A netflow v9 measurement system with network performance function

  • Authors:

  • Guang Cheng;Hua Wu

  • Affiliations:

  • School of Computer Science and Engineering, Southeast University, Nanjing, P.R. China,Key Laboratory of Computer Network and Information Integration, Ministry of Education, P.R. China;School of Computer Science and Engineering, Southeast University, Nanjing, P.R. China,Key Laboratory of Computer Network and Information Integration, Ministry of Education, P.R. China

  • Venue:
  • IDCS'12 Proceedings of the 5th international conference on Internet and Distributed Computing Systems
  • Year:
  • 2012

Quantified Score

Hi-index 0.00

Visualization

Abstract

Netflow can be employed for accounting, anomaly detection and network monitoring, and can bring new data source for network management. But most IPv6 routers in CERNET2 backbone network don't provide IPFIX or NetFlow flow record function. Netflow flow records don't have the network performance information, such as RTT and packet loss ratio, so we hardly use the Netflow data to analyze the network performance. In this paper, we designs a NetFlow v9 measurement system (N9MS) which converts IPv6 packet headers into the NetFlow v9 flow records and monitors the link performance with these flow records. The N9MS has two improvements to the traditional Cisco's sampled NetFlow feature. Firstly, the Cisco's sampling strategy is to sample packets, while that in the N9MS is flow sampling which can keep all packets in the sampled flows to infer network performance based on these sampled packets. Secondly, N9MS directly uses these sampled packets to calculate these performance metrics, such as round trip time (RTT) and packet loss ratio. We also define both RTT and packet loss ratio fields in the scalability NetFlow v9 template format. In this paper we also use the N9MS to monitor a 10Gbps backbone link between Nanjing site and the CNGI-CERNET2 backbone, and give some experimental results.