• No results found

Rorschach Plots and Network Performance Analysis

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Rorschach Plots and Network Performance Analysis"

Copied!
27
0
0

Loading.... (view fulltext now)

Download now ( 27 Page )

Full text

(1)

Rorschach Plots and Network

Performance Analysis

Jim Gilsinn

(2)
(3)
(4)
(5)
(6)
(7)
(8)
(9)

What’s This All About?

I used to work at NIST

I left about a year ago

I worked on ICS network performance metrics, tests, and tools

The test tools I developed have been dormant since leaving

The vendors I worked with while at NIST want to tool

My new employer won’t support open-source development

(10)

Performance Testing Methodology:

Performance Metrics

Publish/subscribe or peer-to-peer communications

Main performance metric: Cyclic frequency variability/jitter

Real-time EtherNet/IP uses publish/subscribe

•  Requested/Accepted Packet Interval (RPI/API)

(11)

Performance Testing Methodology:

Performance Metrics

Command/response or master/slave communications

Main performance metric: Latency

Large numbers of protocols use this

•  Most (All?) PC-based server/client protocols – HTTP(S), (S)FTP, etc.

(12)

IENetP Test Tool

Industrial Ethernet Network Performance (IENetP)

http://sourceforge.net/projects/ienetp/

Current Version = 1.1.2, Released 2011-02-11

Software Features

•  Analyze existing Wireshark captures

•  Allows user to override default EtherNet/IP filter

•  Isolates individual traffic streams

•  Determine cyclic jitter of those streams

•  Generates HTML report

•  Generates time-space & histogram graphs

(13)

NIST Performance Test Tool

Industrial Ethernet Network Performance (IENetP) Test Tool

(14)

FENT Framework

Personality Module Personality Module Personality Module

Universal Client Application API Universal Client Application

Testing Module Analysis Engine Testing Module Testing Module Testing Module Reporting Engine Analysis Engine Sensor Gateway Internet Ethernet Fieldbus

(15)

FENT Features

All Analysis Features From IENetP

•  Analyze Wireshark capture files

•  Build graphs and reports of results

Added Features

•  True multi-protocol support

•  Real-time testing capability

(16)

FENT Personality Modules

Wrapper for Driver

Application

•  Implement a TCP-socket

interface for UCA-API messaging

•  Build a simple XML-based PM

Descriptor file

Features

•  Describes Wireshark

parameters

•  Allows any protocol to be used

•  Can be built/loaded at run-time

Protocol PM UCA – API

PM Descriptor

(17)

FENT Framework Run-Time

1.  Testing Module ! Protocol PM – Grab protocol-specific Wireshark parameters via UCA-API

2.  Testing Module ! Wireshark – Start capturing traffic

3.  Testing Module ! Protocol PM – Command driver app to communicate with DUT

4.  Testing Module ! Wireshark – Stop Capturing traffic, process capture file using desired protocol and user

parameters, generate PSML file

5.  Analysis Engine – Read PSML file, analyze packets for desired metrics

6.  Reporting Engine – Report data to user

Protocol PM UCA – API

UCA

Testing

Module Analysis Engine Reporting Engine

PM Descriptor Wireshark

DUT

PSML File Driver App
(18)
(19)

FENT Framework

Project Home:

•  http://sourceforge.net/projects/fent/

What’s Available:

•  SVN repository & schema

•  FENT software

•  Conduct real-time testing

•  Analyze results

•  Build graphs on-screen

•  NIST SensorSim PM, IEEE 1451 PM

(20)

FENT Framework

Known Problems & Issues

•  Doesn’t work with Wireshark 1.9+

•  Tshark argument for getting fields changed

•  Logic problems with using multi-protocol Wireshark headers

•  Software doesn’t use true database

•  Testing automation not integrated

(21)
(22)
(23)

“Gold Standard” Background Traffic

What Is It?

•  A set of Wireshark captures, Linux scripts, and analysis results

•  Based on EtherNet/IP PlugFest performance testing requirements

•  High precision and accuracy Wireshark captures of PlugFest

performance background traffic

•  Linux scripts designed for use in BackTrack Linux (

http://www.backtrack-linux.org/)

•  Analysis results show validation for use in PlugFest performance

testing

Where Can You Get It?

•  http://ienetp.sourceforge.net/EtherNet-IP_Testing.zip or

(24)

PlugFest Performance Traffic

Traffic Type Rate (pps) Baseline Ste

ad y-Sta te Ma n ag ed Ste ad y-Sta te Unmanaged Bu rs t Ma n ag ed B u rs t Unmanaged

ARP Request Broadcasts 180

Gratuitous ARP Broadcasts 180

DHCP Request Broadcasts 100

ICMP (ping) Request Broadcasts 100

NTP Multicasts 10

EtherNet/IP ListIdentity Request 10

EtherNet/IP Class 1 1800

ARP Burst Requests 240 pkts @

(25)

“Gold Standard” Captures

Built From Individual Traffic Streams

•  Each traffic stream generated and captured using NIST Ixia system (a

few microseconds jitter)

•  Assembled using editcap and mergecap scripts

•  Final captures are 60-seconds long

•  Can’t just loop continuously

•  Longer test captures require rebuilding (not hard)

Analyzed Using IENetP

•  Analysis results are included in package

•  Well within spec for PlugFest performance testing needs (<25% of

(26)

Licensing?

The project is Public Domain!!!

(27)

What’s Next?

Contact Me

•  Jim Gilsinn •  301-706-9985 •  jim.gilsinn@kenexis.com •  Twitter – @JimGilsinn •  LinkedIn – http://www.linkedin.com/in/jimgilsinn/

Review the FENT SourceForge Project

•  http://sourceforge.net/projects/fent/

References

Download now ( PDF - 27 Page - 4.68 MB )

Related documents

Algebraic Independence over Positive Characteristic: New Criterion and Applications to Locally Low Algebraic Rank Circuits

We apply these two theorems to obtain an algebraic independence testing algorithm, an arithmetic circuit lower bound over arbitrary field and a PIT algorithm (over fields

Hoteling cruise ship's power requirements for high voltage shore connection installations

As regard to the obtained daily power demand curve, it must be considered that it has been developed with power peak values of the biggest cruise ships.. Consequently, the

LIBRARY OF CONGRESS NATIONAL DIGITAL LIBRARY PROGRAM and the CONSERVATION DIVISION

Part 1: Criteria for Selecting Items for Conservation Treatment before Digital Scanning Part 2: Safe Handling of Library Materials – Review of Practices3. C Basics C Books C Paper

The Tropical Subseasonal Variability Simulated in the NASA GISS General Circulation Model

(a) Precipitation (mm day 21 ) composited based on pre- cipitable water (mm) and (b) probability of precipitable water from observations (solid), AR5a (dashed), and AR5a_Ent1

Investor Behavior in the Option Market

Our key findings are: (1) non-market maker investors have about four times more long call than long put open interest, (2) these investors have more short than long open interest

Troubleshooting Tools to Diagnose or Report a Problem February 23, 2012

A Wireshark capture of the problem (the Wireshark capture should contain the signaling protocol – SIP, MGCP or H.323 – the RTP stream, and the syslog messages in debug

Lab - Using Wireshark to View Network Traffic

Wireshark again. Note: If your team member’s PC does not reply to your pings, this may be because their PC firewall is blocking these requests. Please see Appendix A: Allowing

Computer Networks/DV2 Lab

To show the packets and the information concerning the data, the network traffic has to be captured first; therefore Wireshark uses the Capture drivers. To begin capturing and