COP2: Continuously Observing Protocol Performance

Tue, 02/19/2019 - 20:01 by Olivier Bonaventure

Abstract

As enterprises move to a cloud-first approach, their network becomes crucial to their daily operations and has to be continuously monitored. Although passive monitoring can be convenient from a deployment viewpoint, inferring the state of each connection can cause them to miss important information (e.g., starvation). Furthermore, the increasing usage of fully encrypted protocols (e.g., QUIC encrypts headers), possibly over multiple paths (e.g., MPTCP), keeps diminishing the applicability of such techniques to future networks.
We propose a new monitoring framework, Flowcorder, which leverages information already maintained by the end-hosts and records Key Performance Indicators (KPIs) from their transport protocols. More specifically, we present a generic approach which inserts lightweight eBPF probes at runtime in the protocol implementations. These probes extract KPIs from the per-connection states, and eventually export them over IPFIX for analysis.
We present an application of this technique to the Linux kernel TCP stack and demonstrate its generality by extending it to support MPTCP. Our performance evaluation confirms that its overhead is negligible. Finally, we present live measurements collected with Flowcorder in a campus network, highlighting some insights provided by our framework.

Authors
Olivier Tilmans and Olivier Bonaventure
Type
Technical Report
Source
19202.0428, February 2019.
Full text
pdf   (1023.33 KB)
Cite it
BibTex
Copyright
See here

IEEE Copyright Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

ACM Copyright Notice: Copyright 1999 by the Association for Computing Machinery, Inc. Permission to make digital or hard copies of part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page or intial screen of the document. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, to republish, to post on servers, or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Publications Dept., ACM Inc., fax +1 (212) 869-0481, or permissions@acm.org.

Springer-Verlag LNCS Copyright Notice: The copyright of these contributions has been transferred to Springer-Verlag Berlin Heidelberg New York. The copyright transfer covers the exclusive right to reproduce and distribute the contribution, including reprints, translations, photographic reproductions, microform, electronic form (offline, online), or any other reproductions of similar nature. Online available from Springer-Verlag LNCS series.