NS1 Releases Open Source Tool for Network Visibility

0
1967
  • Pktvisor summarises network traffic in real time directly on edge nodes with Apache data sketches
  • It also announced that updates have also been made to NS1’s open source DNS testing tool, Flamethrower, which now supports DNS over HTTPS

NS1 has announced that pktvisor, an open source tool for real-time network visibility, is available on GitHub. It also announced that updates have also been made to NS1’s open source DNS testing tool, Flamethrower, which now supports DNS over HTTPS.

Shannon Weyrick, vice president of architecture at NS1 said, “NS1 created pktvisor to address our need for more visibility across our global anycast network. By efficiently summarizing and collecting key metrics at all of our edge locations we gain a deep understanding of traffic patterns in real time, enabling rich visualization and fast automation which further increase our resiliency and performance. We are big users of and believers in open source software. As this tool will benefit other organizations leveraging distributed edge architectures, we’ve made it open and we invite the developer community to help drive future updates and innovation.”

Network traffic in real time

Pktvisor summarises network traffic in real time directly on edge nodes with Apache data sketches. The summary information may be visualised locally via the included CLI UI, and simultaneously centrally collected via HTTP to one’s time series database of choice, to drive global visualizations and automation.

The metrics include packet counts and rates (w/percentiles), breakdown by ingress/egress, protocol. It also includes DNS counts and rates, breakdown by protocol, response code. It includes cardinality (Source and destination IP, DNS Qname) and top 10 heavy hitters for IPs and ports; DNS Qnames, Qtypes, Result Codes; slow DNS transactions, NX, SRVFAIL, REFUSED Qnames; and GeoIP and ASN.

It is available as a Docker container. The amount of data collected is a function of the number of hosts being collected, not a function of traffic rates. Spikes or even DDoS attacks will not affect downstream collection systems.

In 2019, NS1 released Flamethrower, a lightweight, configurable open source tool for functional testing, benchmarking, and stress testing DNS servers and networks. Weyrick added, “Increasing concerns over privacy and security are driving adoption of recursive DNS over HTTPS. Flamethrower’s new functionality allows organizations to simulate realistic traffic patterns over DoH to provide a better understanding of the impact of potential changes to applications and infrastructure in actual production situations.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here