Foundations of Inter-Domain Routing Ph.D. Dissertation Defense Vijay Ramachandran Dissertation Director: Joan Feigenbaum Committee Members: Jim Aspnes,

Slides:



Advertisements
Similar presentations
Practical Searches for Stability in iBGP
Advertisements

1 Incentive-Compatible Interdomain Routing Joan Feigenbaum Yale University Vijay Ramachandran Stevens Institute of Technology Michael Schapira The Hebrew.
1 Incentive-Compatible Inter-Domain Routing Joan Feigenbaum Yale University Colloquium at Cornell University; October.
1 Interdomain Traffic Engineering with BGP By Behzad Akbari Spring 2011 These slides are based on the slides of Tim. G. Griffin (AT&T) and Shivkumar (RPI)
Network Layer: Internet-Wide Routing & BGP Dina Katabi & Sam Madden.
© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.
Sept Internet routing seminar (Fall 2000) An analysis of BGP convergence Properties Timothy G. Griffin Gordan Wilfong Presented by Tian Bu.
Does BGP Solve the Shortest Paths Problem? Timothy G. Griffin Joint work with Bruce Shepherd and Gordon Wilfong Bell Laboratories, Lucent Technologies.
Part IV BGP Modeling. 2 BGP Is Not Guaranteed to Converge!  BGP is not guaranteed to converge to a stable routing. Policy inconsistencies can lead to.
Fundamentals of Computer Networks ECE 478/578 Lecture #18: Policy-Based Routing Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
How to Construct a Correct and Scalable iBGP Configuration Mythili Vutukuru Joint work with Paul Valiant, Swastik Kopparty and Hari Balakrishnan.
Towards a Logic for Wide-Area Internet Routing Nick Feamster and Hari Balakrishnan M.I.T. Computer Science and Artificial Intelligence Laboratory Kunal.
Inferring Autonomous System Relationships in the Internet Lixin Gao.
Part II: Inter-domain Routing Policies. March 8, What is routing policy? ISP1 ISP4ISP3 Cust1Cust2 ISP2 traffic Connectivity DOES NOT imply reachability!
STABLE PATH PROBLEM Presented by: Sangeetha A. J. Based on The Stable Path Problem and Interdomain Routing Timothy G. Griffin, Bruce Shepherd, Gordon Wilfong.
30 September 2003Ramachandran: OGST 1 Path-Vector Policy Systems Vijay Ramachandran Official Graduate Student Talk September 30, 2003 Advisor: Joan Feigenbaum.
Design Principles of Policy Languages for Path Vector Protocols Timothy G. Griffin (AT&T Research), Aaron D. Jaggard (Penn), and Vijay Ramachandran (Yale)
An open problem in Internet Routing --- Policy Language Design for BGP Nov 3, 2003 Timothy G. Griffin Intel Research, Cambridge UK
Lecture 14: Inter-domain Routing Stability CS 268 class March 8 th, 2004 (slides from Timothy Griffin’s tutorial and Craig Labovitz’s NANOG talk)
1 Tutorial 5 Safe “Peering Backup” Routing With BGP Based on:
1 Policy Disputes in Path-Vector Protocols A Safe Path-Vector Protocol Zacharopoulos Dimitris
Tutorial 5 Safe Routing With BGP Based on: Internet.
Internet Networking Spring 2004 Tutorial 5 Safe “Peering Backup” Routing With BGP.
Slide -1- February, 2006 Interdomain Routing Gordon Wilfong Distinguished Member of Technical Staff Algorithms Research Department Mathematical and Algorithmic.
Interdomain Routing Establish routes between autonomous systems (ASes). Currently done with the Border Gateway Protocol (BGP). AT&T Qwest Comcast Verizon.
Internet Routing (COS 598A) Today: Interdomain Traffic Engineering Jennifer Rexford Tuesdays/Thursdays.
Inherently Safe Backup Routing with BGP Lixin Gao (U. Mass Amherst) Timothy Griffin (AT&T Research) Jennifer Rexford (AT&T Research)
Economic Incentives in Internet Routing Jennifer Rexford Princeton University
Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research Joint work with Lixin Gao.
Relating Two Formal Models of Path-Vector Routing March 15, 2005: IEEE INFOCOM, Miami, Florida Aaron D. Jaggard Tulane University Vijay.
Computer Networks Layering and Routing Dina Katabi
Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network BGP Attributes and Path Selection Process.
Egress Route Selection for Interdomain Traffic Engineering Design considerations beyond BGP.
CS 3700 Networks and Distributed Systems Inter Domain Routing (It’s all about the Money) Revised 8/20/15.
CS 268: Lecture 9 Inter-domain Routing Protocol Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks BGP.
Chapter 9. Implementing Scalability Features in Your Internetwork.
Border Gateway Protocol (BGP) W.lilakiatsakun. BGP Basics (1) BGP is the protocol which is used to make core routing decisions on the Internet It involves.
How to Construct a Correct and Scalable iBGP Configuration Mythili Vutukuru Joint work with Paul Valiant, Swastik Kopparty and Hari Balakrishnan.
Can the Border Gateway Protocol (BGP) be fixed? UCL Oct 15, 2003 Timothy G. Griffin Intel Research, Cambridge UK
CS 268: Lecture 11 Inter-domain Routing Protocol Karthik Lakshminarayanan UC Berkeley (substituting for Ion Stoica) (*slides from Timothy Griffin and Craig.
Pitch Patarasuk Policy Disputes in Path-Vector Protocol A Safe Path Vector Protocol The Stable Paths Problem and Interdomain routing.
Routing in the Inernet Outcomes: –What are routing protocols used for Intra-ASs Routing in the Internet? –The Working Principle of RIP and OSPF –What is.
1 Agenda for Today’s Lecture The rationale for BGP’s design –What is interdomain routing and why do we need it? –Why does BGP look the way it does? How.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—6-1 Scaling Service Provider Networks Scaling IGP and BGP in Service Provider Networks.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—5-1 Customer-to-Provider Connectivity with BGP Connecting a Multihomed Customer to a Single Service.
Michael Schapira, Princeton University Fall 2010 (TTh 1:30-2:50 in COS 302) COS 561: Advanced Computer Networks
CSci5221: BGP Policies1 Inter-Domain Routing: BGP, Routing Policies, etc. BGP Path Selection and Policy Routing Stable Path Problem and Policy Conflicts.
Doing Don’ts: Modifying BGP Attributes within an Autonomous System Luca Cittadini, Stefano Vissicchio, Giuseppe Di Battista Università degli Studi RomaTre.
1 Internet Routing 11/11/2009. Admin. r Assignment 3 2.
CS 3700 Networks and Distributed Systems
CS 3700 Networks and Distributed Systems
An Analysis of BGP Convergence Properties
Border Gateway Protocol
L. Cittadini, G. Di Battista, M. Rimondini, S. Vissicchio
COS 561: Advanced Computer Networks
BGP supplement Abhigyan Sharma.
Interdomain Traffic Engineering with BGP
Inter-Domain Routing: BGP, Routing Policies, etc.
Metarouting (SIGCOMM 2005) T. G. Griffin and J. L. Sobrinho
COS 561: Advanced Computer Networks
COS 561: Advanced Computer Networks
Inter-domain Routing Protocol
COS 561: Advanced Computer Networks
BGP Policies Jennifer Rexford
COS 461: Computer Networks
COS 561: Advanced Computer Networks
BGP Instability Jennifer Rexford
Presentation transcript:

Foundations of Inter-Domain Routing Ph.D. Dissertation Defense Vijay Ramachandran Dissertation Director: Joan Feigenbaum Committee Members: Jim Aspnes, Paul Hudak, Tim Griffin (University of Cambridge)

V. Ramachandran — Ph.D. Dissertation Defense2 April 20, 2005 Overview This dissertation develops a theoretical framework for the design and analysis of path-vector protocols primarily used for Internet inter-domain routing. The framework can be used to understand the interactions of local routing policies and their effects on protocol behavior. It can also be used to understand the design space of path-vector protocols and inherent trade-offs among desirable protocol properties.

V. Ramachandran — Ph.D. Dissertation Defense3 April 20, 2005 Background: Internet Routing

V. Ramachandran — Ph.D. Dissertation Defense4 April 20, 2005 Apply Policy = filter routes & tweak attributes BGP Route Processing Routing Table Apply Import Policies Best Route Selection Apply Export Policies Install forwarding entries for best routes Receive BGP updates Storage of routes Transmit BGP updates Based on attribute values IP Forwarding Table Apply Policy = filter routes & tweak attributes Open-ended programming: constrained only by vendor configuration language

V. Ramachandran — Ph.D. Dissertation Defense5 April 20, 2005 BGP Route-Selection Procedure  Highest local preference  Shortest AS-path length  For each AS next-hop, lowest MED value  eBGP routes over iBGP routes  Shortest iBGP distance to egress point

V. Ramachandran — Ph.D. Dissertation Defense6 April 20, 2005 Motivation (1) Given certain policy inputs, BGP will oscillate or converge nondeterministically. [ VGE ’ 00, GSW ’ 02, MGWR ’ 02, Cisco ’ 01] These anomalies are difficult for operators to debug because the problems traverse autonomously administered networks. New features are often implemented without testing resulting worst-case scenarios.

V. Ramachandran — Ph.D. Dissertation Defense7 April 20, 2005 Motivation (2) The BGP specification contains no guidance on how to provide “good” routing policies. Policies are unconstrained.  Can policies be constrained to guarantee convergence, and how can those constraints be described?  What is lost, if anything? Formal models allow rigorous analysis and design at different levels of abstraction.

V. Ramachandran — Ph.D. Dissertation Defense8 April 20, 2005 Prefer sending traffic through neighbor 2 Prefer sending traffic through neighbor 1 Protocol-Divergence Example

V. Ramachandran — Ph.D. Dissertation Defense9 April 20, 2005 Related Work: Formally Modeling Policy Semantics [ GSW ’02] introduced the Stable Paths Problem (SPP) as the underlying theoretical problem that BGP is trying to solve. SPP is NP-hard; solvability  convergence. An SPP instance is a graph in which each node represents one AS and has a policy in the form of a linear preference ordering on paths.

V. Ramachandran — Ph.D. Dissertation Defense10 April 20, 2005 SPP Results [ GSW ’ 02 ] DISAGREE (multiple solutions) BAD GADGET (no solution) Dispute Wheel No dispute wheel implies robust convergence.

V. Ramachandran — Ph.D. Dissertation Defense11 April 20, 2005 Related Work: Local and Global Constraints [ GR ’01] showed that Hierarchical BGP (HBGP) is robust.  Neighbors are divided into three classes: customers, providers, and peers.  Preference and scoping rules apply to routes learned from different types of neighbors.  No customer/provider cycles. [ GGR ’01] added an attribute to HBGP to allow safe back-up routing. Local constraint Global constraint

V. Ramachandran — Ph.D. Dissertation Defense12 April 20, 2005 The Design Space of Path-Vector Protocols [ GJR ’03] Robustness: Does the protocol predictably converge, even after node and link failures? Expressiveness: What routing policies are permitted? Autonomy: What degree of independence do operators have in local-policy configuration? Policy Opaqueness: Can local route settings be kept private? Transparency: How directly does the protocol apply local- policy transformations to route data? Global Constraint: What network assumptions are needed?

V. Ramachandran — Ph.D. Dissertation Defense13 April 20, 2005 Three Levels of Abstraction [JR ’05] Path-Vector Algebras [Sob. ’03] A description of the most important criteria involved in determining best routes. Does not include implementation details, e.g., a route advertisement is considered an atomic action. Path-Vector Policy Systems (PVPS) [GJR ’03] A combination of message-passing system (protocol), policy language, and global constraint. The underlying path-vector system models import & export policies, path selection, and route data structures. Instances of the Stable Paths Problem (SPP) [GSW ’02] A routing configuration, indicating the preference order of permitted paths on a given network. Solutions are consistent assignments; unique solutions give predictable convergence to a stable assignment. Sets of Protocols Protocols Networks

V. Ramachandran — Ph.D. Dissertation Defense14 April 20, 2005 Path-Vector Policy Systems [ GJR ’03] ( PV, PL, K ) Policy Language: How can policies be described? PL acts as a local constraint on the expressiveness of policies. Policy Language: How can policies be described? PL acts as a local constraint on the expressiveness of policies. Path-Vector System: The underlying message-exchange system for route information. What is exchanged and how? Path-Vector System: The underlying message-exchange system for route information. What is exchanged and how? Global Constraint: What assumptions about the network must be true to achieve robustness? Global Constraint: What assumptions about the network must be true to achieve robustness? Question: What role do these components play in achieving protocol design goals? Question: What role do these components play in achieving protocol design goals? Formal model of path-vector routing:

V. Ramachandran — Ph.D. Dissertation Defense15 April 20, 2005 Linear Best-Route Selection Model Ignore iBGP and MED-attribute values. Assume that the route-selection procedure, at each node, for each destination:  maps each route to a rank in some totally ordered set based on its attribute values; and  chooses as best the path with minimal rank. Rank is influenced by local policy, but the ranking criteria are the same at each node.

V. Ramachandran — Ph.D. Dissertation Defense16 April 20, 2005 Robustness Condition [ GJR ’03, Sob. ’ 03] Conjecture: No path-vector policy system can exactly capture all robust configurations. Theorem: A protocol in which a path’s rank monotonically increases as it is extended (imported by a neighbor) is robust. This is the broadest-known sufficient condition for robustness, equivalent to dispute-wheel freeness on SPP instances.

V. Ramachandran — Ph.D. Dissertation Defense17 April 20, 2005 Trade-Offs in Implementation [ GJR ’ 03] Theorem. A globally unconstrained PVPS expressive enough to capture all increasing configurations either does not support autonomy of neighbor ranking or is not transparent, or both. Theorem. A transparent, robust PVPS that supports autonomy of neighbor ranking and is at least as expressive as shortest paths must have a non-trivial global constraint.

V. Ramachandran — Ph.D. Dissertation Defense18 April 20, 2005 Algebras and PVPSes (1) [ JR ’05 ] Protocols using length Protocols using local preference Both, primarily length Both, primarily loc. pref. Robust protocols Shortest Paths Shortest Paths with preference tie-breaking Monotone preferences with length tie-breaking Strictly monotone preferences BGP Monotone (or arbitrary) preferences For both, some network instances are convergent

V. Ramachandran — Ph.D. Dissertation Defense19 April 20, 2005 Algebras and PVPSes (2) [ JR ’05 ] The expressiveness of an algebra or PVPS is the set of SPP equivalence classes permitted as legal routing configurations. Given an algebra, we can construct a canonical PVPS that is exactly as expressive. Given a PVPS, we can construct a canonical algebra that describes the same rank criteria.

V. Ramachandran — Ph.D. Dissertation Defense20 April 20, 2005 Class-Based Systems [ JR’ 04 ] The PVPS framework can be used to generalize the HBGP constraints from [ GR’ 01, GGR’ 01]. A class-based PVPS is described by:  A set of classes (types of neighbor assignments, e.g., customer/provider/peer) and consistency relationships  Class relative-preference and scoping rules These systems are transparent and have “some” autonomy of neighbor ranking; they require a nontrivial global constraint.

V. Ramachandran — Ph.D. Dissertation Defense21 April 20, 2005 Relative Preference and Scope Relative Preference: If class i is to be preferred over class j, then node v should prefer routes from node w over those from node x. Relative Preference: If class i is to be preferred over class j, then node v should prefer routes from node w over those from node x. Scope: If class i routes cannot be exported to a class- k neighbor, then node u will only learn about the path uvxQ. Scope: If class i routes cannot be exported to a class- k neighbor, then node u will only learn about the path uvxQ.

V. Ramachandran — Ph.D. Dissertation Defense22 April 20, 2005 Class-Based Robustness [ JR’ 04 ] From the class description alone, we can construct a global constraint involving a check on pairs of class assignments.  Networks obeying this constraint are robust.  Networks violating this constraint allow nodes to write policies that induce routing anomalies. We give two types of enforcement algorithms:  a centralized algorithm that detects a set of nodes whose class assignments permit a policy-induced anomaly; and  a distributed algorithm that detects whether two specific nodes’ class assignments could induce an anomaly.

V. Ramachandran — Ph.D. Dissertation Defense23 April 20, 2005 Nonlinear Route-Selection Model Recent work generalizes the PVPS framework to include protocols that do not assume linear route-selection procedures.  This permits modeling the MED attribute and both iBGP and eBGP sessions.  Because previous convergence constraints depend on a notion of rank, these do not apply in the generalized case. Relies on generalized SPP [ GW ’ 02].

V. Ramachandran — Ph.D. Dissertation Defense24 April 20, 2005 Generalized SPP [ GW ’ 02 ] Recall BGP selection:  lowest MED value from paths to the same AS; then  shortest IGP distance. IGP distances are shown near intra-domain links. MED values are shown in parentheses near inter- domain links. This example oscillates. MED-EVIL (no solution)

V. Ramachandran — Ph.D. Dissertation Defense25 April 20, 2005 Independent Route Ranking MED-EVIL (condensed)

V. Ramachandran — Ph.D. Dissertation Defense26 April 20, 2005 Generalized Path Relations

V. Ramachandran — Ph.D. Dissertation Defense27 April 20, 2005 Generalized Dispute Digraphs Given a GSPP instance, form its generalized dispute digraph:  nodes are paths;  edges correspond to the four relations. Theorem. If a GSPP is not robust, this graph contains a cycle. MED-EVIL Dispute Digraph

V. Ramachandran — Ph.D. Dissertation Defense28 April 20, 2005 Proof Method Given a protocol oscillation, choose a path whose first node is the last oscillating node on the path. Follow the oscillation until the selection changes; this change occurred because of a linear or nonlinear selection. This corresponds to some relation between two paths; repeat with the ‘related’ path. Choose a subpath to find the last oscillating node. Because the oscillation is finite, we must re-visit a path. We have just traced a cycle in the dispute digraph. Cycle in MED-EVIL protocol-selection states.

V. Ramachandran — Ph.D. Dissertation Defense29 April 20, 2005 Protocol-Design Applications Multiple-Path Broadcast  [B + ’02] and [MC ’04] propose changing BGP to broadcast additional routes to avoid MED-induced oscillations.  We can prove the effect of this behavior using our formal model.  Improvement: Detect an IRR violation on-the-fly and request the needed route. “Compare-all-MEDs” and “Set AS-distinct local preferences” [MGWR ’02] can be proven correct.

V. Ramachandran — Ph.D. Dissertation Defense30 April 20, 2005 Summary The PVPS framework allows for a study of path- vector-protocol design—most importantly, a rigorous way to prove:  what balance of local and global constraints are needed for robustness; and  what else is lost when these constraints are implemented. The framework has provided concrete and reasonable guidelines for class-based systems. The framework has been extended to include protocols with IRR-violating selection procedures.

V. Ramachandran — Ph.D. Dissertation Defense31 April 20, 2005 Open Questions Analogous local constraints for the generalized case Real, deployable policy-configuration languages More examples of exact trade-offs between local and global constraints (to date, only class-based systems give this) Full characterization of robust systems?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.