Research Summaries

Back Enhancing Yarrp Performance, Multipath Discovery, and Topology Data Analysis

Fiscal Year 2020
Division Graduate School of Operational & Information Sciences
Department Computer Science
Investigator(s) Beverly, Robert E.
Rohrer, Justin P.
Sponsor Laboratory for Telecommunications Sciences (DoD)
Summary Summary
In a previous collaboration with LTS, we developed a novel high-speed active network mapping tool, "Yarrp" (Yelling at Random Routers Progressively), offering significantly more performance than the prior state-of-the-art. This capability challenges prior notions of an Internet "topology snapshot" in that Yarrp snapshots are gathered far more rapidly and thus are less susceptible to error introduced by topology dynamics and transient events. These topology snapshots enable analysis of network connectivity, including identifying critical routers and points in the network vulnerable to attack, as well as providing invaluable information on the way traffic is routed. We deployed Yarrp in 16 locations worldwide within the AWS cloud. Integrating Yarrp with AWS involves dynamically instantiating Yarrp instances in AWS regions, distributing the probing load, and aggregating the results. This functionality is now provided by an automated front end where the user need only drag a set of targets to AWS bucket. In this process we have gained significant experience tuning Yarrp parameters, configuring vantage points, and analyzing the effects of various measurement artifacts, such as ICMP rate-limiting, which can drastically affect the data collected. Based on lessons learned, the focus of this proposal includes advancing production topology mapping to include IPv6; as well as continuing to push the state-of-the-art with a new topology mapping mechanism that discovers load-balanced multipath links at Internet scale. As such, we propose the following primary research thrusts
1. IPv6 - Supporting LTS/Customer IPv6 probing using Yarrp. Operationalizing routine IPv6 scanning from cloud infrastructure (e.g., AWS) developed in FY19.
2. Making Yarrp result data queryable - Evaluate and implement a big-data solution to enable SQL-style interactive queries of topology data collected by Yarrp. Anecdotal evidence shows this has the potential to answer questions in minutes that currently require days of sequentially processing flat output files.
3. Multipath discovery - Implementing an iterative Yarrp feature to discover multiple load-balanced paths, at Internet scale, which currently do not appear in a single Yarrp topology snapshot.
4. Yarrp performance - Investigating and implementing high-performance block-cypher and packet-crafting libraries. Anecdotal evidence suggests an order of magnitude improvement in peak packet rates is possible.
These thrusts are interrelated, but complementary, with each either filling a void in existing measurement capabilities, or building on recent findings to further the state-of-the-art. The end results of this proposed effort is both production data collection, new probing capabilities, and new analysis techniques.
Publications Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal
Data Publications, theses (not shown) and data repositories will be added to the portal record when information is available in FAIRS and brought back to the portal