360 likes | 494 Views
Ipê Network Monitoring Service MonIPÊ. José Augusto Suruagy Monteiro suruagy@unifacs.br http://wiki.monipe.rnp.br/monipe. MonIPÊ Experimental Service. Main Objective: Provide monitoring information to all kind of users Target audience: RNP and NRENs users. Experimental phase:
E N D
Ipê Network Monitoring ServiceMonIPÊ José Augusto Suruagy Monteiro suruagy@unifacs.br http://wiki.monipe.rnp.br/monipe
MonIPÊ Experimental Service • Main Objective: • Provide monitoring information to all kind of users • Target audience: • RNP and NRENs users. • Experimental phase: • Initial infrastructure being deployed throughout several Ipê network nodes • January thru December 2008
Specific Objectives • Traffic characterization via flow measurements; • High accuracy network performance measurements (one way delay, jitter, losses, and available bandwidth); • Regular connectivity tests; • Last/first mile performance measurements; • Network performance verification and observation environment.
User Categories • Users in general: • Visualization of the results obtained from regular tests, • Use of recommendation tools, and • Access network tests. • Advanced users: • Demand for customized performance tests, and • Observation for collaborative experiments • High speed transfers, Overlay WG, Climate Information, EELA 2 (E-Science Grid Facility), LHC, etc. • Network Management and Operators users
Activities • Service deployment • Active monitoring infrastructure deployment • Passive monitoring infrastructure deployment • Service portal deployment • Measurement analysis service deployment • Support service deployment • Deployment evaluation • Dissemination: • Kick off meeting (25/5/08) • Presentation at WRNP (27/05/08) • Workshop (20-24/10/08) • AUP definition • Software development and improvement • Service continuity plan
Hardware at each location GPS synchronization kit {mp1 | bwctl}.pop-XX.rnp.br {mp2 | owamp}.pop-XX.rnp.br {mp3 | ndt}.pop-XX.rnp.br
Central Servers SQL-MA, LS and AS CactiSONAR and RRD-MA Flows
Software being Deployed • Flows: • NFDUMP version 1.5.7 • NFSEN version 1.3 • Flow Selection and Aggregation MA • Flow Subscription MP • MPs: • CL-MP version 2.0 • Bwctl version 1.2a • Iperf version 2.0.4 • Owamp version 3.0c • NDT version 5.5.4a • MAs: • RRD-MA • SQL-MA version 2.0 • LS version 1.2 • CactiSONAR version 0.8.7b
Deployment Process • Collaborative effort with technical staff of each PoP • Installation process described on our Wiki • Videoconference as a kick off • Support via RT and mailing list • Centralized homologation • Current status: • 11 locations already homologated • 2 in the process • 5 delayed • We hope to finish deployment by next week
Active Measurements • Tools: • Owamp and Bwctl (via CL-MP) • CactiSONAR: scheduling and visualization • Proposed schedule for regular tests: • OWAMP: full mesh every 5 minutes • BWCTL - TCP: along the backbone links every hour
Passive Measurements • Netflow data using NFDUMP and NFSEN • Coverage: • 10 major routers (BA, CE, DF, MG, PE, PR, RJ, RS, SC, SP) • URL: • http://flows.monipe.rnp.br/monipe/nfsen/nfsen.php • Services currently under test: • Flow Selection and Aggregation MA • Flow Subscription MP
CL-MP • What’s new (expected for MDM 3.1 release): • Standard modifications for 3.1 (syslogging, self-test, new web admin, new file structure) • SelfTest for CL-MP was implemented in a “Nagios check-like” way. Shell scripts can be created to check whatever network operators of the domain think needs to be tested. • OWAMP Summarized tests • Status • Version 2.0 is being deployed on all RNP PoPs • We expect version 2.1 (with the new functionalities above) to be deployed by the end of the month.
CactiSONAR integrated environment Usuário Admin Usuário Interface MP Núcleo do CACTI G E R Ê N C I A MP perfSONAR-UI M A R R D CACTISonar MP CACTI Roteador Arq. RRD Conf. MySQL Switch perfSONAR-UI Servidor
CACTISonar • What’s new (expected for 0.6 release): • Testing being scheduled in CL-MP version 3.0 or newer and retrieving information from MA-SQL. • SelfTest is expected for further releases. • Status • Version 0.5 is being deployed on RNP environment • Version 0.6 is expected to be deployed by the end of the month. • Goals (newer versions) • SelfTest • Authentication Service Integration in CL-MP and the built-in RRD-MA • Lookup Service Integration
ICE (Internet computer network Eye) http://wiki.nuperc.unifacs.br/ice • Description: • Developed since December 2005 to fulfill RNP’s Measurement WG demands; • A dynamic visualization client for network measurement services and data; • Developed using Java, Apache Axis, JFreeChart and OSGi. • New functionalities: • Drag ‘n drop of network measurement access and visualization bundles; • New Bundle functionalities; • Installation using IzPack;
ICE (Internet computer network Eye) http://wiki.nuperc.unifacs.br/ice • Status: • Access and Visualization Bundles can be installed and uninstalled easily; • The development of new bundles can be made using the interfaces provided by the FLAVOR framework; • Bundle live cycle management is provided by the Felix OSGi platform; • Visual Icons make the network bundles more attractive to the users. • Goals: • Provide better bundles integration; • Provide better resources for the development of new network measurement bundles; • Develop new end-user friendly bundles.
ICE (Internet computer network Eye) http://wiki.nuperc.unifacs.br/ice
Authentication Service • CAFE (FEderated Academic Community) • Shibboleth 1.3 (and simpleSAMLphpShib 1.3 in RNP) • At the beginning only RNP’s IdP will conform to eduGAIN. • RNP’s IdP will be a central common Identity Provider for user’s without an AAI. • ICPEDU (Brazilian Research and Education PKI) • The certificates for the CAFE servers will be issued by a subordinate AC of ICPEDU root AC
Authentication Service (status) • Authentication Service status at RNP • There is an interim AAI at UNIFACS • Shibb IdP and SP with simpleSAMLphp conform to eduGAIN RC2 • SASL CA • Both services use certificates issued by eduGAINCA and eduGAINOCA • There is an AS currently in test at RNP
Authentication Service (status) • Tests • IdP RNP • Test with https://kelimutu.switch.ch/aai • Test with BE of AjayDaryanani • Is there a Web-based application that access a AS protected pSR? • SASL CA • can’t publish the metadata in http://mds.rediris.es:8080 and the perfSONARUI show error with another MDS • But the deployment seems good • perfSONAR AS (not yet tested) • Waiting for the metadata publication in the MDS accessible by perfSONARUI (e.g. http://mds.rediris.es:8080).
Authentication Service • Planned scenario (soon) • Move the services to RNP • Certificates Issued by the ICP-EDU AC. • Integration of all services • Desired scenario • All users federated through their institutional AAI. • All AAI conforming to eduGAIN.
Additional Activities • MENTOR – Recommendation Tool • TopS – Topology Service • RP – Resource Protector (GigaIQoM)
Mentor Recommender Tool http://tools.nuperc.unifacs.br/webmentor
Main concepts and current features • Concepts • Provides recommendations to end-users • Network manager, users in general • Suggests the network use based on: • Users’ profiles (EduPerson’s Attributes), Application features, Network performance • Client-Server basis • Server process recommendations, maintain user’s information • Client interacts with the users, present recommendation and get feedbacks • Features • Performs last mile measurement tests • NDT (Modified version of the NDT Client) and Ping • Incorporates “RNP-topology service” • It finds the nearest PoP and perform NDT and Ping tests • Supports LDAP-based Authentication • Presents different views based on EduPerson attributes • Ontology-base application classification • Support for internalization (versions in Portuguese and English)
General architecture MonONTO + Measurement rules MENTOR WEB Web Services for others applications JColibri Framework for Case-Based reasoning PerfSONARMAs EduPerson-Based Models of users Identification Done BesidesPsMAsrequestsalso onlastmiledemand tests LDAP-Based AA On going Future
Future directions • AA through AS • Matches of: User x Application type x Network performance • Ontology classification • Case-based reasoning • What the others in the same situation said? • Reasoning considering • Definition of a case • User’s profile and preferences. • Application’s features • Network Metrics • Incorporating the Java-based Jcolibri framework for case reasoning • Ping support • Recommendation based on the backbone measurements • First release scheduled for October/08
Resource Protector Service • Developed in a related project. • Proof of concept: • Description (in Portuguese): http://wiki.nuperc.unifacs.br/gigaiqom/index.php/Test • API: http://wiki.nuperc.unifacs.br/gigaiqom/index.php/API_do_Servi%C3%A7o_de_Prote%C3%A7%C3%A3o_de_Recursos • Code: http://wiki.nuperc.unifacs.br/gigaiqom/uploads/9/9d/Perfsonar_RP.jar
International Testing ESNet Internet2 Géant 2 ... NREN NREN NREN . . . Clara ... RNP NREN
International Testing • Regular tests from RNP (São Paulo), through Red Clara to: • Internet 2 (Atlanta?) • Géant 2 (Madrid) • ESnet (through Internet2?) • How often?
Next Steps or Pending Issues • Flow services: • SURFnet’s testing • G3: packet capture • Deployment of gLS • Topology Service: • Topology discovery • Defined services • AS • eduGAIN x I2 solution • MDM releases: • CL-MP • Testing • International Testing • Planning • Metrics composition
Team • RNP: • Iara Machado • Ana Lucia de Moura • Alex Soares de Moura (NOC) • Leonardo Carneiro (NOC) UFSC: • Edison T. L. Melo • Guilherme E. Rhoden • Guilherme Fernandes • MuriloVetter UNIFACS: • Dimitri Anjos • Herbert M. Souza • Ivo Koga • Suruagy • Leobino Sampaio • Rafael Costa • Patrícia Dourado