The Internet serves as the backbone of modern communication, commerce, and collaboration. Yet, despite its ubiquity in our lives, the underlying protocols and network infrastructure that power the Internet often remain a mystery to most of its users.
Have you ever wondered how your data makes it to its target through the Internet? Or who is involved in forwarding and processing it? In this article, we will explore the basics of interdomain network visualization and how Anapaya Console can help us better understand the intricate workings of the Internet.
What is interdomain network visualization?
Interdomain network visualization refers to the process of mapping out and displaying the connections between networks that make up the Internet. It allows us to gain insight into how data travels from one network to another, which routers and network devices are involved in this process, and any potential bottlenecks or network issues along the way.
The Internet is a complex web of interconnected networks owned and operated by different organizations, such as Internet Service Providers (ISPs), content providers, and enterprises. Understanding the relationships between these large networks is crucial in troubleshooting network issues and ensuring efficient data delivery and network management.
The complexity of Internet traffic routing
The details of how network traffic is routed through the Internet are mostly opaque to users without a networking background. Understanding these intricacies typically requires deep networking knowledge and specialized tools, which are often text-based CLI tools or small GUI wrappers. This creates a significant barrier to entry, making the topic harder to approach.
There are attempts to make this more accessible through visualization tools like GeoTraceroute or Traceroute Online, which allow users to visualize a traceroute run as a geographic map. These tools help contextualize your traffic in the physical world, making it more tangible than the virtual world of bits and bytes. Even non-technical users can extract some information and imagine how their traffic moves through the physical world without needing to know all the low-level details of the underlying networking infrastructure.
However, these tools face a challenge with the current Internet: the routing decisions need to be discovered actively, and they are not guaranteed to reflect the actual path your traffic takes through the network. The routing decisions are made per packet and can change based on time, load, network events, or packet characteristics. In fact, two sequential traceroute measurements could show completely different paths through the network.
The limitations of active measurements
To discover how the Internet is connected and visualize it as a graph, many vantage points worldwide are needed to continuously monitor the network. Even then, it is hard to say whether the data is accurate, or if the topology has already changed in the meantime. That said, services like RIPE Atlas, RIS Live, and Route Views provide raw measurements.
Technically inclined users can leverage tools like BGPlay to map this raw data and visualize it as a logical map of the BGP world. There are also commercial solutions, like ThousandEyes that combine data from their own vantage points, their customers' infrastructure, and end-user devices. This data is then aggregated and visualized.
However, all these solutions share one fundamental limitation. They rely on active measurements to discover the topology of the network.
Why does network visualization matter?
Visualizing the network and its current state is beneficial for both technical and non-technical users. With the help of visualization, the depths of networking are made more accessible and approachable.
One key benefit that we have observed is that visualization immediately highlights the strengths of SCION. The great path diversity and resulting high redundancy is very apparent. Immediate failover can quickly be verified even without any understanding of what SCION ASes are and how they are identified. This allows users with varying degrees of understanding to have a common representation that is accessible to all of them.
Concepts such as multi-pathing and geofencing are made even more tangible through visualization. Instead of reading some textual representation of how the traffic is flowing through the network, you can experience these powerful concepts visually. Knowledge about SCION AS numbers, interface identifiers, and how they map to the physical world are not required anymore.
Network visualization also helps to quickly gain an overview of the network in case of an incident. For example, if there is a network issue in a specific site that affects multiple networks and collocated links, visualization allows you to immediately see all of these events are related. This gives you a head start for investigating potential issues.
How SCION enables more accurate interdomain visualization
In SCION, the interdomain routing decisions are made by the client before traffic is sent through the network. As a result, packets traverse the network on a predictable interdomain path independent of time, load, or network events. To choose such a path through the network, data about possible options is made available to end users and ISPs alike. This has a crucial benefit for visualization. We do not require constant monitoring from various vantage points distributed around the globe. The topology can be extracted directly from the set of available paths and visualized.
During the SCION path exploration phase (often referred to as the beaconing process), participating SCION Autonomous Systems (ASes) can augment discovered path segments with additional static information, such as geo-coordinates of individual links. This information can be extracted and used to accurately represent the link on a geographical map.
Another benefit of SCION is that end hosts gain insights into the current state of the path that they are using with the SCION Control Message Protocol (SCMP). If a link on the path experiences connectivity issues, the end host is notified and can reroute traffic on a more suitable path. This information can be leveraged to display the network topology and the current state of the network. By aggregating this data, we gain a better understanding of the network, which benefits everyone.
Introducing Anapaya Console
Our upcoming product, the Anapaya Console, will serve as the entry point in the SCION world. One of its core functionalities is to visualize the operational state of your Anapaya products as well as the SCION network.
The Anapaya Console greets you with a graph representation of the SCION network containing all nodes that are relevant to you. This grants a high-level overview of the global state. You can select individual nodes to get more contextual information. For example, see all the SCION links that a specific AS uses to connect to its neighbors. This is all based on information that is publicly accessible by SCION speakers. Non-public information is secured and only accessible to users of the respective organizations. As a result, you can only see the parts of the SCION network you can access.
For nodes over which you have ownership, you can benefit from more extensive and complete information. For our EDGE appliances, you can see what remotes they are currently connected to, and how they are tunneling traffic through the SCION network. The visualization is augmented with additional useful information like currently exchanged IP prefixes and usage metrics.
In case of a network incident, Anapaya Console provides you not only with visual insights. You can receive alerts that integrate with your existing incident management tools about interesting network events and potential service degradations. Alerts are also visible in the Anapaya Console directly, allowing you to pinpoint the issue and resolve it with confidence.
Beyond network state - Managing SCION deployments
The Anapaya Console is not limited to only visualizing network state and constellations. Another important focus of the Anapaya Console is to manage your deployments in the SCION world. Concepts like SCION ASes and IP-in-SCION tunneling have first-class support and allow you to manage fleets of appliances with ease.
With the Anapaya Console, you benefit from extended validation across organizations. Configure SCION peerings to your neighbors with peace of mind. In case of misconfiguration, you get notified and the correct information is suggested for you automatically. You can catch mistakes before they are deployed to production.
Conclusion
SCION comes with a rich set of features and additional data that are made accessible by the Anapaya Console. Key features like geofencing and immediate failover are demonstrated in an easily digestible way, even without years of training as a networking professional. Thanks to its complementing capabilities of inspecting network state and fleet management, the Anapaya Console is the perfect tool for you to enter the SCION world.
TAGS:
Anapaya CONSOLE