In this implementation, agents exchange diagnostic information according to the compo- nent ontology described in Chapter 4 and using the protocol described in Chapter 6. Agents communicate information about several types of components and diagnostic tests. In this section I briefly describe each of the types of components and tests that agents understand. Section 8.5 describes how agents observe these components and properties and use this in- formation for diagnosis. The complete component ontology can be found in Appendix B.
8.3.1
Components
Agents in this prototype implementation diagnose HTTP connection failures. An HTTP Connection class has descriptive properties srcIP, destHost, destHash (MD5 hash of the destination hostname),connTime, andstatus; and relationship propertiesdnsLookup, httpServer,localNet, andipRouting. An HTTP Connection is identified byconnTime anddestHash. An HTTP Connection failure may be due to a failure in the DNS Lookup, a failure at the destination HTTP Server, a Local Network connectivity problem between the user and their ISP, or an IP Routing failure elsewhere in the network. When an agent starts up for the first time, it retrieves dependency knowledge about HTTP Connections from the knowledge agent.
An HTTP Server class has an identifying propertyipAddrindicating its IP address. An HTTP Server also has a status property and an aggregate property consecFailuresTo- Serverrepresenting the number of consecutive users who experienced failures connecting to this server. Server history agents can probabilistically infer the status of a server from consecFailuresToServer.
A Local Network class has an identifying property ipAddr, a status property, and an aggregate propertyconsecFailuresFromUserrepresenting the number of consecutive unique destinations to which this host experienced HTTP connection failures. User agents and regional agents can useconsecFailuresFromUserto infer the status of a Local Net- work component.
A DNS Lookup class has astatusproperty, a destination hostnameproperty, and an IP address list property ipAddrs. The IP address list property contains a list of the IP
addresses for the given hostname returned by the DNS lookup, or is empty if the DNS lookup failed.
An IP Routing class has a statusproperty, asrcIPproperty, and adestIPproperty. IP Routing components are identified by their source and destination IP addresses. The status of an IP Routing component depends on the status of the underlying AS Path.
AS Path components have a srcAS property, a destAS property, a status property, and two component relationship properties: nextASHop, and anextASPathproperty that refers recursively to another AS Path. AS Hop components also have the propertiessrcAS, destAS, andstatus.
8.3.2
Diagnostic tests
To illustrate the range of possible diagnostic tests CAPRI supports, I implemented several different types of diagnostic tests that vary greatly in terms of required inputs, outputs, and cost. These diagnostic tests include both passive measurements computed from historical observations, as well as active measurements that probe the current state of the network. In addition, some diagnostic tests such as a Verify DNS Lookup Test produce only an observa- tion of the value of the property of a diagnostic test. Others also produce information about the dependencies of a component, such as an AS Path Test that provides information about both the AS path dependencies of an IP path as well as information about the status of the links along the path.
One diagnostic test is to observe the error code returned by the web browser application. A Firefox Error Test has a descriptive propertyffoxErrorCodeand a relationship property httpConnindicating the corresponding HTTP Connection. See the Appendix B for the full list of error codes.
Another useful diagnostic test is to determine whether the user can connect to a known good web server. An Outbound Conn Test diagnostic test class has descriptive properties srcIP, probeURI, and probeResult. The test result is either OK or FAILdepending on whether the user agent was able to connect to the destination host. Users and regional agents can use the result of an Outbound Conn Test to infer the status of a Local Network.
DNS specialist agents can perform a Verify DNS Lookup Test. This test has descrip- tive properties hostname anddnsLookupResult; and a component relationship property dnsLookupreferring to the DNS Lookup component tested. The test result may be one of six possible values:
LOOKUP ERROR CONFIRMED Neither the user nor the DNS agent was able to get
an IP address for the given hostname.
LOOKUP ERROR UNCONFIRMED The user was unable to get an IP address, but the
DNS agent was able to obtain an IP address for the given hostname.
CORRECT The IP addresses in the DNS Lookup component match the IP addresses ob-
tained by the DNS agent.
INCORRECT The IP addresses in the DNS Lookup component differ from the IP ad-
LOOKUP ERROR The user obtained an IP address for the hostname, but the DNS agent
failed to get an IP address.
ALIAS The DNS agent’s DNS lookup indicated that the hostname is an alias for another
hostname. In such situations, frequently different users will obtain different IP ad- dresses for the same hostname. For example, content delivery networks such as Akamai use DNS aliases to return different IP addresses to different users.
A DNS specialist agent infers the status of a DNS Lookup using the value ofdnsLookup- Result.
IP routing specialist agents can perform AS Hop Tests and AS Path Tests to determine the status of IP Routing between two Internet autonomous systems. An AS Hop Test has descriptive properties srcAS,destAS, and asHopTestResult; and a component relation- ship property asHopindicating the AS Hop being tested. AnasHopTestResultis either OKorFAIL, depending on whether the agent was able to successfully route IP packets from the source AS to the destination AS. The source and destination ASes of an AS Hop Test must be neighboring ASes. An AS Path Test has descriptive properties srcAS, destAS, andasPathTestResult. AnasPathTestResultis eitherOKif the traceroute was able to reach the AS of the destination IP address, or FAILotherwise. An IP routing agent infers the status of an AS Hop from the result of AS Hop Tests, and can infer the status of an AS Path from AS Path Tests and AS Hop Tests along the AS path from the source to the destination. It can then infer the status of the IP Routing component. In this prototype implementation, this test is performed using the Scriptroute Rockettrace tool [81] and des- tination ASes are looked up using whob.3 Note that an agent may not always be able to test the status of an AS hop if the agent is not along the AS path from the user to the web server or if a failure occurs before reaching the source AS.