Upload
chris-grundemann
View
1.515
Download
1
Embed Size (px)
DESCRIPTION
Slides from my lightning talk at NANOG 54 on CGN Logging and Deterministic CGN.
Citation preview
CGN Logging: Horror Stories & Happy Endings Chris Grundemann :: NANOG 54 :: 7 February 2012
CGN Logging
• Horror Stories o CGN logs required o Testing results
• Happy Endings o Current options o Deterministic reservation
Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 2/9/12 2
Identity Traceback Illustration
: 10.0.0.1
: 10.0.0.2
DHCP Log A:10.0.0.1 B:10.0.0.2 C:10.0.0.3
Webserver log 204.57.36.2:4567 - - [10/Oct/2010:13:55:36 -0700] "GET /illegal.html HTTP/1.0" 200 2326
CGN Log 10.0.0.2:1234 -> 204.57.36.2:4567 [10/Oct/2010:13:55:36 -0700] 10.0.0.1:1234 -> 204.57.36.2:2345 [10/Oct/2010:13:55:38-0700] 10.0.0.3:4356 -> 204.57.36.2:3456 [10/Oct/2010:13:55:45 -0700] 10.0.0.2:3456 -> 204.57.36.2:4569 [10/Oct/2010:13:55:47 -0700] 2/9/12 Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 3
CGN Testing Background
• CableLabs first conducted CGN testing in 2010 • Second round June – Sep, 2011
o Both NAT444 and DS-Lite
• Additional CGN testing in IPv6 interop events • Logging has been one aspect of testing
2/9/12 Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 4
CGN Logging Feature Highlights • Remote reporting supports Syslog only • Template for logging is currently not configurable • Syslog facility is configurable • Data fields include: Time Stamp, Source IP/Port, NAT
IP/Port, Destination IP/Port, Host Name o 173 – 542 bytes (DS-Lite) o 150 – 450 bytes (NAT444)
2/9/12 Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 5
CGN Logging (DS-Lite)
2/9/12 Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 6
CGN Logging (NAT444)
2/9/12 Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 7
The Horror (log volumes)
150 - 450 bytes/connection + 33k - 216k connections per sub per day
-------------------------------------------------------------- 5 - 96 MB / user / day
That’s potentially over 1 PB per 1M subs per month It’s also over 20Mbps for just the log stream…
Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 2/9/12 8
Log Reduction Strategies
• Port block reservations o Reduce logging up to 100x
• Log compression o Reduces volume, but not search time
• Deterministic reservation o See next slide…
2/9/12 Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 9
Proposal: Deterministic Port Reservation
• draft-donley-behave-deterministic-cgn • Collect inside range, outside range, compression ratio
o Compression ratio ≥ inside/outside o Inside range/compression ratio = ports/user o Set aside well-known ports (<1024) & dynamic overflow range o Pre-reserve port ranges for each internal IP address o Allow dynamic reservation above that threshold
• Remote logging only required for dynamic reservations • Still need state logging locally for every active connection
• Limitation: Requires low compression ratios 2/9/12 Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 10
The Happy Ending…
IP 1, Port Pool 1
IP 1, Port Pool 2
IP 1, Port Pool 3
CGN Device
Subscriber 1 (DHCP STP Address 1)
Subscriber 2 (DHCP STP Address 2)
Subscriber 3 (DHCP STP Address 3) C
GN
Map
ping
Ta
ble
IP 1, Port Pool 4 Subscriber 4
(DHCP STP Address 4)
IP 1 Reserved Pool
IP 1 Bulk Pool
Pool exhausted
CG
N M
appi
ng
Tabl
e
Reserved Port (e.g. 80)
DHCP
Logging Required
Static, PCP, portal, etc.
2/9/12 Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 11
Questions?
Chris Grundemann [email protected]
2/9/12 Cable Television Laboratories, Inc. 2012. All Rights Reserved. Proprietary/Confidential. 12