Distributed Network Analysis Using TOPAS and Wireshark

Author

Münz, Gerhard ; Carle, Georg

Author_Institution

Wilhelm Schickard Inst. for Comput. Sci., Univ. of Tuebingen, Tubingen

fYear

2008

fDate

7-11 April 2008

Firstpage

161

Lastpage

164

Abstract

Distributed network analysis deals with the inspection of traffic observed at various locations in the network. The conventional approach is to deploy a full-fledged network analyzer at every observation point, which allows exhaustive examinations, but at the same time is a very costly solution. In this paper, we present an alternative approach using packet data exported by PSAMP and Flexible Netflow devices, such as routers, switches, and monitoring probes. Exported packet records are received by the real-time network analysis framework TOPAS and examined by the open-source network analyzer Wireshark. Monitoring devices are configured with a Monitor Manager in order to export only data needed to achieve the analysis goal. Apart from an architectural description, this paper contains the results of experimental performance evaluations and a discussion on the advantages and limitations of our approach.

Keywords

computer network management; monitoring; public domain software; telecommunication computing; telecommunication traffic; Flexible Netflow devices; PSAMP devices; TOPAS framework; Wireshark open-source network analyzer; distributed network analysis; monitor manager; traffic inspection; Computerized monitoring; Condition monitoring; Inspection; Packet switching; Performance analysis; Probes; Protocols; Remote monitoring; Switches; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Network Operations and Management Symposium Workshops, 2008. NOMS Workshops 2008. IEEE

Conference_Location

Salvador da Bahia

Print_ISBN

978-1-4244-2067-4

Type

conf

DOI

10.1109/NOMSW.2007.27

Filename

4509943