Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.

Slides:

Advertisements

Similar presentations

Part IV: BGP Routing Instability. March 8, BGP routing updates  Route updates at prefix level  No activity in “steady state”  Routing messages.

Advertisements

Consensus Routing: The Internet as a Distributed System John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Routing Working at a Small-to-Medium Business or ISP – Chapter 6.

How to Construct a Correct and Scalable iBGP Configuration Mythili Vutukuru Joint work with Paul Valiant, Swastik Kopparty and Hari Balakrishnan.

Towards a Logic for Wide-Area Internet Routing Nick Feamster and Hari Balakrishnan M.I.T. Computer Science and Artificial Intelligence Laboratory Kunal.

1 Route Control Platform – IEEE CCW 2004 Route Control Platform Making an AS look and act like one router Aman Shaikh AT&T Labs - Research IEEE CCW 2004.

OASIS Reference Model for Service Oriented Architecture 1.0

Dynamic routing Routing Algorithm (Dijkstra / Bellman-Ford) – idealization –All routers are identical –Network is flat. Not true in Practice Hierarchical.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.

MIRED: Managing IP Routing is Extremely Difficult Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ

Internet Routing Instability Labovitz et al. Sigcomm 1997 Largely adopted from Ion Stoica’s slide at UCB.

1 Route Control Platform – IEEE CCW 2004 Route Control Platform Making an AS look and act like a router Aman Shaikh AT&T Labs - Research IEEE CCW 2004.

RFC 2453 RIP 2 (Routing Information Protocol) Daher Kaiss.

1 Design and implementation of a Routing Control Platform Matthew Caesar, Donald Caldwell, Nick Feamster, Jennifer Rexford, Aman Shaikh, Jacobus van der.

Economic Incentives in Internet Routing Jennifer Rexford Princeton University

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research

CprE 458/558: Real-Time Systems

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Considering the Advantages of Using BGP.

1 Understanding Route Redistribution ICNP 2007 October 17 th, 2007 Franck Le, Geoffrey G. Xie, Hui Zhang.

Relating Two Formal Models of Path-Vector Routing March 15, 2005: IEEE INFOCOM, Miami, Florida Aaron D. Jaggard Tulane University Vijay.

ROUTING PROTOCOLS Rizwan Rehman. Static routing  each router manually configured with a list of destinations and the next hop to reach those destinations.

1 Semester 2 Module 6 Routing and Routing Protocols YuDa college of business James Chen

Computer Networks Layering and Routing Dina Katabi

Dr. John P. Abraham Professor University of Texas Pan American Internet Routing and Routing Protocols.

Chapter 22 Network Layer: Delivery, Forwarding, and Routing

Introduction to Routing and Routing Protocols By Ashar Anwar.

1 Computer Communication & Networks Lecture 22 Network Layer: Delivery, Forwarding, Routing (contd.)

M. Menelaou CCNA2 DYNAMIC ROUTING. M. Menelaou DYNAMIC ROUTING Dynamic routing protocols can help simplify the life of a network administrator Routing.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts.

M.Menelaou CCNA2 ROUTING. M.Menelaou ROUTING Routing is the process that a router uses to forward packets toward the destination network. A router makes.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 2 Module 6 Routing and Routing Protocols.

Introduction to Dynamic Routing Protocol

VeriFlow: Verifying Network-Wide Invariants in Real Time

UNIT 5 SEMINAR Unit 5 Chapter 6, plus Lab 10 for next week Course Name – IT482 Network Design Instructor – David Roberts Contact Information:

A Firewall for Routers: Protecting Against Routing Misbehavior1 June 26, A Firewall for Routers: Protecting Against Routing Misbehavior Jia Wang.

Network Layer4-1 Intra-AS Routing r Also known as Interior Gateway Protocols (IGP) r Most common Intra-AS routing protocols: m RIP: Routing Information.

TCOM 509 – Internet Protocols (TCP/IP) Lecture 06_a Routing Protocols: RIP, OSPF, BGP Instructor: Dr. Li-Chuan Chen Date: 10/06/2003 Based in part upon.

How to Construct a Correct and Scalable iBGP Configuration Mythili Vutukuru Joint work with Paul Valiant, Swastik Kopparty and Hari Balakrishnan.

Copyright 1999, S.D. Personick. All Rights Reserved. Telecommunications Networking II Lecture 34 Routing Algorithms Ref: Tanenbaum pp ;

Routing and Routing Protocols

1 Computer Communication & Networks Lecture 21 Network Layer: Delivery, Forwarding, Routing Waleed.

Achieving Convergence-Free Routing using Failure-Carrying Packets K. Lakshminarayanan et al. Presented by Ang Li 06/29/07.

1 Version 3.1 Module 6 Routed & Routing Protocols.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Static Routing Routing and Switching Essentials.

1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 1 Module 10 Routing Fundamentals and Subnets.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—2-1 BGP Transit Autonomous Systems Forwarding Packets in a Transit AS.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 Course Introduction.

Routing Protocols COSC 541 Data Commun. System & Networks Yue Dou.

Chapter 25 Internet Routing. Static Routing manually configured routes that do not change Used by hosts whose routing table contains one static route.

Inter-domain Routing Outline Border Gateway Protocol.

Border Gateway Protocol BGP-4 BGP environment How BGP works BGP information BGP administration.

Routing Semester 2, Chapter 11. Routing Routing Basics Distance Vector Routing Link-State Routing Comparisons of Routing Protocols.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Routing Working at a Small-to-Medium Business or ISP – Chapter 6.

1 Internet Routing 11/11/2009. Admin. r Assignment 3 2.

Introduction to Dynamic Routing Protocol

Working at a Small-to-Medium Business or ISP – Chapter 6

SDN Network Updates Minimum updates within a single switch

New Directions in Routing

Jian Wu (University of Michigan)

Martin Casado, Nate Foster, and Arjun Guha CACM, October 2014

BGP supplement Abhigyan Sharma.

Introduction to Internet Routing

Cours BGP-MPLS-IPV6-QOS

© 2006 ITT Educational Services Inc.

Working at a Small-to-Medium Business or ISP – Chapter 6

Lecture 10, Computer Networks (198:552)

Computer Networks Protocols

Presentation transcript:

Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan

Introduction Internet routing is a massive distributed computing task BGP4 is exceedingly complex Complexity arises due to wide variety of goals that must be met Complicated interactions and unintended side effects

Introduction (contd.) Propose routing logic – a set of rules Logic used to determine satisfaction of desired properties Demonstrate how this logic can be used to analyze and aid implementation

Motivation Complexity of BGP Fast convergence to correct loop-free paths Resilience to congestion Avoid packet loss and failures Connecting autonomous and mutually distrusting domains

Motivation (contd.) Complexity stems from dynamic behavior during operation Vast possibilities for configuration Prior work highlights many undesirable properties

Motivation (contd.) Poor Integrity DoS, integrity attacks, misconfiguration Slow Convergence Path instability, delayed convergence Congestion scenario not well-understood

Motivation (contd.) Unpredictability BGP is distributed and asynchronous Predicting effects of configuration change challenging Poor control of information flow BGP implementation may expose information not intended to be public knowledge

Motivation (contd.) Specific modifications have unintended side effects Need for something that reasons ‘correctness’ of the protocol Classify protocols in terms of desired properties

Desired Properties Validity Existence of route implies existence of path Visibility Existence of path implies existence of route Safety/Stability No participant should change its route in response to other routes

Desired Properties (contd.) Determinism Protocol should arrive at same predictable set of routes Information-flow Control Should not expose more information than necessary

Routing Logic Inputs Specification of how protocol behaves Specification of protocol configuration Policy configuration General configuration, e.g. which routers exchange routing information Current version has no notion of time

Hierarchical Routing Scopes Organize routing domains into hierarchical levels called scopes Protocol in scope ‘i’ forwards packets via scope ‘i’ next-hop in that path Scope ‘i’ routing uses scope ‘i+1’ path to reach scope ‘i’ next hop

Routing Domains are Organized Hierarchically

Validity Rules Reachability Route transports packets to intended destinations Policy conformance Conform to peering and transit agreements Progress Next-hop specified reduces total distance to the destination

The Validity Rule

Underlying IGP can result in forwarding loops

Information Flow Control Consists of objects, flow policy, partial ordering of security levels Policy defined in terms of partial ordering expressed as a lattice Flow model specifies Process causing information flow How flow should be controlled between parties

An example information flow lattice

Information Objects Policy Peering and transit agreements Router preferences Reachability Events affecting reachability Topology Internal network topology Inter-AS connectivity

Noninterference Rule Objects at higher security levels should not be visible to objects at lower levels Security level of message not higher than level of recipient

BGP implementations can result in information flow policy violations

Potential Applications Static analysis of existing network configuration Providing framework for design of high- level policy specification Aid designers of new protocols

Configuration Analysis Tool verifies properties of legacy router configuration Such tool under development Used to check whether configuration satisfies specified information flow policy

Configuration Synthesis Get rid of low-level configuration languages Remove complexity, frequent misconfiguration Synthesize low-level configuration by translating high-level specification

Protocol Design Implement set of protocol abstractions Relate to routing logic, determine satisfaction of properties Less susceptible to violating wide-area routing properties

Related Work Inspired by use of BAN logic for authentication protocol analysis Application of BAN logic to Taos Operating system Builds on BGP anomalies noted by various previous work

Conclusions Presented a routing logic Proving properties about protocol aspects Formally describe how fundamental properties of BGP lead to violations Evaluate future proposed modifications to BGP Help design new protocols

From 10,000 feet … Does not aim to fix all problems in BGP Lays importance to formalizing current approach of understanding things Is a tool to analyze effects of modifications to implementations Approach extendable to other complex protocols