Automated Formal Analysis of Internet Routing Systems
|
|
- Ralph Rose
- 8 years ago
- Views:
Transcription
1 Automated Formal Analysis of Internet Routing Systems Boon Thau Loo University of Pennsylvania [Joint work with Anduo Wang (Penn -> UIUC), Wenchao Zhou (Georgetown), Andre Scedrov (Penn), Limin Jia (CMU), Jennifer Rexford (Princeton), Carolyn Talcott (SRI), and several others] Secure Information MURI Presentation 6 Aug 2013
2 Today s Internet Policy-based The global (convergence) behavior depends on how each AS configures its routing policy BGP: Border gateway protocol AS2 R border gateway router internal router R2 R3 AS1 A BGP R1 R4 BGP AS3 R5 R1 BGP routing table: B R2 [AS1 AS2 AS3] LP: 200 B R4 [AS1 AS3] LP: 150 B Source: Nina Taft, The Basics of BGP Routing in Today's Internet 2
3 Routing Instability Rapid change of network reachability and topology information Internet is increasingly complicated and fragile Less reliable, harder to manage, routing instability Routing instability leads to Increased packet loss, delay of network convergence Additional resource overhead (Extreme) loss of connectivity, (common) route oscillation 3
4 Routing Oscillation Example Route updates for B( /24) in 7 days(nov 28-Dec 5,2011) AS 4777 A B ( /24) Source: 4
5 Routing Oscillation Example Route updates for B( /24) in 7 days(nov 28-Dec 5,2011) Path h 50m 40s, 2513 times, avg 31.0s Path Path Path h 44m 37s, 560 times, 701 avg 30.0s 1d 0h 39m 37s, 2487 times, avg 2d 35.0s 16h 30m 8s, 3836 times, avg 1m 0.0s Path h 58m 45s, 1417 times, avg 32.0s Path h 43m 17s, 176 times, avg 35.0s B ( /24) Source: 5
6 Routing Oscillation Example Route updates for B( /24) in 7 days(nov 28-Dec 5,2011) Causes include Operator error: misconfiguration Conflicting routing policy (this talk) B ( /24) Source: 6
7 Safety of Policy-based Routing Policy configuration Topology [A 1 A 2 A 0 ] 200 [A 1 A 0 ] 100 [A 2 A 3 A 0 ] 200 [A 2 A 0 ] 100 nodes A 1,A 2,A 3 compute routes to A 0 Per-node preference Node A1 prefers route from A2 Node A2 prefers route from A3 Node A3 prefers route from A1 Permanent oscillation due to conflicting policies A 1 A 2 A 0 A 3 [A 3 A 1 A 0 ] 200 [A 3 A 0 ] 100 Safety property: A policy configuration is safe, if the routing system is guaranteed to converge to a stable state [SIGCOMM 99] Griffin et al. 7
8 Techniques for Safe Routing Enabling technique Routing algebra Combinatory model Static configuration checker Runtime debugging tool Formal Reasoning System Weakness Identify the correctness property but not how to achieve Abstract away low-level details [SIGCOMM 03, 05] Griffin Sobrinho [SIGCOMM 99] Griffin et al. Checking safety is NP hard State explosion for actual network system Best effort: neither sound nor complete [SIGCOMM 05] Feamster et al. [NSDI 07] Killian et al. 8
9 Techniques for Safe Routing Enabling technique Routing algebra Combinatory model Static configuration checker Runtime debugging tool Weakness Formal Reasoning Identify the correctness property but not how to achieve Abstract away low-level details [SIGCOMM 03, 05] Griffin Sobrinho [SIGCOMM 99] Griffin et al. System Formal reasoning is decoupled from actual network systems Checking safety is NP hard State explosion for actual network system Best effort: neither sound nor complete [SIGCOMM 05] Feamster et al. [NSDI 07] Killian et al. 9
10 Approach Formally Verifiable Routing (FVR) Synthesize faithful implementations from verified formal models Programming Language Formal Reasoning Formal Model System 10
11 Approach Formally Verifiable Routing (FVR) Synthesize faithful implementations from verified formal models Programming Language Formal Reasoning Formal Model System Scalability Technique Analyze large Internet routing configuration Scale up formal analysis to large Internet routing configurations 11
12 Architecture Formally Verifiable Routing (FVR) Synthesize faithful implementations from verified formal models Declarative ing Specification Formal Reasoning Theorem Prover SMT Solver Maude Analyzer Algebra Combinatorial Protocol Implementation Policy Configuration System Reduction Analyze large Internet routing configuration Scale up formal analysis to large Internet routing configurations 12
13 Outline Introduction Formally safe routing (FSR) toolkit Analyze large network configuration Conclusion and future work [TON 12, SIGCOMM 11 demonstration] FSR: Formal Analysis and Implementation Toolkit for Safe Inter-domain Routing. [PADL 09] Declarative Verification [ACM HotNets 09] Formally Verifiable ing 13
14 Formally Safe Routing (FSR) Toolkit Synthesize faithful implementations from verified formal models Declarative ing Specification Formal Reasoning Theorem Prover SMT Solver Maude Analyzer Algebra Combinatorial Protocol Implementation Policy Configuration System Reduction Contribution #1: Automated reasoning of routing algebra model Reduction of safety analysis to SMT solving Contribution #2: Provably correct distributed implementation Generation of declarative networking programs Correctness proof for the policy NDlog translation 14
15 Formally Safe Routing (FSR) Toolkit Synthesize faithful implementations from verified formal models Declarative ing Specification Formal Reasoning Theorem Prover SMT Solver Maude Analyzer Algebra Combinatorial Protocol Implementation Policy Configuration System Reduction Contribution #1: Automated reasoning of routing algebra model Reduce safety analysis to SMT solving Contribution #2: Provably correct distributed implementation Generation of declarative networking programs Correctness proof for the policy NDlog translation 15
16 Background: Routing Algebra Shortest path routing policy Routing algebra,, L, Path/link attributes {1,2,} Path concatenation The metrics of new path is the summation of the constituting path/link cost Per-node preference Prefers lower-cost path (signature), L (label) = {1,2,} L = {1,2,} says how to compute routes signature/labels + determines how to compare routes in route selection < Routing Algebra [SIGCOMM'05] Timothy G. Griffin, Joäo Luís Sobrinho 16
17 Background: Routing Algebra Shortest path routing policy Routing algebra,, L, Path/link attributes Costs: {1,2,} Path concatenation The metrics of the new path is the summation of the constituting path/link cost Per-node preference Prefers lower-cost path (signature), L (label) = {1,2,} L = {1,2,} says how to compute route signature from labels + determines how to compare routes in route selection < Theorem (Safety condition) A routing configuration is safe if its routing algebra satisfies the strict monotonicity (SM) condition: l L, s. s < l s Routing Algebra [SIGCOMM'05] Timothy G. Griffin, Joäo Luís Sobrinho 17
18 Automated Safety Analysis [TON 12 Wang et al.] Reduce safety analysis to a satisfiability problem (Algebra) satisfies (SM condition)? Map (Algebra), (SM condition) to integer constraints ((Algebra) (SM condition)) satisfiable? Map routing algebra (, <), SM into integer constraints Map each s 1 < s 2 to preference constraint s 1 < s 2 (assert (< s 1 s 2 )) Map SM constraints, for each s = l s (assert (< s s )) Automate satisfiability problem solving in SMT solver 18
19 Pinpoint BGP Misconfigurations [SIGCOMM 11 demo, Ren, Zhou,Wang et al.] Use SMT solver (Yices) to perform safety analysis Node 7 Node 27 Node 32 19
20 Formally Safe Routing (FSR) Toolkit Synthesize faithful implementations from verified formal models Declarative ing Specification Formal Reasoning Theorem Prover SMT Solver Maude Analyzer Algebra Combinatorial Protocol Implementation Policy Configuration System Reduction Contribution #1: Automated verification of network model Reduction of safety analysis to SMT solving Contribution #2: Provably correct distributed implementation Generation of declarative networking specification Correctness proof for the policy/path vector NDlog translation Declarative networking [CACM'09] Loo et al. 20
21 Outline Introduction Formally safe routing (FSR) toolkit Analyze large network configuration Conclusion and future work [PODC 12. Brief announcement] A Calculus of Policy-Based Routing Systems. [SIGCOMM 12 demo, TACAS 12] Reduction-based analysis of BGP systems with BGPVerif. [FMOODS/FORTE 11] Analyzing BGP Instances in Maude. 21
22 Analyze Large Configurations Scale up formal analysis through network reduction Declarative ing Specification Formal Reasoning Theorem Prover SMT Solver Maude Analyzer Algebra Combinatorial Protocol Implementation Policy Configuration System Reduction Contribution #1: Detect anomalies in actual policy configuration Develop Maude library that analyzes input configuration Contribution #2: reduction scales up analysis A rewriting calculus that simplifies network prior to analysis Reduction properties deepens understanding of configuration space 22
23 Duplicate Reduction [TACAS 12, Wang et al.] u p i u q j p i u d q j v v p i v q j u,v u p i d u q j x y z x y z u p i u q j Nodes u,v are merged by duplicate reduction if they agree on how to route to destination d through their neighbors x,y,,z: For any path p i p j, u,v agree on their preference 23
24 Complementary Reduction [PODC Announcement 12, Wang et al.] u p i x x u p i x v q j u p i y d y u p i y v q j q j v z v q j z u p i z v q j u,v u x x u p i x u q j p i y y u p i y u q j d u qj u p i u q j z z u p i z u q j Nodes u,v are merged by complementary reduction if their neighbors x,y,,z agree on how to route to destination d through them: After merging, the route preference for any path p i, p j are set according to the consensus among x,y,,z 24
25 Reduction Properties [TACAS 12,PODC Announcement 12, Wang et al.] Soundness Theorem Reduction preserves the safety property Local completeness & Duality Theorem Locality: Duplicate Computation and complementary involving two nodes reductions and their neighbors are the only local rules Duality: which One preserve implies the safety other property Theorem If all the neighbors of u, v are duplicate (complementary), then u, v must be complementary (duplicate) Confluence Complementary reduction is not: order matters (Counterexample) Theorem If, for a set of nodes V, any pair of nodes u and v in V are duplicate, then V can be merged into one single node by multiple steps of duplicate reduction, regardless of the reduction order. 25
26 Outline Introduction Formally safe routing (FSR) toolkit Analyze large network configuration Conclusion and future work 26
27 Ongoing work Reduction-based security analysis of Internet protocols Use of Proverif and Coq for analyzing Secure BGP and recent Future Internet Architectures, e.g. SCION Safety analysis given incomplete policy specifications Traffic optimizations Routing recovery Formal synthesis of Software-defined ing (SDN) configurations SDN: Decouples centralized logical control and actual forwarding. A general abstraction for programming, network management and reasoning Dual of verification, manage complexity from the beginning Synthesizing safe update sequences given security and optimization policies 27
28 Student and Postdoc Highlights research group: netdb.cis.upenn.edu Anduo Wang Recently graduated in summer Co-advised with Andre Scedrov. Formally Verifiable Routing (FVR) toolkit Post-doctoral researcher at University of Illinois at Urbana-Champaign. Wenchao Zhou Graduated in summer 2012 Georgetown University (tenure-track faculty) PhD thesis on Secure Distributed Time-aware Provenance ACM SIGMOD Dissertation Award (Runner-up), Alex Gurney Post-doctoral researcher. Partial network specifications and traffic engineering. Chen Chen 2 nd year Ph.D. student. Formal analysis on secure routing protocols. 28
29 Thank You Full version of all papers available at
30 Bridge Reasoning & Actual System Formally Verifiable Routing (FVR) Synthesize faithful implementations from verified formal models Declarative ing Specification Formal Reasoning Theorem Prover SMT Solver Maude Analyzer Algebra Combinatorial Protocol Implementation Policy Configuration System Reduction Analyze large network configuration Scale up formal analysis through network reduction 30
31 Unified Framework Declarative programming Logic, functional Domain-specific language Software engineering Programming Language BGP system SDN Virtual network Mobile network Cloud, datacenter Formal Reasoning Formal Model System Verification & Synthesis Deductive reasoning Formal methods Inductive reasoning Machine learning Scalability Technique Reduction Abstraction 31
Reduction-based Formal Analysis of BGP Instances
Reduction-based Formal Analysis of BGP Instances Anduo Wang 1 Carolyn Talcott 2 Alexander J. T. Gurney 1 Boon Thau Loo 1 Andre Scedrov 1 University of Pennsylvania SRI International {anduo,boonloo}@cis.upenn.edu
More informationUniversity of Pennsylvania. This work was partially supported by ONR MURI N00014-07-0907, NSF CNS-0721845 and NSF IIS-0812270.
DMaC: : Distributed Monitoring and Checking Wenchao Zhou, Oleg Sokolsky, Boon Thau Loo, Insup Lee University of Pennsylvania This work was partially supported by ONR MURI N00014-07-0907, NSF CNS-0721845
More informationMultihoming and Multi-path Routing. CS 7260 Nick Feamster January 29. 2007
Multihoming and Multi-path Routing CS 7260 Nick Feamster January 29. 2007 Today s Topic IP-Based Multihoming What is it? What problem is it solving? (Why multihome?) How is it implemented today (in IP)?
More informationAn Overview of Solutions to Avoid Persistent BGP Divergence
An Overview of Solutions to Avoid Persistent BGP Divergence Ravi Musunuri Jorge A. Cobb Department of Computer Science The University of Texas at Dallas Email: musunuri, cobb @utdallas.edu Abstract The
More informationLecture 18: Border Gateway Protocol"
Lecture 18: Border Gateway Protocol" CSE 123: Computer Networks Alex C. Snoeren HW 3 due Wednesday! Some figures courtesy Mike Freedman Lecture 18 Overview" Path-vector Routing Allows scalable, informed
More informationValidating the System Behavior of Large-Scale Networked Computers
Validating the System Behavior of Large-Scale Networked Computers Chen-Nee Chuah Robust & Ubiquitous Networking (RUBINET) Lab http://www.ece.ucdavis.edu/rubinet Electrical & Computer Engineering University
More informationSecure Network Provenance
Secure Network Provenance Wenchao Zhou *, Qiong Fei*, Arjun Narayan*, Andreas Haeberlen*, Boon Thau Loo*, Micah Sherr + * University of Pennsylvania + Georgetown University http://snp.cis.upenn.edu/ Motivation
More informationInternet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering
Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls
More informationSoftware-Defined Network Management
Software-Defined Network Management Nick Feamster Georgia Tech (with Joon Kim, Marshini Chetty, Srikanth Sundaresan) Network Management is Hard! Manual, error-prone, complex Network configurations change
More informationExterior Gateway Protocols (BGP)
Exterior Gateway Protocols (BGP) Internet Structure Large ISP Large ISP Stub Dial-Up ISP Small ISP Stub Stub Stub Autonomous Systems (AS) Internet is not a single network! The Internet is a collection
More informationSDN. What's Software Defined Networking? Angelo Capossele
SDN What's Software Defined Networking? Angelo Capossele Outline Introduction to SDN OpenFlow Network Functions Virtualization Some examples Opportunities Research problems Security Case study: LTE (Mini)Tutorial
More informationBandwidth Allocation in a Network Virtualization Environment
Bandwidth Allocation in a Network Virtualization Environment Juan Felipe Botero jfbotero@entel.upc.edu Xavier Hesselbach xavierh@entel.upc.edu Department of Telematics Technical University of Catalonia
More informationFormal Specification and Programming for SDN
Formal Specification and Programming for SDN relevant ID: draft-shin-sdn-formal-specification-01 Myung-Ki Shin, Ki-Hyuk Nam ETRI Miyoung Kang, Jin-Young Choi Korea Univ. Proposed SDN RG Meeting@IETF 84
More informationInternet inter-as routing: BGP
Internet inter-as routing: BGP BGP (Border Gateway Protocol): the de facto standard BGP provides each AS a means to: 1. Obtain subnet reachability information from neighboring ASs. 2. Propagate the reachability
More informationReduction-based Security Analysis of Internet Routing Protocols
Reduction-based Security Analysis of Internet Routing Protocols Chen Chen, Limin Jia, Boon Thau Loo, Wenchao Zhou University of Pennsylvania, Philadelphia, PA 19104, USA Email: chenche, boonloo@seas.upenn.edu
More informationCentral Control over Distributed Routing fibbing.net
Central Control over Distributed Routing fibbing.net Stefano Vissicchio UCLouvain SIGCOMM 8th August 205 Joint work with O. Tilmans (UCLouvain), L. Vanbever (ETH Zurich) and J. Rexford (Princeton) SDN
More informationCan Forwarding Loops Appear when Activating ibgp Multipath Load Sharing?
Can Forwarding Loops Appear when Activating ibgp Multipath Load Sharing? Simon Balon and Guy Leduc Research Unit in Networking EECS Department- University of Liège (ULg) Institut Montefiore, B28 - B-4000
More informationInterdomain Routing. Project Report
Interdomain Routing Project Report Network Infrastructure improvement proposal To Company A Team 4: Zhang Li Bin Yang Md. Safiqul Islam Saurabh Arora Network Infrastructure Improvement Interdomain routing
More informationNetwork Level Multihoming and BGP Challenges
Network Level Multihoming and BGP Challenges Li Jia Helsinki University of Technology jili@cc.hut.fi Abstract Multihoming has been traditionally employed by enterprises and ISPs to improve network connectivity.
More informationLink-State Routing Protocols
Link-State Routing Protocols Malin Bornhager Halmstad University Session Number 2002, Svenska-CNAP Halmstad University 1 Objectives Link-state routing protocol Single-area OSPF concepts Single-area OSPF
More informationDEMYSTIFYING ROUTING SERVICES IN SOFTWAREDEFINED NETWORKING
DEMYSTIFYING ROUTING SERVICES IN STWAREDEFINED NETWORKING GAUTAM KHETRAPAL Engineering Project Manager, Aricent SAURABH KUMAR SHARMA Principal Systems Engineer, Technology, Aricent DEMYSTIFYING ROUTING
More informationModule 7. Routing and Congestion Control. Version 2 CSE IIT, Kharagpur
Module 7 Routing and Congestion Control Lesson 4 Border Gateway Protocol (BGP) Specific Instructional Objectives On completion of this lesson, the students will be able to: Explain the operation of the
More informationOutline. EE 122: Interdomain Routing Protocol (BGP) BGP Routing. Internet is more complicated... Ion Stoica TAs: Junda Liu, DK Moon, David Zats
Outline EE 22: Interdomain Routing Protocol (BGP) Ion Stoica TAs: Junda Liu, DK Moon, David Zats http://inst.eecs.berkeley.edu/~ee22/fa9 (Materials with thanks to Vern Paxson, Jennifer Rexford, and colleagues
More informationBorder Gateway Protocols
Paper 106, ENG 104 Border Gateway Protocols Sadeta Krijestorac, Marc Beck, Jonathan Bagby Morehead State University University of Louisville Florida Atlanic University s.krijestor@moreheadstate.edu marcbeck1982@yahoo.com
More informationNetwork-Wide Prediction of BGP Routes
Network-Wide Prediction of BGP Routes Nick Feamster Jennifer Rexford Georgia Tech Princeton University feamster@cc.gatech.edu jrex@cs.princeton.edu Abstract This paper presents provably correct algorithms
More informationInter-domain Routing. Outline. Border Gateway Protocol
Inter-domain Routing Outline Border Gateway Protocol Internet Structure Original idea Backbone service provider Consumer ISP Large corporation Consumer ISP Small corporation Consumer ISP Consumer ISP Small
More informationSoftware-Defined Network Management
Software-Defined Network Management Nick Feamster Georgia Tech (with Joon Kim, Marshini Chetty, Srikanth Sundaresan, Steve Woodrow, Russ Clark) Network Management is Hard! Manual, error-prone, complex
More informationA Study on Software Defined Networking
A Study on Software Defined Networking Yogita Shivaji Hande, M. Akkalakshmi Research Scholar, Dept. of Information Technology, Gitam University, Hyderabad, India Professor, Dept. of Information Technology,
More informationFactors to Consider When Designing a Network
Quality of Service Routing for Supporting Multimedia Applications Zheng Wang and Jon Crowcroft Department of Computer Science, University College London Gower Street, London WC1E 6BT, United Kingdom ABSTRACT
More informationStatic Program Transformations for Efficient Software Model Checking
Static Program Transformations for Efficient Software Model Checking Shobha Vasudevan Jacob Abraham The University of Texas at Austin Dependable Systems Large and complex systems Software faults are major
More informationIntegrated Analysis of Host-based and Network-based Access Control Policies in a Critical Infrastructure Control System
Integrated Analysis of Host-based and Network-based Access Control Policies in a Critical Infrastructure Control System January 2007 David M. Nicol ECE, CSL, & ITI University of Illinois, Urbana-Champaign
More informationBorder Gateway Protocol (BGP)
Border Gateway Protocol (BGP) Petr Grygárek rek 1 Role of Autonomous Systems on the Internet 2 Autonomous systems Not possible to maintain complete Internet topology information on all routers big database,
More informationHow To Make A Network Plan Based On Bg, Qos, And Autonomous System (As)
Policy Based QoS support using BGP Routing Priyadarsi Nanda and Andrew James Simmonds Department of Computer Systems Faculty of Information Technology University of Technology, Sydney Broadway, NSW Australia
More informationQuantifying the BGP routes diversity inside a tier-1 network
Quantifying the BGP routes diversity inside a tier-1 network Steve Uhlig, Sébastien Tandel Department of Computing Science and Engineering Université catholique de Louvain, Louvain-la-neuve, B-1348, Belgium
More informationKT The Value Networking Company
KT The Value Networking Company IRIMS (Internet Routing Information Management System) 2005. 9 Y.D. KIM, G.E.KIM, C.K.Hwang, J.H.YOO (webman, gekim, ckhwang, styoo@kt kt.co..co.kr) Abstract An AS (Autonomous
More informationOutline. Internet Routing. Alleviating the Problem. DV Algorithm. Routing Information Protocol (RIP) Link State Routing. Routing algorithms
Outline Internet Routing Venkat Padmanabhan Microsoft Research 9 pril 2001 Routing algorithms distance-vector (DV) link-state (LS) Internet Routing border gateway protocol (BGP) BGP convergence paper Venkat
More informationTheory and New Primitives for Safely Connecting Routing Protocol Instances
Theory and New Primitives for Safely Connecting Routing Protocol Instances Franck Le Carnegie Mellon University franckle@cmu.edu Geoffrey G. Xie Naval Postgraduate School xie@nps.edu Hui Zhang Carnegie
More informationA Link Load Balancing Solution for Multi-Homed Networks
A Link Load Balancing Solution for Multi-Homed Networks Overview An increasing number of enterprises are using the Internet for delivering mission-critical content and applications. By maintaining only
More informationBorder Gateway Protocol BGP4 (2)
Border Gateway Protocol BGP4 (2) Professor Richard Harris School of Engineering and Advanced Technology (SEAT) Presentation Outline Border Gateway Protocol - Continued Computer Networks - 1/2 Learning
More informationUsing the Border Gateway Protocol for Interdomain Routing
CHAPTER 12 Using the Border Gateway Protocol for Interdomain Routing The Border Gateway Protocol (BGP), defined in RFC 1771, provides loop-free interdomain routing between autonomous systems. (An autonomous
More informationLet SDN Be Your Eyes: Secure Forensics in Data Center Networks
Let SDN Be Your Eyes: Secure Forensics in Data Center Networks Adam Bates University of Oregon Kevin Butler University of Oregon Andreas Haeberlen University of Pennsylvania Micah Sherr Georgetown University
More informationBGP Vector Routing. draft-patel-raszuk-bgp-vector-routing-01
BGP Vector Routing draft-patel-raszuk-bgp-vector-routing-01 Keyur Patel, Robert Raszuk, Burjiz Pithawala, Ali Sajassi, Eric Osborne, Jim Uttaro, Luay Jalil IETF 88, November 2013, Vancouver, Canada Presentation_ID
More informationBell Aliant. Business Internet Border Gateway Protocol Policy and Features Guidelines
Bell Aliant Business Internet Border Gateway Protocol Policy and Features Guidelines Effective 05/30/2006, Updated 1/30/2015 BGP Policy and Features Guidelines 1 Bell Aliant BGP Features Bell Aliant offers
More informationUnderstanding and Optimizing BGP Peering Relationships with Advanced Route and Traffic Analytics
Understanding and Optimizing BGP Peering Relationships with Advanced Route and Traffic Analytics WHITE PAPER Table of Contents Introduction 3 Route-Flow Fusion 4 BGP Policy Visibility 5 Traffic Visibility
More informationInter-Domain Routing: Stability, Policies, and Incentives
Inter-Domain Routing: Stability, Policies, and Incentives Vijay Ramachandran http://www.icsi.berkeley.edu/~vijayr Supported by the DoD URI program under ONR grant N00014-01-1-0795 Overview of Results:
More informationA Systematic Approach to BGP Configuration Checking
A Systematic Approach to BGP Configuration Checking Nick Feamster and Hari Balakrishnan M.I.T. Computer Science and Artificial Intelligence Laboratory {feamster,hari}@lcs.mit.edu http://nms.lcs.mit.edu/bgp/
More informationBGP Route Analysis and Management Systems
BGP Route Analysis and Management Systems Alex A. Stewart and Marta F. Antoszkiewicz Department of Computer Science The University of Northern Iowa 305 ITTC Cedar Falls, Iowa 50614-0507 {astewart, mantoszk}@cs.uni.edu
More informationThe Platform as a Service Model for Networking
The Platform as a Service Model for Networking Eric Keller Princeton University ekeller@princeton.edu Jennifer Rexford Princeton University jrex@cs.princeton.edu Abstract Decoupling infrastructure management
More informationNetwork Virtualization Network Admission Control Deployment Guide
Network Virtualization Network Admission Control Deployment Guide This document provides guidance for enterprises that want to deploy the Cisco Network Admission Control (NAC) Appliance for their campus
More informationNetwork Formation and Routing by Strategic Agents using Local Contracts
Network Formation and Routing by Strategic Agents using Local Contracts Elliot Anshelevich 1 and Gordon Wilfong 2 1 Department of Computer Science, Rensselaer Polytechnic Institute, Troy, NY. 2 Bell Labs,
More informationPLUMgrid Toolbox: Tools to Install, Operate and Monitor Your Virtual Network Infrastructure
Toolbox: Tools to Install, Operate and Monitor Your Virtual Network Infrastructure Introduction The concept of Virtual Networking Infrastructure (VNI) is disrupting the networking space and is enabling
More informationEQ-BGP: an efficient inter-domain QoS routing protocol
EQ-BGP: an efficient inter-domain QoS routing protocol Andrzej Beben Institute of Telecommunications Warsaw University of Technology Nowowiejska 15/19, 00-665 Warsaw, Poland abeben@tele.pw.edu.pl Abstract
More informationHypothesis Testing for Network Security
Hypothesis Testing for Network Security Philip Godfrey, Matthew Caesar, David Nicol, William H. Sanders, Dong Jin INFORMATION TRUST INSTITUTE University of Illinois at Urbana-Champaign We need a science
More informationTowards Correct Network Virtualization. Soudeh Ghorbani Brighten Godfrey UIUC
Towards Correct Network Virtualization Soudeh Ghorbani Brighten Godfrey UIUC HotSDN 2014 Virtualization VM VM VM Hypervisor x86 Virtualization Firewall Loadbalancer Router VM VM VM L2 bridge Hypervisor
More informationOn the Impact of Route Monitor Selection
On the Impact of Route Monitor Selection Ying Zhang Zheng Zhang Z. Morley Mao Y. Charlie Hu Bruce Maggs Univ. of Michigan Purdue Univ. Univ. of Michigan Purdue Univ. CMU Paper ID: E-578473438 Number of
More informationVytautas Valancius, Nick Feamster, Akihiro Nakao, and Jennifer Rexford
Vytautas Valancius, Nick Feamster, Akihiro Nakao, and Jennifer Rexford Hosting and Cloud computing is on the rise Collocation hosting Cloud and data center hosting Different hosted applications have different
More informationQuality of Service Routing Network and Performance Evaluation*
Quality of Service Routing Network and Performance Evaluation* Shen Lin, Cui Yong, Xu Ming-wei, and Xu Ke Department of Computer Science, Tsinghua University, Beijing, P.R.China, 100084 {shenlin, cy, xmw,
More informationResearch Article The Deployment of Routing Protocols in Distributed Control Plane of SDN
e Scientific World Journal, Article ID 918536, 8 pages http://dx.doi.org/10.1155/2014/918536 Research Article The Deployment of Routing Protocols in Distributed Control Plane of SDN Zhou Jingjing, Cheng
More informationA Method for Load Balancing based on Software- Defined Network
, pp.43-48 http://dx.doi.org/10.14257/astl.2014.45.09 A Method for Load Balancing based on Software- Defined Network Yuanhao Zhou 1, Li Ruan 1, Limin Xiao 1, Rui Liu 1 1. State Key Laboratory of Software
More informationAn Introduction to Software-Defined Networking (SDN) Zhang Fu
An Introduction to Software-Defined Networking (SDN) Zhang Fu Roadmap Reviewing traditional networking Examples for motivating SDN Enabling networking as developing softwares SDN architecture SDN components
More informationIntroducing Formal Methods. Software Engineering and Formal Methods
Introducing Formal Methods Formal Methods for Software Specification and Analysis: An Overview 1 Software Engineering and Formal Methods Every Software engineering methodology is based on a recommended
More informationInformation security versus network security in the Internet as critical infrastructure Security of Internet and Critical Infrastructures: European
Information security versus network security in the Internet as critical infrastructure Security of Internet and Critical Infrastructures: European Experiences, Rome, 13 June 2011 Objectives Describe information
More informationDynamic Routing Protocols II OSPF. Distance Vector vs. Link State Routing
Dynamic Routing Protocols II OSPF Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. 1 Distance Vector vs. Link State Routing With distance
More informationOutsourcing the Routing Control Logic: Better Internet Routing Based on SDN Principles
Outsourcing the Routing Control Logic: Better Internet Routing Based on SDN Principles Vasileios Kotronis Dr. Xenofontas Dimitropoulos Dr. Bernhard Ager 1 Routing management is hard Requirements: Map policies
More informationBGP Routing Stability of Popular Destinations
BGP Routing Stability of Popular Destinations Jennifer Rexford, Jia Wang, Zhen Xiao, and Yin Zhang AT&T Labs Research; Florham Park, NJ Abstract The Border Gateway Protocol (BGP) plays a crucial role in
More informationAutomated Theorem Proving - summary of lecture 1
Automated Theorem Proving - summary of lecture 1 1 Introduction Automated Theorem Proving (ATP) deals with the development of computer programs that show that some statement is a logical consequence of
More informationApplying SDN to Network Management Problems. Nick Feamster University of Maryland
Applying SDN to Network Management Problems Nick Feamster University of Maryland 1 Addressing the Challenges of Network Management Challenge Approach System Frequent Changes Event-Based Network Control
More informationFrenetic: A Programming Language for OpenFlow Networks
Frenetic: A Programming Language for OpenFlow Networks Jennifer Rexford Princeton University http://www.frenetic-lang.org/ Joint work with Nate Foster, Dave Walker, Rob Harrison, Michael Freedman, Chris
More informationFast Reroute Techniques in MPLS Networks. George Swallow swallow@cisco.com
Fast Reroute Techniques in MPLS Networks George Swallow swallow@cisco.com Agenda What are your requirements? The solution space U-turns Traffic Engineering for LDP Traffic Engineering Some Observations
More informationInter-domain Routing Basics. Border Gateway Protocol. Inter-domain Routing Basics. Inter-domain Routing Basics. Exterior routing protocols created to:
Border Gateway Protocol Exterior routing protocols created to: control the expansion of routing tables provide a structured view of the Internet by segregating routing domains into separate administrations
More informationIK2205 Inter-domain Routing
IK2205 Inter-domain Routing Lecture 5 Voravit Tanyingyong, voravit@kth.se Outline Redundancy, Symmetry, and Load Balancing Redundancy Symmetry Load balancing Scenarios Controlling Routing Inside the AS
More informationConcepts and Mechanisms for Consistent Route Transitions in Software-defined Networks
Institute of Parallel and Distributed Systems Department Distributed Systems University of Stuttgart Universitätsstraße 38 D-70569 Stuttgart Studienarbeit Nr. 2408 Concepts and Mechanisms for Consistent
More informationControlling IP Spoofing based DDoS Attacks Through Inter-Domain Packet Filters
Controlling IP Spoofing based DDoS Attacks Through Inter-Domain Packet Filters Zhenhai Duan, Xin Yuan, and Jaideep Chandrashekar Abstract The Distributed Denial of Services (DDoS) attack is a serious threat
More informationInterdomain Routing. Outline
Interdomain Routing David Andersen 15-744 Spring 2007 Carnegie Mellon University Outline What does the Internet look like? Relationships between providers Enforced by: Export filters and import ranking
More informationRoute Discovery Protocols
Route Discovery Protocols Columbus, OH 43210 Jain@cse.ohio-State.Edu http://www.cse.ohio-state.edu/~jain/ 1 Overview Building Routing Tables Routing Information Protocol Version 1 (RIP V1) RIP V2 OSPF
More informationUnderstanding Route Redistribution & Filtering
Understanding Route Redistribution & Filtering When to Redistribute and Filter PAN-OS 5.0 Revision B 2013, Palo Alto Networks, Inc. www.paloaltonetworks.com Contents Overview... 3 Route Redistribution......
More informationTowards a Next- Generation Inter-domain Routing Protocol. L. Subramanian, M. Caesar, C.T. Ee, M. Handley, Z. Mao, S. Shenker, and I.
Towards a Next- Generation Inter-domain Routing Protocol L. Subramanian, M. Caesar, C.T. Ee, M. Handley, Z. Mao, S. Shenker, and I. Stoica Routing 1999 Internet Map Coloured by ISP Source: Bill Cheswick,
More informationTransactional Support for SDN Control Planes "
Transactional Support for SDN Control Planes Petr Kuznetsov Telecom ParisTech WTTM, 2015 Software Defined Networking An emerging paradigm in computer network management Separate forwarding hardware (data
More informationRouter and Routing Basics
Router and Routing Basics Malin Bornhager Halmstad University Session Number 2002, Svenska-CNAP Halmstad University 1 Routing Protocols and Concepts CCNA2 Routing and packet forwarding Static routing Dynamic
More informationFrom Electronic Design Automation to NDA: Treating Networks like Chips or Programs
From Electronic Design Automation to NDA: Treating Networks like Chips or Programs George Varghese With Collaborators at Berkeley, Cisco, MSR, Stanford Networks today SQL 1001 10* P1 1* P2 Drop SQL,P2
More informationhttp://www.openflow.org/wk/index.php/openflow_tutorial
http://www.openflow.org/wk/index.php/openflow_tutorial 2 Tutorial Flow Section 5.1 of OpenFlowTutorial: http://www.openflow.org/wk/index.php/openflow_tutorial 3 Tutorial Setup sudomn--toposingle,3 --mac--switch
More informationExample: Advertised Distance (AD) Example: Feasible Distance (FD) Example: Successor and Feasible Successor Example: Successor and Feasible Successor
642-902 Route: Implementing Cisco IP Routing Course Introduction Course Introduction Module 01 - Planning Routing Services Lesson: Assessing Complex Enterprise Network Requirements Cisco Enterprise Architectures
More informationTransform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure
White Paper Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure What You Will Learn The new Cisco Application Centric Infrastructure
More informationRouting Protocols (RIP, OSPF, BGP)
Chapter 13 Routing Protocols (RIP, OSPF, BGP) INTERIOR AND EXTERIOR ROUTING RIP OSPF BGP 1 The McGraw-Hill Companies, Inc., 2000 1 Introduction Packets may pass through several networks on their way to
More informationAssignment 6: Internetworking Due October 17/18, 2012
Assignment 6: Internetworking Due October 17/18, 2012 Our topic this week will be the notion of internetworking in general and IP, the Internet Protocol, in particular. IP is the foundation of the Internet
More information6.263 Data Communication Networks
6.6 Data Communication Networks Lecture : Internet Routing (some slides are taken from I. Stoica and N. Mckewon & T. Griffin) Dina Katabi dk@mit.edu www.nms.csail.mit.edu/~dina Books Text Book Data Communication
More informationAn Implementation Model and Solutions for Stepwise Introduction of SDN -A proposal of AP-GW model-
An Implementation Model and Solutions for Stepwise Introduction of SDN -A proposal of AP-GW model- Hiroki Nakayama, Tatsuo Mori, Satoshi Ueno, Yoshihide Watanabe, Tsunemasa Hayashi BOSCO Technologies Inc.
More informationDisaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs
Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs As a head of the campus network department in the Deanship of Information Technology at King Abdulaziz University for more
More informationSDN/Virtualization and Cloud Computing
SDN/Virtualization and Cloud Computing Agenda Software Define Network (SDN) Virtualization Cloud Computing Software Defined Network (SDN) What is SDN? Traditional Network and Limitations Traditional Computer
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ 1 Lecture 7: Network Layer in the Internet Reference: Chapter 5 - Computer Networks, Andrew S. Tanenbaum, 4th Edition, Prentice Hall,
More informationLesson 5-3: Border Gateway Protocol
Unit 5: Intradomain and Interdomain Protocols Lesson 5-3: Gateway Protocol At a Glance The Gateway Protocol (BGP) is an interdomain routing protocol used in TCP/IP internetworks. BGP was created to allow
More informationCisco CCNP 642 901 Optimizing Converged Cisco Networks (ONT)
Cisco CCNP 642 901 Optimizing Converged Cisco Networks (ONT) Course Number: 642 901 Length: 5 Day(s) Certification Exam This course will help you prepare for the following exams: Cisco CCNP Exam 642 901:
More informationSimulation of Heuristic Usage for Load Balancing In Routing Efficiency
Simulation of Heuristic Usage for Load Balancing In Routing Efficiency Nor Musliza Mustafa Fakulti Sains dan Teknologi Maklumat, Kolej Universiti Islam Antarabangsa Selangor normusliza@kuis.edu.my Abstract.
More informationBased on Computer Networking, 4 th Edition by Kurose and Ross
Computer Networks Internet Routing Based on Computer Networking, 4 th Edition by Kurose and Ross Intra-AS Routing Also known as Interior Gateway Protocols (IGP) Most common Intra-AS routing protocols:
More informationA Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks
A Coordinated Virtual Infrastructure for SDN in Enterprise Networks Software Defined Networking (SDN), OpenFlow and Application Fluent Programmable Networks Strategic White Paper Increasing agility and
More informationIP Routing Configuring Static Routes
11 IP Routing Configuring Static Routes Contents Overview..................................................... 11-3 IP Addressing.............................................. 11-3 Networks.................................................
More informationY. Rekhter IBM T.J. Watson Research Center May 1991
Network Working Group Request for Comments: 1222 H-W. Braun San Diego Supercomputer Center Y. Rekhter IBM T.J. Watson Research Center May 1991 Status of this Memo Advancing the NSFNET Routing Architecture
More informationDoing Don ts: Modifying BGP Attributes within an Autonomous System
Doing Don ts: Modifying BGP Attributes within an Autonomous System Luca Cittadini, Stefano Vissicchio, Giuseppe Di Battista Università degli Studi RomaTre IEEE/IFIP Network Operations and Management Symposium
More informationPoisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures Sungmin Hong, Lei Xu, Haopei Wang, Guofei Gu
Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures Sungmin Hong, Lei Xu, Haopei Wang, Guofei Gu Presented by Alaa Shublaq SDN Overview Software-Defined Networking
More informationA Network-State Management Service. Peng Sun Ratul Mahajan, Jennifer Rexford, Lihua Yuan, Ming Zhang, Ahsan Arefin Princeton & Microsoft
A Network-State Management Service Peng Sun Ratul Mahajan, Jennifer Rexford, Lihua Yuan, Ming Zhang, Ahsan Arefin Princeton & Microsoft Complex Infrastructure Microsoft Azure Number of 2010 2014 Data Center
More information