基于Storm的BGP报文分析系统设计与实现

发布时间：2018-07-08 14:03

本文选题：BGP + 域间路由事件　；参考：《北京邮电大学》2017年硕士论文

【摘要】：边界网关协议(BGP)作为域间主要的路由协议,是互联网不同自治域间互联互通的基础,对互联网的连通性和稳定性发挥着重要作用。路由策略错误配置、网络环境变化以及针对路由协议缺陷的攻击等带有破坏性的域间路由事件严重影响互联网应用服务的性能。BGP路由报文数据是研究域间路由事件的基础,随着分布式监测节点的不断增加以及路由事件实时监控的需要,原有的路由采集平台已不能满足监测数据快速增长和数据挖掘多样化的需求,构建细粒度的路由采集和数据归档分析系统以支持实时域间路由事件分析具有重要意义。本文首先对BGP报文分析系统进行了需求分析,提出了系统所支持的基本业务需求:多源数据采集、数据归并处理、数据持久化存储、实时报文分析计算、路由事件回放及检索等,并进行了需求功能分解。其次,本文基于Storm的流式大数据分析框架对BGP报文分析系统进行了结构设计和功能模块划分,基于可靠消息队列实现了多源路由报文数据归并,基于面向内存的流式计算技术实现了路由报文的实时分析和水平扩展以及基于大数据存储技术实现了路由事件分析结果的持久化存储和快速检索回放,从而建立了面向实时和流式计算的域间路由报文数据采集、存储和分析平台。最后,对BGP报文分析系统进行了功能和性能测试,测试结果表明系统各个功能模块运行良好并且业务处理高效。
[Abstract]:Boundary Gateway Protocol (BGP), as the main routing protocol between different domains, is the basis of interconnection among different autonomous domains of the Internet, and plays an important role in the connectivity and stability of the Internet. Routing policy misconfiguration, network environment changes, and attacks against routing protocol defects, such as destructive inter-domain routing events seriously affect the performance of Internet application services. BGP routing packet data is the basis of the study of inter-domain routing events. With the increasing of distributed monitoring nodes and the need of real-time monitoring of routing events, the original routing acquisition platform can no longer meet the needs of rapid growth of monitoring data and diversification of data mining. It is of great significance to construct a fine-grained routing collection and data archiving analysis system to support real-time inter-domain routing event analysis. In this paper, the requirements of BGP packet analysis system are analyzed, and the basic business requirements are put forward: multi-source data acquisition, data merging and processing, data persistence storage, real-time message analysis and calculation. Routing events are played back and retrieved, and the requirement function is decomposed. Secondly, this paper designs the structure and partition of function modules of big data message analysis system based on Storm, and realizes the data merging of multi-source routing message based on reliable message queue. The real-time analysis and horizontal expansion of routing packets based on memory-oriented flow computing technology and the persistence storage and fast retrieval playback of routing event analysis results are realized based on big data storage technology. Thus, an inter-domain routing data acquisition, storage and analysis platform for real-time and flow computing is established. Finally, the function and performance of the BGP packet analysis system are tested. The test results show that each functional module of the system is running well and the business processing is efficient.
【学位授予单位】：北京邮电大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP393.0;TP311.52

【参考文献】