SA
Uploaded bySylvain Afchain
122 views

Skydive 31 janv. 2016

Skydive is a real-time network topology and protocols analyzer that provides non-intrusive monitoring of SDNs. It collects data from agents running on nodes through southbound APIs and topology queries to analyze flows and topology in an SDN-agnostic manner. Skydive aims to help troubleshoot complex SDN issues by providing visibility into where packets are dropped, fragmented, or experiencing congestion across overlays, underlays, and the control and data planes.

Embed presentation

Download to read offline
Skydive Real-time network topology and protocols analyzer Sylvain Afchain
Sylvain Afchain Principal software engineer Redhat Openstack Neutron contributor Opencontrail contributor
WHY ?
SDN IS COMPLEX Troubleshooting/monitoring is even more complex
Implementations Management Control plane ● OpenFlow ● XMPP ● BGP ● AMQP ● Etc... Data plane ● VLAN ● VXLAN ● GRE ● MPLS ● OVS, Linuxbridge, other
Real network issues… just an extract ! Offloading issue leading in packet drop Offloading issue leading in bad performances, tcp retransmission Offloading issue leading in bad checksum Configuration issues like MTU Remaining filtering rules or routing Forwarding database corrupted with vxlan Offloading checksum issue with gre tunnel, leading in bad performances for TCP connections. Bonding, LACP issues multicast packets dropped in vxlan tunnels SDN Control plane issues, config not reflected to the dataplane, ex: Remaining or missing openflow rules. While trying to record a demo of Skydive…. and this not a joke ! http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [119/120s]: request error [('Connection aborted.', OSError(101, 'Network is unreachable'))]
Troubleshooting Where... are the packets dropped ? are the packets fragmented ? is the congestion point ? What… is the path of packets ? kind of traffic for this virtual network ? is the number of flows on this link ? is the number of TCP Sessions ? is the bandwidth for this tenant ?
Current toolbox ● Iproute2 ● ovs-vsctl, ovs-ofctl, ovs-dpctl... ● ethtool ● brctl ● tcpdump ● SDN CLI/API ● etc.
The needs 1. SDN Agnostic solution 2. Non-intrusive 3. Lightweight 4. Flow centric 5. Easy to deploy 6. Open, API 7. Connectors to SDN
The needs 1. Topology probes a. interfaces, bond, mtu, vlan b. bridges c. Network namespaces d. etc.. 2. Flow probes a. on-demand traffic capture b. on-demand counter capture c. filtering d. underlay/overlay informations 3. Topology/flow aggregation a. mapping topology/flow b. analysis
Skydive design Agents ● On the nodes to monitor ● Topology probes ● Flow probes ● Southbound API, topology queries, Flow Probes Analyzers ● collect agents data, time-series database ● Flow centric ● Northbound API, topology queries, flow capture, alarming
Skydive Use-cases Operator : ● Detection of common configuration errors. ● Detection of live network issues at any point of the infrastructure meaning in the underlay and in the overlay. ○ bad performances, helping to find the root cause. ○ DDOS and any unattended traffic. ● Possibility to capture traffic at any point for further analysis. ○ Historic of all the metrics captured, keeping all the flow events for further analysis. User : ● Detection of misconfigured filtering mechanism like security groups. ● Detection of bad application performance, bad RTT.
Skydive today ● Topology capture ○ Netlink, NetNS, ETHTool, OVSDB ○ Connectors: ■ Neutron, Docker ○ Backend: ■ In-Memory, Gremlin based (Titangraph, Tinkerpop, neo4j) ● Live distributed capture ○ sFlow with OVS, PCAP ● Analysis ○ Flow table, flow event, session expiration, etc. ○ Backend: ■ ElasticSearch ● API/WebUI ○ On-demand capture, Topology (events, alerting)
Skydive Roadmap ● Topology capture ○ Adding more connectors ● Live distributed capture ○ PCAP, Filtering ● Analysis ○ Adding more protocols ○ Alerting ● Improvement of the security ○ RBAC ○ SSL
Key points Non-intrusive, SDN-agnostic. Helps to troubleshoot/monitor giving informations on the root cause and its impact. Gives feedback providing informations needed for capacity planning, billing. Open source Apache License Written in Go
Questions What would the best place for the project ? OpenStack - single point where multiple SDN controllers meet, but is it really a network focussed project ? Events to engage/propose content ?
Questions ? https://github.com/redhat-cip/skydive safchain@redhat.com

More Related Content

PDF
Dpdk accelerated Ostinato
bypstavirs
 
PDF
Skydive, real-time network analyzer, container integration
bySylvain Afchain
 
PDF
Cilium - Fast IPv6 Container Networking with BPF and XDP
byThomas Graf
 
PDF
BUD17-300: Journey of a packet
byLinaro
 
KEY
Distributed app development with nodejs and zeromq
byRuben Tan
 
PDF
Skydive 5/07/2016
bySylvain Afchain
 
PDF
Anatomy of neutron from the eagle eyes of troubelshoorters
bySadique Puthen
 
PDF
Skydive, real-time network analyzer
bySylvain Afchain
 
Dpdk accelerated Ostinato
bypstavirs
 
Skydive, real-time network analyzer, container integration
bySylvain Afchain
 
Cilium - Fast IPv6 Container Networking with BPF and XDP
byThomas Graf
 
BUD17-300: Journey of a packet
byLinaro
 
Distributed app development with nodejs and zeromq
byRuben Tan
 
Skydive 5/07/2016
bySylvain Afchain
 
Anatomy of neutron from the eagle eyes of troubelshoorters
bySadique Puthen
 
Skydive, real-time network analyzer
bySylvain Afchain
 

What's hot

PDF
2015 FOSDEM - OVS Stateful Services
byThomas Graf
 
PDF
Run Your Own 6LoWPAN Based IoT Network
bySamsung Open Source Group
 
PDF
Ostinato - Craft Packets, Generate Traffic [SharkFest '20]
bypstavirs
 
PPTX
OVN DBs HA with scale test
byAliasgar Ginwala
 
PDF
iptables 101- bottom-up
byHungWei Chiu
 
PDF
DevConf 2014 Kernel Networking Walkthrough
byThomas Graf
 
PDF
LinuxCon 2015 Stateful NAT with OVS
byThomas Graf
 
PDF
HTTP/2, HTTP/3 and SSL/TLS State of the Art in Our Servers
byJean-Frederic Clere
 
PDF
Open vSwitch - Stateful Connection Tracking & Stateful NAT
byThomas Graf
 
PPTX
OpenvSwitch Deep Dive
byrajdeep
 
PDF
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
byThomas Graf
 
PPTX
Scapy talk
byAshwin Patil, GCIH, GCIA, GCFE
 
PDF
eBPF - Rethinking the Linux Kernel
byThomas Graf
 
PDF
Cilium - BPF & XDP for containers
byDocker, Inc.
 
PDF
LF_OVS_17_LXC Linux Containers over Open vSwitch
byLF_OpenvSwitch
 
PDF
Ostinato FOSS.IN 2010
bypstavirs
 
PPT
Leveraging zeromq for node.js
byRuben Tan
 
PDF
ZeroMQ with NodeJS
byFernando Sanabria
 
PDF
Make Your Own Developement Board @ 2014.4.21 JuluOSDev
byJian-Hong Pan
 
PDF
Zeromq anatomy & jeromq
byDongmin Yu
 
2015 FOSDEM - OVS Stateful Services
byThomas Graf
 
Run Your Own 6LoWPAN Based IoT Network
bySamsung Open Source Group
 
Ostinato - Craft Packets, Generate Traffic [SharkFest '20]
bypstavirs
 
OVN DBs HA with scale test
byAliasgar Ginwala
 
iptables 101- bottom-up
byHungWei Chiu
 
DevConf 2014 Kernel Networking Walkthrough
byThomas Graf
 
LinuxCon 2015 Stateful NAT with OVS
byThomas Graf
 
HTTP/2, HTTP/3 and SSL/TLS State of the Art in Our Servers
byJean-Frederic Clere
 
Open vSwitch - Stateful Connection Tracking & Stateful NAT
byThomas Graf
 
OpenvSwitch Deep Dive
byrajdeep
 
The Next Generation Firewall for Red Hat Enterprise Linux 7 RC
byThomas Graf
 
Scapy talk
byAshwin Patil, GCIH, GCIA, GCFE
 
eBPF - Rethinking the Linux Kernel
byThomas Graf
 
Cilium - BPF & XDP for containers
byDocker, Inc.
 
LF_OVS_17_LXC Linux Containers over Open vSwitch
byLF_OpenvSwitch
 
Ostinato FOSS.IN 2010
bypstavirs
 
Leveraging zeromq for node.js
byRuben Tan
 
ZeroMQ with NodeJS
byFernando Sanabria
 
Make Your Own Developement Board @ 2014.4.21 JuluOSDev
byJian-Hong Pan
 
Zeromq anatomy & jeromq
byDongmin Yu
 

Similar to Skydive 31 janv. 2016

PDF
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
byinnov-acts-ltd
 
PDF
SDN in the Management Plane: OpenConfig and Streaming Telemetry
byAnees Shaikh
 
PDF
Kernel Recipes 2018 - Packets probes and eBPF filtering in Skydive - Nicolas ...
byAnne Nicolas
 
PPTX
Cis sem sdn
byLino Quivén
 
PPTX
Road Monitoring - 2019 - IoT@Sapienza - v3
byPietro Spadaccino
 
PDF
SDN Software Defined Networks 1st Edition Thomas Nadeau D.
byhierljowdyc7
 
PDF
SDN Software Defined Networks 1st Edition Thomas Nadeau D.
byaneyaromiel8
 
PDF
Sdn Software Defined Networks 1st Edition Thomas Nadeau D Ken Gray
byninhhzhkal622
 
PPTX
Foundation of Modern Network- william stalling
byJonathanWallace46
 
PPTX
Monitoring federation open stack infrastructure
byFernando Lopez Aguilar
 
PPTX
Operators experience and perspective on SDN with VLANs and L3 Networks
byJakub Pavlik
 
PDF
Bringing SDN to the Management Plane
byAnees Shaikh
 
PDF
Banv
bynetvis
 
PDF
Performance Aware SDN, LSPE talk
bynetvis
 
PPTX
Predictive analytics and Visualization. Towards Data Driven Insights for Open...
byYathiraj Udupi, Ph.D.
 
PDF
Cisco Connect 2018 Singapore - Easing the Transition
byNetworkCollaborators
 
H2020 finsec-ibm- aidan-shribman-finsec-skydive 260820
byinnov-acts-ltd
 
SDN in the Management Plane: OpenConfig and Streaming Telemetry
byAnees Shaikh
 
Kernel Recipes 2018 - Packets probes and eBPF filtering in Skydive - Nicolas ...
byAnne Nicolas
 
Cis sem sdn
byLino Quivén
 
Road Monitoring - 2019 - IoT@Sapienza - v3
byPietro Spadaccino
 
SDN Software Defined Networks 1st Edition Thomas Nadeau D.
byhierljowdyc7
 
SDN Software Defined Networks 1st Edition Thomas Nadeau D.
byaneyaromiel8
 
Sdn Software Defined Networks 1st Edition Thomas Nadeau D Ken Gray
byninhhzhkal622
 
Foundation of Modern Network- william stalling
byJonathanWallace46
 
Monitoring federation open stack infrastructure
byFernando Lopez Aguilar
 
Operators experience and perspective on SDN with VLANs and L3 Networks
byJakub Pavlik
 
Bringing SDN to the Management Plane
byAnees Shaikh
 
Banv
bynetvis
 
Performance Aware SDN, LSPE talk
bynetvis
 
Predictive analytics and Visualization. Towards Data Driven Insights for Open...
byYathiraj Udupi, Ph.D.
 
Cisco Connect 2018 Singapore - Easing the Transition
byNetworkCollaborators
 

Recently uploaded

PPTX
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
PDF
How to Evaluate a High Performance Database
byScyllaDB
 
PDF
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
PPTX
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
PPTX
Building Agents in Microsoft Agent Framework.pptx
byUdaiappa Ramachandran
 
PPTX
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
PPTX
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 
PDF
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
PPTX
Technology Consulting _ by Slidesgo.pptx
byfh82277
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
communication-skills-with-technology tools
byJaleto Sunkemo
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PDF
Day 4 - Access, Deployments, and Monitoring - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Lab 1.5 - Sharing Secrets with GPG ~ 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
WHITE PAPER_ Ransomware Payment Policy and Resilience Strategy_ A Framework f...
byssuser0d171c
 
PDF
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
How to Evaluate a High Performance Database
byScyllaDB
 
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
Emancipatory Information Retrieval: Radically Reorienting Information Retriev...
byBhaskar Mitra
 
Building Agents in Microsoft Agent Framework.pptx
byUdaiappa Ramachandran
 
DYNAMICALLY.pptx good for the teachers or students to do seminars and for tea...
bympoorvika031
 
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 
DevFest El Jadida 2025 - Product Thinking
byElmehdi AMLOU
 
Technology Consulting _ by Slidesgo.pptx
byfh82277
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
communication-skills-with-technology tools
byJaleto Sunkemo
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Day 4 - Access, Deployments, and Monitoring - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Lab 1.5 - Sharing Secrets with GPG ~ 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
WHITE PAPER_ Ransomware Payment Policy and Resilience Strategy_ A Framework f...
byssuser0d171c
 
Six Shifts For 2026 (And The Next Six Years)
byDavid Armano
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 

Skydive 31 janv. 2016

  • 1.
    Skydive Real-time network topologyand protocols analyzer Sylvain Afchain
  • 2.
    Sylvain Afchain Principal softwareengineer Redhat Openstack Neutron contributor Opencontrail contributor
  • 3.
  • 4.
  • 6.
    Implementations Management Control plane ● OpenFlow ●XMPP ● BGP ● AMQP ● Etc... Data plane ● VLAN ● VXLAN ● GRE ● MPLS ● OVS, Linuxbridge, other
  • 7.
    Real network issues…just an extract ! Offloading issue leading in packet drop Offloading issue leading in bad performances, tcp retransmission Offloading issue leading in bad checksum Configuration issues like MTU Remaining filtering rules or routing Forwarding database corrupted with vxlan Offloading checksum issue with gre tunnel, leading in bad performances for TCP connections. Bonding, LACP issues multicast packets dropped in vxlan tunnels SDN Control plane issues, config not reflected to the dataplane, ex: Remaining or missing openflow rules. While trying to record a demo of Skydive…. and this not a joke ! http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [119/120s]: request error [('Connection aborted.', OSError(101, 'Network is unreachable'))]
  • 8.
    Troubleshooting Where... are the packetsdropped ? are the packets fragmented ? is the congestion point ? What… is the path of packets ? kind of traffic for this virtual network ? is the number of flows on this link ? is the number of TCP Sessions ? is the bandwidth for this tenant ?
  • 9.
    Current toolbox ● Iproute2 ●ovs-vsctl, ovs-ofctl, ovs-dpctl... ● ethtool ● brctl ● tcpdump ● SDN CLI/API ● etc.
  • 10.
    The needs 1. SDNAgnostic solution 2. Non-intrusive 3. Lightweight 4. Flow centric 5. Easy to deploy 6. Open, API 7. Connectors to SDN
  • 11.
    The needs 1. Topologyprobes a. interfaces, bond, mtu, vlan b. bridges c. Network namespaces d. etc.. 2. Flow probes a. on-demand traffic capture b. on-demand counter capture c. filtering d. underlay/overlay informations 3. Topology/flow aggregation a. mapping topology/flow b. analysis
  • 12.
    Skydive design Agents ● Onthe nodes to monitor ● Topology probes ● Flow probes ● Southbound API, topology queries, Flow Probes Analyzers ● collect agents data, time-series database ● Flow centric ● Northbound API, topology queries, flow capture, alarming
  • 14.
    Skydive Use-cases Operator : ●Detection of common configuration errors. ● Detection of live network issues at any point of the infrastructure meaning in the underlay and in the overlay. ○ bad performances, helping to find the root cause. ○ DDOS and any unattended traffic. ● Possibility to capture traffic at any point for further analysis. ○ Historic of all the metrics captured, keeping all the flow events for further analysis. User : ● Detection of misconfigured filtering mechanism like security groups. ● Detection of bad application performance, bad RTT.
  • 15.
    Skydive today ● Topologycapture ○ Netlink, NetNS, ETHTool, OVSDB ○ Connectors: ■ Neutron, Docker ○ Backend: ■ In-Memory, Gremlin based (Titangraph, Tinkerpop, neo4j) ● Live distributed capture ○ sFlow with OVS, PCAP ● Analysis ○ Flow table, flow event, session expiration, etc. ○ Backend: ■ ElasticSearch ● API/WebUI ○ On-demand capture, Topology (events, alerting)
  • 18.
    Skydive Roadmap ● Topologycapture ○ Adding more connectors ● Live distributed capture ○ PCAP, Filtering ● Analysis ○ Adding more protocols ○ Alerting ● Improvement of the security ○ RBAC ○ SSL
  • 19.
    Key points Non-intrusive, SDN-agnostic. Helpsto troubleshoot/monitor giving informations on the root cause and its impact. Gives feedback providing informations needed for capacity planning, billing. Open source Apache License Written in Go
  • 20.
    Questions What would thebest place for the project ? OpenStack - single point where multiple SDN controllers meet, but is it really a network focussed project ? Events to engage/propose content ?
  • 21.