TY - GEN
T1 - Characterizing VLAN-induced sharing in a campus network
AU - Tariq, Mukarram Bin
AU - Mansy, Ahmed
AU - Feamster, Nick
AU - Ammar, Mostafa
PY - 2009
Y1 - 2009
N2 - Many enterprise, campus, and data-center networks have complex layer-2 virtual LANs ("VLANs") below the IP layer. The interaction between layer-2 and IP topologies in these VLANs introduces hidden dependencies between IP level network and the physical infrastructure that has implications for network management tasks such as planning for capacity or reliability, and for fault diagnosis. This paper characterizes the extent and effect of these dependencies in a large campus network. We first present the design and implementation of EtherTrace, a tool that we make publicly available, which infers the layer-2 topology using data passively collected from Ethernet switches. Using this tool, we infer the layer-2 topology for a large campus network and compare it with the IP topology. We find that almost 70% of layer-2 edges are shared by 10 or more IP edges, and a single layer-2 edge may be shared by as many as 34 different IP edges. This sharing of layer-2 edges and switches among IP paths commonly results from trunking multiple VLANs to the same access router, or from colocation of academic departments that share layer-2 infrastructure, but have logically separate IP subnet and routers. We examine how this sharing affects the accuracy and specificity of fault diagnosis. For example, applying network tomography to the IP topology to diagnose failures caused by layer-2 devices results in only 54% accuracy, compared to 100% accuracy when our tomography algorithm takes input across layers.
AB - Many enterprise, campus, and data-center networks have complex layer-2 virtual LANs ("VLANs") below the IP layer. The interaction between layer-2 and IP topologies in these VLANs introduces hidden dependencies between IP level network and the physical infrastructure that has implications for network management tasks such as planning for capacity or reliability, and for fault diagnosis. This paper characterizes the extent and effect of these dependencies in a large campus network. We first present the design and implementation of EtherTrace, a tool that we make publicly available, which infers the layer-2 topology using data passively collected from Ethernet switches. Using this tool, we infer the layer-2 topology for a large campus network and compare it with the IP topology. We find that almost 70% of layer-2 edges are shared by 10 or more IP edges, and a single layer-2 edge may be shared by as many as 34 different IP edges. This sharing of layer-2 edges and switches among IP paths commonly results from trunking multiple VLANs to the same access router, or from colocation of academic departments that share layer-2 infrastructure, but have logically separate IP subnet and routers. We examine how this sharing affects the accuracy and specificity of fault diagnosis. For example, applying network tomography to the IP topology to diagnose failures caused by layer-2 devices results in only 54% accuracy, compared to 100% accuracy when our tomography algorithm takes input across layers.
KW - Network diagnosis
KW - Network virtualization
KW - Vlan
KW - Vlan-induced dependency
UR - http://www.scopus.com/inward/record.url?scp=84877741892&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84877741892&partnerID=8YFLogxK
U2 - 10.1145/1644893.1644907
DO - 10.1145/1644893.1644907
M3 - Conference contribution
AN - SCOPUS:84877741892
SN - 9781605587707
T3 - Proceedings of the ACM SIGCOMM Internet Measurement Conference, IMC
SP - 116
EP - 121
BT - IMC 2009 - Proceedings of the 2009 ACM SIGCOMM Internet Measurement Conference
T2 - 2009 9th ACM SIGCOMM Internet Measurement Conference, IMC 2009
Y2 - 4 November 2009 through 6 November 2009
ER -