BGP Wedgies ---- Bad Policy Interactions that Cannot be Debugged JaNOG / Kyushu 2005.07.28

Slides:



Advertisements
Similar presentations
Introduction to IP Routing Geoff Huston. Routing How do packets get from A to B in the Internet? A B Internet.
Advertisements

Data Mining Challenges for Network Management Nick Feamster, Georgia Tech Dave Andersen, CMU (joint with Jay Lepreau and Emulab)
Multihoming and Multi-path Routing
Multihoming and Multi-path Routing
CS540/TE630 Computer Network Architecture Spring 2009 Tu/Th 10:30am-Noon Sue Moon.
© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.
Does BGP Solve the Shortest Paths Problem? Timothy G. Griffin Joint work with Bruce Shepherd and Gordon Wilfong Bell Laboratories, Lucent Technologies.
Fundamentals of Computer Networks ECE 478/578 Lecture #18: Policy-Based Routing Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
The need for BGP AfNOG Workshops Philip Smith. “Keeping Local Traffic Local”
Interdomain Routing and The Border Gateway Protocol (BGP) Courtesy of Timothy G. Griffin Intel Research, Cambridge UK
Interdomain Routing and The Border Gateway Protocol (BGP) CL Oct 27, 2004 Timothy G. Griffin Intel Research, Cambridge UK
Best Practices for ISPs
1 Tutorial 5 Safe “Peering Backup” Routing With BGP Based on:
Tutorial 5 Safe Routing With BGP Based on: Internet.
Internet Networking Spring 2004 Tutorial 5 Safe “Peering Backup” Routing With BGP.
W4140 Network Laboratory Lecture 9 Nov 12 - Fall 2006 Shlomo Hershkop Columbia University.
On the Death of BGP MSN July 8, 2004 Timothy G. Griffin Intel Research, Cambridge UK
Stable Internet Routing Without Global Coordination Jennifer Rexford Princeton University Joint work with Lixin Gao (UMass-Amherst)
Dynamics of Hot-Potato Routing in IP Networks Renata Teixeira (UC San Diego) with Aman Shaikh (AT&T), Tim Griffin(Intel),
Next steps in interdomain routing research (why measurements are not enough to decide about it) Steve Uhlig Université catholique de Louvain, Belgium
Interdomain Routing Establish routes between autonomous systems (ASes). Currently done with the Border Gateway Protocol (BGP). AT&T Qwest Comcast Verizon.
Inherently Safe Backup Routing with BGP Lixin Gao (U. Mass Amherst) Timothy Griffin (AT&T Research) Jennifer Rexford (AT&T Research)
Announcement Paper summary due at 11:59PM before the class Sometimes there are two papers which are closely related. In your summary –Share the problem.
BGP Wedgies ---- Bad Policy Interactions that Cannot be Debugged NANOG 31 May 23-25, 2004 Timothy G. Griffin Intel Research, Cambridge UK
A Routing Control Platform for Managing IP Networks Jennifer Rexford Princeton University
Internet Routing (COS 598A) Today: Multi-Homing Jennifer Rexford Tuesdays/Thursdays 11:00am-12:20pm.
Economic Incentives in Internet Routing Jennifer Rexford Princeton University
Backbone Networks Jennifer Rexford COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101
Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research
1 Autonomous Systems An autonomous system is a region of the Internet that is administered by a single entity. Examples of autonomous regions are: UVA’s.
Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research Joint work with Lixin Gao.
Inter-domain Routing Outline Border Gateway Protocol.
NOC Lessons Learned TEIN2 and CERNET Xing Li
Network Sensitivity to Hot-Potato Disruptions Renata Teixeira (UC San Diego) with Aman Shaikh (AT&T), Tim Griffin(Intel),
Information-Centric Networks04a-1 Week 4 / Paper 1 Open issues in Interdomain Routing: a survey –Marcelo Yannuzzi, Xavier Masip-Bruin, Olivier Bonaventure.
Introduction to BGP.
Redundancy, Symmetry and Load Balancing Presented by Sagi Shporer.
Egress Route Selection for Interdomain Traffic Engineering Design considerations beyond BGP.
Métaroutage L’école d’été RÉSCOM 2007 Calcotoggio, Corse, 21 Juin
Lecture 4: BGP Presentations Lab information H/W update.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks BGP.
Copyright 2012 Kenneth M. Chipps Ph.D. Cisco CCNA Exploration CCNA 2 Routing Protocols and Concepts BGP Last Update
Border Gateway Protocol (BGP) W.lilakiatsakun. BGP Basics (1) BGP is the protocol which is used to make core routing decisions on the Internet It involves.
T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429/556 Introduction to Computer Networks Inter-domain routing Some slides used with.
The New Policy for Enterprise Networking Robert Bays Chief Scientist June 2002.
Route Selection Using Policy Controls
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—5-1 Customer-to-Provider Connectivity with BGP Connecting a Multihomed Customer to a Single Service.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Using Multihomed BGP Networks.
Internet Routing Verification John “JI” Ioannidis AT&T Labs – Research Copyright © 2002 by John Ioannidis. All Rights Reserved.
RRG Nov 08 Mapped BGP Paul Francis, Cornell Xiaohu Xu, Huawei Hitesh Ballani, Cornell.
Inter-domain Routing Outline Border Gateway Protocol.
CSci5221: BGP Policies1 Inter-Domain Routing: BGP, Routing Policies, etc. BGP Path Selection and Policy Routing Stable Path Problem and Policy Conflicts.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—5-1 Customer-to-Provider Connectivity with BGP Connecting a Multihomed Customer to Multiple Service.
Autonomous Systems An autonomous system is a region of the Internet that is administered by a single entity. Examples of autonomous regions are: UVA’s.
Network Address Translation (NAT)
Jian Wu (University of Michigan)
Border Gateway Protocol
COS 561: Advanced Computer Networks
Guide: Dr. Vishal Sharma Group 8: Pujara Chirag ( )
Autonomous Systems An autonomous system is a region of the Internet that is administered by a single entity. Examples of autonomous regions are: UVA’s.
COS 561: Advanced Computer Networks
COS 561: Advanced Computer Networks
COS 561: Advanced Computer Networks
COS 561: Advanced Computer Networks
COS 561: Advanced Computer Networks
BGP Policies Jennifer Rexford
BGP Wedgies ---- Bad Policy Interactions that Cannot be Debugged
BGP Interactions Jennifer Rexford
COS 561: Advanced Computer Networks
Presentation transcript:

BGP Wedgies ---- Bad Policy Interactions that Cannot be Debugged JaNOG / Kyushu randy bush

What is a BGP Wedgie? BGP policies make sense locally Interaction of local policies allows multiple stable routings Some routings are consistent with intended policies, and some are not –If an unintended routing is installed (BGP is “wedged”), then manual intervention is needed to change to an intended routing When an unintended routing is installed, no single group of network operators has enough knowledge to debug the problem ¾ wedgie full wedgie

¾ Wedgie Example AS 1 implements backup link by sending AS 2 a “depref me” community. AS 2 implements this community so that the resulting local pref is below that of routes from it’s upstream provider (AS 3 routes) AS 1 AS 2 AS 3AS 4 customer provider peer provider customer provider backup link primary link

And the Routings are… AS 1 AS 2 AS 3AS 4 Intended Routing AS 1 AS 2 AS 3AS 4 Unintended Routing Note: This is easy to reach from the intended routing just by “bouncing” the BGP session on the primary link. Note: this would be the ONLY routing if AS2 translated its “depref me” community to a “depref me” community of AS 3

Recovery AS 1 AS 2 AS 3AS 4 AS 1 AS 2 AS 3AS 4 AS 1 AS 2 AS 3AS 4 Bring down AS 1-2 sessionBring it back up! Requires manual intervention Can be done in AS 1 or AS 2

What the heck is going on? There is no guarantee that a BGP configuration has a unique routing solution. –When multiple solutions exist, the (unpredictable) order of updates will determine which one is wins. There is no guarantee that a BGP configuration has any solution! –And checking configurations NP-Complete –Lab demonstrations of BGP configs never converging Complex policies (weights, communities setting preferences, and so on) increase chances of routing anomalies. –… yet this is the current trend!

Load Balancing Example primary link for prefix P1 backup link for prefix P2 AS 1 AS 2 AS 3AS 4 provider peer provider customer AS 5 customer primary link for prefix P2 backup link for prefix P1 Simple session reset my not work!!

Can’t un-wedge with session resets! —2 down1—5 down 1—2 up1—5 up P2 wedged P1 wedged INTENDED Reset 1—2 Reset 1— BOTH P1 & P2 wedged 1—2 & 1—5 down —2 & 1—5 down all up Note that when bringing all up we could actually land the system in any one of the 4 stable states --- depends on message order….

Recovery —2 down1—5 down 1—2 up1—5 up P2 wedged P1 wedged INTENDED Temporarily filter P2 from 1—5 session Temporarily filter P1 from 1—2 session Who among us could figure this one out? When 1—2 is in New York and 1—5 is in Tokyo?

AS 1 AS 2 AS 3AS 4 customer provider peer provider customer provider primary link Full Wedgie Example AS 5 backup links AS 1 implements backup links by sending AS 2 and AS 3 a “depref me” communities. AS 2 implements its community so that the resulting local pref is below that of its upstream providers and it’s peers (AS 3 and AS 5 routes) AS 5 implements its community so that the resulting local pref is below its peers (AS 2) but above that of its providers (AS 3) customer peer

And the Routings are… AS 1 AS 2 AS 3AS 4 AS 5 AS 1 AS 2 AS 3AS 4 AS 5 Intended Routing Unintended Routing

Resetting 1—2 does not help!! AS 1 AS 2 AS 3AS 4 AS 5 AS 1 AS 2 AS 3AS 4 AS 5 Bring down AS 1-2 session Bring up AS 1-2 session

Recovery AS 1 AS 2 AS 3AS 4 AS 5 AS 1 AS 2 AS 3AS 4 AS 5 Bring down AS 1-2 session AND AS 1-5 session AS 1 AS 2 AS 3AS 4 AS 5 A lot of “non-local” knowledge is required to arrive at this recovery strategy! Try to convince AS 5 and AS 1 that their session has be reset (or filtered) even though it is not associated with an active route! Bring up AS 1-2 session AND AS 1-5 session

That Can’t happen in MY network!! AU++ AP EMEA LA NA An “normal” global global backbone (ISP or Corporate Intranet) implemented with 5 regional ASes

The Full Wedgie Example, in a new Guise AU EMEA NAAP LA Intended Routing for some prefixes in AU, implemented with communities. DOES THIS LOOK FAMILIAR?? Message: Same problems can arise with “traffic engineering” across regional networks.

Recommendations Be aware of BGP Wedgies Preference-impacting Interdomain communities should be defined with care and consistently implemented (this may require translating and transiting communities).

References Internet Draft (grow working group): draft-ietf-grow-bgp-wedgies-03.txt Long-term solution? –Metarouting! – m2005/techprog.html#session1

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.