Monitoring Network Performance in China
-
Upload
thousandeyes -
Category
Technology
-
view
118 -
download
2
Transcript of Monitoring Network Performance in China
![Page 1: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/1.jpg)
![Page 2: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/2.jpg)
2
About ThousandEyes ThousandEyes delivers visibility into every network your organization relies on.
Founded by network experts; strong
investor backing
Relied on for "critical operations by leading enterprises
Recognized as "an innovative "
new approach
31 Fortune 500
5 top 5 SaaS Companies 4 top 6 US Banks
![Page 3: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/3.jpg)
3
• High latency and packet loss are common • 10 backbone access points (i.e., “choke points”) • 2 dominant, government-controlled ISPs: China Unicom
(North), China Telecom (South) – Underdeveloped and congested – Few peering points in between
• Highly sophisticated censorship system – Great Firewall – Great Cannon
A Different Internet in China
![Page 4: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/4.jpg)
4
• IP blocking – Routers drop all
packets going to blacklisted IP addresses
– Lightweight • DNS tampering
– Cache poisoning
– Keyword-based hijacking
The Great Firewall
![Page 5: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/5.jpg)
5
• Deep packet inspection and keyword filtering – Resource-intensive
The Great Firewall
Read more: https://blog.thousandeyes.com/deconstructing-great-firewall-china/
![Page 6: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/6.jpg)
6
• Set up Network tests to benchmark performance metrics like latency and packet loss
• Expect: – Higher latency and loss • Especially for traffic crossing into or out of China
– Changing conditions due to censorship and diurnal patterns
Baseline Network Performance
Read more: https://blog.thousandeyes.com/benchmarking-network-performance-china/
![Page 7: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/7.jpg)
7
Higher loss and latency from China
Clear diurnal patterns in outbound
traffic
Use Reports to Benchmark Performance
![Page 8: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/8.jpg)
8
Compare HK with geographically close locations in China: Foshan,
Zhuhai, Guangzhou
Performance differences can then be attributed to crossing the
Great Firewall
Use Hong Kong for Comparison
![Page 9: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/9.jpg)
9
• DNS packets often go missing – Frequently congested, unreliable networks – DNS poisoning and hijacking
• Cloud Agents in China use local ISP caches • Use DNS Server and Trace tests and alerts to check if
records: – Are always available – Have the correct mappings – Are served up quickly
DNS Issues
Read more: https://blog.thousandeyes.com/monitoring-application-delivery-china/
![Page 10: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/10.jpg)
10
DNS lookup of “dns-plx.ewr1.nytimes.com”
returns incorrect mappings to blocked
IPs of services including Facebook,
Dropbox
Tests to these blocked IPs are then blocked in
China Telecom and China Unicom
DNS Server Test: NYTimes.com A record
![Page 11: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/11.jpg)
11
DNS lookup of “ns1.p24.dynect.net”
returns correct mapping, suggesting DNS tampering on
NYTimes nameserver’s A
record
Test traffic from China makes it through to the
Dyn nameserver
Evidence of DNS Tampering
![Page 12: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/12.jpg)
12
Lookup of NYTimes.com A record
returns incorrect mappings to blocked IPs
Impossibly low resolution times suggest DNS
cache poisoning
Evidence of DNS Cache Poisoning
![Page 13: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/13.jpg)
13
• Page objects with blocked keywords or domains may fail to load and slow down page load times
• Watch out for: – Google: fonts, APIs, ads, Google Analytics – Facebook – Adobe Typekit – Marketo
• Use the waterfall in Page Load and Transaction tests to monitor for objects that fail to load
Blocked Page Components
Read more: https://blog.thousandeyes.com/monitoring-application-delivery-china/
![Page 14: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/14.jpg)
14
Objects from blocked sites Facebook and
Google have long wait times and fail to load
Page Load Test: Starbucks US from China
![Page 15: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/15.jpg)
15
China-optimized webpage sees
much lower object load times
Still room for improvement:
Google object has long DNS time
Page Load Test: Starbucks China from China
![Page 16: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/16.jpg)
16
• Scope alerts to China agents and recalibrate thresholds
• Consider ISP-specific Path Trace alerts
Alerting
Read more: https://blog.thousandeyes.com/monitoring-application-delivery-china/
![Page 17: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/17.jpg)
17
q Adjust your expectations and alerts based on Network test data q Use Reports to analyze data by
country q Also benchmark: q CDN providers q Data center/colocation providers
q Continuously monitor important services in China’s volatile environment
Best Practices for Monitoring in China q Understand the difficulties unique
to the Chinese Internet and adjust your monitoring strategy accordingly q 2 ISPs with few peering points q Underdeveloped and congested
q Only 10 access points q Stringent censorship q DNS poisoning and hijacking q Blocked page objects
![Page 18: Monitoring Network Performance in China](https://reader034.fdocuments.net/reader034/viewer/2022042619/58e4d6071a28abf5048b5499/html5/thumbnails/18.jpg)
18
See what you’re missing.
Watch the webinar:
https://www.thousandeyes.com/resources/network-performance-in-china-webinar