 |
2.2 Non-Router Based Techniques
Although non-router based techniques are still limited in there abilities they do offer more flexibility than the router based
techniques. These techniques are classified as either active or passive.
2.2.1 Active Monitoring
Active monitoring [Active06] transmits probes into the network to collect measurements between at least two endpoints in the
network. Active measurement systems deal with metrics such as:
Availability
Routes
Packet Delay
Packet Reordering
Packet Loss
Packet Inter-arrival Jitter
Bandwidth Measurements (Capacity, Achievable Throughputs)
Commonly used tools such as ping, which measures delay and loss of packets, and traceroute which helps determine topology of
the network, are examples of basic active measurement tools. They both send ICMP packets (probes) to a designated host and wait
for the host to respond back to the sender. Figure 4 is an example of the ping command that uses active measurements by sending
an Echo Request from the source host through the network to a specified destination. The destination then sends an Echo Response
back to the source it received the request from.
Figure 4: ICMP ping command (Active Measurement)
Not only can a person collect the metrics above from active measurements, one can also determine the network topology. Another
common example of an active measurement tool is iperf. Iperf is a tool that measures TCP and UDP bandwidth performance. It
reports bandwidth, delay jitter, and loss.
The problem that exists with active monitoring is that introducing probes into the network can be an interference to the normal
traffic on the network. [UnivPenn02] Often times the active probes are treated differently than normal traffic as well, which causes
the validity of the information provided from these probes to be questioned.
As a result of the information detailed above, active monitoring is very rarely implemented as a stand-alone method of monitoring
as a good deal of overhead is introduced. On the other hand passive monitoring does not introduce much if any overhead into the
network.
|
Post a Comment