%0 Conference Paper %B Passive and Active Measurement Conference (PAM) %D 2016 %T A Brief History of MPLS Usage in IPv6 %A Yves Vanaubel %A Pascal Mérindol %A Jean-Jacques Pansiot %A Benoit Donnet %K 6PE tunnels %K IPv6 %K LSE Stack %K MPLS %X
Recent researches have stated the fast deployment of IPv6. It has been demonstrated that IPv6 grows much faster, being so more and more adopted by both Internet service providers but also by servers and end-hosts. In parallel, researches have been conducted to discover and assess the usage of MPLS tunnels. Indeed, recent developments in the ICMP protocol make certain
categories of MPLS tunnels transparent to traceroute probing. However, these studies focus only on IPv4, where MPLS is strongly deployed.
In this paper, we provide a first look at how MPLS is used under IPv6 networks using traceroute data collected by CAIDA. We have observed, at the first glance, that the MPLS deployment and usage seem to greatly differ between IPv4 and IPv6, in particular in the way MPLS label stacks are used. While label stacks are not that frequent in IPv4 (and mostly correspond to a VPN usage), they are prevalent in IPv6. However, after a deeper look at the label stack typical content in IPv6, we understand that 2-label stack tunnels are mainly used for dual stack 6PE tunnels and ECMP load sharing purpose. The technical deployment of such tunnels is really similar to VPN in practice but the objective is not the same (they are standard tunnels made with the IPv4 LDP for carrying IPv6 traffic).
%B Passive and Active Measurement Conference (PAM) %8 03/2016 %G eng %0 Conference Paper %B Internet Measurement Conference (IMC) %D 2015 %T MPLS Under the Microscope: Revealing Actual Transit Path Diversity %A Yves Vanaubel %A Pascal Mérindol %A Jean-Jacques Pansiot %A Benoit Donnet %K ECMP %K LDP %K MPLS %K multipath %K network discovery %K RSVP-TE %K traceroute %K traffic engineering %XTraffic Engineering (TE) is one of the keys for improving packet forwarding in the Internet. It allows IP network operators to finely tune their forwarding paths according to various customer needs. One of the most popular tool available today for optimizing the use of networking resources is MPLS. On the one hand, operators may use MPLS and label distribution mechanisms such as RSVP-TE in conjunction with BGP to define multiple transit paths (for a given edge pair)
verifying different constraints on their network. On the other hand, when operators simply enable LDP for distributing MPLS labels in order to improve the scalability of their network, another kind of path diversity may appear thanks to the ECMP feature of IGP routing.
In this paper, using an MPLS labels analysis, we demonstrate that it is possible to better understand the transit path diversity deployed within a given ISP. More specifically, we introduce the Label Pattern Recognition (LPR) algorithm, a method for analyzing traceroute data including MPLS information. LPR reveals the actual usage of MPLS according to the inferred label distribution protocol and is able to make the distinction between ECMP and TE multi-path forwarding. Based on an extensive and longitudinal traceroute dataset obtained from CAIDA,
we apply LPR and find that each ISP behavior is really specific in regard to its MPLS usage. In particular, we are able to observe independently for each ISP the MPLS path diversity and usage, and its evolution over time. Globally speaking, the main outcomes of our study are that (i) the usage of MPLS has been increasing over the the last five years with basic encapsulation being predominant, (ii) path diversity is mainly provided thanks to ECMP and LDP, and, (iii), TE using MPLS is as common as MPLS without path diversity.
Recent years have seen the rise of middleboxes, such as firewalls, NATs, proxies, or Deep Packet Inspectors. Those middleboxes play an important role in today's Internet, including enterprise networks and cellular networks. However, despite their huge success in modern network architecture, they have a negative impact on the Internet evolution as they can slow down the TCP protocol evolution and its extensions. Making available a summary of the potential middlebox network interferences is of the highest importance as it could allow researchers to confront their new transport protocol to potential issues caused by middleboxes. And, consequently, allowing again innovation in the Internet.
This is exactly what we tackle in this paper. We propose a path impairment oriented middlebox taxonomy that aims at categorizing the initial purpose of a middlebox policy as well as its potential unexpected complications. Based on a measurement campaign on IPv4 and IPv6 networks, we confront our taxonomy to the real world. Our dataset is freely available.
%B International Workshop on Network Science for Communication Networks (NetSciCom) %8 04/2015 %G eng %0 Conference Paper %B The 11th International Conference on emerging Networking EXperiments and Technologies - CoNEXT 2015 %D 2015 %T Towards DisNETPerf: a Distributed Internet Paths Performance Analyzer %A Sarah Wassermann %A Pedro Casas %A Benoit Donnet %XFor more than 25 years now, traceroute has demonstrated its supremacy for network-path measurement, becoming the most widely used Internet path diagnosis tool today. A major limitation of traceroute when the destination is not controllable by the user is its inability to measure reverse paths, i.e., the path from a destination back to the source. Proposed techniques to address this issue rely on IP address spoofing, which might lead to security concerns. In this paper we introduce and evaluate DisNETPerf, a new tool for locating probes that are the closest to a distant server. Those probes are then used to collect data from the server point-of-view to the service user for path performance monitoring and troubleshooting purposes. We propose two techniques for probe location, and demonstrate that the reverse path can be measured with very high accuracy in certain scenarios.
%B The 11th International Conference on emerging Networking EXperiments and Technologies - CoNEXT 2015 %8 11/2015 %G eng %0 Conference Paper %B 7th International Workshop on Traffic Monitoring and Analysis (TMA) %D 2015 %T Tracking Middleboxes in the Mobile World with TraceboxAndroid %A Valentin Thirion %A Korian Edeline %A Benoit Donnet %K Android %K tracebox %XMiddleboxes are largely deployed over cellular networks. It is known that they might disrupt network performance, expose users to security issues, and harm protocols deployability. Further, hardly any network measurements tools for smartphones are able to infer middlebox behaviors, specially if one cannot control both ends of a path. In this paper, we present TraceboxAndroid a
proof-of-concept measurement application for Android mobile devices implementing the tracebox algorithm. It aims at diagnosing middlebox-impaired paths by detecting and locating rewriting middleboxes. We analyze a dataset sample to highlight the range of opportunities offered by TraceboxAndroid. We show that TraceboxAndroid can be useful for mobile users as well as for the
research community.
A significant portion of what is known about Internet routing stems out from public BGP datasets. For this reason, numerous research efforts were devoted to (i) assessing the (in)completeness of the datasets, (ii) identifying biases in the dataset, and (iii) augmenting data quality by optimally placing new collectors. However, those studies focused on techniques to extract information about the AS-level Internet topology.
In this paper, we show that considering different metrics influences the conclusions about biases and collector placement. Namely, we compare AS-level topology discovery with \iac inference. We find that the same datasets exhibit significantly diverse biases for these two metrics. For example, the sensitivity to the number and position of collectors is noticeably different. Moreover, for both metrics, the marginal utility of adding a new collector is strongly localized with respect to the proximity of the collector. Our results suggest that the ``optimal'' position for new collectors can only be defined with respect to a specific metric, hence posing a fundamental trade-off for maximizing the utility of extensions to the BGP data collection infrastructure.
%B IFIP Networking %8 June 2014 %G eng %0 Report %D 2013 %T Design of Analysis Modules %A Dimitri Papadimitriou %A Zied Ben-Houidi %A Samir Ghamri-Doudane %A D Rossi %A M. Milanesio %A P. Casas %A Alessandro D’Alconzo %A Edion Tego %A Francesco Matera %A Maurizio Dusi %A Tivadar Szemethy %A L. Máthé %A Alessandro Finamore %A Stefano Traverso %A Ilias Leontiadis %A Yan Grunenberger %A L. Baltrunas %A Benoit Donnet %A Guy Leduc %A Y. Liao %K algorithms %K analysis %I mPlane Consortium %C Torino %8 11/2013 %@ D4.1 %G eng %9 Public Deliverable %0 Report %D 2013 %T First Data Collection Track Record %A Alessandro Capello %A Fabrizio Invernizzi %A Omar Jabr %A Dimitri Papadimitriou %A Dario Rossi %A YiXi Gong %A Brian Trammell %A Marco Milanesio %A Ernst Biersack %A Rolf Winter %A Francesco Matera %A Arianna Rufini %A Edion Tego %A Maurizio Dusi %A Balazs Szabo %A Tivadar Szemethy %A Alessandro Finamore %A Marco Mellia %A Ilias Leontiadis %A Benoit Donnet %K data sets %K integration %K measurement systems %K scenarios %K use cases %I mPlane Consortium %C Torino %8 11/2013 %G eng %9 Private Deliverable %0 Report %D 2013 %T mPlane Architecture Specification %A Brian Trammell %A Marco Mellia %A Alessandro Finamore %A Stefano Traverso %A Tivadar Szemethy %A Balazs Szabo %A D Rossi %A Benoit Donnet %A Fabrizio Invernizzi %A Dimitri Papadimitriou %K architecture %K measurement %K platform %K scenario %K use case %I mPlane Consortium %C Torino %8 11/2013 %G eng %9 Public Deliverable %0 Conference Paper %B ACM/USENIX Internet Measurement Conference (IMC) %D 2013 %T Network Fingerprinting: TTL-Based Router Signature %A Yves Vanaubel %A Jean-Jacques Pansiot %A Pascal Mérindol %A Benoit Donnet %K fingerprinting %K initial TTL %K MPLS router signature %K network discovery %XFingerprinting networking equipment has many potential applications and benefits in network management and security. More generally, it is useful for the understanding of network structures and their behaviors. In this paper, we describe a simple fingerprinting mechanism based on the initial TTL values used by routers to reply to various probing messages. We show that main classes
obtained using this simple mechanism are meaningful to distinguish routers platforms. Besides, it comes at a very low additional cost compared to standard active topology discovery measurements. As a proof of concept, we apply our method to gain more insight on the behavior of MPLS routers and to, thus, more accurately quantify their visible/invisible deployment.
Fingerprinting networking equipment has many potential applications and benefits in network management and security. More generally, it is useful for the understanding of network structures and their behaviors. In this paper, we describe a simple fingerprinting mechanism based on the initial TTL values used by routers to reply to various probing messages. We show that main classes obtained using this simple mechanism are meaningful to distinguish routers
platforms. Besides, it comes at a very low additional cost compared to standard active topology discovery measurements. As a proof of concept, we apply our method to gain more insight on the behavior of MPLS routers and to, thus, more accurately quantify their visible/invisible deployment.
Middleboxes such as firewalls, NAT, proxies, or Deep Pack-et Inspection play an increasingly important role in various types of IP networks, including enterprise and cellular networks. Recent studies have shed the light on their impact on real traffic and the complexity of managing them. Network operators and researchers have few tools to understand the impact of those boxes on any
path. In this paper, we propose tracebox, an extension to the widely used traceroute tool, that is capable of detecting various types of middlebox interference over almost any path. tracebox sends IP packets containing TCP segments with different TTL values and analyses the packet encapsulated in the returned ICMP messages. Further, as recent routers quote, in the ICMP message, the entire IP packet that they received, tracebox is able to detect any modification performed by upstream middleboxes. In addition, tracebox can often pinpoint the network hop where the middlebox interference occurs. We evaluate tracebox with measurements performed on PlanetLab nodes. Our analysis reveals various types of middleboxes that were not expected on such an experimental testbed supposed to be connected to the Internet without any restriction.