Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reverse Traceroute Ethan Katz-Bassett, Harsha V. Madhyastha, Vijay K. Adhikari, Colin Scott, Justine Sherry, Peter van Wesep, Arvind Krishnamurthy, Thomas.

Published byCandice Hill Modified over 8 years ago

Similar presentations

Presentation on theme: "Reverse Traceroute Ethan Katz-Bassett, Harsha V. Madhyastha, Vijay K. Adhikari, Colin Scott, Justine Sherry, Peter van Wesep, Arvind Krishnamurthy, Thomas."— Presentation transcript:

1 Reverse Traceroute Ethan Katz-Bassett, Harsha V. Madhyastha, Vijay K. Adhikari, Colin Scott, Justine Sherry, Peter van Wesep, Arvind Krishnamurthy, Thomas Anderson NISARG GOR PALAK AGRAWAL SHWETA BHAGWAT

2 Outline: TraceRoute and Its Short Comings  Analysis of Google’s problem Building a reverse TraceRoute System Verification of this path Comparison of Reverse TraceRoute path with TraceRoute path Example of Debugging Inflated path. Measuring Link Latency.

3 TraceRoute and Its Shortcomings TraceRoute is a widely used Internet diagnostic tool. It measures the sequence of routers from source to destination. The fundamental limitation - it provides no reverse path information It keeps the reverse path completely invisible which hinders many operators. Traceroute’s inability to measure reverse paths forces unrealistic assumptions of symmetry and hides many paths from the network operators.

4

5

6

7

8

9

10

11 Researchers NeedReversePaths, Too The inability to measure reverse paths was the biggest limitation of my previous systems:  Geolocation constraints too loose  Hubble can’t locate reverse path outages  iPlane predictions inaccurate Other systems use sophisticated measurements but are forced to assume symmetric paths:  Netdiff compares ISP performance  iSpy detects prefix hijacking [IMC ‘06] [NSDI ‘08] [NSDI ‘09] [NSDI ‘08] [SIGCOMM ‘08] [SIGCOMM ʻ 08]

12 EveryoneNeeds ReversePaths “The number one go-to tool is traceroute. Asymmetric paths are the number one plague. The reverse path itself is completely invisible.” NANOG Network operators troubleshooting tutorial, 2009. Goal: Reverse traceroute, without control of destination and deployable today without new support

13 Concept of Reverse TraceRoute

14 Measurement Techniques Used: While TTL values are reset by the destination, IP options are generally reflected in the reply from destination. Two IP options are used in order to trace the reverse path: IP Record-route Option (RR) IP Timestamp Option (TS)

15  Want path from D back to S, don’t control D  Traceroute gives S to D, but likely asymmetric  Can’t use traceroute’s TTL limiting on reverse path KEY IDEA  Technique does not require control of destination

16  Want path from D back to S, don’t control D  Set of vantage points KEY IDEA  Multiple VPs combine for view unattainable from any one

17  Traceroute from all vantage points to S  Gives atlas of paths to S; if we hit one, we know rest of path  Destination-based routing KEY IDEA  Traceroute atlas gives baseline we bootstrap from

18  Destination-based routing  Path from R1 depends only on S  Does not depend on source  Does not depend on path from D to R1 KEY IDEA  Destination-based routing lets us stitch path hop-by-hop

19 KEY IDEA  Destination-based routing lets us stitch path hop-by-hop  Destination-based routing  Path from R3 depends only on S  Does not depend on source  Does not depend on path from D to R3

20 KEY IDEA  Destination-based routing lets us stitch path hop-by-hop  Destination-based routing  Path from R4 depends only on S  Does not depend on source  Does not depend on path from D to R4

21 KEY IDEAS  Destination-based routing lets us stitch path hop-by-hop  Traceroute atlas gives baseline we bootstrap from  Once we intersect a path in our atlas, we know rest of route

22  Segments combine to give complete path But how do we get segments? KEY IDEAS  Destination-based routing lets us stitch path hop-by-hop  Traceroute atlas gives baseline we bootstrap from

23 How do we get segments?  Unlike TTL, IP Options are reflected in reply  Record Route (RR) Option  Record first 9 routers  If D within 8, reverse hops fill rest of slots  … but average path is 15 hops, 30 round-trip KEY IDEA  IP Options work over forward and reverse path

24  From vantage point within 8 hops of D, ping D spoofing as S with Record Route Option  D’s response records hop(s) on return path To: D Fr: S Ping? RR: To: D Fr: S Ping? RR: h,…,h 1717 To: S Fr: D Ping! RR: h 1,…,h 7,D,R1 KEY IDEA  Spoofing lets us use vantage point in best position To: S Fr: D Ping! 1717 RR: h,…,h,D

25  Iterate, performing spoofed Record Routes to each router we discover on return path  Spoofing lets us use vantage point in best position  Destination-based routing lets us stitch path hop-by-hop To: R1 Fr: S Ping? RR: To: S Fr: R1 Ping! RR: h 1,…,h 6,R1,R2,R3 KEY IDEAS

26 KEY IDEA  Known paths provide set of possible next hops to guess What if no vantage point is within 8 hops for Record Route?  Consult atlas of known paths to find adjacencies

27 How do we verify which possible next hop is actually on path?  IP Timestamp (TS) Option  Specify  4 IPs, each timestamps if traversed in order To: R3 Fr: S Ping? TS: R3? R4? To: S Fr: R3 Ping! TS: R3! R4? To: S Fr: R3 Ping! TS: R3! R4! KEY IDEAS  Known paths provide set of possible next hops to guess  IP Options work over forward and reverse path 2 1 3

28  Techniques combine to give complete verified path KEY IDEAS  Destination-based routing lets us stitch path hop-by-hop  Traceroute atlas gives baseline we bootstrap from

29 KeyIdeas  Works without control of destination  Multiple vantage points  Stitch path hop-by-hop  Traceroute atlas provides:  Baseline paths  Adjacencies  IP Options work over forward and reverse path  Spoofing lets us use vantage point in best position Improvements:  Accuracy: Some routers process options incorrectly  Coverage: Some ISPs filter probe packets  Scalability: Need to select vantage points carefully

30 Evaluation  Coverage: How often are our techniques able to measure reverse hops?  Overhead: How much time and how many packets does a reverse traceroute require?  Accuracy: Does it yield the same path as if you could issue a traceroute from destination?  2200 PlanetLab to PlanetLab paths  Allows comparison to direct traceroute on “reverse” path

31 Does itgivethesamepath as traceroute?  We identify most hops seen by traceroute  Hard to know if 2 IPs actually are the same router Median: 87% with our system Median: 38% if assume symmetric

32 Median: 87% with our system Median: 38% if assume symmetric Does itgivethesamepath as traceroute?  We identify most hops seen by traceroute  Hard to know if 2 IPs actually are the same router  If we consider PoPs instead, median=100% accurate

33 Exampleof debugging inflatedpath  Indirectness: FL  DC  FL But does not explain huge latency jump from 9 to 10  150ms round-trip time Orlando to Seattle, 2-3x expected  E.g., Content provider detects poor client performance  (Current practice) Issue traceroute, check if indirect

34 Exampleof debugging inflatedpath  (Current practice) Issue traceroute, check if indirect  Does not fully explain inflated latency  (Our tool) Use reverse traceroute to check reverse path  Indirectness: WA  LA  WA Bad reverse path causes inflated round-trip delay

35

36

37

38

39

40

41

42

43 Conclusion  Traceroute is very useful, but can’t give reverse path  Our reverse traceroute system addresses limitation, providing complementary information  Multiple vantage points build the path incrementally  Gives most hops as if you issued traceroute from destination, without requiring you to control it  Useful in a range of contexts  Demo at http://revtr.cs.washington.eduhttp://revtr.cs.washington.edu  Plan to open system to outside sources in future

44 Thank You

Download ppt "Reverse Traceroute Ethan Katz-Bassett, Harsha V. Madhyastha, Vijay K. Adhikari, Colin Scott, Justine Sherry, Peter van Wesep, Arvind Krishnamurthy, Thomas."

Similar presentations

1 Isolating Wide-Area Network Faults with Baywatch Colin Scott With Professor Ethan Katz-Bassett, Dave Choffnes, Italo Cunha, Arvind Krishnamurthy, and.

1 Isolating Wide-Area Network Faults with Baywatch Colin Scott With Professor Ethan Katz-Bassett, Dave Choffnes, Italo Cunha, Arvind Krishnamurthy, and.
REVEALING MIDDLEBOXES INTERFERENCE WITH TRACEBOX Gregory Detal*, Benjamin Hesmans*, Olivier Bonaventure*, Yves Vanaubel° and Benoit Donnet°. *Université.

REVEALING MIDDLEBOXES INTERFERENCE WITH TRACEBOX Gregory Detal*, Benjamin Hesmans*, Olivier Bonaventure*, Yves Vanaubel° and Benoit Donnet°. *Université.
LIFEGUARD: Practical Repair of Persistent Route Failures Ethan Katz-Bassett (USC), Colin Scott (UW/UCB), David Choffnes, Italo Cunha (UW), Valas Valancius,

LIFEGUARD: Practical Repair of Persistent Route Failures Ethan Katz-Bassett (USC), Colin Scott (UW/UCB), David Choffnes, Italo Cunha (UW), Valas Valancius,
Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)

Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)
User-level Internet Path Diagnosis Ratul Mahajan, Neil Spring, David Wetherall and Thomas Anderson Designed by Yao Zhao.

User-level Internet Path Diagnosis Ratul Mahajan, Neil Spring, David Wetherall and Thomas Anderson Designed by Yao Zhao.
Detecting Traffic Differentiation in Backbone ISPs with NetPolice Ying Zhang Zhuoqing Morley Mao Ming Zhang.

Detecting Traffic Differentiation in Backbone ISPs with NetPolice Ying Zhang Zhuoqing Morley Mao Ming Zhang.
Loss and Delay Accountability for the Internet by Presented by:Eric Chan Kai Chen.

Loss and Delay Accountability for the Internet by Presented by:Eric Chan Kai Chen.
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.

1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
King : Estimating latency between arbitrary Internet end hosts Krishna Gummadi, Stefan Saroiu Steven D. Gribble University of Washington Presented by:

King : Estimating latency between arbitrary Internet end hosts Krishna Gummadi, Stefan Saroiu Steven D. Gribble University of Washington Presented by:
1 A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern.

1 A Suite of Schemes for User-level Network Diagnosis without Infrastructure Yao Zhao, Yan Chen Lab for Internet and Security Technology, Northwestern.
Phalanx: Withstanding (?) Multimillion-Node (?) Botnets Paper by Colin Dixon, Thomas Anderson and Arvind Krishnamurthy NSDI ‘08 ?? by Mark Ison and Gergely.

Phalanx: Withstanding (?) Multimillion-Node (?) Botnets Paper by Colin Dixon, Thomas Anderson and Arvind Krishnamurthy NSDI ‘08 ?? by Mark Ison and Gergely.
Measurement in the Internet. Outline Internet topology Bandwidth estimation Tomography Workload characterization Routing dynamics.

Measurement in the Internet. Outline Internet topology Bandwidth estimation Tomography Workload characterization Routing dynamics.
Routing problems are easy to cause, and hard to diagnose (“Happy operators make happy packets”) Jennifer Rexford AT&T Labs—Research

Routing problems are easy to cause, and hard to diagnose (“Happy operators make happy packets”) Jennifer Rexford AT&T Labs—Research
User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.

User-level Internet Path Diagnosis R. Mahajan, N. Spring, D. Wetherall and T. Anderson.
Yao Zhao 1, Yan Chen 1, David Bindel 2 Towards Unbiased End-to-End Diagnosis 1.Lab for Internet & Security Tech, Northwestern Univ 2.EECS department, UC.

Yao Zhao 1, Yan Chen 1, David Bindel 2 Towards Unbiased End-to-End Diagnosis 1.Lab for Internet & Security Tech, Northwestern Univ 2.EECS department, UC.
ICMP: Ping and Trace CCNA 1 version 3.0 Rick Graziani Spring 2005.

ICMP: Ping and Trace CCNA 1 version 3.0 Rick Graziani Spring 2005.
Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.

Network Measurement Bandwidth Analysis. Why measure bandwidth? Network congestion has increased tremendously. Network congestion has increased tremendously.
Measuring ISP topologies with Rocketfuel Ratul Mahajan Neil Spring David Wetherall University of Washington ACM SIGCOMM 2002.

Measuring ISP topologies with Rocketfuel Ratul Mahajan Neil Spring David Wetherall University of Washington ACM SIGCOMM 2002.
1 Network Topology Measurement Yang Chen CS 8803.

1 Network Topology Measurement Yang Chen CS 8803.
PALMTREE M. Engin TozalKamil Sarac The University of Texas at Dallas.

PALMTREE M. Engin TozalKamil Sarac The University of Texas at Dallas.

Similar presentations

Ads by Google