equal-Cost Multi-Path (ECMP)
o IP Multicast
o HSRP
o VRRP
o VLANs
o QoS/Diffserv
MPLS
o RSVP, LDP, OSPF-TE, ISIS-TE, CSPF
o Diffserv Aware Traffic Engineering
o Layer-2 and Layer-3 MPLS VPNs, VPLS
ATM
o Distance Vector, PNNI, VNN
o PVP
Frame Relay

Concerning quality of service, the tool provides a scalable solution for studying QoS. It
has a support for Diffserv traffic and multiple queuing algorithms such as WFQ or LLQ. It also
facilitates VoIP readiness assessment feature, offers the chance to configure packet sizes
and calculates information such as average queue depth and inter-packet delay (jitter).
The traffic load can be imported with a breakdown by traffic class, so the link usages
turn into CoS-based link utilizations and additionally, this load can be converted into class-
based flows.
In connection with the traffic engineering, the tool enables to automate offline MPLS
traffic engineering. It offers a possibility to fix the size of LSPs to optimize LSP routes as well
as change IGP metrics to optimize them. For this last case, the user can fix a maximum
utilization threshold, inspect the current network and that way, finally, find a solution that
satisfies utilization constrains.
There is another possibility for MPLS traffic engineering called MPLS tactical TE. This
feature brings the chance to make a choice to reroute LSPs and flows from a given link. This
specific LSP route can be selected from a set of candidates (alternative paths) that meet
specific constrains. That way, the congestion on a specific link can be alleviated without the
need of reroute every LSPs.

Figure 10: The tool brings the chance to design layer 2 and layer 3 VPNs providing views for
studying logical VPN topologies. The traffic flows can be deployed per route target.

Another feature of this tool is that IPv6 is supported. This feature allows to evaluate
readiness of network OS on devices for IPv6 deployment and simulate traffic and network
configuration migration from IPv4 to IPv6.

Reports and alerts
SP Guru Network Planner counts on over 100 reports in which the user can be the results
of the analysis and simulations. That means that the tool provides the user with information
about the configuration, statistics of utilization, delay and packet-loss, network costs. The
information of the reports is divided into different categories including failure analysis,
configuration, traffic throughput and utilization, inventory, performance, validation and protocol
metrics, and it can be printed or exported in HTML, XML, CSV or spreadsheet format.

1.2.1.3. Traffic Explorer (Packet Design)

Traffic Explorer is a tool for making a network-wide traffic analysis, providing visibility into
the whole network showing per-application or CoS traffic flowing over the links. The tool enables
to perform a daily, weekly and monthly monitoring, troubleshooting, planning and maintenance
activities.
Traffic Explorer comprises the following components:
Distributed flow recorders that collect flow records from key traffic sources in the
network
A centralized flow analyzer and modeller engine that computes traffic flows across the
entire network topology using routing intelligence from Route Explorer
X-Windows, VNC and Web Browser client software

Figure 11: Traffic explorers components
Features:
User Interface
Traffic Explorer has a graphical interface. It visualizes animations showing how individual
routing changes impacted traffic flows across the entire network.
Traffic Explorer shows the traffic flow per-application or CoS over every link in the network
and gives end-to-end visibility of all traffic network-wide.
Users are able to interact with an as-running model of the network, where actual traffic
flow information is dynamically overlaid on a real-time, layer-3 topology map. They can make
changes on the as-running network, using the actual routed topology and traffic loads, with
detailed information on application and Class of Service composition, either at the current time
or from historical data.
Traffic Explorer lets network engineers perform a daily, weekly and monthly monitoring,
troubleshooting, planning and maintenance activities. They can see utilization and bandwidth by
application or CoS for all links on the network (not just directly monitored via Netflow).
The tool allows performing a route cause analysis. It recognized the actual routed path
through the network for every flow and shows the impact of routing changes or failures, as they
happen, on network-wide traffic, highlighting traffic shifts that often result in network hot spots
and impact application performance.

Figure 12: Traffic and routing events are correlated for faster
root cause analysis
Traffic Explorer detects the increases in link usage and determines whether the increase
is due to new traffic loads on the network or if the impact of the routing change somewhere else
in the network. The tool also shows the impact of every routing change on network-wide traffic,
including total traffic volume and the number of flows and hops affected.
With Traffic Explorer, engineers can simulate network changes, such as adding or failing
routers, interfaces and peerings; adding or moving prefixes; and adjusting IGP metrics, BGP
policy configurations or link capacities, applications or services.
Traffic Explorer lets engineers perform failure impact analysis, showing how the network
would respond in various situations. The tool simulates link or router failures and shows the
impact on network-wide traffic across all links on the topology map.

Figure 13: Engineers can simulate diverse changes in the
network. For instance, they can model downing routers and
peering and analyzing the network's behaviour to determine if
sufficient fault tolerance and redundancy is provisioned,
particularly for critical application or CoS traffic

Using the tool, engineers can view historical traffic trends including overall network
volumes, per link volume or utilization anywhere in the network, even breakdowns by exit router
or next hop address.
Traffic Explorer lets engineers analyze and manipulate a network-wide traffic matrix,
showing traffic volumes between every source/destination pair in the network. Detailed capacity
projections can be accomplished by exporting the full traffic matrix to a spreadsheet, adjusting
any source/destination traffic volume based on internal initiatives or forecasted loads, and then
importing the updated matrix to see the impact on network-wide link utilizations.
New applications or CoS deployments can be tested on the as-running network, before
they are deployed, by adding the expected traffic loads between appropriate nodes to existing
traffic volumes, and viewing the combined traffic load on every link.
Traffic Explorer can monitor peering or transit traffic to ensure it is within contracted
ranges, as well as analyze, identify and justify new peering relationships. The tool also provides
the intelligence to optimize their peering traffic.

Figure 14: Engineers can view the traffic by destination AS,
neighbour AS, transit AS, Exit Router or Community
Traffic Explorers BGP configurations let the user modify BGP configurations to move
traffic between various existing and potential neighbour providers, showing how actual traffic
loads will be affected. New peering relationships can be simulated, allowing operators to see
the impact on traffic across their entire network. Since the tool understands full end-to-end
routing (both IGP and BGP), it can show the impact of peering and transit traffic when making
unrelated changes to the core of their network.
The tool allows network managers to define traffic groups that represent users,
departments, locations or specific applications, and monitor network usage by each group.
Aggregate or per link traffic usage by group can be viewed directly, as well as exported to
external programs such as a spreadsheet or billing application.

Figure 15: Traffic Explorer enables usage tracking by user-
defined traffic groups

Reports and alerts
Traffic Explorer can send alerts whenever routing changes specific application or CoS
traffic is beyond user specified thresholds, letting know what happened, where it happened and
what kind of traffic was affected. It also allows replaying historical events.

1.2.1.4. Design Expert (Netformx)

DesignXpert is a design and quoting software platform. It facilitates the design of different
networks, including converged voice-and-data networks, complex MPLS overlay and HPC
networks, Managed Services and Network Engineering Services by automating and validating
the entire opportunity-to-order process.

Besides DesignXpert, Netformx features extra modules:
MPLS Designer
KowledgeBase
Enterprise AutoDiscovery

Features:
User Interface
The tool provides a graphical interface which can be presented as a typical graphical
view or as a tabular view.

Figure 16: Design Experts user interface

DesignXpert software handles the whole end-to-end process, streamlining every step and
linking automatically to each succeeding step. Every subsequent action or revision ripples
through and updates the design. The tool provides network designers the chance to convert
customer requirements into deployable solutions from simple to complex networks such as
VoIP, MPLS, MNS or HPC.
Network design professionals access a vast library of smart components, and, using a
drag-an-drop action, can build network topology diagrams. Each component is an intelligent
object. That means that each object is not just a graphic representation. Every object has its
own properties such as linking protocols, actual physical size and datasheet properties that
represent how a real-world network element would behave in an actual network. Netformx
Smart Library components simulate actual network equipment, enabling full system-level
network design, validation and pricing.
DesignXpert automates the steps of the network design and quoting process:
Customer requirements gathering and documentation
Discover the existing network infrastructure (using Enterprise AutoDiscovery).
Definition (design) of the technical solution
Pricing and margin analysis
Customer technical and financial proposal (quote, statement-of-work, solutions
visualization)
Implementation (transfer to fulfillment or provisioning)
One of the extra modules mentioned on the previous section, MPLS Designer,
streamlines the entire cycle of proposing, designing and provisioning MPLS/IP VPN services. It
guides network designers through the process of turning customer requirements into a technical
plan, then following through with a detailed proposal. Once the proposal is accepted, the
software provides the pertinent documentation.
MPLS Designer allows to change design parameters given in a table format, including:
Routing and Switching (BGP, EIGRP, OSPF)
Partial and full mesh networks
Access and speed
Access options: IPSec, Frame Relay, DSL and Wireless
Connectivity matrix and VRFs
Quality of Service and Class of Service definitions
Routing protocols
Secure internet access
Remote access
Extranet connectivity
Diversity
Value added services
MPLS Designer requires DesignXpert to run.
At the heart of DesignXpert is the Netformx KnowledgeBase, a network device library,
including more than 147,000 components, and associated configuration rules and current
prices. Weekly updates to the Netformx KnowledgeBase keep the repository current with the
latest devices, physical configuration rules and best practices. In addition to network vendor-
supplied public content, Netformx can incorporate customer-specific content into the
Netformx KnowledgeBase to accommodate proprietary items such as service offerings,
corporate practices and promotional pricing.
Enterprise AutoDiscovery (EAD) is an SNMP/SSH/Telnet-based audit and multi-vendor
network discovery feature of DesignXpert that enables design professionals to capture an
accurate baseline of existing IP and SNMP-enabled devices in any network.
1.2.1.5. IP/MPLSView (Wandl)

IP/MPLSView is WANDL's Traffic Engineering and Network Management solution for IP
and/or MPLS networks. This system addresses the mayor areas of network planning including
analysis, design, optimization and simulation.

Features:
From a set of network configuration files and other optimal data, the Multi-Vendor
Parser constructs the network topology, aware of multi-protocols, layers, ASes, routing areas
and VPNs.

This network data can be imported
into the tool or collected directly by the
system itself in conjunction with
IP/MPLSViews Network Manager online
module. Tariff and pricing data can be
imported too.

Alternatively, the user can
manually construct any network topology
via IP/MPLSViews advanced graphical
interface.

So the network can be designed
from scratch or on top of an existing
network configuration.

Figure 17: IP/MPLS View models any
architecture designed by the user

User Interface
IP/MPLSView provides a graphical user interface. The tool shows routing, utilization,
protocol-specific and other reports from the client interface or from the web.


To perform a traffic load analysis, the tool offers a view of current or historical charts.

The user can use the tool to pinpoint
bottlenecks or underutilized links from the
topology map in large networks, simulate
new demands before they are placed on
the real network (perform capacity
planning) and optimize routing parameters
(metrics).

Figure 18: Network analysis. Users can
identify bottlenecks observing colours.

IP/MPLSView automates network designs. It automatically determines where to purchase
links to satisfy traffic for resiliency against any failure scenario. The user can use it to identify
and prevent potential bottlenecks, performing a simulation to show traffic routes for many what-
if scenarios and identify which trunks will become congested under various failure conditions.

Moreover, the user can analyze how traffic is rerouted and the effect on network links
(e.g. worst-case trunk utilization), performing simulations with single, double or even triple
failures.

Using this tool, the user can experiment with changing parameters, protocols, topology
and simulate network migration, network expansion or the merging of multiple networks as a
way for validate changes before deployment.

Some of the protocols supported by the tool are the ones which follow:
IGP: OSPF, IS-IS, IGRP, EIGRP, RIP
Static Routes, Policy-based Routing
BGP, LDP/TDP, RSVP-TE, VoIP (SIP, H.323)
Multicast: PIM-SM, -DM, -SSM
CoS, IPv4, IPv6

Figure 19: LSP Path calculation

Concerning MPLS-TE, the tool allows
different simulation and designs. The user
can simulate LSP tunnels (including backup
tunnels), automate Fast ReRoute (FRR)
design, automate the design of diverse paths
for primary and backup tunnels and optimize
LSP Paths that have become suboptimal over
time.

With the tool, VPNs can be modelled
and created. The user can perform VPN
simulation, use the system to generate VPN
traffic and perform card failure simulations. On
the configuration files, VPN-specific integrity
checks can be run. The tool supports different
VPN types as L3VPN, L2Martini, L2Kompella,
VPLS-LDP, VPLS-BGP, TLS and CCC.

Figure 20: VPN Wizard for creating and
editing VPNs

The tool lets the user model and analyze BGP so that Route Reflector design and
analysis can be performed, BGP routing tables can be imported, and BGP peering analysis and
iBGP policy evaluation can be performed.

In connection with the Class of Service, the tool permits the analysis of it allowing to
model CoS classes and policies, letting the user model different queueing schemes and define
application flow based on CoS (this enables the modelling of VoIP or VoD) and enabling the
analysis of packet-loss and delay statistics per CoS.

IP/MPLSView can simulate multicast flows based on user-defined multicast groups and
demands, the effect of RP selection on the distribution tree and on link utilization and SPT
switchover.

Reports and alerts

Once the user is satisfied with the MPLS-TE or VPN design, respective LSP and VPN
configlets (configuration file statements) can be generated in text or XML format and pushed to
the network using P/MPLSViews Service Activation Module and then, generated configlets can
be loaded back to the network.

Figure 21: Report manager

1.2.1.6. NetScope (TurboSoft)

The NetScope product range offers an enterprise-wide solution that provides instant and
historical per-second visibility and control of application performance.

NetScope is divided into different modules:
NetScope Reporter: reporting solution
NetScope Alerter: alerting solution
NetScope FastTrack: network management solution
NetScope Analyser: network monitoring solution
NetScope Services: QoS solution

Features:
User Interface
NetScope provides a graphical user interface. It visualizes the state of the whole
network showing the status and different parameters that characterize it.

NetScope Analyser is a network monitoring solution that provides per-second visibility into
network traffic both in real time and historically. This module allows seeing how the network
traffic is made up offering per second resolution which can be retained for historical analysis.

NetScope Analyser gives the user the insight to regain control of the network and to keep
business critical applications such as VoIP, Citrix and ERP operating optimally. It offers a
detailed knowledge of network traffic content.


Figure 22: The user can zoom in on individual data streams

NetScope FastTrack offers an extensive network management solution, combining the
benefits of instant control of application performance and dynamic allocation of network resources
with visualisation and analysis tools.

NetScope FastTrack features instant control of application performance and dynamic
allocation of network resources to ensure the control of the network. To maintain and enhance
performance, some applications bandwidth can be prioritized and lower priority or unwanted
traffic can be shaped, capped or blocked as desired.

Additionally, NetScope FastTrack uses many of the extensive monitoring and
visualisation tools also found in NetScope Analyser, including traffic visualisation down to a per
second resolution for both real time and historical analysis.

Netscape Services is Turbosoft Networks managed QoS solution, for maintaining and
achieving optimal performance from network infrastructure. NetScope Services are available as
a one off network health check, or as an ongoing service.

Reports and alerts
NetScope Reporter and Alerter is a web based network reporting and alerting tool that
delivers graphical reports on current and historical network activity and timely alerts on network
status. Real time monitoring and full visualisation of traffic delivers the detailed insight into the
status of the network for maintaining the performance of critical systems and coping with
changes in demand for network resources within an organisation.

Figure 23: Network activity report. Tag usage.

Netscope offers network administrators the why, what, who and when of network activity
reporting based on predefined parameters or user generated parameters. The tool allows the
user to isolate traffic that's important, categorising by username, application, protocol and port.

The tool collects and aggregates network activity data on a per second basis spanning
some years. The user can access to immediate and historical data to perform a long term traffic
analysis and trending.

NetScope's advanced alerting features keep watch over the network, notifying of issues
and events that require attention when they occur. Additionally it provides network health
functionality, offering quick and simple indicators of overall network health.

Figure 24: Network activity report. Link activity.

NetScope Reporter analyses data stored within its database to generate graphical
reports either automatically or on demand. The user can choose from numerous predefined
reports or create user specified parameters such as devices and time periods.

Using the tool the user can select from a predefined list or create individual alerts
tailored to the users requirements. Alerts criteria covers issues such as the addition of new
users to the network, the appearance of new traffic, bandwidth oversubscription, bandwidth
availability above or bellow a critical point, traffic on specified ports or addresses and traffic
spikes.

Figure 25: Alert log
The tool enables to configure alerts to be sent based on traffic conditions. These alerts
can be set up to be sent via e-mail or sms.

1.2.2. Emulation tools
1.2.2.1. Network emulation
1.2.2.1.1. GEM (Spirent)

Spirents GEM enables to test applications, devices, protocols, solution and services
under dynamic delay and impairment conditions. Using GEM, the user can evaluate the
performance of emerging technologies, characterize breaking points of a new service, validate
new products or solutions before deployment and discover and define minimum required
Service Level Agreements.

The tool emulates the real world effects of Layer 1/2 delay and impairments on Layer 3
devices and applications.

Appearance:

Figure 26: Appearance of different models (MAUI left, HAWAII right):
Maui model Hawaii model
Supports speeds up to 2.66Gbps
Up to 4 interface blades
Hot swappable copper/optical SFP
modules (optional wavelengths available)
Support for Ethernet, SONET, SDH, OTN,
Fibre Channel
Fast Ethernet Interface for Remote Control
Supports speeds up to 11.3Gbps
Up to 2 interface blades
Hot swappable copper/optical SFP and XFP
modules
Optional wavelengths available
Supports Ethernet, SONET, SDH, OTN,
Fibre Channel
Fast Ethernet Interface for Remote Control
Features:
Live network conditions can be recorded to be imported into a GEM emulator and that
way, recreate those delay and impairment conditions in the lab.

User Interface
Using a HTML Based GUI (no need client software to install), GEM enables to define the
network topology, devices and traffic flows directly from the GUI using drag and drop
configuration.

It supports Service Frame Colours such as:
Green conforms to Committed Rate
Yellow conforms to Excess Rate
Red does not conform to Committed or Excess Rate

Figure 27: HTML based GUI


The tool has a flexible FPGA design and offers the possibility to upgrade with new
features. It performs a hardware based Layer 1 impairment emulation. These impairments can
be, for instance, that frames can be dropped based upon a user specified probability (selectively
MPEG-4 I, P or B packets can be dropped), the Ethernet CRC of frames can be corrupted
based on user-specified probability, Ethernet frames can be variably delayed around the line or
network flow delay can be fixed based on a user defined probability (parameters as maximum
or minimum value of delay, or maximum positive or negative change of delay can be fixed by
the user), Ethernet frames can be reordered or duplicated, any burst of bytes within the
Ethernet frame can be corrupted or modified based on a user specified offset from the start of
the frame and a user defined error rate (between 1E-12 and 1E-2) or bit rotation (comma
aligner) can be fixed.


Figure 28: Example: the tool lets to use unmanaged switch to connect more than 2 devices to 2-port
Spirent GEM.

The tool can support full 1GbE/10GbE line-rate all the time (even at 64 byte frame size)
and chain multiple impairments at same time (corruption, jitter, duplication, reorder, drop,
modification, errors).

Figure 29: Network representation and impairment profile

GEM is able to dynamically change impairment profile without stopping test. The user can
perform an advanced filtering, selecting impairments based on values in Ethernet frames. It
emulates real-world effects of layer 1/2 delay and impairments on layer 3 devices and
applications, supporting auto configuration of test beds. Multi-protocol is also supported on the
same platform (Fibre Channel, SONET/SDH and Ethernet). The frames have unlimited size and
can be reordered and duplicated up to 12KB. It also supports a complete automation with TCL
library.

The tool supports random impairments as well as targeted ones. Random impairments
are based upon any of the following distributions: periodic, poisson, gaussian, uniform. Targeted
impairments, on the other hand, were defined by the stablishment of:
VLAN tag
MPLS label
MAC address
IP address
TCP port
Any other field in the Ethernet, IP, TCP, UDP or RTP header
Any other information up to 2,000 bytes deep within the Ethernet frame.

The tool is based on Metro Ethernet Forum Bandwidth Profiles and allows the
configuration of the following parameters:
Committed Information Rate (CIR)
Committed Burst Size (CBS)
Excess Information Rate (EIR)
Excess Burst Size (EBS)
The optional IPTV feature on GEM can be used to characterize video performance under
specific impairments. The tool allows to correlate mean quality scores with specific impairment
conditions and drop MPEG 2 (H.262) and MPEG 4 (H.264) I, P or B frames.

The user can select a MPEG 2/4 I, P, B packets for possible drop, choose the number of
times to trigger a selection (1-15, infinite), choose drop probability for selected packets (rate and
distribution) and choose selection offset.

The Dynamic Search Filter (DSF), an optional feature on GEM, searches for a user
defined pattern throughout an entire TCP/UDP payload and triggers an impairment event. When
a match is found, the packet is subjected to a specified impairment. Trigger event can be limited
to specified number of times (e.g.,1, 2, 3 or infinite). This optional DSF feature can be useful
for characterizing video performance under specific impairments. A specific MPEG I, B or P
frames can be targeted for impairment. This feature can also be used to characterize new TCP
implementations for acceleration performance. A specific TCP packet with specific FTP data
string can be targeted and the packet dropped. The user can specify the trigger to occur only
once to prevent TCP session from closing.

Its interesting for the user to record live network conditions and import them into a GEM
emulator. To do this, the user has to setup Stand-alone Profiler application on network client,
capture delay and packet loss between the Profiler application and multiply user defined target
machines using ICMPs, take the Profiler logs back to lab to be loaded into GEM emulator for
Playback and test applications or services under current network conditions. The tool allows to
record network delay and loss characteristics for over 30 days between Profiler application and
more than 50 user defined Targets, define Targets by IP address or URL, configure ICMP
packet length (64-1518), configure DSCP field (0-255), set ICMP interval down to 100ms, start
sessions manually or automatically by scheduling date/time and duration and view delay and
impairment graphs real time or for post analysis.

Profiler logs can be uploaded to GEM and played back the captured impairments (one log
per GEM Network Profile). The user relies on some options such as playback delay values as
measured by the Spirent Profiler or increase delay values during playback by a user defined
factor for performance testing, repeat log files for longer playback sessions, ignore packet drop
and assign to Network Profile in opposite direction for bi-directional support.

The GEM Router Mode allows users to connect devices to Spirent GEM of the same or
different subnets.

Capture Replay, available as an option on Hawaii Blades, allows to capture up to
1GByte/sec at full line rate using filters or triggers, replay this or other pre-captured traffic on the
GEM and apply impairments. Capture and/or replay can occur before or after impairments are
applied and troubleshoot network or application performance issues using trigger conditions.

This option can isolate top talkers/applications using network bandwidth, capture data
inline at up to true line rate in both directions, use extensive Filtering (layer 2 -layer 7) capability
for focused capture and capture traffic for multiple Network Profiles simultaneously and
download captured data for analysis (PCAP file format). It has a Capture Buffer which captures
up to 8Gbits or 1GByte of traffic. The captures can be made before and/or after emulator
introduces impairments. Captured packets include precise hardware based time-stamps with
16ns accuracy. Previously captured files can be uploaded to be replayed by GEM (PCAP) at up
to true line rate (PCAP files can be modified prior to upload). The traffic can be replayed at
captured rate or user defined rate, as background traffic along with through traffic, with or
without impairments (including modification). Multiple captured files can be replayed
simultaneously with multiple Network Profiles, single time or n times, or forever.

The playback profiler imports and playbacks custom network scenarios with user defined
impairment tables including control parameters such as delay, drop, reorder, CRC error or
corruption. The playback control is provided for each individual GEM Network Profile and works
with other features such as bandwidth control.

The user can use the network playback profiler to test new technologies, protocols or
applications with virtually limitless control for any dynamic or bursty network scenario, high or
even very low frequency delay change and impairment events and custom statistical impairment
distributions.

The tool allows the user to choose the source for impairments: table or GEM GUI. The
impairment tables can be played and repeated once, 2 to 255 times or forever. Custom
impairment tables can be individually uploaded and controlled for each GEM Network Profile.

Supported applications:
o Real Time Applications
IPTV, VoIP, Interactive Gaming
o Storage
Disaster Recovery, Business Continuity, ILM Planning, Storage
Extension, Data Center/ Server Migration
o Networked Applications (Throughput / Performance / Error Recovery)
Database, Transaction Processing, Distributed Software Applications
o Satellite Communications
o Converged Networks
Next Generation SONET/SDH (VCAT, LCAS, GFP)
TDM over Packet, Timing over Packet (Circuit Emulation, Pseudo Wire)
MPLS, Metro Ethernet
o Service Level Agreement (SLA) Characterization
o Acceleration (WAN, TCP, Application)
o PON (GPON, (G)EPON, BPON)
o iWARP(10Gig Ethernet)

Reports and alerts
The GEM Reporter is able to produce reports based on statistics from GEM Emulator.
It shows bandwidth, delay and packet loss statistics for all Network Profiles. It also turns the
reports into pdf documents for a later analysis.

1.2.2.1.2. Shunra Virtual Enterprise (Shunra)

Shunra Virtual Enterprise is a network emulation solution that creates a virtual network
environment in a performance and pre-deployment network lab. It delivers a way to test the
performance of applications and network equipment under a wide variety of network
impairments.

HW platforms:
STJ: The STJ appliance limits bandwidth and impairs multiple traffic flows using
10/100Mbps Ethernet interfaces
STN: The STN appliance limits bandwidth and impairs multiple traffic flows
using 10/100Mbps and 1Gbps Ethernet interfaces
STA: The STA appliance limits bandwidth and impairs multiple traffic flows
using 1Gbps and 10Gbps Ethernet interfaces

Figure 30: Appearance of different models

Modules:
VE Modeller: model and simulate
VE Network Catcher: captures network conditions to import them into the VE
Modeller
VE Desktop User Interface
VE Reporter

Figure 31: The Shunra Virtual Enterprise solution architecture

Features:
Shunra VEs network recording software captures and imports production network
conditions, such as latency, jitter and packet loss, directly into the users network model. When
Shunra VE replays these recordings it recreates the same conditions that exist on the
production network.

Shunra VE delivers a network solution that creates a virtual network environment. It delivers
a way to test the performance of applications and network equipment under a wide variety of
network impairments (as if they were running in a real-life production environment).

Using Shunra VE the network manager will understand the impact that the network and
applications have on each others performance and on the remote end-users experiences, and
uncover and resolve production related problems.

In addition to the empirical experience, Shunra VE provides a range of graphically reports
and drill-down analysis capabilities. These help to isolate and resolve the root causes of
network and application problems, and determine whether any modifications to the application,
network or infrastructure are needed.

Shunra VE combines a hardware appliance with a software. This creates a network
simulation solution that includes detailed reports and root cause analysis.

At the heart of Shunra VE is a network appliance that functions as a bridge or router. It
changes the speed at which network traffic travels across the local area network, exposing data
packets to the same network impairments to which they would be subjected on the wide area
network.

The Shunra VE network appliance is controlled through a Microsoft Visio based
modeler. The modeler gives the possibility to create any network topology and run any scenario.

Figure 32: Users can simulate multiple branch offices

Once the network model is created, the user can activate the test scenario. At this point,
applications, network services or infrastructures connected to the appliance will behave as if it
were subjected to the conditions defined in the model. The user can edit network parameter at
any time, to create current, future, worst case or what-if scenarios and replay or reconfigure
these scenarios over and over again.


Figure 33: WAN settings

Figure 34: Gateway parameters

The tool delivers capabilities to emulate a wide range of network impairments including
latency, jitter, bandwidth, congestion, packet loss, BER, fragmentation, duplication,
disconnection, re-ordering, data corruption and modification. The user can also emulate any
network topology including client/server, multiple branch offices with distributed data centers,
full mesh networks, complex N-Tier network topologies, internet and eCommerce. And a wide
range of network technology simulations can be made including MPLS, Ethernet, QoS, Frame
Relay, wireless and cellular networks, satellite networks, IPv4 and IPv6.

Shunra VE is also useful for troubleshooting production problems that occurred in the
past. Since Shunra VE stores 30 days worth of production network conditions, the user can
rewind the recording to the time that the problem occurred and see what happened with the
network at that time.

With every test, Shunra VE provides detailed drill-down analysis and reports on
application and network performance, which tell the user where and when will have
performance problems (in the network or the application).

The tool provides reports and analysis
on:
Application performance over the
network
Application availability over the
network
Application performance thresholds
against a range and combination of
network conditions Individual
transaction performance
measurements and drill down
information.
____________________________________

Figure 35: Impairments activity

The tool allows to analyze performance of business processes under a range of network
capacity, end user load and other production conditions.

Capacity planning delivers a set of expected performance metrics per network
bandwidth for various end-user. Performance is measured against service level objectives
defining network requirements in a graphical report.

The tool, over a emulated network, allows the testing of VoIP. That way, the user is able
to test, validate and tune VoIP hardware and architecture.

Shunra VE includes an XML-based open API which enables it to automatically manage
other third party lab resources, or be managed by them. These resources include PCs running
batch scripts, FTP clients, custom developed or off-the-shelf testing tools, traffic generators,
network sniffers, and network management systems.

Reports and alerts

Shunra VE provides a graphically diagnostic reporting capabilities on application and
network performance. All reports can be exported to Microsoft Office documents or published in
HTML. An executive summary report in Microsoft Word is also provided. Additionally, all Shunra
VE test results are stored in a central repository for easy version comparison, change control,
and future reference by the project team.


Figure 36: Network activity reports. Service level data, transaction response time, etc.

1.2.2.2. Access Network emulation
1.2.2.2.1. DSL (Spirent)

Spirents DSL solutions allows the emulation and different impairment generation related
to the physical layer of the OSI model. Spirent has developed a series of noise and impairment
generators to permorm diverse tests. That way these tools allow users to perform the emulation
of impairments of copper lines such as crosstalk or noise.

Features:

Spirent provides DSL solutions for:
ADSL, ASDL2, ADSL2+
HDSL, HDSL2, HDSL4 and SHDSL
ISDN and SDSL
VDSL and VDSL2
Solutions to meet the requirements of standards bodies: ATIS, DSL Forum, ETSI and
ITU-T
Programmable solutions allow custom test cases for evaluation beyond conformance
requirements

Solutions:
Spirent provides diverse DSL solutions. Some of them are listed below:
DLS-5D10: DSL Service Modelling and Noise Tool
DLS-400S: G.SHDSL Wireline Simulator
DLS-A2PE Integrated System: European ADSL2+ and ADSL2++ Testing
DLS-V2A Integrated System: North American VDSL2 Wireline and Noise
Testing Solution
DLS-5D10
The DLS-5D10 provides two primary functions:
DLS Performance Predictor
DLS Noise File Development for Performance Testing

Using the Performance Predictor, the DLS-5D10 predicts xDSL rate vs. reach under a
range of operational conditions and allows the user to configure:
Cable Properties (standard and definable)
Crosstalk
Modem Models and Properties (including transmitter and receiver)
Technology Mix (number and type of disturbers)

The performance of the DUT can then be measured in several ways including max. bit
rate, noise (or signal) margin, as well as reach and Shannons Gap. Results are represented in
a graphical or tabular format.

Figure 37: DLS-5D10 GUI

The Noise File Development application of DLS-5D10 calculates the Power Spectral
Density (PSD) of crosstalk noise and creates a noise profile that can be quickly saved and
downloaded to the DLS-5500 Noise Generator.

The DLS-5D10 allows users to build libraries of standards-based or customized noise files
for testing device performance. These libraries can include any combination of Alien, Self or
Mixed noises.

Figure 38: Performance and Noise Margin Prediction shows the rate vs. reach

DLS-400S

Spirent's DLS-400S Wireline Simulator is a pre-configured wireline simulator designed
to provide a test solution for the ITU-T G.991.2/G.shdsl standards.

The combination of DLS-400S and DLS-5500 Noise Impairment Series products
provide a complete simulation of ITU-T G.shdsl (Annex A) test loops. Using these tools, users
have the ability to custom program wireline lengths and add noise impairments.

Test loops provided by a single chassis DLS-400S system configuration will allow the
user to simulate the preconfigured G.shdsl (Annex A) loops: , S, BT1-C, BT1-R, BT2-C, BT2-R
& C4.

DLS-A2PE Integrated System

DLS-A2PE is an ADSL2++ lab test solution for the European market, consisting of the
DLS-410E wireline simulator and the DLS-5200EP noise generation system. This integrated
system provides a Layer-l test platform for ADSL, including ADSL, ADSL2, ADSL2+, and
ADSL2++.

The system enables repeatable test results, not only between different sets of test
equipment but also between different test labs.


Figure 39: Following this diagram, the user is allowed to perform a physical layer test for ADSL2+
and ADSL2++ including wireline simulation, noise generation, traffic generation and analysis

DLS-V2A Integrated System

The DLSV2A Integrated System, which includes the DLS-8130 and DLS-5500 system,
allows performing test beds for VDSL2 applications on North American copper pair networks.

The system is designed for conformance/performance testing in accordance with ITU-T
North American VDSL2 Initiative ITU-T Recommendation G.993.2. It allows the testing of next-
generation multi-functional xDSL chipsets that provide rate-adaptive capabilities across
variations of ADSL and VDSL technologies, including ADSL1, ADSL2, ADSL2+, VDSL1 and
VDSL2.

The DLS-V2A product set features of loop configurations across various standards while
providing extensive capabilities for testing many other high bandwidth applications such as
Ethernet in the First Mile (EFM) Copper.


Figure 40: The figure displays the DLS 410B ADSL2+ wireline simulator that, when connected to the
front panel input ports of the VDSL2 wireline solution, allows users the option of simulating ITU-T G.992.5,
TR067, and TR-100 North American test loops.

1.2.2.3. Application-level traffic emulation
1.2.2.3.1. Avalanche (Spirent)

Spirents Avalanche appliance solution provides capacity, security and performance
testing for network infrastructures, Web application infrastructure and Triple Play services
ensuring Quality of Service and Quality of Experience.

Besides Avalanche 2900, there are other solutions available:

Avalanche 220: The Avalanche 220, a portable version of Spirents Avalanche
2900 load testing appliance, allows to conduct high-performance, protocol-accurate
load testing wherever the user is, helping to ensure that devices, applications and
infrastructures will operate correctly under real-world conditions.
Avalanche Analyzer: Avalanche Analyzer is a reporting tool that allows
analyzing and displaying data generated by Spirents Avalanche testing appliances.
Reflector: The Avalanche and Reflector load testing appliances challenge even
the largest networks to perform under real-world conditions. Avalanche can simulate a
virtually unlimited number of users interacting with Web applications, receiving and
sending mail, viewing streaming media and can simultaneously generate DDoS attacks.
Reflector can accurately emulate large Web, mail and streaming server installations.
Combined with Avalanche, Reflector helps to test the capacity of any equipment
connected between the two systems.

Figure 41: Avalanche, combined with Reflector, is utilized to simulate both client behavior as well as
end infrastructure behavior.

Reflector 220: The Reflector 220 is a portable version of Spirents Reflector
application infrastructure emulation appliance. Combined with Spirents Avalanche 220
load appliance, the Reflector 220 allows the emulation of complex multi-tier Web sites,
as well as large application and data server environments, in the field. The Reflector
220 provides a solution for emulating application infrastructures in remote locations.

Appearance:

Figure 42: Appearance of different models:
Model 220 Model 2900

Features:
The Spirent Avalanche 2900 is a 1Gbps and 10Gbps line rate Layer 4-7 stateful traffic
performance solution that is capable of high throughput security testing of over 3Gbps of bulk
encrypted traffic. Avalanche users have the ability to test devices to their limits at line rate
simulating daily traffic and understand the impact of worse case scenarios. It provides the
capability to generate traffic allowing trunk ports to be directly tested or determine the impact of
multiple GgE ports being aggregated over 10Gbps.
The user can test applications and network systems at multi-gigabit speeds and go
beyond expected peak volumes.

Using the tool, testers are able to specify variable loads such as user sessions, new user
sessions per second, transactions, transactions per second, connections or connections per
second. One load profile can be specified for an entire test, or a separate load profile can be
defined for each group of emulated users. This approach enables different actions, network
characteristics and loads to be specified for each group of simulated users. In addition, up to
eight simultaneous users can use the resources of Avalanche 2900 appliance.
Infrastructure under test
Avalanche

Reflector

Avalanche can be used in tandem with the Reflector test appliances to provide accurate
multi-protocol responses to the requests it generates. Together, the two systems test the
capacity of any device or network connected between them.

Figure 43: Complete end-to-end user and application emulation. Subscribers and servers can be
emulated using Avalanche and Reflector.

Avalanche supports the configuration of user behaviours. The system interacts with sites
using dynamic and interactive content, HTML links and fill-in online forms. Multiple types of
browsers can be emulated, providing detailed control over browser connection behaviour, SSL
versions, authentication and browser client headers. User behaviour such as think times and
clickaways (HTTP aborts) can be emulated, and the system also supports HTTP basic and
proxy authentication. Avalanche sends requests that include dynamically filled-in fields from a
list of provided values, or values captured from a previous response such as order numbers,
session IDs or transaction IDs. Avalanche supports high-performance testing of Web services to
ensure that mission-critical services will perform under heavy loads. The system can also verify
received content by searching for one or more strings in a response and it can identify potential
points of failure by stress-testing the infrastructure.

Avalanche supports all major protocols, including HTTP 1.0/1.1, HTTPS, FTP, streaming
media, IPv6, voice (SIP), mail (SMTP/POP3), DNS, SSL, Telnet, 802.1Q VLAN tagging, IPSec,
802.1x, and PPPoE. External traffic can also be imported, replayed and amplified to support
non-native protocols and traffic flows. Protocol support enables to test for performance-
sensitive network activities such as web applications, Triple Play, voice, mail, streaming media,
Video on Demand, file transfer and capacities of next generation content aware networks.


Figure 44: The tool offers real-time statistics across all protocols, as well as information about
different features such as maximum bandwidth incoming/outgoing, maximum new opened TCP connections
per second or maximum opened concurrent TCP connections.

Applications

o Network Performance Testing

Provides performance and capacity testing on a variety of network devices including:
Firewall, Application Firewall, Load Balancer, Cache, Proxy, URL Filter, Content Filter, Anti-
Virus, Anti-Spyware, Reverse-Proxy, SSL Accelerator, HTTP/HTTPS Accelerator, SMTP Relay,
IDS/IPS, IPSec VPN Gateway and SSL VPN Gateway

Figure 45: Avalanche and Reflector testing the network performance

o Application Server Performance Testing

Validates the performance of several types of real servers including Web Server,
Application Server, Mail Server, DHCP Services, FTP Server, DNS Server, Telnet Server,
RTSP/RTP QuickTime Streaming Server, Multicast Server and more.

Reflector
Load
Balancer
Content
Switch
SSL
Accelerator
Avalanche
Firewall
o Web Application Testing

Performs Web application testing including Web services, SOA, ERP and CRM
applications with Avalanches application testing capability to support cookies, session ID,
dynamic link, automatic redirect, additional header, content validation, SOAP message, think
time, variable think time and variable assignment.

o Triple Play Testing

Performs Triple Play testing, validates Triple Play service from the users point of view
with realistic voice calling and unicast and multicast video streaming, and simulates Internet
data traffic using static IP address or IP address assigned by DHCP over PPPoE, VLAN and
Stacked VLANs.

o Security Testing

Provides extensive testing for secure network communication, vulnerability assessment
and user authentication including: IPSec, SSL, 802.1x, Network Access Control (NAC) and
RADIUS

Figure 46: Real-time statistics of HTTP

Figure 47: Real-time statistics of TCP


Figure 48: A summary of real-time statistics

Figure 49: Real-time statistics on Reflector

Reports and alerts
Avalanche Analyzer is an analysis tool that generates detailed reports and graphs (pdf
or html presentation reports) from Avalanche results files. It performs analysis of the data,
including min, max, average, protocol level details, TCP errors and trends info in graphical
and textual views.

Figure 50: Network activity report summary

1.2.2.3.2. Network Tester (Agilent)

Network Tester is a solution for testing the real-world performance of network security,
Triple Play and application-aware devices. It is a Layer 4-7 performance solution that creates a
mix of application traffic through the simultaneously emulation of real voice, video, data, P2P
traffic and multiple DDoS, spam and virus attacks on a single port.

Appearance:

Figure 51: The Agilent Network Tester Layer 4-7 Solution
Features:
User Interface
Network Testers graphical user interface allows users to create and execute real-world test
scenarios. The user can drag and stack configurable protocol bricks to create multi-protocol
traffic profiles combined with malicious attacks (without the need of scripting).

Network equipment manufacturers, service providers and network operators can use
Network Tester to analyze application-aware devices to obtain real-world performance
characteristics under peak levels of load and stress the network, as expected in real network
environments.

Network Tester uses real Internet Data, VoIP, VoD and IPTV traffic. Combined with DoS
attacks, malicious exploits and traffic impairments, the tool subjects the devices to complex
traffic conditions. In addition, Network Tester is able to simulate proprietary protocols such as
Peer-to-Peer, IM and On-line Gaming. That way, it can generate real-world mixes of Internet
Data, VoIP, Streaming Video, IPTV and P2P traffic on the same interface.

Network Tester can simultaneously emulate multiple Denial of Service, worm, virus and
spam attacks to measure its impact on legitimate traffic performance. The generation of the
traffic can be over integrated IPSec, IPSecv6, PPPoE, DHCP, 802.1x and VLANs. It can
emulate tens of thousands of real clients and servers to measure device capacity, scalability
and performance under load.

The tool reports real-time and granular QoE statistics, including MOS and MDI for Triple
Play services, providing accurate insight into the device application layer performance.

The tool supports different protocols such as :

Application protocols:
o HTTP, HTTPS, FTP, SMTP, POP3, DNS, Telnet, RTSP, RTP, IGMP,
Transport Stream, SIP, H.323, MGCP, SNMP, NFS, CIFS, ICMP, Traceroute,
NNTP, DHCP, Jabber

Integrated network access protocols:
o IPSec VPN, PPPoE, DHCP, 802.1x, VLANs

The String Editor of the tool permits the randomization of parameters such as URLs,
spam subject lines, and e-mail file attachments. Network Testers Transaction Variability feature
enables users to change parameters on the fly, without stopping the test.

Network Tester end-to-end (E2E) test capability allows to validate real-world performance
and scalability of distributed network infrastructures, ensure device interoperability and
guarantee network and service resilience to stress and malicious attacks. Real transactions can
be generated between remote locations to emulate real-world traffic over complete network
infrastructure.

Network performance and QoE statistics can be collected and analyzed in real time
providing a picture of distributed network system performance, robustness and scalability.

Network Tester provides integration of application data, voice and video protocols with
DoS attacks and other malicious exploits such as worm and virus infected traffic payload.
Protocol and transaction mixing capabilities allow the creation of multi-protocol weighted traffic
profiles that emulate real-world network environments. This provides a test solution that
stresses all application aware devices protocol specific processing features and options.

Network Testers supported protocols include Internet data, VoIP, VoD and IPTV
protocols and is complemented with Capture/Replay feature for emulating proprietary
applications such as Peer-to-Peer, File Sharing or On-line Gaming. VLAN support and access
protocols such as IPSec, PPPoE, DHCP and 802.1x are also available with IPv6 capability.

Network Tester combines real-world application traffic generation with passive analysis
features. It uses integrated Agilent Triple Play Analyzer, state of the art protocol and QoE
analysis tool to monitor test traffic and provide real-time insight into all aspects of protocols and
data services performance and quality (from the end user perspective). Triple Play Analyzer,
running on Network Tester controller, calculates and tracks voice and video MOS and MDI
scores in real-time on per call and per stream basis as well as performs packet and protocol
analysis. This also includes ability to decode, view and listen to any voice and video stream in
real-time for instant service quality assessment.

With Network Tester, users can simulate thousands of clients and servers to stress a
device to its limits and generate and measure thousands of transactions per second or millions
of user sessions.

Network Tester allows the user to validate the real-world performance limits of
application-aware devices including firewalls, service-aware routers, session controllers and
content servers. It has the ability to surround devices with real voice, video and data traffic with
IPsec encryption and multiple DoS attacks.

Applications:

o Firewall testing
The NetPressure application covers network security and contents networking test needs.
A broad range of protocols covers applications such as web, email, news, file transfer/sharing,
instant messaging and streaming. Multiple protocols can be mixed on a single port to create
tests. Fully integrated access protocols and VLAN are supported and stateful traffic can be
generated over IPsec, PPPoE, DHCP and 802.1x without the need for scripts.
Firewalls use timers and keep state information. NetPressure's real-time control lets the
user dynamically change parameters while the test is running (there is no need to stop and
restart the test).
o VoIP testing
The NetPressure application covers network security emulating both H.323 and SIP calls
(including both signaling and data) on a single port for realistic system testing. It mixes stateful
VoIP and data application traffic on a single port to verify prioritization and ensure VoIP QoS
and introduces DoS attacks and measures the impact on VoIP performance. The application
scales VoIP traffic to emulate thousands of calls per second and simultaneous calls to
determine the performance limits of the system. It measures real performance using stateful
traffic, from a mix of applications, over both IPv6 and IPv4. The support for IPsec and IPsecv6 are
integrated into the test plan environment.

Figure 52: VoIP testing

o Session border controller testing
NetworkTester complements VoIP test tools. The NetPressure application extends the
test coverage, giving the confidence that the SBC (Session Border Controller) is ready to face
the real world. It emulates both H.323 and SIP calls (including both signaling and voice packets)
on a single port for realistic system testing, introduces DoS attacks and measure the impact on
VoIP performance. Mixes stateful VoIP and data application traffic over both IPv4 and IPv6
on each port to verify firewalling and intrusion prevention, and to ensure VoIP QoS. Moreover,
the application scales VoIP traffic to emulate several calls per second and simultaneous calls to
determine SBC performance limits. It is able to simulate proprietary protocols by capturing
bidirectional traffic, create custom "protocol bricks", replay the traffic in a stateful manner, and
multiply the traffic across multiple addresses to simulate many users and measure SBC
scalability. The support for IPsec (and IPsecv6) is integrated into the test plan environment.
SNMP traffic load can be added to verify SBC stability and indifference to Management Plane
stress.

Figure 53: Session Border Controller testing

o E-mail virus / spam filter
The NetPressure application covers network security with transaction variability
features, such as the emulation of large quantities of spam with dynamically varying content. It
tests the performance of the virus filter with Client Profiles, which let the emulation of both
legitimate email and email containing virus attachments. It scales the test up to reach the limits
of the email filter.

o Triple play
NetworkTester offers high-speed data, VoIP and video testing on a single port, within a
single test system. It emulates thousands of real users, changes the traffic application mix and
measures the impact of data applications on voice and video performance.
The tool allows the user to add other multi-play applications, such as Instant Messaging,
to complete the Multi-Play application mix. That way, mixes of application traffic can be
emulated to characterize system performance limits and Quality of Experience under expected
loads.
Proprietary protocols such as network games and P2P applications can be simulated and
scaled using NetworkTester's Capture/Replay capability. Multiple sessions can be emulated on
many different addresses to multiply application clients and servers. Many users can be
emulated playing games, sharing files and using common messaging services. This capability
enables to quantify the effectiveness of Application Traffic Management methods such as P2P
rate limiting, layer-7 packet classification and tagging, and application prioritization. For
example, the user can measure the real-time performance impact of application-aware firewalls
that can recognize and filter undesirable traffic.
With Network Tester, the user can add DoS attacks, spam and virus attachments to the
application traffic mix. The tool shows the Quality of Experience degradation, whether VoIP call
set-up time suffers or whether the system is able to maintain the priority of real-time traffic when
detects attacks.
NetworkTester integrates VLANs and access protocols such as IPsec, IPsecv6, DHCP,
PPPoE and 802.1x into a single NetPressure application, allowing to emulate voice, video and
data applications, including proprietary protocols and attacked traffic, over combinations of
access protocols, VPN tunnels, VLANs, and IPv4 and IPv6 address ranges.

Figure 54: Triple-Play testing

2. TRAMMMS Testbed for bottleneck analysis: Experimental set
up
2.1. Network setup and requirements for experimental work
2.1.1. Testbeds for simulated traffic analysis

Initially bottleneck analysis can be checked by means of simulations. A good set of
simulating tools for network behaviour has been described in previous section. With the
objective of checking the usefulness of TRAMMS tools to detect bottlenecks, a combination of
routing and link capacity measurements was developed and showed in the recent CELTIC
event (Paris, 2009).

The main component of the this work is described in next section: A BGP probe that
supplies routing information from several border routers to feed a central repository; in fact,
more than one single BGP repository could be fed but, for the test, only one management
center was set up:

Scenario

Three adjacent autonomous systems were simulated (see figure) with three border
routers exchanging routing information one another. Within each AS (autonomous system), the
routes from every internal node to another external one may be dynamically modified. Such
modifications are announced to the border routers at fixed intervals. In fact this scenario is
simulated and can be changed to reproduce instabilities in the AS-AS links.

The purpose of this is accelerating the vision of what can be real situations that could take
several days, even months to happen.

Figure 55: Scheme of network simulated for BGP repository

Network

All routes announced by the border routers are in fact simulated. This is achieved by
means of BGPsim, an open source software that emulates AS behaviour and the production of
withdraws, new routes, etc. Such behaviour can be described by a local file that can, in turn, be
modified to analyse different situations. Once the BGPsim is started, an AS behaviour is
emulated as far as AS-AS routing concerns. Thus a failure of all routing form one AS to a
neigbour can be simulated either total or partial. This is useful to represent the very realistic
situation of an AS having two border routers, acting one as backup of the other to link that AS to
a neigbour one.

In order to represent the network behaviour, in fact, three different BGPsim are used so
that each AS can be emulated independently (by means of their particular configuration file). A
quagga instance is then required to emulate all the AS behaviour: A border router. Thus each
AS is simulated by

a. A configuration file to determine the BGP behaviour
b. BGPsim that runs that behaviour and announces withdraws or new routes
c. A Quagga (virtual machine) that is run like a real border router for the simulated
AS.

So, three routers are running independently, in three virtual machines. Each one is connected to
an AS also simulated by another virtual machine running a BGPsim following its configuration
file directives. Finally, all three routers are connected to reproduce the BGP behaviour. This
operation is achieved by means of a (virtual) bridge; thus a network composed of three AS is
obtained:

Figure 56: Virtual networks connections for the BGP arrangement

Although the AS are simulated, the border routes are as real as any quagga device. Their
connection is also achieved by a virtual bridge but this is not relevant as far as routin
information exchange concerns: All announces issued from AS#1 reach AS#2 and AS#3 (the
BGPsim
Config
file

BGPsim
Config
file

BGPsim
Config
file
Bridge
same applies for any relashionship between other AS). Then a continous updating of routing
tables within every AS is obtained and so a coherent status maintained.

Management network and roting exploitation

Even though the three AS were simulated, real border routers interact like in real world.
Furthermore, for the purpose of generating a BGP repository, real probes are used to capture
routing announcements: A probe (described in next section) is connected to each (simulated)
border router, then all announcements are supplied to a central management system that
1. Checks for coherence
2. Produces a unified view of the AS-AS routing

This view is represented (GUI) so that an operator can realize whether the situation
needs a rearrangement, migth lead to traffic troubles or can be automatically managed by the
bordr routers. In fact, just by modifying the configuration BGPsim files, a wide range of
situations can be analysed.

A complete log file is recorded to be used as post mortem analysis tool allowing for a
time diagram that illustrates bottlenecks formation possibly dues to bad routing choices.

2.1.2. Testbeds for field traffic analysis

Measurements of QoE are not precise enough to conclude significant decisions. The
values one can reach with current techniques are too vague and certainly slow.

The integration of measurements and management of networks based on that values is
not covered yet.

It requires extra investment on expensive equipment. To make it feasible for the operator
to introduce QoE measurements, TELNET RI proposes to take profit of already deployed
equipment over working networks. As this equipment is remotely updateable the inconvenience
for the operator is minimal.

Scenario

Network

Netauditor is an evolution of the device CM100-IB by TELNET-RI (media converter with in
band management) that is actually installed in an ethernet network of Telefnica.


Figure 57: Test-bed for netauditort

Over this network Telefnica allows medium and big companies to build up their on
private networks.

On the drawing two private networks are represented. The yellow company, established
in Barcelona, Valencia and Madrid, and the blue company settled down in Barcelona and
Valencia.

Every settlement counts on a CPE (EDC in Spanish) at the LAN of the customer
premises. This is connected to the CM100-IB slave over fast Ethernet.

This device acts as a demarcation point for the operator and defines its field of
responsibility.

The slave device reaches the CM100-IB master over a long fiber cable at the central
offices, where the master device is connected to a MPLS switch.

Management network

Every master device is installed at the central offices of the operator and is manageable
over an extra network. The slave devices are managed in band, over the fiber cable.

There are good chances to get the product installed into a real network of a main
operator in Spain during 2009. Sharing the results collected there depends on the operator
itself.

2.2. Tools developed for TRAMMS
2.2.1. Netauditor

Telnet manufactures demarcation points that are naturally used for network deployment
by the operators. We aim to improve the existing equipment and to convert it into demarcation
point plus a QoE measuring probe for a similar price.

This way the operator increases significantly the visibility of the network, without having
to cope with additional investment.

Telnet demarcation points are integrated into the management systems of important
operators in Spain, so there is no need to invest into an extra network in order to gather the
QoE information and manage accordingly the traffic network.

Netauditor highlights are:
Measurement over the whole path
Constant monitoring in real time from the central offices
Collection of historical statistics
Provides the operator with visibility on the use of the network by the customer. It
allows the operator to detect bottlenecks, as well as underused paths. Thus he
can react commercially faster and offering his customers a better suited service.

Functional aspects

The aim is to characterize the quality of the customer traffic between one LAN and the
LAN on the other edge.
EDC
slave
master
EBA
EDC
slave
master
1 2

Figure 58: QoS measurement with netauditort

The operator needs to guarantee a minimum QoS up to the edge of his network
according to the contract signed with the customer.

Unfortunately not every edge of the network is delimited by a TELNET device, so there
will be paths of the network with less visibility.

The parameters measured to assure the IP performance are IP jitter, latency, packet
loss, packets out of order and quality throughput.

TELNET understands quality throughput as the maximum traffic rate that is able not
only to traverse the network but also respecting the QoS parameters accorded.

Management and data network impact

The operator allows TELNET to inject probe frames, but the throughput has to be as low
as the customer traffic is always preserved and prioritised.

All links have to be separately testable, in order to be able to isolate failure.

The configuration of the system is extremely easy and plug & play.

The amount of data travelling over the data network and management network is limited
so that the SNMP system runs smoothly on every condition.

WP4 Algorithm design

TELNET-RI has participated very close to the UAM within the design of algorithms, with
periodic meetings and collaborative work. During this part of the development the task of
TELNET-RI consisted of mainly specifying the design criteria for the UAM to think of algorithms
that can be implemented on the HW platform developed by TELNET RI. Thus, TELNET RI
would be able to keep the product at a reasonable price and the development on feasible
timing.

In similar way, and together with the operator Euskaltel, the quality parameters to be
measured and the precision required have been defined to satisfy the needs of the operator.

In fact two phases have been identified for measuring the quality of service of traffic
passing by. The first one involves classifying the traffic and the second selecting the parameters
that affect the experience of the user sending that flow.

That way the main classes of traffic and their more indicative parameters have been
searched, measured and tested.

An architecture of devices acting as satellites around one central equipment has been
also used. It allows keeping down the prices of satellites, passing the most complicated calculus
to the central node, keeping at the same time high measurement precision and wire speed.

WP4 HW development and algorithm implementation

TELNET provided the human and economical resources to count on a HW platform by
the end of 2008.

The algorithms of the UAM have been integrated into the platform and field testing will
be possible during 2009.

2.2.2. BGP probe

The purpose of analysing bottlenecks and determine their possible origin in routing
errors requires that a device sends BGP information (routing tables and announcements) to a
central system. This is accomplished by a probe linked to the border router that does not
interact with the rest of routers but just litsents:

Figure 59: Software architecture of the BGP repository formation

The Design of the probes aimed at being simple, flexible and not expensive. Thus a
general purpose hardware platform was chosen:

Minimal hardware requirement of having two Ethernet ports.
Little memory requirement (2 Gbytes) to store the application.
Robust platform with tow versions: For rack installation and for table.

Figure 60 shows a view of the probe.

As for the software, the BGP probes are based on open software (quagga) with little
modifications to capture routing information (without propagating it to other routers) and send it
to a centralized management system whenever this one asks for updating announcements or
routing tables. This is illustrated in Figure 61.


Figure 60: Hardware platform of the BGP probe

Figure 61: Software architecture of BGP capture by means of the BGP probes

BGP repository construction

As Figure 60 shows, the purpose of building anBGP repository up is achieved
connecting one or mor BGP probes to a central system that either periodically or
assynchronously asks for BGP information (announcements and routing tables) to the probe(s)

This way, operators can investigate if routing malfunction has happened. Besides, for
the demo shown in Figure 55, a prototype of such central system was developed to create
alarms whenever a critical number of AS-AS routes were announced for a given link.

AS#1
AS#2
AS#3
Border router
BGP probe
2.2.3. One Way Delay measurements based on GPS
synchronization

There is nowadays an increasing interest in the surveillance of IP networks, in order to
assess its appropriate performance. This interest arouses for the needing both from users and
operators to monitor the Quality of Service of the Internet connection. The aim of QoS
monitoring is to assure that the levels of quality agreed with the provider are fulfilled (Service
Level Agreement compliance). In a SLA, both parts of the agreement established certain levels
of quality that must be satisfied by the provider of the service. Those levels of quality are
commonly measured in terms of delay and capacity, among others. For this reasons, it is of
crucial interest to have accurate measurements of the One Way Delays in IP networks.
Measuring OWD is a very challenging task and reams and reams have been written on the
subject. Nowadays there is no way to measure OWD accurately without synchronizing both
ends of the measurement. There have been several approaches to perform this
synchronization, but the only one fulfilling the precision needed by SLA compliance must use a
Common Time Source based on GPS modules.

Developed solution

UAM has developed two approaches for a Common Time Source synchronization
based on GPS modules to monitor One Way Delay for SLA compliance purposes, with a
tradeoff between cost of the solution and its precision. On the one hand we have a software
solution based on a Linux Kernel module that timestamps with high precision (in the order of
s.) packets on their arrival. This software solution has less precision than the hardware
solution, but it has lower cost, as it would only need a conventional PC and a GPS module (see
Figure 62).

Figure 62: Software OWD monitoring solution

On the other hand there is a hardware based solution that makes use of a Field
Programmable Gate Array and a Linux driver (see Figure). It is able to timestamp packets both
on arrival and departure with an accuracy of nanoseconds, having also the advantage of being
upgradeable to 10 Gbps.

GPS
Ethernet PCI Card
Memory
GPS Control
PPS
Ethernet Interface 1Gb
Ethernet Receiver
Ethernet Sender
PCI Bus PCI module
FPGA

Figure 63: Hardware OWD monitoring solution

Delay measurement

Figure 64 shows a sketch of the testbed used in the 4th Annual Celtic Event of 2009
that took place in Paris. There was a FPGA like that one shown in Figure 63 in Madrid sending
and timestamping user configurable burst of UDP packets. These packets were received in
Paris through a conventional Internet connection and timestamped on arrival both by the
hardware and software solutions, computing and graphing the elapsed time between
timestamping on departure and arrival.

Figure 64: Demo testbed used in the Celtic Event 2009

2.2.4. Bandwidth Available in Real Time (BART)

BART is a new method for estimating the end-to-end available bandwidth over a
network path. It estimates bandwidth quasi-continuously, in real-time. The method has also
been implemented as a tool. BART relies on self-induced congestion, and repeatedly samples
the available bandwidth of the network path with sequences of probe-packet trains, sent at
randomized rates. BART requires little computation for each sample which makes it lightweight
with respect to memory requirements, and adds only a small amount of probe traffic to the
network path.

With restricted access to traffic statistics recorded by intermediate network nodes the
estimation of available end-to-end bandwidth is only feasible by active probing of the network
path. This kind of active measurement only requires access to the sender and receiver hosts.
By injecting probe traffic into the network, and then analyzing the observed effects of cross
traffic on the probes, BART can estimate the available bandwidth. As a side effect it also
estimates the link capacity of the tight link.

Some of the features of BART are:
It produces an estimate quickly
Estimation stability can be traded for agility
Tuning is largely automatic, that is there are few parameters that need manual
adjustment. Nevertheless BART may be tuned according to the specific needs of the
measurement application, such as agility vs. stability of the estimate; or to
characteristics of the bottleneck link.
The memory requirements are minimal, as only the previous estimate and the new
measurement are needed to calculate the new estimate of the available bandwidth.

When passive monitoring of network traffic is not possible other methods for analyzing
network traffic and paths are needed. In the TRAMMS project, BART (Bandwidth Available in
Real Time) [2-8] is used for this purpose. BART is a method for estimation of end-to-end
available bandwidth and in principle BART utilizes active probing in order to determine the point
of congestion; this point defines the available bandwidth. If the probes are sent at such a high
rate that congestion occurs the probing rate is above the available bandwidth and wise versa if
the probes does not cause congestion the rate is below the available bandwidth. The concept of
active probing is visualized in Figure 65.

Figure 65: Illustration of how BART utilizes active probing.

BART uses the inter-packet strain , shown in Figure 65, as an indicator on whether the
probe packets sent with rate u caused congestion or not. The strain is zero for the uncongested
network and rises linearly with increasing input rate u during overload. For each measurement
sample BART updates the estimate of available bandwidth and bottleneck link capacity using
a Kalman filter.

The BART Kalman filter

In a Kalman filter-based approach [1] the system state X, in this case the available
bandwidth and link capacity, is estimated from repeated measurements of the inter-packet
strain . The system is influenced by a control input u, in this case the probe-packet rate. For
each new measurement sample above zero a new system state estimate
x
is calculated. The
process is illustrated in Figure 66. The update of the old system state using the new
measurement sample is done using weights which is based on the variance of the sample as
well as other tunable filter parameters.

Figure 66: The filtering process.

The estimator, depicted in Figure 66, requires a model describing how the system state
X relates to the inter-packet separation strain . The model used in BART is shown in Figure 67.
In principle, the inter-packet strain is zero if the probe-packet rate is below the available
bandwidth while it increases linearly when sending probe packets at increasing rates above the
available bandwidth. The system state X is actually a two field vector describing the sloping line
shown in Figure 67. The definition of the available bandwidth using BART terminology is the
probing rate u that corresponds to the point where deviates from zero.

An additional feature of the underlying model is that it can also be shown that the slope
of the line in the overload range is the inverse of the bottleneck capacity.

Figure 67: The BART measurement model.

Using the model shown in Figure 67, the estimator tries to predict the system state. The
prediction of the system state is then corrected using the measurement sample, if is above
zero. This process is repeated for each new measurement sample thus tracking the available
bandwidth and link capacity in real time.

Evaluation of BART

BART has been evaluated in several scenarios and settings such as in laboratory
networks, over Internet paths and in networks where the bottleneck has been an 802.11b or
HSPA link. Most of the results have been published in academic conferences such as in
references [2-8]. The results indicate that BART estimates the end-to-end available bandwidth
as well as the bottleneck link capacity with the desired accuracy. Further, BART outperforms
u

0
AB
x

x
new

estimator

X
u
system
pathChirp [9] a similar tool that also produces estimates of bandwidth in real time in terms of
accuracy and response to rapid changes in available bandwidth.

Using the model shown in Figure 67, the estimator tries to predict the system state. The
prediction of the system state is then corrected using the measurement sample, if is above
zero. This process is repeated for each new measurement sample thus tracking the available
bandwidth and link capacity in real time.

BART has been evaluated in several scenarios and settings such as in laboratory
networks, over Internet paths and in networks where the bottleneck has been an 802.11b or
HSPA link. Most of the results have been published in academic conferences such as in
references [2-8]. The results indicate that BART estimates the end-to-end available bandwidth
as well as the bottleneck link capacity with the desired accuracy. Further, BART outperforms
pathChirp [9] a similar tool that also produces estimates of bandwidth in real time in terms of
accuracy and response to rapid changes in available bandwidth.

Figure 68: Setting for BART evaluation in operator networkl.

The proposed measurement setup is illustrated in Figure 68. BART measurement
nodes are linked to routers at different places in the operator access network. Traffic-log nodes
are attached to the links using taps (e.g. fiber taps or Ethernet taps depending on network).
Using the BART nodes it is possible to estimate the available bandwidth between the two, and
using log nodes along the network path with taps hooked to the link the true available bandwidth
can be estimated by subtracting the cross-traffic load from the known link capacity. This way,
BART can be evaluated in operational networks having real users.

Tramms D4.2

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Tramms D4.2

Diunggah oleh

Hak Cipta:

Format Tersedia

Project deliverable CELTIC TRAMMS

D4.2 - Broadband bottleneck analysis and capacity planning Public 1 (64)

Anda mungkin juga menyukai