1 / 19

The Evolution of Network Configuration: A Tale of Two Campuses

The Evolution of Network Configuration: A Tale of Two Campuses Hyojoon Kim † , Theophilus Benson ‡ Aditya Akella ‡ , Nick Feamster † † Georgia Tech ‡ University of Wisconsin, Madison. What is Network Configuration?. Collection of configuration files Express network policy

giulia
Download Presentation

The Evolution of Network Configuration: A Tale of Two Campuses

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Evolution of Network Configuration: A Tale of Two Campuses Hyojoon Kim†, Theophilus Benson‡ AdityaAkella‡, Nick Feamster† †Georgia Tech ‡University of Wisconsin, Madison

  2. What is Network Configuration? • Collection of configuration files • Express network policy • Determines the overall network behavior

  3. The Network State Changes • Topology change • Policy change Configuration change Growth of firewalls in Georgia Tech How does network configuration change over time?

  4. Configuration Changes What are causing the changes? Where are the changes happening? Line changes in the past 5 years Is there a noticeable pattern?

  5. Our Contribution • Examine change patterns over time • Look at many different types of devices • Provide better understanding • Help develop better configuration tools • e.g., Change recommendations, feedbacks • Reduce misconfigurations

  6. Our Data • Configuration data from two campus networks • 5 years of accumulated configuration files • Tools • CVS • RANCID (Really Awesome New Cisco confIgDiffer)

  7. Collecting Configuration Files … Pull configuration Remote login (telnet, ssh) RANCID CVS commit CVS Server

  8. Revision Control on Configuration Files ... 1.51 log @Fri Feb 5 15:04:28 EST 2010 @ text @a141 1 port-object range bootpsbootpc a160 4 object-group service 12-123-12-13-any-udp udp port-object range bootpsbootpc object-group service 12-123-12-14-any-udp udp port-object range bootpsbootpc d173 16 a188 9 object-group service 13-14-15-16-any-udp udp port-object range bootpsbootpc object-group service 14-15-16-17-any-udp udp ... RCS Format • When is the change? • What changed? • Regenerate each revision

  9. Our Approach Take latest snapshot Snapshot Analysis Compare revisions Change Analysis Longitudinal Analysis Sort revisions by time Data (RCS) Revisions Group simultaneous changes Correlation Analysis

  10. Classifying Configuration lines logging buffered 1024000 enable secret [deleted] username [deleted] aaa new-model … Interface Port-channel1 description WiSM-A virtual channel switchport trunk encapsulation dot1q switchport trunk allowed vlan 316,805,807-809,816,1296,1312 switchport mode trunk … router ospfxxxx router-id x.x.x.x … ip access-list extended access-vty-in permit tcp x.x.0.0 0.0.255.255 any range 22 telnet log-input permit tcp x.x.0.0 0.0.255.255 any range 22 telnet log-input … Management Layer 1 Layer 2 VLAN Layer 3 ACL Security Control Filter QoS

  11. Overview of Results • Routers are multi-functional • Univ. of Wisc: Layer 3 changes are 30% of total changes • Georgia Tech: Layer 3 changes are 5% of the total changes • Firewall changes are concentrated on ACL • Around 87% of the total changes • Steep increase in the access control list lines • Switches are about providing connectivity • Port-centric changes

  12. Change Analysis on Routers 78% Static ARP Number of line changes in all routers over 5 years - GT

  13. Change Analysis on Firewalls 87% Access Control Number of changes in all Georgia Tech firewalls over 5 years

  14. Longitudinal Analysis on Firewalls Change in number of Lines in all Georgia Tech firewalls Change in number of firewalls in Georgia Tech

  15. Change Analysis on Switches snmp trap Number of line changes in all switches in Univ. of Wisconsin

  16. Correlation Analysis on Switches

  17. Conclusion • Study on how network configuration changes over time • Reveal interesting characteristics about network changes • Magnitude and frequency of changes • Causes of changes

  18. Conclusion • Provide better understanding • Improve current methods of configuring and managing network devices • Change recommendations • Reduce misconfigurations • More automation Questions? joonk@gatech.edu

  19. Georgia Tech Network

More Related