computing the relationships between autonomous systems giuseppe di battista maurizio patrignani maurizio pizzonia univ. of rome III
announcements and traffic flows bgp allows a router to offer connectivity to another router “offering connectivity” means “promising the delivery to a specific destination” /24 bgp announcement ip traffic (to be delivered to /24) AS100 AS200
using AS-path to avoid cycles / /24 10 prefix as-path legenda: AS10 AS40AS31 AS60 AS / / / /
using prepending to implement preferences / AS10 AS40AS31 AS60 AS / / / /
how to ensure cooperation? / AS10 AS40AS31 AS60 AS / / / /24 10 why AS212 should propagate AS10 announcement?
a basic question AS1 provider: grants connectivity customer: pays for connectivity an Autonomous System may be customer of another Autonomous System (its “provider”) how can these kinds of relationships be inferred by observing routing information? AS2
topology discovery does not provide inter-AS commercial relationships peer-peer sibling-sibling peer-peer AS1 AS2 AS3 AS4 AS5 AS6 AS7 AS8 AS9 not available route provider customer
problem history the problem is introduced by Lixin Gao (“On Inferring Autonomous System Relationships in the Internet”, IEEE Trans. Networking, 2001) –relationships are classified into three categories: customer-provider, peer-peer, and sibling-sibling –BGP routing tables are used as input –heuristics are verified with information coming from other sources
a simpler problem formulation due to Subramanian, Agarwal, Rexford, and Katz (“Characterizing the Internet Hierarchy from Multiple Vantage Points” INFOCOM 2002) [SARK 2002] peer-peer relationshipcustomer-provider relationship from a provider from a customer from a peer
valid and invalid AS-paths type-1 type-2 if all ASes respect the advertisement rules, AS-paths would be all valid possibly missing type-2 valid AS-path: a (possibly missing) uphill path followed by a peer-peer edge, followed by a (possibly missing) downhill path type-1 valid AS-path: a (possibly missing) uphill path followed by a (possibly missing) downhill path
the ToR (Type of Relationships) problem in [SARK 2002] the ToR problem is conjectured to be NP-hard given an undirected graph G and a set of paths P, give an orientation to some of the edges of G to minimize the number of invalid paths in P ToR problem [SARK 2002] invalid paths: involving more than one peering or not “valley free” alley
a real-life ToR problem instancenetwork next hop path i / i i / i i i six rows extracted from the BGP routing table of Oregon RouteViews (Apr 18, 2001) extract AS paths and eliminate prepending
a real-life ToR problem instancenetwork next hop path i / i i / i i i six rows extracted from the BGP routing table of Oregon RouteViews (Apr 18, 2001) extract AS paths and eliminate prepending
building the corresponding AS graph AS2914 AS174 AS14318 AS4387AS4270 AS6461 AS701 AS5056 AS4926 AS11334 AS1 AS1239 AS8151 AS7660 AS1755 AS13099 AS
an orientation for the AS graph AS2914 AS174 AS14318 AS4387AS4270 AS6461 AS701 AS5056 AS4926 AS11334 AS1 AS1239 AS8151 AS1755 AS13099 AS AS7660 alley
our contributions we show that, although the ToR-problem is NP- hard, a solution without invalid paths (if it exists) can be found in linear time we propose heuristics for the general problem based on a novel paradigm and show their effectiveness against publicly available data sets the experiments put in evidence that our heuristics performs significantly better than state of the art heuristics
formulation as a decision problem the ToR minimization problem corresponds to the following decision problem given an undirected graph G, a set of paths P, and an integer k, test if it is possible to give an orientation to some of the edges of G so that number of invalid paths in P is at most k ToR-D problem what if we give an orientation to all the edges?
simplifying the decision problem for k=0 suppose to have a solution to the ToR problem with all valid paths and consider an edge labeled as a peer-peer edge peer-peer
example of orientable AS graph AS3582 AS8709 AS8938 AS4197 AS1740 AS7018 AS3967 AS10311 AS3561 AS8843 AS15493 AS6893
an orientation leaving all valid paths AS3582 AS8709 AS8938 AS4197 AS1740 AS7018 AS3967 AS10311 AS3561 AS8843 AS15493 AS6893
a different representation AS8709 AS8938 AS10311 AS3561 AS8843 AS15493 AS6893 AS3582 AS4197 AS1740 AS7018 AS3967
example of not orientable AS graph AS2914 AS174 AS14318 AS4387AS4270 AS6461 AS701 AS5056 AS4926 AS11334 AS1 AS1239 AS8151 AS1755 AS13099 AS3216 AS
“chestnuts” and contradictions chestnut contradiction!
testing if a solution exists with all valid paths based on this observation the problem can be mapped to 2SAT: a path p= v 1, …, v n is valid if and only if it does not have a vertex v i such that the two edges of p incident on v i are directed away form v i (it does not have a “valley”) observation given a set X of Boolean variables and a formula in conjunctive normal form composed by clauses of two literals, where a literal is a variable or a negated variable, find a truth assignment for the Boolean variables in X such that the formula is satisfied vivi example: (x 1 x 2 ) ( x 2 x 3 ) (x 3 x 1 ) alley
mapping the problem to 2SAT v3v3 v1v1 v2v2 v4v4 v5v5 x 1,2 x 2,3 x 3,4 x 4,5 associate each edge with a Boolean variable provide each edge with an arbitrary (say random) orientation a truth assignment for the Boolean variables corresponds to an orientation for all the edges of the AS-graph (and vice versa) if the variable is true, the associated edge preserves its original direction if the variable is false, the associated edge is reversed
construction of the 2SAT instance v3v3 v1v1 v2v2 v4v4 v5v5 x 1,2 x 2,3 x 3,4 x 4,5 (x 1,2 x 2,3 ) ( x 2,3 x 3,4 ) (x 3,4 x 4,5 ) v3v3 v1v1 v2v2 v4v4 v5v5 x 1,2 x 2,3 x 3,4 x 4,5 v3v3 v1v1 v2v2 v4v4 v5v5 x 1,2 x 2,3 x 3,4 x 4,5
solving a huge 2SAT there is a direct path between a literal and its opposite and vice versa iff a solution without invalid paths does not exist (Aspvall, Plass, Tarjan, IPL ‘79) (x 1,2 x 2,3 ) ( x 2,3 x 3,4 ) (x 3,4 x 4,5 ) (x 4,5 x 2,3 ) x 1,2 x 2,3 x 2,3 x 1,2 x 3,4 x 3,4 x 4,5 x 4,5 compute the graph of the literals given a 2SAT formula
strongly connected components compute the strongly connected components of the graph of the literals strongly connected component = maximal set of vertices such that for each pair u, v of vertices of the set there exists a directed path from u to v and vice versa
testing if a solution exists a solution for the 2SAT problem does not exists if and only if the two literals of the same Boolean variable (edge) fall into the same strongly connected component the test takes O(n+m+q) time –where n is the number of ASes, m is the number of edges, and q is the sum of the lengths of the AS-paths xx x
AS graphs from the various sources AS #AS Name Apr 18, 2001Apr 6, 2002 PathsVerticesEdgesPathsVerticesEdges 1Genuity58,15610,20313,00163,74412,70015, CERFnet70,83010,00713,416not available 3549Globalcrossing60,40910,28813,03976,57212,53316, Univ.of Oregon2,584,23010,82622,4404,600,98113,05527, Exodus Comm.254,12310,38718,401399,02312,61621, Global Online Japan55,06010,28813,00459,74512,51815, Energis Squared58,83210,41113,259117,00312,65916, AT&T120,2839,25212,117170,32511,70615, COLT Internet46,6068,37610,932154,85512,66018, Exodus, Europe114,93110,33315,006126,37012,55518, Ebone23,46910,54013,898not available 2516KDDI126,41410,79017,735not available 2548MaeWest80,54910,58315,249not available 6893CW70,26510,52314,359not available telnet sources web sources
solvable without invalid paths? AS #AS name Apr 18, 2001Apr 6, 2002 orientable w/o invalid paths 1Genuityyes 1740CERFnetyesnot available 3549Globalcrossingyes 3582Univ.of Oregonno 3967Exodus Comm.yes 4197Global Online Japanyes 5388Energis Squaredyes 7018AT&Tyes 8220COLT Internetyes 8709Exodus, Europeyes 1755Eboneyesnot available 2516KDDInonot available 2548MaeWestyesnot available 6893CWyesnot available telnet sources web sources
the general problem is NP-hard MAX2SAT instance MAX2SAT assignment
example (x 1 x 2 ) (x 2 x 3 ) (x 2 x 4 ) ( x 1 x 4 ) ( x 3 x 4 ) x1x1 x2x2 x3x3 x4x4
a hot topic independently of our work, Erlebach, Hall, and Schank of the Theory of Communication Networks Group of Zurich discovered analogous results concerning the time complexity of the general problem and the linearity in the case of all valid paths however, while they put more emphasis on the approximability of the problem, we focus more on the engineering and the experimentation of an effective heuristic approach
our heuristic approach size of the problem: 3,423,460 AS-paths 10,916 vertices 23,761 edges very simple approach: 1.find a very large set of AS-paths admitting an orientation without invalid paths 2.try to reinsert the kept out AS-paths
1) find a very large set of paths admitting an orientation xx x yy y 1.a) rank the edges with respect to the number of paths using them 1.b) construct the graph of the literals 1.c) compute the strongly connected components of it 1.d) find out all the variables whose two literals fall into the same strongly connected component 1.e) consider the corresponding edges and eliminate the one with the highest rank (and all the paths using it, too)
2) try to reinsert the left out AS-paths 2.a) set x = 1 2.b) add x paths 2.c) if it is still solvable commit the path addition x = x*2 else if x is 1 discard the path else x = 1 2.d) repeat 2.b and 2.c until no path is left some figures: out of 3,423,460 paths, we removed 246,835 paths, ending with 3,176,625 paths after the first step; we reinserted 222,764 with the second step, ending with 3,399,389 valid paths
comparison with the SARK paper AS #AS NameSARK Err. %SAT Err. % 1Genuity CERFnetn.a Globalcrossingn.a Univ.of Oregonn.a Exodus Comm.n.a Global Online Japann.a Energis Squaredn.a AT&T COLT Internetn.a Exodus, Europen.a Ebone KDDI MaeWest CW SARK Err.% telnet sources web sources recomputed
issues how to determine peer-peer relationships once the graph is oriented? each AS-path is weighted one, irrespectively of the size of its prefix. To what extent is this correct? could snapshots of the same BGP table taken at different dates help in better understanding the relationships between ASes? what if we knew in advance the orientation of some of the edges?
questions?
computing a solution without invalid paths consider the directed acyclic graph of the connected components of the graph of the literals compute a topological sorting of the connected components and assign an integer to each component call f(x) the index of the component to which the literal x belongs a true value is assigned to variable x if f(x) > f( x), false otherwise
degrees of freedom in determining the peering relationships need for more semantic information for determining peer-peer relationships AS #AS Nameedgescandidatespeer-peer% peer-peer 1Genuity13,00111,3958, CERFnet13,41610,7417, Globalcrossing13,03910,8518, Univ.of Oregon 3967Exodus Comm.18,40114,56211, Global Online Japan13,0049,7947, Energis Squared13,2598,9697, AT&T12,1179,6647, COLT Internet10,9327,9706, Exodus, Europe15,00610,0798, all the ten together23,7614,1483,
conclusions we show that the ToR-problem is NP-hard but… if a solution without invalid paths exists, it can be found in linear time by mapping the problem to 2SAT we propose heuristics for the general problem based on the 2SAT mapping we show the effectiveness of the heuristics against publicly available data sets the experiments put in evidence that our heuristics performs significantly better than state of the art heuristics we show that discovering peer-peer relationships is a hard problem if one wants to maximize them
acknowledgements Subramanian, Agarwal, Rexford, and Katz for sharing their data and explanations Thomas Erlebach, Alexander Hall, and Thomas Schank for their insight Debora Donato, Andrea Vitaletti for useful discussions Massimo Rimondini for computing statistics on the graphs
discovering the peer-peer relationships 1 v1v1 v2v2 v3v3 v4v4 v5v5 v6v given an oriented graph, discovering peer-peer relationships is a hard problem if you want to maximize them (MAX- INDEPENDENT-SET can be mapped to it)
the experimental setting same setting used by [SARK 2002] ten telnet looking glasses are selected as sources of data all the AS-paths put together are used to test the algorithms four web sources are used to validate the output
a deeper comparison SAT algorithm number of nodes10897 number of edges23690 peering edges0 percentage of total0% path covering distribution minimum: 1 average: 80 maximum: strongly connected components scc's to edges ratio size distribution:10311 scc's of size 1 1 scc of size 586 SARK algorithm number of nodes10923 number of edges23757 peering edges1136 percentage of total5% path covering distribution minimum: 0 average: 50 maximum: strongly connected components scc's to edges ratio size distribution:10096 scc's of size scc's of size 2 21 scc's of size 3 4 scc's of size 4 1 scc of size 6 1 scc of size 7 1 scc of size 19 1 scc of size 86 1 scc of size 278
“graph of the differences” graph of the differences number of nodes489 number of edges1148 path covering distribution minimum: 1 average: 37 maximum: 3420 connected components 19 cc's to edges ratio size distribution:18 cc's of size 2 1 cc of size 453 we inserted one undirected edge (and the two end vertices if needed) into the graph of the differences for every oppositely directed edge
links Lixin Gao, “On Inferring Autonomous System Relationships in the Internet” Subramanian, Agarwal, Rexford, and Katz “Characterizing the Internet Hierarchy from Multiple Vantage Points” Erlebach, Hall, and Schank, “Classifying Customer-Provider Relationships in the Internet” website dedicated to the algorithms described in this presentation ~ compunet/relationships/
computing the relationships between autonomous systems giuseppe di battista maurizio patrignani maurizio pizzonia univ. of rome III
the routing process lan send to directly connected router 1 everything else lan send to directly connected router 4 router 2 lan send to router 5 router 3 router 1 lan send to router 6 router 2 directly connected
routing protocols routing protocols are used to automatically update the routing tables they fall into two main cathegories: –link-state routing protocols approach: send information about your neighbors to everyone each router reconstructs the whole network and computes a shortest path tree to all destinations examples: is-is, ospf –distance-vector routing protocols approach: send all your information to your neighbors each router updates its routing table based on the neighbors’ ones examples: rip
flat routing a single routing algorithm involving all the organizations it was this way before 1984 problems: slow to converge, difficult to deploy a new routing algorithm, difficult to debug and configure, does not take into account the ownership of the links lan send to router 5 router 3 router 1 lan send to router 9 router 2 router 6
hierarchical routing more than one routing algorithm involved approach: –each organization runs a local routing algorithm by using an interior gateway protocol (igp) –external targets are injected into the local routing algorithm
route injection the interior routing algorithm spreads into the network the local targets as well as the remote ones injected by border routers border routers are aware of remote targets since they talk a higher level routing protocol with other border routers lan send to router 2 router 1
exterior gateway protocol approach:
exterior gateway protocol approach: –hide the interior part of all organizations
represent the internal targets each border router represents its internal targets as if they were local
simplify the graph –consider the (external and internal) reachability of the routers –the graph is actually managed through tcp connections called peerings
solve the routing problem solve the routing problem on the simplified graph –based on political considerations
border gateway protocol bgp is an exterior gateway protocol: it keeps the routing tables updated and propagates routing information takes into account the willingness of the organizations to cooperate in the routing process (commercial agreements, local preferences, priorities, legal issues, …)