Resilience of the Internet Interconnection Ecosystem Chris Hall Ross Anderson Richard Clayton Evangelos Ouzounis Panagiotis Trimintzios WEIS 14 th June.

Slides:



Advertisements
Similar presentations
Working at a Small-Medium Business or ISP
Advertisements

Packet Switching vs. Circuit Switching
Enhancing ICT development and connectivity in Africa Erik Habers Head of Cooperation EU Delegation Nairobi.
Business Drivers for IPv6 John King
Network Layer: Internet-Wide Routing & BGP Dina Katabi & Sam Madden.
© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.
Packet Switching Vs Circuit Switching Packet-switched and circuit-switched networks use two different technologies for sending messages and data from one.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
The need for BGP AfNOG Workshops Philip Smith. “Keeping Local Traffic Local”
1 June 2015 Validating Inter-Domain SLAs with a Programmable Traffic Control System Elisa Boschi
Reliability Week 11 - Lecture 2. What do we mean by reliability? Correctness – system/application does what it has to do correctly. Availability – Be.
Mini Introduction to BGP Michalis Faloutsos. What Is BGP?  Border Gateway Protocol BGP-4  The de-facto interdomain routing protocol  BGP enables policy.
December 20, 2004MPLS: TE and Restoration1 MPLS: Traffic Engineering and Restoration Routing Zartash Afzal Uzmi Computer Science and Engineering Lahore.
Stable Internet Routing Without Global Coordination Jennifer Rexford Princeton University Joint work with Lixin Gao (UMass-Amherst)
BGP EE122 Discussion 11/7/11.
Inherently Safe Backup Routing with BGP Lixin Gao (U. Mass Amherst) Timothy Griffin (AT&T Research) Jennifer Rexford (AT&T Research)
Shivkumar Kalyanaraman Rensselaer Polytechnic Institute 1 Exterior Gateway Protocols: EGP, BGP-4, CIDR Shivkumar Kalyanaraman Rensselaer Polytechnic Institute.
Economic Incentives in Internet Routing Jennifer Rexford Princeton University
COS 420 Day 16. Agenda Finish Individualized Project Please Have Grading sheets to me by Tomorrow Group Project Discussion Assignment 3 moved back to.
Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research
Feasibility Study on the Establishment of Internet Exchange Point (IXP) in Montenegro Prof. Božo Krstajić, PhD University of Montenegro.
Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research Joint work with Lixin Gao.
Building a Strong Foundation for a Future Internet Jennifer Rexford ’91 Computer Science Department (and Electrical Engineering and the Center for IT Policy)
Border Gateway Protocol (BGP4) Rizwan Rehman, CCS, DU.
1 ECE453 – Introduction to Computer Networks Lecture 10 – Network Layer (Routing II)
BGP Border Gateway Protocol EE122 Section 3. Border Gateway Protocol Protocol for inter-domain routing Designed for policy and privacy Why not distance-vector?
Importance and Benefits of IXPs
Computer Networks Layering and Routing Dina Katabi
Inter-domain Routing Outline Border Gateway Protocol.
Working at a Small-Medium Business or ISP
TCOM 515 Lecture 6.
Internet Policy Day 1 - Workshop Session No. 2 Market structure Prepared for CTO by Link Centre, Witwatersrand University, South Africa.
1 Internet Society Creating an Enabling Environment for the Internet: Role of IXPs ENOG 8 – 9 September 2014, Baku Maarit Palovirta, European Regional.
Lecture 8 Page 1 Advanced Network Security Review of Networking Basics: Internet Architecture, Routing, and Naming Advanced Network Security Peter Reiher.
Introduction to BGP.
CS 3700 Networks and Distributed Systems Inter Domain Routing (It’s all about the Money) Revised 8/20/15.
Peering Policies - When to Peer, When not to Peer Quilt Peering Workshop October 2006 St Louis, Missouri.
Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks BGP.
Computer Networks Lecture 5 Packet Switching & Circuit Switching, Causes of impairment Lahore Leads University.
David Wetherall Professor of Computer Science & Engineering Introduction to Computer Networks Hierarchical Routing (§5.2.6)
Computer Networks with Internet Technology William Stallings
Chapter 8: Internet Operation. Network Classes Class A: Few networks, each with many hosts All addresses begin with binary 0 Class B: Medium networks,
CS 447 Networks and Data Communication Department of Computer Science Southern Illinois University Edwardsville Fall, 2015 Dr. Hiroshi Fujinoki
CSC 311 CHAPTER TEN CONNECTING NETWORKS. CSC 311 We have looked at several different network topologies Why do we have different types of networks? Why.
SDX: A Software-Defined Internet eXchange Jennifer Rexford Princeton University
T. S. Eugene Ngeugeneng at cs.rice.edu Rice University1 COMP/ELEC 429/556 Introduction to Computer Networks Inter-domain routing Some slides used with.
Federal Geographic Data Committee, Coordination Group Meeting Washington, DC 7 June 2005 Study Results Geospatial Interoperability Standards: A Return-on-Investment.
Introduce the project Africa IXP (Team 4). Introduce team members.
Campus Network Best Practices: Introduction and NREN Models Dale Smith University of Oregon/NSRC This document is a result of work by the.
Users, Pricing and Resource Reservation: Managing Expectations. Jon Crowcroft,
1 Chapter 4: Internetworking (IP Routing) Dr. Rocky K. C. Chang 16 March 2004.
Inter-domain Routing Outline Border Gateway Protocol.
The Benefit and Need of Standard Contribution for IXPs Jan Stumpf System Engineer.
Routing and Addressing in Next-Generation EnteRprises (RANGER)
Peering at the Internet’s Frontier: A First Look at ISP Interconnectivity in Africa Arpit Gupta, Matt Calder, Nick Feamster, Marshini Chetty, Enrico.
CS 3700 Networks and Distributed Systems
Keeping local stuff local
John Horrocks Quality of Service John Horrocks
Kris, Karthik, Ansley, Sean, Jeremy Dick, David K, Frans, Hari
NANOG Panel Discussion: Are “Transit Exchanges” and “Peering Exchanges” Self-Differentiating? Toronto June, 2002.
Differentiating Transit Exchanges from Peering Exchanges
Internet Exchange Points (IXPs)
Distributed Content in the Network: A Backbone View
Internet Interconnection
COS 561: Advanced Computer Networks
Inter-domain Routing Outline Homework #3 solutions
COS 561: Advanced Computer Networks
BGP Wedgies ---- Bad Policy Interactions that Cannot be Debugged
BGP Instability Jennifer Rexford
Exploiting Routing Redundancy via Structured Peer-to-Peer Overlays
Presentation transcript:

Resilience of the Internet Interconnection Ecosystem Chris Hall Ross Anderson Richard Clayton Evangelos Ouzounis Panagiotis Trimintzios WEIS 14 th June 2011

ENISA report European Network and Information Security Agency: ENISA Formal study written for them, accompanied by questionnaire responded to by many domain experts and a report giving a detailed analysis of the results Written (mainly) by Chris Hall, one time peering coordinator for a large UK ISP – documents the reality of how and why ISPs interconnect and the resilience issues that arise Original report 240 pages, has executive summary that has been reworked for an academic audience as our WEIS paper Read the original, you’re guaranteed to learn dozens of things that you never knew before. 2

What’s “peering” ISPs have customers who want access to “the Internet” ISP purchases “transit” ie: a contracted service to swap packets with any other address on the Internet ISP may reduce their costs by “peering” (usually for free) with others nearby (to reduce costs of link) ISPs. Saves the both having to pay for transit; so win-win IXPs (Internet Exchange Points) provide many potential peers at a single place (usually a shared “peering LAN”) One of things the report draws attention to is the rise of “content networks” who will peer with anyone (often at IXPs)  they are now so important that transit providers probably could not cope if content provider network failed. 3

Reachability and performance BGP (Border Gateway Protocol) distributes reachability info  it’s insecure (and can be slow to converge in the face of change) Customers care about congestion (and latency and jitter)  BGP cannot signal information about capacity BGP has very few mechanisms for “traffic engineering”  in the face of congestion engineers have little info & little to tweak Disasters have been dealt with by ad hoc routing and by neighbourly assistance But that assumes that it’s routes that are lost, not capacity  no provisions for traffic prioritisation in a disaster  and probably not a decision that society would wish ISPs to make 4

Economics of transit Marginal cost of providing transit to a new ISP is almost zero Hence prices have been falling rapidly as networks compete Partial transit (regional routes only) undercuts full transit Effect is that all the transit providers are losing money #1 and #2 have recently merged (to have 55-60% of market) Risk of misuse of “significant market power”… our recommendation that regulators start to get up to speed predated this merger, but is given impetus by it 5

Measurement difficulties ISPs may have a limited understanding of where traffic is flowing on their networks – they know next to nothing about their neighbours’ networks. Can probe but  mainly establishes reachability, not capacity  tells you nothing about backup routes (if any) Most of what we know comes from “experiments”  catastrophes (Katrina, 9/11 etc)  cock-ups (PK blocking of YouTube, route leaks etc)  side-effects of academic research (big BGP packet incident) 6

Recommendations 1.Incident investigation (by independent body?) 2.Network performance measurement 3.Research into network performance & resilience 4.Develop & deploy secure inter-domain routing 5.Research into AS (ie ISP) incentives 6.Sponsor Best Practice 7.Independently test equipment & protocols 8.Regular disaster recovery exercises 9.Contingency plans for possible transit market failure 10.Traffic prioritisation may be needed in disasters, preplan 11.Greater transparency on security (maybe educating purchasers) 7

Resilience of the Internet Interconnection Ecosystem