SDK Your Net Corporation Monitube2 IPTV Monitoring Example: monitube2-plugin Documentation

1.0

Overview

This is a sample application that is part of the sync-monitube2-data package.

This documentation contains the functional specifications for the SDK Your Net Corporation (SYNC) Monitube2 Project. This project consist of the development of a basic IPTV monitoring system (herein the system) designed to operate quickly in the network data path on the Juniper Networks MultiServices PIC hardware module. This makes the system suitable for deployment on Juniper Networks M-, MX- and T-Series routers. The system will be implemented using Juniper's Partner Solution Development Platform (PSDP), also called the JUNOS SDK. This system is targeted to operate with version 10.0 of JUNOS and beyond. The system's behavior is similar to that of the original SYNC MoniTube project, but with a different implementation so as to demonstrate the usage of a different model and different APIs. The key difference in MoniTube2 compared to the MoniTube are:

The system functionality will include monitoring selected Real-time Transfer Protocol (RTP) streams for calculation of their media delivery index (MDI) (RFC 4445). The system is designed to be deployed on any nodes that pass IPTV broadcast service or video on demand (VoD) streams which are respectively delivered over IP multicast and unicast. This document assumes the reader has basic knowledge of IPTV and MDI.

For configuration and behavior of past versions or the original MoniTube sample application project, please see the documentation for that version.

Sample setup

In this section we show a sample configuration, and explain how to setup the system to get it running.

These are the parts of the configuration that should be setup to activate and run the system properly. The comments included are numbered, and will subsequently be explained in more detail below.


system {
    syslog {
        ##
        ## 1. Show informational messages
        ##
        user * {
            any emergency;
        }
        file messages {
            any info;
            authorization info;
        }
    }
    extensions {
        providers {
            sync; ## Use the providerID in the certificate used for compiling
        }
    }
}
chassis {
    fpc 0 {
        pic 1 {
            adaptive-services {
                service-package {
                    extension-provider {
                        ##
                        ## 2. Recommended settings for a Type-I MS PIC
                        ##    could be higher for others
                        ##
                        control-cores 1;
                        data-cores 7;
                        object-cache-size 512;
                        forwarding-db-size 20;
                        policy-db-size 40;
                        package sync-monitube2-data;
                        syslog {
                            external info;
                            daemon any;
                            pfe any;
                        }
                    }
                }
            }
        }
    }
    fpc 1 {
        pic 2 {
            adaptive-services {
                service-package {
                    extension-provider {
                        control-cores 1;
                        data-cores 7;
                        object-cache-size 512;
                        forwarding-db-size 20;
                        policy-db-size 40;
                        package sync-monitube2-data;
                        syslog {
                            external info;
                            daemon any;
                            pfe any;
                        }
                    }
                }
            }
        }
    }
    ##
    ## 3. Send traffic sampled in FPCs 2 and 3 to a special sampling instance
    ##
    fpc 2 {
        sampling-instance numero-uno;
    }
    fpc 3 {
        sampling-instance numero-uno;
    }
}
interfaces {
    ##
    ## 3. Server is on this network; note the firewall filter application
    ##
    fe-1/1/0 {
        unit 0 {
            family inet {
                filter {
                    input my-samp-filter;
                }
                address 192.168.2.1/24;
            }
        }
    }
    ##
    ## 4. Mirror destination is on this network
    ##
    fe-1/1/1 {
        unit 0 {
            family inet {
                address 10.227.7.230/24;
            }
        }
    }
    ##
    ## 5. Client is on this network
    ##
    fe-1/1/3 {
        unit 0 {
            family inet {
                address 192.168.0.1/24;
            }
        }
    }
    ms-0/1/0 {
        unit 0 {
            family inet;
        }
    }
    ms-1/2/0 {
        unit 0 {
            family inet;
        }
    }
    ##
    ## 6. Optionally setup debugging
    ##
    pc-1/2/0 {
        multiservice-options {
            core-dump;
            debugger-on-panic;
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 192.168.1.1/32;
            }
        }
    }
}
forwarding-options {
    sampling {
        ##
        ## 7. Configure sampling to the MS PIC
        ##
        sample-once; ## optional
        input {
            rate 1;
        }
        family inet {
            output {
                interface ms-1/2/0;
                extension-service sample-to-ss2;
            }
        }
        instance {
            numero-uno {
                input {
                    rate 1;
                }
                family inet {
                    output {
                        interface ms-0/1/0;
                        extension-service sample-to-ss1;
                    }
                }
            }
        }
    }
    family inet {
        filter {
            input my-samp-filter2; ## table filter (applies to all interfaces)
        }
    }
}
##
## 8. Setup the router to enable IGMP and route Multicast using PIM
##
protocols {
    pim {
        interface fe-1/1/0.0 {
            mode dense;
        }
        interface fe-1/1/3.0 {
            mode dense;
        }
    }
}
##
## 9. Setup the firewall filter to perform the sampling
##
firewall {
    family inet {
        filter my-samp-filter {
            term rule1 {
                from {
                    destination-address {
                        224.0.0.0/4;
                    }
                    protocol udp;
                }
                then {
                    sample;
                    accept;
                }
            }
            term rule2 {
                then {
                    accept;
                }
            }
        }
        filter my-samp-filter2 {
            term rule1 {
                from {
                    destination-address {
                        226.0.0.0/8;
                    }
                    protocol udp;
                }
                then {
                    sample;
                    accept;
                }
            }
            term rule2 {
                then {
                    accept;
                }
            }
        }
    }
}
services {
    ##
    ## 10. Configure service sets and apply MoniTube2 rules
    ##
    service-set ss1 {
        sampling-service {
            service-interface ms-0/1/0;
        }
        extension-service monitube2-plugin { ## must have this name
            monitube2-rules r4;
        }
    }
    service-set ss2 {
        sampling-service {
            service-interface ms-1/2/0;
        }
        extension-service monitube2-plugin { ## must have this name
            monitube2-rules [ r1 r2 ]; ## can be a list
        }
    }
    ##
    ## 11. Configure MoniTube monitoring and mirroring rules
    ##
    sync {
        monitube2 {
            rule r1 {
                from {
                    destination-addresses {
                        226.0.1.4/24;
                        228.0.3.0/24;
                    }
                }
                then {
                    monitoring-rate 1245184; ## 1 Mbps video + 192 Kbps audio
                }
            }
            rule r2 {
                from {
                    destination-addresses {
                        226.0.1.4/30;
                    }
                }
                then {
                    monitoring-rate 1245184; ## 1 Mbps video + 192 Kbps audio
                    mirror-to 10.227.1.45;
                }
            }
            rule r3 {
                from {
                    destination-addresses {
                        0.0.0.0/0;
                    }
                }
                then {
                    mirror-to 10.227.7.234;
                }
            }
            rule r4 {
                from {
                    destination-addresses {
                        226.10.1.5/32;
                    }
                }
                then {
                    mirror-to 10.227.7.233;
                }
            }
            traceoptions {
                file m2.tr;
                syslog;
                flag all;
            }
        }
    }
}

Figure 1 Sample excerpts of a system configuration.

Here we present more detail on the configuration above by explaining the commented sections in detail. The number of the item below corresponds to the number in the comment from the Figure 1.

  1. We have setup the syslog file called messages to receive messages from all facilities if they are at or above the informational level. This is important since the management component uses the info level when trace messages merge into syslog. Furthermore, the data component uses the info level in all of its regular status logging. If one desires to observe the normal behavior of the system, setting up the syslog file in this way is necessary. Note the new syslog configuration under the chassis hierarchy as well.
  2. In this section of the configuration, we direct the data component's package to be installed on the MS PIC. We define an object-cache size to use. It is generally recommended to use the maximum. For the Type-1 MS PIC 512 MB is the maximum. We also set the forwarding database size to 20 MB which should easily be be fine for ~200K routes. We also set the policy database size to 40 MB which is more than adequate to hold most policy configurations for our application. Here we set the number of control cores to the minimum number of 1, and data cores to 7. Of the 8 total cores in the MS PIC's CPU, this leaves 0 user cores. The system's main control thread runs an internal user CPU carved from core 0 or one of the data cores without a poller. This main thread's responsibilities are processing general configuration, and and all aspects of communication with the management component.
  3. We give the IP address 192.168.2.1 to the fe-1/1/0.0 interface. Attached to this interface is the network 192.168.2.0/24. In our sample setup we have the IPTV video server in this network configured with the address 192.168.2.2. We also attach the my-samp-filter firewall filter to this interface in the input (ingress) direction. See the details of comments below for more on this filter.
  4. We give the IP address 10.227.7.230 to the fe-1/1/1.0 interface. Attached to this interface is the network 10.227.7.0/24. In our sample setup we have the mirror destination configured at an address that is reachable out this interface. In our case there is another router in between the end host we will see is 10.227.1.45; however, the mirror destination address could equally be in the 10.227.7.0/24 network (making it directly connected with respect to layer 3), or any other network that is routable out of any interface.
  5. We give the IP address 192.168.0.1 to the fe-1/1/3.0 interface. Attached to this interface is the network 192.168.0.0/24. In our sample setup we have the IPTV video client in this network configured with the address 192.168.0.2.
  6. In this section we configure an optional part of the system's configuration, but it may be useful for debugging should any problems arise. This configuration is normally not meant for production environments. Here we use the pc prefixed form of the MS PIC's interface name. Under this we may set some debugging configurations such as debugger-on-panic. This prevents the PIC from rebooting upon a crash that would normally cause a reboot.
  7. Under the 'forwarding-options sampling' hierarchy, we configure where sampled packets will be sent. We have a global instance configuration that applies to all sampling in general. We also have another instance numero-uno. When sampling happens on FPC 2 or 3 (any interface there or by the table filter there), then instead of getting the packet sampled to ms-1/2/0 it will go to ms-0/1/0. This is governed by the sampling-instance configuration under chassis. Our data component is installed on both sampling targets, but we don't expect anything going this sampling instance in practice. It is merely for example purposes.
  8. Since our router is in between the IPTV video server and client, it needs to be configured to enable IGMP and Multicast routing. Here we setup the PIM routing protocol on the interfaces where we expect the multicast transmitters and receivers. Since we know our transmitter (server) will be 192.168.2.2 and our receiver will be 192.168.0.2, we enable PIM on the fe-1/1/0 and fe-1/1/3 interfaces. For this setup we recommend using PIM in dense mode as shown.
  9. Here we show the setup of the firewall filter that is eventually applied to the fe-1/1/0.0 interface. Using the filter's term from parameters we setup this filter to match all UDP multicast traffic. Using the filter's term then parameters we setup this filter to take all matched packets and sample them. The accept action is implied with sample, but it is a good idea to configure it, nonetheless, for those who are not aware of this. Looking at this firewall filter and the sampling configuration, it is easy to understand how the traffic matched by the firewall filter will be directed to the MS PIC, and hence our service. We also added a similar filter, my-samp-filter2, applied to the inet routing tables under forwarding-options. This filter is for example purposes.
  10. Here we configure the service sets. ss2 is the one we will use in practice, the other is for example purposes along with the other sampling instance. In ss2 we have extended the configuration to support a one-line list of MoniTube2 rules. The rule names must match rule names configured below. Only these rules will be applied to the traffic of this service set.
  11. Under this object is where most of the new system's configuration lies. MoniTube2 policy configuration is grouped into rules consisting of mandatory from and then clauses. In the from clause, a list destination prefixes to match against are specified. Any traffic falling into these prefixes will match the rule. Once a rule match occurs, the rule's actions are taken. Actions are specified in the then clause. One or two action can be specified. The monitoring-rate action specifies that the service should collect MDI statistics on the traffic matching the rule. The mirror-to traffic specifies that the matching traffic should be mirrored to the given IP address. If of the multiple applied rules prefixes overlap, the best (longest prefix) match takes precedence . In the case of equal length prefix, the first applied rule takes precedence. For example, 226.0.1.5 will match rule 2.

For our sample setup we will stream a multicast channel using the 226.0.1.5 address. In our only monitor, mon1, we choose to set it up to capture and monitor traffic in the 226.0.1.4/30 prefix (226.0.1.4, 226.0.1.5, 226.0.1.6, 226.0.1.7). This will thus capture our stream on 226.0.1.5. We will stream the IPTV channel using a video at a rate of 1024 Kbps and audio at a rate of 192 Kbps, thus we configure our media bit rate to 1,245,184 bps (1,216 Kbps) for monitor mon1. We also setup a mirror, to mirror any traffic going to 226.0.1.5 to 10.227.1.45. It would be expected that the host at 10.227.1.45 contains a view station capable of viewing the IPTV traffic.

Once the above configuration has been performed, setup the VideoLAN VLC software on the server and client hosts. This is freely available at http://www.videolan.org. Use VideoLAN VLC streaming how-to guide to easily setup a video stream. In this setup we use a lengthy video file as input on the server, and set the stream output setting to use:

Using this setting one can start the playback (multicast) as desired from the server. When it is started, it may be viewed using another instance of VLC with the Media Resource Locator udp://@226.0.1.5. This can also easily be setup by selecting Open Network Stream, and choosing UDP/RTP Multicast as the method with the 226.0.1.5 address. When this is done from the client host it generates an IGMP Join message to join the 226.0.1.5 multicast group, and subsequently the router begins sending the multicast out of the fe-1/1/3.0 interface.

As the router is configured with PIM, as the server begins multicasting, and as the client joins or leaves the multicast group, it is educational and interesting to observe the changes in the output of the following commands:

In addition, you can observe the MDI statistics changing using the new Monitube2 commands 'show sync monitube2 statistics'. You can clear the statistics with 'clear sync monitube2 statistics'.


2007-2009 Juniper Networks, Inc. All rights reserved. The information contained herein is confidential information of Juniper Networks, Inc., and may not be used, disclosed, distributed, modified, or copied without the prior written consent of Juniper Networks, Inc. in an express license. This information is subject to change by Juniper Networks, Inc. Juniper Networks, the Juniper Networks logo, and JUNOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Generated on Sun May 30 20:27:08 2010 for SDK Your Net Corporation Monitube2 IPTV Monitoring Example: monitube2-plugin 1.0 by Doxygen 1.5.1