VoIP Monitoring System Analysis (1)

Source: Internet
Author: User

At present, many devices are often converted through routers and firewalls. However, the price of the devices that want to meet the OC192 line rate is usually very high, and the investment in comprehensive monitoring of the entire network is very huge. Therefore, using special algorithms and devices to analyze network data while reducing device prices is a feasible solution for the whole network monitoring of VoIP. This paper proposes a new algorithm and structure while solving practical problems. For the current network measurement, network billing can be used as a reference method.

I. Overview

Over the past few decades, the Internet with TCP/IP as the core technology has been greatly developed and has become part of the daily life of ordinary people. Network measurement was not paid much attention to in the early stages of Internet development. At that time, network designers were more concerned with improving the speed, capacity, and coverage of the network. As the scale of the Internet expands and the network structure becomes increasingly complex, the network itself shows many problems, such as viruses, network attacks, and spam. To solve these problems, we need to have a better understanding of the basic characteristics and behavior of the network. As a subject with experimental physics, the network discipline must depend on the acquisition of real network data for further development, therefore, the measurement and analysis of the internet has become one of the important topics of researchers.

The main content of network measurement is to use various tools to measure and analyze the current network parameters. There are multiple classification standards for network measurement. The measurement methods are divided into active measurement and passive measurement. The measurement points are classified into single point measurement and multi-point measurement. The measurement items are determined based on whether the person is informed or not, divided into collaborative measurement and non-Collaborative measurement. According to the protocol used for measurement, divided into BGP-based, measurement of OSPF and other routing protocols, measurement of network and transport layer protocols based on TCP/IP, and measurement of application layer protocols based on SNMP and DNS; according to the measurement content, it can be divided into topology measurement and performance measurement. Network parameters can be divided into Availability, Loss rate, latency, and Throughput.

With the continuous advancement of network technology and the increasing trend of network convergence, IP networks begin to carry more and more traditional telecommunication and television network services. At the same time, more new services are emerging on the Internet. Researchers are paying more and more attention to the measurement of network applications. Especially for VoIP applications, the development speed on the Internet is particularly amazing. VoIP protocols are emerging. Currently, popular protocols in the network include H.323, MGCP, SIP, and SKYPE. VoIP is a typical application of CTI (three-in-one network). It uses the existing data network Internet as the basic bearer network to encode traditional telecom voice signals, then data communication is performed on the Internet to connect the voice.

For commercial or security purposes, we need to supervise this new type of business. Traditional Telecom Network Monitoring is a tree structure with centralized control, which is very helpful for monitoring. However, the existing structure of the Internet network is mesh, and there is no centralized control, as shown in the figure, we need new devices to complete monitoring and monitoring, which is the starting point for designing VoIP monitoring.

Ii. System Description and evaluation indicators

1. System Description

A backbone network has n egresses, and the data packet that flows through it is set to m VoIP (protocol-different) in a period of time ), after analysis by the system black box, we can obtain the m call record tuples (), source IP address, destination IP address, source port, destination port, protocol type, Creation Time, And call duration.

The difficulty is that IETF defines some common ports (Well-knownports) for many applications to provide application identifiers. The identification of different applications can be completed by detecting the port numbers in the network packets. At present, most of the application measurement work on the actual network only uses the quintuple (source IP address, source port number, destination IP address, destination port number and Protocol Number) in the IP header) the identification method.

However, with the continuous development of Internet technology, especially the wide application of VoIP technology, it is impossible to identify different applications in the network by port numbers alone, these applications are mainly emerging applications that use streaming media technology. In addition, due to the wide application of firewalls, more and more applications are deliberately using random or completely random ports within a certain range. In addition, some applications not only use non-standard ports, sometimes it will deliberately occupy some special ports (such as HTTP port 80) to confuse the firewall. In summary, the main difficulties encountered in application identification and classification on the network are as follows: Port Randomization; application hiding; the emergence of new applications; and the continuous improvement of network loans.

System analysis cannot be conducted in the traditional quintuple matching mode, but must use data analysis at the higher application layer.

2. Evaluation Indicators

Our goal is to design and implement a new network speech application layer program Identification and Analysis System, which has the following features:

(1) wire speed analysis of backbone network data. The basic requirement of a carrier-level system is that the equipment on the backbone network has high stability and the stability of peak traffic. This feature ensures that the entire network is not affected when devices connect to the backbone network in a string or concurrently.

(2) cost of software and hardware systems. Due to the characteristics of Internet communication, the entire network must be configured and controlled during call monitoring. Therefore, a large number of devices are required. Therefore, reducing the unit device price is very favorable for the entire system investment.


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.