Dynamic measurement-aware routing in practice

Abstract

Traffic monitoring is a critical network operation for the purpose of traffic accounting, debugging or troubleshooting, forensics, and traffic engineering. Existing techniques for traffic monitoring, however, tend to be suboptimal due to poor choice of monitor location or constantly evolving monitoring objectives and traffic characteristics. One way to counteract these limitations is to use routing as a degree of freedom to enhance monitoring efficacy, which we refer to as measurement-aware routing. Traffic sub-populations can be routed (rerouted) on the fly to optimally leverage existing monitoring infrastructures. Implementing dynamic measurement-aware routing (DMR) in practice is riddled with challenges. Three major challenges are how to dynamically assess the importance of traffic flows; how to aggregate flows (and hence take a common action for them) in order to conserve routing table entries; and how to achieve traffic routing/rerouting in a manner that is least disruptive to normal network performance while maximizing the measurement utility. This article takes a closer look at these challenges and discusses how they manifest for different types of networks. Through an OpenFlow prototype, we show how DMR can be applied in enterprise networks. Using global iceberg detection and capture as a driving application, we demonstrate how our solutions successfully route suspected iceberg flows to a DPI box for further processing, while preserving balanced load distribution in the overall network.