NRENs have a special responsibility to their users and the scientific community to run efficient and reliable internet networks, ensuring the flow of data within their own network and to the rest of the internet.
Internet networks have become increasingly complex; without traffic flow visibility, a network is essentially running blind, hoping for the best. With NRENs supporting millions of users around the world, the ability to visualise increasingly complex network operations and to spot in advance when issues are emerging has become a vital role.
Born out of a computer science research project at T-Labs, the R&D department of Deutsche Telekom, BENOCS correlates various internet protocols, such as BGP, IGP, SNMP and Flow, to show the traffic traversing the networks. The data journey begins at the Source AS, then travels via the Handover AS to the Ingress Router, which takes it to the network backbone. The traffic then leaves the network via the Egress Router, travelling to the Nexthop AS, before reaching the Destination AS.
With these six steps determined, we can visualize the entire traffic path, which gives users valuable insights into traffic behaviour.
Backbone optimization
Take your network backbone as an example: It is common practice to regularly inspect the links in the backbone to establish how much traffic is flowing through each one. Combine this information with the Flow information – the traffic source, destination, application, as well as the entry and exit points in the network, etc. – and we have valuable data we can put to use: knowing what is running through a pipe allows e.g. rerouting of traffic instead of simply upgrading capacity.
Reducing overload not only saves network resources (i.e. money), but it also secures better network performance and saves on human resources, as maintenance on the links is reduced.
Anomaly detection
Network operations in general have become increasingly complicated as root causes for service problems become more complex and span across peering and CDN borders. Growing complexity means a higher number of increasingly complex problems; it is crucial that anomalous behaviour in the network be dealt with fast – even before end-users experience issues with their web services.
With the help of machine learning, it is possible to ‘learn’ the normal behaviour of a network, which in turn, allows fast and accurate detection of anomalous behaviour. Issues such as CDN-load balancing errors or BGP announcement mistakes can be alerted, identified and resolved.
Load-balancing problem:
Repetitive traffic drops from a CDN, compensated by a PNI at a distant location
There are countless arguments for analysing traffic flow in your network, and none against. Especially in the current age of increasing network complexity.
BENOCS is actively involved in research within the GÉANT community, jointly exploring ways to display multiple VRFs in one single analytics tool. Stay tuned for more insights in the near future!
To find out how BENOCS can help visualize your network visit https://www.benocs.com/