CSEE W4140 Networking Laboratory Spring 2009

CSEE W4140
Networking Laboratory
Spring 2009

About the Final Projects
   Projects are offered to students who are interested in having more hands-on experience in networking.
    Students who elect to do the final projects will do them in place of the final exam.
    You will work in teams of two.
    You may choose your own topic, choose from one of the suggestions below, or propose an interesting variation of the suggestions below.
    If you choose your own topic, you must discuss it with me first.

    For the majority of topics, hands-on experiments, observations, and analysis are the crucial elements of the project.

Project Topics (General suggestions - feel free to modify them to make them more interesting)

Unified network perimeter/server security tool

You are to design a box to provide security at various levels.
It may have various tools such as a firewall , NIDS (both signature and anomaly based detectors ) , VPN / IPSEC connection to a host behind a corporate network , captcha (to protect web services) , PAM authentication , LDAP based authentication of users , RADIUS based unified authentication and authorization scheme etc. We don't really need to care about the configutation interface design. All we need is a box with various authentication and authorization schemes available.
Resilience of network equipment and hosts against Denial of Service Attacks

For this project we will measure the resilience and the behavior of routers, switches and end hosts against Denial of Service (DoS) attacks. The attacks can be of any type: network level attacks (Packet fragmentation, source address spoofing etc.) or Application level attacks: (Routing protocol attacks, CDP attacks etc.)

{ This project has been taken from Fall 05 class Networking Lab}
Secure BGP

Exploring, deploying and analysiing secure routing protocols such as Secure BGP over a small in lab testbed and compare the performance with regular BGP and show how some of the attacks which are prevalent using BGP can be prevented using Secure BGP.
Convergence of routing protocols

For this project you will have to measure the stability and time of convergence for the widely used routing protocols. You will have to setup different network topologies such as line, star, etc. and peering relationships. Then you will inject artificial faults into the network (link and router failures) and you will measure:

   a) the effect to the end-to-end connectivity and reachability for all the nodes participating in the network.
   b) the time required for the routing protocol to converge to a stable routing state.
   c) the resource consumption on the routers: the number of messages exchanged and cpu load during the instability.

Related bibliography:

Timothy G. Griffin and Brian J. Premore: An Experimental Analysis of BGP Convergence Time . Proceedings of the 9th International Conference on Network Protocols (ICNP 2001), November 2001.

Z.M. Mao and R. Govindan and G. Varghese and R. Katz: Route Flap Damping Exacerbates Internet Routing Convergence, {Proceedings of ACM SIGCOMM 2002}, August 2002.

{ This project has been taken from Fall 05 class Networking Lab}
The capacity of network devices

Testing the capacity of networking devices (cisco routers , hubs and voip gateways) for supporting internet telephony and a study of possible DoS attacks using internet telephony when using such network devices (as in the required connections to deny legitimate users to establish calls) when using the normal networking devices.
IPv6 networks

Setup an all IPv6 network and compare the performance / behavior of IPv6 versus IPv4.
IPv4 to IPv6 translation

There are various methods proposed for IPv4 - IPv6 conversion of the Internet. Compare the perfomance and pros and cons of these methods using linux hosts.
Using OpenFlow Switches for Network Research

OpenFlow is a standard that allows network researchers to run experiments on a production network. Setup an OpenFlow switch and controller on linux virtual machines and run two flows on the network: e.g. one is a disruptive network research experiment and another is a normal file transfer.

http://www.openflowswitch.org/
Setup a VLAN for voice and data traffic

You will be provided with SIP phones. You will configure a simple SIP server with SIP phones and seperate 'voice' traffic from the 'data' traffic using VLAN.

VLAN
SIP

{ This project has been taken from Spring 08 class Networking Lab}
MPLS

MPLS is a layer 2.5 protocol that incorporates ideas from the virtual circuit networks where a packet is forwarded based on a label rather than an IP address. Conduct a performance analysis of MPLS routing over layer 3 traditional routing.

MPLS Architecture
MPLS Linux Implementation
XORP router

Setup a XORP router on a Linux machine and configure RIP, BGP, and SNMP. Show that it works in a network running Quagga and Cisco routers.

XORP

{ This project has been taken from Spring 08 class Networking Lab}
Cloud Computing Testbed

Setup a cloud computing testbed using an open-source software on linux and xen hypervisor.

Cloud computing with Linux (article from IBM)
Eucalyptus
Xen hypervisor
Throughput and delay comparison for various TCP flavors

In this project, you will compute link utilization as a function of number of FTP flows on the link.

Also, you will compare the throughput and delay performance of various TCP flavors such as New Reno, BIC, Westwood under configurable network conditions.

BIC TCP
TCP Westwood
Network emulation

{ This project has been taken from Spring 08 class Networking Lab}
BGP route view data analysis and trends

This project is for students who are interested in analyzing how BGP operates in practice. AS-level BGP messages will be collected from various vantage points or we will utilize some already existing e.g. from routeviews. The goal is to understand how BGP operates under normal circumstances and when there is a network problem such as a virus outbreak, a wrong prefix announcement etc. Extensive statistical treatment of the data will be required to find the emerging behavioral patterns and, if possible, to create an early warning tool for the operators upon detection of problems or deviations from "normal".

To be decided upon selection of the project. This project is more open-ended and requires more effort and knowledge of the networking material, especially BGP.

APNIC routing table analysis
CAIDA AS-level adjacency table
Route views project
NANOG
Potaroo
BGP reports from Potaroo

{ This project has been taken from Spring 08 class Networking Lab}

Grading
    The project will be 20% of the total grade for this course, same as the final exam.
    Final project grades are further subdivided into the following criteria:

Project proposal	5%	Project proposal contains at a minimum an explanation of the project topic, equipment requirements, and expected deliverables. The topics above are general suggestions. If you choose a topic, you still need to be specific about what you'd like to experiment and analyze. The scope or goals of the project should be clearly written as well.
Interim report	20%	This is a progress report. Write what you've done so far and your plans to finish the project including the roles of each person. Also include your understanding of the problem or the area of interest from background readings. Any technical problems you foresee in finishing the project, and your solution or alternative method of approach can also be mentioned here.
Demo and final report	75%	This is the final product that you've worked so hard for five weeks. Put together a nice demo to show off your work. The final report should include everything from the project topics and goals, roles of each person, your setup and configuration, experiments, observations, and analysis. You can also include descriptions about the obstacles you ran into while doing the project and how you solved the problem.

Schedule

Due date	Deliverables
April 3	Project and team selection
April 10	Project proposal
April 22	Interim report
May 8	Demo and final report