SlideShare ist ein Scribd-Unternehmen logo

Monitoring Network Performance in China

ThousandEyes
ThousandEyes

Learn about the most common network issues in China, as well as best practices for monitoring DNS, benchmarking performance and sanitizing content for the Great Firewall. See the full webinar at https://www.thousandeyes.com/resources/network-performance-in-china-webinar

Technologie
1 von 18
Downloaden Sie, um offline zu lesen
2 About ThousandEyes ThousandEyes delivers visibility into every network your organization relies on. Founded by network experts; strong investor backing Relied on for " critical operations by leading enterprises Recognized as " an innovative " new approach 31 Fortune 500 5 top 5 SaaS Companies 4 top 6 US Banks
3 •  High latency and packet loss are common •  10 backbone access points (i.e., “choke points”) •  2 dominant, government-controlled ISPs: China Unicom (North), China Telecom (South) –  Underdeveloped and congested –  Few peering points in between •  Highly sophisticated censorship system –  Great Firewall –  Great Cannon A Different Internet in China
4 •  IP blocking –  Routers drop all packets going to blacklisted IP addresses –  Lightweight •  DNS tampering –  Cache poisoning –  Keyword-based hijacking The Great Firewall
5 •  Deep packet inspection and keyword filtering –  Resource-intensive The Great Firewall Read more: https://blog.thousandeyes.com/deconstructing-great-firewall-china/
6 •  Set up Network tests to benchmark performance metrics like latency and packet loss •  Expect: –  Higher latency and loss •  Especially for traffic crossing into or out of China –  Changing conditions due to censorship and diurnal patterns Baseline Network Performance Read more: https://blog.thousandeyes.com/benchmarking-network-performance-china/
7 Higher loss and latency from China Clear diurnal patterns in outbound traffic Use Reports to Benchmark Performance
8 Compare HK with geographically close locations in China: Foshan, Zhuhai, Guangzhou Performance differences can then be attributed to crossing the Great Firewall Use Hong Kong for Comparison
9 •  DNS packets often go missing –  Frequently congested, unreliable networks –  DNS poisoning and hijacking •  Cloud Agents in China use local ISP caches •  Use DNS Server and Trace tests and alerts to check if records: –  Are always available –  Have the correct mappings –  Are served up quickly DNS Issues Read more: https://blog.thousandeyes.com/monitoring-application-delivery-china/
10 DNS lookup of “dns- plx.ewr1.nytimes.com” returns incorrect mappings to blocked IPs of services including Facebook, Dropbox Tests to these blocked IPs are then blocked in China Telecom and China Unicom DNS Server Test: NYTimes.com A record
11 DNS lookup of “ns1.p24.dynect.net” returns correct mapping, suggesting DNS tampering on NYTimes nameserver’s A record Test traffic from China makes it through to the Dyn nameserver Evidence of DNS Tampering
12 Lookup of NYTimes.com A record returns incorrect mappings to blocked IPs Impossibly low resolution times suggest DNS cache poisoning Evidence of DNS Cache Poisoning
13 •  Page objects with blocked keywords or domains may fail to load and slow down page load times •  Watch out for: –  Google: fonts, APIs, ads, Google Analytics –  Facebook –  Adobe Typekit –  Marketo •  Use the waterfall in Page Load and Transaction tests to monitor for objects that fail to load Blocked Page Components Read more: https://blog.thousandeyes.com/monitoring-application-delivery-china/
14 Objects from blocked sites Facebook and Google have long wait times and fail to load Page Load Test: Starbucks US from China
15 China-optimized webpage sees much lower object load times Still room for improvement: Google object has long DNS time Page Load Test: Starbucks China from China
16 •  Scope alerts to China agents and recalibrate thresholds •  Consider ISP- specific Path Trace alerts Alerting Read more: https://blog.thousandeyes.com/monitoring-application-delivery-china/
17 q Adjust your expectations and alerts based on Network test data q Use Reports to analyze data by country q Also benchmark: q  CDN providers q  Data center/colocation providers q Continuously monitor important services in China’s volatile environment Best Practices for Monitoring in China q Understand the difficulties unique to the Chinese Internet and adjust your monitoring strategy accordingly q 2 ISPs with few peering points q  Underdeveloped and congested q Only 10 access points q Stringent censorship q  DNS poisoning and hijacking q  Blocked page objects
18 See what you’re missing. Watch the webinar: https://www.thousandeyes.com/resources/network-performance-in-china-webinar

Empfohlen

2016 Internet Outages: Trends, Insights & Analysis
2016 Internet Outages: Trends, Insights & Analysis 2016 Internet Outages: Trends, Insights & Analysis
2016 Internet Outages: Trends, Insights & Analysis
ThousandEyes
 
Monitoring DNS Records and Servers
Monitoring DNS Records and ServersMonitoring DNS Records and Servers
Monitoring DNS Records and Servers
ThousandEyes
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
ThousandEyes
 
Troubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNsTroubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNs
ThousandEyes
 
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesEndpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
ThousandEyes
 
Best Practices for Monitoring DNS
Best Practices for Monitoring DNSBest Practices for Monitoring DNS
Best Practices for Monitoring DNS
ThousandEyes
 
Enterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best PracticesEnterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best Practices
ThousandEyes
 
Enterprise and Wide Area Network Visibility
Enterprise and Wide Area Network VisibilityEnterprise and Wide Area Network Visibility
Enterprise and Wide Area Network Visibility
ThousandEyes
 

Empfohlen

2016 Internet Outages: Trends, Insights & Analysis
2016 Internet Outages: Trends, Insights & Analysis 2016 Internet Outages: Trends, Insights & Analysis
2016 Internet Outages: Trends, Insights & Analysis
ThousandEyes
 
Monitoring DNS Records and Servers
Monitoring DNS Records and ServersMonitoring DNS Records and Servers
Monitoring DNS Records and Servers
ThousandEyes
 
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from AnywhereEndpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
Endpoint Agent Part 2: Monitoring SaaS Apps from Anywhere
ThousandEyes
 
Troubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNsTroubleshooting Remote Workers and VPNs
Troubleshooting Remote Workers and VPNs
ThousandEyes
 
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and ProxiesEndpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
Endpoint Agent Part 3: LAN, Wireless, Gateways and Proxies
ThousandEyes
 
Best Practices for Monitoring DNS
Best Practices for Monitoring DNSBest Practices for Monitoring DNS
Best Practices for Monitoring DNS
ThousandEyes
 
Enterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best PracticesEnterprise Agents: Deployment Best Practices
Enterprise Agents: Deployment Best Practices
ThousandEyes
 
Enterprise and Wide Area Network Visibility
Enterprise and Wide Area Network VisibilityEnterprise and Wide Area Network Visibility
Enterprise and Wide Area Network Visibility
ThousandEyes
 
Endpoint Agent Part 1: End User Experience
Endpoint Agent Part 1: End User ExperienceEndpoint Agent Part 1: End User Experience
Endpoint Agent Part 1: End User Experience
ThousandEyes
 
Monitoring and Troubleshooting for Online Operations
Monitoring and Troubleshooting for Online OperationsMonitoring and Troubleshooting for Online Operations
Monitoring and Troubleshooting for Online Operations
ThousandEyes
 
Diagnosing Internet Outages
Diagnosing Internet OutagesDiagnosing Internet Outages
Diagnosing Internet Outages
ThousandEyes
 
Optimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online GloballyOptimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online Globally
ThousandEyes
 
Monitoring IPv6 Networks
Monitoring IPv6 NetworksMonitoring IPv6 Networks
Monitoring IPv6 Networks
ThousandEyes
 
Tips for Optimizing Web Performance
Tips for Optimizing Web PerformanceTips for Optimizing Web Performance
Tips for Optimizing Web Performance
ThousandEyes
 
FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...
FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...
FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...
ThousandEyes
 
Discover Network Insights with Reports
Discover Network Insights with ReportsDiscover Network Insights with Reports
Discover Network Insights with Reports
ThousandEyes
 
Getting Started with ThousandEyes
Getting Started with ThousandEyesGetting Started with ThousandEyes
Getting Started with ThousandEyes
ThousandEyes
 
ISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black BoxISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black Box
ThousandEyes
 
Monitoring for DNS Security
Monitoring for DNS SecurityMonitoring for DNS Security
Monitoring for DNS Security
ThousandEyes
 
Reverse Path Visibility with Agent-to-Agent Tests
Reverse Path Visibility with Agent-to-Agent TestsReverse Path Visibility with Agent-to-Agent Tests
Reverse Path Visibility with Agent-to-Agent Tests
ThousandEyes
 
Monitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint AgentMonitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint Agent
ThousandEyes
 
ThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your Network
ThousandEyes
 
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNowMeasuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
ThousandEyes
 
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet OutagesNANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
ThousandEyes
 
Optimizing AS Paths
Optimizing AS PathsOptimizing AS Paths
Optimizing AS Paths
ThousandEyes
 
Cisco IT and ThousandEyes
Cisco IT and ThousandEyesCisco IT and ThousandEyes
Cisco IT and ThousandEyes
ThousandEyes
 
ION Sri Lanka - Why Implement DNSSEC?
ION Sri Lanka - Why Implement DNSSEC?ION Sri Lanka - Why Implement DNSSEC?
ION Sri Lanka - Why Implement DNSSEC?
Deploy360 Programme (Internet Society)
 
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareSurviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Cloudflare
 
Reunião de pais 21032017 2 e 3 º anos
Reunião de pais 21032017 2 e 3 º anosReunião de pais 21032017 2 e 3 º anos
Reunião de pais 21032017 2 e 3 º anos
Alexandre Misturini
 
OpenZFS novel algorithms: snapshots, space allocation, RAID-Z - Matt Ahrens
OpenZFS novel algorithms: snapshots, space allocation, RAID-Z - Matt AhrensOpenZFS novel algorithms: snapshots, space allocation, RAID-Z - Matt Ahrens
OpenZFS novel algorithms: snapshots, space allocation, RAID-Z - Matt Ahrens
Matthew Ahrens
 

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Endpoint Agent Part 1: End User Experience
Endpoint Agent Part 1: End User ExperienceEndpoint Agent Part 1: End User Experience
Endpoint Agent Part 1: End User Experience
 
Monitoring and Troubleshooting for Online Operations
Monitoring and Troubleshooting for Online OperationsMonitoring and Troubleshooting for Online Operations
Monitoring and Troubleshooting for Online Operations
 
Diagnosing Internet Outages
Diagnosing Internet OutagesDiagnosing Internet Outages
Diagnosing Internet Outages
 
Optimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online GloballyOptimizing WAN to Deliver SharePoint Online Globally
Optimizing WAN to Deliver SharePoint Online Globally
 
Monitoring IPv6 Networks
Monitoring IPv6 NetworksMonitoring IPv6 Networks
Monitoring IPv6 Networks
 
Tips for Optimizing Web Performance
Tips for Optimizing Web PerformanceTips for Optimizing Web Performance
Tips for Optimizing Web Performance
 
FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...
FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...
FS-ISAC 2014 Troubleshooting Network Threats: DDoS Attacks, DNS Poisoning and...
 
Discover Network Insights with Reports
Discover Network Insights with ReportsDiscover Network Insights with Reports
Discover Network Insights with Reports
 
Getting Started with ThousandEyes
Getting Started with ThousandEyesGetting Started with ThousandEyes
Getting Started with ThousandEyes
 
ISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black BoxISP Connectivity Webinar: No Longer a Black Box
ISP Connectivity Webinar: No Longer a Black Box
 
Monitoring for DNS Security
Monitoring for DNS SecurityMonitoring for DNS Security
Monitoring for DNS Security
 
Reverse Path Visibility with Agent-to-Agent Tests
Reverse Path Visibility with Agent-to-Agent TestsReverse Path Visibility with Agent-to-Agent Tests
Reverse Path Visibility with Agent-to-Agent Tests
 
Monitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint AgentMonitoring End User Experience with Endpoint Agent
Monitoring End User Experience with Endpoint Agent
 
ThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your NetworkThousandEyes Alerting Essentials for Your Network
ThousandEyes Alerting Essentials for Your Network
 
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNowMeasuring and Troubleshooting Performance of Global Data Centers at ServiceNow
Measuring and Troubleshooting Performance of Global Data Centers at ServiceNow
 
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet OutagesNANOG 68: Decoding Performance Data from Large-Scale Internet Outages
NANOG 68: Decoding Performance Data from Large-Scale Internet Outages
 
Optimizing AS Paths
Optimizing AS PathsOptimizing AS Paths
Optimizing AS Paths
 
Cisco IT and ThousandEyes
Cisco IT and ThousandEyesCisco IT and ThousandEyes
Cisco IT and ThousandEyes
 
ION Sri Lanka - Why Implement DNSSEC?
ION Sri Lanka - Why Implement DNSSEC?ION Sri Lanka - Why Implement DNSSEC?
ION Sri Lanka - Why Implement DNSSEC?
 
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlareSurviving A DDoS Attack: Securing CDN Traffic at CloudFlare
Surviving A DDoS Attack: Securing CDN Traffic at CloudFlare
 

Andere mochten auch

Andere mochten auch (18)

Reunião de pais 21032017 2 e 3 º anos
Reunião de pais 21032017 2 e 3 º anosReunião de pais 21032017 2 e 3 º anos
Reunião de pais 21032017 2 e 3 º anos
 
OpenZFS novel algorithms: snapshots, space allocation, RAID-Z - Matt Ahrens
OpenZFS novel algorithms: snapshots, space allocation, RAID-Z - Matt AhrensOpenZFS novel algorithms: snapshots, space allocation, RAID-Z - Matt Ahrens
OpenZFS novel algorithms: snapshots, space allocation, RAID-Z - Matt Ahrens
 
презентація до відкритого уроку читання «Весна йде та йде» за Марко Вовчок, ...
презентація до відкритого уроку читання «Весна йде та йде» за Марко Вовчок, ...презентація до відкритого уроку читання «Весна йде та йде» за Марко Вовчок, ...
презентація до відкритого уроку читання «Весна йде та йде» за Марко Вовчок, ...
 
Film industry task 5
Film industry task 5Film industry task 5
Film industry task 5
 
Frederico garcia lorca definitiu ok
Frederico garcia lorca definitiu okFrederico garcia lorca definitiu ok
Frederico garcia lorca definitiu ok
 
Recursion
RecursionRecursion
Recursion
 
Video Editing Resume
Video Editing ResumeVideo Editing Resume
Video Editing Resume
 
Top Reasons to learn Digital Marketing
Top Reasons to learn Digital Marketing Top Reasons to learn Digital Marketing
Top Reasons to learn Digital Marketing
 
Audience feedback of my magazine SIMRAN KAUR
Audience feedback of my magazine SIMRAN KAURAudience feedback of my magazine SIMRAN KAUR
Audience feedback of my magazine SIMRAN KAUR
 
11plus workbook s
11plus workbook s11plus workbook s
11plus workbook s
 
конспект відкритого уроку читання «Весна йде та йде» за Марко Вовчок, «Прихо...
конспект відкритого уроку читання «Весна йде та йде» за Марко Вовчок, «Прихо...конспект відкритого уроку читання «Весна йде та йде» за Марко Вовчок, «Прихо...
конспект відкритого уроку читання «Весна йде та йде» за Марко Вовчок, «Прихо...
 
Introduction aux leçons
Introduction aux leçonsIntroduction aux leçons
Introduction aux leçons
 
Crowdfunding x Scholarship
Crowdfunding x ScholarshipCrowdfunding x Scholarship
Crowdfunding x Scholarship
 
Project tiger and wild life conservation in india
Project tiger and wild life conservation in indiaProject tiger and wild life conservation in india
Project tiger and wild life conservation in india
 
0394827198
03948271980394827198
0394827198
 
Präsentation Eingangsstufe GS Staakenweg
Präsentation Eingangsstufe GS StaakenwegPräsentation Eingangsstufe GS Staakenweg
Präsentation Eingangsstufe GS Staakenweg
 
Казка "Струмок"
Казка "Струмок"Казка "Струмок"
Казка "Струмок"
 
Mercadotecnia y Promoción de la Salud. Heberto Priego
Mercadotecnia y Promoción de la Salud. Heberto PriegoMercadotecnia y Promoción de la Salud. Heberto Priego
Mercadotecnia y Promoción de la Salud. Heberto Priego
 

Ähnlich wie Monitoring Network Performance in China

Kscope 14 Presentation : Virtual Data Platform
Kscope 14 Presentation : Virtual Data PlatformKscope 14 Presentation : Virtual Data Platform
Kscope 14 Presentation : Virtual Data Platform
Kyle Hailey
 
Data Virtualization: revolutionizing database cloning
Data Virtualization: revolutionizing database cloningData Virtualization: revolutionizing database cloning
Data Virtualization: revolutionizing database cloning
Kyle Hailey
 

Ähnlich wie Monitoring Network Performance in China (20)

HSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
HSB - Secure DNS en BGP ontwikkelingen - Benno OvereinderHSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
HSB - Secure DNS en BGP ontwikkelingen - Benno Overeinder
 
Fast 360 assessment sample report
Fast 360 assessment sample reportFast 360 assessment sample report
Fast 360 assessment sample report
 
Designing Modern Web Applications
Designing Modern Web ApplicationsDesigning Modern Web Applications
Designing Modern Web Applications
 
The DNS Tunneling Blindspot
The DNS Tunneling BlindspotThe DNS Tunneling Blindspot
The DNS Tunneling Blindspot
 
HDFS: Optimization, Stabilization and Supportability
HDFS: Optimization, Stabilization and SupportabilityHDFS: Optimization, Stabilization and Supportability
HDFS: Optimization, Stabilization and Supportability
 
Hdfs 2016-hadoop-summit-dublin-v1
Hdfs 2016-hadoop-summit-dublin-v1Hdfs 2016-hadoop-summit-dublin-v1
Hdfs 2016-hadoop-summit-dublin-v1
 
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS ServicesPLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
PLNOG15 :Scale and Secure the Internet of Things with Intelligent DNS Services
 
DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...
DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...
DNS – Strategies for Reducing Data Leakage & Protecting Online Privacy – Hack...
 
Cloud Services Powered by IBM SoftLayer and NetflixOSS
Cloud Services Powered by IBM SoftLayer and NetflixOSSCloud Services Powered by IBM SoftLayer and NetflixOSS
Cloud Services Powered by IBM SoftLayer and NetflixOSS
 
Lec13 cdn
Lec13 cdnLec13 cdn
Lec13 cdn
 
Kscope 14 Presentation : Virtual Data Platform
Kscope 14 Presentation : Virtual Data PlatformKscope 14 Presentation : Virtual Data Platform
Kscope 14 Presentation : Virtual Data Platform
 
ICANN 51: Name Collision
ICANN 51: Name CollisionICANN 51: Name Collision
ICANN 51: Name Collision
 
DNS - MCSE 2019
DNS - MCSE 2019DNS - MCSE 2019
DNS - MCSE 2019
 
New DNS Traffic Analysis Techniques to Identify Global Internet Threats
New DNS Traffic Analysis Techniques to Identify Global Internet ThreatsNew DNS Traffic Analysis Techniques to Identify Global Internet Threats
New DNS Traffic Analysis Techniques to Identify Global Internet Threats
 
CNIT 50: 1. Network Security Monitoring Rationale
CNIT 50: 1. Network Security Monitoring RationaleCNIT 50: 1. Network Security Monitoring Rationale
CNIT 50: 1. Network Security Monitoring Rationale
 
Finding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analyticsFinding the source of Ransomware - Wire data analytics
Finding the source of Ransomware - Wire data analytics
 
Slideshare 1
Slideshare 1Slideshare 1
Slideshare 1
 
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
DNSSEC Tutorial, by Champika Wijayatunga [APNIC 38]
 
SOHOpelessly Broken
SOHOpelessly BrokenSOHOpelessly Broken
SOHOpelessly Broken
 
Data Virtualization: revolutionizing database cloning
Data Virtualization: revolutionizing database cloningData Virtualization: revolutionizing database cloning
Data Virtualization: revolutionizing database cloning
 

Mehr von ThousandEyes

Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
ThousandEyes
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
ThousandEyes
 

Mehr von ThousandEyes (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024New ThousandEyes Product Features and Release Highlights: March 2024
New ThousandEyes Product Features and Release Highlights: March 2024
 
EMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? WebinarEMEA What is ThousandEyes? Webinar
EMEA What is ThousandEyes? Webinar
 
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedInOutage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
Outage Analysis: March 5th/6th 2024 Meta, Comcast, and LinkedIn
 
Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...
Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...
Assure Patient and Clinician Digital Experiences with ThousandEyes for Health...
 
AMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes WebinarAMER Introduction to ThousandEyes Webinar
AMER Introduction to ThousandEyes Webinar
 
New ThousandEyes Product Features and Release Highlights: February 2024
New ThousandEyes Product Features and Release Highlights: February 2024New ThousandEyes Product Features and Release Highlights: February 2024
New ThousandEyes Product Features and Release Highlights: February 2024
 
The Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and TakeawaysThe Top Outages of 2023: Analyses and Takeaways
The Top Outages of 2023: Analyses and Takeaways
 
Enhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for PartnersEnhancing SaaS Performance: A Hands-on Workshop for Partners
Enhancing SaaS Performance: A Hands-on Workshop for Partners
 
The Top Outages of 2023: Analysis and Takeaways
The Top Outages of 2023: Analysis and TakeawaysThe Top Outages of 2023: Analysis and Takeaways
The Top Outages of 2023: Analysis and Takeaways
 
The Top Outages of 2023: Analysis and Takeaways
The Top Outages of 2023: Analysis and TakeawaysThe Top Outages of 2023: Analysis and Takeaways
The Top Outages of 2023: Analysis and Takeaways
 
ThousandEyes Enterprise Digital Workshop - Spanish
ThousandEyes Enterprise Digital Workshop - SpanishThousandEyes Enterprise Digital Workshop - Spanish
ThousandEyes Enterprise Digital Workshop - Spanish
 
ThousandEyes Enterprise Digital Workshop - German
ThousandEyes Enterprise Digital Workshop - GermanThousandEyes Enterprise Digital Workshop - German
ThousandEyes Enterprise Digital Workshop - German
 
ThousandEyes Enterprise Digital Workshop
ThousandEyes Enterprise Digital WorkshopThousandEyes Enterprise Digital Workshop
ThousandEyes Enterprise Digital Workshop
 

Kürzlich hochgeladen

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 

Kürzlich hochgeladen (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 

Monitoring Network Performance in China

  • 1.
  • 2. 2 About ThousandEyes ThousandEyes delivers visibility into every network your organization relies on. Founded by network experts; strong investor backing Relied on for " critical operations by leading enterprises Recognized as " an innovative " new approach 31 Fortune 500 5 top 5 SaaS Companies 4 top 6 US Banks
  • 3. 3 •  High latency and packet loss are common •  10 backbone access points (i.e., “choke points”) •  2 dominant, government-controlled ISPs: China Unicom (North), China Telecom (South) –  Underdeveloped and congested –  Few peering points in between •  Highly sophisticated censorship system –  Great Firewall –  Great Cannon A Different Internet in China
  • 4. 4 •  IP blocking –  Routers drop all packets going to blacklisted IP addresses –  Lightweight •  DNS tampering –  Cache poisoning –  Keyword-based hijacking The Great Firewall
  • 5. 5 •  Deep packet inspection and keyword filtering –  Resource-intensive The Great Firewall Read more: https://blog.thousandeyes.com/deconstructing-great-firewall-china/
  • 6. 6 •  Set up Network tests to benchmark performance metrics like latency and packet loss •  Expect: –  Higher latency and loss •  Especially for traffic crossing into or out of China –  Changing conditions due to censorship and diurnal patterns Baseline Network Performance Read more: https://blog.thousandeyes.com/benchmarking-network-performance-china/
  • 7. 7 Higher loss and latency from China Clear diurnal patterns in outbound traffic Use Reports to Benchmark Performance
  • 8. 8 Compare HK with geographically close locations in China: Foshan, Zhuhai, Guangzhou Performance differences can then be attributed to crossing the Great Firewall Use Hong Kong for Comparison
  • 9. 9 •  DNS packets often go missing –  Frequently congested, unreliable networks –  DNS poisoning and hijacking •  Cloud Agents in China use local ISP caches •  Use DNS Server and Trace tests and alerts to check if records: –  Are always available –  Have the correct mappings –  Are served up quickly DNS Issues Read more: https://blog.thousandeyes.com/monitoring-application-delivery-china/
  • 10. 10 DNS lookup of “dns- plx.ewr1.nytimes.com” returns incorrect mappings to blocked IPs of services including Facebook, Dropbox Tests to these blocked IPs are then blocked in China Telecom and China Unicom DNS Server Test: NYTimes.com A record
  • 11. 11 DNS lookup of “ns1.p24.dynect.net” returns correct mapping, suggesting DNS tampering on NYTimes nameserver’s A record Test traffic from China makes it through to the Dyn nameserver Evidence of DNS Tampering
  • 12. 12 Lookup of NYTimes.com A record returns incorrect mappings to blocked IPs Impossibly low resolution times suggest DNS cache poisoning Evidence of DNS Cache Poisoning
  • 13. 13 •  Page objects with blocked keywords or domains may fail to load and slow down page load times •  Watch out for: –  Google: fonts, APIs, ads, Google Analytics –  Facebook –  Adobe Typekit –  Marketo •  Use the waterfall in Page Load and Transaction tests to monitor for objects that fail to load Blocked Page Components Read more: https://blog.thousandeyes.com/monitoring-application-delivery-china/
  • 14. 14 Objects from blocked sites Facebook and Google have long wait times and fail to load Page Load Test: Starbucks US from China
  • 15. 15 China-optimized webpage sees much lower object load times Still room for improvement: Google object has long DNS time Page Load Test: Starbucks China from China
  • 16. 16 •  Scope alerts to China agents and recalibrate thresholds •  Consider ISP- specific Path Trace alerts Alerting Read more: https://blog.thousandeyes.com/monitoring-application-delivery-china/
  • 17. 17 q Adjust your expectations and alerts based on Network test data q Use Reports to analyze data by country q Also benchmark: q  CDN providers q  Data center/colocation providers q Continuously monitor important services in China’s volatile environment Best Practices for Monitoring in China q Understand the difficulties unique to the Chinese Internet and adjust your monitoring strategy accordingly q 2 ISPs with few peering points q  Underdeveloped and congested q Only 10 access points q Stringent censorship q  DNS poisoning and hijacking q  Blocked page objects
  • 18. 18 See what you’re missing. Watch the webinar: https://www.thousandeyes.com/resources/network-performance-in-china-webinar