Muñoz Mateos, Alejandro

ABSTRACT
Simulation models have been developed in order to foresee characteristics of networks, systems or protocols when carrying out tests in laboratories is very expensive or even impossible. This paper presents a simulation model of a multiprocessor network traffic analysis system. The model, which is based on closed networks of queues, evaluates the efficiency of the system depending on the hardware/software platform features. Therefore, this model is able to estimate performance early in the design and development stages simulating a multiprocessor architecture in charge of analysing network traffic. The goodness of the model will be checked by comparing analytical results with practical ones obtained in laboratory using a traffic analysis system that runs on a multiprocessor platform.

ABSTRACT
The rate of networks is bigger all the time. Because of this increase, computational ability of network resources and principal servers could not be adequate. In order to improve the performance of this equipment traffic generators are needed. These have to generate modelled traffic flows at high rates. To do this, the system must measure short lapses of time. This paper studies how the traffic generator over GNU/Linux sends a packet. It presents some temporary parameters to define the packet sending. Some experiments have been done in order to measure those parameters. Thanks to those measurements, this paper studies how this sending is, in fact. This helps taking decisions in the final design of the traffic generator.

ABSTRACT
In the design of traffic generators time measurement is very important. When a high rate is needed time lapses between packet sending are smaller. Because of this, the granularity of the system must be good. GNU/Linux has some tools that could be very useful to implement the measure of those time lapses. In order to choose the best solution, this paper studies the different tools that are provided by GNU/Linux. This study is aimed at the design of a kernel module that works as a traffic generator. In this paper is presented a solution that uses two kinds of tools, too. In this way, the performance of the generator is better.

ABSTRACT
With the increase of the rate in networks, computational ability of network resources and principal servers could be inadequate. In order to prove the performance of networks, network resources and servers there have to be traffic generators. These generate traffic flows with different characteristics. It is also necessary to have network monitoring systems to inspect and process traffic. Doing this in high speed segments in an efficient way is not easy. This paper proposes a design of an architecture to inject traffic in a synthetic way and to improve the performance in network traffic analysis. This architecture tries to improve other solutions’ performance using a general purpose architecture under Linux over a PC with a common network interface. The basis of this improvement is including the application in the kernel of the operating system.

ABSTRACT
Con el aumento de la velocidad en las redes de datos la capacidad computacional de la infraestructura de comunicaciones y de los servidores principales puede verse comprometida. Para poder probar el rendimiento de las redes, de los equipos de interconexión y de los servidores se hace necesario disponer de sistemas de inyección de tráfico, que permitan la generación de tráfico sintético con diferentes características. También es necesario disponer de sistemas de monitorización, que permitan estudiar las características del tráfico. Hacer esto en segmentos de alta capacidad de una forma eficaz no es un asunto trivial. Este artículo propone el diseño de una arquitectura de inyección y monitorización de tráfico sintético que pretende mejorar los rendimientos de las soluciones disponibles utilizando una arquitectura de propósito general como es un sistema Linux sobre un PC con una interfaz de red común. El fundamento en la mejora de los rendimientos se basa principalmente en la introducción de la lógica de inyección y monitorización en el núcleo del sistema operativo.

ABSTRACT
In this paper we present an implementation and validation tests that allow a GNU/Linux node act as a PE router in a BGP/MPLS IP VPN architecture. Precisely, this implementation supports all the mandatory capabilities defined in RFC 4364 with regard to the data forwarding plane, such as VRFs to separate the traffic from different VPNs, MPLS to manage the VPN routes at PE nodes and MPLS tunnels for the communication between PEs. Moreover, this basic implementation is extended to support the operation defined in RFC 4797, which allows other kinds of tunnel technologies to be used between PE nodes. We provide configuration examples for both cases, and finally complete the study with the addition of IPsec options to the PE-PE GRE tunnel communication.

ABSTRACT
This paper presents an implementation of the BGP/MPLS IP VPN functionalities for GNU/Linux. First, we briefly review the operation mode described in the IETF RFC 4364 and show the characteristics that are supported by this implementation. Afterwards, we provide some implementation details of the forwarding plane for the kernel 2.6.18.1. This implementation includes the integration of the MPLS- and VRF-for-Linux projects. Finally, we present some example scenarios to validate our implementation in different cases, and show the corresponding commands for the ingress and egress PE routers. This work establishes a first approach for testing BGP/MPLS IP VPN technology in GNU/Linux testbeds and supports the basic functionalities for a future implementation of the signaling plane.

ABSTRACT
Traffic monitoring is an increasingly important discipline for nowadays networking, as Accounting, Security and Traffic Engineering lay on it. Besides, traffic bandwidth has increased exponentially in the last few years, and high-speed network monitoring has become a challenging task. Performance requirements are highly relevant for passive QoS monitoring systems. A low-level study of the capturing and processing stages on a traffic analysis system (TAS) has shown room for improvement. We provide an architecture able to cope with high-speed traffic monitoring using commodity hardware. Our system is intended to exploit the parallelism available in up-to-date workstations, which also introduces constraints for multithreaded QoS analysis. This paper presents a kernel-level framework (ksensor) that, keeping the previous requirements, removes some issues from user-level processing and effectively integrates QoS algorithms, improving the overall performance.

ABSTRACT
Traffic monitoring is an increasingly important discipline for nowadays networking, as Accounting, Security and also Quality of Service (QoS) lay on it. Besides, traffic bandwidth has increased exponentially in the last few years, and high-speed network monitoring is a challenging aim. Performance requirements are highly relevant for monitoring systems. A low-level study of the capturing stages on a traffic analysis system (TAS) has shown room for improvement. We provide an architecture able to cope with high-speed traffic monitoring using commodity hardware. Our design is also intended to exploit the parallelism available in up-to-date workstations. This paper presents a kernel-level monitoring system (ksensor) that, keeping the previous requirements, removes some issues from user-level processing, improving the overall performance.

ABSTRACT
Traffic monitoring is an increasingly important discipline for nowadays networking, as Accounting, Security and also Quality of Service (QoS) lay on it. Besides, traffic bandwidth has increased exponentially in the last few years, and high-speed network monitoring is a challenging aim. Performance requierements are highly relevant for monitoring systems. A low-level study of the capturing stages on a traffic analysis system has shown room for improvement. We provide an architecture able to cope with high-speed traffic monitoring using commodity hardware. Our design is also intended to exploit the parallelism available in up-to-date workstations. This paper presents a kernel-level monitoring system (KSensor) that, keeping the previous requirements, removes some issues in user level monitoring system, improving the overall performance.

ABSTRACT
This work focuses on the analysis of Quality of Service (QoS) management in controlled scenarios such as corporate networks. We present a testbed based on BGP/MPLS IP VPN networks and show the QoS configuration implemented in the different nodes. The motivation of this work is to obtain stable QoS monitoring procedures that will allow us to deploy optimized QoS management mechanisms. The results are intended to represent users’ satisfaction for different networked services, so we base our QoS evaluation in perceived-QoS (PQoS) schemes. In this paper we proposed a network scenario made up of a VPN connectivity between two corporate sites. Based on the terms included in the SLA and the characteristics of different traffic profiles, we try to monitor the PQoS in different conditions, so we can obtain valuable information for a better traffic classification.

ABSTRACT
This paper deals with the management of QoS as perceived by end users in corporate networks. First, we overview some previous results achieved by the research group in the field of estimating and managing the QoS. In this work we accomplished some validation tasks by means of simulation. Going on with the analysis of applicability of the general model to real-world, we propose here to analyze a network scenario that includes an MPLS IP VPN. In this scenario we can take into account all the agents involved in the provision of Internet services and moreover we can carry out a management of QoS in the network.

ABSTRACT
The importance of security issues in network environments has increased greatly lately. Intrusion Detection Systems play an important role in network security environments. Nevertheless, nowadays, data network speed is so high that performing intrusion detection tasks becomes challenging. This paper presents a software architecture that intends to exploit the parallelism available on up-to-date and future workstations to apply intrusion detection rules in high speed networks. To achieve this, a shared memory multiprocessor system has been developed. The system includes a powerful rule language that adds big flexibility to the system.

ABSTRACT
Analysis of network traffic has become a really important task for many fields, from IDS to QoS evaluation. The great increase in the speed of networks, much faster than processor's performance increase, is making difficult to handle the processing of all network packets. One way to solve this problem is to move the processing to the hardware elements. This is a very expensive solution and, in some cases, improving the performance of the capturing software may be enough. Although current general purpose operating systems have been improving the performance of network processing, there is still place for improvement. In this paper we present in detail the way followed by a packet through the operating system until it is processed at user level. Some empirical measurements has been made along the packet journey in order to find the bottlenecks of the capturing process as well as discussing some ways to further increase the performance of the capturing process.

ABSTRACT
Simulation models have been developed in order to foresee characteristics of networks, systems or protocols when doing tests in laboratories are very expensive or even impossible. This paper presents a simulation model of a multiprocessor network traffic analysis system. The model, which is based on closed networks of queues, evaluates the efficiency of the system depending on the hardware/software platform features. Therefore, this model is able to estimate performance early in the design and development stages simulating a multiprocessor architecture in charge of analysing network traffic. The goodness of the model will be checked by comparing analytical results with practical ones obtained in laboratory using a traffic analysis system that runs in a multiprocessor platform.

ABSTRACT
Data communication is a widespread service in our society and the need for controlling the information interchange increases. Intending to solve this need, different kind of data capture systems (sensors or probes) have been implemented. The aim of this paper is to present a new architecture that analyses data providing essential information like complex quality of service statistics, intrusion detection, accounting... Nowadays, performance requirements limit the functionalities of sensors. Therefore, we have developed a high performance multiprocessor architecture which can process passively and online the captured packets in different ways. This improvement allows to apply complex QoS algorithms whose implementation is quite difficult if the number of connections to follow is high.

ABSTRACT
This paper analyses several issues about security and QoS in corporate networks based on BGP/MPLS IP VPN technology. First, we discuss some security requirements and constraints specified for ‘conventional’ BGP/MPLS IP VPNs, where the provider’s transport infrastructure supports MPLS. Likewise, we describe different alternative mechanisms suitable to provide QoS guarantees in this kind of networks. Afterwards, the paper focuses on a transition scenario, where some of the corporate sites may be attached to an IP backbone with no MPLS support. In order to preserve the basic VPN architecture some alternative tunneling approaches are defined. We study some critical security requirements in this scenario and analyse the potential impact of its implementation over the QoS characteristics. We present a testbed based on Linux boxes and some general implementation issues, and finally some empirical results are shown.

ABSTRACT
In this article, we introduce a tool to analyse quality of service in DiffServ-MPLS networks and we also show its design and implementation issues. We have designed a distributed architecture that allows users to send and receive traffic flows in real-world environments applying several service policies, extracting quality of service parameters from end hosts and core devices, and information about performance in traffic flows treatment at DS-MPLS network core nodes.

ABSTRACT
This document describes several design proposals to enhance network sensor performance on multiprocessor architectures. Our main contributions are related to the design of an autonomous sensor and to the idea of performing some parallelization of the analysis. These proposals can be implemented in network sensors such as intrusion detection systems, network antivirus appliances, QoS monitors and any other device based on network traffic analysing. Taking a certain model of traffic analysis as our starting point, we look deeply into some design proposals to address the difficulties involved in the parallelization. In this work, we propose a series of resources that can help us to solve these difficulties. Later, we study the prototypes developed in order to test different design alternatives and, finally, present selected case studies. We finish by quantitatively analysing the results to validate our design proposals.

ABSTRACT
This paper offers an approach to the definition of access speed measurements. An ever growing increase of Internet Service Providers (ISP) and different types of technologies in the Internet access, makes it difficult for users to decide which is the best or most suitable connection to satisfy their needs. From these considerations, the possibility of the Internet users to obtain a real and neutral measurement of the service of their Internet access may help them to decide if it is covering their demands or, on the contrary, the provider is not complying with the terms of the contract. In order to perform this measurement, an Internet speed test through web interface has been defined, as well as the way to obtain a measure which can comply with the objective of giving users a proper idea of how their Internet access is working. This project is included in the Quality of Service (QoS) investigation area in our investigation group.

ABSTRACT
This paper presents velocimetro.org, the service developed by the Engineering Faculty of Bilbao to provide access speed measurements in Internet. The explosion of Internet Service Providers (ISP) and different types of technologies in Internet access, makes it difficult for Internet users to decide about the best or more acquaint access to cope with their needs. Velocimetro.org offers the possibility to obtain a neutral measurement of the quality of service (QoS) of the access to Internet. In this way, users can evaluate and decide if their ISP is covering their demands or, on the contrary, is not complying with the terms of the contract. From this point of view of an ISP, velocimetro.org allows to make comparisons of their service against their competitors.

ABSTRACT
This paper presents velocimetro.org, the service developed by the Engineering Faculty of Bilbao to provide access speed measurements in Internet. The explosion of Internet Service Providers (ISP) and different types of technologies in Internet access, makes it difficult for Internet users to decide about the best or more acquaint access to cope with their needs. Velocimetro.org offers the possibility to obtain a neutral measurement of the quality of service (QoS) of the access to Internet. In this way, users can evaluate and decide if their ISP is covering their demands or, on the contrary, is not complying with the terms of the contract. From the point of view of an ISP, velocimetro.org allows to make comparisons of their service against their competitors.