Border Gateway Protocol (BGP) is today’s Internet routing protocol.
Its natural route selection process relies on a single and basic metric, AS-PATH. Whether an AS is short or long, BGP doesn’t know and might route traffic through a path with high delay, although a better path exists.
The routing protocol is also not able to detect packet loss, saturated transit services or bursts over transit committed data rates, which means sub-optimal costs management.
Expereo XCA EDGE gears BGP with performance and traffic measurement based analysis. It notices any abnormal routing situation and works around it. Read more
Objectives Improve availability, performance and reduce cost of IP BGP multi-homed networks.
Technology SDN – Software Defined Networks powered by BGP – Border Gateway Protocol
Measurements XCA EDGE measures and reports RTD, packet loss and traffic volumes for all prefixes with which users are swapping traffic
Routing events XCA EDGE monitors and reports global network and BGP events. XCA EDGE routing policies can interpret any network event. For instance, in case of interface loss within a LAG, the routing policy will drop the available transit bandwidth, avoiding saturation of the transit.
Routing decisions Outbound – XCA EDGE pushes BGP more specifics (or higher local-preference) updates to Edge routers to take over natural BGP decisions.
Inbound – Routing decisions are pushed either through router CLI configuration (AS-PATH prepending, customer communities) or RPP, the Route Preference Protocol created by Expereo.
Routing policy Standard routing policies are available by default, for example “Best Performance” or “Performance/No burst”. Customised routing policies can be developed on demand.
Automation Automation actions (i.e. CLI scripts, filtering, BGP routing) are triggered through interpretation and correlation of events, measurements and statistical analysis.
When a traffic anomaly (e.g. DDoS) is detected, XCA EDGE might for instance shut or prepend the transit services and IXs which are not protected by cloud/ISP DDoS scrubbing systems.
Network planning On top of reporting and data exports, XCA EDGE provides recommendations and automations for peering optimisation and automated configurations.
Available routes XCA EDGE measures and optimises transit paths as well as Internet Exchange Point peerings.
Integration XCA EDGE is “plug & play” software and is interoperable with most off-the-shelf routers and open-source routing & flow-export daemons:
Licensing & Pricing
XCA EDGE licensing is based on the outbound traffic flow (95th percentile), aggregated for all peerings. XCA EDGE licenses come in two flavors: Full and Light. The Light version does not include automated route injection for optimization purpose. 24/7 support and software updates are included.
XCA Edge was designed as a distributed and modular software from day one.
Distribution provides the ability to collect data locally in each network location and merge them into a single routing policy, making routing consistent across a large AS with many data centers.
Modularity also provides the ability to size each part of the system individually and cope with scalability targets.
GEOGRAPHICALLY DISTRIBUTED SYSTEM
A typical XCA EDGE setup is made of a XCA EDGE Server and XCA EDGE Devices. The XCA EDGE server holds the global functions of the system:
The XCA EDGE Devices are distributed in datacenters. They are coordinated by the XCA EDGE Server through secure and resilient communication channels. They handle all local communication with the Edge routers and remote networks:
Having a distributed system allows for:
Note: Expereo also operates cloud servers for collecting, sharing and updating information on XCA EDGE servers. This allows for automation of tasks as well as providing our customers with global data analytics.
PHYSICAL OR VIRTUAL
XCA EDGE elements are Linux kernel based and were designed to operate on x86_64 platforms. They can run on virtual environments (KVM, VMware), commodity server hardware or the Expereo appliance.
XCA EDGE appliance is a 1 rack-unit packaged PC server designed for 100% availability and high I/O performance. For environments with no easy access to virtualisation hosts & less than 5Gb/s IMIX total traffic, the Expereo XCA EDGE appliance is recommended.
Virtualisation of the XCA EDGE modules and specific hardware are preferred for environments with higher flow density than IMIX and high bandwidth, that require more I/O performance.
Through flow collection, XCA EDGE delivers live event detection and historical reporting for:
REPORTS
IMPLEMENTATION
The XCA EDGE probing engine automatically delivers an exhaustive and real-time view of the actual performance and availability to any destination or remote network with which the platform is swapping traffic.
Thanks to these measurements and the related reporting, the network administrator is equipped with the ability to troubleshoot any network situation and plan for longer term improvements.
Finally, the probing engine feeds the routing engine with these performance data and events to trigger real-time automated optimizations.
REPORTS
IMPLEMENTATION
DDoS attacks are becoming more and more frequent. They have turned into a major concern for most Internet connected platforms. The tremendous amount of traffic generated by these attacks make it impossible to stop DDoS without either a cloud based/ISP scrubbing solution or oversized network Edge and in-house scrubbing capabilities.
XCA Edge helps in detecting DDoS and executing automated actions when they occur to make sure that their impact remains limited and scrubbing platforms can actually protect the Cutomer’s network.
DDOS DETECTION
XCA EDGE operates a statistical DDoS detection module that reliably identifies DDoS situations and triggers preconfigured actions.
The DDoS detection mechanisms implemented within XCA Edge are based on a set of industrial algorithms that compute real-time statistical data and execute correlation calculations with variable time windows. The output allows the XCA Edge solution to detect any sudden change in traffic behaviour, including (but not restricted to) any aggressive increase of unsolicited NTP traffic and any unusual UDP flow, abnormally high levels of SYN-flagged TCP packets, and infractions to multiple traffic ratio baselines.
DDOS MITIGATION
Once a DDoS attack is detected, mitigation actions need to be taken. XCA Edge is designed as a generic SDN controller, meaning that it is not limited to any finite numbers of mitigation scenarios that it can execute on behalf of the user.
The way you react to DDoS is up to you:
And when in doubt, our engineering team is always ready to assist with integrating XCA Edge within complex anti-DDoS configurations.