Efficient Doubletree: An Algorithm for Large-Scale Topology Discovery

Similar documents
Efficient Doubletree: An Algorithm for Large-Scale Topology Discovery

Evaluation of a Large-Scale Topology Discovery Algorithm

The digital copy of this thesis is protected by the Copyright Act 1994 (New Zealand).

Efficient Discovery of Load-Balanced Paths. Alistair King

Improv ed Algorithms for Netw ork T opology Discov ery

Efficient Methodical Internet Topology Discovery

INTERNET TOPOLOGY DISCOVERY: A SURVEY

Network Level Multihoming and BGP Challenges

Provider-Based Deterministic Packet Marking against Distributed DoS Attacks

A Comparison Study of Qos Using Different Routing Algorithms In Mobile Ad Hoc Networks

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

Security Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress

The Joint Degree Distribution as a Definitive Metric of the Internet AS-level Topologies

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

Network (Tree) Topology Inference Based on Prüfer Sequence

Computer Networking Networks

Fast and Secure Data Transmission by Using Hybrid Protocols in Mobile Ad Hoc Network

Scaling 10Gb/s Clustering at Wire-Speed

Trace Driven Analysis of the Long Term Evolution of Gnutella Peer-to-Peer Traffic

Internet (IPv4) Topology Mapping. Department of Computer Science The University of Texas at Dallas

Instructor Notes for Lab 3

A New Forwarding Policy for Load Balancing in Communication Networks

Internet Infrastructure Measurement: Challenges and Tools

How To Load Balance On A Bgg On A Network With A Network (Networking) On A Pc Or Ipa On A Computer Or Ipad On A 2G Network On A Microsoft Ipa (Netnet) On An Ip

PRASAD ATHUKURI Sreekavitha engineering info technology,kammam

BGP Prefix Hijack: An Empirical Investigation of a Theoretical Effect Masters Project

MPLS/BGP Network Simulation Techniques for Business Enterprise Networks

Assignment #3 Routing and Network Analysis. CIS3210 Computer Networks. University of Guelph

SBSCET, Firozpur (Punjab), India

Monitoring commercial cloud service providers

Measurement of the Usage of Several Secure Internet Protocols from Internet Traces

IP Routing Configuring Static Routes

Introduction to LAN/WAN. Network Layer

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

Lesson 5-3: Border Gateway Protocol

Chapter 1 - Web Server Management and Cluster Topology

Enterprise Network Simulation Using MPLS- BGP

Network-Wide Class of Service (CoS) Management with Route Analytics. Integrated Traffic and Routing Visibility for Effective CoS Delivery

A Catechistic Method for Traffic Pattern Discovery in MANET

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January

Large-Scale IP Traceback in High-Speed Internet

Studying Black Holes on the Internet with Hubble

How to Keep Track of Your Network Configuration

EXTENDING NETWORK KNOWLEDGE: MAKING OLSR A QUALITY OF SERVICE CONDUCIVE PROTOCOL

Additional Information: A link to the conference website is available at:

Performance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc

Packet-Marking Scheme for DDoS Attack Prevention

On Routing Asymmetry in the Internet

EFFICIENT DETECTION IN DDOS ATTACK FOR TOPOLOGY GRAPH DEPENDENT PERFORMANCE IN PPM LARGE SCALE IPTRACEBACK

Interconnecting IPv6 Domains Using Tunnels

NETWORK TOPOLOGIES: INFERENCE, MODELING, AND GENERATION

Route Discovery Protocols

Analyzing and modelling the AS-level Internet topology

Chapter 10 Link-State Routing Protocols

Exterior Gateway Protocols (BGP)

TOPOLOGIES NETWORK SECURITY SERVICES

Quality of Service using Traffic Engineering over MPLS: An Analysis. Praveen Bhaniramka, Wei Sun, Raj Jain

Announcements. No question session this week

A Review on Zero Day Attack Safety Using Different Scenarios

IP/MPLS-Based VPNs Layer-3 vs. Layer-2

Mitigation of Breaking Connections. (a.k.a. OLSRd v1 Multi-Gateway & BRDP)

Traceroute-Based Topology Inference without Network Coordinate Estimation

Routing in Small Networks. Internet Routing Overview. Agenda. Routing in Large Networks

International Journal of Advanced Research in Computer Science and Software Engineering

COMPARATIVE ANALYSIS OF ON -DEMAND MOBILE AD-HOC NETWORK

THE HONG KONG POLYTECHNIC UNIVERSITY Department of Electronic and Information Engineering

Claudio Jeker. RIPE 41 Meeting Amsterdam, 15. January Using BGP topology information for DNS RR sorting

Overlay Networks and Tunneling Reading: 4.5, 9.4

Question 1. [7 points] Consider the following scenario and assume host H s routing table is the one given below:

BGP: Border Gateway Protocol

How Cisco IT Protects Against Distributed Denial of Service Attacks

A Framework for Scalable Global IP-Anycast (GIA)

CROSS LAYER BASED MULTIPATH ROUTING FOR LOAD BALANCING

IP addressing and forwarding Network layer

Network Structure or Topology

How To Understand Bg

How To Understand and Configure Your Network for IntraVUE

PERFORMANCE ANALYSIS OF AD-HOC ON DEMAND DISTANCE VECTOR FOR MOBILE AD- HOC NETWORK

Definition. A Historical Example

An Efficient Hybrid Data Gathering Scheme in Wireless Sensor Networks

Quality of Service Routing Network and Performance Evaluation*

Hypothesis Testing for Network Security

Building Secure Network Infrastructure For LANs

Outline. EE 122: Interdomain Routing Protocol (BGP) BGP Routing. Internet is more complicated... Ion Stoica TAs: Junda Liu, DK Moon, David Zats

The Case for Source Address Routing in Multihoming Sites

EQ-BGP: an efficient inter-domain QoS routing protocol

Security in Structured P2P Systems

Avaya ExpertNet Lite Assessment Tool

packet retransmitting based on dynamic route table technology, as shown in fig. 2 and 3.

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs

The Feasibility of Supporting Large-Scale Live Streaming Applications with Dynamic Application End-Points

Network layer: Overview. Network layer functions IP Routing and forwarding

Traffic Engineering for Pan-African Research and Education Network: Software Defined Internet exchange Points

An Alternative Web Search Strategy? Abstract

Understanding and Optimizing BGP Peering Relationships with Advanced Route and Traffic Analytics

Disjoint Path Algorithm for Load Balancing in MPLS network

RARP: Reverse Address Resolution Protocol

CHAPTER 10 LAN REDUNDANCY. Scaling Networks

Study And Comparison Of Mobile Ad-Hoc Networks Using Ant Colony Optimization

A Fast Path Recovery Mechanism for MPLS Networks

Transcription:

Middle-East Journal of Scientific Research 15 (9): 1264-1271, 2013 ISSN 1990-9233 IDOSI Publications, 2013 DOI: 10.5829/idosi.mejsr.2013.15.9.11480 Efficient Doubletree: An Algorithm for Large-Scale Topology Discovery Ranjit Kumar Nukathati Department of Computer Science, JNTU College of Engineering, Anantapur, India Abstract: Monitoring Internet topology was a tractable problem. Topology discovery systems are starting to be introduced in the form of easily and widely deployed software. Unfortunately, they have a problem of how to perform such measurements efficiently and in a network-friendly manner. When scaled up, such methods will generate so much traffic that they will begin to resemble distributed denial-of-service attacks. The existing Doubletree algorithm faces the problem of redundancy. To solve this, the Efficient Doubletree algorithm is proposed which reduces redundancy while maintaining nearly the same level of nodes and link coverage. Algorithm quantifies the amount of redundancy in classic Internet topology discovery approaches by taking into account the perspective of a single monitor (intramonitor) and that of an entire system (intermonitor). Efficient Doubletree simultaneously meets the conflicting demands of reducing intramonitor and intermonitor redundancy. In both the above cases a hop in the middle that is between monitor and destination will be selected by Hop Selection to increase efficiency. Key words: Distributed denial-of-service(ddos) attack Efficient Doubletree forward probing Backward probing Stopping rule INTRODUCTION systems such as the RIPE NCC s TTM service and the NLANR AMP have larger numbers of monitors Systems for active measurements in the Internet are (between 100 and 200) and conduct traces in a full mesh undergoing a dramatic change. Whereas the present but avoid tracing to outside destinations. Scriptroute is generation of systems operates on largely dedicated a system that allows an ordinary Internet user to perform hosts, that numbering between 20 to 200, a new network measurements from several distributed points. generation of easily downloadable measurement software It proposes remote measurement execution on nodes of means that infrastructures based on thousands of hosts PlanetLab, through a daemon that implements ping, could spring up overnight. Unless we carefully controlled traceroute, hop-by-hop bandwidth measurement and these new systems have the potential to impose a heavy other number of utilities.removing spatial bias is not the load on parts of the network that are being measured. only reason to employ measurement systems that use a They also have the capable to raise alarms as their traffic larger number of monitors. Using with more monitors to can easily resemble a distributed denial-of-service (DDoS) probe the same space, each one can take a small portion attack. This paper examines the problem and proposes and probe it more frequently. In network dynamics, that and evaluates, through simulations and prototype might be missed by smaller systems and can more readily deployment, an algorithm for Controlling one of the most be captured by the larger ones, while keeping constant as common forms of active measurement: traceroute. the workload per monitor. The idea of releasing easily There are a number of systems active today that aim deployable measurement software is not new. To the best to elicit the Internet topology at the Internet protocol (IP) of our knowledge, the idea of incorporating a traceroute interface level. The most extensive tracing system is monitor into a screen saver was first discussed in a paper CAIDA s skitter. It uses 24 monitors, each monitor by Cheswick in 2000. Since that time, a number of targeting on the order of one million destinations. In the measurement tools have been released to the public in the fashion of skitter, scamper uses several monitors to form of screen savers or daemons, such as Grenouille or traceroute IPv6 addresses. Some other well-known NETI@home. In the summer of 2004, the first tracerouting Corresponding Author: Ranjit Kumar Nukathati, Department of Computer Science, JNTU College of Engineering, Anantapur, India. 1264

tool of this type was made available: DIMES conducts traceroutes and pings from, at the time of writing this paper, 8700 agents distributed over five continents. Given that large-scale network mapping is emerging, contemplating such a measurement system demands attention to effi-ciency, in order to avoid generating undesirable network load.save for our work, described here and first presented at ACM SIGMETRICS 2005, this issue has not been systematically tackled by the research community. Our first contribution is to measure the extent to Fig. 1: Quantiles Key which classic topology discovery systems involve duplicated effort. By classic topology discovery, such as skitter, tracing from a small number of monitors to a large set of common destinations. We define two metrics to estimate duplicated effort in such systems: the quantity of measurements made by an individual monitor that replicate its own work (intramonitor redunancy) and, the quantity of measurements made by multiple monitors that replicate each other s work (intermonitor redundancy). Using skitter data from August 2004, we quantify both kinds of redundancy. We show that intramonitor redundancy is high close to each monitor. This fact is not surprising given the treelike structure of routes emanating from a single monitor. Further, with respect to intermonitor Fig. 2: Skitter intramonitor redundancy for the redundancy, we find that most interfaces are visited by all champagne monitor monitors, especially when those interfaces are close to destinations. This latter form of redundancy is also discovered. We show, balancing these conflicting potentially quite large, since it would be expected to grow strategies in Efficient Doubletree. In Efficient Doubletree, linearly with the number of monitors in future large-scale probing starts at a distance that is intermediate between measurement systems. Our analysis of the nature of monitor and destination. We demonstrate methods for redundant probing suggests more efficient algorithms for choosing this distance and we then evaluate the resulting topology discovery. In particular, our second contribution performance of Efficient Doubletree. Despite the challenge is to propose and evaluate an algorithm called Efficient inherent in reducing both forms of redundancy Doubletree. Efficient Doubletree takes advantage of the simultaneously we show in simulations that probing via tree-like structure of routes, either emanating from a single Efficient Doubletree can reduce measurement load by source towards multiple destinations or converging from approximately 76%, while maintaining interface and link multiple sources towards a single destination, to avoid coverage above 90%. duplication of the effort. Unfortunately, the general strategies for reducing these two kinds of redundancy are Metrics to Evaluate Topology Discovery Tools: in conflict. On the one hand, intramonitor redundancy is This section introduces two metrics that allow one to reduced by starting probing far from the monitor and evaluate a distributed tracerouting system. We evaluate working backwards along the tree-like structure that is such a system by considering the redundancy (i.e., the rooted at that monitor. Once an interface is encountered duplication of effort) at two levels. One is the individual and that has already been discovered by the monitor, then level of a single monitor, considered in isolation from probing stops. On the other hand, intermonitor Fig. 2. Skitter intramonitor redundancy for the champagne redundancy is reduced by probing forwards towards a monitor. This intramonitor redundancy is measured by the destination until encountering a previously seen interface. number of times the same monitor visits an interface. The intermonitor redundancy reduction implies that This intermonitor redundancy is measured by the number monitors share information about what they have already of monitors that visit an interface counting only once 1265

Since there are fewer number of interfaces closer to the monitor and those interfaces will tend to be visited more frequently. In extreme cases, if there is a single gateway router between the monitor and the rest of the Internet, the single IP address of the outgoing interface belonging to that router should show up in every one of the traceroutes. We measure intramonitor redundancy by considering all traceroutes from the monitor to the shared destinations, whether there may be problems with a traceroute such as illegal addresses, or not. Having calculated the intramonitor redundancy for each interface, we organizes results by the distance of the interfaces from the monitor. We measure distance exactly by hop count. Fig. 3: Skitter intermonitor redundancy Since the same interface can appear at a number of different hop counts from a monitor, for instance, if routes each that has nonzero intramonitor redundancy for that change between the traceroutes, we arbitrarily attribute to interface. By separating the two levels, we separate the each interface the hop count at which it was first visited. problem of redundancy into two problems that can be This process yields, for each hop count, a set of treated somewhat separately. Each monitor can act on its interfaces that we sort by number of visits. The we plot, own to reduce its intramonitor redundancy, but hop-by-hop, the redundancy distribution for interfaces at cooperation between monitors is required to reduce each hop count. Fig. 2 shows the intramonitor intermonitor redundancy. Fig. 1 provides a key to reading redundancy metric applied to the champagne monitor. the quantile plots found in Figs. 2 and 3 and figures found nd later in this paper. A dot marks the median (the 2 quartile Intermonitor Redundancy: Intermonitor redundancy or 50th percentile). The vertical line below the dot occurs when multiple monitors visit the same interface. delineates the range from the minimum to the st 1 The degree of such redundancy is of keen interest to us st nd quartile and leaves a space from the 1 to the 2 quartile. when we envisage increasing the number of monitors by nd rd The space above the dot runs from the 2 to the 3 several orders of magnitude. We calculate the rd quartile and the line above that extends from the 3 intermonitor redundancy for each interface by counting quartile to the maximum. Small tick bars to either side of the number of monitors that have visited it. And a monitor the lines mark some additional percentiles: bars to the left can be counted at most once towards an interface s th th th for the 10 and 90 and bars to the right for the 5 and intermonitor redundancy, even if it has visited that th 95. interface multiple number of times. For a given interface, In the figures, each quantile plot sits directly above the redundancy is calculated just once with respect to the an accompanying bar chart that indicates the quantity of entirety of the monitors: it does not vary from monitor to data upon which the quantiles were based. And for each monitor as does intramonitor redundancy. However, what hop count, the bar chart displays the number of interfaces does vary depending upon the monitor is whether the at that distance. For these bar Fig. 3. Skitter intermonitor particular interface is seen and at what distance. In order redundancy. charts, a log scale is used on the vertical to attribute a single distance to an interface, a distance axis. This allows us to identify quantiles that are based that does not depend upon the perspective of a single upon very few interfaces (fewer than 20, for instance) and monitor but that nonetheless has meaning when so for which the values risk being somewhat arbitrary. examining the effects of distance on redundancy, we In addition, each plot has a separate bar to the right, attribute the minimum distance at which an interface has labeled all, that shows the quantiles for all interfaces been seen among all the monitors. Fig. 3 shows the taken together (upper part of the plot) and the number of intermonitor redundancy metric applied to the 24 skitter discovered interfaces (lower part of the plot). monitors. Intramonitor Redundacy: Intramonitor redundancy Discovering Process Using Efficient Doubletree: occurs in the context of the tree-like graph that is The Efficient Doubletree algorithm, which is part of the generated when all traceroutes originate at a single point. Traceroute project, is the first attempt to efficiently 1266

destination-rooted trees as illustrated by Figure 3.1(a) and 3.1(b) The monitor-rooted tree is composed of outgoing routes from a single monitor to multiple destinations. The destination-rooted tree is composed of routes from multiple monitors converging to a common destination. The stopping rule based on the former aims at reducing intra-monitor redundancy and the latter which requires inter-monitor communication in order to reduce their shared redundancy. Two-Phase Probing: Efficient Doubletree acts in two phases: Fig. 3.1(a): Monitor-rooted tree Forward probing proceeds from an initial hop count h to h+1, h+2 and so forth, applying a stopping rule based on the destination-rooted tree. Backward probing then follows by taking the hop count back to h-1, h-2, etc., applying a stopping rule based on the monitor-rooted tree. During the backward probing phase, once the root or stopping rule is reached, the algorithm moves on to the next destination and restarts probing at initial distance h. In the special case where there is no response at a certain distance, this distance is halved and halved again until there is a reply. Probing then continues forward and backward from that point. Stop Sets and Simple Stopping Rule: Rather than maintaining information about the tree structure, it is Fig. 3.1(b): Destinated-rooted tree sufficient for the stopping rules to store sets of (interface, root) pairs, the root being the root of the tree in question, perform large-scale topology discovery in a network- i.e. the monitor- or destination-based tree. These sets are friendly manner through co-operation between monitors. called stop sets. A single monitor uses two distinct stop A tree can be used by a probing algorithm to keep track of sets: its discovery progress. The rule is that probing is carried out from the leaves to the root, i.e. decreasing probe The first stop set is used when probing forwards and packet TTLs, as long as it is probing a previously is called the global stop set. unknown part of the tree. It then stops when a previously The second stop set is used when probing discovered node is encountered. The assumption is made backwards and is called the local stop set. This set that the remaining path to the root is known, leading to can be reduced to a list of interfaces since the root potential coverage loss. Note that, in the context of item never changes as it is the monitor itself. Internet topology, discovering a new node would correspond to a router s interface responding to a probe The stopping rule for each phase is simple: it is to packet within the constraints. Efficient Doubletree tackles stop when the encountered pair is already a member of the both types of redundancy (i.e. Intra-monitor redundancy relevant set, otherwise it is added. and inter-monitor redundancy) and is based on the treelike structure of routes emanating from a single source Algorithm: Efficient Doubletree: Algorithm 1 is the or converging on a same destination. For this reason, formal definition of Efficient Doubletree and assumes the Doubletree uses two trees, one monitor-rooted and one existence of two functions: 1267

Response() returns true if an interface replies to at Choice of Initial Distance: In order for a monitor to avoid least one probe sent to it. excess intra-monitor redundancy by probing too close Halt() returns true if probing must be and excess inter-monitor redundancy by probing too far, stopped for various reasons. These reasons Efficient Doubletree starts off at what is hoped to be an include the detection of a loop or the intermediate point h between the monitor and the given observation of a gap in the case of a non- destination. Each monitor having a different location in responding interface. the network, a reasonable value for h is to be determined for each one. Algorithm: A choice for h is typically based on the distribution of path lengths as seen individually from the perspective Procedure Doubletree(h,D) of each monitor. One easily estimated parameter by a B monitor is its probability p of hitting a responding for all d D do destination on the first probe. By fixing p, the individually h AdapthValue (h) obtained values of h correspond to a similar level of TraceForward (h,d) incursion of each monitor in the network. TraceBackwards (h-1,d) End for Result Analysis: This section describes the simulated end Procedure version of Efficient Doubletree. The Java code for this Procedure AdapthValue(h) prototype is freely available online. This section also while response(v h) ^ h 1 do describes the results of initial runs of Efficient Doubletree h h/2 in a real environment. end while Return h Instance of Adhoc Network: As an Adhoc network is End procedure dynamic and changes time to time, one instance of Adhoc Procedure TraceForward(i,d) network is given, in the above Figure 4.1. While v i d ^ (v i,d) F ^ halt() do F F U (v i,d) Path Tracing Information i ++ Forward Probing:: Global StopSet: Towards the End while Destination1 End procedure Monitor1 begins probing from the hop11 and the next Procedure Trace Backwards (i,d) hop traced is 16 towards the Destination1. Lines while i 1 v B ^ halt() do connecting all these nodes can be seen in the network i B B U v shown in Figure 4.1. i F F U (v i,d) Monitor 2 begins probing from the hop14 and the i next hop traced is 18 towards the Destination 1. End while Lines connecting all these nodes can be seen in the End procedure network shown in Figure 4.1. Fig. 4.1: Adhoc Network 1268

Fig. 4.2: Forward Probing from Monitor1 towards the Destination1 Fig. 4.3: Forward Probing from Monitor2 towards the Destination1 Fig. 4.4: Forward Probing from Monitor3 towards the Destination1 Fig. 4.5 Forward Probing from Monitor4 towards the Destination1 Monitor 3 begins probing from the hop9 and the next Backward Probing:: Local StopSet: Towards the hops traced in sequence are 0,13 and 4 towards the respective Monitors Destination1. Lines connecting all these nodes can be Backward probing for Monitor1 begins at seen in the network shown in Figure 4.1. two-hop distance that is from hop 11 towards hop 6 Monitor 4 begins probing from the hop10 and the and Monitor 1 in sequence. Similarly backward next hops traced in sequence are 2, 7 and 15 towards the probing for Monitor 2 begins at two-hop distance Destination1. Lines connecting all these nodes can be that is from hop14 towards hop19 and Monitor 2 in seen in the network shown in Figure 4.1. sequence. 1269

Fig. 4.6: Backward Probing towards Monitor1 and Monitor2 at Two HOP Distance Fig. 4.7: Backward Probing towards Monitor3 and Monitor4 at Two HOP Distance Backward probing for Monitor3 begins at two-hop coverage above 90%. We also describe a prototype distance that is from hop9 towards hop8 and Monitor 3 in Efficient Doubletree implementation and present sequence. Similarly backward probing for Monitor 4 preliminary in simulation. These initial results are begins at two-hop distance that is from hop10 towards consistent with the performance expectations formed hop18 and Monitor4 in sequence. by the simulation results. Further experiments are necessary, though difficult to carry out. This paper CONCLUSION represents the first step towards a highly distributed tracerouting system. Elsewhere, we have proposed In this paper, we quantify the amount of redundancy extensions to this work: reducing the communication cost in classic Internet topology discovery approaches by of sharing the global stop set through the use of Bloom taking into account the perspective of a single monitor filters and reducing the load on destinations via (intramonitor) and that of an entire system (intermonitor). techniques we call capping and clustering. In other In the intramonitor case, we find that interfaces close to work, we evaluate and address prefix based the monitor suffer from a high number of repeat visits. stopping rule. We show in this paper that Efficient Concerning intermonitor redundancy, we see that a large Doubletree can save time by avoiding duplication of portion of interfaces are visited by all monitors. In order effort between monitors. Therefore, Efficient to scale up classic approaches such as skitter, we have Doubletree should be able to probe the network more proposed Efficient Doubletree, an algorithm that frequently. We beleve that this could make it possible to significantly reduces the duplication of effort, while better capture the network dynamics that result from discovering nearly the same set of nodes and links. routing changes and load balancing. Future work might Efficient Doubletree simultaneously meets the conflicting reveal the extent to which Efficient Doubletree is helpful demands of reducing intramonitor and intermonitor in capturing such network changes. We are also working redundancy. We describe how to tune a single parameter on a BGP-guided topology discovery tool. We think that for Efficient Doubletree in order to obtain a tradeoff a topology discovery algorithm at the IP level may between redundancy and coverage and we find operating fruitfully make use of information from higher levels, such points at which it is possible to strongly reduce one while as the AS-level. maintaining the other. For a range of values, Efficient Finally, we plan to work on an overlay or peer-to-peer Doubletree is able to reduce measurement load by system for managing the interaction between Efficient approximately 76%, while maintaining interface and link Doubletree monitors. 1270

REFERENCES 5. Atkins, D. and R. Austein, 2004. Threat Analysis of the Domain Name System (DNS). RFC 3833. 1. Jacobsen, V., 1989. Traceroute UNIX. [Online]. (Informational), August. Available: ftp://ftp.ee.lbl.gov/traceroute.tar.gz, man 6. Murphy, S., 2006. BGP Security Vulnerable Analysis, page. RFC 4272 (Informational), January. 2. Braden, R., 1989. Requirements for internet hosts. 7. Retana, A., R. White, V. Fuller and D. McPherson, Communication layers, Internet Engineering Task 2000. Using 31-Bit Prefixes on IPv4 Point-to-Point Force, RFC 1122, Oct. [3] E.C. Rosen, Vulnerabilities Links, RFC 3021 (Proposed Standard), December. of network control protocols: An examples, RFC 789, 8. Rekhter, Y. and T. Li, 1995. A Border Gateway July 1981. Protocol 4 (BGP-4), RFC 1771 (Draft Standard), 4. Rekhter, Y., 1991. BGP Protocol Analysis, RFC 1265, March. Obsoleted by RFC 4271. October. 1271

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information