Embed Size (px)
Citation preview
Network Configuration Analysis
Hyojoon Kim and Nick Feamster
School of Computer Science
Georgia Tech
Individual devices configured with low-level CLI
commands
Proprietary tools for devices from the same vendor
Each vendor has different syntax
How is the network configured?
Network Configuration is Hard!
Complex
Fragile & error-prone
Then again, availability of the network is critical
Current solutions are insufficient
RANCID
NCCM (Network Changes & Configuration
Management)
Configuration Statistics can Help…
Inform the operator about the status of their network
Provide better understanding of network configuration
Identify the problem area for possible improvements
Network configuration files at Georgia Tech
1,722 network devices (including virtual instances)
Collected daily (using RANCID)
Data set
Implementation
Analysis tool
Analysis package
Shell script extracts a set of configuration files
C program analyzes each configuration file
Preliminary Results
How many vendors and how many devices from each vendor?
How many devices of each type (e.g., switch, router, firewall)?
How many total lines of configuration?
How are the lines of configuration distributed across various tasks?
Routers
Firewalls
Switches
How Many Vendors?
How Many Devices of Each Type?
How Many Lines of Configuration?
How Much Config for Each Task?
Operational Tasks for Routers
Operational Tasks for Firewalls
Operational Tasks for Switches
The Problem Area
Questions in Ongoing Study
Which tasks are common?
What types of errors are most common?
How many devices are affected for specific tasks?
Is there a correlation between complexity & configuration?
Does configuration become more or less complex
over time?
What is the best way to reduce complexity?
We need your help!
Future Work
Need more configuration data to run & test our analysis tool
Our tool
A simple script running over configuration snapshots
Analyzes the configuration files, and derives statistics
Does not collected any sensitive data
Contact:
Hyojoon (Joon) Kim ( [email protected] )
Nick Feamster ( [email protected] )
![Nick Feamster - Princeton University Computer Sciencefeamster/cv/cv-feb2017.pdf · Publications Theses [1] Nick Feamster. Proactive Techniques for Correct and Predictable Internet](https://img.pdfslide.us/doc/110x75/5abef3157f8b9a8e3f8da109/nick-feamster-princeton-university-computer-science-feamstercvcv-feb2017pdfpublications.jpg)
