BGP route propagation. Internet AS relationships, Routing policy on Internet paths. Example of commercial relationship. Transit vs.



Similar documents
Exterior Gateway Protocols (BGP)

Internet inter-as routing: BGP

Interdomain Routing. Outline

Outline. EE 122: Interdomain Routing Protocol (BGP) BGP Routing. Internet is more complicated... Ion Stoica TAs: Junda Liu, DK Moon, David Zats

Internet inter-as routing: BGP

Border Gateway Protocol BGP4 (2)

Week 4 / Paper 1. Open issues in Interdomain Routing: a survey

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January

How To Make A Network Plan Based On Bg, Qos, And Autonomous System (As)

Inter-domain Routing Basics. Border Gateway Protocol. Inter-domain Routing Basics. Inter-domain Routing Basics. Exterior routing protocols created to:

Inter-domain Routing. Outline. Border Gateway Protocol

Lecture 18: Border Gateway Protocol"

Border Gateway Protocol (BGP)

Can Forwarding Loops Appear when Activating ibgp Multipath Load Sharing?

Active measurements: networks. Prof. Anja Feldmann, Ph.D. Dr. Nikolaos Chatzis Georgios Smaragdakis, Ph.D.

CS551 External v.s. Internal BGP

Module 7. Routing and Congestion Control. Version 2 CSE IIT, Kharagpur

Inter-domain Routing

Towards a Next- Generation Inter-domain Routing Protocol. L. Subramanian, M. Caesar, C.T. Ee, M. Handley, Z. Mao, S. Shenker, and I.

6.263 Data Communication Networks

APNIC elearning: BGP Attributes

BGP overview BGP operations BGP messages BGP decision algorithm BGP states

Doing Don ts: Modifying BGP Attributes within an Autonomous System

Based on Computer Networking, 4 th Edition by Kurose and Ross

Introduction to Routing

BGP Router Startup Message Flow

Advanced BGP Policy. Advanced Topics

Internet Routing Protocols Lecture 04 BGP Continued

HP Networking BGP and MPLS technology training

Using the Border Gateway Protocol for Interdomain Routing

How To Understand Bg

B. Quoitin, S. Uhlig, C. Pelsser, L. Swinnen and O. Bonaventure

BGP Attributes and Path Selection

BGP Best Path Selection Algorithm

E : Internet Routing

An Overview of Solutions to Avoid Persistent BGP Divergence

ISPs Traffic Engineering and Peering Strategy

DD2491 p Load balancing BGP. Johan Nicklasson KTHNOC/NADA

Examination. IP routning på Internet och andra sammansatta nät, DD2491 IP routing in the Internet and other complex networks, DD2491

B. Quoitin, S. Uhlig, C. Pelsser, L. Swinnen and O. Bonaventure

Measuring the Shared Fate of IGP Engineering and Interdomain Traffic

Border Gateway Protocol Best Practices

The ISP Column. An Introduction to BGP the Protocol

BGP Basics. BGP Uses TCP 179 ibgp - BGP Peers in the same AS ebgp - BGP Peers in different AS's Private BGP ASN. BGP Router Processes

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

BGP1 Multihoming and Traffic Engineering

Routing in Small Networks. Internet Routing Overview. Agenda. Routing in Large Networks

Network Level Multihoming and BGP Challenges

The goal of this lecture is to explain how routing between different administrative domains

Understanding and Optimizing BGP Peering Relationships with Advanced Route and Traffic Analytics

ECONOMIZING ISP INTERCONNECTIONS AT INTERNET EXCHANGE POINTS

Border Gateway Protocol (BGP-4)

basic BGP in Huawei CLI

Administra0via. STP lab due Wednesday (in BE 301a!), 5/15 BGP quiz Thursday (remember required reading), 5/16

Routing Protocol - BGP

BGP Terminology, Concepts, and Operation. Chapter , Cisco Systems, Inc. All rights reserved. Cisco Public

Understanding Large Internet Service Provider Backbone Networks

BGP Routing Stability of Popular Destinations

DD2491 p Inter-domain routing and BGP part I Olof Hagsand KTH/CSC

Load balancing and traffic control in BGP

Routing Protocols. Interconnected ASes. Hierarchical Routing. Hierarchical Routing

Characterization and Design of Effective BGP AS-PATH Prepending

--BGP 4 White Paper Ver BGP-4 in Vanguard Routers

APNIC elearning: BGP Basics. Contact: erou03_v1.0

How To Set Up Bgg On A Network With A Network On A Pb Or Pb On A Pc Or Ipa On A Bg On Pc Or Pv On A Ipa (Netb) On A Router On A 2

Analyzing Capabilities of Commercial and Open-Source Routers to Implement Atomic BGP

IP Routing. CS 552 Richard Martin (with slides from S. Savage and S. Agarwal)

Outline. Outline. Outline

Outline. Internet Routing. Alleviating the Problem. DV Algorithm. Routing Information Protocol (RIP) Link State Routing. Routing algorithms

Route Discovery Protocols

Multihomed BGP Configurations

Internet Service Providers: Peering and Charging

Today s Agenda. Note: it takes years to really master BGP Many slides stolen from Prof. Zhi-Li Zhang at Minnesota and from Avi Freedman s slides

CSC458 Lecture 6. Homework #1 Grades. Inter-domain Routing IP Addressing. Administrivia. Midterm will Cover Following Topics

Understanding BGP Next-hop Diversity

BGP. 1. Internet Routing

BGP Route Analysis and Management Systems

Our goal is to explain how routing between different administrative domains works in

A Case Study Design of Border Gateway Routing Protocol Using Simulation Technologies

ASSEMBLER A BGP-COMPATIBLE MULTIPATH INTER-DOMAIN ROUTING PROTOCOL

Chapter 49 Border Gateway Protocol version 4 (BGP-4)

Module 12 Multihoming to the Same ISP

Understanding Route Aggregation in BGP

Configuring BGP Services

CS551 Multi-homing in BGP

CS 40, Lecture 3: Internet economics. Ramesh Johari

Transcription:

BGP route propagation Internet AS relationships, Routing policy on Internet paths Z. Morley Mao Lecture 5 Jan 20, 2005 Connectivity does not imply reachability Not all possible routes propagate Commercial relationships determine policies for - Route import - Route selection - Route export Typical relationships - Provider-customer: customer pay money for transit - Peer-peer: typically exchange respective customers traffic for free Z. Morley Mao, Winter 2005, CS589 1 Z. Morley Mao, Winter 2005, CS589 2 Transit vs. peering Example of commercial relationship ISP definition: - Internet service provider is an organization tha tsells access to the Internet Transit definition: - Business relationship whereby one ISP provides (usually sells) access to all destinations in its routing table. Peering is non-transitive relationship - A peers with B, B peers with C, does not imply A peers with C Peering definition: - An interconnection business relationship whereby ISPs provide connectivity to each others transit customers. Hybrid exists - Regional transit - Paid peering Merit UMich Cogent Google Merit Berkeley Z. Morley Mao, Winter 2005, CS589 3 Z. Morley Mao, Winter 2005, CS589 4 Tier1 vs Tier2 peering Benefit of tier-2 peering Tier 1 ISPs - Buy no transit from any other providers - Have only customers and peers - Has full mesh peering with other Tier 1 s - Motivation for peering: Minimize their interconnection costs while providing sufficient interconnection BW to support customer and its growth Tier 2 ISPs - ISP that purchases (resells) transit within an Internet region Decreases the cost and reliance on purchased Internet transit Lowers inter-as traffic latency - Fewer AS hops, AS peering links traversed Is peering always better than transit? Concerns of peering: - Traffic asymmetry - No SLAs: less liability or incentive to improve performance - free rather than getting paid - Peers become more powerful Z. Morley Mao, Winter 2005, CS589 5 Z. Morley Mao, Winter 2005, CS589 6 1

Peer Reduces upstream transit costs Can increase end-to-end performance May be the only way to connect your customers to some part of the Internet ( Tier 1 ) Peering Wars Don t Peer You would rather have customers Peers are usually your competition Peering relationships may require periodic renegotiation Where to peer? Public peering: at public peering locations Private peering Exchange-based interconnection model - A meet point at which ISPs exchange traffic - Can be neutral Internet business exchange Direct circuit interconnection model - Point-to-point circuit between the exchange parties Peering struggles are by far the most contentious issues in the ISP world! Peering agreements are often confidential. Z. Morley Mao, Winter 2005, CS589 7 Z. Morley Mao, Winter 2005, CS589 8 Four Types of BGP Messages Open : Establish a peering session. Keep Alive : Handshake at regular intervals. Notification : Shuts down a peering session. Update : Announcing new routes or withdrawing previously announced routes. announcement = prefix + attributes values Z. Morley Mao, Winter 2005, CS589 9 Policy with BGP BGP provides capability for enforcing various policies Policies are not part of BGP: they are provided to BGP as configuration information BGP enforces policies by choosing paths from multiple alternatives and controlling advertisement to other AS s Import policy - What to do with routes learned from neighbors? - Selecting best path Export policy - What routes to announce to neighbors? - Depends on relationship with neighbor Z. Morley Mao, Winter 2005, CS589 10 Examples of BGP Policies Export Policy A multi-homed AS refuses to act as transit - Limit path advertisement A multi-homed AS can become transit for some AS s - Only advertise paths to some AS s - Eg: A Tier-2 provider multi-homed to Tier-1 providers An AS can favor or disfavor certain AS s for traffic transit from itself An AS exports only best paths to its neighbors - Guarantees that once the route is announced the AS is willing to transit traffic on that route To Customers - Announce all routes learned from peers, providers and customers, and self-origin routes To Providers - Announce routes learned from customers and self-origin routes To Peers - Announce routes learned from customers and self-origin routes Z. Morley Mao, Winter 2005, CS589 11 Z. Morley Mao, Winter 2005, CS589 12 2

Import Routes Export Routes provider route peer route customer route ISP route provider route peer route customer route ISP route From provider From provider To provider From provider From peer From peer To peer To peer From customer From customer To customer To customer filters block Z. Morley Mao, Winter 2005, CS589 13 Z. Morley Mao, Winter 2005, CS589 14 Receive Apply Policy = BGP filter routes & Updates tweak attributes Apply Import Policies BGP Route Processing Open ended programming. Constrained only by vendor configuration language Based on Attribute Values Best Route Selection Best Routes Best Route Table Apply Policy = filter routes & tweak attributes Install forwarding Entries for best Routes. Apply Export Policies Transmit BGP Updates BGP UPDATE Message List of withdrawn routes Network layer reachability information - List of reachable prefixes Path attributes - Origin - Path - Metrics All prefixes advertised in message have same path attributes IP Forwarding Table Z. Morley Mao, Winter 2005, CS589 15 Z. Morley Mao, Winter 2005, CS589 16 Path Selection Criteria Important BGP Attributes Information based on path attributes Attributes + external (policy) information Examples: - Hop count - Policy considerations Preference for AS Presence or absence of certain AS - Path origin - Link dynamics Local Preference AS-Path MED Next hop Z. Morley Mao, Winter 2005, CS589 17 Z. Morley Mao, Winter 2005, CS589 18 3

LOCAL PREF LOCAL PREF Common Uses Local (within an AS) mechanism to provide relative priority among BGP routers R1 AS 100 R5 AS 200 R2 AS 300 Handle routes advertised to multi-homed transit customers - Should use direct connection (multihoming typically has a primary/backup arrangement) Peering vs. transit - Prefer to use peering connection, why? In general, customer > peer > provider - Use LOCAL PREF to ensure this R3 AS 256 Local Pref = 500 Local Pref =800 I-BGP R4 Z. Morley Mao, Winter 2005, CS589 19 Z. Morley Mao, Winter 2005, CS589 20 AS_PATH Multi-Exit Discriminator (MED) List of traversed AS s Useful for loop checking and for path -based route selection (length, regexp) AS 200 AS 100 170.10.0.0/16 180.10.0.0/16 AS 300 Hint to external neighbors about the preferred path into an AS - Non-transitive attribute - Different AS choose different scales Used when two AS s connect to each other in more than one place AS 500 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 Z. Morley Mao, Winter 2005, CS589 21 Z. Morley Mao, Winter 2005, CS589 22 MED Typically used when two ASes peer at multiple locations Hint to R1 to use R3 over R4 link Cannot compare AS40 s values to AS30 s MED MED is typically used in provider/subscriber scenarios It can lead to unfairness if used between ISP because it may force one ISP to carry more traffic: R1 AS 10 180.10.0.0 MED = 50 AS 40 R2 SF ISP1 ISP2 NY R3 180.10.0.0 MED = 120 180.10.0.0 MED = 200 R4 ISP1 ignores MED from ISP2 ISP2 obeys MED from ISP1 ISP2 ends up carrying traffic most of the way AS 30 Z. Morley Mao, Winter 2005, CS589 23 Z. Morley Mao, Winter 2005, CS589 24 4

Other Attributes Route Selection Process ORIGIN - Source of route (IGP, EGP, other) NEXT_HOP - Address of next hop router to use Check out http://www.cisco.com for full explanation Question: Too many choices/ attributes how to select routes! Highest Local Preference Shortest ASPATH Lowest MED i-bgp < e-bgp Lowest IGP cost to BGP egress Lowest router ID Enforce relationships traffic engineering Throw up hands and break ties Z. Morley Mao, Winter 2005, CS589 25 Z. Morley Mao, Winter 2005, CS589 26 Internal vs. External BGP BGP can be used by R3 and R4 to learn routes How do R1 and R2 learn routes? Option 1: Inject routes in IGP Only works for small routing tables Option 2: Use I-BGP R1 AS1 R2 R3 E-BGP R4 AS2 Internal BGP (I-BGP) Same messages as E-BGP Different rules about re-advertising prefixes: - Prefix learned from E-BGP can be advertised to I-BGP neighbor and vice-versa, but - Prefix learned from one I-BGP neighbor cannot be advertised to another I-BGP neighbor - Reason: no AS PATH within the same AS and thus danger of looping. Z. Morley Mao, Winter 2005, CS589 27 Z. Morley Mao, Winter 2005, CS589 28 Internal BGP (I-BGP) R3 can tell R1 and R2 prefixes from R4 R3 can tell R4 prefixes from R1 and R2 R3 cannot tell R2 prefixes from R1 Route Reflector ebgp update R2 can only find these prefixes through a direct connection to R1 Result: I-BGP routers must be fully connected (via TCP)! contrast with E-BGP sessions that map to physical links ibgp updates RR RR RR R1 AS1 R3 E-BGP R4 AS2 R2 I-BGP Z. Morley Mao, Winter 2005, CS589 29 Mesh does not scale Each RR passes only best routes, no longer N^2 scaling problem Z. Morley Mao, Winter 2005, CS589 30 5

Policy Impact Why is it useful to infer AS relationships? Different relationships Transit, Peering Export policies selective export Valley -free routing - Number links as (+1, 0, -1) for customer-to-provider, peer and provider-to-customer - In any path should only see sequence of +1, followed by at most one 0, followed by sequence of -1 Identify the AS-level hierarchy of Internet - Not shortest path routing Predict AS-level paths Traffic engineering Understand the Internet better Correlate with and interpret BGP update Identify BGP misconfigurations - E.g., errors in BGP export rules Z. Morley Mao, Winter 2005, CS589 31 Z. Morley Mao, Winter 2005, CS589 32 AS relationships translate into BGP export rules Example Export to a provider or a peer - Allowed: its routes and routes of its customers and siblings - Disallowed: routes learned from other providers or peers Export to a customer or a sibling - Allowed: its routes, the routes of its customers and siblings, and routes learned from its providers and peers Valley-free: - After traversing a provider-customer or peer-peer edge, cannot traverse a customer-provider or peer-peer edge - Invalid path: >= 2 peer links, downhill-uphill, downhill-peer, peer-uphill [1 2 3], [1 2 6 3] are valley -free [1 4 3], [1 4 5 3] are not valley free Z. Morley Mao, Winter 2005, CS589 33 Z. Morley Mao, Winter 2005, CS589 34 Related work in the area of inferring AS relationships What are siblings? On inferring Autonomous Systems Relationships in the Internet [Gao] - Find the highest degree AS node to be the top provider of the AS path - Left to the top node: customer-provider or sibling-sibling links - Right to the top node: provider-customer or siblingsibling links - Sibling-sibling: if providing mutual transit service for each other - Peer-peer: with top provider and of comparable degree value Mutual transit agreement - Provide connectivity to the rest of the Internet for each other Typically between two administrative domains such as small ISPs or universities located close to each other, cannot afford additional Internet services for better connectivity Z. Morley Mao, Winter 2005, CS589 35 Z. Morley Mao, Winter 2005, CS589 36 6

Assumptions of the Gaoalgorithm Follow up work by Subramanian et al. Provider is typically larger than its customers Two peers are typically of comparable size Use BGP tables from multiple vantage points - More complete - Exploit uniqueness of each point Build AS-level hierarchy of Internet - Relationship based, not degree based - 5 level classification of AS s Relationship inference rules - Position of AS in AS graph gives rank - Combine ranks from multiple tables - Compare ranks: Peer-peer with similar ranks Provider-customer: provider with higher ranks Z. Morley Mao, Winter 2005, CS589 37 Z. Morley Mao, Winter 2005, CS589 38 Hierarchy inference A more recent work Internet hierarchy inference Based on relationships Not degree [Gao] Computing the Types of the Relationships between Autonomous Systems Giuseppe Di Battista, Maurizio Patrignani, Maurizio Pizzonia (University of Rome III) Infocom 2003 Cast it as an optimization problem to find provider-cutomer relationships that minimize the number of conflicts Shows the problem is NP-hard Do not deal with peer-peer relationships well Z. Morley Mao, Winter 2005, CS589 39 Z. Morley Mao, Winter 2005, CS589 40 Quantifying the causes of path inflation [Spring03] Findings Path inflation: - End-to-end paths are significantly longer than necessary Trace-driven study of 65 ISPs to characterize the root causes of path inflation - Topology and routing policy choices within an ISP, between pairs of ISPs, and across the global Internet High-level conclusion: - Peering policies and interdomain routing lead to significant inflation - Interdomain path inflation is due to lack of BGP policy to provide convenient engineering of good paths across ISPs Intra-domain traffic engineering is commonplace, but has minimal impact on path inflation There is significant cold-potato or non-early-exit routing between adjacent ISPs - To avoid poor routes, load-balance across multiple peering links Many early-exit paths are inflated Topology insensitive load balancing can cause significant path inflation Half of the path inflation is due to interdomain routing using AS-path length as a routing metric Z. Morley Mao, Winter 2005, CS589 41 Z. Morley Mao, Winter 2005, CS589 42 7

What path inflation is? Internet Path Inflation AS2 AS3 AS5 AS4 AS6 AS1 source To go from AS1 to AS8 instead of taking the shortest path: 1-> 2 -> 5 -> 6 -> 8 take a longer path like: 1-> 2-> 3 -> 4 -> 6 -> 8 AS7 AS8 destination Z. Morley Mao, Winter 2005, CS589 43 Z. Morley Mao, Winter 2005, CS589 44 Outline H. Tangmunarunkit, R. Govindan, S. Shenker, and D. Estrin. The impact of routing policy on Internet paths. In IEEE INFOCOM, 2001 H. Tangmunarunkit, R. Govindan, S. Shenker. Internet path inflation due to policy routing. In SPIE ITCom, 2001 L. Gao and F. Wang. The extent of AS path inflation by routing policies. In IEEE Global Internet Symposium, 2002 N. Spring, R. Mahajan, and T. Anderson. Quantifying the causes of path inflation. In ACM SIGCOMM, 2003 The impact of routing policy on Internet paths H. Tangmunarunkit, R. Govindan, S. Shenker, D. Estrin Z. Morley Mao, Winter 2005, CS589 45 Z. Morley Mao, Winter 2005, CS589 46 Methodology Shortest AS path inflation Create [Mar-Apr 2000] a router level map of the Internet using Mercator. Heuristics for Internet Map Discovery INFOCOMM 2000. Create an AS overlay map by assigning routers to ASs. - Use RouteViews BGP tables and RADB to find ASs. Compare router level path induced by shortest AS path routing with shortest router level path. Z. Morley Mao, Winter 2005, CS589 47 Shortest AS path AS4 AS2 AS8 destination AS1 AS5 AS7 source AS9 Shortest router path Z. Morley Mao, Winter 2005, CS589 48 8

Results Results Quantified the contribution of shortest AS path routing to path inflation. They also found that longer paths are more inflated. Shortcomings: - Overlooked policies applied between ASs. - Assumed shortest path intradomain routing. - Map size (2662 ASs is very small). 20% of the node pairs have a path 5 hop longer then the shortest path Z. Morley Mao, Winter 2005, CS589 49 Z. Morley Mao, Winter 2005, CS589 50 Methodology Internet Path Inflation due to policy routing H. Tangmunarunkit, R. Govindan, S. Shenker Re-examination of the previous work using a larger map; also consider interdomain policies. Create a router map using Mercator and an AS overlay. Infer policies between ASs. Assume a routing model and compare router level paths induced by the routing model and shortest router level paths. Z. Morley Mao, Winter 2005, CS589 51 Z. Morley Mao, Winter 2005, CS589 52 Policies Three types of peering relationships: - Provider-customer: customer pays its provider for transit services - Peer-peer: exchange traffic between customers no money exchange - Sibling-sibling: have mutual transit agreement AS3 AS2 merging ISPs Interconnection, Peering and Settlements G. Huston Internet Protocol Journal 1999. Z. Morley Mao, Winter 2005, CS589 53 AS1 AS5 AS7 AS4 AS6 AS8 On inferring autonomous systems relationships in the Internet L. Gao ACM IEEE Transactions on Networking 2001. Network Next hop AS Path 4.2.24.0/21 134.24.127.3 1740 1 i 194.68.130.254 5459 5413 1 i 158.43.133.48 1849 704 702 701 1 i 193.0.0.242 3333 286 1 i 144.228.240.93 1239 1 i 1849 704 702 Paths are hierarchical 701 In a path you can have at most one 1 peer-peer link You go up the hierarchy through customer 1 provider links (or sibling-sibling) and down the hierarchy through provider customer links (or sibling-sibling), Z. Morley Mao, Winter 2005, CS589 54 Figure taken from Lixin Gao 9

Routing Model Results A path transverses: - up the hierarchy through customer-provider links - down the hierarchy through provider-customer links - across the hierarchy through peer-peer links If more than one possible paths randomly pick one. Z. Morley Mao, Winter 2005, CS589 55 Z. Inflation Morley Mao, Winter difference 2005, CS589 by realistic and simplified routing policy model. 56 Results Conclusions Shortest AS path routing induces inflation Interdomain policies do not induce inflation AS path inflation caused by realistic routing model 95% of the paths have the same AS length Z. Morley Mao, Winter 2005, CS589 57 Z. Morley Mao, Winter 2005, CS589 58 Methodology The extent of AS path inflation by routing policies L. Gao F. Wang Create an AS map of the Internet from RouteViews data. Measure the extent of AS path inflation seen by RouteViews. Assume a routing model and measure AS path inflation. Z. Morley Mao, Winter 2005, CS589 59 Z. Morley Mao, Winter 2005, CS589 60 10

Results Routing Model No-valley routing policy: - An AS does not provide transit between any two of its providers or peers. Prefer Customer routing policy: - Prefer the free of charge customer route over the peer or provider route. AS3 AS4 AS9 AS2 AS5 AS6 Path inflation using a no-valley routing model. Z. Morley Mao, Winter 2005, CS589 61 AS1 AS7 AS8 Z. Morley Mao, Winter 2005, CS589 62 Results Results Path inflation using a no-valley routing model. Z. Morley Mao, Winter 2005, CS589 63 Path inflation using a no-valley and prefer customer routing model. Z. Morley Mao, Winter 2005, CS589 64 Conclusion Prefer customer routing model induces significant inflation. 45% of the paths are inflated by at least one AS hop. Quantifying the Causes of Path Inflation Neil Spring Ratul Mahajan Thomas Anderson SIGCOMM 2003 Z. Morley Mao, Winter 2005, CS589 65 Z. Morley Mao, Winter 2005, CS589 66 11

Approach Methodology Quantify Internet Path inflation in 3 layers. For each layer find topology and policy triggered inflation. Interdomain Routing Peering Policies Shortest AS path routing Routing between adjacent networks. Hot potato routing and MEDs. Infer intradomain topology of 65 ISPs using Rocketfuel, use traceroutes measured from 42 vantage points. Choose mainly large ISPs to have interesting topologies and some smaller ISPs for diversity. Extract a PoP level map from the router level map. Intradomain Routing Intradomain routing protocol Z. Morley Mao, Winter 2005, CS589 67 Z. Morley Mao, Winter 2005, CS589 68 Metric: Additive Latency Metric: Additive Latency Intradomain Topology of an ISP, Intradomain Topology of an ISP, Z. Morley Mao, Winter 2005, CS589 Figure taken from N. Spring 69 Z. Morley Mao, Winter 2005, CS589 Figure taken from N. Spring 70 Metric: Additive Latency Intradomain layer Infer intradomain policies using a constraint based approach. Intradomain topology does not cause lot of inflation pointing to well connected topologies. Intradomain policies do not cause lot of inflation, meaning that intradomain traffic engineering is not inconsistent with link latencies. Intradomian Topology of an ISP, Z. Morley Mao, Winter 2005, CS589 Figure taken from N. Spring 71 Z. Morley Mao, Winter 2005, CS589 72 12

Intradomain layer results Characterize Peering Policies Intradomain Topology Inflation mean = 3ms Intradomain Policy Inflation mean = 1ms Z. Morley Mao, Winter 2005, CS589 73 C D source B Downstream E BGP uses MEDs to indicate preferred links. Late exit (Cold potato routing): Use the link indicated (MED) from your neighbor (B ->G->F->H). Early exit (Hot potato routing): Use the link closest to the source (B- >C->D->E->F->H). Z. Morley Mao, Winter 2005, CS589 74 A F G Upstream destination H Small ISP ISP Characterize Traces Characterization results Early exit: If one peering link point is seen from each ingress. Characterize as late if the path length in the downstream ISP from peering point to destination is less than from the early exit to destination. Use this metric to classify traces in three categories: - Late exit, often (late exit for most paths) - Late exit, sometimes (late exit for the minority of the paths) - Engineered, but not late (downstream carries traffic over longer paths) Tier 1 ISPs: Late exit, often (15%) Late exit, sometimes (10%) Early-exit (19%) Single peering point (42%) Engineered but not late (13%) Z. Morley Mao, Winter 2005, CS589 75 Median is 57% meaning that most ISPs use early exit most of the time. Z. Morley Mao, Winter 2005, CS589 76 Peering Policies Inflation Interdomain layer methodology They compare inflation caused by using early exit routing relative to an ideal optimal exit policy. Infer policies using Lixin Gao Heuristics Assume No-valley and Prefer customer routing model. Find inflation caused by shortest AS path routing, no valley and no valley + prefer customer. The top 5% of the paths suffers an inflation of more than 12 ms Z. Morley Mao, Winter 2005, CS589 77 Z. Morley Mao, Winter 2005, CS589 78 13

Interdomain layer Cumulative Results SP: Shortest AS path routing NV: valley free paths PC: Prefer Customers Shortest AS path can be much longer than shortest latency paths. Prefer customer and no-valley policies cause little inflation. Z. Morley Mao, Winter 2005, CS589 79 Z. Morley Mao, Winter 2005, CS589 80 Conclusion Discussion topics Path Inflation is caused by BGP shortest AS path routing and by inefficient peering. It is not clear if policies contribute to path inflation. Propose an informed BGP that carries location of egress links. Shortest AS path routing alternative? Alternative routing models - Game theory - Auction based routing - Multipath routing What can end-user do given restricted routing policies? - Overlay routing Security implications - How robust is internet routing Z. Morley Mao, Winter 2005, CS589 81 Z. Morley Mao, Winter 2005, CS589 82 Some research project suggestions Projects ideas continued Analyze a new attack against routing protocols and devise a defense mechanism - Route flap damping attack Design router primitives to defend against DDoS, Worm, infrastructure attacks - Push back for DDoS How to exploit topology information to launch routing attacks - Variations of link-cutting attacks Attack detection - Exchange of information among ISPs - Signature, behavior based - Routing protocol analyzers (Bro) Intradomain topology design considerations - Route reflector vs. AS confederations or hybrid - Robustness, ease of configuration, security/trust Z. Morley Mao, Winter 2005, CS589 83 Dynamic installation of route filters to protect against DDoS attacks Z. Morley Mao, Winter 2005, CS589 84 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information