7. Troubleshooting
Where...
packets are dropped ?
packets are fragmented ?
choke point occurs ?
What…
packet layers path ?
kind of traffic for this virtual network ?
number of flows on this link ?
number of TCP Sessions ?
bandwidth for this tenant ?
9. What we need
● Flow centric
● Easy to deploy
● SDN Agnostic solution
● Non-intrusive / Lightweight
● Open, API
● Connectors to SDN
10. What we need
● Topology capture
a. interfaces, bond, mtu, vlan
b. bridges
c. Network namespaces
d. etc..
● Flow capture
a. on-demand traffic capture
b. on-demand counter capture
c. filtering
d. underlay/overlay informations
● Topology/flow aggregation
a. mapping topology/flow
b. analysis
11. Topology capture
● Graph engine, event based
● Gremlin like query language
● Populated from :
○ netlink
○ netns
○ ovsdb
○ ethtool
● External connectors :
○ Docker
○ Neutron
12. Topology capture
$ ip netns add vm1
$ ip link add vm1-eth0 type veth peer
name eth0 netns vm1
$ ip link set vm1-eth0 up
$ ip netns exec vm1 ip link set eth0 up
$ ip netns exec vm1 ip address add
10.0.0.1/24 dev eth0
$ ovs-vsctl add-port br-int vm1-eth0
19. Flow capture
$ ip netns exec vm1 ping 10.0.0.2
Flow schema
● Metrics per layer
● Unique ID per flow
● Unique ID per flow/capture
● Origin/Destination
● Capture point
20. Skydive architecture
Agents :
● Capture topology
● Capture flows, maintains flow table
● Local topology/flow mapping
● Forward topology/flow to analyzers
Analyzers :
● Aggregate topology/flow
● Global topology/flow mapping
● Stores topology/flow in a database
23. Skydive Use-cases
● Detection of common configuration errors
● Detection of live network issues
○ bad performances, helping to find the root cause
○ DDOS and any unattended traffic
● Possibility to capture traffic at any point
○ History of all the captured metrics
○ Post mortem analysis
● Detection of bad application performance, bad RTT, wrong security groups
24. Skydive Roadmap
● Topology capture
○ More probes : OpenFlow, L3 informations
○ Versioning
● Live distributed capture
○ Filtering
● Analysis
○ More protocols
○ Alerting
● Security
○ RBAC
○ SSL
○ IP anonymization