CUBRO - telecomtest.com.au

CUBRO

www.cubro.netCubro is a trademark of Cubro Acronet Gmbh Vienna/Austria

The Sessionmaster EXA Series, is the next evolution step in the row of the successful Cubro Packet Broker product line. Layer 7 packet handling is a standard in this product range. Intelligent Layer 7 load balancing is a challenge but supported. Keyword and regular expression search is also a standard feature in this product line but the big differentiator to any other product on the markets is:

The EXA understands network protocols, not only by the port number. The EXA can decode protocols similar to a probe. This feature is vital to do keyword and regular expression search, and to produce useful results. It makes no sense to search for a regular expression in the full packet, you only want to search in the relevant fields to get a correct search output.

The Sessionmaster EXA Series products focus on the mobile core network, metropolitan area network (MAN), and Internet data center (IDC) big data monitoring. The Sessionmaster EXA Series helps our customers deploy their network application flexibly and quickly by aggre-gating, filtering, load-balancing and replicating the target traffic, de-duplication,time-stamping, load-balancing the PSC/EPC signal-ing-plane and user-plane traffic, and distributing specified traffic to multi-ple monitoring tools effectively.

Version 1.1 Okt. 2015

Technical Features & Models :

Sessionmaster EXA 28 Ports 28 x 10 Gbit SFP+Throughput 280 Gbps


Sessionmaster EXA 32 Ports 32 x 10 Gbit SFP+ 2 x 40 Gbit QSFPThroughput 400 Gbps


Management 1x RS232 RJ45 1 x USB 2.0 1x FE RJ45

Dimensions 440 x 532 x 44.4mm W x D x H

Power Typical: 145W Max: 212WDual 1+1 redundant hot-swappable power supplies, AC or DC

AC:100-240V, DC: 36- 72V

Environment Specifications Operating temperature 0-40Operating relative humidity 5%-95%

Sessionmaster EXA Series

session aware load balanced to monitoring system

the S5 or GN interface istypically not one link

Typical application!

Mobil Core MonitoringSession aware load balancing of GTPv1 and GTPv2 traffic to multiple probes

Application

Physical

Application

Network

Transport

Session

Presentation

CUBRO


General Functions & Features

Ultra-high port density and ultra-low power.

The Sessionmaster EXA series products can provide up to 56 10GbE SFP+ ports in 1 U and support device cascading by 2 40GbE ports. However, the typical power is 145W. In conclusion, the Sessionmaster EXA can increase the access capacity and decrease the operation cost, providing the perfect solution for the next-generation network monitoring and traffic analysis.

Multi-dimensional traffic classification capability

With the high-performance N-tuple classifica-tion algorithm, the Sessionmaster EXA series products support many traffic matching rules including the input port and vlan id match, IPv4/IPv6 5-tuple (supporting mask and range) match, bit-pattern filtering using user-defined attributes match, etc.

Additionally, the Sessionmaster EXA supports millions of extensible ACL rules. In this way, the flexible and robust traffic classification capability helps distribute the target traffic to the monitoring tools more efficiently.

Intelligent load balancing capability in the mobile core network

The Sessionmaster EXA can decode, track and identify the signaling protocols of various interfaces in the mobile corenetwork. In this way, the Sessionmaster EXA can not only extract and restore the specified signaling but also guarantee the traffic integrity of the same session or user during the load balance process.

Powerful packet pre-processing capability

The Sessionmaster EXA can pre-process the packet in many ways including

• Re-assembling the IP fragment• Correcting the retransmitted or disordered

TCP flow, • Slicing the packet, • Deduplicating, • Stripping the encapsulation or tunnel and • Time stamping, etc.

Therefore, the Sessionmaster EXA both offloads for the monitoring tools and im-proves their operating efficiency great-ly. With the powerful ability of data burst buffering and multi-dimensional data statistics, the Sessionmaster EXA helps the monitoring tools troubleshoot typical problems including packet loss and disorder.

Application list: • Load balancing GTPv1 and GTPv2 traffic

• Keyword filtering (IMSI filtering)

• Keyword filtering (called party filtering on SIP)

• General keyword filtering (The EXA can classify the traffic with 7-tuple rule and string matching rule, both of them match simultaneously. Users can set 63 string match-ing rules and each rule support up to 128 string patterns (hexadecimal number supported).

• Session aware load balancing

• GB & IUPS filtering 6 load balancing

CUBRO


CUBRO



CUBRO


Powerful Network IPv4/IPv6, TCP/UDP/SCTP, HTTP, L7, etcProtocol MPLS, PPTP, L2TP, GTP, GRE, IP over IP, VLAN, PPPoE

Identifying Gn/IuPS, S11, S1-MME/S1-U/S6a, etcUltra-detailed IPv4/IPv6 5-tuple, LTE/3GPP 5-tuple in the tunnel，supporting mask and range

Traffic IP 7-tuple (dip, sip, dp, sp, pro, input port, vlan id)

ClassificationKey words; key words + 7-tuple rules to make detailed classificationGn, S1-MME, S11, S6a, S1-U, etc protocols in PSC/EPC

Traffic Classification Rule

8 groups of 7-tuple ACL rules, each group containing 2048 IPv4 rules and 2048 IPv6 rules64 groups of key word rules, each group containing up to 128 key words2048 extensible IP rulesMillions of accurate 5-tuple rules (non-range and non-mask)Real-time rule configuration and updating

Packet Processing

Time stamping, ns-levelSlicingReplicationIP fragment reassemblingVLAN tag adding or deletingIdentifying GTP upstream and downstream trafficGRE/GTP/MPLS header strippingPacket order preserving4 GB data burst buffering

Accurate Statistics

Input and output portsTraffic classification rulesTCP/UDPHistorical peak traffic of each port

Forwarding based on the traffic classification ruleForwarding based on the specified output portLoad balance, methods including WRR, RR, N-tuple hash, etcLink check, forwarding the traffic to the link-up ports from the link-down ports dynamicallyQoS, adjusting output rate according to the threshold of each portGuaranteeing the data (from one or many devices) integrity of the same user or the same sessionGuaranteeing the data integrity in load balancing:signaling plane, user plane, signaling plane and user plane, PDP sessionUser-defined input and output portsSupporting single fiber receiving or transmittingAuto link checking and protectingDevice cascadingInput and output traffic replicationSupporting 1/10/40 GbE network and tool connectionsConsole, ssh and telnet, etcRPC api, REST api, CLI, SNMPSystem log, warning reportOnline updatingWatchdog and self-healing

Port Feature

Management

Traffic Action


CUBRO


Applications

IMSI (international Mobile Subscriber Identity) filtering application.

If you have the need to monitor a customer or a bunch of customers in a mobile core network you have two ways. Capture all traffic with a large and expensive monitoring system, and search later in the database of the monitoring system for the customer’s traffic, to analyze it. The other option is smart filtering.

The Cubro Sessionmaster EXA can do this filter correlate and aggregate the traffic of one or a bunch of customers, based on the IMSI. This is done on line in Sessionmas-ter so that you can connect simple monitoring devices (Laptop & Wireshark) to analyze the traffic. The reason why you can do this with a small capture device because we forward only the traffic of one customer and this is a small portion of the traffic.

We use a two stage concept, typically the GN ports carry a lot traffic up to multiple 10 Gbps. Therefore we must split the traffic to smaller portions. The first stage is to load balance the traffic session aware to 20 Gbps portions. In the second stage the Sessionmas-ter EXA correlates the GTP traffic (4 tunnels) and search for the IMSI in the signaling tunnel. The Information in the signaling tunnel provides the transport information to find the customer traffic in the data tunnels.

HTTP filtering in the GTPv1 or GTPv2 tunnel in a Core UMTS LTE Network.

This applications show the capability of the Sessionmas-ter EXA to filter inside the GTP tunnel without removing the GTP header. The application is filtering the http traffic inside the tunnel and load balance the traffic. As an additional feature the GTP header could be also removed from the filtered traffic.

In line GTP tunnel decapsulate & tunnel encapsulate.

This application is a very challenging approach, the idea is to remove the GTP tunnel only on HTTP traffic, process the traffic and add the GTP tunnel in the life link. !

1) The traffic is sent over a Cubro optical bypass switch to the Sessionmaster EXA, to protect the live link in case of a failure

2) From the Bypass the traffic goes to the EXA. The EXA removes the GTP tunnel but stores the tunnel information

3) The EXA sent the pure (without gtp header) IP traf-fic to the application server (firewall, IDS, proxy ...)

4) After processing the traffic is sent back to the Sessionmaster EXA

5) The EXA now sends the packets with the original GTP header re-encapsulated, over the optical bypass switch back to live link

6) The traffic is now reinserted in the live link

GN (GTP) GI

session aware gtp load balancing

gtp correlation & imsi �ltering

SGSN GGSNRNC

Ethernet Frame IP

UDP

IP TCP/UDP

DATA

GTPv1 | GTPv2

GN (GTP) GI

SGSN GGSNRNC

IP TCP/UDP

DATA

Ethernet Frame IP

UDP

IP TCP/UDP

DATA

GTPv1 | GTPv2

to monitoring

DVD

GN (GTP) GI

SGSN GGSNRNC

IP TCP/UDP

DATA

Ethernet Frame IP

UDP

IP TCP/UDP

DATA

GTPv1 | GTPv2

CUBROPower 1

Power 2A B A B

Network Bypass Bypass on / o�

A B A B

Network Bypass Bypass on / o�

Duallink optical Bypass

1

2

3

4

4

5

6

6

CUBRO - telecomtest.com.au

Documents

Transcript of CUBRO - telecomtest.com.au