2002 - cesnet
2002 - cesnet 2002 - cesnet
After the tests, we deployed hardware IP phones to three different localities– Prague, Ostrava, and Plzeň. Call Managers were temporarily registered topublic dialing prefixes. By doing so, the whole solution became available withinthe public telephony network. Unfortunately, after certain changes in our provider,we lost the arranged prefix, and therefore the contact centre becameinaccessible for the external testing.ICMCallManagerIP-IVRIPCCsupervisorManagementCESNET2supervisorManagementIP-IVRICMCallManagerIPCCIP phoneIP phoneIP phoneAgentUsersCESNET PrahaVoiceGatewayPBXVoIP interfacepublicphonenetworkVoiceGatewayPBXVoIP interfaceVŠB OstravaIP phoneIP phoneIP phoneAgentUsersFigure 14.2: Current distributed IPCC connectionIPCC operates currently at private dial numbers, where the system is working,including the definition of waiting queues and operators. At the end of the year,we managed to obtain dialing prefixes from the Ostrava range. We will make theentire system available again, within the newly assigned prefixes, at the beginningof the next year.In the future, we expect utilization of this solution for the needs of CESNET and/or its members. The solution can be used as a branch exchange or help-desk.168 High-speed National Research Network and its New Applications 2002
15 Intelligent NetFlow AnalyserThe specification of the Intelligent NetFlow Analyser required developing of amodular distributed system entitled NetFlow Monitor that would allow evaluationof the network traffic by processing NetFlow statistics exported from Ciscorouters.The monitor should make it possible to perform the traffic analysis almost inreal-time mode. Besides that, the intelligent filtration, aggregation, and statisticdata evaluation should be provided and the system should offer the multi-criteriadata selection on the level of individual data flows, as well (e.g., by source/target IP address, protocol, ports, etc.). The system is also comprised of heuristicmethods allowing processing of protocols with dynamically changing ports.In addition, the system should be able to intelligently notify about suspiciousnetwork traffic activities (for example security incidents, routing errors, etc.) bysending warning messages.The whole system is divided into three blocks:• executive core – NetFlow Collector• user interface – NetFlow Monitor• sending of warning messages – NetFlow Event.15.1 NetFlow CollectorThe first component is written completely in the C programming language andperforms the actual processing of data received. In this half-year, we integratedsupport for the NetFlow export version 6 processing. Thus, NetFlow Monitorcurrently supports versions 1, 5, 6, and 7. The support for certain types of statisticsfrom version 8 is under development. We are also working on the NetFlowexport version 9 support, which is available in selected Cisco Systems devicessince June 2002.The NetFlow Collector already supports some basic modules. An example canbe the module for forwarding a data flow to a different target (NetFlow Forwardermodule). This module ensures sending of the NetFlow exports to oneor more IP addresses and selected ports.Another module is, for example, the input data filter, which uses input accesslists (ACL) for its operation – i.e., lists of subjects from which the NetFlow exportscan be received. The last module example is a part of the database storageof received and processed NetFlow exports. Besides storing data from theinternal cache memory into the MySQL database, the functions of the exportmodule also include aggregation of individual pieces of information about dataflows with time.High-speed National Research Network and its New Applications 2002169
- Page 117 and 118: H.323 WorldSIP PhoneMS Messengerand
- Page 119 and 120: ation with students at the Strahov
- Page 121 and 122: 9 Quality of Service in HighspeedNe
- Page 123 and 124: In addition, Juniper routers make u
- Page 125 and 126: We tried to divide the capacity of
- Page 127 and 128: low with respect to the capacity of
- Page 129 and 130: Figure 9.10: Loss rate on Prague-Po
- Page 131 and 132: sendingapplicationTCP senderseqackp
- Page 133 and 134: Figure 9.13: Example of a course of
- Page 135 and 136: Part IIInternational Projects
- Page 137 and 138: 10 GÉANTSince 1996, CESNET has bee
- Page 139 and 140: Figure 10.2: Utilization of individ
- Page 141 and 142: 11 DataGridSince 2001, our research
- Page 143 and 144: Therefore, we organized a meeting w
- Page 145 and 146: 12 SCAMPISCAMPI (Scaleable Monitori
- Page 147 and 148: 12.3.1 WP0 - Requirement AnalysisTh
- Page 149 and 150: 1 6 12 18 24 30requirements analysi
- Page 151 and 152: Part IIIOther Projects
- Page 153 and 154: 13 Online Education Infrastructurea
- Page 155 and 156: 13.1.2 Construction of a Teleinform
- Page 157 and 158: with high-capacity disk memories co
- Page 159 and 160: If the collaboration of individual
- Page 161 and 162: ten, whereas items in the hyperlink
- Page 163 and 164: Besides that, we processed some lec
- Page 165 and 166: CallManager was designed using open
- Page 167: tre, when we were forced to handle
- Page 171 and 172: In the second half-year, we complet
- Page 173 and 174: 15.4 ConclusionDuring 2002, our tea
- Page 175 and 176: • data space consolidation (easy
- Page 177 and 178: ecord size [kB] 256 512 1024 2048 4
- Page 179 and 180: Figure 16.3: Nishan-Linux measureme
- Page 181 and 182: 16.3.1 No SecurityThe initiator is
- Page 183 and 184: vices. These features mainly involv
- Page 185 and 186: Figure 17.1: www.cesnet.cz• We ha
- Page 187 and 188: The meeting was broadcast live via
- Page 189 and 190: Most of the problems connected with
- Page 191 and 192: Standard manipulator (privileged us
- Page 193 and 194: 19 Security of Local CESNET2Network
- Page 195 and 196: Moreover, the program was complemen
- Page 197 and 198: in the network of AV ČR Praha-Krč
- Page 199 and 200: 19.5 Future Plans, Expected Further
- Page 201 and 202: InternetNTPEthernetKPCPPSLabelPPSLa
- Page 203 and 204: generated by the NTP server. Its ou
- Page 205 and 206: 21 Platforms for Streaming andVideo
- Page 207 and 208: streaming serverAAA (LDAPS) server1
- Page 209 and 210: 21.5 Video Content CollaborationPla
- Page 211 and 212: First of all, we had to define an a
- Page 213 and 214: international-scale broadcast will
- Page 215 and 216: Part IVConclusion and Annexes
- Page 217 and 218: 23 ConclusionThe current developmen
After the tests, we deployed hardware IP phones to three different localities– Prague, Ostrava, and Plzeň. Call Managers were temporarily registered topublic dialing prefixes. By doing so, the whole solution became available withinthe public telephony network. Unfortunately, after certain changes in our provider,we lost the arranged prefix, and therefore the contact centre becameinaccessible for the external testing.ICMCallManagerIP-IVRIPCCsupervisorManagementCESNET2supervisorManagementIP-IVRICMCallManagerIPCCIP phoneIP phoneIP phoneAgentUsersCESNET PrahaVoiceGatewayPBXVoIP interfacepublicphonenetworkVoiceGatewayPBXVoIP interfaceVŠB OstravaIP phoneIP phoneIP phoneAgentUsersFigure 14.2: Current distributed IPCC connectionIPCC operates currently at private dial numbers, where the system is working,including the definition of waiting queues and operators. At the end of the year,we managed to obtain dialing prefixes from the Ostrava range. We will make theentire system available again, within the newly assigned prefixes, at the beginningof the next year.In the future, we expect utilization of this solution for the needs of CESNET and/or its members. The solution can be used as a branch exchange or help-desk.168 High-speed National Research Network and its New Applications <strong>2002</strong>