Network Diagnostic and Discovery with Traceroute Prepared and presented by PhD candidate,Yihua He.

Slides:

Advertisements

Similar presentations

Routing Basics.

Advertisements

1 IP Forwarding Relates to Lab 3. Covers the principles of end-to-end datagram delivery in IP networks.

Path Vector Routing NETE0514 Presented by Dr.Apichan Kanjanavapastit.

CSCI 4550/8556 Computer Networks Comer, Chapter 23: An Error Reporting Mechanism (ICMP)

© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.

Border Gateway Protocol Autonomous Systems and Interdomain Routing (Exterior Gateway Protocol EGP)

Measuring the Internet: Featuring Traceroute Based on slides by Yihua He (PhD UCR 2007) Yihua He (PhD UCR 2007)

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.

Internet Control Message Protocol (ICMP)

CPSC 441 Tutorial - Network Tools 1 Network Tools CPSC 441 – Computer Communications Tutorial.

1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.

Analysis of BGP Routing Tables

MIRED: Managing IP Routing is Extremely Difficult Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ

Measuring the Autonomous System Path Through the Internet Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ

Measurement in the Internet. Outline Internet topology Bandwidth estimation Tomography Workload characterization Routing dynamics.

Internet Routing (COS 598A) Today: Root-Cause Analysis Jennifer Rexford Tuesdays/Thursdays 11:00am-12:20pm.

Routing Jennifer Rexford Advanced Computer Networks Tuesdays/Thursdays 1:30pm-2:50pm.

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

Measuring the Autonomous System Path Through the Internet Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ

COS 461: Computer Networks Spring 2008 (MW 1:30-2:50 in COS 105) Mike Freedman IP Packet Switching.

Internet Routing (COS 598A) Today: Intradomain Topology Jennifer Rexford Tuesdays/Thursdays 11:00am-12:20pm.

1 Internet Topology COS 461: Computer Networks Spring 2006 (MW 1:30-2:50 in Friend 109) Jennifer Rexford Teaching Assistant: Mike Wawrzoniak

Border Gateway Protocol (BGP4) Rizwan Rehman, CCS, DU.

1 ICMP – Using Ping and Trace CCNA Semester

Computer Networks Layering and Routing Dina Katabi

INTERNET TOPOLOGY MAPPING INTERNET MAPPING PROBING OVERHEAD MINIMIZATION  Intra- and inter-monitor redundancy reduction IBRAHIM ETHEM COSKUN University.

CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College

Internet Control Message Protocol ICMP. ICMP has two major purposes: –To report erroneous conditions –To diagnose network problems ICMP has two major.

Network Administration

Problem Statement Map of OSU Routers Gopi Krishna Tummala Rupam Kundu Graduate Students The Ohio State University.

Chapter 22 Network Layer: Delivery, Forwarding, and Routing

Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Internet Control Message Protocol (ICMP) Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.

Network Tools TCP/IP interface configuration query - MAC (HW) address and IP address – Linux - /sbin/ifconfig – MS Windows – ipconfig/all 1.

Internet Control Message Protocol (ICMP). Objective l IP and ICMP l Why need ICMP? l ICMP Message Format l ICMP fields l Examples: »Ping »Traceroute.

Part III: Measuring Inter- domain Paths. March 8, Packet forwarding path Internet Source Destination IP traffic Forwarding path - the path packets.

Objectives: Chapter 5: Network/Internet Layer  How Networks are connected Network/Internet Layer Routed Protocols Routing Protocols Autonomous Systems.

POSTECH DP&NM Lab. Internet Traffic Monitoring and Analysis: Methods and Applications (1) 4. Active Monitoring Techniques.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 9 Basic Router Troubleshooting.

Advanced Networking Lab. Given two IP addresses, the estimation algorithm for the path and latency between them is as follows: Step 1: Map IP addresses.

Chapter 9 Routing. Contents Definition Differences from switching Autonomous systems Routing tables Viewing routes Routing protocols Route aggregation.

Guide to TCP/IP, Second Edition1 Guide To TCP/IP, Second Edition Chapter 4 Internet Control Message Protocol (ICMP)

PC1 LAN GW SP RTR1 SP RTR2 DST 4 * 25 ms 21 ms dst [ ] 4. A third packet is sent with TTL=3, which decrements at each hop, and expires after RTR2,

David Wetherall Professor of Computer Science & Engineering Introduction to Computer Networks Hierarchical Routing (§5.2.6)

1 Internet Control Message Protocol (ICMP) Used to send error and control messages. It is a necessary part of the TCP/IP suite. It is above the IP module.

Towards an Accurate AS-level Traceroute Tool Z. Morley Mao*, Jennifer Rexford , Jia Wang , Randy Katz* *University of California at Berkeley  AT&T Labs--Research.

More on Internet Routing A large portion of this lecture material comes from BGP tutorial given by Philip Smith from Cisco (ftp://ftp- eng.cisco.com/pfs/seminars/APRICOT2004.

Internet Protocols. Address Resolution IP Addresses are not recognized by hardware. If we know the IP address of a host, how do we find out the hardware.

T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429/556 Introduction to Computer Networks Inter-domain routing Some slides used with.

Error and Control An IP datagram travels from node to node on the way to its destination Each router operates autonomously Failures or problems may occur.

1 An Error Reporting Mechanism (ICMP). 2 IP Semantics IP is best-effort Datagrams can be –Lost –Delayed –Duplicated –Delivered out of order –Corrupted.

1 Chapter 23 Internetworking Part 3 (Control Messages, Error Handling, ICMP)

CS 4396 Computer Networks Lab BGP. Inter-AS routing in the Internet: (BGP)

Internet Protocols. ICMP ICMP – Internet Control Message Protocol Each ICMP message is encapsulated in an IP packet – Treated like any other datagram,

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Using Multihomed BGP Networks.

A Measurement Study on the Impact of Routing Events on End-to-End Internet Path Performance Feng Wang 1, Zhuoqing Morley Mao 2 Jia Wang 3, Lixin Gao 1,

Routing Protocols COSC 541 Data Commun. System & Networks Yue Dou.

BGP security some slides borrowed from Jen Rexford (Princeton U)

ROUTING ON THE INTERNET COSC Jun-16. Routing Protocols  routers receive and forward packets  make decisions based on knowledge of topology.

Introduction to OSPF Campus Networking Workshop These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license.

1 Chapter 23 Internetworking Part 3 (Control Messages, Error Handling, ICMP)

Border Gateway Protocol

Traceroute traceroute is a Unix utility designed by Van Jacobson in 1987 The Windows equivalent is called tracert The Linux equivalent is called tracepath.

Border Gateway Protocol

COMPUTER NETWORKS CS610 Lecture-33 Hammad Khalid Khan.

CS4470 Computer Networking Protocols

BGP supplement Abhigyan Sharma.

IP Forwarding Relates to Lab 3.

BGP Instability Jennifer Rexford

Presentation transcript:

Network Diagnostic and Discovery with Traceroute Prepared and presented by PhD candidate,Yihua He

Roadmap Identifying the AS PATH Identifying the AS PATH Which AS a packet goes throughWhich AS a packet goes through Review of how traceroute works Review of how traceroute works Possible ways to do IP->AS Possible ways to do IP->AS Hands-on experience with BGP tables Hands-on experience with BGP tables What can traceroute tell us besides reachability? What can traceroute tell us besides reachability? Internet routes are not symmetric Internet routes are not symmetric

AS A AS B AS C AS D Autonomous System (AS) Autonomous System Forwarding Path Example: Pinpoint forwarding loop & responsible AS IP traffic Internet source destination

Border Gateway Protocol (BGP) BGP path may differ from forwarding AS path Routing loops and deflectionsRouting loops and deflections Route aggregation and filteringRoute aggregation and filtering BGP misconfigurationBGP misconfiguration AS A AS B AS C prefix d Signaling path: control traffic d: path=[C] Forwarding path: data traffic d: path=[BC] Origin AS d: path=[B C] d: path=[A B C]

Traceroute: Measuring the Forwarding Path Time-To-Live field in IP packet header Time-To-Live field in IP packet header Source sends a packet with a TTL of nSource sends a packet with a TTL of n Each router along the path decrements the TTLEach router along the path decrements the TTL “TTL exceeded” sent when TTL reaches 0“TTL exceeded” sent when TTL reaches 0 Traceroute tool exploits this TTL behavior Traceroute tool exploits this TTL behavior source destination TTL=1 Time exceeded TTL=2 Send packets with TTL=1, 2, 3, … and record source of “time exceeded” message

Traceroute gives IP-level forwarding path * * Traceroute output: (hop number, IP address, DNS name) Traceroute from Berkeley to ( ) inr-daedalus-0.CS.Berkeley.EDU soda-cr-1-1-soda-br-6-2 vlan242.inr-202-doecev.Berkeley.EDU gigE6-0-0.inr-666-doecev.Berkeley.EDU qsv-juniper--ucb-gw.calren2.net POS1-0.hsipaccess1.SanJose1.Level3.net ? pos8-0.hsa2.Atlanta2.Level3.net pop2-atm-P0-2.atdn.net ? pop1-atl-P4-0.atdn.net www4.cnn.com

Map Traceroute Hops to ASes * * Traceroute output: (hop number, IP) AS25 AS11423 AS3356 AS1668 AS5662 Berkeley CNN Calren Level3 AOL Need accurate IP-to-AS mappings (for network equipment).

Possible Ways to Get IP-to-AS Mapping(1) DNS names: DNS names: Inaccurate, and in a lot of times, Wrong!Inaccurate, and in a lot of times, Wrong! Anyone, with $5/year, can register a and point it to any IP address! Anyone, with $5/year, can register a and point it to any IP address! Some of the IPs do not have any DNS name.Some of the IPs do not have any DNS name. Routing address registry (WHOIS) Routing address registry (WHOIS) That’s what you did in Lab1That’s what you did in Lab1 More accurate. However…More accurate. However… Voluntary public registry such as whois.radb.netVoluntary public registry such as whois.radb.net Prone to human input errorsProne to human input errors Incomplete and maybe out-of-dateIncomplete and maybe out-of-date Mergers, acquisitions, delegation to customers Mergers, acquisitions, delegation to customers

Possible Ways to Get IP-to-AS Mapping (2) Origin AS in BGP paths Origin AS in BGP paths Prefix= /24, ASpath=[ ]Prefix= /24, ASpath=[ ] Public BGP routing tables such as RouteViewsPublic BGP routing tables such as RouteViewsRouteViews Almost real time and avoiding most human input errorsAlmost real time and avoiding most human input errors It’s approximately 98% accurate,It’s approximately 98% accurate, Multiple Origin ASes (MOAS) Multiple Origin ASes (MOAS) due to merge in a lot of casesdue to merge in a lot of cases E.g., around , /16 had two ASes announced its address block: AS5677 and AS7132. That was PacBell and SBCE.g., around , /16 had two ASes announced its address block: AS5677 and AS7132. That was PacBell and SBC Now AS5677 does not exist anymoreNow AS5677 does not exist anymore No mapping No mapping Some ASes intentionally do not want to advertise the route/IPsSome ASes intentionally do not want to advertise the route/IPs Incomplete viewIncomplete view

Hands-on Experience with BGP Routing Tables Telnet://route-views.routeviews.org Telnet://route-views.routeviews.org Telnet://route-views.routeviews.org Show ip bgp summaryShow ip bgp summary Whose BGP feeds do the router take? Whose BGP feeds do the router take? Show ip bgpShow ip bgp Prefix Prefix Origin AS Origin AS AS Path AS Path Collected at Collected at Other BGP table collections are: Other BGP table collections are:

What can traceroute tell us? Where are those routers? Where are those routers? from DNSfrom DNS City name City name Airport name Airport name From roundtrip timeFrom roundtrip time Light travels approximately 2*10^8 meters/sec in fiber cables Light travels approximately 2*10^8 meters/sec in fiber cables When non-congested, the major delay is propagation delay When non-congested, the major delay is propagation delay If you see a host with roundtrip time of 10ms, you know it must be within 600 miles radius. If you see a host with roundtrip time of 10ms, you know it must be within 600 miles radius. Theoretically, with multiple vantage point, you can pinpoint where the routers are. Theoretically, with multiple vantage point, you can pinpoint where the routers are.

Internet routes are not symmetric! Try traceroute from both ends Try traceroute from both ends And we’ll find most routes are not symmetric! And we’ll find most routes are not symmetric! Why? Why? Hot potato routing --- try to use other guys’ network as much as possibleHot potato routing --- try to use other guys’ network as much as possible Policy routing --- when multihomedPolicy routing --- when multihomed

Traceroute from other places Remote traceroute serversRemote traceroute servers Hundreds of themHundreds of them Limited probe rateLimited probe rate Not always availableNot always available skitter/ skitter/ skitter/ skitter/ Dedicated remote traceroute monitorsDedicated remote traceroute monitors Almost unlimited probe rateAlmost unlimited probe rate Only a couple of dozens of themOnly a couple of dozens of them

Any questions?