The Internet speaks its own language.

If you know how to listen to this language, it can reveal some surprising secrets.

Every so often, these secrets get publicly disclosed – a news item appearing in your daily feed, talking about Company X, whose service was offline for some period of time.

While we’ve become used to hearing about Denial of Service attacks, occasionally we’ll hear about a software bug or a configuration error that caused such an outage. Sometimes we’ll hear about trench-cutting going through fiber duct and the resulting chaos. Sometimes an entire country disappears!

What is this language and how can we listen to it?

The language is called ‘Border Gateway Protocol‘ (BGP).

BGP is spoken by all of the routers that form the Internet. Tools are available that can help you listen to the Internet as it ‘breathes’.

An event such as an equipment failure or a fiber cut, results in a change in the network. That change is signalled to the rest of the Internet. The update ripples its way across the Internet, just like a pebble being dropped in a pond. With tools akin to seismographs, we can watch the wave-fronts as the signal makes its way around the world.

The Internet is very much ‘alive’ with millions of events occurring every day.

We want to be able to look into the noise and extract the signal.

Using PNDA in combination with SNAS.io (formerly known as OpenBMP), we’re able to ask questions about the stability of Internet, the consistency of paths through the Internet, the frequency of changes and how such behaviors are changing over time.

bgp-app-arch_snas

BGP Deep Analytics application block diagram.

SNAS.io captures BGP events from routers configured to send BGP Monitoring Protocol (BMP) messages. SNAS.io then pushes the recorded event via Logstash to PNDA over a Kafka interface. PNDA’s HDFS provides the ability to record large quantities of historic event data. A Spark-based application creates the queries that are executed on the data, extracting the ‘signal’ from the noise. Results are then stored in PNDA’s HBase component and exposed via a REST API. Users are able to use a Web UI to visualise the results.

2017-02-18-02-09-25-pm

OpenBMP Deep Analytics – BGP AS connectivity plot.

2017-02-18-02-10-03-pm

BGP Deep Analytics – AS Path history comparison plot.

The secret life of the Internet is now being revealed.

2017-03-22 01.58.29 pm

Click on the image above to watch the video or follow this link –
https://youtu.be/3jb7fEgPzgA

Learn more about SNAS.io at http://www.snas.io/.

Read the recent Linux Foundation project announcement by following this link.

Advertisements

One thought on “BGP analytics with PNDA.io and SNAS.io

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s