Mathematics for Networks Workshop QMUL March Timothy G. Griffin Matthew Roughan Computer Laboratory School of Mathematical Sciences University of Cambridge University of Adelaide, Australia A Challenge: Modeling the Dynamics of the Inter-domain Routing in the Internet
Architecture of Dynamic Routing AS 1 AS 2 EGP (= BGP) EGP = Exterior Gateway Protocol IGP = Interior Gateway Protocol Metric based: OSPF, IS-IS, RIP, EIGRP (cisco) Policy based: BGP The Routing Domain of BGP is the entire Internet IGP
3 BGP Operations : Hard State Protocol Establish session on TCP port 179 Exchange all active routes Exchange incremental updates AS1 AS2 While connection is ALIVE exchange route UPDATE messages BGP session
How Many ASNs are Being Used Today? Thanks to Geoff Huston: Jan 11, 2005
How Many Prefixes are Being Routed Today? From AS 4637: Reach Network Jan 11, 2005
Data Collection: GNU Zebra Zebra Box router BGP sessions
RIPE Routing Information Service rrc00.ripe.netrrc00.ripe.net at RIPE NCC, Amsterdam, collects default free routing updates from peers. From October 1999.peers rrc01.ripe.netrrc01.ripe.net at LINX, London. Collects route updates announced by LINX members. From July 2000.members rrc02.ripe.netrrc02.ripe.net at SFINX, Paris. Collects route updates announced by SFINX members. From March 2001.members rrc03.ripe.netrrc03.ripe.net at AMS-IX, Amsterdam. Collects route updates announced by AMS-IX members. From January 2001.members rrc04.ripe.netrrc04.ripe.net at CIXP, Geneva. Collects route updates announced by CIXP members. From April 2001.members rrc05.ripe.netrrc05.ripe.net at VIX, Vienna. Collects route updates announced by VIX members. From June 2001.members rrc06.ripe.netrrc06.ripe.net at Otemachi, Japan. Collects route updates announced by JPIX members. From August 2001.members rrc07.ripe.netrrc07.ripe.net in Stockholm, Sweden. Collects route updates announced by the NETNOD members. From April 2002.members rrc08.ripe.netrrc08.ripe.net at San Jose (CA), USA. Collects route updates announced by the MAE-WEST members. From May 2002.members rrc09.ripe.netrrc09.ripe.net at Zurich, Switzerland. Collected route updates announced by the TIX members. From May 2003 to until early Feb 2004.members rrc10.ripe.netrrc10.ripe.net at Milan, Italy. Collects route updates announced by the MIX members. From Nov 2003.members rrc11.ripe.netrrc11.ripe.net at New York (NY), USA. Collects route updates announced by the NYIIX members. From Feb 2004.members rrc12.ripe.netrrc12.ripe.net at Frankfurt, Germany. Collects route updates announced by the DE-CIX members. From Jul 2004.members
University of Oregon Route Views Project AOL (NoVa) through AS1668 APAN (tpr2-tokyo) through AS7660 ATT (SFO) through AS7018 Abilene (Indiana) through AS11537 Accretive (PAO) through AS11608 Accretive (SEA) through AS11608 Army Research Lab through AS13 Broadwing (ADDS) through AS6395 Broadwing (MAE-EAST) through AS6395 Broadwing (MAE-WEST) through AS6395 C&W USA (Santa Clara) through AS3561 COMindico (AU) through AS9942 Carrier1 (NYC) through AS8918 EBONE (EU) through AS1755 ELI (MAE-EAST) through AS5650 ELI (MAE-WEST) through AS5650 EPOCH (PAIX) through AS4565 ESnet (GA) through AS293 France Telecom (NYC) through AS5511 GLOBIX (LINX) through AS4513 GLOBIX (New York) through AS4513 GLOBIX (Chicago) through AS4513 GLOBIX (Palo Alto) through AS4513 GT Group Tel (Toronto,CA) through AS6539 Genuity (Palo Alto) through AS1 GlobalCrossing (PAIX) through AS3549 IAGnet (Chicago) through AS267 IIJ (Japan) through AS2497 ISC (Palo Alto) through AS3557 Intermedia (MAE-EAST) through AS2548 Many streams since 2001 JINX (Johannesburg) through AS2905 Jippii (ESPANIX/Spain) through AS8782 LINX (London) through AS5459 Level3 (Denver) through AS3356 MFN/AboveNet (MAE-WEST) through AS6461 MFS/MAE-lab (San Jose) through AS6066 Nacamar (Frankfurt) through AS3257 Netrail (MAE-WEST) through AS4006 Port80 (Stockholm) through AS16150 RCN (PAIX) through AS6079 RCN (VA) through AS6079 RIPE NCC (Amsterdam) through AS3333 STARTAP (Chicago) through AS10764 Sprint (Stockton) through AS1239 Telefonica (New York) through AS12956 Teleglobe (London,UK) through AS8297 Teleglobe (PAIX) through AS6453 Telstra (Sydney,AU) through AS1221 TELUS (Toronto) through AS852 TouchAmerica () through AS19092 Verio () through AS2914 Verio () through AS2914 WCI Cable (Hillboro, OR) through AS14608 Williams (San Francisco) through AS7911 Williams (San Francisco) through AS7911 X0 (Bay Area) through AS2828 Zocalo (Berkeley) through AS715 blackrose.org (Ann Arbor) through AS234 netINS (Des Moines) through AS5056 Participants
Reading the Data route_btoa translates binary to ASCII
BGP Update Streams Data from rrc01.ripe.net (LINX, London)
A Closer Look …
High Variability
A Closer Look …
… 1000 Second Bins
Look At BGP Table Size table size
A Closer Look … table size
Another Example: Christmas Eve!
A Closer Look …
High Variability, Again
… 1000 Second Bins
And Table Size
The Challenge the generation of BGP updates? the propagation of BGP updates? observed BGP update streams? correlations between multiple data streams? anomaly detection? improving protocol design? Can we develop rigorous stochastic models for
This will not be easy… Data is complex BGP topology is not known BGP policies are secret Implementation matters A network of BGP speakers acts like a large network of Communicating Finite State Machines ---- so is a large finite state transducer
A set of BGP speakers as a Communicating Finite State Machine
The FSM at node 4
The FSM at node 5
One announce/delete at node 1 can produce 52 possible outputs at node 5
Implementation Does Matter! Thanks to Abha Ahuja and Craig Labovit for this plot. stateless withdraws widely deployed stateful withdraws widely deployed
A few useful links… Real-time Global Routing Metrics BGP Beacons What is the sound of one route flapping?