For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Traffic Monitoring System Based on Correlation between BGP Messages and Traffic Data
Atsushi KOBAYASHI Shingo KASHIMA Hiroshi KURAKAMI Keisuke ISHIBASHI
IEICE TRANSACTIONS on Communications
Publication Date: 2011/09/01
Online ISSN: 1745-1345
Print ISSN: 0916-8516
Type of Manuscript: PAPER
Category: Network Management/Operation
BGP, NetFlow, sFlow, traffic shift,
Full Text: PDF>>
An anomalous change in traffic distributions caused by an external inter-domain routing change leads to congestion of some network links, which then affects the network quality or disrupts traffic. Thus, network operators need to promptly deal with these problems by changing the routing policy or by soliciting the help of an involved or neighboring network operator through operator channels. In addition, they need to diagnose situations in which customers are affected by the incident or in which destinations become unreachable. Although this task is indispensable, understanding the situation is difficult since the cause lies outside the operators' network domains. To alleviate the load on operators, we developed a system for monitoring traffic shifts and the disruptions caused by BGP routing changes. It is challenging to extract information that is more valid from a large amount of BGP update messages and traffic flow records. By correlating these data, the system provides meaningful reports and visualized traffic statistics, and it enables operators to easily detect the cause of traffic changes and to investigate the extent of damage. We demonstrate the effectiveness of the system and evaluate its feasibility by applying it to an ISP backbone network. In addition, we present a case study of traffic changes that the system detected.