![[CAIDA - Center for Applied Internet Data Analysis logo]](/images/caida_globe_faded.png "Go to CAIDA home page")
RECIPIENT'S PROGRESS STATUS AND MANAGEMENT REPORT
Predictability and Security of High Performance Networks
for the period 01 January 1999 to 30 April 1999
Report #3
CDRL A001
CONTRACT N66001-98-2-8922
30 April 1999
|
||||
|
||||
Quarterly Status Report
Predictability and Security of High Performance Networks
for the period 01 January 1999 to 30 April 1999
Contract N66001-98-2-8922
CDRL A001
1.0 Purpose of Report
This status report is the quarterly cooperative agreement report (CDRL A001) which summarizes the effort expended by the UCSD in support of SPAWARSYSCEN-SAN DIEGO and DARPA on Agreement N66001-96-2-8922.
2.0 Project Members
UCSD utilized (10/0198 to 12/31/98):
| Dr. kc claffy | 190.08 hours | |
| Daniel McRobb | 264.00 hours | |
| Management | 187.36 hours | |
| Other Technical Staff | 396.00 hours |
3.0 Project Description (last modified 07/98)
UCSD/CAIDA is focusing on advancing the capacity to monitor, depict, and predict traffic behavior on current and advanced networks, through developing and deploying tools to better engineer and operate networks and to identify traffic anomalies in real time. CAIDA will concentrate efforts in the development of tools to automate the discovery and visualization of Internet topology and peering relationships, monitor and analyze Internet traffic behavior on high speed links, detect and control resource use (security), and provide for storage and analysis of data collected in aforementioned efforts.
4.0 Performance Against Plan
Changes in the budget and statement of work for this project were finalized with DARPA, and the agreed upon subcontracts with General Atomics and MCI Worldcom were initiated during the last quarter (see section 7.3, Issues resolved).
All four tasks for this project are performing according to plan.
5.0 Major Accomplishments to Date
Under the Tomography Mapping/Modeling task, the skitter active measurement tool is now running on 6 hosts, to more than 29,000 destinations. Presentations on skitter measurements and Coral and Security task developments were given to several significant Internet-related groups during this quarter (see section 11.2 Significant Events).
Under the Coral OC48mon task, specifications were drawn up and discussed for the monitor, resulting in a preliminary specification document from MCI Worldcom. This document builds upon designs used in the OC12 card developed by Applied Telecom for MCI. Technical concerns about the specification and development of the OC48 monitor are described in sections 7.0, Issues, and 11.1, Work Focus.
6.0 Artifacts Developed During the Past Quarter
A preliminary OC48mon specification document was produced this quarter, described further in section 11.1, Work Focus.
7.0 Issues
7.1 Open issues with no plan, as yet, for resolution:
None.
7.2 Open issues with plan for resolution:
In order to expand OC48mon capture card development to encompass the needs of the High Performance Networking community, UCSD will be requesting a subcontract directly with the University of Waikato in New Zealand (effort lead: Dr. Ian Graham, Dean of the University of Waikato School of Engineering). This subcontract replaces the proposed subcontract between MCI and an external hardware developer originally proposed for this project. More details on this issue are included in section 11.1, Work Focus, under Task 1, Coral OC48mon.
7.3 Issues resolved:
UCSD received final word from SPAWAR and DARPA regarding the proposed budget and revised Statement of Work. Mary Maeda approved the revisions on December 11, 1998.
UCSD has initiated subcontracts with General Atomics and MCI Worldcom. No expenses were invoiced by GA or MCI during quarter 2, although costs are being incurred on these subcontracts. We expect to see charges from these subcontracts by the middle of quarter 3.
8.0 Near-term Plan
The material below reflects the activities planned during Quarter 3 of this project. It is organized according to the categories identified in the Project Program Plan (see https://www.caida.org/funding/progplan/NGIprogplan98.xml).
A. General/Administrative Outreach and Reporting
- Quarterly meeting with SPAWAR Officials
- Deliver technical presentations to organizations interested in the technical aspects of this NGI research, including CAIDA-sponsored ISMA meeting and National Academy of Engineering meeting (see https://www.caida.org/members/upcomingevents/meetings.xml for details on these events)
- Submit Quarterly Report to SPAWAR covering progress, status and management
- Submit Quarterly Financial Status Report (UCSD Extramural Funds Dept. submits)
- Submit Quarterly Report of Federal Cash Transactions (UCSD Extramural Funds Dept. submits)
B. Task 1. Coral OC48mon
- Develop final specifications for cards in cooperation with MCI and proposed subcontractor University of Waikato, New Zealand
- Review details of cards and OC48mon specifications with DARPA, SPAWAR, other Next Generation Internet (NGI) collaborators, and commercial providers/vendors
- Subcontract with the University of Waikato for engineering and development of the OC48c optics to Utopia-3 card and the Utopia-3 to PCI bus card
- Initiate development of OC48mon firmware code
C. Task 2. Tomography Mapping/Modeling
- Continue collection of data from distributed sites throughout the global Internet
- Continue briefings to Internet community on purpose and initial results of skitter and solicit their inputs
- Add additional 1-2 measurement hosts internationally
- Initiate developement of prototype tools to analyze and visually depict topology, routing, and performance data
D. Task 3. Security
- Initiate performance studies of in-kernel header filtering on OC12mon
- Initiate testing of prototype firmware (FPGA) packet header filter
E. Task 4. Storage/Analysis
- Develop reporting format for summarizing data
- Develop and implement secure methods of accessing the data and related reports
9.0 Completed Travel
KC Claffy and Tracie Monk traveled to Virginia for the DARPA/ITO Next Generation Internet PI meeting and the XIWT Critical Infrastructure conference.
KC Claffy also traveled to Atlanta, GA for the 14th North American Network Operators Group meeting.
10.0 Equipment Purchases and Description
A request for approval for purchase of all remaining equipment for this project (beyond the first quarter RAID Array purchase) was submitted to SPAWAR on December 17, 1998, and approved by Mr. Jon Wester (Grants Officer) on December 21, 1998.
No equipment purchases were made during quarter 2, however quarter 3 planned purchases include two Tomography task measurement hosts at approximately $5,000 each, and one OC12mon with Applied Telecom capture cards, at an estimated $18,000, for the Coral Security Applications task.
11.0 Summary of Activity
11.1 Work Focus:
General/Administrative Outreach and Reporting
Dr. kc claffy and Tracie Monk fulfilled the SPAWAR quarterly meeting requirement by attending and presenting CAIDA's efforts to the DARPA/ITO Next Generation Internet Principal Investigator Meeting in October 1998. Steve Spendlove (SPAWAR) also participated in this event. In addition, technical presentations were delivered to several organizations interested in the technical aspects of this NGI research (see section 11.2, Significant Events)
Task 1. Coral OC48mon
Preliminary specifications for the Coral OC48 monitor were developed, and discussions and updates made to the working document during this quarter. The current version of the specification document is attached to this report. Chips used to capture ATM cells from fiber are under development by Lucent and Vitesse, and will be available for purchase and testing soon (Lucent: Fall 1999, Vitesse: March 1999, with planned Packet-Over-SONET (POS) capture chip release during NGI project quarter 4)
MCI OC48mon card specification focuses on expansion of the approach used in the OC12mon (also the approach suggested in the proposal). Discussions with ISPs and research & education network representatives, however, suggest that enhanced capabilities may be needed, such as an on-board CPU to facilitate flexible filtering beyond the capabilities of the planned field programmable gate array (FPGA) designed into the OC48mon cards. This approach is consistent with one being advocated for the University of Waikato's proposed DAG-4 card. Consequently, CAIDA plans to utilize the services and designs of the University of Waikato to supplement MCI's technical support in developing the OC48mon. The University of Waikato subcontract to UCSD will replace the subcontract proposed under MCI. This approach should result in cost-savings to the project.
Task 2. Tomography Mapping/Modeling
As mentioned in section 5.0, Major Accomplishments to Date, the skitter measurement tool is being used to collect measurements of over 29,000 destination hosts throughout IPv4 Internet address space. One machine was added to the group of source hosts running skitter, bringing the total number of sources to six. Several briefings were given to the Internet community, focusing on or including skitter data collection, analysis and preliminary results (see section 11.2, Significant Events).
Analysis tool development for skitter data is being initiated, with particular focus on porting/implementing a tool for 3D visualization of the data (more details below under Task 4: Storage/Analysis).
Task 3. Security
An in-kernel segmentation and reassembly engine was developed during this period. Reassembly of the AAL5-encapsulated IP packets gathered on security-enhanced OC12mons is required to support capture and filtering of complete IP packets. This is of particular importance because IP and higher-layer protocol headers may be segmented across multiple ATM cells, and full IP packet capture and reassembly is required to perform complete reconstruction of intruder sessions.
Because on-card reassembly is limited by memory available on the card, we have developed and implemented a reassembly in the OC12mon kernel. Our algorithm is quite simple and efficient and is suitable for traffic conditions for which few (<100) reassemblies are simultaneously in progress. This constraint is widely satisfied on links monitored to date.
A new interface to the BSD Packet Filter engine was developed. The interface supports layout of the IP packets in gather buffers which are presented by the AAL5 reassembly engine. User interface support is required to generate BPF filters which are compatible with zero-length and ATM layer-2 headers. We are also exploring the use of a compiled BPF filter as a speed-up alternative to the interpreted language presently supported by BPF.
Task 4. Storage/Analysis
The RAID array purchased during the previous quarter is now fully deployed. Skitter data collected during and before the onset of this project has been transferred, and continues to be stored on the array. Analysis of skitter and related data, as well as development of a reporting format for summarizing data are ongoing. Efforts are beginning to port Tamara Munzner's 3D SGI network visualization code to a development platform compatible with the rest of the CAIDA effort (hardware and software support for implementation and use of the 3D code using the FreeBSD operating system).
Development and implementation of secure methods for accessing data and related reports is also ongoing. Some of the infrastructure is already in place (Kerberos, Certificate Authority for SSL, Apache+ssl_mod running and tested with client certificates, etc.).
11.2 Significant Events:
10-25-98 through 10-29-98 Dulles, VA - KC Claffy and Tracie Monk attended the DARPA/ITO Next Generation Internet Principal Investigator Meeting at the Washington Dulles Airport Marriott. Dr. Claffy gave a presentation on CAIDA's NGI project progress and plans, available at https://www.caida.org/funding/ngi1998/content/ngi_981026/
11-2-98 through 11-4-98 Crystal City, VA - KC Claffy and Tracie Monk attended the XIWT Critical Infrastructure conference. Dr. Claffy gave a presentation regarding measurement of Internet infrastructure, including information about the developing skitter suite of tools, and mention of OC48mon and Security Application developments.
11-8-98 through 11-10-98 Atlanta, GA - KC Claffy attended NANOG 14.
11-11-98 Atlanta, GA - KC Claffy and Daniel McRobb delivered a presentation on skitter to the Routing Working Group of the Internet Operators Group (IOPs) meeting. (travel expenses not charged to the project)
11-20-98 San Diego, CA - Glenn Sager, Coral Security Applications task leader, gave a presentation for the attendees at the Internet2 Working Group meeting at SDSC. Slides available at https://www.caida.org/funding/ngi1998/content/security/1198/ (no travel expenses incurred)
12-3-98 through 12-4-98 Chicago, IL - KC Claffy attended and gave a presentation at the iCAIR/NWU Middleware Workshop. (travel expenses not charged to the project)
12-15-98 through 12-16-98 Ottawa, CANADA - KC Claffy attended and gave a presentation at the CANARIE Advanced Networks Workshop, including information about skitter tools, and mention of OC48mon and Security Application developments. Slides available at https://www.caida.org/publications/presentations/Canarie_1298/. (travel expenses not charged to the project)
FINANCIAL INFORMATION:
Contract #: N66001-98-2-8922
Contract Period of Performance: 16/07/1998 to 15/07/2000
Ceiling Value: $6,655,449
Current Obligated Funds: $1,663,659
Actual Costs Incurred:
Current Period:
| UCSD | |||
| Labor | Hours 1,037.44 | Cost $63,259.70 | |
| ODC's | Cost $5,770.88 | ||
| TOTAL: | Hours 1,037.44 | Cost $69,030.58 | |
Cumulative to date:
| UCSD | |||
| Labor | Hours 1,665.24 | Cost $97,098.70 | |
| ODC's | Cost $73,725.88 | ||
| TOTAL: | Hours 1,665.24 | Cost $171,004.58 | |
Note: additional financial information in tabular form, including breakdown by subcontract and estimated expenditures for quarter 3, is attached to this report.
(not included in the online HTML version of this document)
Attachments:
Please find, electronically attached to this document, a copy of the PowerPoint presentation given by Dr. Claffy at the CANARIE Advanced Networks Workshop held in December 1998. The presentation is entitled "Internet measurement: topology, workload, performance and routing" This presentation is representative of presentations given by CAIDA in support of this project, many of which are referred to above.
Also included is the OC48mon specification document, entitled "CORAL Monitor Design Prerequisites & Specifications".
(not included in the online HTML version of this document)