XCA Edge Technology

All technical details

Border Gateway Protocol (BGP) is today’s Internet routing protocol.

Its natural route selection process relies on a single and basic metric, AS-PATH. Whether an AS is short or long, BGP doesn’t know and might route traffic through a path with high delay, although a better path exists.

The routing protocol is also not able to detect packet loss, saturated transit services or bursts over transit committed data rates, which means sub-optimal costs management.

Expereo XCA EDGE gears BGP with performance and traffic measurement based analysis. It notices any abnormal routing situation and works around it. Read more

Schedule a demo

Learn how XCA Edge can improve your a performance and why it’s important

XCA EDGE – IN A NUTSHELL

Objectives Improve availability, performance and reduce cost of IP BGP multi-homed networks.

Technology SDN – Software Defined Networks powered by BGP – Border Gateway Protocol

Measurements XCA EDGE measures and reports RTD, packet loss and traffic volumes for all prefixes with which users are swapping traffic

Routing events XCA EDGE monitors and reports global network and BGP events. XCA EDGE routing policies can interpret any network event. For instance, in case of interface loss within a LAG, the routing policy will drop the available transit bandwidth, avoiding saturation of the transit.

 Routing decisions Outbound –  XCA EDGE pushes BGP more specifics (or higher local-preference) updates to Edge routers to take over natural BGP decisions.

Inbound –  Routing decisions are pushed either through router CLI configuration (AS-PATH prepending, customer communities) or RPP, the Route Preference Protocol created by Expereo.

Routing policy Standard routing policies are available by default, for example “Best Performance” or “Performance/No burst”. Customised routing policies can be developed on demand.

Automation Automation actions (i.e. CLI scripts, filtering, BGP routing) are triggered through interpretation and correlation of events, measurements and statistical analysis.

When a traffic anomaly (e.g. DDoS) is detected, XCA EDGE might for instance shut or prepend the transit services and IXs which are not protected by cloud/ISP DDoS scrubbing systems.

Network planning On top of reporting and data exports, XCA EDGE provides recommendations and automations for peering optimisation and automated configurations.

Available routes XCA EDGE measures and optimises transit paths as well as Internet Exchange Point peerings.

Integration XCA EDGE is “plug & play” software and is interoperable with most off-the-shelf routers and open-source routing & flow-export daemons:

  • Alcatel/Nokia 7750SR
  • Brocade NetIron
  • Cisco ASR, ISR, 65XX/76XX.
  • Juniper MX
  • Quagga/BIRD based open-source routers

Licensing & Pricing

XCA EDGE licensing is based on the outbound traffic flow (95th percentile), aggregated for all peerings. XCA EDGE licenses come in two flavors: Full and Light. The Light version does not include automated route injection for optimization purpose. 24/7 support and software updates are included.

XCA EDGE ARCHITECTURE

XCA Edge was designed as a distributed and modular software from day one.

Distribution provides the ability to collect data locally in each network location and merge them into a single routing policy, making routing consistent across a large AS with many data centers.

Modularity also provides the ability to size each part of the system individually and cope with scalability targets.

GEOGRAPHICALLY DISTRIBUTED SYSTEM

A typical XCA EDGE setup is made of a XCA EDGE Server and XCA EDGE Devices. The XCA EDGE server holds the global functions of the system:

  • Graphical User Interface
  • Databases
  • Statistical analysis and aggregation algorithms
  • Routing Decision Engine

The XCA EDGE Devices are distributed in datacenters. They are coordinated by the XCA EDGE Server through secure and resilient communication channels. They handle all local communication with the Edge routers and remote networks:

  • Performance probing
  • SNMP collection
  • Flow collection
  • CLI automations
  • BGP sessions:
    • Collecting topology information
    • Sending outbound routing orders
  • Route Preference Protocol inbound routing
  • Other side features, e.g. TFTP, syslog, configuration versioning etc

Having a distributed system allows for:

  • DC local performance evaluation
  • DC local failures and packet loss detection
  • Global routing policy, e.g. managing global transit CDR
  • Sharing destination probes

Note: Expereo also operates cloud servers for collecting, sharing and updating information on XCA EDGE servers. This allows for automation of tasks as well as providing our customers with global data analytics.

PHYSICAL OR VIRTUAL

XCA EDGE elements are Linux kernel based and were designed to operate on x86_64 platforms. They can run on virtual environments (KVM, VMware), commodity server hardware or the Expereo appliance.

XCA EDGE appliance is a 1 rack-unit packaged PC server designed for 100% availability and high I/O performance. For environments with no easy access to virtualisation hosts & less than 5Gb/s IMIX total traffic, the Expereo XCA EDGE appliance is recommended.

Virtualisation of the XCA EDGE modules and specific hardware are preferred for environments with higher flow density than IMIX and high bandwidth, that require more I/O performance.

TRAFFIC ANALYZER

Through flow collection, XCA EDGE delivers live event detection and historical reporting for:

  • Traffic anomalies detection and forensics
  • Network planning
  • Managing Internet Exchange deployment strategies
  • Peering optimisation
  • Bandwidth predictions when optimising routing
  • FIB optimisation
  • Billing calculations and predictions

REPORTS

  • Flow dumps
    • Per IP range
    • Per Protocol
    • Per L4 port
  • Historical & volume graphs
    • Per destination prefix, destination AS, destination country
    • Per transit, IX, IX peers,
    • Predictive routing volumes
  • Maps
    • Per destination prefix, destination AS, destination country
  • Billing
    • Historical & current month
    • Per transit access, aggregated CDR

IMPLEMENTATION

    • Supports any flow export & sampling protocol: IPFIX, sFlow, Netflow, jFlow
    • Multi-Tb/s network bandwidth
    • Billions of flows
    • Unlimited number of flow sources
    • SNMP interface bandwidth correlated
    • Flow analysis granularity for traffic anomaly detection and layer 2 peer identification (e.g. IX configurations)
    • Insensitive to flow source location, BGP router or other device
    • User-configurable retention periods
    • Auto-adaptive to sampling rates, multiple sampling rates & re-sampling capable
  • Scalable thanks to modular storage architecture

PERFORMANCE MONITOR

The XCA EDGE probing engine automatically delivers an exhaustive and real-time view of the actual performance and availability to any destination or remote network with which the platform is swapping traffic.

Thanks to these measurements and the related reporting, the network administrator is equipped with the ability to troubleshoot any network situation and plan for longer term improvements.

Finally, the probing engine feeds the routing engine with these performance data and events to trigger real-time automated optimizations.

REPORTS

  • Probes historical data
    • Per prefix, per actual probe
    • Per automated or manual probe
    • Packet loss, mean delay, max delay
    • Availability (as well as BGP route availability)
  • Top Gaps
    • Between actual and best route, between actual and worst route
    • Packet loss, mean delay, max delay
    • Configurable tolerance
  • Troubleshooting real-time
    • Multi-route ICMP, TCP and UDP DNS connectivity check
    • Multi-route visual trace route
  • Failed subnets
  • Summary
    • Connectivity and compared performance for all paths & all prefixes

IMPLEMENTATION

    • TCP, UDP DNS automated probes
    • TCP, UDP DNS, ICMP manual probes
    • JavaScript browser embedded probes
    • Millions of probes per minute
    • Big data clustering based statistical analysis for automated probe identification and elimination
    • Cooperative probing identification
    • 24/7 NOC assisted probe identification
    • User configurable retention periods
  • Scalable thanks to modular storage architecture

FIGHTING DDOS

DDoS attacks are becoming more and more frequent. They have turned into a major concern for most Internet connected platforms. The tremendous amount of traffic generated by these attacks make it impossible to stop DDoS without either a cloud based/ISP scrubbing solution or oversized network Edge and in-house scrubbing capabilities.

XCA Edge helps in detecting DDoS and executing automated actions when they occur to make sure that their impact remains limited and scrubbing platforms can actually protect the Cutomer’s network.

DDOS DETECTION

XCA EDGE operates a statistical DDoS detection module that reliably identifies DDoS situations and triggers preconfigured actions.

The DDoS detection mechanisms implemented within XCA Edge are based on a set of industrial algorithms that compute real-time statistical data and execute correlation calculations with variable time windows. The output allows the XCA Edge solution to detect any sudden change in traffic behaviour, including (but not restricted to) any aggressive increase of unsolicited NTP traffic and any unusual UDP flow, abnormally high levels of SYN-flagged TCP packets, and infractions to multiple traffic ratio baselines.

DDOS MITIGATION

Once a DDoS attack is detected, mitigation actions need to be taken. XCA Edge is designed as a generic SDN controller, meaning that it is not limited to any finite numbers of mitigation scenarios that it can execute on behalf of the user.

The way you react to DDoS is up to you:

  • BGP blackholing
  • Applying dynamic ACLs to Edge routers or requesting ISP protection through FlowSpec
  • Announcing specific communities to your upstream providers
  • Shutting down non-scrubbed transit/IX connections
  • Anything else…

And when in doubt, our engineering team is always ready to assist with integrating XCA Edge within complex anti-DDoS configurations.