Distributed denial-of-service (DDoS) attacks can be a major threat to the availability...
1. What is Noction IRP?
Noction Intelligent Routing Platform (IRP) is a product developed by Noction to help businesses optimize their multi-homed network infrastructure. The platform operates at the network edge and receives a copy of the traffic from edge routers, passively analyzes it for specific TCP anomalies, and actively probes remote destination networks for metrics like latency, packet loss, throughput, historical reliability, etc…
It computes a performance or a cost-improvement network traffic engineering policy and applies the new improved route by announcing it to the network’s edge routers via a traditional BGP session.
2. Who should use Noction IRP?
Noction IRP is designed to help Service Providers and Enterprises that operate a multi-homed network environment improve BGP routing performance.
3. Are there any case studies or success stories with Noction IRP?
Yes. You can learn how Service Providers, datacenters and enterprises improved network performance with Noction IRP by reading the success stories on our clients page.
4. Can I test the platform in my infrastructure?
Yes. We can deploy a test installation in your infrastructure. The system can run in a non-intrusive (read-only) BGP mode. It will provide reporting on network performance, providers issues and outages without announcing any BGP updates to the edge routers.
5. Can I download IRP and install it on my own?
No. IRP deployment is a complex process that needs to be conducted and monitored by our technical support team. If you would like to test the platform in your network, please leave a Trial Request and we will get back to you to arrange a test deployment.
6. What are the hardware and software requirements for installing Noction IRP?
A detailed list of hardware and software requirements can be found in the technical requirements document.
7. How do I install and configure Noction IRP in my network?
Information about installing and configuring IRP can be found in the product documentation. Noction engineers will fully assist you during the deployment process.
8. How long it takes to deploy the system?
It strictly depends on the complexity of the infrastructure and the feedback speed. Once all prerequisites are ready it takes up to one day.
9. What is the product pricing?
Intelligent Routing Platform is licensed based on the network bandwidth usage, measured as monthly 95th percentile. Fill in a quote request, and we will prepare a customized quote for you.
10. What type of payment does Noction accept?
Noction accepts credit card payments, wire transfer and PayPal. Checks are accepted only for US customers.
11. Which routers can IRP work with?
IRP has been successfully tested with Brocade/Foundry, Cisco, Juniper, Huawei, Alcatel, Vyatta, Mikrotik, Arista and ZTE. Generally, IRP is designed to work with any standards-compliant BGP router which supports routing policies and standard BGP attributes.
12. Can IRP optimize routes across multiple locations?
Considering the inter-datacenter link’s added latency, one IRP instance can optimize networks with multiple physical locations which are in relatively close geographical proximity. If the network’s Points of Presence are located considerably far from each other, multiple IRP instances are required. Please see this post for additional details. Noction support team analyzes the customer’s specific topology and identifies the necessary number of instances.
13. What happens in the case of multiple edge routers? Will the system be able to have multiple BGP sessions to all of the different edge routers that we operate?
An IRP instance is required for each geographical location/POP in the case that latency between locations/POPs is lower than the recommended 70ms barrier. Otherwise the Multiple Routing Domains feature can be used to optimize traffic originating in multiple locations. While if you operate a single location with multiple edge routers, a single IRP instance will suffice. IRP is able to handle multiple BGP sessions with your edge routers.
14. Are you providing a physical or a virtual appliance?
Noction IRP can be delivered as a physical appliance based on a Dell server running CentOS 7 while Noction support team can also remotely deploy the system on your own server IRP cannot be provided as a virtual appliance since the system should be located within the customer’s network.
15. Can IRP be deployed on a Virtual Machine (VM) instead of a physical server?
In production, a dedicated server for each IRP instance is strongly recommended. The system can also be deployed on a VM with matching specifications, provided that this is hardware- or para-virtualization (Xen, KVM, VMware). OS-level virtualization (OpenVZ/Virtuozzo or similar) is not supported.
16. Does IRP optimize inbound traffic routing?
Starting with version 4.0, IRP can perform automated loss and latency optimization of inbound traffic. This feature improves inbound traffic performance by deflecting it from the worst-performing provider. For the traffic deflection consistency, IRP uses provider traffic engineering capabilities. (the ability to influence traffic based on the announced BGP community).
17. Does IRP offer automated inbound bandwidth management capabilities?
Starting with IRP version 3.4, IRP supports bandwidth management capabilities for inbound traffic. IRP monitors bandwidth levels and performance characteristics of alternative routes and automatically brings your traffic to the shape you need. IRP uses well-known and proven BGP mechanisms to adjust the count of AS Path Prepends announced by your edge routers for each of your network prefixes.
18. Does IRP offer transit traffic optimization?
Starting with version 3.7 IRP introduces Transit optimization features. Transit optimization is an enhancement of Inbound optimization. It relies on the same method of influencing Internet-wide routing – manipulating best path selection by increasing length of AS Path for a prefix carrying traffic on an undesirable interface.
19. Does IRP support IPv6 ?
Yes, IRP fully supports IPv6.
20. Who configures the product?
The initial configuration is performed by Noction engineers.
21. Can IRP detect provider failure?
Yes. IRP uses two types of BGP monitors to diagnose and report the state of the BGP sessions between the edge routers and the providers as well as network reachability through a specific provider. The information provided by these monitors enables IRP to avoid announcing routing updates that would result in traffic misrouting (sending improvements to a failed provider).
22. Does IRP support failover mode? Is there a way to add a secondary IRP instance as a backup for the main one?
Yes, IRP supports failover mode at the operating system level. As a requirement, one must install two IRP instances on two separate hardware units having the latest CentOS operating system preinstalled. Using the CentOS High Availability feature, one of the IRP instances runs in an Active mode while the second one runs in a Passive mode. Each server must have two network cards: one used for network communication and the other one used for data synchronization with the partner instance. In case of the Active instance failure, the Passive one will immediately take over.
23. What kind of interconnection is used between the IRP appliance and our network?
IRP uses regular Ethernet connection for management/probing. An iBGP session between the IRP appliance and your edge router is established on top of that.
24. How is the actual traffic rerouting performed?
Once a better path has been detected, IRP injects the new route with an updated next-hop and a higher local-preference value, so that the optimized routes take precedence over the original ones received from the providers. The updated next-hop is the IP address of the provider that has been selected by IRP as best-performing.
25. Will IRP inject the full original BGP table with optimizations in place?
IRP will announce back only the optimized prefixes/routes with the updated next-hop.
26. Does Noction IRP export Netflow or IPFIX?
IRP uses and analyzes Netflow/sFlow data by gathering a list of relevant prefixes which have to be probed and improved. IRP does not export Netflow or any other type of flow data.
27. How does IRP connect to my edge routers?
To connect IRP to your edge routers, an iBGP session needs to be established between the IRP appliance and your edge routers.
28. Does it matter what Linux distribution will be installed on the IRP server?
Yes. IRP supports only CentOS 7, x86_64 distribution.
29. How does IRP select which destination networks to optimize?
The networks to be analyzed and optimized are selected from the traffic data by the system’s Collector according to the traffic destination and configurable traffic volume thresholds. IRP will select the prefixes that are exchanging most of the traffic with your network. Each selected network will be probed by the system to detect outages, packet loss, latency and other routing anomalies. If IRP detects a better alternate path to a specific destination, it will automatically reroute the traffic according to your configurations.
30. If I choose the monthly subscription (MRC), what are the contract terms?
The minimum contract period is one year. However there is a month-to-month option available as well at a higher price. Please request a quote for exact pricing.
31. What Netflow-like protocol does IRP support?
IRP supports NetFlow v1, v5, v9, jFlow, IPFIX, and sFlow.
32. How does IRP probe the destination networks?
IRP probes the selected destination prefixes via: ICMP, UDP and TCP_SYN probes. The order in which these packets are used for probing can be adjusted in the configuration interface.
33. What is the frequency of probes?
After an initial probing (and improvement, if required), each improved prefix is being reprobed in configurable intervals (default value – 4 hours).
34. How does active probing work in the event that a probed destination prefix does not respond (e.g. Firewalled host/network)?
In the situation when an IP address is not responding the IRP’s probes, the system will run an indirect probing process and will optimize the whole prefix based on the indirect probing results. The indirect probing algorithms identifies the closest responsive IP to the probed network that belongs to the same ASN. If such an IP is detected, the indirect probing result will serve as basis for the routing decision.
35. Does IRP retain the previous improvements after a reboot?
Yes. All current improvements are stored in a persistent database. In case of an extensive downtime, the improvements are temporarily invalidated by the system and submitted for reprobing to confirm their validity.
36. What bandwidth / packet per second overhead does IRP ‘probing’ traffic add in practice?
By default, 70 concurrent probing threads are set up, generating an average outgoing traffic of 1200 Kbps and 230 Kbps of incoming traffic.
37. Why IRP probes so rarely? 4 hours seems a long interval. Internet is changing constantly and many issues may occur during 4 hours.
The default re-probing interval was calculated considering the complexity of network topologies, number of uplinks and average time per probe to complete. It can be adjusted by administrators after running the system for at least a few days and monitoring probing performance. Beside the default re-probing period, additional prefix probing can be triggered automatically by advanced IRP algorithms or by using the VIP Improvements feature. However, probing the same destination multiple times may flag alerts for network administrators or trigger a security or rate control mechanism in those networks, which is not desirable. To avoid IRP probes resemble malicious packets, we recommend administrators to limit the number of IRP probes to a reasonable level. Without having a sensible limit on the number of probes sent, probing packets will likely start to be dropped, which will lead to inaccurate probing results. More information on IRP probing principles can be found here.
38. How does IRP perform remote network probing for gathering network performance metrics?
The system uses one of the following methods for probing a remote network: ICMP, UDP, and TCP_SYN. The probing is self-learning, based on the network replies, updating the algorithms accordingly.
39. How can I request technical support?
For any technical support please contact us at email@example.com
40. How can I file a bug or request a new feature for future IRP releases?
Any feature request or bug report can be submitted at firstname.lastname@example.org
41. What is the difference between intrusive and non-intrusive mode?
In an Intrusive BGP mode IRP actively announces route improvements to your network, while operating in a non-intrusive mode, the system performs the probing and provides reporting on potential improvements without injecting them into your edge routers.
42. Will IRP change the source and destination IP addresses for traffic being rerouted?
No, IRP does not modify the packets content at any level.
43. Do I need to make any changes to my routers for IRP to work?
Yes, for proactive probing there are several PBR settings to configure on your edge routers. In specific complex scenarios, traffic from the IRP platform should pass multiple routers before getting to the provider. If a separate probing Vlan cannot be configured across all routers, GRE tunnels from IRP to the Edge routers should be configured (one GRE tunnel per each edge router). Also, for report generation, Commit Control decision-making and prevention of overloading a specific provider with an excessive number of improvements, a SNMP community per each provider needs to be set (a read-only community is enough).
44. Does Noction provide an API (Application Programming Interface) for IRP ?
IRP offers a rich API that gives you the ability to incorporate IRP functionality and data assets into your website applications, mobile apps, monitoring tools, etc.
45. Does IRP support LDAP, RADIUS or TACACS ?
IRP supports remote user authentication protocols such as LDAP, Active Directory and TACACS.
46. Does IRP operate with MPLS networks?
IRP does not work with MPLS since it has been designed to operate at the edge of the network using BGP.
47. Can IRP alter the BGP configurations on the edge routers, like changing a BGP peer-group, altering a BGP policy etc. ?
No, IRP doesn’t affect the BGP configurations running on the edge routers.
48. What is the maximum NetFlow amount that IRP collector can process?
IRP can collect and process up to 400,000 Mbps of NetFlow data, moreover there are IRP instances in production that can handle 600,000 Mbps.
49. What shall I use, traffic mirroring or Flow? What are the advantages and disadvantages of each type of collection?
Using Flow data is the recommended option since it allows to provide real-time traffic information to IRP without infrastructure changes and at a low cost.
Using Mirrored traffic will allow IRP to detect in a faster way network issues if the min_delay algorithm is enabled. This algorithm basically checks for TCP packet retransmits. In case it detects frequent retransmits, the destination prefix will be injected immediately for probing, therefore allowing IRP to react faster to these issues. Setting up Mirrored traffic can be quite expensive (10G link and NIC) according to the amount of bandwidth utilisation.
For best results, both methods can be used simultaneously.
50. Can IRP optimize peering traffic?
Yes. IRP is able to intelligently reroute peering traffic across Internet Exchanges as well as across separate eBGP links with your peers.
51. Is IRP compatible with Route Reflectors?
Yes, IRP is able to announce routing updates to a route reflector, which then propagates them to the edge routers.
52. Will I be able to override any routing decision made by IRP in case the situation will require manual intervention?
Yes, IRP’s front-end provides the full list of current improvements that can be re-routed or deleted at any time.
53. Is IRP able to optimize traffic across upstream providers that deliver a partial routing table?
Yes, IRP is able to optimize traffic across such providers. However, a requirement is that the network must connect to at least one transit provider that delivers a full routing table.
54. Could IRP protect my network against DDoS attacks?
IRP’s Threat Mitigation feature allows for automated DDoS detection and mitigation using BGP FlowSpec and the Remote-triggered Blackholing mechanisms. It requires minimum human interaction and comes with a user-friendly interface as well as versatile alerting/notification options.
55. How does IRP integrate with the existing network monitoring systems in our infrastructure?
IRP can integrate with your current network monitoring systems in the following ways:
1. IRP uses SNMP traps to send alerts towards the customer’s monitoring systems to notify about events that administrators have chosen to monitor. These are fully adjustable and administrators can decide upon which events should trigger notifications and then configure them on the platform.
2. REST API which provides the ability to access all statistics provided by IRP and even initiate manual probing for specific destinations.
IRP can also send email and sms notifications for various events.
56. What happens if IRP crashes?
In this case the BGP session between your edge routers and the IRP appliance is disconnected and all improvements are automatically withdrawn from the routing tables. The router(s) start referring to the standard BGP routing tables that are received from your external peers, thus no downtime occurs and the traffic starts flowing through the regular non-optimized paths.