Automating BGP Customer Configuration R: Joel Gottlieb, Albert Greenberg, Jennifer Rexford, and Jia Wang D/O: Jose Berrios, Jay Borkenhagen, Gary Flack,

Slides:



Advertisements
Similar presentations
How to Multi-Home Avi Freedman VP Engineering AboveNet Communications.
Advertisements

Multihoming and Multi-path Routing
Release 5.1, Revision 0 Copyright © 2001, Juniper Networks, Inc. Advanced Juniper Networks Routing Module 9: Static Routes & Routing Table Groups.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 4: Routing Concepts Routing Protocols.
Routing Basics.
Technical Aspects of Peering Session 4. Overview Peering checklist/requirements Peering step by step Peering arrangements and options Exercises.
1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.
© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.
Fundamentals of Computer Networks ECE 478/578 Lecture #18: Policy-Based Routing Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
The Cutting EDGE of Router Configuration D. Caldwell, A. Gilbert, J. Gottlieb, A. Greenberg, G. Hjalmtysson, and J. Rexford AT&T Labs—Research; Florham.
1 Problems and Solutions in Enterprise Network Control: Motivations for a 4D Architecture David A. Maltz Microsoft Research Joint work with Albert Greenberg,
MIRED: Managing IP Routing is Extremely Difficult Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ
Internet Routing (COS 598A) Today: Router Configuration Jennifer Rexford Tuesdays/Thursdays 11:00am-12:20pm.
1 Route Control Platform – IEEE CCW 2004 Route Control Platform Making an AS look and act like a router Aman Shaikh AT&T Labs - Research IEEE CCW 2004.
Internet Routing (COS 598A) Today: Interdomain Traffic Engineering Jennifer Rexford Tuesdays/Thursdays.
Inherently Safe Backup Routing with BGP Lixin Gao (U. Mass Amherst) Timothy Griffin (AT&T Research) Jennifer Rexford (AT&T Research)
The Cutting EDGE of Router Configuration D. Caldwell, A. Gilbert, J. Gottlieb, A. Greenberg, G. Hjalmtysson, and J. Rexford AT&T Labs—Research; Florham.
A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University
Internet Routing (COS 598A) Today: Multi-Homing Jennifer Rexford Tuesdays/Thursdays 11:00am-12:20pm.
Economic Incentives in Internet Routing Jennifer Rexford Princeton University
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
COS 420 Day 17. Agenda Finished Grading Individualized Projects Very large disparity in student grading No two students had same ranking for other students.
1 Interdomain Routing Policy Reading: Sections plus optional reading COS 461: Computer Networks Spring 2008 (MW 1:30-2:50 in COS 105) Jennifer Rexford.
Backbone Networks Jennifer Rexford COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101
Delivery, Forwarding, and Routing
COS 420 Day 13. Agenda Assignment 3 Posted Covers chapters Due March 23 2 Days till Daytona Beach Bike Week Midterm Exam is Due Today Today we will.
Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research Joint work with Lixin Gao.
IP Network Configuration for Traffic Engineering Anja Feldmann Jennifer Rexford AT&T Labs - Research Presented by Zihui Ge 11/21/2000.
ROUTING PROTOCOLS Rizwan Rehman. Static routing  each router manually configured with a list of destinations and the next hop to reach those destinations.
Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.
BGP Policy Control.
1 Semester 2 Module 6 Routing and Routing Protocols YuDa college of business James Chen
Interior Gateway Routing Protocol (IGRP) is a distance vector interior routing protocol (IGP) invented by Cisco. It is used by routers to exchange routing.
1 Structure Preserving Anonymization of Router Configuration Data David A. Maltz, Jibin Zhan, Geoffrey Xie, Hui Zhang Carnegie Mellon University Gisli.
CISCO NETWORKING ACADEMY Chabot College ELEC IP Routing Protocol Highlights.
TCOM 515 Lecture 6.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network BGP Attributes and Path Selection Process.
Routing and Routing Protocols Routing Protocols Overview.
IP is a Network Layer Protocol Physical 1 Network DataLink 1 Transport Application Session Presentation Network Physical 1 DataLink 1 Physical 2 DataLink.
1. 2 Anatomy of an IP Packet IP packets consist of the data from upper layers plus an IP header. The IP header consists of the following:
CCNA 1 Module 10 Routing Fundamentals and Subnets.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks BGP.
1 Pertemuan 26 Integrating Network using Routing Protocol.
© Synergon Informatika Rt., 1999 Chapter 12 Connecting Enterprises to an Internet Service Provider.
Copyright 2012 Kenneth M. Chipps Ph.D. Cisco CCNA Exploration CCNA 2 Routing Protocols and Concepts BGP Last Update
Chapter 11 Configuring Enhanced IGRP. Objectives Upon completion of this chapter, you will be able to perform the following tasks: Describe Enhanced IGRP.
Access-Lists Securing Your Router and Protecting Your Network.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
A Firewall for Routers: Protecting Against Routing Misbehavior1 June 26, A Firewall for Routers: Protecting Against Routing Misbehavior Jia Wang.
R1R1 GD ERER ISP 1 R2R2 R3R3 R4R4 ISP 2 Normal Data Traffic AS100 AS600AS700 AS65535 AS200 Normal Operation: R1 peer to IPS1 with EBGP, and R2 peer to.
CCNA 2 Week 9 Router Troubleshooting. Copyright © 2005 University of Bolton Topics Routing Table Overview Network Testing Troubleshooting Router Issues.
CCNA 2 Week 6 Routing Protocols. Copyright © 2005 University of Bolton Topics Static Routing Dynamic Routing Routing Protocols Overview.
© 2002, Cisco Systems, Inc. All rights reserved. 1 Routing Overview.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts.
1 Routing Design in Operational Networks: A Look from the Inside David A. Maltz, Geoffrey Xie, Jibin Zhan, Hui Zhang Carnegie Mellon University Gisli Hjalmtysson,
Routing and Routing Protocols
© 2002, Cisco Systems, Inc. All rights reserved..
Filtering Spoofed Packets Network Ingress Filtering (BCP 38) What are spoofed or forged packets? Why are they bad? How to keep them out.
+ Routing Concepts 1 st semester Objectives  Describe the primary functions and features of a router.  Explain how routers use information.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—5-1 Customer-to-Provider Connectivity with BGP Connecting a Multihomed Customer to a Single Service.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Using Multihomed BGP Networks.
Routing Algorithms Lecture Static/ Dynamic, Direct/ Indirect, Shortest Path Routing, Flooding, Distance Vector Routing, Link State Routing, Hierarchical.
 Router Configurations part2 2 nd semester
Cisco Routers Routers collectively provide the main feature of the network layer—the capability to forward packets end-to-end through a network. routers.
Border Gateway Protocol
Network Router Configuration: From Data Mining to Policy Management
Chapter 4: Routing Concepts
Module Summary BGP is a path-vector routing protocol that allows routing policy decisions at the AS level to be enforced. BGP is a policy-based routing.
BGP Overview BGP concepts and operation.
Presentation transcript:

Automating BGP Customer Configuration R: Joel Gottlieb, Albert Greenberg, Jennifer Rexford, and Jia Wang D/O: Jose Berrios, Jay Borkenhagen, Gary Flack, Brian Freeman, Rich Kwapniewski, Han Nguyen, and Janet Peng PM: Herani Brotman and Rose Klimovich

Outline Introduction –What is the Border Gateway Protocol? –Which CBB customers use BGP, and why? –How does CBB configure the customers today? ENCORE project –Configuration template with Cisco commands –Analysis of existing customer configuration –Prototype “configlet” generation from database Conclusion –Project timeline and status –Ongoing work and future directions

Many Customers Have Static Routing provider customer Nail up default routes /0 pointing to provider Nail up routes /23 pointing to customer /23

Border Gateway Protocol (BGP) Interdomain routes between Autonomous Systems ASes announce the destinations they can reach Local policies for path selection (which to use?) Local policies for route propagation (who to tell?) “I can reach /23” “I can reach /23 via network 1”

Multi-Homed Customer Speaking BGP Motivations for using BGP –Load balancing and fault tolerance –Send updates to influence how traffic enters –Apply routing policy to select outbound paths Provider A Provider B Customer Provider Customer

BGP Customers are Very Important Who are they? –Large, savvy customers with multiple providers –Retailers, enterprises, & carriers with big pipes –E.g., Amazon, Wal-Mart, Kodak, Prudential, Marriott, Merck, Charter Communications, etc. How many are there? –Around 3600 BGP sessions –Around 4600 access links How do we provision them? –Treated as “special case” & configured manually –Sometimes seen as too complicated to automate

Manual Router Configuration is Costly Slow and expensive –Extra delays in provisioning new customers –Folks living in MT during the Redwood migration –Hiring skilled engineers, and training on CBB policies –Problematic to select other vendors (e.g., Juniper) Error-prone –Fidelity cut off while provisioning a new customer –Vulnerability to DoS due to missing packet/route filters –Errors manifest themselves as costly SLA violations Inflexible –Hard to handle complexity of new features and services –Hard to change the business and configuration rules –Hard to let customers change their own configuration

Automation is Challenging Extremely difficult to outsource –Customer data: sensitive, internal information –Configuration rules: embody AT&T’s proprietary design and engineering of the network Requires an end-to-end perspective –Data: familiarity with TQ and with BIDS database –Policies: understanding of the CBB policies –Configuration: knowledge of router configuration Bootstrapping –Data for existing BGP customers not fully in database –Manually-configured policies don’t fully match template, causing chicken-or-the-egg problem for automation

ENCORE: End-to-End Approach Complete automation of provisioning of BGP customers From TQ, to database, network rules, and the router BIDS interface Serial10/1/0/12:0 description CBB Customer ip address ip access-group 666 in ! router bgp 7018 neighbor remote-as neighbor route-map CUST-FACE in neighbor route-map FULL-ROUTES out neighbor distribute-list 13 in neighbor soft-reconfiguration-inbound ! What is your AS number? What export policy do you want? Do you want a dynamic default? What are your address blocks? Do you need to receive communities? query template RULESRULES configlet Technical Questionnaire (TQ) interface description ip address ip access-group in ! router bgp 7018 neighbor remote-as neighbor route-map CUST-FACE in neighbor route-map out neighbor distribute-list in neighbor soft-reconfiguration-inbound [neighbor send-community] ! router

Abstract and Codify Documented the CBB rules –Explained the reasons for the commands –Explicit pseudocode for the “configuration rules” –Rules vetted by the key people in Tier-3 & Tier-2 – Created CBB-Specific IOS template –Access links with name, address, bandwidth, etc. –BGP session with remote-AS, IP address, etc. –Static routes associating access links with session –Packet filters, route filters, and routing policies

An Example Configlet hostname abyny31c3 ! interface Serial10/1/0/12:0 description CBB Customer ip address ip access-group 666 in ! router bgp 7018 neighbor remote-as neighbor route-map CUST-FACE in neighbor route-map FULL-ROUTES out neighbor distribute-list 13 in neighbor soft-reconfiguration-inbound ! access-list 666 permit access-list 666 permit access-list 13 permit ip host host

Analyze and Fix Analyze: validated the template –Netdb extraction of existing customer configuration –Comparison with our proposed Cisco IOS template –Matching more than 99% of the customer BGP sessions –Numbers continue to improve as configuration is fixed Fixed: identified mismatches with the template –Small number of dangling customer BGP sessions –Small number of missing packet/route filters –Other minor violations of the CBB network rules –Tier-2 fixed (and fixing) the config of these customers –Must keep fixing problems as they arise, … or automate!

Identifying CBB Customers Private peers –Inbound route-map that tags routes with 0:5000 –E.g., Sprint, UUNet, Cable & Wireless, … Siblings –AT&T-owned ASes in a hand-constructed list –Cerfnet, AGNS, AT&T Canada, … Internal ASes –Internal networks with private AS numbers –Network management, Dial Platform access routers, … Special external ASes –Hand-constructed list of ASes –Public route servers, multicast networks, etc. Customers: Everything else! –More than 3600 sessions and 4600 access links

Classifying Customers (April 15, 2002) Single-session customers –One BGP session with the CBB at one AR –1195 ASes, 1195 BGP sessions, and 1452 interfaces Multi-session customers –Two or more BGP sessions with the CBB –339 ASes, 1077 BGP sessions, and 1374 interfaces Dedicated-AS sessions –Customers using AS 2386 for their BGP sessions –1 AS, 1422 BGP sessions, and 1774 interfaces “Swamp” customers –Sessions that we cannot associate with interfaces –8 sessions (some in provisioning or decommissioning)

Mandatory Commands Nearly every (non-swamp) session is complete –Each interface has address, match, and packet filters –Each session has remote-as, distribute-list, and inbound and outbound route-maps Small number of exceptions (17 sessions) –10 sessions with interface missing a packet filter –5 sessions with static route to non-existent interface –1 session missing an outbound route-map –1 session with interface missing address/mask Route-maps –Vast majority of customers use standard route-maps –Less than 1% have unusual policy (tailored to customer)

Prototype Identified additions to TQ and database –Variables and features specific to BGP configuration –Identified customer vs. CBB-selected fields –Proposed layout of new tables in the database Generated BGP configlets –X-BIDS database populated from Netdb data –Query to extract data needed for BGP configuration –Checked that all of the necessary data are present –Populated the templates to generate the configlet –Displayed configlets on the ENCORE Web site

ENCORE Timeline: Rapid Prototyping Analyze existing BGP customersSmall set of cases plus the dangling sessions (Web site) Fix the configuration mistakesFix danglers and mismatches with the template/rules (Tier-2) Create provisioning templatesCisco IOS config template, XML representation of customer data Document the CBB policiesVetted by key players; presented in a technical report and tutorial Identify new data for BIDSX-BIDS, virtual view, DBI interface Identify new questions for TQX-TQ questions Build proof-of-concept prototypeENCORE prototype Phase into production systemsProposed “routing database” Cut-over to operationsConcept of Zero You are here

Ongoing/Future Work Routing database effort (BIDS extensions) –Team from BIDS, Tier-2, Tier-3, and Research –Identifying the necessary extensions to BIDS –Identifying “use cases” to test the data models Expanding the configuration template –All BGP sessions, including peers of the CBB –All routing technologies, including static routes –Base configuration, including BGP routing policies Data modeling –Making configuration changes through virtual view –Configuration changes/deletions for existing customers –Supporting other router vendors, such as Juniper

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.