Document Sample
					Project deliverable                          CELTIC TRAMMS



Identifier:                   Deliverable D4.2
Class:                        Report
Version:                      V06
Version Date:                 24/06/2009
Distribution:                 Public
Responsible Partner:

D4.2 - Broadband bottleneck analysis and capacity planning   Public   1 (64)
Project deliverable                                               CELTIC TRAMMS

                                                      TABLE OF CONTENTS

ACRONYMS ..................................................................................................................................3
   1.1.   NETWORK INFRASTRUCTURE AND AVAILABLE TOOLS .................................8
     1.1.1.      Core and transit network capacity planning............................................................................ 8
     1.1.2.      Access network capacity planning.......................................................................................... 8
     1.1.3.      Application-layer capacity planning ........................................................................................ 8
   1.2.       ANALYTICAL TOOLS .................................................................................................9
     1.2.1.      Simulation tools....................................................................................................................... 9
           MATE (Cariden) ............................................................................................9
           SP Guru Network Planner (OPNET) .......................................................13
           Traffic Explorer (Packet Design) ..............................................................17
           Design Expert (Netformx)..........................................................................21
           IP/MPLSView (Wandl) ...............................................................................23
           NetScope (TurboSoft) ................................................................................25
     1.2.2.      Emulation tools ..................................................................................................................... 28   Network emulation......................................................................................28 GEM (Spirent).............................................................................................28 Shunra Virtual Enterprise (Shunra).........................................................32   Access Network emulation........................................................................37 DSL (Spirent) ..............................................................................................37   Application-level traffic emulation ............................................................41 Avalanche (Spirent) ..................................................................................41 Network Tester (Agilent) ...........................................................................47
2.      TRAMMMS Testbed for bottleneck analysis: Experimental set up .................................52
   2.1.   Network setup and requirements for experimental work ..............................................52
     2.1.1.      Testbeds for simulated traffic analysis ................................................................................. 52
     2.1.2.      Testbeds for field traffic analysis .......................................................................................... 54
   2.2.       Tools developed for TRAMMS ....................................................................................56
     2.2.1.      Netauditor ............................................................................................................................. 56
     2.2.2.      BGP probe ............................................................................................................................ 58
     2.2.3.      One Way Delay measurements based on GPS synchronization ......................................... 60
     2.2.4.      Bandwidth Available in Real Time (BART) ........................................................................... 61

D4.2 - Broadband bottleneck analysis and capacity planning                                       Public                           2 (64)
Project deliverable                               CELTIC TRAMMS

ADSL         Asymmetric Digital Subscriber Line
API          Application Programming Interface
AS           Autonomous System
ATM          Asynchronous Transfer Mode
BER          Bit Error Rate
BGP          Border Gateway Protocol
BPON         Broadband Passive Optical Network
CCC          Circuit Cross Connect
CIDR         Classless Inter-Domain Routing
CIFS         Common Internet File System
CoS          Class of Service
CPD          Customer Premises Equipment
CRC          Cyclic Redundancy Check
CRM          Customer Relationship Management
CSPF         Constrained Shortest Path First
CSV          Certified Server Validation
DDoS         Distributed Denial of Service
DHCP         Dynamic Host Configuration Protocol
Diffserv     Differentiated Services
DSCP         Differentiated Services Code Point
DSL          Digital Subscriber Line
DUT          Device Under Test
ECMP         Equal-Cost Multi-Path
EIGRP        Enhanced Interior Gateway Routing Protocol
EPON         Ethernet Passive Optical Network
ERP          Enterprise Resource Planning
FPGA         Field Programmable Gate Array
FRR          Fast ReRoute
FTP          File Transfer Protocol
GbE          Gigabit Ethernet
Gbps         Gigabit per second
GFP          Generic Framing Procedure
GPON         Gigabit Passive Optical Network
GUI          Graphical User Interface
HPC          High Performance Computing
HSRP         Hot Standby Router Protocol
HTML         HyperText Markup Language
HTTP         HyperText Transfer Protocol
HTTP         HyperText Transfer Protocol

D4.2 - Broadband bottleneck analysis and capacity planning        Public   3 (64)
Project deliverable                               CELTIC TRAMMS

HTTPS        HyperText Transfer Protocol Secure
ICMP         Internet Control Message Protocol
IDS / IPS    Intrusion Detection System / Intrusion Prevention System
IGMP         Internet Group Management Protocol
IGP          Interior Gateway Protocol
IGRP         Interior Gateway Routing Protocol
ILM          Interim Local Management
IM           Instant Messaging
IP           Internet Protocol
IPSec        Internet Protocol Security
IPTV         Internet Protocol Television
IPv4, IPv6   Internet Protocol version 4, and 6 respectively
IS-IS        Intermediate System to Intermediate System
iWARP        Internet Wide Arear RDMA Protocol
LAN          Local Area Network
LCAS         Link Capacity Adjustment Scheme
LDP          Label Distribution Protocol
LLQ          Low Latency Queuing
LSP          Label Switched Path
MAC          Media Access Control
Mbps         Megabit per second
MDI          Media Delivery Index
MGCP         Media Gateway Control Protocol
MNS          Microsoft Network System
MOS          Mean Opinion Score
MPEG         Moving Picture Experts Group
MPLS         MultiProtocol Label Switching
NFS          Network File System
NNTP         Network News Transfer Protocol
OSI          Open System Interconnection
OSPF         Open Shortest Path First
OSPF-TE      Open Shortest Path First – Traffic Engineering
OTN          Optical Transport Network
P2P          Peer-to-Peer
PCAP         Packet CAPture
PIM-DM       Protocol Independent Multicast – Dense Mode
PIM-SM       Protocol Independent Multicast – Sparce Mode
PIM-SSM      Protocol Independent Multicast – Source Specific Multicast
PNNI         Private Network-to-Network Interface
PON          Passive Optical Network
POP3         Post Office Protocol version 3

D4.2 - Broadband bottleneck analysis and capacity planning                Public   4 (64)
Project deliverable                               CELTIC TRAMMS

PVP          Permanent Virtual Path
QoS          Quality of Service
RIP          Routing Information Protocol
RIPng        Routing Information Protocol next generation
RSVP         Resource ReSerVation Protocol
RTP          Real-time Transport Protocol
RTSP         Real-time Streaming Protocol
SDH          Synchronous Digital Hierarchy
SFP          Small Form Factor Pluggable
SHDSL        Single-pair High-speed Digital Subscriber Line
SIP          Session Initiation Protocol
SLA          Service Level Agreement
SNMP         Simple Network Management Protocol
SOA          Service Oriented Application
SOAP         Simple Object Access Protocol
SONET        Synchronous Optical Network
SPF          Shortest Path First
SPT          Shortest Path Tree
SRLG         Shared-Risk Link Group
SSH          Secure SHell
SSL          Secure Socket Layer
STP          Spanning Tree Protocol
TCL          Tool Command Language
TCP          Transmission Control Protocol
TDM          Time-Division Multiplexing
TLS          Transparent LAN Services
ToS          Type of Service
UDP          User Datagram Protocol
URL          Uniform Resource Locator
VDSL         Very high bit-rate Digital Subscriber Line
VCAT         Virtual conCATenation
VLAN         Virtual Local Area Network
VNC          Virtual Network Computing
VNE          Virtual Network Environment
VNN          Virtual Network Navigator
VoD          Video on Demand
VoIP         Voice on IP
VPL          Virtual Private LAN
VPLS         Virtual Private LAN Service
VPN          Virtual Private Network
VRRP         Virtual Router Redundancy Protocol

D4.2 - Broadband bottleneck analysis and capacity planning        Public   5 (64)
Project deliverable                            CELTIC TRAMMS

WAN          Wide Area Network
WFQ          Weighted Fair Queuing
XFP          10 Gigabit Small Form Factor Pluggable
XML          Extensive Markup Language

D4.2 - Broadband bottleneck analysis and capacity planning     Public   6 (64)
Project deliverable                             CELTIC TRAMMS

                                  EXECUTIVE SUMMARY

        Capacity planning is the science of estimating the resources of a network (space,
computer hardware, software and connection infrastructure resources) that will be needed over
some future period of time. A typical capacity concern is whether resources will be able to
handle an increasing number of requests as either the number of users or interactions increase
or if the infrastructure is able to cope with the requirements in terms of packet-loss, latency and
jitter of the services (VoIP, IPTV, etc.) traversing it. Capacity planning tools help users meet the
anticipated need for adding new capacity just-in-time to avoid having unused resources for long
periods of time and/or for QoS network policies redefinition in order to guarantee network SLAs
in parallel with traffic growth and new services deployment. Having a look at the importance of
the capacity planning tools, this documents analyses in depth the behavior of these tools
divided into different groups:
    •   Simulation tools
    •   Emulation tools
            o   Network emulation
            o   Access network emulation
            o   Application-level traffic emulation

       Moreover, the document describes the testbeds for bottleneck analysis showing the
difference between testbeds for simulated traffic analysis and testbeds for field traffic analysis.

    And finally, the document details the fundamental aspects of the tools developed for
    •   Netauditor
    •   BGP probe
    •   One Way Delay measurements based on GPS synchronization
    •   Bandwidth Available in Real Time (BART)

D4.2 - Broadband bottleneck analysis and capacity planning           Public                 7 (64)
Project deliverable                             CELTIC TRAMMS


        Capacity planning is the science of estimating the resources of a network (space,
  computer hardware, software and connection infrastructure resources) that will be needed
  over some future period of time. A typical capacity concern is whether resources will be able
  to handle an increasing number of requests as either the number of users or interactions
  increase or if the infrastructure is able to cope with the requirements in terms of packet-loss,
  latency and jitter of the services (VoIP, IPTV, etc.) traversing it. Capacity planning tools help
  users meet the anticipated need for adding new capacity just-in-time to avoid having unused
  resources for long periods of time and/or for QoS network policies redefinition in order to
  guarantee network SLAs in parallel with traffic growth and new services deployment.

         The capacity planning can be separated into three main groups:

            1.1.1.       Core and transit network capacity planning

        The core and transit capacity planning focuses on the lower layers (1-3) of the OSI
model applied to the core and transit networks. These tools allow the definition of scenarios
based on different topologies, routing protocols configurations, load level of the links, protection
strategies, etc.

         In order to perform these analyses, two different types of tools can be considered. The
first ones, the simulation tools, allow the collection of the actual network information and
import of the data to the tool. This way, the collected information can be used as a starting point
to perform different simulations. Using these type of tools, users can come up with a plan for
handling different ‘what if’ scenarios, changing the parameters of diverse protocols, QoS
policies configuration, simulating the failure of a link or node, etc. These applications contribute
to optimize core and transit network design to address per CoS SLA guarantee in terms of
availability, packet-loss, latency, jitter, etc., both under normal circumstances and after a
network failure.

       On the other hand, network emulation tools also work on lower OSI layers, allowing
the emulation of diverse impairments (latency, jitter, packet loss…) that can be present in a
network. This way, users are able to verify the behaviour of any service traversing the emulated
network, which could recreate a real-world network where the service will be deployed.

            1.1.2.       Access network capacity planning

        Conversely to core and network capacity planning tools, there are no specific access
network simulation tools that recreate the behaviour of a GPON FTTH network or DOCSIS
based cable network, for instance. In the access network, the focus is on network emulation
tools that exclusively work on the physical layer (the first layer of the OSI model) of point to
point access network like xDSL networks (VDSL2, ADSL2+, etc.). These tools emulate
impairments related to copper lines, such as crosstalk or white noise. No network emulation
tools have been developed for multiaccess access networks like Wimax, DOCSIS, GPON, etc.

            1.1.3.       Application-layer capacity planning

        Application-level capacity planning takes into account the higher layers (4-7) of the
OSI model, so traffic will be analyzed up to the application level. The tools that perform this type
of analysis allow the user to perform simulations recreating different application traffic such as

D4.2 - Broadband bottleneck analysis and capacity planning           Public                 8 (64)
Project deliverable                           CELTIC TRAMMS

real-time voice, video, data, P2P traffic, DDoS atacks, etc., in order to asses how a network or
device is able to handle different applications under different load scenarios.

        The deep packet inspection, as a technology that is able to inspect and take actions
based on the content of the packet (up to the application level) can be used to predict and solve
bottleneck issues. For example, it may be possible to predict the type and amount of traffic
within a small period of time and correlate the traffic conditions with the bottlenecks of the
network. The subscriber and aggregated traffic are been currently studied in the Work Package
3 of this project, monitoring the traffic with the Packet Logic system from Procera Networks.
PacketLogic is a state-of-the-art deep packet inspection (DPI) solution that offers an extensive
feature-richness in the software modules LiveView, Filtering, Traffic Shaping, Statistics and
WebStatistics. Procera, Narus, and Ellacoya are front-runners in development of this
technology, having placed equipment throughout the world.

       On the other hand, the increasing threats such as viruses, worms and spyware that can
overload a network and cause bottlenecks can be detected using deep packet inspection.

        1.2.    ANALYTICAL TOOLS

            1.2.1.      Simulation tools

               MATE (Cariden)

         The MATE framework, inside Cariden’s capacity planning and traffic engineering
  products, provides a process for gathering and accessing data, visualizing the network,
  demand estimation, interacting with simulations and optimizations, and creating reports and
  action plans.

Packages and modules:

MATE is packaged into network-specific packages with specialized modules:
    •   The IGP Simulation Package
    •   The IGP Metric Optimization Package
    •   The MPLS Simulation Package
    •   The Explicit Routing Optimization Package
    •   The Demand Deduction Module
    •   The BGP Simulation Module
    •   The Capacity Analysis Module
    •   The Network Interface

                Data collection / exportation

         MATE Network Interface enables to gather network topology information. Netflow
  collectors (e.g. Arbor, Adlex) can be used to build the traffic matrices.

                User Interface

        MATE offers a graphical view of network topology and traffic. It allows an interactive
  design work. Through the graphical view of the tool, the user can change the topology of the
  network and the link properties.

D4.2 - Broadband bottleneck analysis and capacity planning         Public                9 (64)
Project deliverable                           CELTIC TRAMMS

       The tool provides topology views and near real-time traffic reports that can be
  accessed via web browser.

                                  Figure 1:    MATE’s user interface.

                Analysis and simulation

        Cariden’s MATE is a capacity planning tool useful to determine capacity bottlenecks,
  explore ‘what-if’ scenarios, evaluate additional links and nodes, analyze layer 1 vs. layer 3
  protection, determine whether peering links are sufficient to withstand failures, examine effect
  of IGP changes on peer and customer traffic, perform a single-provider multiple-AS analysis
  and traffic engineering, determine IGP metrics to balance traffic (evaluating weekly, when
  topology changes or after disastrous failures), diagnose severity of failures…

        Starting with the features of the different modules, the IGP Simulation Package lets the
  user perform simulations under normal conditions or under failures (differentiating, if the user
  wants, the classes of service). In these simulations, several changes can be made as, for
  instance, the failure of single nodes, SRLGs or single circuits. It can also simulate multiple
  bandwidth levels fixing, for example, multiple times of day. The IGP used can be either OSPF
  or IS-IS. In addition, the tool can be configured to be Diffserv aware, and it also supports

       Demands Deduction Module estimates the point-to-point demands between specific
  nodes based on link utilization measurements, total node in/out traffic and measured
  demands (e.g. Netflow or Juniper DCU).

        MATE’s Network Interface allows the SNMP access to the network (no router features
  or configurations are required). For the network discovery, OSPF and IS-IS routing tables are
  used. The process consists of querying routers for more information and taking a snapshot of
  the actual traffic levels (including BGP session).

        The MPLS Simulation Package simulates MPLS network under normal conditions or
  adding different failures (failure sets, bandwidth levels and other parameters can be fixed).
  This package supports two versions of MPLS tunnel routing:
        Dynamic tunnel routing using CSPF
        Explicit tunnel routing using primary, and optionally secondary, paths
         Using this package, the user can perform real IP MPLS simulations.

D4.2 - Broadband bottleneck analysis and capacity planning          Public                10 (64)
  Project deliverable                             CELTIC TRAMMS

            With the BGP Simulation Module, network nodes may be defined to belong to different
     ASes and the IP Simulation tool will simulate BGP routing between these ASes. Collapsed
     ASes allow simulation of traffic to and from them with unknown topology (for example, peers,
     transit ASes and customers). This module’s failover matrices specify explicitly the behaviour
     of the traffic failing over between border circuits to or from collapsed ASes, when topology
     information is not sufficient for a complete BGP simulation.

            The Metric Optimization Package
     is based on the traffic engineering for
     pure IP networks. This package shows
     latency policies and is used to optimize
     the metrics for normal or failure
     operations. It offers an automated
     calculation of IGP metrics to meet
     objectives (QoS, latency bounds, etc.).
     The aim is to minimize the maximum
     worst-case     link   utilization and/or
     minimize the number of links with normal
     or failure utilization above a certain
     percentage. With a right usage of the
     package, SPF metrics can be optimized
     within 80-95% of the theoretical
           It is also useful in MPLS network to
     optimize routing in LDP network and
     improve routing in Dynamic/CSPF MPLS
                                                           Figure 2: Metric optimization settings

       Figure 3: Worst-case link utilization,
Before optimization (latency based metrics)         After optimization (15 out of 100 metrics changed)

  D4.2 - Broadband bottleneck analysis and capacity planning          Public                   11 (64)
Project deliverable                             CELTIC TRAMMS

        The Explicit Routing Optimization Package allows the calculation of MPLS explicit
  paths (primary, and optionally, secondary paths). As the previous module, the objective is to
  minimize the maximum worst-case link utilization and/or minimize the number of links with
  normal or failure utilization above a certain percentage, but unlike the Metric Optimization
  Package, it has another objective that is to maximize disjointness with the corresponding
  primary path. So, with this package, the explicit routing can be optimized within the 90-95%
  of the theoretical efficiency. This application is useful for optimize explicit paths based on
  actual IP traffic and routing, not just LSP bandwidths.

         The Capacity Analysis Module is
  used to calculate optimal, protocol-
  independent routing in a network in
  normal operations or failure conditions
  (including multi-commodity-flow routing).
         So the usage of this module turns
  around the identification of bottlenecks.
  The selection of the network whose
  capacities must constrain the network
  traffic provides guidance in capacity
  planning. It also gives an indication of
  how close any given real routing
  simulation can approach the maximum
  efficiency in the network.                           Figure 4: Bottleneck analysis. As the image
                                                              shows, links of the net are coloured in a
                                                             different ways depending on the usage of
                                                                              each link.

                Reports and alerts

         The reporting functionality of the tools collects the information about network general
  information (topology, bandwidth and demands summary), usage (simulation summary, and
  circuit and interface utilization results in normal and worst cases), demands (demand
  statistics including QoS and routing) and tunnels (tunnel statistics of routing, traffic, failures,
  etc.). These reports can also be accessed by the web browser showing a general view of
  management, operations (monitoring traffic anomalies) and capacity planning (reporting
  developing trends).

      Figure 5: WAN latency metrics

D4.2 - Broadband bottleneck analysis and capacity planning            Public                  12 (64)
Project deliverable                           CELTIC TRAMMS

                SP Guru Network Planner (OPNET)

        OPNET's SP Guru Network Planner is a software product to model Layer 2/3
  networks, including routers, switches, firewalls, protocols, and traffic demands. This tool
  supports “what if” analysis such as survivability, capacity planning and traffic engineering.

Packages and modules:
          SP Guru Network Planner is an OPNET solution for capacity planning. To
  complement the tool, there are some other solutions (independent but with the possibility to
  join each other) depending on user needs. Some of the mentioned solutions are listed below:

        SP Sentinel         SP Sentinel is a software appliance for ensuring network integrity,
        security and policy-compliance. It performs systematic configuration audits, analyzing
        an up-to-date model of the production network to diagnose device misconfigurations,
        policy violations, inefficiencies and security gaps.

        SP Guru Transport Planner         This tool is a network planning solution that enables
        service providers and network equipment manufacturers to design resilient optical and
        SDH/SONET networks. It has a multi-layered network presentation, broad technology
        support, and cutting edge optimization and design capabilities.

        OPNET nCompass for Service Providers                   This tool provides a graphical
        visualization of large, heterogeneous production networks, including devices, their
        interconnectivity, traffic and status. nCompass for Service Providers unifies data from a
        wide range of network management tools, providing views for navigation and analysis.
        nCompass for Service Providers’s geographical network dashboard is dynamically
        updated with real-time operational information. Third-party tools and programmed
        scripts can be launched from its console for deeper drill-down and assisted

                Data collection / exportation

         SP Guru Network Planner can create a virtual network environment in different ways:
                Manual creation
                Partial automation
                Full automation
        The manual creation is useful especially for small scale networks as well as for
  incremental changes to topology.
        The partial automation imports the data from multiple sources (using eXpress Data
  Import, XDI). It constructs the virtual network using the configuration files.
         And the last one, the full automation, means that the whole network information can be
  collected by the network manager tools (VNE Server, for example, gathers data from a
  variety of sources and communicates with SP Guru Network Planner across network) and the
  collected information can be imported to the SP Guru Network to Planner.

                User Interface
       The tool provides a network virtual environment to study the network’s behaviour by
  means of a graphical view.

D4.2 - Broadband bottleneck analysis and capacity planning         Public                13 (64)
Project deliverable                                   CELTIC TRAMMS

                                                                  The tool shows routes between
                                                            selected nodes (graphically represented
                                                            by a dotted line) or from one source to all
                                                            destination nodes’ interfaces (including
                                                                    It contains several options to
                                                            change the view of the virtual network.
                                                            The user can hide or show objects of
                                                            different types, add background maps
                                                            (filling in the information about the
                                                            location: latitude and longitude of each
                                                            node),      visualize     the     protocol
                                                            configuration, visualize IGP metrics (new
Figure 6:         User interface. Network links are         in 14.5 version of the tool) or even show
different coloured depending on the usage of the
link and the arrow width of the links are different
                                                            a bird’s eye viewer.
depending on the throughput.

          In connection with the interface, it contains layouts for different working ways: circular,
   hierarchical or schematic. It also allows the view of BPG peers, IP interface status, IP routing
   domains, IP QoS configuration and IP tunnel configuration.
          The tool provides “drag and drop” approach to build the virtual network.
          Moreover, it contains a palette, which is a collection of OPNET objects like nodes,
   links, paths or subnets and provides the user the possibility to create them with any
   combination of objects (Cisco devices, Ethernet workstations, servers, hubs, switches, links
   or a custom-made device).
         The opened projects in SP Guru Network Planner can contain one or more scenarios
   so the user can compare the results between them.

                  Analysis and simulation
          The objects that are represented in the graphical view have their own attributes. This
   attributes define the object and that way, the user can control their behaviour.

      Figure 7: The picture contains a node and shows the changes that can be made in that node.
      Several values can be manually changed: name, protocol information, security, QoS parameters…

         To analyse the traffic in the network, the tool identifies device or link load representing
   the percentage of capacity being used, shows the flow visualized as a demand objects

D4.2 - Broadband bottleneck analysis and capacity planning              Public                 14 (64)
Project deliverable                               CELTIC TRAMMS

  providing detail performance statistics of delay, end-to-end response time and jitter, and
  represents different types of application traffic in specific cases.
          The tool allows the selection of the traffic, so that the user can view, organize and
  select network objects that have traffic associated. To edit the traffic, the user can select
  traffic flows to forecast, roll-up, delete, export traffic or add volume.
          The information about the links in the network can be imported from some
  management platforms, but the link loads can be set manually too. The tool represents the
  utilization of individual links and the values can be represented as traffic levels for each time
         The flows in the network can be shown between any source and destination in the
  network in bit/sec and packet/sec and it can also contain port, protocol, ToS and SLA
  information. Not only unicast but also multicast flows are supported. This data, as the link
  data, can be imported from management platforms, but the user can add as well new flows
  manually. The traffic demand changes regularly so the tool makes possible to edit its
        SP Guru derives a traffic matrix based on routing tables, link loads and constrains.
  Moreover, the tool allows converting load to flows, something that is useful when only link
  loads and flow data is available.
        In connection with the network behaviour, it is possible to capture the latency, queue
  depth, convergence or protocol effects.
          The flow analysis, as the image bellow shows, simulates the routing and forwarding
  behaviour of the network. The tool supports IP/MPLS, ATM and Frame Relay networks. This
  analysis is useful to study the routing and evaluate changes of routing protocols, perform
  capacity planning and traffic trending studies, design resilient networks and analyze the
  impact of failures, assess QoS configuration and VoIP readiness, and perform, in general,
  traffic engineering studies.

                      Figure 8: Flow analysis. The colour of each link shows the usage level

D4.2 - Broadband bottleneck analysis and capacity planning               Public                15 (64)
Project deliverable                             CELTIC TRAMMS

                                                                       The user can see the
                                                                consequences of a link failure in
                                                                the traffic distribution. When
                                                                performing a general simulation,
                                                                there is a possibility to simulate a
                                                                failure of set of devices, links or
                                                                shared risk groups. That way, the
                                                                user can see how traffic is routed
                                                                around          failures,        the
                                                                consequences of failures in the
                                                                traffic distribution and which
                                                                failure cases cause the most

          Figure 9:     The user can simulate link
          failures and see the consequences in the

        The SP Guru Network Planner contains specific actions for different protocols. It offers
  the chance to modify and configure different layer protocols as for instance:
             o   RIP, RIPng, OSPF, IGRP, EIGRP, ISIS, BGP
             o   Equal-Cost Multi-Path (ECMP)
             o   IP Multicast
             o   HSRP
             o   VRRP
             o   VLANs
             o   QoS/Diffserv

           o RSVP, LDP, OSPF-TE, ISIS-TE, CSPF
           o Diffserv Aware Traffic Engineering
           o Layer-2 and Layer-3 MPLS VPNs, VPLS

           o     Distance Vector, PNNI, VNN
           o     PVP

        Frame Relay

          Concerning quality of service, the tool provides a scalable solution for studying QoS. It
  has a support for Diffserv traffic and multiple queuing algorithms such as WFQ or LLQ. It also
  facilitates VoIP readiness assessment feature, offers the chance to configure packet sizes
  and calculates information such as average queue depth and inter-packet delay (jitter).
         The traffic load can be imported with a breakdown by traffic class, so the link usages
  turn into CoS-based link utilizations and additionally, this load can be converted into class-
  based flows.
          In connection with the traffic engineering, the tool enables to automate offline MPLS
  traffic engineering. It offers a possibility to fix the size of LSPs to optimize LSP routes as well
  as change IGP metrics to optimize them. For this last case, the user can fix a maximum
  utilization threshold, inspect the current network and that way, finally, find a solution that
  satisfies utilization constrains.

D4.2 - Broadband bottleneck analysis and capacity planning            Public                 16 (64)
Project deliverable                               CELTIC TRAMMS

         There is another possibility for MPLS traffic engineering called MPLS tactical TE. This
  feature brings the chance to make a choice to reroute LSPs and flows from a given link. This
  specific LSP route can be selected from a set of candidates (alternative paths) that meet
  specific constrains. That way, the congestion on a specific link can be alleviated without the
  need of reroute every LSPs.

           Figure 10:      The tool brings the chance to design layer 2 and layer 3 VPNs providing views for
           studying logical VPN topologies. The traffic flows can be deployed per route target.

        Another feature of this tool is that IPv6 is supported. This feature allows to evaluate
  readiness of network OS on devices for IPv6 deployment and simulate traffic and network
  configuration migration from IPv4 to IPv6.

                 Reports and alerts
      SP Guru Network Planner counts on over 100 reports in which the user can be the results
of the analysis and simulations. That means that the tool provides the user with information
about the configuration, statistics of utilization, delay and packet-loss, network costs. The
information of the reports is divided into different categories including failure analysis,
configuration, traffic throughput and utilization, inventory, performance, validation and protocol
metrics, and it can be printed or exported in HTML, XML, CSV or spreadsheet format.

                 Traffic Explorer (Packet Design)

        Traffic Explorer is a tool for making a network-wide traffic analysis, providing visibility into
the whole network showing per-application or CoS traffic flowing over the links. The tool enables
to perform a daily, weekly and monthly monitoring, troubleshooting, planning and maintenance

Packages and modules:
Traffic Explorer comprises the following components:
    •   Distributed flow recorders that collect flow records from key traffic sources in the
    •   A centralized flow analyzer and modeller engine that computes traffic flows across the
        entire network topology using routing intelligence from Route Explorer
    •   X-Windows, VNC and Web Browser client software

D4.2 - Broadband bottleneck analysis and capacity planning               Public                   17 (64)
Project deliverable                                CELTIC TRAMMS

                                    Figure 11:      Traffic explorer’s components
                User Interface

      Traffic Explorer has a graphical interface. It visualizes animations showing how individual
routing changes impacted traffic flows across the entire network.

                Analysis and simulation

      Traffic Explorer shows the traffic flow per-application or CoS over every link in the network
and gives end-to-end visibility of all traffic network-wide.

       Users are able to interact with an ‘as-running’ model of the network, where actual traffic
flow information is dynamically overlaid on a real-time, layer-3 topology map. They can make
changes on the ‘as-running’ network, using the actual routed topology and traffic loads, with
detailed information on application and Class of Service composition, either at the current time
or from historical data.

      Traffic Explorer lets network engineers perform a daily, weekly and monthly monitoring,
troubleshooting, planning and maintenance activities. They can see utilization and bandwidth by
application or CoS for all links on the network (not just directly monitored via Netflow).

      The tool allows performing a route cause analysis. It recognized the actual routed path
through the network for every flow and shows the impact of routing changes or failures, as they
happen, on network-wide traffic, highlighting traffic shifts that often result in network hot spots
and impact application performance.

                      Figure 12:   Traffic and routing events are correlated for faster
                                            root cause analysis

D4.2 - Broadband bottleneck analysis and capacity planning                 Public          18 (64)
Project deliverable                               CELTIC TRAMMS

       Traffic Explorer detects the increases in link usage and determines whether the increase
is due to new traffic loads on the network or if the impact of the routing change somewhere else
in the network. The tool also shows the impact of every routing change on network-wide traffic,
including total traffic volume and the number of flows and hops affected.

      With Traffic Explorer, engineers can simulate network changes, such as adding or failing
routers, interfaces and peerings; adding or moving prefixes; and adjusting IGP metrics, BGP
policy configurations or link capacities, applications or services.

     Traffic Explorer lets engineers perform failure impact analysis, showing how the network
would respond in various situations. The tool simulates link or router failures and shows the
impact on network-wide traffic across all links on the topology map.

                      Figure 13:      Engineers can simulate diverse changes in the
                       network. For instance, they can model downing routers and
                      peering and analyzing the network's behaviour to determine if
                        sufficient fault tolerance and redundancy is provisioned,
                             particularly for critical application or CoS traffic

      Using the tool, engineers can view historical traffic trends including overall network
volumes, per link volume or utilization anywhere in the network, even breakdowns by exit router
or next hop address.

      Traffic Explorer lets engineers analyze and manipulate a network-wide traffic matrix,
showing traffic volumes between every source/destination pair in the network. Detailed capacity
projections can be accomplished by exporting the full traffic matrix to a spreadsheet, adjusting
any source/destination traffic volume based on internal initiatives or forecasted loads, and then
importing the updated matrix to see the impact on network-wide link utilizations.

        New applications or CoS deployments can be tested on the ‘as-running’ network, before
they are deployed, by adding the expected traffic loads between appropriate nodes to existing
traffic volumes, and viewing the combined traffic load on every link.

       Traffic Explorer can monitor peering or transit traffic to ensure it is within contracted
ranges, as well as analyze, identify and justify new peering relationships. The tool also provides
the intelligence to optimize their peering traffic.

D4.2 - Broadband bottleneck analysis and capacity planning               Public           19 (64)
Project deliverable                               CELTIC TRAMMS

                      Figure 14:   Engineers can view the traffic by destination AS,
                           neighbour AS, transit AS, Exit Router or Community

        Traffic Explorer’s BGP configurations let the user modify BGP configurations to move
traffic between various existing and potential neighbour providers, showing how actual traffic
loads will be affected. New peering relationships can be simulated, allowing operators to see
the impact on traffic across their entire network. Since the tool understands full end-to-end
routing (both IGP and BGP), it can show the impact of peering and transit traffic when making
unrelated changes to the core of their network.

      The tool allows network managers to define traffic groups that represent users,
departments, locations or specific applications, and monitor network usage by each group.
Aggregate or per link traffic usage by group can be viewed directly, as well as exported to
external programs such as a spreadsheet or billing application.

                      Figure 15:    Traffic Explorer enables usage tracking by user-
                                           defined traffic groups

                Reports and alerts

        Traffic Explorer can send alerts whenever routing changes specific application or CoS
traffic is beyond user specified thresholds, letting know what happened, where it happened and
what kind of traffic was affected. It also allows replaying historical events.

D4.2 - Broadband bottleneck analysis and capacity planning               Public        20 (64)
Project deliverable                            CELTIC TRAMMS

               Design Expert (Netformx)

      DesignXpert is a design and quoting software platform. It facilitates the design of different
networks, including converged voice-and-data networks, complex MPLS overlay and HPC
networks, Managed Services and Network Engineering Services by automating and validating
the entire opportunity-to-order process.

Packages and modules:
Besides DesignXpert, Netformx features extra modules:
        MPLS Designer
        Enterprise AutoDiscovery

                User Interface
        The tool provides a graphical interface which can be presented as a typical graphical
  view or as a tabular view.

                            Figure 16:    Design Expert’s user interface

                Analysis and simulation

     DesignXpert software handles the whole end-to-end process, streamlining every step and
linking automatically to each succeeding step. Every subsequent action or revision ripples
through and updates the design. The tool provides network designers the chance to convert
customer requirements into deployable solutions from simple to complex networks such as

D4.2 - Broadband bottleneck analysis and capacity planning            Public               21 (64)
Project deliverable                              CELTIC TRAMMS

      Network design professionals access a vast library of smart components, and, using a
drag-an-drop action, can build network topology diagrams. Each component is an intelligent
object. That means that each object is not just a graphic representation. Every object has its
own properties such as linking protocols, actual physical size and datasheet properties that
represent how a real-world network element would behave in an actual network. Netformx
Smart Library components simulate actual network equipment, enabling full system-level
network design, validation and pricing.

DesignXpert automates the steps of the network design and quoting process:
      • Customer requirements gathering and documentation
      • Discover the existing network infrastructure (using Enterprise AutoDiscovery).
      • Definition (design) of the technical solution
      • Pricing and margin analysis
      • Customer technical and financial proposal (quote, statement-of-work, solutions
      • Implementation (transfer to fulfillment or provisioning)

      One of the extra modules mentioned on the previous section, MPLS Designer,
streamlines the entire cycle of proposing, designing and provisioning MPLS/IP VPN services. It
guides network designers through the process of turning customer requirements into a technical
plan, then following through with a detailed proposal. Once the proposal is accepted, the
software provides the pertinent documentation.

MPLS Designer allows to change design parameters given in a table format, including:
            •   Routing and Switching (BGP, EIGRP, OSPF)
            •   Partial and full mesh networks
            •   Access and speed
            •   Access options: IPSec, Frame Relay, DSL and Wireless
            •   Connectivity matrix and VRFs
            •   Quality of Service and Class of Service definitions
            •   Routing protocols
            •   Secure internet access
            •   Remote access
            •   Extranet connectivity
            •   Diversity
            •   Value added services

      MPLS Designer requires DesignXpert to run.

       At the heart of DesignXpert is the Netformx KnowledgeBase, a network device library,
including more than 147,000 components, and associated configuration rules and current
prices. Weekly updates to the Netformx KnowledgeBase keep the repository current with the
latest devices, physical configuration rules and best practices. In addition to network vendor-
supplied public content, Netformx can incorporate customer-specific content into the
Netformx KnowledgeBase to accommodate proprietary items such as service offerings,
corporate practices and promotional pricing.

     Enterprise AutoDiscovery (EAD) is an SNMP/SSH/Telnet-based audit and multi-vendor
network discovery feature of DesignXpert that enables design professionals to capture an
accurate baseline of existing IP and SNMP-enabled devices in any network.

D4.2 - Broadband bottleneck analysis and capacity planning            Public             22 (64)
Project deliverable                              CELTIC TRAMMS

                IP/MPLSView (Wandl)

      IP/MPLSView is WANDL's Traffic Engineering and Network Management solution for IP
and/or MPLS networks. This system addresses the mayor areas of network planning including
analysis, design, optimization and simulation.

                 Data collection / exportation
        From a set of network configuration files and other optimal data, the Multi-Vendor
  Parser constructs the network topology, aware of multi-protocols, layers, ASes, routing areas
  and VPNs.

         This network data can be imported
  into the tool or collected directly by the
  system itself in conjunction with
  IP/MPLSView’s Network Manager online
  module. Tariff and pricing data can be
  imported too.

         Alternatively, the   user    can
  manually construct any network topology
  via IP/MPLSView’s advanced graphical

        So the network can be designed
  from scratch or on top of an existing
  network configuration.                                 Figure 17:      IP/MPLS View     models any
                                                         architecture     designed by      the   user

                 User Interface
        IP/MPLSView provides a graphical user interface. The tool shows routing, utilization,
  protocol-specific and other reports from the client interface or from the web.

                 Analysis and simulation

      To perform a traffic load analysis, the tool offers a view of current or historical charts.

      The user can use the tool to pinpoint
bottlenecks or underutilized links from the
topology map in large networks, simulate
new demands before they are placed on
the real network (perform capacity
planning) and optimize routing parameters

                                                         Figure 18:       Network analysis. Users can
                                                         identify bottlenecks observing colours.

       IP/MPLSView automates network designs. It automatically determines where to purchase
links to satisfy traffic for resiliency against any failure scenario. The user can use it to identify
and prevent potential bottlenecks, performing a simulation to show traffic routes for many ‘what-
if’ scenarios and identify which trunks will become congested under various failure conditions.

D4.2 - Broadband bottleneck analysis and capacity planning              Public                 23 (64)
Project deliverable                            CELTIC TRAMMS

       Moreover, the user can analyze how traffic is rerouted and the effect on network links
(e.g. worst-case trunk utilization), performing simulations with single, double or even triple

      Using this tool, the user can experiment with changing parameters, protocols, topology…
and simulate network migration, network expansion or the merging of multiple networks as a
way for validate changes before deployment.

      Some of the protocols supported by the tool are the ones which follow:
        •   IGP: OSPF, IS-IS, IGRP, EIGRP, RIP
        •   Static Routes, Policy-based Routing
        •   BGP, LDP/TDP, RSVP-TE, VoIP (SIP, H.323)
        •   Multicast: PIM-SM, -DM, -SSM
        •   CoS, IPv4, IPv6

                                                          Concerning MPLS-TE, the tool allows
                                                   different simulation and designs. The user
                                                   can simulate LSP tunnels (including backup
                                                   tunnels), automate Fast ReRoute (FRR)
                                                   design, automate the design of diverse paths
                                                   for primary and backup tunnels and optimize
                                                   LSP Paths that have become suboptimal over

      Figure 19:        LSP Path calculation

        With the tool, VPNs can be modelled
and created. The user can perform VPN
simulation, use the system to generate VPN
traffic and perform card failure simulations. On
the configuration files, VPN-specific integrity
checks can be run. The tool supports different
VPN types as L3VPN, L2Martini, L2Kompella,
                                                      Figure 20:      VPN Wizard for creating and
                                                      editing VPNs

      The tool lets the user model and analyze BGP so that Route Reflector design and
analysis can be performed, BGP routing tables can be imported, and BGP peering analysis and
iBGP policy evaluation can be performed.

      In connection with the Class of Service, the tool permits the analysis of it allowing to
model CoS classes and policies, letting the user model different queueing schemes and define
application flow based on CoS (this enables the modelling of VoIP or VoD) and enabling the
analysis of packet-loss and delay statistics per CoS.

      IP/MPLSView can simulate multicast flows based on user-defined multicast groups and
demands, the effect of RP selection on the distribution tree and on link utilization and SPT

                Reports and alerts

      Once the user is satisfied with the MPLS-TE or VPN design, respective LSP and VPN
configlets (configuration file statements) can be generated in text or XML format and pushed to

D4.2 - Broadband bottleneck analysis and capacity planning           Public              24 (64)
Project deliverable                              CELTIC TRAMMS

the network using P/MPLSView’s Service Activation Module and then, generated configlets can
be loaded back to the network.

                                    Figure 21:     Report manager

               NetScope (TurboSoft)

       The NetScope product range offers an enterprise-wide solution that provides instant and
historical per-second visibility and control of application performance.

Packages and modules:
NetScope is divided into different modules:
        NetScope Reporter: reporting solution
        NetScope Alerter: alerting solution
        NetScope FastTrack: network management solution
        NetScope Analyser: network monitoring solution
        NetScope Services: QoS solution

                User Interface

        NetScope provides a graphical user interface. It visualizes the state of the whole
  network showing the status and different parameters that characterize it.

                Analysis and simulation

        NetScope Analyser is a network monitoring solution that provides per-second visibility into
network traffic both in real time and historically. This module allows seeing how the network
traffic is made up offering per second resolution which can be retained for historical analysis.

       NetScope Analyser gives the user the insight to regain control of the network and to keep
business critical applications such as VoIP, Citrix and ERP operating optimally. It offers a
detailed knowledge of network traffic content.

D4.2 - Broadband bottleneck analysis and capacity planning          Public                 25 (64)
Project deliverable                             CELTIC TRAMMS

                      Figure 22:    The user can zoom in on individual data streams

       NetScope FastTrack offers an extensive network management solution, combining the
benefits of instant control of application performance and dynamic allocation of network resources
with visualisation and analysis tools.

          NetScope FastTrack features instant control of application performance and dynamic
allocation of network resources to ensure the control of the network. To maintain and enhance
performance, some applications’ bandwidth can be prioritized and lower priority or unwanted
traffic can be shaped, capped or blocked as desired.

        Additionally, NetScope FastTrack uses many of the extensive monitoring and
visualisation tools also found in NetScope Analyser, including traffic visualisation down to a per
second resolution for both real time and historical analysis.

        Netscape Services is Turbosoft Networks’ managed QoS solution, for maintaining and
achieving optimal performance from network infrastructure. NetScope Services are available as
a one off network health check, or as an ongoing service.

                 Reports and alerts

      NetScope Reporter and Alerter is a web based network reporting and alerting tool that
delivers graphical reports on current and historical network activity and timely alerts on network
status. Real time monitoring and full visualisation of traffic delivers the detailed insight into the
status of the network for maintaining the performance of critical systems and coping with
changes in demand for network resources within an organisation.

D4.2 - Broadband bottleneck analysis and capacity planning            Public                 26 (64)
Project deliverable                             CELTIC TRAMMS

                           Figure 23:    Network activity report. Tag usage.

      Netscope offers network administrators the why, what, who and when of network activity
reporting based on predefined parameters or user generated parameters. The tool allows the
user to isolate traffic that's important, categorising by username, application, protocol and port.

      The tool collects and aggregates network activity data on a per second basis spanning
some years. The user can access to immediate and historical data to perform a long term traffic
analysis and trending.

       NetScope's advanced alerting features keep watch over the network, notifying of issues
and events that require attention when they occur. Additionally it provides network health
functionality, offering quick and simple indicators of overall network health.

                           Figure 24:    Network activity report. Link activity.

        NetScope Reporter analyses data stored within its database to generate graphical
reports either automatically or on demand. The user can choose from numerous predefined
reports or create user specified parameters such as devices and time periods.

         Using the tool the user can select from a predefined list or create individual alerts
tailored to the user’s requirements. Alerts criteria covers issues such as the addition of new
users to the network, the appearance of new traffic, bandwidth oversubscription, bandwidth

D4.2 - Broadband bottleneck analysis and capacity planning               Public            27 (64)
Project deliverable                              CELTIC TRAMMS

availability above or bellow a critical point, traffic on specified ports or addresses and traffic

                                        Figure 25:   Alert log
        The tool enables to configure alerts to be sent based on traffic conditions. These alerts
can be set up to be sent via e-mail or sms.

            1.2.2.       Emulation tools

                 Network emulation

                       GEM (Spirent)

      Spirent’s GEM enables to test applications, devices, protocols, solution and services
under dynamic delay and impairment conditions. Using GEM, the user can evaluate the
performance of emerging technologies, characterize breaking points of a new service, validate
new products or solutions before deployment and discover and define minimum required
Service Level Agreements.

      The tool emulates the “real world” effects of Layer 1/2 delay and impairments on Layer 3
devices and applications.

Packages and modules:

  Figure 26:    Appearance of different models (MAUI left, HAWAII right):
  Maui model                                        Hawaii model
       Supports speeds up to 2.66Gbps                      Up to 2 interface blades
       Up to 4 interface blades                            Hot swappable copper/optical SFP and XFP
       Hot swappable copper/optical SFP                    modules
       modules (optional wavelengths available)            Optional wavelengths available
       Support for Ethernet, SONET, SDH, OTN,              Supports Ethernet, SONET, SDH, OTN,
       Fibre Channel                                       Fibre Channel
       Fast Ethernet Interface for Remote Control          Fast Ethernet Interface for Remote Control
       Supports speeds up to 11.3Gbps

D4.2 - Broadband bottleneck analysis and capacity planning             Public                28 (64)
Project deliverable                            CELTIC TRAMMS

                Data collection / exportation

      Live network conditions can be recorded to be imported into a GEM emulator and that
way, recreate those delay and impairment conditions in the lab.

                User Interface

      Using a HTML Based GUI (no need client software to install), GEM enables to define the
network topology, devices and traffic flows directly from the GUI using drag and drop

It supports Service Frame Colours such as:
        Green –conforms to Committed Rate
        Yellow –conforms to Excess Rate
        Red –does not conform to Committed or Excess Rate

                                  Figure 27:    HTML based GUI

                Analysis and simulation

         The tool has a flexible FPGA design and offers the possibility to upgrade with new
features. It performs a hardware based Layer 1 impairment emulation. These impairments can
be, for instance, that frames can be dropped based upon a user specified probability (selectively
MPEG-4 I, P or B packets can be dropped), the Ethernet CRC of frames can be corrupted
based on user-specified probability, Ethernet frames can be variably delayed around the line or
network flow delay can be fixed based on a user defined probability (parameters as maximum
or minimum value of delay, or maximum positive or negative change of delay can be fixed by
the user), Ethernet frames can be reordered or duplicated, any burst of bytes within the
Ethernet frame can be corrupted or modified based on a user specified offset from the start of
the frame and a user defined error rate (between 1E-12 and 1E-2) or bit rotation (comma
aligner) can be fixed.

D4.2 - Broadband bottleneck analysis and capacity planning         Public                29 (64)
Project deliverable                             CELTIC TRAMMS

  Figure 28:    Example: the tool lets to use unmanaged switch to connect more than 2 devices to 2-port
                                               Spirent GEM.

      The tool can support full 1GbE/10GbE line-rate all the time (even at 64 byte frame size)
and chain multiple impairments at same time (corruption, jitter, duplication, reorder, drop,
modification, errors).

                      Figure 29:    Network representation and impairment profile

       GEM is able to dynamically change impairment profile without stopping test. The user can
perform an advanced filtering, selecting impairments based on values in Ethernet frames. It
emulates ‘real-world’ effects of layer 1/2 delay and impairments on layer 3 devices and
applications, supporting auto configuration of test beds. Multi-protocol is also supported on the
same platform (Fibre Channel, SONET/SDH and Ethernet). The frames have unlimited size and
can be reordered and duplicated up to 12KB. It also supports a complete automation with TCL

      The tool supports random impairments as well as targeted ones. Random impairments
are based upon any of the following distributions: periodic, poisson, gaussian, uniform. Targeted
impairments, on the other hand, were defined by the stablishment of:
           VLAN tag
           MPLS label
           MAC address
           IP address
           TCP port
           Any other field in the Ethernet, IP, TCP, UDP or RTP header
           Any other information up to 2,000 bytes deep within the Ethernet frame.

      The tool is based on Metro Ethernet Forum Bandwidth Profiles and allows the
configuration of the following parameters:
        Committed Information Rate (CIR)
        Committed Burst Size (CBS)
        Excess Information Rate (EIR)
        Excess Burst Size (EBS)

D4.2 - Broadband bottleneck analysis and capacity planning            Public                  30 (64)
Project deliverable                              CELTIC TRAMMS

      The optional IPTV feature on GEM can be used to characterize video performance under
specific impairments. The tool allows to correlate mean quality scores with specific impairment
conditions and drop MPEG 2 (H.262) and MPEG 4 (H.264) I, P or B frames.

       The user can select a MPEG 2/4 I, P, B packets for possible drop, choose the number of
times to trigger a selection (1-15, infinite), choose drop probability for selected packets (rate and
distribution) and choose selection offset.

       The Dynamic Search Filter (DSF), an optional feature on GEM, searches for a user
defined pattern throughout an entire TCP/UDP payload and triggers an impairment event. When
a match is found, the packet is subjected to a specified impairment. Trigger event can be limited
to specified number of times (e.g.,1, 2, 3 …or infinite). This optional DSF feature can be useful
for characterizing video performance under specific impairments. A specific MPEG I, B or P
frames can be targeted for impairment. This feature can also be used to characterize new TCP
implementations for acceleration performance. A specific TCP packet with specific FTP data
string can be targeted and the packet dropped. The user can specify the trigger to occur only
once to prevent TCP session from closing.

      It’s interesting for the user to record live network conditions and import them into a GEM
emulator. To do this, the user has to setup Stand-alone Profiler application on network client,
capture delay and packet loss between the Profiler application and multiply user defined target
machines using ICMPs, take the Profiler logs back to lab to be loaded into GEM emulator for
Playback and test applications or services under current network conditions. The tool allows to
record network delay and loss characteristics for over 30 days between Profiler application and
more than 50 user defined Targets, define Targets by IP address or URL, configure ICMP
packet length (64-1518), configure DSCP field (0-255), set ICMP interval down to 100ms, start
sessions manually or automatically by scheduling date/time and duration and view delay and
impairment graphs real time or for post analysis.

       Profiler logs can be uploaded to GEM and played back the captured impairments (one log
per GEM Network Profile). The user relies on some options such as playback delay values as
measured by the Spirent Profiler or increase delay values during playback by a user defined
factor for performance testing, repeat log files for longer playback sessions, ignore packet drop
and assign to Network Profile in opposite direction for bi-directional support.

       The GEM Router Mode allows users to connect devices to Spirent GEM of the same or
different subnets.

      Capture Replay, available as an option on Hawaii Blades, allows to capture up to
1GByte/sec at full line rate using filters or triggers, replay this or other pre-captured traffic on the
GEM and apply impairments. Capture and/or replay can occur before or after impairments are
applied and troubleshoot network or application performance issues using trigger conditions.

       This option can isolate top talkers/applications using network bandwidth, capture data
inline at up to true line rate in both directions, use extensive Filtering (layer 2 -layer 7) capability
for focused capture and capture traffic for multiple Network Profiles simultaneously and
download captured data for analysis (PCAP file format). It has a Capture Buffer which captures
up to 8Gbits or 1GByte of traffic. The captures can be made before and/or after emulator
introduces impairments. Captured packets include precise hardware based time-stamps with
16ns accuracy. Previously captured files can be uploaded to be replayed by GEM (PCAP) at up
to true line rate (PCAP files can be modified prior to upload). The traffic can be replayed at
captured rate or user defined rate, as background traffic along with through traffic, with or
without impairments (including modification). Multiple captured files can be replayed
simultaneously with multiple Network Profiles, single time or ‘n’ times, or forever.

      The playback profiler imports and playbacks custom network scenarios with user defined
impairment tables including control parameters such as delay, drop, reorder, CRC error or
corruption. The playback control is provided for each individual GEM Network Profile and works
with other features such as bandwidth control.

D4.2 - Broadband bottleneck analysis and capacity planning              Public                  31 (64)
Project deliverable                            CELTIC TRAMMS

       The user can use the network playback profiler to test new technologies, protocols or
applications with virtually limitless control for any dynamic or “bursty” network scenario, high or
even very low frequency delay change and impairment events and custom statistical impairment

       The tool allows the user to choose the source for impairments: table or GEM GUI. The
impairment tables can be played and repeated once, 2 to 255 times or forever. Custom
impairment tables can be individually uploaded and controlled for each GEM Network Profile.

        Supported applications:
            o   Real Time Applications
                         IPTV, VoIP, Interactive Gaming
            o   Storage
                         Disaster Recovery, Business Continuity, ILM Planning, Storage
                         Extension, Data Center/ Server Migration
            o   Networked Applications (Throughput / Performance / Error Recovery)
                         Database, Transaction Processing, Distributed Software Applications
            o   Satellite Communications
            o   Converged Networks
                         Next Generation SONET/SDH (VCAT, LCAS, GFP)
                         TDM over Packet, Timing over Packet (Circuit Emulation, Pseudo Wire)
                         MPLS, Metro Ethernet
            o   Service Level Agreement (SLA) Characterization
            o   Acceleration (WAN, TCP, Application)
            o   PON (GPON, (G)EPON, BPON)
            o   iWARP(10Gig Ethernet)

        Reports and alerts
        The GEM Reporter is able to produce reports based on statistics from GEM Emulator.
  It shows bandwidth, delay and packet loss statistics for all Network Profiles. It also turns the
  reports into pdf documents for a later analysis.

                 Shunra Virtual Enterprise (Shunra)

       Shunra Virtual Enterprise is a network emulation solution that creates a virtual network
environment in a performance and pre-deployment network lab. It delivers a way to test the
performance of applications and network equipment under a wide variety of network

Packages and modules:
        HW platforms:
               STJ: The STJ appliance limits bandwidth and impairs multiple traffic flows using
        10/100Mbps Ethernet interfaces
               STN: The STN appliance limits bandwidth and impairs multiple traffic flows
        using 10/100Mbps and 1Gbps Ethernet interfaces
               STA: The STA appliance limits bandwidth and impairs multiple traffic flows
        using 1Gbps and 10Gbps Ethernet interfaces

D4.2 - Broadband bottleneck analysis and capacity planning          Public                 32 (64)
Project deliverable                              CELTIC TRAMMS

  Figure 30:    Appearance of different models

               • VE Modeller: model and simulate
             • VE Network Catcher: captures network conditions to import them into the VE
               • VE Desktop User Interface
               • VE Reporter

                      Figure 31:   The Shunra Virtual Enterprise solution architecture

        Data collection / exportation
       Shunra VE’s network recording software captures and imports production network
conditions, such as latency, jitter and packet loss, directly into the user’s network model. When
Shunra VE replays these recordings it recreates the same conditions that exist on the
production network.

        Analysis and simulation

    Shunra VE delivers a network solution that creates a virtual network environment. It delivers
a way to test the performance of applications and network equipment under a wide variety of
network impairments (as if they were running in a real-life production environment).

D4.2 - Broadband bottleneck analysis and capacity planning              Public           33 (64)
Project deliverable                            CELTIC TRAMMS

    Using Shunra VE the network manager will understand the impact that the network and
applications have on each other’s performance and on the remote end-users’ experiences, and
uncover and resolve production related problems.

    In addition to the empirical experience, Shunra VE provides a range of graphically reports
and drill-down analysis capabilities. These help to isolate and resolve the root causes of
network and application problems, and determine whether any modifications to the application,
network or infrastructure are needed.

        Shunra VE combines a hardware appliance with a software. This creates a network
simulation solution that includes detailed reports and root cause analysis.

       At the heart of Shunra VE is a network appliance that functions as a bridge or router. It
changes the speed at which network traffic travels across the local area network, exposing data
packets to the same network impairments to which they would be subjected on the wide area

       The Shunra VE network appliance is controlled through a Microsoft Visio based
modeler. The modeler gives the possibility to create any network topology and run any scenario.

                       Figure 32:     Users can simulate multiple branch offices

        Once the network model is created, the user can activate the test scenario. At this point,
applications, network services or infrastructures connected to the appliance will behave as if it
were subjected to the conditions defined in the model. The user can edit network parameter at
any time, to create current, future, worst case or “what-if” scenarios and replay or reconfigure
these scenarios over and over again.

D4.2 - Broadband bottleneck analysis and capacity planning            Public              34 (64)
Project deliverable                           CELTIC TRAMMS

  Figure 33:    WAN settings

                                    Figure 34: Gateway parameters

        The tool delivers capabilities to emulate a wide range of network impairments including
latency, jitter, bandwidth, congestion, packet loss, BER, fragmentation, duplication,
disconnection, re-ordering, data corruption and modification. The user can also emulate any
network topology including client/server, multiple branch offices with distributed data centers,
full mesh networks, complex N-Tier network topologies, internet and eCommerce. And a wide
range of network technology simulations can be made including MPLS, Ethernet, QoS, Frame
Relay, wireless and cellular networks, satellite networks, IPv4 and IPv6.

        Shunra VE is also useful for troubleshooting production problems that occurred in the
past. Since Shunra VE stores 30 days worth of production network conditions, the user can
rewind the recording to the time that the problem occurred and see what happened with the
network at that time.

D4.2 - Broadband bottleneck analysis and capacity planning          Public              35 (64)
Project deliverable                              CELTIC TRAMMS

        With every test, Shunra VE provides detailed drill-down analysis and reports on
application and network performance, which tell the user where and when will have
performance problems (in the network or the application).

      The tool provides reports and analysis         ____________________________________
         Application performance over the
         Application availability over the
         Application performance thresholds
         against a range and combination of
         network      conditions    Individual
         transaction             performance
         measurements and drill down
                                                     Figure 35:       Impairments activity

        The tool allows to analyze performance of business processes under a range of network
capacity, end user load and other production conditions.

        Capacity planning delivers a set of expected performance metrics per network
bandwidth for various end-user. Performance is measured against service level objectives
defining network requirements in a graphical report.

          The tool, over a emulated network, allows the testing of VoIP. That way, the user is able
to test, validate and tune VoIP hardware and architecture.

        Shunra VE includes an XML-based open API which enables it to automatically manage
other third party lab resources, or be managed by them. These resources include PCs running
batch scripts, FTP clients, custom developed or off-the-shelf testing tools, traffic generators,
network sniffers, and network management systems.

         Reports and alerts

    Shunra VE provides a graphically diagnostic reporting capabilities on application and
network performance. All reports can be exported to Microsoft Office documents or published in
HTML. An executive summary report in Microsoft Word is also provided. Additionally, all Shunra
VE test results are stored in a central repository for easy version comparison, change control,
and future reference by the project team.

D4.2 - Broadband bottleneck analysis and capacity planning          Public                   36 (64)
Project deliverable                                 CELTIC TRAMMS

      Figure 36:          Network activity reports. Service level data, transaction response time, etc.

                   Access Network emulation

                            DSL (Spirent)

      Spirent’s DSL solutions allows the emulation and different impairment generation related
to the physical layer of the OSI model. Spirent has developed a series of noise and impairment
generators to permorm diverse tests. That way these tools allow users to perform the emulation
of impairments of copper lines such as crosstalk or noise.


      Spirent provides DSL solutions for:
               • ADSL, ASDL2, ADSL2+

               • HDSL, HDSL2, HDSL4 and SHDSL

               • ISDN and SDSL

               • VDSL and VDSL2

               • Solutions to meet the requirements of standards bodies: ATIS, DSL Forum, ETSI and

               • Programmable solutions allow custom test cases for evaluation beyond conformance

D4.2 - Broadband bottleneck analysis and capacity planning                  Public                   37 (64)
Project deliverable                           CELTIC TRAMMS

      Spirent provides diverse DSL solutions. Some of them are listed below:

             • DLS-5D10: DSL Service Modelling and Noise Tool
             • DLS-400S: G.SHDSL Wireline Simulator
             • DLS-A2PE Integrated System: European ADSL2+ and ADSL2++ Testing
             • DLS-V2A Integrated System: North American VDSL2 Wireline and Noise
             Testing Solution

The DLS-5D10 provides two primary functions:
              DLS Performance Predictor
              DLS Noise File Development for Performance Testing

      Using the Performance Predictor, the DLS-5D10 predicts xDSL “rate vs. reach” under a
range of operational conditions and allows the user to configure:
        Cable Properties (standard and definable)
        Modem Models and Properties (including transmitter and receiver)
        Technology Mix (number and type of disturbers)

       The performance of the DUT can then be measured in several ways including max. bit
rate, noise (or signal) margin, as well as reach and Shannon’s Gap. Results are represented in
a graphical or tabular format.

                                 Figure 37:     DLS-5D10 GUI

      The Noise File Development application of DLS-5D10 calculates the Power Spectral
Density (PSD) of crosstalk noise and creates a noise profile that can be quickly saved and
downloaded to the DLS-5500 Noise Generator.

D4.2 - Broadband bottleneck analysis and capacity planning       Public               38 (64)
Project deliverable                            CELTIC TRAMMS

       The DLS-5D10 allows users to build libraries of standards-based or customized noise files
for testing device performance. These libraries can include any combination of Alien, Self or
Mixed noises.

          Figure 38:      Performance and Noise Margin Prediction shows the rate vs. reach


        Spirent's DLS-400S Wireline Simulator is a pre-configured wireline simulator designed
to provide a test solution for the ITU-T G.991.2/G.shdsl standards.

        The combination of DLS-400S and DLS-5500 Noise Impairment Series products
provide a complete simulation of ITU-T G.shdsl (Annex A) test loops. Using these tools, users
have the ability to custom program wireline lengths and add noise impairments.

        Test loops provided by a single chassis DLS-400S system configuration will allow the
user to simulate the preconfigured G.shdsl (Annex A) loops: Ø, S, BT1-C, BT1-R, BT2-C, BT2-R
& C4.

DLS-A2PE Integrated System

     DLS-A2PE is an ADSL2++ lab test solution for the European market, consisting of the
DLS-410E wireline simulator and the DLS-5200EP noise generation system. This integrated
system provides a Layer-l test platform for ADSL, including ADSL, ADSL2, ADSL2+, and

     The system enables repeatable test results, not only between different sets of test
equipment but also between different test labs.

D4.2 - Broadband bottleneck analysis and capacity planning           Public                  39 (64)
Project deliverable                              CELTIC TRAMMS

 Figure 39:     Following this diagram, the user is allowed to perform a physical layer test for ADSL2+
       and ADSL2++ including wireline simulation, noise generation, traffic generation and analysis

DLS-V2A Integrated System

      The DLSV2A Integrated System, which includes the DLS-8130 and DLS-5500 system,
allows performing test beds for VDSL2 applications on North American copper pair networks.

       The system is designed for conformance/performance testing in accordance with ITU-T
North American VDSL2 Initiative ITU-T Recommendation G.993.2. It allows the testing of next-
generation multi-functional xDSL chipsets that provide rate-adaptive capabilities across
variations of ADSL and VDSL technologies, including ADSL1, ADSL2, ADSL2+, VDSL1 and

      The DLS-V2A product set features of loop configurations across various standards while
providing extensive capabilities for testing many other high bandwidth applications such as
Ethernet in the First Mile (EFM) Copper.

D4.2 - Broadband bottleneck analysis and capacity planning              Public                 40 (64)
Project deliverable                                CELTIC TRAMMS

Figure 40:        The figure displays the DLS 410B ADSL2+ wireline simulator that, when connected to the
front panel input ports of the VDSL2 wireline solution, allows users the option of simulating ITU-T G.992.5,
                               TR067, and TR-100 North American test loops.

                 Application-level traffic emulation

                           Avalanche (Spirent)

        Spirent’s Avalanche appliance solution provides capacity, security and performance
testing for network infrastructures, Web application infrastructure and Triple Play services
ensuring Quality of Service and Quality of Experience.

Packages and modules:

Besides Avalanche 2900, there are other solutions available:

             • Avalanche 220: The Avalanche 220, a portable version of Spirent’s Avalanche
        2900 load testing appliance, allows to conduct high-performance, protocol-accurate
        load testing wherever the user is, helping to ensure that devices, applications and
        infrastructures will operate correctly under real-world conditions.
            • Avalanche Analyzer: Avalanche Analyzer is a reporting tool that allows
        analyzing and displaying data generated by Spirent’s Avalanche testing appliances.
            • Reflector: The Avalanche and Reflector load testing appliances challenge even
        the largest networks to perform under real-world conditions. Avalanche can simulate a

D4.2 - Broadband bottleneck analysis and capacity planning                Public                   41 (64)
Project deliverable                                CELTIC TRAMMS

        virtually unlimited number of users interacting with Web applications, receiving and
        sending mail, viewing streaming media and can simultaneously generate DDoS attacks.
        Reflector can accurately emulate large Web, mail and streaming server installations.
        Combined with Avalanche, Reflector helps to test the capacity of any equipment
        connected between the two systems.

                                      Infrastructure under test
       Avalanche                                                                     Reflector
    Figure 41: Avalanche, combined with Reflector, is utilized to simulate both client behavior as well as
                                      end infrastructure behavior.

            • Reflector 220: The Reflector 220 is a portable version of Spirent’s Reflector
        application infrastructure emulation appliance. Combined with Spirent’s Avalanche 220
        load appliance, the Reflector 220 allows the emulation of complex multi-tier Web sites,
        as well as large application and data server environments, in the field. The Reflector
        220 provides a solution for emulating application infrastructures in remote locations.


Figure 42:       Appearance of different models:
             Model 220                                                Model 2900

        Analysis and simulation

      The Spirent Avalanche 2900 is a 1Gbps and 10Gbps line rate Layer 4-7 stateful traffic
performance solution that is capable of high throughput security testing of over 3Gbps of bulk
encrypted traffic. Avalanche users have the ability to test devices to their limits at line rate
simulating daily traffic and understand the impact of worse case scenarios. It provides the
capability to generate traffic allowing trunk ports to be directly tested or determine the impact of
multiple GgE ports being aggregated over 10Gbps.

     The user can test applications and network systems at multi-gigabit speeds and go
beyond expected peak volumes.

      Using the tool, testers are able to specify variable loads such as user sessions, new user
sessions per second, transactions, transactions per second, connections or connections per
second. One load profile can be specified for an entire test, or a separate load profile can be
defined for each group of emulated users. This approach enables different actions, network
characteristics and loads to be specified for each group of simulated users. In addition, up to
eight simultaneous users can use the resources of Avalanche 2900 appliance.

D4.2 - Broadband bottleneck analysis and capacity planning               Public                  42 (64)
Project deliverable                             CELTIC TRAMMS

      Avalanche can be used in tandem with the Reflector test appliances to provide accurate
multi-protocol responses to the requests it generates. Together, the two systems test the
capacity of any device or network connected between them.

 Figure 43:       Complete end-to-end user and application emulation. Subscribers and servers can be
                             emulated using Avalanche and Reflector.

        Avalanche supports the configuration of user behaviours. The system interacts with sites
using dynamic and interactive content, HTML links and fill-in online forms. Multiple types of
browsers can be emulated, providing detailed control over browser connection behaviour, SSL
versions, authentication and browser client headers. User behaviour such as think times and
“clickaways” (HTTP aborts) can be emulated, and the system also supports HTTP basic and
proxy authentication. Avalanche sends requests that include dynamically filled-in fields from a
list of provided values, or values captured from a previous response such as order numbers,
session IDs or transaction IDs. Avalanche supports high-performance testing of Web services to
ensure that mission-critical services will perform under heavy loads. The system can also verify
received content by searching for one or more strings in a response and it can identify potential
points of failure by stress-testing the infrastructure.

      Avalanche supports all major protocols, including HTTP 1.0/1.1, HTTPS, FTP, streaming
media, IPv6, voice (SIP), mail (SMTP/POP3), DNS, SSL, Telnet, 802.1Q VLAN tagging, IPSec,
802.1x, and PPPoE. External traffic can also be imported, replayed and amplified to support
non-native protocols and traffic flows. Protocol support enables to test for performance-
sensitive network activities such as web applications, Triple Play, voice, mail, streaming media,
Video on Demand, file transfer and capacities of next generation content aware networks.

D4.2 - Broadband bottleneck analysis and capacity planning            Public                 43 (64)
Project deliverable                                   CELTIC TRAMMS

     Figure 44:       The tool offers real-time statistics across all protocols, as well as information about
different features such as maximum bandwidth incoming/outgoing, maximum new opened TCP connections
                        per second or maximum opened concurrent TCP connections.


                  o   Network Performance Testing

      Provides performance and capacity testing on a variety of network devices including:
Firewall, Application Firewall, Load Balancer, Cache, Proxy, URL Filter, Content Filter, Anti-
Virus, Anti-Spyware, Reverse-Proxy, SSL Accelerator, HTTP/HTTPS Accelerator, SMTP Relay,
IDS/IPS, IPSec VPN Gateway and SSL VPN Gateway






                Figure 45:        Avalanche and Reflector testing the network performance

                  o   Application Server Performance Testing

      Validates the performance of several types of real servers including Web Server,
Application Server, Mail Server, DHCP Services, FTP Server, DNS Server, Telnet Server,
RTSP/RTP QuickTime Streaming Server, Multicast Server and more.

D4.2 - Broadband bottleneck analysis and capacity planning                 Public                  44 (64)
Project deliverable                              CELTIC TRAMMS

                o     Web Application Testing

       Performs Web application testing including Web services, SOA, ERP and CRM
applications with Avalanche’s application testing capability to support cookies, session ID,
dynamic link, automatic redirect, additional header, content validation, SOAP message, think
time, variable think time and variable assignment.

                o     Triple Play Testing

      Performs Triple Play testing, validates Triple Play service from the user’s point of view
with realistic voice calling and unicast and multicast video streaming, and simulates Internet
data traffic using static IP address or IP address assigned by DHCP over PPPoE, VLAN and
Stacked VLANs.

                o     Security Testing

     Provides extensive testing for secure network communication, vulnerability assessment
and user authentication including: IPSec, SSL, 802.1x, Network Access Control (NAC) and

    Figure 46: Real-time statistics of HTTP

                                                Figure 47: Real-time statistics of TCP

D4.2 - Broadband bottleneck analysis and capacity planning             Public            45 (64)
Project deliverable                          CELTIC TRAMMS

                          Figure 48:        A summary of real-time statistics

                             Figure 49:      Real-time statistics on Reflector

        Reports and alerts
        Avalanche Analyzer is an analysis tool that generates detailed reports and graphs (pdf
  or html presentation reports) from Avalanche results files. It performs analysis of the data,
  including min, max, average, protocol level details, TCP errors and trends info in graphical
  and textual views.

D4.2 - Broadband bottleneck analysis and capacity planning           Public            46 (64)
Project deliverable                              CELTIC TRAMMS

                             Figure 50:         Network activity report summary

                         Network Tester (Agilent)

         Network Tester is a solution for testing the real-world performance of network security,
Triple Play and application-aware devices. It is a Layer 4-7 performance solution that creates a
mix of application traffic through the simultaneously emulation of real voice, video, data, P2P
traffic and multiple DDoS, spam and virus attacks on a single port.


                       Figure 51:         The Agilent Network Tester Layer 4-7 Solution

        User Interface

     Network Tester’s graphical user interface allows users to create and execute real-world test
scenarios. The user can drag and stack configurable protocol bricks to create multi-protocol
traffic profiles combined with malicious attacks (without the need of scripting).

        Analysis and simulation

      Network equipment manufacturers, service providers and network operators can use
Network Tester to analyze application-aware devices to obtain real-world performance
characteristics under peak levels of load and stress the network, as expected in real network

D4.2 - Broadband bottleneck analysis and capacity planning             Public             47 (64)
Project deliverable                               CELTIC TRAMMS

        Network Tester uses real Internet Data, VoIP, VoD and IPTV traffic. Combined with DoS
attacks, malicious exploits and traffic impairments, the tool subjects the devices to complex
traffic conditions. In addition, Network Tester is able to simulate proprietary protocols such as
Peer-to-Peer, IM and On-line Gaming. That way, it can generate real-world mixes of Internet
Data, VoIP, Streaming Video, IPTV and P2P traffic on the same interface.

       Network Tester can simultaneously emulate multiple Denial of Service, worm, virus and
spam attacks to measure its impact on legitimate traffic performance. The generation of the
traffic can be over integrated IPSec, IPSecv6, PPPoE, DHCP, 802.1x and VLANs. It can
emulate tens of thousands of real clients and servers to measure device capacity, scalability
and performance under load.

        The tool reports real-time and granular QoE statistics, including MOS and MDI for Triple
Play services, providing accurate insight into the device application layer performance.

The tool supports different protocols such as :

            •   Application protocols:
                      o HTTP, HTTPS, FTP, SMTP, POP3, DNS, Telnet, RTSP, RTP, IGMP,
                Transport Stream, SIP, H.323, MGCP, SNMP, NFS, CIFS, ICMP, Traceroute,
                NNTP, DHCP, Jabber

            •   Integrated network access protocols:
                      o IPSec VPN, PPPoE, DHCP, 802.1x, VLANs

     The String Editor of the tool permits the randomization of parameters such as URLs,
spam subject lines, and e-mail file attachments. Network Tester’s Transaction Variability feature
enables users to change parameters on the fly, without stopping the test.

       Network Tester end-to-end (E2E) test capability allows to validate real-world performance
and scalability of distributed network infrastructures, ensure device interoperability and
guarantee network and service resilience to stress and malicious attacks. Real transactions can
be generated between remote locations to emulate real-world traffic over complete network

      Network performance and QoE statistics can be collected and analyzed in real time
providing a picture of distributed network system performance, robustness and scalability.

       Network Tester provides integration of application data, voice and video protocols with
DoS attacks and other malicious exploits such as worm and virus infected traffic payload.
Protocol and transaction mixing capabilities allow the creation of multi-protocol weighted traffic
profiles that emulate real-world network environments. This provides a test solution that
stresses all application aware device’s protocol specific processing features and options.

      Network Tester’s supported protocols include Internet data, VoIP, VoD and IPTV
protocols and is complemented with Capture/Replay feature for emulating proprietary
applications such as Peer-to-Peer, File Sharing or On-line Gaming. VLAN support and access
protocols such as IPSec, PPPoE, DHCP and 802.1x are also available with IPv6 capability.

       Network Tester combines real-world application traffic generation with passive analysis
features. It uses integrated Agilent Triple Play Analyzer, state of the art protocol and QoE
analysis tool to monitor test traffic and provide real-time insight into all aspects of protocols and
data services performance and quality (from the end user perspective). Triple Play Analyzer,
running on Network Tester controller, calculates and tracks voice and video MOS and MDI
scores in real-time on per call and per stream basis as well as performs packet and protocol
analysis. This also includes ability to decode, view and listen to any voice and video stream in
real-time for instant service quality assessment.

D4.2 - Broadband bottleneck analysis and capacity planning            Public                 48 (64)
Project deliverable                                   CELTIC TRAMMS

      With Network Tester, users can simulate thousands of clients and servers to stress a
device to its limits and generate and measure thousands of transactions per second or millions
of user sessions.

      Network Tester allows the user to validate the real-world performance limits of
application-aware devices including firewalls, service-aware routers, session controllers and
content servers. It has the ability to surround devices with real voice, video and data traffic with
IPsec encryption and multiple DoS attacks.


             o    Firewall testing

       The NetPressure application covers network security and contents networking test needs.
A broad range of protocols covers applications such as web, email, news, file transfer/sharing,
instant messaging and streaming. Multiple protocols can be mixed on a single port to create
tests. Fully integrated access protocols and VLAN are supported and stateful traffic can be
generated over IPsec, PPPoE, DHCP and 802.1x without the need for scripts.

       Firewalls use timers and keep state information. NetPressure's real-time control lets the
user dynamically change parameters while the test is running (there is no need to stop and
restart the test).

             o    VoIP testing

        The NetPressure application covers network security emulating both H.323 and SIP calls
(including both signaling and data) on a single port for realistic system testing. It mixes stateful
VoIP and data application traffic on a single port to verify prioritization and ensure VoIP QoS
and introduces DoS attacks and measures the impact on VoIP performance. The application
scales VoIP traffic to emulate thousands of calls per second and simultaneous calls to
determine the performance limits of the system. It measures real performance using stateful
traffic, from a mix of applications, over both IPv6 and IPv4. The support for IPsec and IPsecv6 are
integrated into the test plan environment.

                                             Figure 52:     VoIP testing

             o    Session border controller testing

         NetworkTester complements VoIP test tools. The NetPressure application extends the
test coverage, giving the confidence that the SBC (Session Border Controller) is ready to face
the real world. It emulates both H.323 and SIP calls (including both signaling and voice packets)

D4.2 - Broadband bottleneck analysis and capacity planning                 Public           49 (64)
Project deliverable                             CELTIC TRAMMS

on a single port for realistic system testing, introduces DoS attacks and measure the impact on
VoIP performance. Mixes stateful VoIP and data application traffic over both IPv4 and IPv6
on each port to verify firewalling and intrusion prevention, and to ensure VoIP QoS. Moreover,
the application scales VoIP traffic to emulate several calls per second and simultaneous calls to
determine SBC performance limits. It is able to simulate proprietary protocols by capturing
bidirectional traffic, create custom "protocol bricks", replay the traffic in a stateful manner, and
multiply the traffic across multiple addresses to simulate many users and measure SBC
scalability. The support for IPsec (and IPsecv6) is integrated into the test plan environment.
SNMP traffic load can be added to verify SBC stability and indifference to Management Plane

                              Figure 53:       Session Border Controller testing

            o   E-mail virus / spam filter

        The NetPressure application covers network security with transaction variability
features, such as the emulation of large quantities of spam with dynamically varying content. It
tests the performance of the virus filter with Client Profiles, which let the emulation of both
legitimate email and email containing virus attachments. It scales the test up to reach the limits
of the email filter.

            o   Triple play

      NetworkTester offers high-speed data, VoIP and video testing on a single port, within a
single test system. It emulates thousands of real users, changes the traffic application mix and
measures the impact of data applications on voice and video performance.

       The tool allows the user to add other multi-play applications, such as Instant Messaging,
to complete the Multi-Play application mix. That way, mixes of application traffic can be
emulated to characterize system performance limits and Quality of Experience under expected

      Proprietary protocols such as network games and P2P applications can be simulated and
scaled using NetworkTester's Capture/Replay capability. Multiple sessions can be emulated on
many different addresses to multiply application clients and servers. Many users can be
emulated playing games, sharing files and using common messaging services. This capability
enables to quantify the effectiveness of Application Traffic Management methods such as P2P

D4.2 - Broadband bottleneck analysis and capacity planning            Public                50 (64)
Project deliverable                             CELTIC TRAMMS

rate limiting, layer-7 packet classification and tagging, and application prioritization. For
example, the user can measure the real-time performance impact of application-aware firewalls
that can recognize and filter undesirable traffic.

      With Network Tester, the user can add DoS attacks, spam and virus attachments to the
application traffic mix. The tool shows the Quality of Experience degradation, whether VoIP call
set-up time suffers or whether the system is able to maintain the priority of real-time traffic when
detects attacks.

     NetworkTester integrates VLANs and access protocols such as IPsec, IPsecv6, DHCP,
PPPoE and 802.1x into a single NetPressure application, allowing to emulate voice, video and
data applications, including proprietary protocols and attacked traffic, over combinations of
access protocols, VPN tunnels, VLANs, and IPv4 and IPv6 address ranges.

                                   Figure 54:         Triple-Play testing

D4.2 - Broadband bottleneck analysis and capacity planning             Public               51 (64)
Project deliverable                            CELTIC TRAMMS

2. TRAMMMS Testbed for bottleneck analysis: Experimental set
        2.1.    Network setup and requirements for experimental work

            2.1.1.      Testbeds for simulated traffic analysis

      Initially bottleneck analysis can be checked by means of simulations. A good set of
simulating tools for network behaviour has been described in previous section. With the
objective of checking the usefulness of TRAMMS tools to detect bottlenecks, a combination of
routing and link capacity measurements was developed and showed in the recent CELTIC
event (Paris, 2009).

      The main component of the this work is described in next section: A BGP probe that
supplies routing information from several border routers to feed a central repository; in fact,
more than one single BGP repository could be fed but, for the test, only one management
center was set up:


        Three adjacent autonomous systems were simulated (see figure) with three border
routers exchanging routing information one another. Within each AS (autonomous system), the
routes from every internal node to another external one may be dynamically modified. Such
modifications are “announced” to the border routers at fixed intervals. In fact this scenario is
simulated and can be changed to reproduce instabilities in the AS-AS links.

     The purpose of this is accelerating the vision of what can be real situations that could take
several days, even months to happen.

                      Figure 55:    Scheme of network simulated for BGP repository

D4.2 - Broadband bottleneck analysis and capacity planning          Public                52 (64)
Project deliverable                                CELTIC TRAMMS


       All routes announced by the border routers are in fact simulated. This is achieved by
means of BGPsim, an open source software that emulates AS behaviour and the production of
withdraws, new routes, etc. Such behaviour can be described by a local file that can, in turn, be
modified to analyse different situations. Once the BGPsim is started, an AS behaviour is
emulated as far as AS-AS routing concerns. Thus a failure of all routing form one AS to a
neigbour can be simulated either total or partial. This is useful to represent the very realistic
situation of an AS having two border routers, acting one as backup of the other to link that AS to
a neigbour one.

      In order to represent the network behaviour, in fact, three different BGPsim are used so
that each AS can be emulated independently (by means of their particular configuration file). A
quagga instance is then required to emulate all the AS behaviour: A border router. Thus each
AS is simulated by

          a. A configuration file to determine the BGP behaviour
          b. BGPsim that runs that behaviour and announces withdraws or new routes
          c. A Quagga (virtual machine) that is run like a real border router for the simulated

So, three routers are running independently, in three virtual machines. Each one is connected to
an AS also simulated by another virtual machine running a BGPsim following its configuration
file directives. Finally, all three routers are connected to reproduce the BGP behaviour. This
operation is achieved by means of a (virtual) bridge; thus a network composed of three AS is


                               Config                                                       Bridge


                      Figure 56:     Virtual networks connections for the BGP arrangement

      Although the AS are simulated, the border routes are as real as any quagga device. Their
connection is also achieved by a virtual bridge but this is not relevant as far as routin
information exchange concerns: All announces issued from AS#1 reach AS#2 and AS#3 (the

D4.2 - Broadband bottleneck analysis and capacity planning               Public             53 (64)
Project deliverable                           CELTIC TRAMMS

same applies for any relashionship between other AS). Then a continous updating of routing
tables within every AS is obtained and so a coherent status maintained.

      Management network and roting exploitation

      Even though the three AS were simulated, real border routers interact like in real world.
Furthermore, for the purpose of generating a BGP repository, real probes are used to capture
routing announcements: A probe (described in next section) is connected to each (simulated)
border router, then all announcements are supplied to a central management system that
           1. Checks for coherence
           2. Produces a unified view of the AS-AS routing

         This view is represented (GUI) so that an operator can realize whether the situation
needs a rearrangement, migth lead to traffic troubles or can be automatically managed by the
bordr routers. In fact, just by modifying the configuration BGPsim files, a wide range of
situations can be analysed.

        A complete log file is recorded to be used as “post mortem” analysis tool allowing for a
time diagram that illustrates bottlenecks formation possibly dues to bad routing choices.

            2.1.2.      Testbeds for field traffic analysis

      Measurements of QoE are not precise enough to conclude significant decisions. The
values one can reach with current techniques are too vague and certainly slow.

      The integration of measurements and management of networks based on that values is
not covered yet.

       It requires extra investment on expensive equipment. To make it feasible for the operator
to introduce QoE measurements, TELNET RI proposes to take profit of already deployed
equipment over working networks. As this equipment is remotely updateable the inconvenience
for the operator is minimal.



     Netauditor is an evolution of the device CM100-IB by TELNET-RI (media converter with in
band management) that is actually installed in an ethernet network of Telefónica.

D4.2 - Broadband bottleneck analysis and capacity planning        Public                54 (64)
Project deliverable                            CELTIC TRAMMS

                                  Figure 57:   Test-bed for netauditort

      Over this network Telefónica allows medium and big companies to build up their on
private networks.

      On the drawing two private networks are represented. The “yellow company”, established
in Barcelona, Valencia and Madrid, and the “blue company” settled down in Barcelona and

     Every settlement counts on a CPE (EDC in Spanish) at the LAN of the customer
premises. This is connected to the CM100-IB slave over fast Ethernet.

     This device acts as a demarcation point for the operator and defines its field of

       The slave device reaches the CM100-IB master over a long fiber cable at the central
offices, where the master device is connected to a MPLS switch.

      Management network

        Every master device is installed at the central offices of the operator and is manageable
over an extra network. The slave devices are managed “in band”, over the fiber cable.

D4.2 - Broadband bottleneck analysis and capacity planning           Public              55 (64)
Project deliverable                                   CELTIC TRAMMS

        There are good chances to get the product installed into a real network of a main
operator in Spain during 2009. Sharing the results collected there depends on the operator

        2.2.      Tools developed for TRAMMS

              2.2.1.       Netauditor

         Telnet manufactures demarcation points that are naturally used for network deployment
by the operators. We aim to improve the existing equipment and to convert it into demarcation
point plus a QoE measuring probe for a similar price.

        This way the operator increases significantly the visibility of the network, without having
to cope with additional investment.

       Telnet demarcation points are integrated into the management systems of important
operators in Spain, so there is no need to invest into an extra network in order to gather the
QoE information and manage accordingly the traffic network.

Netauditor highlights are:
          •     Measurement over the whole path
          •     Constant monitoring in real time from the central offices
          •     Collection of historical statistics
          •     Provides the operator with visibility on the use of the network by the customer. It
                allows the operator to detect bottlenecks, as well as underused paths. Thus he
                can react commercially faster and offering his customers a better suited service.

Functional aspects

       The aim is to characterize the quality of the customer traffic between one LAN and the
LAN on the other edge.


                             1                                    2
                           master                               master

                          slave                                slave

                          EDC                                  EDC

                                  Figure 58:   QoS measurement with netauditort

D4.2 - Broadband bottleneck analysis and capacity planning               Public            56 (64)
Project deliverable                              CELTIC TRAMMS

        The operator needs to guarantee a minimum QoS up to the edge of his network
according to the contract signed with the customer.

         Unfortunately not every edge of the network is delimited by a TELNET device, so there
will be paths of the network with less visibility.

        The parameters measured to assure the IP performance are IP jitter, latency, packet
loss, packets out of order and quality throughput.

         TELNET understands quality throughput as the maximum traffic rate that is able not
only to traverse the network but also respecting the QoS parameters accorded.

        Management and data network impact

        The operator allows TELNET to inject probe frames, but the throughput has to be as low
as the customer traffic is always preserved and prioritised.

        All links have to be separately testable, in order to be able to isolate failure.

        The configuration of the system is extremely easy and “plug & play”.

         The amount of data travelling over the data network and management network is limited
so that the SNMP system runs smoothly on every condition.

WP4 – Algorithm design

        TELNET-RI has participated very close to the UAM within the design of algorithms, with
periodic meetings and collaborative work. During this part of the development the task of
TELNET-RI consisted of mainly specifying the design criteria for the UAM to think of algorithms
that can be implemented on the HW platform developed by TELNET RI. Thus, TELNET RI
would be able to keep the product at a reasonable price and the development on feasible

      In similar way, and together with the operator Euskaltel, the quality parameters to be
measured and the precision required have been defined to satisfy the needs of the operator.

         In fact two phases have been identified for measuring the quality of service of traffic
passing by. The first one involves classifying the traffic and the second selecting the parameters
that affect the experience of the user sending that flow.

       That way the main classes of traffic and their more indicative parameters have been
searched, measured and tested.

        An architecture of devices acting as satellites around one central equipment has been
also used. It allows keeping down the prices of satellites, passing the most complicated calculus
to the central node, keeping at the same time high measurement precision and wire speed.

WP4 – HW development and algorithm implementation

        TELNET provided the human and economical resources to count on a HW platform by
the end of 2008.

D4.2 - Broadband bottleneck analysis and capacity planning             Public               57 (64)
Project deliverable                             CELTIC TRAMMS

       The algorithms of the UAM have been integrated into the platform and field testing will
be possible during 2009.

            2.2.2.        BGP probe

         The purpose of analysing bottlenecks and determine their possible origin in routing
errors requires that a device sends BGP information (routing tables and announcements) to a
central system. This is accomplished by a probe linked to the border router that does not
interact with the rest of routers but just litsents:

                      Figure 59:   Software architecture of the BGP repository formation

        The Design of the probes aimed at being simple, flexible and not expensive. Thus a
general purpose hardware platform was chosen:

    •   Minimal hardware requirement of having two Ethernet ports.
    •   Little memory requirement (2 Gbytes) to store the application.
    •   Robust platform with tow versions: For rack installation and for table.

        Figure 60 shows a view of the probe.

         As for the software, the BGP probes are based on open software (quagga) with little
modifications to capture routing information (without propagating it to other routers) and send it
to a centralized management system whenever this one asks for updating announcements or
routing tables. This is illustrated in Figure 61.

D4.2 - Broadband bottleneck analysis and capacity planning             Public              58 (64)
Project deliverable                                CELTIC TRAMMS

                              Figure 60:      Hardware platform of the BGP probe

                                                  BGP probe
                  Border router



              Figure 61:     Software architecture of BGP capture by means of the BGP probes

        BGP repository construction

       As Figure 60 shows, the purpose of building anBGP repository up is achieved
connecting one or mor BGP probes to a central system that either periodically or
assynchronously asks for BGP information (announcements and routing tables) to the probe(s)

       This way, operators can investigate if routing malfunction has happened. Besides, for
the demo shown in Figure 55, a prototype of such central system was developed to create
alarms whenever a critical number of AS-AS routes were announced for a given link.

D4.2 - Broadband bottleneck analysis and capacity planning              Public                 59 (64)
Project deliverable                            CELTIC TRAMMS

            2.2.3.    One Way Delay measurements based on GPS

        There is nowadays an increasing interest in the surveillance of IP networks, in order to
assess its appropriate performance. This interest arouses for the needing both from users and
operators to monitor the Quality of Service of the Internet connection. The aim of QoS
monitoring is to assure that the levels of quality agreed with the provider are fulfilled (Service
Level Agreement compliance). In a SLA, both parts of the agreement established certain levels
of quality that must be satisfied by the provider of the service. Those levels of quality are
commonly measured in terms of delay and capacity, among others. For this reasons, it is of
crucial interest to have accurate measurements of the One Way Delays in IP networks.
Measuring OWD is a very challenging task and reams and reams have been written on the
subject. Nowadays there is no way to measure OWD accurately without synchronizing both
ends of the measurement. There have been several approaches to perform this
synchronization, but the only one fulfilling the precision needed by SLA compliance must use a
Common Time Source based on GPS modules.

        Developed solution

        UAM has developed two approaches for a Common Time Source synchronization
based on GPS modules to monitor One Way Delay for SLA compliance purposes, with a
tradeoff between cost of the solution and its precision. On the one hand we have a software
solution based on a Linux Kernel module that timestamps with high precision (in the order of
µs.) packets on their arrival. This software solution has less precision than the hardware
solution, but it has lower cost, as it would only need a conventional PC and a GPS module (see
Figure 62).

                             Figure 62:   Software OWD monitoring solution

        On the other hand there is a hardware based solution that makes use of a Field
Programmable Gate Array and a Linux driver (see Figure). It is able to timestamp packets both
on arrival and departure with an accuracy of nanoseconds, having also the advantage of being
upgradeable to 10 Gbps.

D4.2 - Broadband bottleneck analysis and capacity planning          Public                60 (64)
Project deliverable                                CELTIC TRAMMS

                                            Ethernet PCI Card


                      GPS                                       Ethernet Receiver

                                                                                        Ethernet Interface 1Gb

                                                                Ethernet Sender

                      PPS                  GPS Control
                                                                  PCI module                   PCI Bus

                            Figure 63:       Hardware OWD monitoring solution

        Delay measurement

        Figure 64 shows a sketch of the testbed used in the 4th Annual Celtic Event of 2009
that took place in Paris. There was a FPGA like that one shown in Figure 63 in Madrid sending
and timestamping user configurable burst of UDP packets. These packets were received in
Paris through a conventional Internet connection and timestamped on arrival both by the
hardware and software solutions, computing and graphing the elapsed time between
timestamping on departure and arrival.

                       Figure 64:        Demo testbed used in the Celtic Event 2009

            2.2.4.     Bandwidth Available in Real Time (BART)

       BART is a new method for estimating the end-to-end available bandwidth over a
network path. It estimates bandwidth quasi-continuously, in real-time. The method has also

D4.2 - Broadband bottleneck analysis and capacity planning                          Public                       61 (64)
Project deliverable                             CELTIC TRAMMS

been implemented as a tool. BART relies on self-induced congestion, and repeatedly samples
the available bandwidth of the network path with sequences of probe-packet trains, sent at
randomized rates. BART requires little computation for each sample which makes it lightweight
with respect to memory requirements, and adds only a small amount of probe traffic to the
network path.

         With restricted access to traffic statistics recorded by intermediate network nodes the
estimation of available end-to-end bandwidth is only feasible by active probing of the network
path. This kind of active measurement only requires access to the sender and receiver hosts.
By injecting probe traffic into the network, and then analyzing the observed effects of cross
traffic on the probes, BART can estimate the available bandwidth. As a side effect it also
estimates the link capacity of the tight link.

        Some of the features of BART are:
       • It produces an estimate quickly
       •   Estimation stability can be traded for agility
       •   Tuning is largely automatic, that is there are few parameters that need manual
           adjustment. Nevertheless BART may be tuned according to the specific needs of the
           measurement application, such as agility vs. stability of the estimate; or to
           characteristics of the bottleneck link.
       •   The memory requirements are minimal, as only the previous estimate and the new
           measurement are needed to calculate the new estimate of the available bandwidth.

        When passive monitoring of network traffic is not possible other methods for analyzing
network traffic and paths are needed. In the TRAMMS project, BART (“Bandwidth Available in
Real Time”) [2-8] is used for this purpose. BART is a method for estimation of end-to-end
available bandwidth and in principle BART utilizes active probing in order to determine the point
of congestion; this point defines the available bandwidth. If the probes are sent at such a high
rate that congestion occurs the probing rate is above the available bandwidth and wise versa if
the probes does not cause congestion the rate is below the available bandwidth. The concept of
active probing is visualized in Figure 65.

                       Figure 65:    Illustration of how BART utilizes active probing.

       BART uses the inter-packet strain ε, shown in Figure 65, as an indicator on whether the
probe packets sent with rate u caused congestion or not. The strain is zero for the uncongested
network and rises linearly with increasing input rate u during overload. For each measurement
sample ε BART updates the estimate of available bandwidth and bottleneck link capacity using
a Kalman filter.

        The BART Kalman filter

         In a Kalman filter-based approach [1] the system state X, in this case the available
bandwidth and link capacity, is estimated from repeated measurements of the inter-packet
strain ε. The system is influenced by a control input u, in this case the probe-packet rate. For
each new measurement sample ε above zero a new system state estimate x is calculated. The
process is illustrated in Figure 66. The update of the old system state using the new

D4.2 - Broadband bottleneck analysis and capacity planning              Public           62 (64)
Project deliverable                              CELTIC TRAMMS

measurement sample is done using weights which is based on the variance of the sample as
well as other tunable filter parameters.

                                 system                             estimator
                      u                              ε                                 ˆ
                                                                                       x new


                                    Figure 66:    The filtering process.

        The estimator, depicted in Figure 66, requires a model describing how the system state
X relates to the inter-packet separation strain ε. The model used in BART is shown in Figure 67.
In principle, the inter-packet strain is zero if the probe-packet rate is below the available
bandwidth while it increases linearly when sending probe packets at increasing rates above the
available bandwidth. The system state X is actually a two field vector describing the sloping line
shown in Figure 67. The definition of the available bandwidth using BART terminology is the
probing rate u that corresponds to the point where ε deviates from zero.

          An additional feature of the underlying model is that it can also be shown that the slope
of the line in the overload range is the inverse of the bottleneck capacity.


                                            AB                    u

                               Figure 67:   The BART measurement model.

         Using the model shown in Figure 67, the estimator tries to predict the system state. The
prediction of the system state is then corrected using the measurement sample, if ε is above
zero. This process is repeated for each new measurement sample thus tracking the available
bandwidth and link capacity in real time.

        Evaluation of BART

        BART has been evaluated in several scenarios and settings such as in laboratory
networks, over Internet paths and in networks where the bottleneck has been an 802.11b or
HSPA link. Most of the results have been published in academic conferences such as in
references [2-8]. The results indicate that BART estimates the end-to-end available bandwidth
as well as the bottleneck link capacity with the desired accuracy. Further, BART outperforms

D4.2 - Broadband bottleneck analysis and capacity planning             Public              63 (64)
Project deliverable                            CELTIC TRAMMS

pathChirp [9] – a similar tool that also produces estimates of bandwidth in real time – in terms of
accuracy and response to rapid changes in available bandwidth.

         Using the model shown in Figure 67, the estimator tries to predict the system state. The
prediction of the system state is then corrected using the measurement sample, if ε is above
zero. This process is repeated for each new measurement sample thus tracking the available
bandwidth and link capacity in real time.

        BART has been evaluated in several scenarios and settings such as in laboratory
networks, over Internet paths and in networks where the bottleneck has been an 802.11b or
HSPA link. Most of the results have been published in academic conferences such as in
references [2-8]. The results indicate that BART estimates the end-to-end available bandwidth
as well as the bottleneck link capacity with the desired accuracy. Further, BART outperforms
pathChirp [9] – a similar tool that also produces estimates of bandwidth in real time – in terms of
accuracy and response to rapid changes in available bandwidth.

                       Figure 68:   Setting for BART evaluation in operator networkl.

        The proposed measurement setup is illustrated in Figure 68. BART measurement
nodes are linked to routers at different places in the operator access network. Traffic-log nodes
are attached to the links using taps (e.g. fiber taps or Ethernet taps depending on network).
Using the BART nodes it is possible to estimate the available bandwidth between the two, and
using log nodes along the network path with taps hooked to the link the true available bandwidth
can be estimated by subtracting the cross-traffic load from the known link capacity. This way,
BART can be evaluated in operational networks having real users.

D4.2 - Broadband bottleneck analysis and capacity planning            Public               64 (64)