Identifying problematic inter-domain routing issues

Slides:

Advertisements

Similar presentations

Routing System Stability draft-dimitri-grow-rss-01.txt IETF71 - Philadelphia.

Advertisements

Understanding the Impact of Route Reflection in Internal BGP Ph.D. Final Defense presented by Jong Han (Jonathan) Park July 15 th,

CCNP Network Route BGP Part -I BGP : Border Gateway Protocol. It is a distance vector protocol It is an External Gateway Protocol and basically used for.

Comparing IPv4 and IPv6 from the perspective of BGP dynamic activity Geoff Huston APNIC February 2012.

BGP route propagation between neighboring domains Renata Teixeira Laboratoire LIP6 – CNRS University Pierre et Marie Curie – Paris 6 with Steve Uhlig (Delft.

Part IV: BGP Routing Instability. March 8, BGP routing updates  Route updates at prefix level  No activity in “steady state”  Routing messages.

Network Layer: Internet-Wide Routing & BGP Dina Katabi & Sam Madden.

1 Experimental Study of Internet Stability and Wide-Area Backbone Failure Craig Labovitz, Abha Ahuja Merit Network, Inc Presented by Changchun Zou.

Internet Routing Instability

1 BGP Anomaly Detection in an ISP Jian Wu (U. Michigan) Z. Morley Mao (U. Michigan) Jennifer Rexford (Princeton) Jia Wang (AT&T Labs)

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

Quantitative Analysis of BGP Route Leaks Benjamin Wijchers Benno Overeinder.

1 Measurement of Highly Active Prefixes in BGP Ricardo V. Oliveira, Rafit Izhak-Ratzin, Beichuan Zhang, Lixia Zhang GLOBECOM’05.

BGP update profiles and the implications for secure BGP update validation processing Geoff Huston Swinburne University of Technology PAM April 2007.

BGP in 2009 Geoff Huston APNIC May Conventional BGP Wisdom IAB Workshop on Inter-Domain routing in October 2006 – RFC 4984: “routing scalability.

1 Finding a Needle in a Haystack: Pinpointing Significant BGP Routing Changes in an IP Network Jian Wu (University of Michigan) Z. Morley Mao (University.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.

Analysis of BGP Routing Tables

BGP: Inter-Domain Routing Protocol Noah Treuhaft U.C. Berkeley.

More on BGP Check out the links on politics: ICANN and net neutrality To read for next time Path selection big example Scaling of BGP.

Protecting the BGP Routes to Top Level DNS Servers NANOG-25, June 11, 2002 UCLA Lan Wang Dan Pei Lixia Zhang USC/ISI Xiaoliang Zhao Dan Massey Allison.

March 22, 2002 Simple Protocols, Complex Behavior (Simple Components, Complex Systems) Lixia Zhang UCLA Computer Science Department.

Root cause analysis of BGP routing dynamics Matt Caesar, Lakshmi Subramanian, Randy H. Katz.

Feb 12, 2008CS573: Network Protocols and Standards1 Border Gateway Protocol (BGP) Network Protocols and Standards Winter

Authors Renata Teixeira, Aman Shaikh and Jennifer Rexford(AT&T), Tim Griffin(Intel) Presenter : Farrukh Shahzad.

Introduction to BGP.

Feldmann Ne X tworking’03 June 23-25,2003, Chania, Crete, Greece The First COST-IST(EU)-NSF(USA) Workshop on EXCHANGES & TRENDS IN N ETWORKING 1 Networking:

CS 3830 Day 29 Introduction 1-1. Announcements r Quiz 4 this Friday r Signup to demo prog4 (all group members must be present) r Written homework on chapter.

Border Gateway Protocol Presented BY Jay Purohit & Rupal Jaiswal GROUP 9.

Inter-Domain Routing Trends Geoff Huston APNIC March 2007.

APAN 2000 Conference1 Internet Backbone Routing Masaki Hirabaru ISIT, Japan / Merit Network, US.

BGP topics to be discussed in the next few weeks: –Excessive route update –Routing instability –BGP policy issues –BGP route slow convergence problem –Interaction.

A Measurement Study on the Impact of Routing Events on End-to-End Internet Path Performance Feng Wang 1, Zhuoqing Morley Mao 2 Jia Wang 3, Lixin Gao 1,

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429/556 Introduction to Computer Networks Inter-domain routing Some slides used with.

Network Layer4-1 Intra-AS Routing r Also known as Interior Gateway Protocols (IGP) r Most common Intra-AS routing protocols: m RIP: Routing Information.

April 4th, 2002George Wai Wong1 Deriving IP Traffic Demands for an ISP Backbone Network Prepared for EECE565 – Data Communications.

1 Quantifying Path Exploration in the Internet Ricardo Oliveira, Rafit Izhak-Ratzin, Lixia Zhang, UCLA Beichuan Zhang, UArizona Dan Pei, AT&T Labs -- Research.

1 A Framework for Measuring and Predicting the Impact of Routing Changes Ying Zhang Z. Morley Mao Jia Wang.

Low-Rate TCP-Targeted DoS Attack Disrupts Internet Routing Ying Zhang Z. Morley Mao Jia Wang Presented in NDSS07 Prepared by : Hale Ismet.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—6-1 Scaling Service Provider Networks Scaling IGP and BGP in Service Provider Networks.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 BGP Overview Monitoring and Troubleshooting BGP.

Inter-domain Routing Outline Border Gateway Protocol.

1 Investigating occurrence of duplicate updates in BGP announcements Jong Han Park 1, Dan Jen 1, Mohit Lad 2, Shane Amante 3, Danny McPherson 4, Lixia.

Border Gateway Protocol BGP-4 BGP environment How BGP works BGP information BGP administration.

Border Gateway Protocol. Intra-AS v.s. Inter-AS Intra-AS Inter-AS.

Dynamic routing Routing Algorithm (Dijkstra / Bellman-Ford) – idealization All routers are identical Network is flat. Not true in Practice Hierarchical.

The BGP Visibility Scanner

More Specific Announcements in BGP

Jian Wu (University of Michigan)

Dynamic routing Routing Algorithm (Dijkstra / Bellman-Ford) – idealization All routers are identical Network is flat. Not true in Practice Hierarchical.

Goals of soBGP Verify the origin of advertisements

Measuring BGP Geoff Huston.

COMP 3270 Computer Networks

Net 323 D: Networks Protocols

Dynamic routing Routing Algorithm (Dijkstra / Bellman-Ford) – idealization All routers are identical Network is flat. Not true in Practice Hierarchical.

Lixin Gao ECE Dept. UMASS, Amherst

Net 323 D: Networks Protocols

Dynamic Routing Protocols

More Specific Announcements in BGP

Routing Protocols (RIP, OSPF, BGP).

Routers Routing algorithms

The real-time Internet routing observatory

Dynamic Routing Protocols

An Analysis of BGP Multiple Origin AS (MOAS) Conflicts

COMP/ELEC 429/556 Introduction to Computer Networks

2005 – A BGP Year in Review February 2006 Geoff Huston

Visualization of Temporal Difference of BGP Routing Information

Dynamic routing Routing Algorithm (Dijkstra / Bellman-Ford) – idealization All routers are identical Network is flat. Not true in Practice Hierarchical.

Presentation transcript:

Identifying problematic inter-domain routing issues Olaf Maennel, Anja Feldmann Saarland University, Saarbücken, Germany

Motivation BGP scalability?!! BGP convergence times??? A lot of open questions, that need understanding! What happens really in the Internet?

TOOL: “Character” Data munching automatic processing of raw data providing an intermediate level Characterizing BGP updates identification of update events

your function (or "Check" functions) TOOL: “Character” your function (or "Check" functions) results FileFinder - Package RAW-DATA

route change events Identification of routing updates type of changes, flapping, session resets, … Processing of updates in the context of related (same prefix) surrounding (near in time) How “character” works Input: table dump1 – all updates – table dump2

Output: route_btoa All updates like Merit’s "route_btoa –m" Timestamp Updated Prefix 1011363829|A|195.66.224.112|3549| 80.96.15.0/24|3549 3300 702 8708| 1011387198|W|195.66.224.112|3549| 80.96.15.0/24| | 1011387339|A|195.66.224.112|3549| 80.96.15.0/24|3549 701 702 8708| 1011387369|A|195.66.224.112|3549| 80.96.15.0/24|3549 3300 702 8708| 1010976980|W|195.66.224.112|3549|80.96.150.0/24| | 1010977007|A|195.66.224.112|3549|80.96.150.0/24|3549 209 1755 15471| AS Path All updates like Merit’s "route_btoa –m"

Example data sets RIPE’s RRC00: Jan 14, 2002 01:00 – Jan 20, 2002 01:10

Output: route_btoa Classification of each update is appended: Timestamp Updated Prefix 1011363829|A|195.66.224.112|3549| 80.96.15.0/24|3549 3300 702 8708| 1011387198|W|195.66.224.112|3549| 80.96.15.0/24| | 1011387339|A|195.66.224.112|3549| 80.96.15.0/24|3549 701 702 8708| 1011387369|A|195.66.224.112|3549| 80.96.15.0/24|3549 3300 702 8708| 1010976980|W|195.66.224.112|3549|80.96.150.0/24| | 1010977007|A|195.66.224.112|3549|80.96.150.0/24|3549 209 1755 15471| AS Path Classification of each update is appended:

Output: What has changed? #update change to last update |:|24.|199 |AA-DIFF|ASPath-way Community|3549|3320->3300|8708|origin | |:|25.|23369|AW-DIFF| | | | | | |:|26.|141 |WA-DIFF|ASPath-way Community|3549|3300->701 |702 |transit| |:|27.|30 |AA-DIFF|ASPath-way Community|3549|701->3300 |702 |transit| |:|1. |-1 |AW-DIFF| | | | | | |:|2. |27 |WA-DIFF|ASPath-way Community|3549|3300->209 |1755|transit| time since last update What has changed?

Type of changes

Output: AS Path changes last ‘stable’ AS |:|24.|199 |AA-DIFF|ASPath-way Community|3549|3320->3300|8708|origin | |:|25.|23369|AW-DIFF| | | | | | |:|26.|141 |WA-DIFF|ASPath-way Community|3549|3300->701 |702 |transit| |:|27.|30 |AA-DIFF|ASPath-way Community|3549|701->3300 |702 |transit| |:|1. |-1 |AW-DIFF| | | | | | |:|2. |27 |WA-DIFF|ASPath-way Community|3549|3300->209 |1755|transit| from where to where? rejoining AS

percentage of prefixes still reachable Output: Old AS Path AS on the “old” Path 3549__95%_ 3320__47%_ 5483_*15%* 8708__78%_| 2 |0. |22.|#8|flapping| 3549__95%_ 3300__65%_ 702__61%_ 8708_**3%*| 5 |3. |20.|#6| | 3549__95%_ 3300__65%_ 702__63%_ 8708__36%_| 5 |21.|21.|#1| | 3549__95%_ 701__66%_ 702__64%_ 8708__53%_| 3 |0. |24.|#9| | 3549__96%_ 3300__67%_ 1755__54%_ 15471_*21%*| * |* |* |* | | 3549__96%_ 3300__67%_ 1755__54%_ 15471__33%_| * |* |* |* | | percentage of prefixes still reachable

Sets of updates for a prefix with same attributes new change 1. duplicate 2. flapping 3. reconvergence 4. n-way change >4

Output: “n-way flapping” distance to last equal update reconvergence | 2 |0. |22.|#8|flapping|208326|85% |<- | | (8708)__72%_ 5483 | 5 |3. |20.|#6| | |8% |-1 | | (8708)__79%_ 702 | 5 |21.|21.|#1| | |8% |-2 | | (8708)__78%_ 702 | 3 |0. |24.|#9| | |8% |flap-3|23540| (8708)__78%_ 702 | * |* |* |* | | |100%| | |(15471)**95%* 1755 percentage of other prefixes by the originating AS identified as flapping first and last occurrence in update series flapping time to last flap

Categorization of changes

Probability distribution of distance between flaps

Time between equal updates

Session resets peering connection breakdown - a whole table must be exchanged Update storms are propagated through the internet… How big is the problem?

Output: possible session resets AS number (8708)__72%_ 5483**66%* 3320**28%* 3549___0%_| 2 |3320 5483| | (8708)__79%_ 702___5%_ 3300___3%_ 3549___0%_| | | | (8708)__78%_ 702___5%_ 3300___3%_ 3549___0%_| | |peak| (8708)__78%_ 702___5%_ 701___1%_ 3549___0%_| | |peak| (15471)**95%* 1755___0%_ 3549___0%_ 3300___0%_| 1 |15471 | | Percentage of updated vs. all associated prefixes with an AS.

Identification of session resets All prefixes updated

Output: possible session resets number of ASs involved (8708)__72%_ 5483**66%* 3320**28%* 3549___0%_| 2 |3320 5483| | (8708)__79%_ 702___5%_ 3300___3%_ 3549___0%_| | | | (8708)__78%_ 702___5%_ 3300___3%_ 3549___0%_| | |peak| (8708)__78%_ 702___5%_ 701___1%_ 3549___0%_| | |peak| (15471)**95%* 1755___0%_ 3549___0%_ 3300___0%_| 1 |15471 | | ASs involved

Updates due to session resets

Duration of session resets

Output: Classification further changes? |2|3320 5483| | 7.0|instable |... | | | | 5.9|instable |... | | |peak|16.2|instable |... | | |peak|16.2|re-stable change|... |1|15471 | | 1.3|instable |... |1|15471 | | 1.4|instable |... further suggestions?! peak identification update rate per second

Update burst Like packet flows Bursts consists of several updates same prefix short time window

Burst duration

Updates in burst

Output Character Classification of updates Statistical information Missing updates / verification

Ongoing work RTG – a realistic Routing Table (and update) Generator generation of tables and updates with ‘real-world’ characteristics Use RTG to benchmark router performance

If you are interested, please visit our website: Conclusion If you are interested, please visit our website: http://www.net.uni-sb.de/~olafm Thank you !